Tags: peg/rampart
Tags
v0.9.9 Security: - Fix HMAC approval handler ordering — persist check now before Resolve() Bug fixes: - Fix Always Allow writeback — pendingCommands now populated for ActionAsk decisions - Fix bridge audit trail — bridge now writes full audit events (was logging empty params) - Fix rampart watch — warns when serve is unreachable instead of silent failure - Fix rampart policy generate — templates now emit action: ask (was require_approval) Breaking changes: - action: require_approval removed — use action: ask - GET /v1/policy endpoint removed — use GET /v1/status or GET /v1/policies - --serve-token flag removed — use RAMPART_TOKEN env or ~/.rampart/token - --env flag removed — use --agents Tests: - Add regression tests for always-allow writeback, bridge audit sink, ActionAsk pendingCommands, rampart allow --for duration
v0.9.8 — policy rules, bridge cross-resolve, API consistency - rampart policy rules: show active policies grouped by source file - Bridge cross-resolve: Discord clicks now unblock shim approvals - Bridge ASK deferral: no competing timer, pure Discord UI for OpenClaw - API consistency: allowed bool + suggestions on all tool responses - Approval timeout: 1h → 2m (matches OpenClaw's 130s window) - GET /v1/policies: new canonical policy detail endpoint
v0.9.7 — Native OpenClaw integration, bridge device identity fix, pol… …icy improvements - Native OpenClaw exec approval integration via bridge (device identity fix) - 'Always Allow' writes persistent rules to user-overrides.yaml - exec/web_fetch/browser/message tool patches + exec dist patch - rampart doctor granular patch checks + --fix flag - MCP input bypass fix, policy explain URL params fix - ngrok.io bare domain, allow-always glob fix, startup migration - Default port consistency (9090 everywhere) - README rewrite
PreviousNext