惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Latest
Security Latest
Recorded Future
Recorded Future
人人都是产品经理
人人都是产品经理
S
SegmentFault 最新的问题
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
CXSECURITY Database RSS Feed - CXSecurity.com
博客园 - 三生石上(FineUI控件)
博客园 - 聂微东
P
Privacy & Cybersecurity Law Blog
WordPress大学
WordPress大学
Know Your Adversary
Know Your Adversary
Spread Privacy
Spread Privacy
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
量子位
L
LINUX DO - 热门话题
L
Lohrmann on Cybersecurity
博客园 - Franky
酷 壳 – CoolShell
酷 壳 – CoolShell
T
Tor Project blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
雷峰网
雷峰网
阮一峰的网络日志
阮一峰的网络日志
V
Visual Studio Blog
T
Threatpost
T
Tenable Blog
有赞技术团队
有赞技术团队
大猫的无限游戏
大猫的无限游戏
Engineering at Meta
Engineering at Meta
GbyAI
GbyAI
C
Cisco Blogs
H
Heimdal Security Blog
Attack and Defense Labs
Attack and Defense Labs
A
About on SuperTechFans
Last Week in AI
Last Week in AI
N
News and Events Feed by Topic
T
Threat Research - Cisco Blogs
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
I
Intezer
V
V2EX
Cyberwarzone
Cyberwarzone
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
B
Blog RSS Feed
V
Vulnerabilities – Threatpost
N
Netflix TechBlog - Medium
T
The Blog of Author Tim Ferriss
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
U
Unit 42
PCI Perspectives
PCI Perspectives
P
Privacy International News Feed
D
Docker

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311 test: trim remaining hotspot tests · openclaw/openclaw@6ba8626 test: narrow hotspot mocks · openclaw/openclaw@dbc8179 test: isolate gemini embedding request helpers · openclaw/openclaw@cd330f5 test: trim memory and mcp hotspots · openclaw/openclaw@fd48dfa test: slim provider registry mocks · openclaw/openclaw@2e08c77 test: harden Parallels update smoke · openclaw/openclaw@1a98090 feat: default Anthropic to Opus 4.7 · openclaw/openclaw@628b454 fix: harden node-host shell payload mutability checks · openclaw/openclaw@75c551e fix: land node-host approval binding for native binaries (#66731) (th… · openclaw/openclaw@29919bb CI: add daily schedule to CodeQL workflow (#67645) · openclaw/openclaw@69d25f5 fix(gateway): capture config hash after plugin auto-enable to prevent… · openclaw/openclaw@8c11210 fix: repair sanitized replay tool results before send (#67620) (thank… · openclaw/openclaw@c3c7a99 fix: restrict HTML timeout short-circuit to transient statuses · openclaw/openclaw@de129a6 fix: keep TUI watchdog bound to active run (#67401) (thanks @xantorres) · openclaw/openclaw@3525273 Gateway/skills: dedupe skills prefix-match + drop dead fallback on log · openclaw/openclaw@d7f489f Extensions/lmstudio: back off inference preload after consecutive fai… · openclaw/openclaw@b555214 TUI/streaming: add watchdog that resets the activity indicator after … · openclaw/openclaw@f44ab20 Agents/tool-loop: enable unknown-tool stream guard by default · openclaw/openclaw@36ed367 Gateway/skills: invalidate session skills snapshot on config write · openclaw/openclaw@b23d59a fix: classify HTML provider error pages correctly (#67642) (thanks @s… · openclaw/openclaw@e588e90 fix(skills): remove unused model-usage import (#67641) · openclaw/openclaw@55f05df docs(changelog): credit codex fix superseded PRs · openclaw/openclaw@e485f24 fix(openai-codex): normalize stale transport metadata in resolution a… · openclaw/openclaw@90801ba CI: pin Docker-related GitHub Actions (#67632) · openclaw/openclaw@f697b01 Android: modernize WebView and discovery API usage (#67627) · openclaw/openclaw@44a6e50 fix(deps): bump hono to 4.12.14 and @hono/node-server to 1.19.14 (GHS… · openclaw/openclaw@fbccc18 fix(deps): bump dompurify to 3.4.0 (#67614) · openclaw/openclaw@2c2dc00 CI: add explicit permissions to all workflow jobs (fixes code-scannin… · openclaw/openclaw@01b7516 fix: register bundled TTS providers and route overrides correctly (#6… · openclaw/openclaw@6ea3cdd fix: align host tilde paths with OS home (#62804) (thanks @stainlu) · openclaw/openclaw@ecfaf64 fix: flush creds queue before reconnect socket open (#67464) (thanks … · openclaw/openclaw@405c63f fix: strip standalone <function> tool call tags from visible text (#6… · openclaw/openclaw@78df859 fix(agents): preserve cli session metadata before transcript persist … · openclaw/openclaw@898fd04 docs(changelog): move cli transcript entry · openclaw/openclaw@c1817c6 fix(agents): normalize cli transcript api field · openclaw/openclaw@3a3fae0 docs(changelog): note cli transcript persistence · openclaw/openclaw@6c343f1 fix(agents): persist cli transcript turns · openclaw/openclaw@b8ef507 fix(msteams): harden security-sensitive flows (#65841) · openclaw/openclaw@c56b56e [Dashboard] Fix exec approval modal overflow for long command content… · openclaw/openclaw@053c5b0 Docs: remove QA changelog entry · openclaw/openclaw@7fd5771 QA: fix private runtime source loading (#67428) · openclaw/openclaw@d5933af docs(gateway): correct protocol.md schema path, hello-ok example, aut… · openclaw/openclaw@489404d CI: pin Node 22 runners to 22.18.0 · openclaw/openclaw@4ffa621 models.authStatus: normalize provider ids + tighten env-backed escape… · openclaw/openclaw@f2fdb9d Update CHANGELOG.md · openclaw/openclaw@7694a92 test(parallels): clean up npm update guard jobs · openclaw/openclaw@045ea7b Plugins: prefer scanDir override paths · openclaw/openclaw@b2974da fix(dreaming): default storage.mode to "separate" so phase blocks sto… · openclaw/openclaw@8c392f0 fix(memory-core): skip dreaming transcript ingestion via session stor… · openclaw/openclaw@a1b01f0 fix: dedupe replayed exec.finished node events (#67281) · openclaw/openclaw@5dcf526
fix(plugins): rename bundled allowlist discovery policy · openclaw/openclaw@41257a5
steipete · 2026-05-05 · via Recent Commits to openclaw:main
Original file line numberDiff line numberDiff line change

@@ -1,4 +1,4 @@

1-

ddea4f1ae40a4099baa9f216cdae69ac35a5e93aa254903227ce168e2fd5b8db config-baseline.json

2-

b6b71095384ad98410bbfd520eebac43e244aeb47761c74325ff133be6ccd858 config-baseline.core.json

1+

14558f9777b400fe4a1ef163a44e90ac0c59b56920ceb24b99675647d19d73a8 config-baseline.json

2+

0c46cd7aeae83eb3afddd19209bf3520cecccc265903b2fe001ce458bc592ea5 config-baseline.core.json

33

cd7c0c7fb1435bc7e59099e9ac334462d5ad444016e9ab4512aae63a238f78dc config-baseline.channel.json

44

9832b30a696930a3da7efccf38073137571e1b66cae84e54d747b733fdafcc54 config-baseline.plugin.json

Original file line numberDiff line numberDiff line change

@@ -166,7 +166,7 @@ See [MCP](/cli/mcp#openclaw-as-an-mcp-client-registry) and

166166

plugins: {

167167

enabled: true,

168168

allow: ["voice-call"],

169-

bundledMode: "compat",

169+

bundledDiscovery: "compat",

170170

deny: [],

171171

load: {

172172

paths: ["~/Projects/oss/voice-call-plugin"],

@@ -188,8 +188,8 @@ See [MCP](/cli/mcp#openclaw-as-an-mcp-client-registry) and

188188

- Discovery accepts native OpenClaw plugins plus compatible Codex bundles and Claude bundles, including manifestless Claude default-layout bundles.

189189

- **Config changes require a gateway restart.**

190190

- `allow`: optional allowlist (only listed plugins load). `deny` wins.

191-

- `bundledMode`: defaults to `"compat"` for legacy bundled provider activation.

192-

Use `"respect-allow"` when a non-empty `plugins.allow` should also gate

191+

- `bundledDiscovery`: defaults to `"compat"` for legacy bundled provider activation.

192+

Use `"allowlist"` when a non-empty `plugins.allow` should also gate

193193

bundled provider plugins, including web-search runtime providers.

194194

- `plugins.entries.<id>.apiKey`: plugin-level API key convenience field (when supported by the plugin).

195195

- `plugins.entries.<id>.env`: plugin-scoped env var map.

Original file line numberDiff line numberDiff line change

@@ -169,7 +169,9 @@ That stages grounded durable candidates into the short-term dreaming store while

169169

Doctor also warns when `plugins.allow` is non-empty and tool policy uses

170170

wildcard or plugin-owned tool entries. `tools.allow: ["*"]` only matches tools

171171

from plugins that actually load; it does not bypass the exclusive plugin

172-

allowlist.

172+

allowlist. If bundled provider discovery is still in legacy compatibility

173+

mode, doctor also points to the stricter `plugins.bundledDiscovery:

174+

"allowlist"` setting.

173175
174176

</Accordion>

175177

<Accordion title="2. Legacy config key migrations">

Original file line numberDiff line numberDiff line change

@@ -260,24 +260,24 @@ Looking for third-party plugins? See [Community Plugins](/plugins/community).

260260

}

261261

```

262262
263-

| Field | Description |

264-

| ---------------- | --------------------------------------------------------- |

265-

| `enabled` | Master toggle (default: `true`) |

266-

| `allow` | Plugin allowlist (optional) |

267-

| `bundledMode` | Bundled plugin allowlist mode (`compat` by default) |

268-

| `deny` | Plugin denylist (optional; deny wins) |

269-

| `load.paths` | Extra plugin files/directories |

270-

| `slots` | Exclusive slot selectors (e.g. `memory`, `contextEngine`) |

271-

| `entries.\<id\>` | Per-plugin toggles + config |

263+

| Field | Description |

264+

| ------------------ | --------------------------------------------------------- |

265+

| `enabled` | Master toggle (default: `true`) |

266+

| `allow` | Plugin allowlist (optional) |

267+

| `bundledDiscovery` | Bundled plugin discovery mode (`compat` by default) |

268+

| `deny` | Plugin denylist (optional; deny wins) |

269+

| `load.paths` | Extra plugin files/directories |

270+

| `slots` | Exclusive slot selectors (e.g. `memory`, `contextEngine`) |

271+

| `entries.\<id\>` | Per-plugin toggles + config |

272272
273273

`plugins.allow` is exclusive. When it is non-empty, only listed plugins can load

274274

or expose tools, even if `tools.allow` contains `"*"` or a specific plugin-owned

275275

tool name. If a tool allowlist references plugin tools, add the owning plugin ids

276276

to `plugins.allow` or remove `plugins.allow`; `openclaw doctor` warns about this

277277

shape.

278278
279-

`plugins.bundledMode` defaults to `"compat"` so older configs keep legacy

280-

bundled provider behavior. Set it to `"respect-allow"` when a restrictive

279+

`plugins.bundledDiscovery` defaults to `"compat"` so older configs keep legacy

280+

bundled provider behavior. Set it to `"allowlist"` when a restrictive

281281

`plugins.allow` inventory should also block omitted bundled provider plugins,

282282

including runtime web-search provider discovery. An empty `plugins.allow` is

283283

still treated as unset/open.

Original file line numberDiff line numberDiff line change

@@ -84,13 +84,13 @@ describe("implicit provider plugin allowlist compatibility", () => {

8484

).toEqual(["kilocode", "moonshot", "openrouter"]);

8585

});

8686
87-

it("respects allowlist for bundled plugins when bundledMode is respect-allow", () => {

87+

it("respects allowlist for bundled plugins when bundledDiscovery is allowlist", () => {

8888

const config = withBundledPluginEnablementCompat({

8989

config: withBundledPluginAllowlistCompat({

9090

config: {

9191

plugins: {

9292

allow: ["openrouter"],

93-

bundledMode: "respect-allow",

93+

bundledDiscovery: "allowlist",

9494

},

9595

},

9696

pluginIds: ["kilocode", "moonshot"],

Original file line numberDiff line numberDiff line change

@@ -161,12 +161,15 @@ export async function loadAndMaybeMigrateDoctorConfig(params: {

161161

}));

162162

}

163163
164-

const { collectPluginToolAllowlistWarnings } =

164+

const { collectBundledProviderAllowlistPolicyWarnings, collectPluginToolAllowlistWarnings } =

165165

await import("./doctor/shared/plugin-tool-allowlist-warnings.js");

166-

const pluginToolAllowlistWarnings = collectPluginToolAllowlistWarnings({

167-

cfg: candidate,

168-

env: process.env,

169-

});

166+

const pluginToolAllowlistWarnings = [

167+

...collectPluginToolAllowlistWarnings({

168+

cfg: candidate,

169+

env: process.env,

170+

}),

171+

...collectBundledProviderAllowlistPolicyWarnings({ cfg: candidate }),

172+

];

170173

if (pluginToolAllowlistWarnings.length > 0) {

171174

note(sanitizeDoctorNote(pluginToolAllowlistWarnings.join("\n")), "Doctor warnings");

172175

}

Original file line numberDiff line numberDiff line change

@@ -1,6 +1,9 @@

11

import { describe, expect, it } from "vitest";

22

import type { PluginManifestRegistry } from "../../../plugins/manifest-registry.js";

3-

import { collectPluginToolAllowlistWarnings } from "./plugin-tool-allowlist-warnings.js";

3+

import {

4+

collectBundledProviderAllowlistPolicyWarnings,

5+

collectPluginToolAllowlistWarnings,

6+

} from "./plugin-tool-allowlist-warnings.js";

47
58

const manifestRegistry: PluginManifestRegistry = {

69

diagnostics: [],

@@ -109,4 +112,29 @@ describe("collectPluginToolAllowlistWarnings", () => {

109112
110113

expect(warnings).toEqual([]);

111114

});

115+
116+

it("warns when restrictive plugins.allow leaves bundled provider discovery in compat mode", () => {

117+

const warnings = collectBundledProviderAllowlistPolicyWarnings({

118+

cfg: {

119+

plugins: { allow: ["telegram"] },

120+

},

121+

});

122+
123+

expect(warnings).toEqual([

124+

expect.stringContaining('set plugins.bundledDiscovery to "allowlist"'),

125+

]);

126+

});

127+
128+

it("does not warn when bundled provider discovery follows the allowlist", () => {

129+

const warnings = collectBundledProviderAllowlistPolicyWarnings({

130+

cfg: {

131+

plugins: {

132+

allow: ["telegram"],

133+

bundledDiscovery: "allowlist",

134+

},

135+

},

136+

});

137+
138+

expect(warnings).toEqual([]);

139+

});

112140

});

Original file line numberDiff line numberDiff line change

@@ -193,3 +193,21 @@ export function collectPluginToolAllowlistWarnings(params: {

193193
194194

return warnings;

195195

}

196+
197+

export function collectBundledProviderAllowlistPolicyWarnings(params: {

198+

cfg: OpenClawConfig;

199+

}): string[] {

200+

if (params.cfg.plugins?.enabled === false) {

201+

return [];

202+

}

203+

const allow = params.cfg.plugins?.allow;

204+

if (!Array.isArray(allow) || allow.length === 0) {

205+

return [];

206+

}

207+

if (params.cfg.plugins?.bundledDiscovery === "allowlist") {

208+

return [];

209+

}

210+

return [

211+

'- plugins.allow is restrictive, but bundled provider discovery is still in legacy compatibility mode. Bundled provider plugins can still appear in runtime provider inventories; set plugins.bundledDiscovery to "allowlist" after confirming omitted bundled providers are intentionally blocked.',

212+

];

213+

}

Original file line numberDiff line numberDiff line change

@@ -24186,12 +24186,12 @@ export const GENERATED_BASE_CONFIG_SCHEMA: BaseConfigSchemaResponse = {

2418624186

description:

2418724187

"Per-plugin settings keyed by plugin ID including enablement and plugin-specific runtime configuration payloads. Use this for scoped plugin tuning without changing global loader policy.",

2418824188

},

24189-

bundledMode: {

24189+

bundledDiscovery: {

2419024190

type: "string",

24191-

enum: ["compat", "respect-allow"],

24192-

title: "Bundled Plugin Mode",

24191+

enum: ["compat", "allowlist"],

24192+

title: "Bundled Plugin Discovery",

2419324193

description:

24194-

'Controls whether bundled plugins bypass plugins.allow on runtime discovery paths. "compat" (default) preserves legacy behavior where bundled provider plugins are force-loaded on every chat turn. "respect-allow" gates bundled plugins by the allowlist the same way third-party plugins are gated.',

24194+

'Controls bundled plugin runtime discovery when plugins.allow is configured. "compat" (default) preserves legacy behavior where bundled provider plugins can be force-loaded on every chat turn. "allowlist" gates bundled provider plugins by plugins.allow like third-party plugins.',

2419524195

},

2419624196

},

2419724197

additionalProperties: false,

@@ -28872,9 +28872,9 @@ export const GENERATED_BASE_CONFIG_SCHEMA: BaseConfigSchemaResponse = {

2887228872

help: "Optional allowlist of plugin IDs; when set, only listed plugins are eligible to load. Configured bundled chat channels can still activate their bundled plugin when the channel is explicitly enabled in config. Use this to enforce approved extension inventories in controlled environments.",

2887328873

tags: ["access"],

2887428874

},

28875-

"plugins.bundledMode": {

28876-

label: "Bundled Plugin Mode",

28877-

help: 'Controls whether bundled plugins bypass plugins.allow on runtime discovery paths. "compat" (default) preserves legacy behavior where bundled provider plugins are force-loaded on every chat turn. "respect-allow" gates bundled plugins by the allowlist the same way third-party plugins are gated.',

28875+

"plugins.bundledDiscovery": {

28876+

label: "Bundled Plugin Discovery",

28877+

help: 'Controls bundled plugin runtime discovery when plugins.allow is configured. "compat" (default) preserves legacy behavior where bundled provider plugins can be force-loaded on every chat turn. "allowlist" gates bundled provider plugins by plugins.allow like third-party plugins.',

2887828878

tags: ["advanced"],

2887928879

},

2888028880

"plugins.deny": {

Original file line numberDiff line numberDiff line change

@@ -1212,8 +1212,8 @@ export const FIELD_HELP: Record<string, string> = {

12121212

'Select the active memory plugin by id, or "none" to disable memory plugins.',

12131213

"plugins.slots.contextEngine":

12141214

"Selects the active context engine plugin by id so one plugin provides context orchestration behavior.",

1215-

"plugins.bundledMode":

1216-

'Controls whether bundled plugins bypass plugins.allow on runtime discovery paths. "compat" (default) preserves legacy behavior where bundled provider plugins are force-loaded on every chat turn. "respect-allow" gates bundled plugins by the allowlist the same way third-party plugins are gated.',

1215+

"plugins.bundledDiscovery":

1216+

'Controls bundled plugin runtime discovery when plugins.allow is configured. "compat" (default) preserves legacy behavior where bundled provider plugins can be force-loaded on every chat turn. "allowlist" gates bundled provider plugins by plugins.allow like third-party plugins.',

12171217

"plugins.entries":

12181218

"Per-plugin settings keyed by plugin ID including enablement and plugin-specific runtime configuration payloads. Use this for scoped plugin tuning without changing global loader policy.",

12191219

"plugins.entries.*.enabled":