惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Full Disclosure
Recorded Future
Recorded Future
T
Tenable Blog
S
Securelist
C
CERT Recently Published Vulnerability Notes
T
Threatpost
S
Schneier on Security
A
Arctic Wolf
The Hacker News
The Hacker News
C
CXSECURITY Database RSS Feed - CXSecurity.com
Know Your Adversary
Know Your Adversary
P
Privacy International News Feed
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Register - Security
The Register - Security
Cisco Talos Blog
Cisco Talos Blog
AWS News Blog
AWS News Blog
K
Kaspersky official blog
T
True Tiger Recordings
T
Threat Research - Cisco Blogs
V
Vulnerabilities – Threatpost
P
Palo Alto Networks Blog
T
The Exploit Database - CXSecurity.com
小众软件
小众软件
B
Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Microsoft Azure Blog
Microsoft Azure Blog
Cyberwarzone
Cyberwarzone
C
Cybersecurity and Infrastructure Security Agency CISA
T
Tor Project blog
Spread Privacy
Spread Privacy
Malwarebytes
Malwarebytes
P
Proofpoint News Feed
F
Fox-IT International blog
F
Fortinet All Blogs
P
Privacy & Cybersecurity Law Blog
G
GRAHAM CLULEY
量子位
Latest news
Latest news
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
Project Zero
Project Zero
T
Tailwind CSS Blog
N
Netflix TechBlog - Medium
Martin Fowler
Martin Fowler
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
I
Intezer
博客园_首页
腾讯CDC
H
Hackread – Cybersecurity News, Data Breaches, AI and More
D
Darknet – Hacking Tools, Hacker News & Cyber Security

Recent Commits to openclaw:main

fix(agents): preserve sessions_spawn transcript payloads (#82203) · openclaw/openclaw@ef86d8c fix(agents): guard duplicate tool display metadata (#87025) · openclaw/openclaw@60bec8c ci(release): port 2026.5.25 release gate fixes · openclaw/openclaw@f7e2d9b chore: update tool display snapshot · openclaw/openclaw@ad71c42 fix(web-search): keep runtime legacy merge out of validation (#86818) · openclaw/openclaw@4a85cd7 fix(cli): default logs to local timestamps (#85387) · openclaw/openclaw@3127808 fix(agents): dedupe transcripts tool display config · openclaw/openclaw@8788ae1 fix(updater): exclude prerelease tags from stable git channel (#86559) · openclaw/openclaw@e070519 fix(agents): memoize session lock owner args · openclaw/openclaw@c430fcd fix: dedupe transcripts tool display metadata · openclaw/openclaw@0f49bbb fix(cli): validate timeout and banner TTY state · openclaw/openclaw@abb85cc fix(codex): project newer history on app-server resume (#86677) fix(codex): keep turn timeouts inside Codex (#86476) fix(auto-reply): stage sandboxed workspace media · openclaw/openclaw@f22c3a5 fix(e2e): support plain telegram install timeouts fix(mac): harden restart and dSYM packaging · openclaw/openclaw@639e7ff fix(agents): restore current guard checks (#86934) · openclaw/openclaw@9b1b6d0 docs(changelog): prepare 2026.5.26 notes · openclaw/openclaw@983b338 docs(changelog): note reply latency fixes · openclaw/openclaw@29a1dc2 fix(telegram): refine typing and progress drafts · openclaw/openclaw@0afccc6 fix(codex): gate profiler timing and startup setup · openclaw/openclaw@21c25bb fix(agents): avoid runtime model hydration on hot paths · openclaw/openclaw@7951cc0 fix(commands): keep slash handling off reply startup · openclaw/openclaw@c2b56de fix(reply): defer context compaction safely · openclaw/openclaw@ed3ae0d fix(reply): reduce visible reply delivery latency · openclaw/openclaw@699c047 fix(e2e): support plain timeout wrappers fix(channels): preserve direct native progress callbacks · openclaw/openclaw@e750041 fix: tighten parser edge cases (#86999) · openclaw/openclaw@174cd49 fix(e2e): clean stale docker lane containers · openclaw/openclaw@3968288 fix(e2e): bound docker lifecycle hangs · openclaw/openclaw@71cb607 fix(gateway): bound live agent model probes fix(e2e): bound plugin binding docker smoke · openclaw/openclaw@b36fa1d fix(e2e): preserve docker run failure status feat(discord): bucket large model picker menus fix(telegram): derive DM topics from bot capability · openclaw/openclaw@aa117ec fix: improve discord voice playback and wake replies fix(e2e): kill timed kitchen rpc command groups · openclaw/openclaw@23aeb58 ci: use supported codex mini live target · openclaw/openclaw@b56ddcc fix(ci): kill wedged bun smoke commands fix(e2e): bound corrupt plugin update runs · openclaw/openclaw@2b63eb2 ci: require codex profiles for live probes · openclaw/openclaw@6930538 docs: clarify inline comment guidance docs: update changelog for landed sweep fixes · openclaw/openclaw@8c575bd fix(agents): disclose scoped session list results (#86944) · openclaw/openclaw@598aad4 fix(telegram): treat ENETDOWN as transient network failure (#86762) · openclaw/openclaw@1fd8de8 fix(mac): harden package script safety · openclaw/openclaw@564e0bb fix(ci): kill wedged checkout fetches · openclaw/openclaw@c867ecb ci: restore codex replay live probe contract · openclaw/openclaw@9fd8158 fix(codex): preserve oversized native thread reuse · openclaw/openclaw@7a14741 fix(scripts): detect timed changed gates · openclaw/openclaw@a5eee8f ci: stop waiting for nonexistent capability restart wake · openclaw/openclaw@3c6fd49 fix(e2e): route plugin update through timeout helper · openclaw/openclaw@e8f584e fix: respect root options in startup guards (#86927) · openclaw/openclaw@7e6837b fix: tighten CLI utility failure handling (#86918) · openclaw/openclaw@0ec2928 fix: preserve config and hook contracts (#86911) fix: tighten small runtime parsing guards (#86909) fix(ci): kill timed tui pty test runs · openclaw/openclaw@081e295 fix(logging): preserve env placeholders during redaction · openclaw/openclaw@6c18c21 fix(memory-core): avoid per-file watcher FD fan-out for memory direct… fix: use current config sdk contract in feishu doctor · openclaw/openclaw@5535eef Validate wide-area DNS zone domains [AI] (#84136) · openclaw/openclaw@84b9704 ci: stabilize release live QA gates · openclaw/openclaw@27359ec ci: harden live release gates · openclaw/openclaw@cf21c8a ci: normalize Windows toolcache Node paths perf: cache read-only channel resolution chore: remove stale codex test conversion · openclaw/openclaw@fdb7848 fix(test): explain missing vitest dependency · openclaw/openclaw@373b3bf fix(e2e): kill timed docker scenario runners · openclaw/openclaw@d5bf325 fix: add transcripts tool display metadata · openclaw/openclaw@645cbf6 docs: update changelog for landed fixes · openclaw/openclaw@12b81d8 fix(agents): route btw through embedded stream resolver (#86312) fix(telegram): treat targeted bot commands as mentions (#86553) · openclaw/openclaw@c7821bd fix(e2e): route doctor switch commands through timeout helper · openclaw/openclaw@9ced76a fix: ignore other codex thread completions · openclaw/openclaw@ead847f fix(feishu): repair stale channel state · openclaw/openclaw@b7c461a fix: remove stale image provider assertions · openclaw/openclaw@0973a7e fix: accept trailing fuzzy voice wake questions · openclaw/openclaw@d001d35 fix(podman): bound setup image builds · openclaw/openclaw@d6fcb56 fix(podman): kill timed container launches · openclaw/openclaw@6118f3f fix(scripts): preserve native pnpm exec paths · openclaw/openclaw@fb853de fix(codex): bridge cli api-key auth into app-server fix: update Discord voice to libopus-wasm 0.1.0 · openclaw/openclaw@0f605ee fix(e2e): kill timed docker helper commands · openclaw/openclaw@e89afa6 fix(e2e): kill timed live docker runs · openclaw/openclaw@dc0d4c2 fix(ci): kill timed website installer docker steps · openclaw/openclaw@d54c906 fix(scripts): trim macOS node bootstrap · openclaw/openclaw@4ff5a61 fix(ci): kill timed install smoke docker steps · openclaw/openclaw@cf6f9ad fix(setup): kill timed image pulls when supported fix(test): default Vitest stall watchdog fix(ci): bound crabbox hydrate downloads · openclaw/openclaw@d1c8f09 fix(control-ui): guard stale overview usage refresh fix(qa): require genai otel model spans (#86920) refactor: move transcripts into core fix(message-tool): hydrate structured reply attachments fix(e2e): kill timed npm install process groups fix(ci): kill timed workflow process groups fix(e2e): kill timed setup process groups fix(e2e): bound resource-sampled docker runs · openclaw/openclaw@d0dd8b8 fix(mac): fail closed on restart gateway check · openclaw/openclaw@295b5ea fix(e2e): time out live docker setup installs · openclaw/openclaw@8c7f226
fix(exec): avoid default approval store writes (#86964) · openclaw/openclaw@4d65936
vincentkoc · 2026-05-27 · via Recent Commits to openclaw:main

@@ -23,6 +23,7 @@ let readExecApprovalsSnapshot: ExecApprovalsModule["readExecApprovalsSnapshot"];

2323

let recordAllowlistMatchesUse: ExecApprovalsModule["recordAllowlistMatchesUse"];

2424

let recordAllowlistUse: ExecApprovalsModule["recordAllowlistUse"];

2525

let requestExecApprovalViaSocket: ExecApprovalsModule["requestExecApprovalViaSocket"];

26+

let resolveExecApprovals: ExecApprovalsModule["resolveExecApprovals"];

2627

let resolveExecApprovalsPath: ExecApprovalsModule["resolveExecApprovalsPath"];

2728

let resolveExecApprovalsSocketPath: ExecApprovalsModule["resolveExecApprovalsSocketPath"];

2829

let saveExecApprovals: ExecApprovalsModule["saveExecApprovals"];

@@ -42,6 +43,7 @@ beforeAll(async () => {

4243

recordAllowlistMatchesUse,

4344

recordAllowlistUse,

4445

requestExecApprovalViaSocket,

46+

resolveExecApprovals,

4547

resolveExecApprovalsPath,

4648

resolveExecApprovalsSocketPath,

4749

saveExecApprovals,

@@ -187,6 +189,143 @@ describe("exec approvals store helpers", () => {

187189

expect(readApprovalsFile(dir).socket).toEqual(ensured.socket);

188190

});

189191192+

it("does not create an approvals file when resolving the missing default no-prompt policy", () => {

193+

const dir = createHomeDir();

194+195+

const resolved = resolveExecApprovals("main", {

196+

security: "full",

197+

ask: "off",

198+

});

199+200+

expect(resolved.agent.security).toBe("full");

201+

expect(resolved.agent.ask).toBe("off");

202+

expect(resolved.socketPath).toBe(resolveExecApprovalsSocketPath());

203+

expect(resolved.token).toBe("");

204+

expect(fs.existsSync(approvalsFilePath(dir))).toBe(false);

205+

});

206+207+

it("does not rewrite an empty approvals file for the default no-prompt policy", () => {

208+

const dir = createHomeDir();

209+

const approvalsPath = approvalsFilePath(dir);

210+

fs.mkdirSync(path.dirname(approvalsPath), { recursive: true });

211+

fs.writeFileSync(approvalsPath, "", "utf8");

212+213+

const resolved = resolveExecApprovals("main", {

214+

security: "full",

215+

ask: "off",

216+

});

217+218+

expect(resolved.agent.security).toBe("full");

219+

expect(resolved.agent.ask).toBe("off");

220+

expect(resolved.token).toBe("");

221+

expect(fs.statSync(approvalsPath).size).toBe(0);

222+

});

223+224+

it.runIf(process.platform !== "win32")(

225+

"hardens existing token-bearing approvals files before resolving default no-prompt policy",

226+

() => {

227+

const dir = createHomeDir();

228+

const approvalsPath = approvalsFilePath(dir);

229+

fs.mkdirSync(path.dirname(approvalsPath), { recursive: true });

230+

fs.writeFileSync(

231+

approvalsPath,

232+

JSON.stringify({

233+

version: 1,

234+

socket: { path: resolveExecApprovalsSocketPath(), token: "existing-token" },

235+

defaults: { security: "full", ask: "off" },

236+

agents: {},

237+

}),

238+

{ mode: 0o644 },

239+

);

240+

fs.chmodSync(approvalsPath, 0o644);

241+242+

const resolved = resolveExecApprovals("main", {

243+

security: "full",

244+

ask: "off",

245+

});

246+247+

expect(resolved.agent.security).toBe("full");

248+

expect(resolved.agent.ask).toBe("off");

249+

expect(resolved.token).toBe("existing-token");

250+

expect(fs.statSync(approvalsPath).mode & 0o777).toBe(0o600);

251+

},

252+

);

253+254+

it.runIf(process.platform !== "win32")(

255+

"rejects symlinked approvals files before resolving the default no-prompt policy",

256+

() => {

257+

const dir = createHomeDir();

258+

const approvalsPath = approvalsFilePath(dir);

259+

const linkedPath = path.join(dir, "linked-approvals.json");

260+

fs.mkdirSync(path.dirname(approvalsPath), { recursive: true });

261+

fs.writeFileSync(

262+

linkedPath,

263+

JSON.stringify({

264+

version: 1,

265+

defaults: { security: "full", ask: "off" },

266+

agents: {},

267+

}),

268+

"utf8",

269+

);

270+

fs.symlinkSync(linkedPath, approvalsPath);

271+272+

expect(() =>

273+

resolveExecApprovals("main", {

274+

security: "deny",

275+

ask: "always",

276+

}),

277+

).toThrow("Refusing to write exec approvals via symlink");

278+

},

279+

);

280+281+

it("does not treat approvals path access errors as a missing default policy", () => {

282+

const dir = createHomeDir();

283+

const approvalsPath = approvalsFilePath(dir);

284+

const actualReadFileSync = fs.readFileSync.bind(fs);

285+

vi.spyOn(fs, "readFileSync").mockImplementation((target, options) => {

286+

if (String(target) === approvalsPath) {

287+

throw Object.assign(new Error("approval path blocked"), { code: "EACCES" });

288+

}

289+

return actualReadFileSync(target, options as never);

290+

});

291+292+

expect(() =>

293+

resolveExecApprovals("main", {

294+

security: "full",

295+

ask: "off",

296+

}),

297+

).toThrow("approval path blocked");

298+

});

299+300+

it("creates an approvals file when resolving a missing policy that may prompt", () => {

301+

const dir = createHomeDir();

302+303+

const resolved = resolveExecApprovals("main", {

304+

security: "allowlist",

305+

ask: "on-miss",

306+

});

307+308+

expect(resolved.agent.security).toBe("allowlist");

309+

expect(resolved.agent.ask).toBe("on-miss");

310+

expect(resolved.token).toMatch(/^[A-Za-z0-9_-]{32}$/);

311+

expect(readApprovalsFile(dir).socket).toEqual(resolved.file.socket);

312+

});

313+314+

it("creates an approvals file for default no-prompt policy when a socket is required", () => {

315+

const dir = createHomeDir();

316+317+

const resolved = resolveExecApprovals("main", {

318+

security: "full",

319+

ask: "off",

320+

requireSocket: true,

321+

});

322+323+

expect(resolved.agent.security).toBe("full");

324+

expect(resolved.agent.ask).toBe("off");

325+

expect(resolved.token).toMatch(/^[A-Za-z0-9_-]{32}$/);

326+

expect(readApprovalsFile(dir).socket).toEqual(resolved.file.socket);

327+

});

328+190329

it("atomically replaces existing approvals files instead of mutating linked inodes", () => {

191330

const dir = createHomeDir();

192331

const approvalsPath = approvalsFilePath(dir);

@@ -236,6 +375,24 @@ describe("exec approvals store helpers", () => {

236375

expect(fs.statSync(approvalsDir).mode & 0o777).toBe(0o700);

237376

});

238377378+

it.runIf(process.platform !== "win32")(

379+

"keeps exec approvals strict when directory chmod fails",

380+

() => {

381+

const dir = createHomeDir();

382+

const approvalsDir = path.dirname(approvalsFilePath(dir));

383+

const actualChmodSync = fs.chmodSync.bind(fs);

384+

vi.spyOn(fs, "chmodSync").mockImplementation((target, mode) => {

385+

if (String(target) === approvalsDir) {

386+

throw Object.assign(new Error("chmod denied"), { code: "EPERM" });

387+

}

388+

return actualChmodSync(target, mode);

389+

});

390+391+

expect(() => ensureExecApprovals()).toThrow("chmod denied");

392+

expect(fs.existsSync(approvalsFilePath(dir))).toBe(false);

393+

},

394+

);

395+239396

it("falls back to copying when rename cannot overwrite the approvals file", () => {

240397

const dir = createHomeDir();

241398

const approvalsPath = approvalsFilePath(dir);

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。