Manual-review items are kind:"manual" with status:"skipped" so they were rendering with ⏭️, which reads like "done, ignored" — exactly the wrong signal for items that still need user attention. Render with 🔍 instead so the row says "look closer here".
Archive items end up status:"migrated" once written to the report dir, so they were rendering with ✅, which overstates what happened — the file was saved aside, not imported. Render with 📖 so the row reads "filed away".
Skill/plugin/secret/memory rows continue to render with their status glyphs (✅❌⏭️⚠️) unchanged. JSON output (--json) is unaffected.
Treat selectable configured OpenAI agent models as Codex runtime requirements during plugin auto-enable, startup planning, and doctor install repair.\n\nPR: https://github.com/openclaw/openclaw/pull/81591
Adds a bounded browser-local Control UI text size setting in Appearance and Quick Settings, persists it in UiSettings, and applies CSS text-scale variables across chat text, composer input, sidebars, and tool cards while preserving mobile Safari input zoom safety.
Fixes#8547.
Thanks @BunsDev.
Classify ACP spawn-child sessions via persisted spawnedBy metadata and share the session kind classifier across sessions/status output.
Verified with Azure Crabbox seeded ACP session-store proof, targeted session/status tests, touched-file lint, build, and green PR CI.
Display the ACP runtime sentinel for ACP control-plane session rows in openclaw sessions output, while preserving configured model/provider display for direct sessions.
Verified with focused sessions tests, touched-file oxlint, check:test-types, Crabbox after-fix proof, and exact-head GitHub CI.
Restructure the migrate codex CLI output:
- Split into separate Before (preview) and After (result) messages
so each can be tuned independently. Both render through clack's
log.message so they pick up the standard '|' gutter.
- Group items by kind (Skills, Plugins, Memory, Secrets, Archive,
Manual review, Other) instead of one flat list. Hide config items
from display and exclude them from the summary count.
- Drop the internal kind/action tag (e.g. 'manual/manual'), strip
'<kind>:' id prefixes and trailing ':N' disambiguators, and use
'•' for bullets.
- Mute parenthetical action text.
- In result mode: replace status text with emoji (✅ migrated,
❌ error, ⏭️ skipped, ⚠️ conflict), show '(Migrated)' on success,
show humanized failure reasons for known codes (plugin_missing,
marketplace_missing, etc.), say '(Skipped)' for user-deselected
skill/plugin items but keep the real message on manual-review
skips. Drop warnings from the result message.
- In preview mode: omit the 'Next' section and move warnings to
the bottom. Use generic action descriptions ('Copy Codex skill
into OpenClaw', 'Install Codex plugin into OpenClaw').
- Drop the redundant 'Codex cached plugin bundles remain
manual-review only.' warning — covered by the source-installed
warning above it.
Carry Windows ACL world-principal classification through @openclaw/fs-safe@0.2.2 so Anonymous Logon, Guests, Interactive, Network, and Local SID/principal variants are treated as world-equivalent in filesystem audit findings.
Also add regression coverage, changelog coverage, a narrow lint cleanup, and a UI test isolation fix needed by the current CI shard.
Co-authored-by: dwc <118101032587@njust.edu.cn>
Adds Windows USERPROFILE to the sandbox blocked home roots so credential binds are denied even when HOME points at a different shell home.
Verified:
- node scripts/test-projects.mjs src/agents/sandbox/validate-sandbox-security.test.ts
- node scripts/test-projects.mjs src/agents/sandbox/bind-spec.test.ts src/agents/sandbox/host-paths.test.ts src/agents/sandbox/validate-sandbox-security.test.ts
- git diff --check HEAD^ HEAD
Co-authored-by: luoyanglang <hanwanlonga@gmail.com>
