Commit Graph

5892 Commits

Author SHA1 Message Date
Peter Steinberger
1bcc4c5e70 feat(gateway): add cooperative host suspension (#103618)
* feat(gateway): add cooperative suspension preparation

* style: satisfy suspension lint checks

* test(gateway): reset work admission between shared suites

* fix(gateway): reject upgrades during suspension

* fix(gateway): preserve admitted work during suspension

* test(gateway): isolate suspension and restart state

* fix(gateway): close suspension false-ready gaps

* refactor(protocol): slim suspension declaration graph

* refactor(plugin-sdk): sever protocol registry edges

* fix(gateway): preserve admitted restart follow-ups

* fix(gateway): make suspension recovery fail closed

* fix(protocol): keep validation formatter re-export only

* test(gateway): simplify deferred fixture type

* style(gateway): clarify suspension entry name

* fix(gateway): retain detached work admission
2026-07-10 20:24:53 +01:00
Peter Steinberger
fece8c9f54 fix(release): keep validation evidence immutable across reruns (#103906)
* fix(release): bind validation evidence to exact attempts

* test(release): cover exact validation attempts
2026-07-10 20:16:19 +01:00
Peter Steinberger
e1934d968e fix(nodes): stop advertising a disabled browser proxy (#103894)
* fix(nodes): hide disabled browser proxy capability

* chore: defer node fix changelog to release

* chore: ratchet plugin SDK surface budget
2026-07-10 20:06:53 +01:00
Vincent Koc
69f8198ba3 fix(release): keep no-push Docker images validation-only (#103891)
* fix(release): make no-push Docker artifacts portable

* fix(release): keep no-push images validation-only
2026-07-10 12:02:57 -07:00
Vincent Koc
2a1d6e49d5 fix(ci): run Telegram release QA from trusted harness (#103207)
* fix(ci): use trusted Telegram QA harness

* fix(ci): restrict trusted Telegram QA candidate

* fix(ci): isolate trusted Telegram QA candidate

* fix(ci): harden Telegram QA process boundary

* fix(ci): pass Telegram QA release gates

* test(qa): stub Telegram env explicitly

* fix(ci): harden Telegram release QA boundary

* test(ci): harden trusted workflow and memory guards
2026-07-10 11:32:24 -07:00
Peter Steinberger
b91e117dcd fix(ci): select full Kova performance reports (#103863) 2026-07-10 19:01:30 +01:00
Peter Steinberger
b597a8d364 fix(release): restore prerelease and release validation startup (#103834)
* fix(release): split image publication from validation

* fix(ci): honor install smoke caller input

* fix(ci): harden Docker rerun targeting
2026-07-10 18:46:08 +01:00
Peter Steinberger
050177c784 fix(clawdock): scope confirmation response (#103837) 2026-07-10 18:06:06 +01:00
Peter Steinberger
c08599c17b fix(clawdock): preserve sourced zsh PATH (#103805)
Co-authored-by: wenhua <lshgdut@qq.com>
2026-07-10 17:46:08 +01:00
Vincent Koc
daa653c5cc ci(release): add plugin npm artifact preflight (#103759)
* ci(release): add plugin npm preflight proof

* fix(release): bind plugin preflight package evidence

* fix(release): harden plugin preflight trust

* fix(release): bind plugin registry readback

* fix(release): retry npm packument bodies

* fix(release): retry malformed npm packuments

* fix(release): satisfy npm preflight lint
2026-07-10 09:39:10 -07:00
Peter Steinberger
e43f225c81 fix(release): prevent stale beta validation evidence (#103798)
* fix(release): ignore nested squash revert markers

* fix(release): preserve squash revert targets

* docs(release): state installer doctor contract

* fix(release): recognize conventional squash reverts
2026-07-10 17:26:56 +01:00
Vincent Koc
155e196e22 fix(release): preserve beta validation evidence (#103796)
* fix(release): proxy upgrade fixtures to npm

(cherry picked from commit 30f54a5fe1)

* fix(release): require installer doctor evidence

(cherry picked from commit 0782a94452)

* test(qa): scope aborted restart outcome to Codex

(cherry picked from commit ac54f80430)

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 09:05:14 -07:00
Peter Steinberger
366d09bcc7 fix(ci): harden release performance evidence (#103790) 2026-07-10 16:59:10 +01:00
Peter Steinberger
d628e35574 fix(apple): prevent stale thinking after model switches and reconnects (#103767)
* fix(apple): prevent stale model thinking state

* test(apple): complete attachment transport fixture

* fix(apple): scope model patch ordering by route identity

* chore(apple): sync native CI metadata
2026-07-10 16:48:11 +01:00
Peter Steinberger
5635d74ecc fix(release): contain installer artifact restores (#103608) 2026-07-10 08:27:24 -07:00
Vincent Koc
cbe3731f77 fix(release): make validation proof no-write (#103737)
* fix(release): make validation proof no-write

* test(release): align no-write workflow contracts
2026-07-10 08:18:44 -07:00
JC
59e95fe3fd feat: support GPT-5.6 Ultra across OpenClaw and Codex runtimes (#98021)
* feat: support GPT-5.6 Ultra across agent runtimes

Co-authored-by: J Cai <anyech@gmail.com>

* fix: keep harness projections discovery-free

* fix(codex): mirror V2 native subagent tasks

* chore: refresh plugin SDK surface budgets

* test: expose Ultra wire effort proof

* test(cron): avoid hoisted mock initialization race

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 15:23:24 +01:00
Peter Steinberger
ea6aa1dc75 fix(pr): prevent same-PR operations from overlapping (#103669)
* fix(pr): serialize operations per pull request

* fix(pr): tighten supervisor error handling
2026-07-10 13:34:03 +01:00
Peter Steinberger
505f8ae6a3 fix(control-ui): harden workspace avatar projection (#103657)
* fix(control-ui): harden workspace avatar projection

Co-authored-by: LZY3538 <liu.zhenye@xydigit.com>

* refactor(gateway): remove dead avatar URL mapper

* test(control-ui): track avatar temp directories

---------

Co-authored-by: LZY3538 <liu.zhenye@xydigit.com>
2026-07-10 13:31:22 +01:00
Vincent Koc
0426f238c3 fix(providers): align Meta Model API contract (#103680)
* fix(providers): align Meta Model API contract

* fix(security): classify Meta endpoint as native
2026-07-10 05:24:14 -07:00
Peter Steinberger
a238dead67 fix(docker): package selected external plugins in source-built images (#103629)
* build(docker): package selected external plugins

* test(docker): auto-clean plugin fixture

* fix(docker): preserve selected image provenance

* fix(docker): accept manifest-only plugin selections

* fix(docker): resolve selected plugin manifest ids

* fix(docker): isolate resolved plugin selection
2026-07-10 13:00:50 +01:00
Peter Steinberger
13819996ad fix(ci): preflight generated PR app permissions (#103671) 2026-07-10 12:57:30 +01:00
Peter Steinberger
401f278f11 feat: add Control UI plugin management (#103176)
* feat(ui): add plugin catalog management

* feat(gateway): add plugins.uninstall and richer plugin catalog metadata

Adds a plugins.uninstall gateway method (operator.admin, control-plane write)
backed by a lock-guarded uninstallManagedPlugin that mirrors the CLI flow:
config cleanup, install-record removal, managed file deletion, and registry
refresh. Bundled plugins stay disable-only. Catalog entries now carry a
manifest-derived category and a removable flag; ClawHub search results expose
download counts and verification tiers.

* feat(ui): redesign plugins page with inventory, store shelves, and cover art

Rebuilds /settings/plugins around three tabs: Installed (category-grouped
inventory with overview stats, state filters, uninstall for external plugins,
and inline MCP server management through the shared config seam), Discover
(featured/official shelves plus one-click MCP connectors and curated ClawHub
searches), and ClawHub (search with download counts and verification badges).
Every catalog entry renders bundled cover art or a deterministic gradient
monogram tile - no more empty boxes. Artwork generated with Codex CLI, shipped
as 512px WebP under ui/public/plugin-art.

* chore(ui): regenerate locale bundles for plugins manager strings

* docs: describe plugins manager tabs, uninstall, and MCP connectors

* fix(plugins): human catalog labels and un-pinned hosted fallback ids

listManagedPlugins now prefers manifest names over registry package-name
backfill, falls back to channel catalog labels and blurbs, and stops pinning
expectedPluginId when a hosted feed entry only exposes its package name
(which rejected every legitimate install of that package). Found via live
gateway testing against ClawHub.

* fix(ui): send minimal RFC 7396 merge patches for MCP server edits

config.patch merges rather than replaces, so key removal needs an explicit
null; sending the full config back made MCP server removal a no-op. Found
via live gateway testing.

* fix(ui): write explicit MCP transports for URL servers

The MCP runtime defaults URL-only servers to SSE, so streamable HTTP
endpoints saved by the add form or connector templates would fail at
connect time. Connector templates now declare their transport and the
add form infers streamable-http unless the URL follows the /sse
convention. Flagged by autoreview against the transport resolver.

* test(ui): wait for deferred plugin requests before resolving in e2e

* feat(ui): plugins detail view, action menus, and unified ClawHub search

Reworks the plugins page from PR #103176 feedback: merges the ClawHub tab into
Discover (typing searches ClawHub inline and appends a quiet From ClawHub
section, with Browse ClawHub demoted to a header text link), makes every row and
store card open a plugin detail overlay (hero art, primary enable/install
action, metadata table), and replaces enable/disable switches with a state chip
plus an overflow menu (Enable/Disable, Remove for external plugins, View
details) matching the ChatGPT-store install+menu pattern. MCP rows use the same
menu; refresh is now icon-only.

* chore(ui): regenerate locale bundles for plugins UI iteration

* feat(ui): vetted, grouped connector catalog for the plugins store

Expands Connect your world to 28 connectors organized into use-case shelves
(Work & productivity, Coding & infrastructure, Home & media, Everyday life).
Every entry passed a three-stage subagent review: official-docs verification
plus live endpoint probes for MCP servers, ClawHub result-quality and
malware/typosquat screening for curated searches, and an adversarial pass
that dynamically registered OAuth clients to prove one-click viability.

That review removed Figma (registration allowlisted, 403) and Atlassian
(OAuth issuer-mismatch bug upstream), downgraded GitHub to PAT-based setup
(no dynamic client registration upstream), fixed Linear (/sse retired) and
Home Assistant (/api/mcp, streamable HTTP) endpoints, retargeted poisoned or
dead searches (youtube, finance, hue dropped; calendar -> google calendar;
stocks replaces finance), and added Todoist, Airtable, Canva, Stripe,
Context7, DeepWiki, Hugging Face one-click MCP servers plus Jira, PDF,
transcription, Kubernetes, Reddit, maps, translation, and notes searches.
Keyless servers get a ready-to-use success message; new cover art included.

* chore(ui): regenerate locale bundles for connector groups

* fix(plugins): suppress hosted catalog rows once their package is installed

Hosted feed entries without a declared runtime id fall back to their package
name as catalog id, which never matches the installed runtime id, so the
Discover shelf kept offering an already-installed package. Installed package
names now also suppress official rows. Flagged by autoreview.

* fix(plugins): pin declared runtime ids and surface connector errors in place

The runtime-id pin now keys off explicitly declared catalog ids (plugin,
channel, or provider) instead of string-comparing against the package name,
so declared ids that equal their package name stay enforced while entry-id
fallbacks stay unpinned. Connector add failures on Discover now render on the
triggering card instead of the Installed tab's MCP section. Both flagged by
autoreview; regression tests included.

* feat(ui): full inventory artwork, pulse header, and two-column plugin list

Every bundled plugin now ships distinctive cover art (113 new Codex CLI
illustrations; 172 total, ~2.1MB WebP), so inventory rows and detail views
never fall back to monogram tiles. The four stat cards give way to a compact
inventory pulse: a segmented enabled/disabled/issues meter whose legend and
counts live inside the filter chips. Inventory, MCP, and search rows flow
into two columns when the panel is wide enough.

* chore(ui): regenerate locale bundles for pulse header

* fix(ui): omit stdio args from the MCP server row target

Stdio MCP args routinely carry tokens, and the inventory is visible to
read-only operators; mirror the config page and show only the command.
Flagged by autoreview; regression test included.

* fix(merge): point crestodian setup at relocated plugin commit/refresh modules

* fix(merge): add bootstrapToken to plugins page test gateway harness

* fix(plugins): name catalog install-action branches so Swift emits the union

* fix(ui): satisfy strict lint on plugins page form parsing and mocks

* chore(build): regen docs map, raise plugin-sdk declaration budget for new protocol surface

* fix(ui): type the plugins page patch mock with its real call signature
2026-07-10 11:56:44 +01:00
Peter Steinberger
62bd760c0e chore(swift): enforce current formatting and lint rules (#103313)
* style: apply SwiftFormat 0.62.1 rules

Refs #103202

* ci: enforce deterministic Swift lint

Refs #103202

* refactor: keep gateway connect lint-clean

Refs #103202

* style: keep iOS typography checks warning-free

* ci: route MLX Swift changes through pre-push

* fix: preserve native i18n extraction after Swift cleanup

* refactor: keep rebased Swift surfaces lint-clean

* style: format latest Swift additions

* chore: refresh native i18n inventory

* style: keep generated Swift formatter-clean

* fix: preserve node route invalidation callbacks

* fix: keep native translation IDs stable

* fix: retain native translation identifiers

* fix: preserve translations across Swift source moves
2026-07-10 11:54:08 +01:00
Peter Steinberger
bcf2798920 fix(ci): publish locale refreshes through exact merge (#103625) 2026-07-10 11:25:25 +01:00
LZY3538
4af1d53766 fix(agent): return data URIs for workspace-relative identity card avatars (#97602) (#102892)
* fix(agent): return data URIs for workspace-relative identity card avatars (#97602)

agent.identity.get resolved workspace-relative agent avatars via
resolveAssistantAvatarUrl to /avatar/<agentId> route URLs. <img> tags
in the Control UI Personal card cannot load these URLs because they
lack Bearer auth headers, showing broken images (401).

Read the validated local avatar file into a data URI inline before
constructing the identity response. The file-reading helper lives in
agent.ts as a private (non-exported) function so it does not leak onto
the public Plugin SDK surface. The workspace root is canonicalised with
realpathSync to match the already-resolved filePath from
resolveAgentAvatar, fixing containment checks for symlinked workspaces.

Fixes #97602

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(gateway): inline workspace avatars in bootstrap config Personal card (#97602)

agent.identity.get already returns inline data URIs for workspace-local
avatars, but the Control UI Personal card is initialized from the bootstrap
config (control-ui-config.json), which still mapped workspace avatars to the
auth-gated /avatar/<agentId> route. An <img> cannot carry Bearer auth, so the
linked Personal card 401/broken-image symptom persisted despite the RPC fix.

Consolidate the workspace-safe avatar reader into a single gateway-internal
helper (readLocalAvatarDataUrl in session-utils) and use it in both
agent.identity.get and the bootstrap config handler, so the identity and
bootstrap projections produce identical data URIs. Not re-exported on the
Plugin SDK surface. Adds a bootstrap-config regression test.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(control-ui): inline workspace assistant avatars

Project workspace-local assistant avatars into browser-safe data URLs across bootstrap and agent identity RPCs while preserving same-origin avatar routes and shared size limits.

Co-authored-by: LZY3538 <LZY3538@users.noreply.github.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: LZY3538 <LZY3538@users.noreply.github.com>
2026-07-10 11:03:08 +01:00
Peter Steinberger
7fe004d852 feat: show build identity in About screens (#103595)
* feat: show build identity in About screens

* chore: leave root changelog to release automation

* fix: translate Control UI About build details
2026-07-10 10:42:36 +01:00
Peter Steinberger
ab5d143d59 feat(openai): default new setups to GPT-5.6 (#103581)
* feat(openai): default fresh setup to GPT-5.6

* test(crestodian): expect GPT-5.6 Codex defaults

* test(crestodian): expect GPT-5.6 bootstrap default
2026-07-10 10:22:58 +01:00
Vincent Koc
8755077fe4 fix(release): bundle AI runtime in installer smoke (#103556)
* fix(release): bundle AI runtime in installer smoke

* fix(release): verify bundled AI runtime loadability

* fix(release): preserve advisory doctor exits

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 02:13:41 -07:00
Peter Steinberger
eefe2e8837 fix(release): let alpha tags publish from their exact changelog heading
Shipped alpha tags carry a dedicated ## X-alpha.N heading with no base
section (see v2026.6.20-alpha.1's tagged CHANGELOG.md); the renderer and
candidate provenance now prefer that dedicated heading for alpha and
correction tags while beta/stable remain pinned to the stable base
section per #103222.
2026-07-10 02:06:53 -07:00
Peter Steinberger
c2b4ac02da fix(release): align correction sections, retries, and merged ledger semantics
Codex review + test findings on the pipeline convergence:
- candidate changelog provenance now validates the same section the
  renderer publishes (correction tags may carry their own heading) via a
  shared correctionVersionForTag helper
- guard_existing_public_release accepts a canonical proofless body with
  intact dependency evidence, matching the renderer's documented
  proof-omitted-at-limit state; retries re-append the proof
- ledgerFor regains main's noteReferences threading so prose-cited PRs
  keep their contribution-record rows, and the ledger/verify tests pin
  the merged entry shape (externalReferences) and highlight gate
2026-07-10 02:06:52 -07:00
Peter Steinberger
336e43c314 fix(release): converge on the render-github-release-notes pipeline
Two competing release-notes pipelines existed: the release branch's
hardened render/verify/provenance pipeline (a486f3ab08 + dcee1da876,
battle-tested by 2026.7.1) and main's lighter prepare-github-release-notes
size gate (#103222). Repo policy is one canonical path; the release-branch
pipeline wins and main's unique value is grafted in:

- scripts/render-github-release-notes.mjs becomes the canonical release
  body renderer (full/compact 125k char+byte modes, tag-pinned record
  link, verification tail, canonical shipped-baseline format), now also
  preferring a correction tag's dedicated changelog section (from
  prepare's heading matrix).
- verify-release-notes.mjs is a three-way merge: release's --shipped-ref
  cumulative baselines, provenance checks, highlights gate, and the
  excluded-record rewrite fix, plus main's compact contribution rows,
  externalReferences threading, and both-heading parser compat.
- release-candidate-checklist.mjs gains validateCandidateCheckout and
  changelog-provenance gates that run before any dispatch.
- openclaw-release-publish.yml keeps main's fail-before-mutation early
  notes gate (retargeted to the renderer) and adopts release's
  render/verify_release_tag_target/canonical_release_body_matches flow.
- scripts/prepare-github-release-notes.mjs and its test are deleted;
  release-notes-ledger.test.ts stays and pins the merged verify exports.
- .gitignore tracks every repo skill for Git-aware syncs; SKILL.md
  runbooks and RELEASING.md document the converged contract.
2026-07-10 02:06:52 -07:00
Peter Steinberger
26d200c6a3 feat(channels): narrated progress drafts + activity receipt on the final answer (#103463)
* feat(channels): narrated progress drafts + activity receipt on the final answer

Progress mode replaces raw tool lines with short utility-model narration of
what the agent is doing (streaming.progress.narration, default on, requires
an explicit utilityModel). On Discord the final answer now carries the
-# activity receipt and the working draft is deleted once the answer lands,
so busy channels keep no orphaned tool log above the reply.

Formatting verified remotely via Testbox oxfmt --check (hook bypassed:
no node_modules in this worktree).

* fix(channels): keep narration toggle independent of channel-default stream mode

Discord resolves its own progress default, so the resolver must not re-derive
mode with the generic partial fallback (narration was off for unset config).

* fix(auto-reply): honor status-only command text in narration model input

streaming.progress.commandText: "status" hides raw exec/bash text from the
channel draft; narration input now mirrors that policy so the utility model
never receives more command detail than the draft shows (Codex review P2).

Formatting verified remotely via Testbox oxfmt --check.

* fix(auto-reply): share the draft's command-tool set for narration and regen channel metadata

Reuse isCommandToolName (exec|shell|bash) so narration's commandText policy
matches the draft formatter exactly, and regenerate bundled channel config
metadata for the new streaming.progress.narration key (Codex review round 2).

Gates verified on Testbox: config:channels:check, oxfmt --check, 4 test shards.

* fix(channels): clear stale narration when the narrator stops mid-turn

An empty narration update now falls the draft back to raw tool lines, and the
narrator emits that clear when it disables after consecutive failures or the
per-turn cap, so drafts never pin stale status text (Codex review round 3).

Gates verified on Testbox: oxfmt --check + 4 test shards.

* chore(config): regen bundled channel metadata after rebase onto main

* chore: CI fixups — lint nits, test harness types, docs map, SDK surface budget

Two deliberate public SDK additions (resolveChannelStreamingProgressNarration,
isCommandToolName via the streaming wildcard re-export) bump the pinned
public-surface budgets to current counts (exports 10488, callable 5235).

Gates verified on Testbox: oxfmt, targeted oxlint, docs:map:check,
config:channels:check, check:test-types, 5 test shards.
2026-07-10 09:28:47 +01:00
Peter Steinberger
ace2407acd fix(ci): compare the full harness surface for evidence reuse
Codex review round four: workflows execute helper scripts from the
workflow ref, so comparing only the .github/workflows tree missed
script-only harness changes. Harness equivalence now means the git tree
diff between the candidate run's head SHA and the current workflow SHA
is itself release-metadata-only, using the same canonical classifier as
the target delta. The classifier's worktree overlay no longer applies
when --head is an explicit SHA, keeping SHA-exact comparisons exact.
2026-07-10 00:21:26 -07:00
Peter Steinberger
494987fa6e fix(ci): require an identical workflow harness for evidence reuse
Codex review round three: a prior green run may have executed with
different lane definitions; the resolver now compares the candidate
run head SHA's .github/workflows tree against the current workflow
ref before accepting its manifest.
2026-07-10 00:21:25 -07:00
Peter Steinberger
e98bb5942a fix(ci): scope beta advisory to live-provider suites and validate reuse targets
Codex review round two: the reusable advisory input is global, so beta
would also have softened hermetic repo/OpenShell E2E — add a scoped
live_advisory input that only covers the live-provider suite jobs and
narrow the umbrella fail-fast exclusion to those job names. Evidence
reuse now also runs the macOS source-version consistency check against
the target (release-preflight --macos-versions-only) so version-stamp
deltas cannot reuse evidence while version surfaces disagree.
2026-07-10 00:21:24 -07:00
Peter Steinberger
6bb240b6da fix(ci): match validation inputs and recheck child runs before evidence reuse
Codex review findings: evidence reuse must not let a default-input run
stand in for a focused provider/mode/filter/package-spec run, and
recorded child runs can be re-run to failure while the parent stays
green. Manifests now record validationInputs; the resolver requires an
exact input match and healthy child runs, and the summary re-verifies
the chain root plus its recorded children. Reuse-mode evidence dispatch
notes now disclose the chain-root relationship.
2026-07-10 00:21:24 -07:00
Peter Steinberger
87f98090e1 feat(ci): reuse release validation evidence and speed up the release pipeline
- Full Release Validation now checks for a prior green validation whose
  target differs only by release metadata (changelog/version stamps) and
  reuses that evidence instead of re-running every lane; disable with
  reuse_evidence=false. Evidence manifests chain through reuse runs via
  evidenceReuse.runId and the summary re-verifies the chain root.
- The Docker runtime-assets preflight no longer serializes the CI,
  plugin-prerelease, release-checks, and performance lanes; it runs in
  parallel and stays enforced by the umbrella verifier.
- Umbrella runs for release/* refs now supersede in-progress runs with
  the same ref and rerun group instead of requiring manual cancels.
- release_profile=beta treats the live-provider E2E suites as advisory
  (third-party model deployments move underneath releases); stable and
  full profiles keep them blocking, and beta live failures no longer
  fail-fast-cancel the remaining release-check matrix.
2026-07-10 00:21:23 -07:00
Vincent Koc
d6b38e2eae fix(release): validate macOS source versions
(cherry picked from commit f7aea57edb)
2026-07-10 00:21:22 -07:00
Vincent Koc
27ceb13e21 fix(ci): select trusted release harness for Docker lanes (#103504) 2026-07-10 00:13:06 -07:00
Peter Steinberger
e169bfed7c fix: default optional Swift protocol fields (#103493) 2026-07-10 08:02:49 +01:00
Vincent Koc
f11b2493b9 fix(ci): read Codex bindings from SQLite in live harness (#103467)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 23:32:39 -07:00
Peter Steinberger
54009c15bb improve(qa): verify native Slack chart delivery (#103337)
* test(qa): prove Slack native chart delivery

* test(qa): exercise Slack chart verifier through scenario

* fix(build): bound private QA SDK declarations separately

* fix(qa): normalize Slack chart history whitespace
2026-07-10 06:58:33 +01:00
Peter Steinberger
cd9db5ed9a fix(doctor): keep automated repair from moving approval state (#103353)
* fix(doctor): isolate automated cross-state imports

* test(update): cover isolated doctor finalization
2026-07-10 05:42:36 +01:00
Peter Steinberger
a789b92b39 fix(macos): harden fresh AI onboarding (#102637)
* fix(macos): bootstrap Codex before onboarding test

* fix(plugins): activate deferred runtimes on demand

* fix(macos): stage Codex runtime for onboarding probe

* fix(macos): expose sanitized onboarding errors

* fix(codex): reuse native CLI auth during onboarding

* fix(macos): hide Crestodian without inference

* fix(codex): honor explicit runtime policy during setup

* fix(onboarding): redact verification errors

* fix(macos): reset onboarding state with gateway route

* fix(onboarding): persist Codex plugin install metadata

* chore: refresh onboarding inventories

* fix(macos): restart AI setup after gateway change

* chore: refresh native onboarding inventory

* fix(onboarding): defer gateway restart until setup persists

* fix(macos): reset Crestodian on gateway changes

* chore(macos): refresh native i18n inventory

* fix(onboarding): harden inference setup state

* docs(skills): reuse pristine Parallels snapshots

* chore(macos): refresh onboarding i18n inventory

* fix(onboarding): prevent stale gateway and install state

* docs(skills): preserve saved Parallels sessions

* fix(macos): balance AI onboarding layout

* fix(parallels): parse npm workspace pack output

* chore(macos): refresh onboarding i18n inventory

* fix(parallels): bundle workspace runtime in package artifact

* fix(parallels): isolate canonical package helper

* fix(parallels): pack self-contained workspace artifact

* fix(packaging): exclude macOS app bundle

* fix(macos): restart inference checks after route changes

* docs(changelog): defer onboarding note to release

* fix(onboarding): enforce inference-first gateway setup
2026-07-10 04:59:15 +01:00
Peter Steinberger
75dfd3dc09 feat(xai): support Grok Imagine Video 1.5 (#103316)
* feat(media): add per-model generation catalog metadata

* feat(xai): support Grok Imagine Video 1.5

* test(plugin-sdk): update public surface budget
2026-07-10 04:49:42 +01:00
Peter Steinberger
1696366f88 feat(android): add safe cron job management (#102997)
* feat(android): add safe cron job management

Co-authored-by: snowzlmbot <293528334+snowzlmbot@users.noreply.github.com>

* fix(android): harden cron editor state

* fix(android): preserve cron state across lifecycle

* fix(android): satisfy cron release gates

* fix(android): retain cron drafts outside saved state

* fix(android): scope cron auto-delete to one-shot jobs

* fix(android): use Compose activity owner

* docs(changelog): note Android cron management

* fix(cron): harden Android job management

* chore(i18n): refresh Android cron inventory

* test(cron): cover enriched read views

* chore(changelog): defer Android cron note to release

---------

Co-authored-by: snowzlmbot <293528334+snowzlmbot@users.noreply.github.com>
2026-07-10 04:12:18 +01:00
Peter Steinberger
add2c586c2 feat(slack): support native chart presentations (#102635) 2026-07-10 04:05:23 +01:00
Ayaan Zaidi
6da0af1cd3 fix(ci): use public plugin-sdk test seams and refresh generated surfaces 2026-07-10 07:53:37 +05:30
Peter Steinberger
73db6b2aca ci: pin docs i18n Go toolchain (#103244) 2026-07-10 03:02:52 +01:00