#19660: fix: respect HTTP_PROXY/HTTPS_PROXY env vars for undici fetch

## Summary - Problem: Node.js `fetch` (backed by undici) ignores `HTTP_PROXY`/`HTTPS_PROXY` environment variables, so users behind corporate proxies cannot use OpenClaw. - Why it matters: Many enterprise/corporate environments require all outbound traffic to route through a proxy. Without this, OpenClaw is unusable in those environments. - What changed: Added `EnvHttpProxyAgent` as the global undici dispatcher in `src/proxy-setup.ts` when proxy env vars are detected, called from `src/entry.ts`. - What did NOT change (scope boundary): No per-request proxy logic, no changes to existing Telegram proxy code, no new dependencies (undici is already bundled with Node.js). ## Change Type (select all) - [x] Bug fix - [ ] Feature - [ ] Refactor - [ ] Docs - [ ] Security hardening - [ ] Chore/infra ## Scope (select all touched areas) - [x] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [x] Integrations - [ ] API / contracts - [ ] UI / DX - [ ] CI/CD / infra ## Linked Issue/PR - Fixes #20549 - Closes #2102 ## User-visible / Behavior Changes - When `HTTP_PROXY`, `HTTPS_PROXY`, `http_proxy`, or `https_proxy` env vars are set, all outbound `fetch()` calls will route through the specified proxy. - `NO_PROXY` is respected automatically via `EnvHttpProxyAgent` (e.g., localhost traffic is not proxied). - No behavior change when no proxy env vars are set (zero-cost path). ## Security Impact (required) - New permissions/capabilities? `No` - Secrets/tokens handling changed? `No` - New/changed network calls? `Yes` — outbound fetch calls are routed through a proxy when configured via standard env vars. - Command/tool execution surface changed? `No` - Data access scope changed? `No` - Risk + mitigation: The proxy URL could contain credentials (e.g., `http://user:pass@proxy:8080`). These are read from env vars (already trusted input) and passed directly to undici's `EnvHttpProxyAgent` without logging. No new credential surface is introduced — this matches standard proxy configuration patterns used by curl, wget, and other tools. ## Repro + Verification ### Environment - OS: Linux (also applicable to macOS, Windows) - Runtime/container: Node.js 22+ with undici ^7.22.0 - Model/provider: Any (affects all outbound HTTP) - Integration/channel: All channels (gateway, CLI, agents) ### Steps 1. Set `HTTPS_PROXY=http://your-proxy:8080` in your environment 2. Run OpenClaw CLI or gateway 3. Attempt any operation that makes an outbound HTTP call (e.g., chat with an API-based model) ### Expected - Outbound requests route through the proxy successfully ### Actual (before fix) - Outbound requests bypass the proxy, failing in environments that block direct connections ## Evidence - [x] Failing test/log before + passing after - [ ] Trace/log snippets - [ ] Screenshot/recording - [ ] Perf numbers (if relevant) 5 unit tests in `src/entry-proxy.test.ts` covering: HTTPS_PROXY, HTTP_PROXY, lowercase variants, no-op when unset, and NO_PROXY coexistence. ## Human Verification (required) - Verified scenarios: Unit tests pass for all env var variants and the no-op case. Confirmed the no-proxy code path works correctly in production — gateway starts, all outbound API calls (model inference, web search) succeed without interference from the proxy guard logic. - Edge cases checked: NO_PROXY respected (EnvHttpProxyAgent handles this natively), lowercase env var variants, HTTPS_PROXY precedence over HTTP_PROXY - What you did **not** verify: Live proxy routing through an actual HTTP proxy server (requires corporate proxy infrastructure) ## Compatibility / Migration - Backward compatible? `Yes` — no behavior change when proxy env vars are unset - Config/env changes? `No` — uses standard, well-known env vars - Migration needed? `No` ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: Unset HTTP_PROXY/HTTPS_PROXY env vars - Files/config to restore: `src/entry.ts`, `src/proxy-setup.ts` - Known bad symptoms reviewers should watch for: Connection timeouts when proxy is misconfigured, localhost connections failing if NO_PROXY is not set correctly ## Risks and Mitigations - Risk: `EnvHttpProxyAgent` could affect localhost connections where services communicate internally. - Mitigation: `EnvHttpProxyAgent` respects `NO_PROXY` env var. Users should set `NO_PROXY=localhost,127.0.0.1` when using a proxy with local services. - Risk: Async race — proxy dispatcher set after early fetch calls. - Mitigation: Dispatcher is set synchronously in `entry.ts` before any imports that trigger network activity. The actual CLI/gateway bootstrap is async and happens later. ## AI-assisted This PR was AI-assisted. The code is understood and unit-tested.