Commit Graph

1149 Commits

Author SHA1 Message Date
Peter Steinberger
7bf80dc2c6 chore(tooling): enforce formatting and refresh TypeScript checks (#104239)
* chore(tooling): enforce current formatter and refresh checks

* chore(tooling): keep release changelog formatter-owned

* chore(tooling): retain compatible Node type surface

* ci: enforce formatting for docs-only changes

* ci: isolate docs formatter check

* chore(tooling): apply updated lint and format rules

* chore(tooling): satisfy updated switch lint

* style(ui): apply Linux formatter layout

* test(doctor): match quiet local audio contribution

* test(doctor): assert quiet output only

* test(doctor): follow restored information contract
2026-07-11 01:09:51 -07:00
Peter Steinberger
8cd092620d test: fix changed-run routing, dedupe gateway package lanes, repair force-rerun triggers (#104287)
* test: fix changed-run routing, dedupe gateway package lanes, repair force-rerun triggers

- route extensions/active-memory changed runs to their dedicated lane; add a
  generic guard that every catch-all-excluded extension root resolves to a
  dedicated config so future split lanes cannot silently skip changed tests
- exclude packages/gateway-client and packages/gateway-protocol from the unit
  lane; explicit targets now route to the gateway-client lane (was double-run)
- generate forceRerunTriggers from the test/vitest directory and resolve all
  entries absolute: Vitest matches triggers against absolute changed-file
  paths, so the old hand-maintained relative list never matched at all
- replace deprecated envFile:false with envDir:false (Vitest 4.1.9 warning)
- give scripts/test-live.mjs stall detection teeth: kill the process group and
  exit non-zero when OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS elapses quietly
- consolidate the live-docker shell target list into changed-lanes.mjs so the
  lane regex and check targets cannot drift; cover subagent-announce edits
- delete orphans: vitest.extension-clickclack.config.ts,
  vitest.full-core-unit.config.ts, scripts/test-docker-all.sh,
  scripts/test-live-acp-spawn-defaults-docker.sh

Closes #104231

* test: keep envDir literal so sharedVitestConfig satisfies Vite UserConfig

Vite 8 types envDir as string | false; the bare object literal widened false to
boolean and broke check:test-types at the defineConfig call sites.
2026-07-11 00:58:14 -07:00
Peter Steinberger
f94a7dc183 feat(codex): supervise native Codex sessions (#104045)
* feat(codex): add native session supervision

* fix(codex): harden supervision integration

* fix(codex): preserve locked harness ownership

* fix(codex): fence native session archive

* fix(codex): revalidate archive binding ownership

* feat(codex): integrate supervision runtime

* feat(sessions): preserve harness-owned execution

* feat(sessions): persist harness ownership invariants

* feat(gateway): enforce harness-owned sessions

* feat(setup): enable detected Codex supervision

* feat(mac): expose supervised Codex sessions

* feat(ui): make Codex sessions actionable

* docs(codex): document session supervision

* test(codex): cover integration ownership

* chore(i18n): refresh supervision inventories

* fix(setup): finalize Codex activation atomically

* test(codex): narrow binding store update

* fix(sessions): preserve legacy model locks

* test(macos): serialize Codex catalog fixtures

* fix(sessions): preserve legacy lock admission

* chore(i18n): reconcile supervision metadata

* test(sessions): mark legacy lock fixture

* fix(macos): drain final Codex catalog frame

* docs: leave supervision note to release

* style(macos): satisfy Codex catalog type length

* chore: record session accessor seam owners

* fix(macos): honor configured Codex supervision

* fix(codex): preserve harness-owned model locks

* fix(codex): satisfy supervision lint gates

* chore(i18n): refresh native supervision inventory

* fix(codex): align supervision validation contracts

* fix(codex): close supervision boundary gaps

* fix(codex): preserve supervision activation contracts

* fix(codex): dispose standalone supervision runtime

* fix(codex): pin supervised source connection

* fix(plugins): bind delegated runs to exact session target

* fix(codex): scope supervised sessions to configured agents

* fix(codex): fingerprint effective supervision home

* fix(codex): normalize supervision plugin policy

* fix(codex): keep supervised bindings stable across upgrades

* fix(codex): guard all supervised binding connections

* fix(codex): preserve catalog filters and pending CAS identity

* fix(codex): preserve supervision identity for diagnostics

* fix(codex): bind uncertain commits to supervision connection

* fix(codex): satisfy supervision type boundaries

* fix(macos): reconcile current main validation

* fix(codex): handle absent runtime config in supervision

* fix(doctor): own local audio acceleration check

* fix(codex): satisfy integration lint gates

* fix(codex): satisfy lifecycle safety guards
2026-07-11 00:12:08 -07:00
Peter Steinberger
6e9e64bd30 fix: current-tree package checks support unreleased versions (#104186)
* fix(ci): package unreleased QA builds safely

* style(ci): format QA changelog intent
2026-07-10 22:31:42 -07:00
Vincent Koc
14a8cdc7c6 fix(release): keep Android notes aligned 2026-07-10 17:47:32 -07:00
Vincent Koc
d801384b3b feat(release): add atomic version preparation 2026-07-10 17:47:32 -07:00
Vincent Koc
f4b3a4841f fix(release): accept Kova collector-only phases (#104008) 2026-07-10 17:31:42 -07:00
Vincent Koc
54cc90b1b1 fix(release): publish ClawHub bootstrap artifacts immutably (#103809)
* fix(release): harden ClawHub bootstrap

* fix(release): centralize publication artifact verification

* fix(release): harden publication artifact verification

* fix(release): lock ClawHub bootstrap toolchain

* test(release): assert locked ClawHub binary

* fix(release): pack with trusted ClawHub harness

* fix(release): bound beta verifier artifact reads

* fix(release): bind target and tooling identities

* fix(release): stabilize signed package ordering

* fix(release): bind ClawHub pretag proof

* fix(release): bind ClawHub OIDC readback

* fix(release): bind ClawHub OIDC readback
2026-07-10 13:33:20 -07:00
Peter Steinberger
fece8c9f54 fix(release): keep validation evidence immutable across reruns (#103906)
* fix(release): bind validation evidence to exact attempts

* test(release): cover exact validation attempts
2026-07-10 20:16:19 +01:00
Peter Steinberger
b91e117dcd fix(ci): select full Kova performance reports (#103863) 2026-07-10 19:01:30 +01:00
Vincent Koc
daa653c5cc ci(release): add plugin npm artifact preflight (#103759)
* ci(release): add plugin npm preflight proof

* fix(release): bind plugin preflight package evidence

* fix(release): harden plugin preflight trust

* fix(release): bind plugin registry readback

* fix(release): retry npm packument bodies

* fix(release): retry malformed npm packuments

* fix(release): satisfy npm preflight lint
2026-07-10 09:39:10 -07:00
Peter Steinberger
366d09bcc7 fix(ci): harden release performance evidence (#103790) 2026-07-10 16:59:10 +01:00
Peter Steinberger
5635d74ecc fix(release): contain installer artifact restores (#103608) 2026-07-10 08:27:24 -07:00
Vincent Koc
cbe3731f77 fix(release): make validation proof no-write (#103737)
* fix(release): make validation proof no-write

* test(release): align no-write workflow contracts
2026-07-10 08:18:44 -07:00
Vincent Koc
0426f238c3 fix(providers): align Meta Model API contract (#103680)
* fix(providers): align Meta Model API contract

* fix(security): classify Meta endpoint as native
2026-07-10 05:24:14 -07:00
Peter Steinberger
a238dead67 fix(docker): package selected external plugins in source-built images (#103629)
* build(docker): package selected external plugins

* test(docker): auto-clean plugin fixture

* fix(docker): preserve selected image provenance

* fix(docker): accept manifest-only plugin selections

* fix(docker): resolve selected plugin manifest ids

* fix(docker): isolate resolved plugin selection
2026-07-10 13:00:50 +01:00
Peter Steinberger
401f278f11 feat: add Control UI plugin management (#103176)
* feat(ui): add plugin catalog management

* feat(gateway): add plugins.uninstall and richer plugin catalog metadata

Adds a plugins.uninstall gateway method (operator.admin, control-plane write)
backed by a lock-guarded uninstallManagedPlugin that mirrors the CLI flow:
config cleanup, install-record removal, managed file deletion, and registry
refresh. Bundled plugins stay disable-only. Catalog entries now carry a
manifest-derived category and a removable flag; ClawHub search results expose
download counts and verification tiers.

* feat(ui): redesign plugins page with inventory, store shelves, and cover art

Rebuilds /settings/plugins around three tabs: Installed (category-grouped
inventory with overview stats, state filters, uninstall for external plugins,
and inline MCP server management through the shared config seam), Discover
(featured/official shelves plus one-click MCP connectors and curated ClawHub
searches), and ClawHub (search with download counts and verification badges).
Every catalog entry renders bundled cover art or a deterministic gradient
monogram tile - no more empty boxes. Artwork generated with Codex CLI, shipped
as 512px WebP under ui/public/plugin-art.

* chore(ui): regenerate locale bundles for plugins manager strings

* docs: describe plugins manager tabs, uninstall, and MCP connectors

* fix(plugins): human catalog labels and un-pinned hosted fallback ids

listManagedPlugins now prefers manifest names over registry package-name
backfill, falls back to channel catalog labels and blurbs, and stops pinning
expectedPluginId when a hosted feed entry only exposes its package name
(which rejected every legitimate install of that package). Found via live
gateway testing against ClawHub.

* fix(ui): send minimal RFC 7396 merge patches for MCP server edits

config.patch merges rather than replaces, so key removal needs an explicit
null; sending the full config back made MCP server removal a no-op. Found
via live gateway testing.

* fix(ui): write explicit MCP transports for URL servers

The MCP runtime defaults URL-only servers to SSE, so streamable HTTP
endpoints saved by the add form or connector templates would fail at
connect time. Connector templates now declare their transport and the
add form infers streamable-http unless the URL follows the /sse
convention. Flagged by autoreview against the transport resolver.

* test(ui): wait for deferred plugin requests before resolving in e2e

* feat(ui): plugins detail view, action menus, and unified ClawHub search

Reworks the plugins page from PR #103176 feedback: merges the ClawHub tab into
Discover (typing searches ClawHub inline and appends a quiet From ClawHub
section, with Browse ClawHub demoted to a header text link), makes every row and
store card open a plugin detail overlay (hero art, primary enable/install
action, metadata table), and replaces enable/disable switches with a state chip
plus an overflow menu (Enable/Disable, Remove for external plugins, View
details) matching the ChatGPT-store install+menu pattern. MCP rows use the same
menu; refresh is now icon-only.

* chore(ui): regenerate locale bundles for plugins UI iteration

* feat(ui): vetted, grouped connector catalog for the plugins store

Expands Connect your world to 28 connectors organized into use-case shelves
(Work & productivity, Coding & infrastructure, Home & media, Everyday life).
Every entry passed a three-stage subagent review: official-docs verification
plus live endpoint probes for MCP servers, ClawHub result-quality and
malware/typosquat screening for curated searches, and an adversarial pass
that dynamically registered OAuth clients to prove one-click viability.

That review removed Figma (registration allowlisted, 403) and Atlassian
(OAuth issuer-mismatch bug upstream), downgraded GitHub to PAT-based setup
(no dynamic client registration upstream), fixed Linear (/sse retired) and
Home Assistant (/api/mcp, streamable HTTP) endpoints, retargeted poisoned or
dead searches (youtube, finance, hue dropped; calendar -> google calendar;
stocks replaces finance), and added Todoist, Airtable, Canva, Stripe,
Context7, DeepWiki, Hugging Face one-click MCP servers plus Jira, PDF,
transcription, Kubernetes, Reddit, maps, translation, and notes searches.
Keyless servers get a ready-to-use success message; new cover art included.

* chore(ui): regenerate locale bundles for connector groups

* fix(plugins): suppress hosted catalog rows once their package is installed

Hosted feed entries without a declared runtime id fall back to their package
name as catalog id, which never matches the installed runtime id, so the
Discover shelf kept offering an already-installed package. Installed package
names now also suppress official rows. Flagged by autoreview.

* fix(plugins): pin declared runtime ids and surface connector errors in place

The runtime-id pin now keys off explicitly declared catalog ids (plugin,
channel, or provider) instead of string-comparing against the package name,
so declared ids that equal their package name stay enforced while entry-id
fallbacks stay unpinned. Connector add failures on Discover now render on the
triggering card instead of the Installed tab's MCP section. Both flagged by
autoreview; regression tests included.

* feat(ui): full inventory artwork, pulse header, and two-column plugin list

Every bundled plugin now ships distinctive cover art (113 new Codex CLI
illustrations; 172 total, ~2.1MB WebP), so inventory rows and detail views
never fall back to monogram tiles. The four stat cards give way to a compact
inventory pulse: a segmented enabled/disabled/issues meter whose legend and
counts live inside the filter chips. Inventory, MCP, and search rows flow
into two columns when the panel is wide enough.

* chore(ui): regenerate locale bundles for pulse header

* fix(ui): omit stdio args from the MCP server row target

Stdio MCP args routinely carry tokens, and the inventory is visible to
read-only operators; mirror the config page and show only the command.
Flagged by autoreview; regression test included.

* fix(merge): point crestodian setup at relocated plugin commit/refresh modules

* fix(merge): add bootstrapToken to plugins page test gateway harness

* fix(plugins): name catalog install-action branches so Swift emits the union

* fix(ui): satisfy strict lint on plugins page form parsing and mocks

* chore(build): regen docs map, raise plugin-sdk declaration budget for new protocol surface

* fix(ui): type the plugins page patch mock with its real call signature
2026-07-10 11:56:44 +01:00
Peter Steinberger
7fe004d852 feat: show build identity in About screens (#103595)
* feat: show build identity in About screens

* chore: leave root changelog to release automation

* fix: translate Control UI About build details
2026-07-10 10:42:36 +01:00
Vincent Koc
8755077fe4 fix(release): bundle AI runtime in installer smoke (#103556)
* fix(release): bundle AI runtime in installer smoke

* fix(release): verify bundled AI runtime loadability

* fix(release): preserve advisory doctor exits

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 02:13:41 -07:00
Vincent Koc
27ceb13e21 fix(ci): select trusted release harness for Docker lanes (#103504) 2026-07-10 00:13:06 -07:00
Peter Steinberger
54009c15bb improve(qa): verify native Slack chart delivery (#103337)
* test(qa): prove Slack native chart delivery

* test(qa): exercise Slack chart verifier through scenario

* fix(build): bound private QA SDK declarations separately

* fix(qa): normalize Slack chart history whitespace
2026-07-10 06:58:33 +01:00
Oliver Mee
ae11ea5ba9 feat(qwen): add Token Plan (Team Edition) provider (#94419)
* feat(qwen): add Token Plan provider

Co-authored-by: Oliver Mee <102673257+Omee11@users.noreply.github.com>

* docs: regenerate documentation map

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Oliver Mee <102673257+Omee11@users.noreply.github.com>
2026-07-09 22:07:01 +01:00
Peter Steinberger
71f7fef7a2 fix(ci): isolate OpenWebUI release smoke (#103095)
* fix(ci): isolate OpenWebUI release smoke

* docs: format release validation table
2026-07-09 21:38:33 +01:00
Vincent Koc
ee9d9ea6db fix(ci): verify live provider traffic in performance runs (#103073)
* fix(diagnostics): emit provider request timeline events

* fix(ci): verify Kova live provider evidence
2026-07-09 12:39:41 -07:00
Peter Steinberger
d64b9a30cb fix(ci): remove duplicate Kova gate helper (#103082) 2026-07-09 20:28:35 +01:00
Vincent Koc
266ca5b3a2 fix(providers): publish Meta provider (#103070) 2026-07-09 12:11:56 -07:00
Peter Steinberger
11fa0cf2d5 fix(ci): honor Kova performance report contracts (#103030) 2026-07-09 20:08:25 +01:00
Vincent Koc
a9578436de fix(ci): accept valid Kova PASS records without violations (#103002) 2026-07-09 11:05:32 -07:00
Vincent Koc
d18e48c928 fix(ci): ignore profiling-only resource gate failures (#102894) 2026-07-09 09:22:11 -07:00
Vincent Koc
3bbc2732c0 refactor(deadcode): localize script helper types (#101917) 2026-07-07 16:59:51 -07:00
Vincent Koc
ba7af36306 refactor(deadcode): localize script constants (#101892) 2026-07-07 15:17:41 -07:00
Vincent Koc
d563101a82 refactor(deadcode): localize test and tooling helpers (#101875) 2026-07-07 13:45:26 -07:00
Josh Lehman
a68caa185b refactor(sessions): move parent-session forking behind the accessor boundary (#101699)
* refactor(sessions): move parent-session forking behind the accessor boundary

* fix(sessions): lazy-load fork transcript runtime to keep accessor imports lean

* test(sessions): align parent fork mock shape
2026-07-07 10:47:02 -07:00
Josh Lehman
453f5968bb refactor(gateway): route chat transcript injection through the session accessor (#101688)
* refactor(gateway): route chat transcript injection through the session accessor

* fix(gateway): avoid map-spread in source reply mirror rewrite results

* perf(sessions): find injected transcript duplicates with a reverse early-exit scan
2026-07-07 09:10:30 -07:00
Peter Steinberger
ed28c57e20 fix(codex): validate maintained app-server types (#101726)
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-07-07 15:48:08 +01:00
Peter Steinberger
a78538dc2a perf(test): reuse extension test inventory 2026-07-06 23:23:09 -04:00
Josh Lehman
cb0d8a1294 refactor(sessions): move inbound meta, goals, and delivery reads behind the session accessor (#101180) 2026-07-06 18:07:26 -07:00
Josh Lehman
4e2a80cac3 refactor(sessions): route new session store bypasses through the accessor (#101179) 2026-07-06 18:05:18 -07:00
Vincent Koc
2c11f11303 feat(provider): add Featherless AI integration 2026-07-06 16:17:44 -07:00
Josh Lehman
c7295e417d chore(scripts): add debt ratchet to the session-accessor boundary guard (#101178)
* chore(scripts): add debt ratchet baseline to session-accessor boundary gate

* fix(scripts): fail session-accessor debt gate until baseline ratchets down
2026-07-06 13:55:16 -07:00
Dallin Romney
66b4dcf184 chore(docker): execute Compose and package artifact proofs (#101045)
* test(docker): prove Compose and package artifacts

* test(docker): use bounded container cleanup

* test(docker): bound package proof launch

* test(qa): keep Docker artifact proofs release-only

* test(docker): simplify artifact proof names

* test(docker): satisfy identity writer lint
2026-07-06 13:05:34 -07:00
Vincent Koc
bf8626c0e9 feat(providers): add LongCat API support (#100501)
* fix(ai): honor provider reasoning compatibility

* feat(longcat): add hosted provider plugin

* chore(longcat): register package metadata

* docs(longcat): add provider setup guide

* docs(longcat): document self-hosted model routing

* refactor(longcat): externalize provider plugin

* chore(longcat): add npm release artifacts
2026-07-06 10:07:08 -07:00
Dallin Romney
b29d472e41 refactor(qa): add canonical live channel adapters (#99707) 2026-07-06 09:24:34 -07:00
Vincent Koc
c9abc75884 refactor: remove dead code and consolidate repeated paths (#100650)
* refactor(search): reuse provider setup finalizer

* refactor(android): remove unused helpers

* refactor(apps): remove unused Swift declarations

* refactor(diagnostics): reuse private reply delivery

* refactor(memory): reuse raw short-term store writer

* refactor(logbook): reuse batch row mapping

* refactor(scripts): centralize oxlint format policy

* refactor(memory): share qmd cache context hashing

* refactor(doctor): share auth issue classification

* chore(i18n): refresh native source inventory
2026-07-06 02:24:37 -07:00
Sulaga
2b51c255f8 feat(tencent): add Tencent Hy3 provider (TokenHub and TokenPlan) (#99076)
Summary:
- Merged feat(tencent): add Tencent Hy3 provider (TokenHub and TokenPlan) after ClawSweeper review.

Automerge notes:
- Ran the ClawSweeper repair loop before final review.
- Included post-review commit in the final squash: fix(tencent): preserve TokenHub auth compatibility
- Included post-review commit in the final squash: refactor(tencent): unify TokenPlan env/flag naming with TokenHub
- Included post-review commit in the final squash: docs: refresh Tencent provider docs metadata
- Included post-review commit in the final squash: fix: allow TokenPlan provider config overlays
- Included post-review commit in the final squash: docs: dedupe Tencent provider glossary labels
- Included post-review commit in the final squash: fix(tencent): repair TokenHub model defaults

Validation:
- ClawSweeper review passed for head 30c9fc130f.
- Required merge gates passed before the squash merge.

Prepared head SHA: 30c9fc130f
Review: https://github.com/openclaw/openclaw/pull/99076#issuecomment-4888527271

Co-authored-by: leisang <leisang@tencent.com>
Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
2026-07-06 04:29:48 +00:00
Peter Steinberger
95f12178a7 perf(ci): shorten stalled gateway retry 2026-07-05 20:40:16 -04:00
Peter Steinberger
f20159e240 perf(ci): accelerate gateway startup tests 2026-07-05 19:31:28 -04:00
Kevin Lin
9d2d517296 feat: publish plugins with extended-stable releases (#100448)
* feat(release): publish plugins on extended-stable

* feat(plugins): align extended-stable with core

* docs: explain extended-stable plugin alignment

* fix(release): make plugin convergence recoverable

* fix(plugins): preserve extended-stable fallback intent

* fix(release): keep plugin tag mutation credential-isolated
2026-07-05 16:16:26 -07:00
Peter Steinberger
f141408e77 fix(test): bound local full-suite RAM (#100437) 2026-07-05 12:16:41 -07:00
Peter Steinberger
1f484a8dbd test: speed up and stabilize full suite 2026-07-05 08:00:23 -04:00