External session catalog groups (Claude/Codex) now render inside the
sidebar's sessions scroller instead of stacking as sibling scroll-less
sections below it. This restores one scrollable sessions list, aligns
catalog heads/rows with the main list's insets, and stops squeezed
catalog sections from painting over each other under the shell body's
overflow clip.
* chore: remove dead sanitizeThinkingSignatures field from transcript policy
The sanitizeThinkingSignatures field on TranscriptPolicy and
AgentRuntimeTranscriptPolicy was orphaned when the google-antigravity
provider was removed in 382fe8009a. That commit deleted the only
consumer (sanitizeSessionHistory in google.ts) but left the field
declaration in both types and the default value, plus stale
references across test fixtures.
Remove the field from:
- TranscriptPolicy type and DEFAULT_TRANSCRIPT_POLICY (transcript-policy.ts)
- AgentRuntimeTranscriptPolicy (runtime-plan/types.ts)
- All test/mock/compact-harness references (14 sites)
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* chore: remove blank lines from transcript policy cleanup
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-authored-by: Colin <colin@solvely.net>
* feat(gateway): standalone approval deep-link page
Squash-rebased #103698 segment onto the typed-actions tip on current main.
Adds the tokenless /approve/{id} standalone approval UI served by the
gateway control-UI router, gateway-store ephemeral login fix (selectGateway
only on changed URL), and approval-page i18n strings.
Drift reconciliation: union-merged i18n translation-memory caches and
regenerated locale metadata via control-ui-i18n sync (33 approvalPage keys
remain English fallbacks in minor locales, as on the original branch).
(cherry picked from commit c82f56011bfe9f0debb8ebe052f14590c187340d)
(cherry picked from commit 80f5636a8b67a3d6a5f330620541a39d4ef3fe6f)
(cherry picked from commit a3e300d337a92bf1b593a0bb52b7ec4549910a21)
(cherry picked from commit 860ad01f9658bba54cb3d59644e5e1a032c0bb3f)
(cherry picked from commit d8b697b28a847950a1797da07fc0ae4c24928492)
(cherry picked from commit 8a654e3271fd5721358812f961a7a7bb386d6726)
(cherry picked from commit 2f776d2e7bf910271fcbd9697597f6f5478b0f30)
(cherry picked from commit 14e64e6e4d763be830830801eeec1a6f17441688)
(cherry picked from commit 4df9ec828d0034fdc76540ff0fe341e599b0f281)
(cherry picked from commit e52968f4ab)
(cherry picked from commit 7214fc25013966f99ff4b2d506aa2f5f789e2113)
(cherry picked from commit c6259ff79787c759c136086e1a54c9ead8e89539)
(cherry picked from commit a58d9f271d27481615f0c94a828704c563d5354f)
(cherry picked from commit dcf1cb6d98)
* fix(ui): preserve approval page gateway auth
* fix(ui): keep approval disconnects fail closed
* style(ui): format approval disconnect copy
* feat(fleet): per-cell disk limits, egress policy, backup/restore, logs, and doctor
- fleet create --disk <size> caps the container writable layer via --storage-opt;
unsupported storage backends fail create with an actionable support-matrix
error, and the limit replays across upgrade/restore through a fleet-owned
container label because Podman inspect has no HostConfig.StorageOpt.
- fleet create --network bridge|internal adds an opt-in no-egress mode on
Podman (published loopback port keeps working, verified live); Docker
internal cells are rejected fail-closed because Docker does not publish
loopback ports on internal networks.
- fleet backup/restore: per-tenant 0600 tar archives with manifest tenant
binding, symlink/hardlink rejection, byte and path-segment budgets,
root-bounded extraction, atomic no-overwrite publish, lease fencing, and
Gateway token rotation on restore; failures preserve displaced data and
never leave a force-stopped or half-started cell serving silently.
- fleet logs: ownership-asserted, bounded, token-redacted on both streams,
with a generation re-check so a concurrent restore cannot leak a rotated
token.
- fleet doctor: read-only per-cell audit of ownership labels, health,
hardening drift, loopback port binding, token presence, network egress
mode, and 0700 state-dir permissions; any failed finding exits nonzero.
Cross-runtime checks are grounded in live-verified Docker 28/Podman 4.9
inspect shapes (CapDrop vs EffectiveCaps, missing StorageOpt, missing
network containers map).
Related: #104436 (v1 shipped in #104527)
* fix(fleet): harden streamed log redaction and root restore ownership
- redacting stream writer honors target backpressure, retains secret-prefix
overlap across forced long-line flushes, and never splits a token between
emitted chunks
- root-invoked restores repair ownership for explicit non-root user mappings
instead of leaving root-owned 0700 state trees
- fleet logs merges the shipped --follow streaming surface (#104669) with the
v1.1 token-redaction contract
* fix(fleet): stream partial log lines live and report phase-accurate restore recovery paths
- the redacting log writer emits safe text on every chunk (retaining only a
possible token prefix) so unterminated progress output streams immediately
- restore failure notes distinguish pre-swap, displaced, and swapped states so
operators recover the correct tree, and an unavailable runtime inspection is
reported as an unverified replacement instead of silence
* fix(fleet): reject backslash archive paths, guard stderr pipes, and validate disk-limit labels in doctor
- restore/backup path rules reject literal backslashes so a tampered entry
cannot validate as one path and extract as another on POSIX
- fleet logs handles broken pipes on stderr as well as stdout
- fleet doctor fails malformed disk-limit labels that would break
upgrade/restore replay instead of reporting them as passing
* feat(ui): replace Overview page with Connection settings and sidebar attention chips
* feat(ui): open new-session drafts on the chat start screen hero
* refactor(ui): drop old overview-hints paths after rename
* chore(i18n): sync control-ui locale bundles for connection/palette/attention keys
* test(ui): expect attention slot above the sidebar update card
* chore(i18n): re-sync locale bundles after rebase onto main
* test(ui): stub sidebar-attention RPCs in app-sidebar unit tests
* test(ui): use a non-secret-shaped token fixture in connection view test
* refactor(ui): destructure gateway connection in connection settings draft
* refactor(ui): keep connection settings code out of secret-scanner shapes
* test(ui): expect Connection in the settings Connections group
* improve(ui): idle-refresh sidebar attention chips for always-visible windows
* chore(i18n): refresh raw-copy baseline after rebase
* docs(ui): note the unknown-route chat fallback covers retired paths
* feat(ui): redesign composer run-status indicator as chrome-free status text
* feat(ui): replace run-status text with transcript working spark
* fix(ui): keep working spark through reloads, dodge running tool rows, show mobile interrupted toast
* fix(ui): satisfy lint on tool-stream marker access
The latest stable package exposes both names via the deprecated
openclaw/plugin-sdk/infra-runtime subpath. Compat now lives in the barrel
itself with the old substring semantics and a removal plan; core runtime no
longer uses them. Also converts the chat mapping switch to an if-chain for
switch-exhaustiveness lint.
FailoverReason timeout is the retryable-transient bucket and deliberately
swallows generic 5xx, so it cannot drive the user-facing timeout badge.
Rate-limit/overload/context mapping stays on the canonical reason; the
timeout badge now requires isTimeoutError. HTTP 500 badges stay unknown.
Deletes the naive substring detectErrorKind from infra/errors; the chat error
badge now maps resolveFailoverReasonFromError into the protocol errorKind set,
with refusal kept as a chat-local stop-reason check. Fixes drift where a Groq
TPM 413 showed context_length instead of rate_limit and quota/CJK/socket
errors showed unknown.
Part of #104219 (seam 5, slice 1).