chore(sync): mirror docs from openclaw/openclaw@3ae69498e2

This commit is contained in:
openclaw-docs-sync[bot] 2026-04-28 19:49:23 +00:00
parent 68a3412835
commit c57e3e7a50
2 changed files with 8 additions and 3 deletions

View File

@ -1,5 +1,5 @@
{
"repository": "openclaw/openclaw",
"sha": "0f3a9d812b40cbc8e545abcb80a1f12a93946cf6",
"syncedAt": "2026-04-28T19:41:23.616Z"
"sha": "3ae69498e2f168e0e4f4de90608d13d9548a570f",
"syncedAt": "2026-04-28T19:47:49.528Z"
}

View File

@ -230,7 +230,12 @@ or overlapping changed hunks.
The `CodeQL` workflow is intentionally a narrow first-pass security scanner,
not the full repository sweep. Daily and manual runs scan Actions workflow code
plus the highest-risk JavaScript/TypeScript auth, secrets, sandbox, cron, and
gateway surfaces with high-precision security queries.
gateway surfaces with high-precision security queries. The
channel-runtime-boundary job separately scans core channel implementation
contracts plus the channel plugin runtime, gateway, Plugin SDK, secrets, and
audit touchpoints under the `/codeql-critical-security/channel-runtime-boundary`
category so channel security signal can scale without broadening the baseline
JS/TS category.
The `CodeQL Android Critical Security` workflow is the scheduled Android
security shard. It builds the Android app manually for CodeQL on the smallest