Ensure unique URL-safe shortnames by appending numeric suffixes when
collisions occur. Applied during project creation, update, and company
import flows.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New adapter type for invoking OpenClaw agents via the gateway protocol.
Registers in server, CLI, and UI adapter registries. Adds onboarding
wizard support with gateway URL field and e2e smoke test script.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When a company has "require board approval for new agents" enabled,
hiring an agent creates a pending approval that requires the user
(as a board member) to approve before the agent can start working.
However, the sidebar inbox badge did not include pending approvals
in its count, so there was no visual indicator that action was needed.
Users had no way of knowing an approval was waiting unless they
happened to open the Inbox page manually.
The root cause: the sidebar-badges service correctly included
approvals in the inbox total, but the route handler overwrites
badges.inbox to add alertsCount and staleIssueCount — and in
doing so dropped badges.approvals from the sum.
Add badges.approvals to the inbox count recalculation so that
pending and revision-requested approvals surface in the sidebar
notification badge alongside failed runs, alerts, stale work,
and join requests.
Affected files:
- server/src/routes/sidebar-badges.ts
Accept x-openclaw-token as the preferred auth header for OpenClaw
invite/join flows, falling back to x-openclaw-auth for backwards
compatibility. Update diagnostics messages accordingly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add OpenClawEndpointKind type to distinguish between /hooks/wake,
/hooks/agent, open_responses, and generic endpoints. Build appropriate
payloads per endpoint kind with optional sessionKey inclusion.
Refactor webhook execution to use endpoint-aware payload construction.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Introduced SVG sanitization using `dompurify` to prevent malicious content.
- Updated tests to validate SVG sanitization with various scenarios.
- Enhanced response headers for assets, adding CSP and nosniff for SVGs.
- Adjusted UI to better clarify supported file types for logo uploads.
- Updated dependencies to include `jsdom` and `dompurify`.
Agents were being woken immediately when an issue was created or
reassigned with status "backlog", defeating the purpose of backlog
as "not ready to work on yet" (issue #96).
Added `&& issue.status !== "backlog"` guard to both the CREATE and
PATCH wakeup paths, mirroring the existing done/cancelled suppression
pattern already present in the file.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add skill URL note to onboarding text document and strengthen callback
reachability test language in company settings invite snippet.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* public-gh/master:
fix(auth): apply effective trusted origins and honor allowed hostnames in public mode
fix(onboard): preserve env-derived secrets defaults and report ignored exposure env in local_trusted mode
fix: parseBooleanFromEnv silently treats common truthy values as false
set `PAPERCLIP_PUBLIC_URL` in compose files
centralize URLs into single canonical URL var
When approving an agent join request with a shortname already in use,
append a numeric suffix (e.g. "openclaw-2") instead of returning an error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The sidebar badge count was missing join requests from its inbox total,
and the live updates provider had no handler for join_request entity
type, so new join requests wouldn't appear until manual page refresh.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The previous fix (8151331) set res.err but pino-http wasn't picking it
up (likely Express 5 response object behavior). Switch to a custom
__errorContext property on the response that customErrorMessage and
customProps read directly, bypassing pino-http's unreliable res.err
check. Remove duplicate manual logger.error calls from the error
handler since pino-http now gets the full context.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The server-side badge counted agent error alerts independently of failed
runs, but the UI suppresses agent error alerts when individual failed run
cards are already shown. This mismatch caused the badge to show e.g. 2
while only 1 item was visible. Align server logic with the client.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- pino-http customErrorMessage now includes the real error message
- customProps includes reqBody, reqParams, reqQuery, and routePath for 4xx/5xx
- Error handler logs full request context (body, params, query) for both
HttpError 500s and unhandled errors
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* public-gh/master:
fix(ui): wrap failed run card actions on mobile
feat(codex): add gpt-5.4 to codex_local model list
persist paperclip data in a named volume
add support to `cursor` and `opencode` in containerized instances
force `@types/node@24` in the server
Add artifact-check to fail fast on broken builds
remove an insecure default auth secret
expose `PAPERCLIP_ALLOWED_HOSTNAMES` in compose files
wait for a health db
update lock file
update typing to node v24 from v20
add missing `openclaw` adapter from deps stage
fix incorrect pkg scope
update docker base image
move docker into `authenticated` deployment mode
Same issue as the UI fix — merge conflict resolution kept HEAD's
reference to the removed constant. OpenCode uses strict model
selection with no default.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
