@contextableai/clawg-ui 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -1
- package/package.json +1 -1
- package/src/http-handler.ts +11 -0
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.2.1 (2026-02-05)
|
|
4
|
+
|
|
5
|
+
### Fixed
|
|
6
|
+
- Return HTTP 429 `rate_limit` error when max pending pairing requests (3) is reached, instead of returning an empty pairing code
|
|
7
|
+
|
|
3
8
|
## 0.2.0 (2026-02-04)
|
|
4
9
|
|
|
5
10
|
### Added
|
|
@@ -13,7 +18,7 @@
|
|
|
13
18
|
|
|
14
19
|
### Security
|
|
15
20
|
- Device tokens are HMAC-signed and do not expose the gateway's master secret
|
|
16
|
-
- Pending pairing requests expire after
|
|
21
|
+
- Pending pairing requests expire after 1 hour (max 3 per channel)
|
|
17
22
|
- Each device requires explicit approval by the gateway owner
|
|
18
23
|
|
|
19
24
|
## 0.1.1 (2026-02-03)
|
package/package.json
CHANGED
package/src/http-handler.ts
CHANGED
|
@@ -240,6 +240,17 @@ export function createAguiHttpHandler(api: OpenClawPluginApi) {
|
|
|
240
240
|
pairingAdapter: aguiChannelPlugin.pairing,
|
|
241
241
|
});
|
|
242
242
|
|
|
243
|
+
// Rate limit reached - max pending requests exceeded
|
|
244
|
+
if (!pairingCode) {
|
|
245
|
+
sendJson(res, 429, {
|
|
246
|
+
error: {
|
|
247
|
+
type: "rate_limit",
|
|
248
|
+
message: "Too many pending pairing requests. Please wait for existing requests to expire (10 minutes) or ask the owner to approve/reject them.",
|
|
249
|
+
},
|
|
250
|
+
});
|
|
251
|
+
return;
|
|
252
|
+
}
|
|
253
|
+
|
|
243
254
|
// Generate signed device token
|
|
244
255
|
const deviceToken = createDeviceToken(gatewaySecret, deviceId);
|
|
245
256
|
|