Reject null governor policy values, remove the unused per-board
cadence knob, and await governor shutdown cleanly. Also scope the
agent query to governor-managed rows and drop temporary migration
server defaults.
Co-Authored-By: Claude <noreply@anthropic.com>
Collapse the cherry-picked governor schema changes into a single\nmigration on top of the current master head. This preserves the\nfeature while satisfying the one-migration-per-PR CI gate.
Co-Authored-By: Claude <noreply@anthropic.com>
Add a merge revision so the cherry-picked governor migrations coexist\nwith the newer master migration chain. This keeps alembic upgrade\nhead working from the current repository state.
Co-Authored-By: Claude <noreply@anthropic.com>
Set a9b1c2d3e4f7.down_revision = "a1b2c3d4e5f6" so the activity_events
migration depends on the webhook_secret migration, creating a linear
chain instead of two heads from the same parent.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Not all webhook providers use X-Hub-Signature-256 or X-Webhook-Signature.
Add an optional signature_header field so users can specify which header
carries the HMAC signature. When set, that exact header is checked;
when unset, the existing auto-detect fallback is preserved. The custom
header is also excluded from stored/exposed payload headers.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Webhook ingest endpoint was completely unauthenticated. Add an optional
`secret` field to BoardWebhook. When configured, inbound requests must
include a valid HMAC-SHA256 signature in X-Hub-Signature-256 or
X-Webhook-Signature headers. Uses hmac.compare_digest for timing safety.
Includes migration to add the secret column.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Added allow_insecure_tls boolean field to Gateway model and schemas
- Created database migration for the new field
- Updated GatewayConfig to include allow_insecure_tls parameter
- Modified openclaw_call to create SSL context that disables verification when allow_insecure_tls is true
- Updated all GatewayConfig instantiations throughout the backend
- Added checkbox to frontend gateway form (create and edit pages)
- Updated API endpoints to handle the new field
Co-authored-by: abhi1693 <5083532+abhi1693@users.noreply.github.com>
