openclaw/hermes-agent
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity
Files
c0b17b3c0cb15fa92bd348162e6bc58d6d6336cd
hermes-agent/gateway
History
EloquentBrush0x 784d8dd2c2 fix(matrix): fail-closed approval reaction auth when MATRIX_ALLOWED_USERS is empty 
The _on_reaction approval handler used:

    if self._allowed_user_ids and sender not in self._allowed_user_ids:

When MATRIX_ALLOWED_USERS is not configured, _allowed_user_ids is an
empty set. The short-circuit on the empty set caused the deny block to
never execute, allowing any Matrix room member to approve or deny tool
calls via / reactions — even users that run.py's _is_user_authorized
would reject for regular messages.

Fix mirrors the Telegram _is_callback_user_authorized fix (commit
89d32052e, PR #28494): deny by default when no allowlist is configured,
unless GATEWAY_ALLOW_ALL_USERS=true is explicitly set.
2026-05-29 03:58:45 -07:00
..
assets
fix: improve telegram topic mode setup
2026-05-04 12:07:17 -07:00
builtin_hooks
remove: BOOT.md built-in hook (#17093)
2026-04-28 09:50:27 -07:00
platforms
fix(matrix): fail-closed approval reaction auth when MATRIX_ALLOWED_USERS is empty
2026-05-29 03:58:45 -07:00
__init__.py
docs(gateway): mention Weixin in gateway help and docstrings
2026-05-12 17:08:51 -07:00
channel_directory.py
refactor(ntfy): convert built-in adapter to platform plugin
2026-05-23 16:13:01 -07:00
config.py
refactor(gateway): migrate Mattermost adapter to bundled plugin
2026-05-24 18:05:33 -07:00
delivery.py
refactor: simplify Telegram DM topic refresh
2026-05-25 14:54:02 -07:00
display_config.py
fix(gateway): keep Telegram heartbeat + interim commentary on; edit heartbeat in place (#33187)
2026-05-27 05:21:53 -07:00
hooks.py
fix(plugins): register dynamically-loaded modules in sys.modules before exec
2026-04-29 23:34:35 -07:00
memory_monitor.py
Port from cline/cline#10343: periodic gateway memory logging (#27102)
2026-05-16 12:55:23 -07:00
mirror.py
refactor(gateway): drop _append_to_jsonl from mirror
2026-05-20 13:00:57 -07:00
pairing.py
fix(gateway): preserve WhatsApp pairing approvals across JID/LID alias flips
2026-05-23 01:46:34 -07:00
platform_registry.py
refactor(plugins): add apply_yaml_config_fn registry hook
2026-05-13 22:20:30 -07:00
restart.py
fix(gateway): address restart review feedback
2026-04-10 21:18:34 -07:00
run.py
feat(gateway): warn at startup on manual approvals with no risk assessor
2026-05-29 03:44:49 -07:00
runtime_footer.py
chore: prune unused imports and duplicate import redefinitions
2026-05-28 22:26:25 -07:00
session_context.py
fix(cli): synchronize HERMES_SESSION_ID across environment and contextvar during session switches
2026-05-23 17:46:55 -07:00
session.py
fix(gateway): separate observed Telegram group context
2026-05-23 01:33:42 -07:00
shutdown_forensics.py
chore: ruff auto-fixes — collapsible-else-if, if-stmt-min-max, dict.fromkeys (#23926)
2026-05-11 11:03:29 -07:00
slash_access.py
feat(gateway): per-platform admin/user split for slash commands (salvage of #4443) (#23373)
2026-05-10 12:33:54 -07:00
status.py
fix: gateway PID detection fails on Windows (two issues)
2026-05-13 23:10:57 -07:00
sticker_cache.py
fix: guard yaml.safe_load, flock unlock, TOCTOU races, and atomic writes
2026-05-19 00:12:41 -07:00
stream_consumer.py
fix(stream-consumer): only set _final_content_delivered when final response confirmed delivered
2026-05-28 03:15:19 -07:00
whatsapp_identity.py
fix(whatsapp_identity): pin identifier regex to ASCII, clarify it's defense-in-depth
2026-04-26 20:48:31 -07:00