lzh/picoclaw
1
0
Fork 0
mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,387 Commits 12 Branches 15 Tags
2efbe5d560e7ed9bc5209c203dc4aa6ecdbc7405
Commit Graph

1555 Commits

Author SHA1 Message Date
Mauro 2efbe5d560 Merge pull request #3085 from ACMYuechen/fix/tools-ssrf-198.18 
fix(tools): block 198.18.0.0/15 in SSRF guard
 2026-06-11 00:16:24 +02:00
程智超0668000959 8a2c67fe70 fix: check strconv.Atoi and json.Unmarshal errors 
short_retrieval.go: Check Atoi error even though regex ensures numeric input. gateway.go: Log warning when gateway config JSON is malformed instead of silently using defaults.
 2026-06-10 14:03:53 +08:00
Yue_chen 2ecdb893d5 fix(tools): block 198.18.0.0/15 in SSRF guard 
RFC 2544 benchmark addresses (198.18.0.0/15) are not globally routable
but were missing from the isPrivateOrRestrictedIP blocklist, allowing
SSRF bypasses via literal IPv4.

Fixes #3077
 2026-06-09 19:01:42 +08:00
程智超0668000959 fc90a5af23 fix(config): add ok check for type assertion in migration model name indexing 2026-06-09 09:41:14 +08:00
Mauro 46b29a0ae9 Merge pull request #3062 from trufae/health-ready 
fix: health check always returning not ready
 2026-06-08 19:04:09 +02:00
Mauro 13bf650807 Merge pull request #3058 from chengzhichao-xydt/codex/webfetch-allowed-host-type-assert 
fix(webfetch): add ok check for type assertion in isAllowedFirstHopHost
 2026-06-08 18:51:42 +02:00
Mauro 0f86d9aacb Merge pull request #3057 from chengzhichao-xydt/codex/subagent-spawn-type-assertions 
fix(tools): add ok checks for type assertions in subagent and spawn tools
 2026-06-08 18:51:14 +02:00
Mauro c215a4caaf Merge pull request #3056 from chengzhichao-xydt/codex/base-tool-type-assertions 
fix(tools): add ok checks for context value type assertions in base.go
 2026-06-08 18:50:27 +02:00
Mauro 5b9f9c85a9 Merge pull request #3055 from chengzhichao-xydt/codex/context-getwd-error 
fix(agent): handle os.Getwd error in NewContextBuilder
 2026-06-08 18:48:09 +02:00
pancake fac5603daf fix: health check always returning not ready 2026-06-08 12:14:06 +02:00
程智超0668000959 a4e8fe953e fix(webfetch): add ok check for type assertion in isAllowedFirstHopHost 2026-06-08 17:25:44 +08:00
程智超0668000959 77017eb57d fix(tools): add ok checks for type assertions in subagent and spawn tools 2026-06-08 17:25:19 +08:00
程智超0668000959 92a647bfcf fix(tools): add ok checks for context value type assertions in base.go 2026-06-08 17:24:50 +08:00
程智超0668000959 8a246c2282 fix(agent): handle os.Getwd error in NewContextBuilder without behavior regression 2026-06-08 16:52:00 +08:00
2023478 3bba6338ca fix: handle Telegram location messages 2026-06-08 15:53:42 +08:00
Mauro 12c36572a5 Merge pull request #3051 from chengzhichao-xydt/codex/error-wrap-percent-w 
fix: use %w instead of %v for error wrapping in channels and mcp
 2026-06-08 09:14:02 +02:00
程智超0668000959 1ab442b12c refactor: replace log.Printf/fmt.Printf with structured logger 
Replace raw log.Printf and fmt.Printf calls in pkg/state, pkg/agent, and pkg/tools with structured logger calls (WarnCF/InfoCF). This ensures warnings and info messages are routed through the configured logging infrastructure instead of raw stderr/stdout.
 2026-06-08 09:18:02 +08:00
程智超0668000959 3f435c5e56 fix: use %w instead of %v for error wrapping 
errutil.go: Change %v to %w in ClassifySendError and ClassifyNetError so callers can use errors.Is/errors.As on the underlying HTTP/network error.

isolated_command_transport.go: Change %v to %w in Close() and Write() error paths for the same reason.
 2026-06-08 09:10:14 +08:00
Mauro 875cf4a2d4 Merge pull request #3042 from chengzhichao-xydt/codex/evolution-getwd-errors 
fix: handle os.Getwd() error in evolution skills_recall and drafts
 2026-06-08 00:13:32 +02:00
jp39 0a3a7881c6 Add native Kagi web search provider 2026-06-07 16:27:50 +02:00
程智超0668000959 cbb684be01 fix: handle os.Getwd error in evolution skills_recall and drafts 
When os.Getwd fails, wd is empty and builtinSkillsDir resolves to relative path, causing confusing downstream errors. Fall back to config.GetHome on error.
 2026-06-07 21:05:16 +08:00
Mauro ebb04abb38 Merge pull request #3034 from chengzhichao-xydt/codex/feishu-resource-close-error 
fix: check Close() error on feishu resource download
 2026-06-07 14:58:21 +02:00
程智超0668000959 f037a112b2 fix: avoid err shadow in feishu close check 
Use distinct variable names (writeErr, closeErr) to avoid
shadowing the outer err, so a deferred close failure is
still captured.
 2026-06-07 20:35:57 +08:00
Mauro 10115f941c Merge pull request #3035 from chengzhichao-xydt/codex/file-copy-close-errors 
fix: check Close() error after io.Copy to writable files
 2026-06-07 14:06:57 +02:00
Mauro db13367404 Merge pull request #3036 from SutraHsing/codex/2941-claude-sonnet-model-id 
fix(config): use canonical Anthropic default model ID
 2026-06-07 14:02:25 +02:00
Sutra Hsing 007b2ae8bd fix(config): use canonical Anthropic default model ID 2026-06-07 15:43:26 +08:00
程智超0668000959 2d1fb953fc fix: check Close() error after io.Copy to writable files 2026-06-07 12:09:01 +08:00
程智超0668000959 b1d727ebaf fix: check Close() error on feishu resource download 2026-06-07 11:57:10 +08:00
程智超0668000959 f7be21bb11 fix: check Close() error after downloading media file 2026-06-07 11:53:38 +08:00
Mauro c19e4e8db1 Merge pull request #3022 from chengzhichao-xydt/codex/sync-map-assertions 
fix: add ok checks for sync.Map LoadAndDelete/Load type assertions
 2026-06-06 16:20:28 +02:00
程智超0668000959 4290aa8b5b fix: check Close() errors in updater extraction functions 2026-06-06 21:34:24 +08:00
程智超0668000959 5f0d368995 fix: add ok checks for sync.Map LoadAndDelete/Load type assertions 2026-06-06 21:17:07 +08:00
程智超0668000959 4752a67a7c fix: type-switch capture, nil guard, LastInsertId error check 
Three defensive fixes: 1) whatsapp_native - use type-switch capture instead of redundant unchecked assertion 2) config - add nil receiver guard to FilterSensitiveData 3) seahorse/store - check LastInsertId error in 3 locations
 2026-06-06 16:32:14 +08:00
Mauro 89ee8f1b39 Merge pull request #2915 from SiYue-ZO/feat/mimo-common-models 
feat(providers): add CommonModels for MiMo provider
 2026-06-05 20:52:29 +02:00
Mauro b10f9cdf18 Merge pull request #2985 from chengzhichao-xydt/codex/context-show-summarize-threshold 
fix(context): show both summarize and compress thresholds in /context
 2026-06-05 19:24:54 +02:00
Mauro 0b7aaac2b2 Merge pull request #3009 from chengzhichao-xydt/codex/onebot-group-reply-fix 
fix(onebot): use prefixed chatID for group reply routing
 2026-06-05 19:14:56 +02:00
Mauro 8e7e910f67 Merge pull request #3010 from chengzhichao-xydt/codex/channel-hash-type-assertions 
fix(channels): add ok checks for type assertions in toChannelHashes
 2026-06-05 19:12:45 +02:00
Mauro 71524183b6 Merge pull request #3011 from chengzhichao-xydt/codex/legacy-events-ok-assert 
fix(agent): add ok check for LoadAndDelete type assertion
 2026-06-05 19:12:22 +02:00
程智超0668000959 6c882ec5e7 fix(agent): log warning when LoadAndDelete type assertion fails 
Add a warning log when the type assertion from sync.Map.LoadAndDelete fails in UnsubscribeEvents, per review suggestion. This makes a mismatched type observable for debugging.
 2026-06-06 00:32:49 +08:00
程智超0668000959 9f246a6482 test(channels): add edge case tests for toChannelHashes type assertions 
Add 3 tests covering scenarios that previously panicked: 1) missing enabled key in settings 2) enabled field with non-bool type 3) teams_webhook with webhooks using map[string]any from JSON unmarshal
 2026-06-06 00:31:44 +08:00
程智超0668000959 7a7e205cc8 fix(context): expose history tokens and remove leaked state files 
Address remaining review feedback: 1) Add HistoryTokens field to ContextUsage/ContextStats, showing history-only token count in /context and frontend UI alongside SummarizeAtTokens so users can see the actual summarization trigger comparison. 2) Remove .codebuddy/github-contribute/ state files accidentally included in the PR.
 2026-06-06 00:28:32 +08:00
Mauro cc712a1adb Merge pull request #2979 from afjcjsbx/fix/pr-2962 
fix: support anthropic-sdk-go v1.46.0 in anthropic provider
 2026-06-05 10:04:44 +02:00
Mauro 52e3ea72ba Merge pull request #3001 from chengzhichao-xydt/codex/workspace-guard-schemeless-url 
fix(tools): allow scheme-less URLs in workspace guard
 2026-06-05 08:54:59 +02:00
程智超0668000959 f0f809db35 fix(agent): add ok check for LoadAndDelete type assertion 
sync.Map.LoadAndDelete returns any; unprotected type assertion could panic if an unexpected type were stored. Add ok check to safely handle mismatched types.
 2026-06-05 10:12:14 +08:00
程智超0668000959 e5c7772d3c fix(channels): add ok checks for type assertions in toChannelHashes 
Two type assertions in toChannelHashes could panic when channel config values had unexpected types from JSON unmarshal: 1) value[enabled].(bool) panics if the key is missing or not a bool 2) vv.(map[string]string) panics when JSON unmarshal produces map[string]any. Add ok checks to safely handle both cases.
 2026-06-05 09:49:44 +08:00
程智超0668000959 32ea611f0c fix(onebot): use prefixed chatID for group reply routing 
When an incoming group message is received, the inbound context ChatID was set to the raw group number without the group: prefix. This caused the outbound reply to use send_private_msg instead of send_group_msg. Fix by using the prefixed chatID as inbound context ChatID. Closes #3002
 2026-06-05 09:37:00 +08:00
程智超0668000959 296a8ae287 fix(context): address review - clarify threshold alignment, i18n strings, add test coverage 2026-06-05 09:27:45 +08:00
程智超0668000959 a6735517d2 test(tools): add unit tests for scheme-less URL workspace guard detection 2026-06-05 09:17:40 +08:00
Meng Zhuo 5224b9a4bc Merge pull request #3008 from afjcjsbx/fix/larksuite-v3.9.4-compat 
fix: adapt to larksuite oapi-sdk-go v3.9.4 breaking changes (follow-up to #3005)
 2026-06-05 08:34:33 +08:00
Mauro 976ecc68b7 Merge pull request #3000 from chengzhichao-xydt/codex/pid-verify-process-identity 
fix(pid): verify process identity in singleton PID check
 2026-06-05 00:02:55 +02:00