harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
zeroclaw/src
History
harald 0e5215e1ef fix(security): allow 2>/dev/null and 2>&1 in shell commands, add policy logging 
The redirect blocker was rejecting safe stderr patterns like
2>/dev/null and 2>&1. Strip these before operator checks so they
don't trigger the generic > or & blockers.

Also adds debug/trace logging to all early rejection paths in
is_command_allowed for audit visibility.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 13:45:01 +01:00
..
agent feat(agent): emit tool status events from run_tool_call_loop 2026-02-21 07:39:50 +01:00
approval refactor(sync): migrate remaining std mutex usage to parking_lot 2026-02-18 00:45:26 +08:00
auth fix(auth): rebase PR #200 onto main and restore auth CLI flow 2026-02-18 12:57:44 +08:00
channels fix(channel): merge delivery instructions into initial system message 2026-02-25 12:19:59 +01:00
config feat(channel): add tool status display and configurable message timeout 2026-02-21 07:39:39 +01:00
cost refactor(sync): migrate remaining std mutex usage to parking_lot 2026-02-18 00:45:26 +08:00
cron fix(cron): correct false high-frequency warning for daily cron jobs 2026-02-21 07:36:03 +01:00
daemon feat(channel): add mention_only option for Telegram groups 2026-02-18 19:51:42 +08:00
doctor fix(providers): harden tool fallback and refresh model catalogs 2026-02-18 22:50:02 +08:00
gateway feat(memory): add configurable postgres storage backend 2026-02-18 20:29:26 +08:00
hardware fix(agent): parse tool-call alias tags in channel runtime 2026-02-18 00:28:08 +08:00
health refactor(sync): migrate remaining std mutex usage to parking_lot 2026-02-18 00:45:26 +08:00
heartbeat test: deepen and complete project-wide test coverage (#297) 2026-02-16 05:58:24 -05:00
integrations feat(matrix): enable e2ee flow and add channel operations docs 2026-02-18 22:45:11 +08:00
memory feat(proxy): add scoped proxy configuration and docs runbooks 2026-02-18 22:10:42 +08:00
observability fix(observability): remove duplicate no-op observer event arms 2026-02-18 22:47:22 +08:00
onboard feat(onboard): add and harden Lark/Feishu wizard support 2026-02-19 10:37:47 +08:00
peripherals fix(agent): parse tool-call alias tags in channel runtime 2026-02-18 00:28:08 +08:00
providers fix(provider): polish kimi-code wiring and onboarding parity 2026-02-19 01:15:02 +08:00
rag chore(lint): extend low-risk clippy cleanup batch 2026-02-17 16:40:58 +08:00
runtime test(runtime): stabilize docker root mount assertion 2026-02-18 14:42:39 +08:00
security fix(security): allow 2>/dev/null and 2>&1 in shell commands, add policy logging 2026-02-25 13:45:01 +01:00
service fix(gateway): persist pairing tokens and honor docker config (#630) 2026-02-17 15:05:56 -05:00
skillforge fix(providers): use Bearer auth for Gemini CLI OAuth tokens 2026-02-15 14:32:33 -05:00
skills Merge remote-tracking branch 'origin/main' into feat/glm-provider 2026-02-17 13:27:58 -05:00
tools feat(observability): add debug/trace logging to shell tool and command policy 2026-02-25 13:13:19 +01:00
tunnel feat(proxy): add scoped proxy configuration and docs runbooks 2026-02-18 22:10:42 +08:00
identity.rs test: cover deterministic HashMap ordering paths 2026-02-18 21:55:40 +08:00
lib.rs fix(auth): rebase PR #200 onto main and restore auth CLI flow 2026-02-18 12:57:44 +08:00
main.rs fix(providers): harden tool fallback and refresh model catalogs 2026-02-18 22:50:02 +08:00
migration.rs readd tests, remove markdown files 2026-02-18 14:42:39 +08:00
util.rs fix(channels): check response status in send() for Telegram, Slack, and Discord 2026-02-15 09:48:58 -05:00