mirror of
http://192.168.0.88:13333/lywsvip/openclaw-zero-token.git
synced 2026-06-30 23:45:14 +08:00
571e14a236
Major upgrade from e26988a38 to upstream v2026.3.28 (f9b107928).
Key changes:
- Upstream src/, ui/, extensions/ (89 bundled extensions)
- Zero-token web providers preserved in src/zero-token/
- AskOnce plugin restored and registered as CLI command
- Added missing packages: @anthropic-ai/vertex-sdk, @modelcontextprotocol/sdk
- Fixed tsconfig rootDir, skipLibCheck for plugin-sdk DTS build
- Added askonce to bundled plugin metadata and package.json exports
- Fixed AskOnce CLI command registration (missing commands metadata)
- Restored AskOnce adapter imports (correct 5-level relative paths)
- Removed stale migration artifacts from root directory
59 lines
2.0 KiB
TypeScript
59 lines
2.0 KiB
TypeScript
import { listSecretTargetRegistryEntries } from "./target-registry.js";
|
|
|
|
type CredentialMatrixEntry = {
|
|
id: string;
|
|
configFile: "openclaw.json" | "auth-profiles.json";
|
|
path: string;
|
|
refPath?: string;
|
|
when?: { type: "api_key" | "token" };
|
|
secretShape: "secret_input" | "sibling_ref"; // pragma: allowlist secret
|
|
optIn: true;
|
|
notes?: string;
|
|
};
|
|
|
|
export type SecretRefCredentialMatrixDocument = {
|
|
version: 1;
|
|
matrixId: "strictly-user-supplied-credentials";
|
|
pathSyntax: 'Dot path with "*" for map keys and "[]" for arrays.';
|
|
scope: "Credentials that are strictly user-supplied and not minted/rotated by OpenClaw runtime.";
|
|
excludedMutableOrRuntimeManaged: string[];
|
|
entries: CredentialMatrixEntry[];
|
|
};
|
|
|
|
const EXCLUDED_MUTABLE_OR_RUNTIME_MANAGED = [
|
|
"commands.ownerDisplaySecret",
|
|
"hooks.token",
|
|
"hooks.gmail.pushToken",
|
|
"hooks.mappings[].sessionKey",
|
|
"auth-profiles.oauth.*",
|
|
"discord.threadBindings.*.webhookToken",
|
|
"whatsapp.creds.json",
|
|
];
|
|
|
|
export function buildSecretRefCredentialMatrix(): SecretRefCredentialMatrixDocument {
|
|
const entries: CredentialMatrixEntry[] = listSecretTargetRegistryEntries()
|
|
.map((entry) => ({
|
|
id: entry.id,
|
|
configFile: entry.configFile,
|
|
path: entry.pathPattern,
|
|
...(entry.refPathPattern ? { refPath: entry.refPathPattern } : {}),
|
|
...(entry.authProfileType ? { when: { type: entry.authProfileType } } : {}),
|
|
secretShape: entry.secretShape,
|
|
optIn: true as const,
|
|
...(entry.id.startsWith("channels.googlechat.")
|
|
? { notes: "Google Chat compatibility exception: sibling ref field remains canonical." }
|
|
: {}),
|
|
}))
|
|
.toSorted((a, b) => a.id.localeCompare(b.id));
|
|
|
|
return {
|
|
version: 1,
|
|
matrixId: "strictly-user-supplied-credentials",
|
|
pathSyntax: 'Dot path with "*" for map keys and "[]" for arrays.',
|
|
scope:
|
|
"Credentials that are strictly user-supplied and not minted/rotated by OpenClaw runtime.",
|
|
excludedMutableOrRuntimeManaged: [...EXCLUDED_MUTABLE_OR_RUNTIME_MANAGED],
|
|
entries,
|
|
};
|
|
}
|