Fixes#76815.
- Teach the Swift macOS identity store to load TypeScript PEM identity files without regenerating device IDs.
- Teach the TypeScript identity store to migrate legacy Swift raw-key identities to PEM after validating key material.
- Preserve recognized invalid identity files instead of clobbering them, preventing repeated pairing churn while retaining diagnostic evidence.
- Align the macOS wizard CLI with the generated protocol model.
Reported by @aboundTechOlogy.
Thanks @BunsDev.
Guard macOS config writes so stale or destructive fallback payloads cannot silently remove gateway.mode, metadata, or auth and trigger gateway restore churn.
Verification:
- swift test --package-path apps/macos --filter OpenClawConfigFileTests
- swift test --package-path apps/macos --filter AppStateRemoteConfigTests
- swift test --package-path apps/macos --filter ConfigStoreTests
- pnpm lint:swift
- git diff --check origin/main..HEAD
- Blacksmith Testbox pnpm check:changed: blocked by missing swiftlint in the Linux Testbox image after reaching apps lane
Summary:
- Add explicit sessions cleanup --fix-dm-scope handling for stale direct-DM rows after session.dmScope returns to main.
- Preserve removed-row transcripts as deleted archives and expose the option through CLI, Gateway RPC, protocol schema, generated Swift mirrors, docs, tests, and changelog.
- Fixes#47561 and #45554.
Verification:
- pnpm exec oxfmt --check --threads=1 CHANGELOG.md docs/cli/sessions.md docs/concepts/session.md src/config/sessions/cleanup-service.ts src/commands/sessions-cleanup.ts src/cli/program/register.status-health-sessions.ts src/gateway/protocol/schema/sessions.ts src/gateway/server-methods/sessions.ts src/config/sessions/store.pruning.integration.test.ts src/commands/sessions-cleanup.test.ts src/cli/program/register.status-health-sessions.test.ts
- git diff --check origin/main...HEAD
- pnpm protocol:check
- pnpm exec oxlint src/config/sessions/cleanup-service.ts src/commands/sessions-cleanup.ts src/cli/program/register.status-health-sessions.ts src/gateway/protocol/schema/sessions.ts src/gateway/server-methods/sessions.ts src/config/sessions/store.pruning.integration.test.ts src/commands/sessions-cleanup.test.ts src/cli/program/register.status-health-sessions.test.ts
- pnpm test src/config/sessions/store.pruning.integration.test.ts src/commands/sessions-cleanup.test.ts src/cli/program/register.status-health-sessions.test.ts src/gateway/server.sessions.store-rpc.test.ts
- pnpm changed:lanes --json
Security:
- No new network, credential, process execution, dependency, or permission surface. Cleanup is explicit operator-invoked local session-store repair.
CI note:
- Exact-head CI failures match current main at 2e78fc57af in unrelated extensions/codex and extensions/microsoft-foundry type checks, outside this PR diff. No required checks are reported for this branch.
Fixes#76957.
Restores the Control UI /new hook lifecycle through an explicit sessions.create emitCommandHooks opt-in, preserving hook-free defaults for programmatic parent-session creates.
Validation:
- pnpm protocol:check
- pnpm test src/gateway/server.sessions.reset-hooks.test.ts ui/src/ui/app-render.helpers.node.test.ts
- pnpm exec oxlint on touched TS files
- pnpm exec oxfmt --check --threads=1 on touched files
- git diff --check
- OPENCLAW_LOCAL_CHECK=1 OPENCLAW_LOCAL_CHECK_MODE=throttled env NODE_OPTIONS=--max-old-space-size=4096 pnpm check:changed
- GitHub PR checks green on 3a446ec78e
- ClawSweeper re-review completed with no blocking findings and security cleared
Duplicate triage:
- #77376, #77004, and #76967 were superseded closed attempts for #76957
- #77562 is a closed duplicate issue
- #77880 mentions #76957 but is not a duplicate of this hook fix
Summary:
- This PR adds optional `agentId` filtering to `cron.list`, auto-fills it for agent tool calls, exposes `openclaw cron list --agent`, updates generated protocol clients, docs, changelog, tests, and prompt fixtures.
- Reproducibility: yes. The motivating behavior is source-reproducible on current main because cron tool, CLI, ... e list paths do not accept or apply `agentId`; the PR diff adds that path with focused regression coverage.
Automerge notes:
- Ran the ClawSweeper repair loop before final review.
- Included post-review commit in the final squash: chore: regenerate protocol schema after adding agentId to CronListParams
- Included post-review commit in the final squash: feat(cron): add agentId filtering to cron list
Validation:
- ClawSweeper review passed for head 35b692bc97.
- Required merge gates passed before the squash merge.
Prepared head SHA: 35b692bc97
Review: https://github.com/openclaw/openclaw/pull/77602#issuecomment-4375631700
Co-authored-by: zhanggttry <zhanggttry@163.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Summary:
- The PR carries manual `cron.run` acknowledgement IDs into finished cron events and `cron.runs` history, upda ... surfaces, adds regression coverage, refreshes the SDK baseline hash, and records the fix in the changelog.
- Reproducibility: yes. Current main can be reproduced by source inspection: `cron.run` returns a `manual:...` ... r path omits it; the PR adds targeted assertions for the missing correlation and the task-ledger invariant.
ClawSweeper fixups:
- Included follow-up commit: chore(protocol): update generated cron models
- Included follow-up commit: chore(cron): document manual run id protocol surface
- Included follow-up commit: Preserve cron task ledger run IDs
Validation:
- ClawSweeper review passed for head 04ce879858.
- Required merge gates passed before the squash merge.
Prepared head SHA: 04ce879858
Review: https://github.com/openclaw/openclaw/pull/76288#issuecomment-4364868383
Co-authored-by: Paul Frederiksen <paul@paulfrederiksen.com>
Fixes#59545.
Suppress the macOS General/Tailscale initial hydration apply path from rewriting openclaw.json when settings are unchanged, and add regression coverage for gateway/auth/meta/wizard preservation.
Verified on the retry head 8a30aa831c:
- GitHub CI completed successfully, including macos-node, macos-swift, check-docs, security, Workflow Sanity, and OpenGrep.
- Review threads were empty before merge.
- Duplicate sweep kept #59545 as the canonical standalone issue; no duplicate closures were appropriate.
Fixes#63195.
Closes#68162.
Closes#73546.
- Keep Control UI chat sends bound to the history-backed session id across reconnects.
- Accept chat.send sessionId at the gateway/protocol boundary and update generated Swift models.
- Resume the last selected TUI session for the same gateway/agent/scope when still present.
Validated by exact-SHA CI on PR #75948.
Preserve existing gateway.auth and unrelated config keys during macOS app fallback writes, while requiring explicit opt-in for auth mutation paths.\n\nValidation:\n- swift test --package-path apps/macos --filter OpenClawIPCTests.OpenClawConfigFileTests\n- swift test --package-path apps/macos --filter OpenClawIPCTests.ConfigStoreTests\n- node scripts/check-changed.mjs CHANGELOG.md apps/macos/Sources/OpenClaw/ConfigStore.swift apps/macos/Sources/OpenClaw/OpenClawConfigFile.swift apps/macos/Sources/OpenClaw/TailscaleIntegrationSection.swift apps/macos/Tests/OpenClawIPCTests/OpenClawConfigFileTests.swift\n\nCloses #75631.
Adds the SDK-facing tools.invoke Gateway RPC for #74705.
Reuses the /tools/invoke policy path for tool policy, deny-list, owner filtering, before-tool-call hooks, session/agent scoping, and plugin approval handling. Returns typed SDK approval/refusal/success results while preserving HTTP compatibility and uses idempotencyKey as the stable tool-call id.
Includes protocol schema exports, method scope/list registration, SDK helper/types, docs, generated Swift models, tests, and changelog credit.
