Peter Steinberger
1b1cebfe42
fix(openai): align auth availability with effective routes ( #104685 )
...
* feat(openai): add provider-owned route facts
* fix(openai): harden provider route facts
* test(codex): update rebased auth fixtures
* chore: leave release notes to release workflow
* fix(openai): align route auth with current contracts
* test(openai): align route and shard expectations
* test(openai): satisfy route fixture contracts
* fix(openai): preserve direct profile forwarding
* test(models): complete route auth mocks
* test(codex): type compaction factory mock
* fix(openai): preserve provider-native model ids
* test(agents): align route auth fixtures
* style(agents): format route integrations
* test(plugin-sdk): pin current surface counts
2026-07-11 15:26:48 -07:00
Gio Della-Libera
7d82e5b658
Doctor: audit lint default selection ( #100361 )
...
Summary:
- audit Doctor lint default selection after the full lint-family backfill
- make legacy state, skills readiness, session transcripts, and session snapshots explicit-only for default lint
- document default lint vs --all/--only and keep plugin/SDK public contracts unchanged
Validation:
- Galin review: no blocking findings
- maintainer accepted the default-lint compatibility tradeoff in PR comment
- exact-head hosted gates passed for d5d88a0db1 : CI#28976811444 and Workflow Sanity#28976811343
- local broad pnpm check was blocked by a shrinkwrap guard failure that reproduces on origin/main and is unrelated to this five-file Doctor diff
Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com >
2026-07-08 14:34:57 -07:00
Sally O'Malley
b81666ca6a
Fix container image upgrade migrations before gateway readiness ( #101881 )
...
* run all 'openclaw upgrade' migrations with container image upgrades
Signed-off-by: sallyom <somalley@redhat.com >
* fix: block gateway startup on plugin repair warnings
Signed-off-by: sallyom <somalley@redhat.com >
---------
Signed-off-by: sallyom <somalley@redhat.com >
2026-07-08 14:19:05 -04:00
Peter Steinberger
f7d7148cf0
docs: rewrite published docs grounded in current source ( #100142 )
...
Source-grounded rewrite of 529 published docs pages with per-unit information-loss verification: 1,713 factual corrections cited to src/**, generated surfaces regenerated, frontmatter titles preserved for i18n, release notes pages untouched. All docs gates green.
Closes #100141
2026-07-05 00:32:47 -04:00
Gio Della-Libera
4fc504d321
Doctor: add lint --all ( #96471 )
...
* fix(doctor): keep audit scrub lint opt-in
* fix(doctor): keep audit lint defaults internal
* feat(doctor): add lint profiles
2026-06-25 22:26:42 -07:00
Omar Shahine
a0714a3d68
fix(imessage): keep split-send coalescing opt-in ( #93143 )
...
Merged via squash.
Prepared head SHA: 7fc3eca084
Co-authored-by: omarshahine <10343873+omarshahine@users.noreply.github.com >
Co-authored-by: omarshahine <10343873+omarshahine@users.noreply.github.com >
Reviewed-by: @omarshahine
2026-06-21 17:12:21 -07:00
Vincent Koc
c8ab37f6fe
chore(deadcode): drop inert legacy workspace doctor check
2026-06-22 01:47:27 +08:00
Vincent Koc
dd5febe2aa
fix(config): preserve raw snapshots after materialization
2026-06-19 09:01:54 +08:00
Vincent Koc
943511674c
fix(config): preserve raw snapshots after materialization
2026-06-19 09:01:03 +08:00
Vincent Koc
c9605779ef
fix(doctor): warn on volatile SQLite state ( #94725 )
...
* fix(doctor): warn on volatile SQLite state
* fix(doctor): resolve symlinked state paths
2026-06-19 08:56:37 +08:00
Alix-007
4d6befe7cd
fix(doctor): clear inert legacy cron notify markers ( #89396 )
...
Stop repeated cron doctor warnings by removing inert top-level `notify` metadata when `cron.webhook` is unset. Existing delivery stays unchanged, while configured invalid webhook URLs keep the actionable warning.
Fixes #44460 .
Co-authored-by: Alix-007 <li.long15@xydigit.com >
Reviewed-by: @steipete
2026-06-17 16:21:22 +02:00
Peter Steinberger
d1b514af2e
fix: remove webchat config surface
2026-05-31 12:49:18 -04:00
Peter Steinberger
d07f508020
fix: retire webchat channel config
2026-05-31 11:58:54 -04:00
Peter Steinberger
2bd07eead7
Refactor cron SQLite runtime paths ( #88582 )
...
* refactor: clean cron sqlite runtime paths
* fix: preserve legacy cron sqlite delivery migration
* fix: keep legacy cron notify fallback for invalid webhooks
* test: handle packaged lint suppression files
* fix: keep invalid cron notify migrations retryable
* test: fix ui timer lint
2026-05-31 12:14:48 +01:00
Peter Steinberger
4c33aaa86c
refactor: unify OpenAI provider identity ( #88451 )
...
* refactor: unify OpenAI provider identity
* refactor: move legacy oauth sidecar doctor helpers
* test: align OpenAI fixtures after rebase
* test: clean OpenAI provider unification
* fix: finish OpenAI provider cleanup
* fix: finish OpenAI cleanup follow-through
* fix: finish OpenAI CI cleanup
2026-05-31 00:29:44 +01:00
Peter Steinberger
d92b3b5cc2
refactor: unify OpenAI provider identity
...
Refactor OpenAI provider identity so OpenAI remains the canonical provider for API-key and OAuth-backed flows while legacy openai-codex state is doctor/migration-only.
Keeps OpenAI Codex Responses as an API/transport class rather than a provider identity, moves auth aliases through providerAuthAliases, updates doctor repair sequencing for old auth/profile state, and refreshes tests/docs around the canonical OpenAI behavior.
2026-05-30 11:48:41 +02:00
Peter Steinberger
0b86decf94
fix: keep live OpenClaw session locks during cleanup ( #88129 )
...
Keep session lock cleanup from removing live OpenClaw-owned locks solely because they are old. Cleanup now reports age-only stale locks without deleting them, while still removing dead, orphaned, recycled, malformed-old, and non-OpenClaw-owned locks.
Update doctor docs and regression coverage for the cleanup/repair contract.
Refs #87779
2026-05-29 22:42:04 +02:00
拐爷&&老拐瘦
f634062f35
fix(cron): quarantine malformed persisted jobs
...
Quarantine malformed persisted cron rows before sanitizing active jobs.json.
Preserve raw malformed rows plus split runtime metadata in jobs-quarantine.json so later cron writes cannot silently delete recoverable data.
Doctor now reports quarantine sidecars for manual review.
Closes #51871 .
Thanks @yfge.
Verification:
- pnpm test src/cron/service/store.test.ts src/cron/service/store.load-missing-session-target.test.ts src/cron/store.test.ts src/commands/doctor-cron-store-migration.test.ts src/commands/doctor-cron.test.ts ui/src/ui/controllers/cron-filters.test.ts ui/src/ui/controllers/cron.test.ts ui/src/ui/app-render.helpers.node.test.ts ui/src/ui/app-settings.refresh-active-tab.node.test.ts
- node scripts/run-tsgo.mjs -p tsconfig.core.json --files src/cron/store.ts src/cron/service/store.ts src/cron/service/state.ts src/commands/doctor-cron.ts && node scripts/run-tsgo.mjs -p test/tsconfig/tsconfig.core.test.json --files src/cron/store.test.ts src/cron/service/store.test.ts src/cron/service/store.load-missing-session-target.test.ts src/commands/doctor-cron.test.ts src/commands/doctor-cron-store-migration.test.ts
- node scripts/run-oxlint.mjs --tsconfig config/tsconfig/oxlint.core.json src/cron/store.ts src/cron/service/store.ts src/cron/service/state.ts src/commands/doctor-cron.ts src/cron/store.test.ts src/cron/service/store.test.ts src/cron/service/store.load-missing-session-target.test.ts src/commands/doctor-cron.test.ts src/commands/doctor-cron-store-migration.test.ts
- git diff --check
- pnpm docs:list
- autoreview clean: no accepted/actionable findings reported
- GitHub CI: cron, doctor, docs, lint/type/build/security/quality, real behavior proof, and Windows rerun green; checks-node-agentic-agents remains red on current PR and recent main with unrelated pre-existing module/mock failures outside touched files.
Co-authored-by: yfge <geyunfei@gmail.com >
2026-05-29 10:27:45 +01:00
Vincent Koc
27b15a19e8
refactor(voice): catalog voice models through providers ( #87794 )
...
* refactor(providers): catalog voice models
* feat(tts): route speech through voice models
* refactor(tts): rename speaker selection fields
* refactor(tts): mark default speech models
* test(tts): type migrated speaker config assertions
* refactor(providers): avoid catalog merge map spread
* fix(tts): honor voice model fallbacks
* refactor(tts): move speech core into package
* chore(tts): register speech core knip workspace
* fix(tts): show migrated speaker voice in status
* fix(tts): satisfy speech core lint
* fix(tts): preserve explicit model aliases
* test(tts): narrow provider config assertion
* test(doctor): allow slow commitments repair check
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-29 04:46:45 +01:00
Mariano Belinky
a7d2d9c6df
fix: migrate legacy memory auto provider
2026-05-27 23:03:32 +02:00
Peter Steinberger
bb46b79d3c
refactor: internalize OpenClaw agent runtime ( #85341 )
...
* refactor: extract agent core package
Introduce packages/agent-core as the OpenClaw-owned home for reusable agent loop, harness, session, prompt, and runtime dependency contracts.
* refactor: extract shared llm runtime
Move provider model registries, stream wrappers, OAuth helpers, and LLM utilities into src/llm with plugin-sdk barrels instead of depending on the old embedded runtime layout.
* refactor: remove pi runtime internals
Rename remaining Pi-shaped agent surfaces to OpenClaw agent runtime names, delete obsolete Pi docs and package graph checks, and add the third-party notice for incorporated code.
* refactor: tighten agent session runtime
Make agent-core/runtime dependencies explicit, consolidate compaction and session transcript helpers, and move model/session helpers behind OpenClaw-owned contracts.
* refactor: remove static model and pi auth paths
Drop static model catalogs and Pi auth bridges, move model/provider facts to manifest-owned runtime contracts, and harden internal embedded-agent utilities.
* refactor: remove legacy provider compat paths
* docs: remove agent parity notes
* fix: skip provider wildcard metadata parsing
* refactor: share session extension sdk loading
* refactor: inline acpx proxy error formatter
* refactor: fold edit recovery into edit tool
* fix: accept extension batch separator
* test: align startup provider plugin expectations
* fix: restore provider-scoped release discovery
* test: align static asset packaging expectations
* fix: run static provider catalogs during scoped discovery
* fix: add provider entry catalogs for scoped live discovery
* fix: load lightweight provider catalog entries
* fix: refresh provider-scoped plugin metadata
* fix: keep provider catalog entries on release live path
* fix: keep static manifest models in release live checks
* fix: harden release model discovery
* fix: reduce OpenAI live cache probe reasoning
* fix: disable OpenAI cache probe reasoning
* ci: extend OpenAI gateway live timeout
* fix: extend live gateway model budget
* fix: stabilize release validation regressions
* fix: honor provider aliases in model rows
* fix: stabilize release validation lanes
* fix: stabilize release memory qa
* ci: stabilize release validation lanes
* ci: prefer ipv4 for live docker node calls
* fix: restore shared tool-call stream wrapper
* ci: remove legacy pi test shard alias
* fix: clean up embedded agent test drift
* fix: stabilize runtime alias status
* fix: clean up embedded agent ci drift
* fix: restore release ci invariants
* fix: clean up post-rebase runtime drift
* fix: restore release ci checks
* fix: restore release ci after rebase
* fix: remove stale pi runtime path
* test: align compaction runtime expectations
* test: update plugin prerelease expectations
* fix: handle claude live tool approvals
* fix: stabilize release validation gates
* fix: finish agent runtime import
* test: finish post-rebase agent runtime mocks
* fix: keep codex compaction native
* fix: stabilize codex app-server hook tests
* test: isolate codex diagnostic active run
* test: remove codex diagnostic completion race
# Conflicts:
# extensions/codex/src/app-server/run-attempt.test.ts
* ci: fix full release manifest performance run id
* refactor: narrow llm plugin sdk boundary
* chore: drop generated google boundary stamps
* fix: repair rebase fallout
* fix: clean up rebased runtime references
* fix: decode codex jwt payloads as base64url
* fix: preserve shipped pi runtime alias
* fix: add scoped sdk virtual modules
* fix: decode llm codex oauth jwt as base64url
* fix: avoid stale vertex adc negative cache
* fix: harden tool arg decoding and codeql path
* fix: keep vertex adc negative checks live
* refactor: consolidate codex jwt and edit helpers
* fix: await codex oauth node runtime imports
* fix: preserve sdk tool and notice contracts
* fix: preserve shipped compat config boundaries
* fix: align codex oauth callback host
* fix: terminate agent-core loop streams on failure
* fix: keep codex oauth callback alive during fallback
* ci: include session tools in critical codeql scans
* fix: keep Cloudflare Anthropic provider auth header
* docs: redirect legacy pi runtime pages
* fix: honor bundled web provider compat discovery
* fix: protect session output spill files
* fix: keep legacy agent dir env blocked
* fix: contain auto-discovered skill symlinks
* fix: harden agent core sdk proxy surfaces
* fix: restore approval reaction sdk compat
* fix: keep live docker runs bounded
* fix: keep codex oauth redirect host aligned
* fix: resolve post-rebase agent runtime drift
* fix: redact anthropic oauth parse failures
* fix: preserve responses strict tool shaping
* fix: repair agent runtime rebase cleanup
* docs: redirect retired parity pages
* fix: bound auto-discovered resources to roots
* fix: repair post-rebase agent test drift
* fix: preserve bundled provider allowlist migration
* fix: preserve manifest-owned provider aliases
* fix: declare photon image dependency
* fix: keep provider headers out of proxy body
* fix: preserve shipped env aliases
* fix: refresh control ui i18n generated state
* fix: quote read fallback paths
* fix: preview edits through configured backend
* test: satisfy core test typecheck
* fix: preserve ZAI usage auth fallback
* test: repair codex diagnostic test
* fix: repair agent runtime rebase drift
* test: finish embedded runner import rename
* fix: repair agent runtime rebase integrations
* test: align compaction oauth fallback expectations
* fix: allow sdk-auth session models
* fix: update doctor tool schema import
* fix: preserve bedrock plugin region
* fix: stream harmony-like prose immediately
* ci: include session runtime in codeql shards
* fix: repair latest rebase integrations
* fix: honor explicit codex websocket transport
* fix: keep openai-compatible credentials provider-scoped
* fix: refresh sdk api baseline after rebase
* fix: route cli runtime aliases through openclaw harness
* test: rename stale harness mock expectation
* test: rename embedded agent overflow calls
* test: clean embedded auth test wording
* test: use openclaw stream types in deepinfra cache test
* fix: refresh sdk api baseline on latest main
* fix: honor bundled discovery compat allowlists
* fix: refresh sdk api baseline after latest rebase
* fix: remove stale rebase imports
* test: rename stale model catalog mock
* test: mock renamed doctor runtime modules
* fix: map canonical kimi env auth
* fix: use internal model registry in bench script
* fix: migrate deepinfra provider catalog entry
* fix: enforce builtin tool suppression
* fix: route compaction auth and proxy payloads safely
* refactor: prune unused llm registry leftovers
* test: update codex hooks session import
* test: fix model picker ci coverage
* test: align model picker auth mock types
2026-05-27 19:24:04 +01:00
Bob
4d89e00c50
feat(embeddings): add OpenAI-compatible core provider ( #85269 )
...
Merged via squash.
Prepared head SHA: dc9a5d5397
Co-authored-by: dutifulbob <261991368+dutifulbob@users.noreply.github.com >
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com >
Reviewed-by: @mbelinky
2026-05-27 14:37:17 +02:00
Dallin Romney
a61d5308b5
fix(auth): emit one-shot doctor-pointer warning for Keychain-only legacy Codex OAuth profiles ( #86220 )
2026-05-25 11:39:32 -07:00
Dallin Romney
4399eee6e0
fix(auth): load legacy Codex OAuth sidecars in embedded secrets-runtime loaders ( #85074 )
...
The auto-migration introduced in #83312 only fires when a credential is loaded
via a path that reads its sidecar tokens. The OAuth refresh manager's internal
loader does (so direct CLI inference works and self-heals on first refresh).
The embedded runner's secrets-runtime loaders did not:
- loadAuthProfileStoreForSecretsRuntime
- loadAuthProfileStoreWithoutExternalProfiles
- ensureAuthProfileStoreWithoutExternalProfiles
All three opted out of sidecar resolution. So for an upgraded user with a
legacy oauthRef-backed openai-codex profile, the credential loaded with no
access/refresh material, evaluateStoredCredentialEligibility marked it
ineligible, resolveAuthProfileOrder filtered it out, and resolveApiKeyForProvider
threw "No API key found for provider 'openai-codex'" before the OAuth manager
(and its migration path) was ever consulted. CLI worked, Telegram/cron/embedded
turns broke — only doctor-or-bust would fix it.
Flip the three embedded loaders to default resolveLegacyOAuthSidecars to true
(matching loadStoredOAuthRefreshStore). The existing #83312 refresh-and-rewrite
then fires on the first embedded turn for these users and persists tokens
inline, removing the legacy sidecar from disk on the next doctor pass.
Cherry-picked and squashed from PR #84752 (commits 85f36e8d2b and
4624e34c06 ). Comments noting local-fork bookkeeping stripped per repo policy.
Co-authored-by: Will <totalsolutionspm@gmail.com >
2026-05-21 13:07:49 -07:00
Peter Steinberger
1e5450f23e
fix(messages): keep group visible replies automatic by default ( #83498 )
...
* fix(messages): keep group visible replies automatic by default
* fix(messages): keep unauthorized slash turns quiet
* fix(messages): return boolean from slash guard
* test(messages): narrow visible reply fixtures
* test(messages): align completion delivery default
2026-05-18 09:48:58 +01:00
Gio Della-Libera
9a5f2f61e7
Doctor: add health-check contract and --lint validation ( #80055 )
...
* feat(doctor): add --lint mode + structured HealthFinding shape
Adds the core machinery for `openclaw doctor --lint` per the
doctor-lint-and-oc-rules upstream proposal. PR-1 of the proposal:
no new top-level verb, no public plugin SDK; everything internal.
Files:
- src/flows/checks.ts ? HealthFinding / HealthCheck / HealthCheckContext
types. Findings carry severity per-finding; checks return
readonly HealthFinding[]. Mode tag (doctor/lint/fix) lets a check
distinguish the calling posture.
- src/flows/health-check-registry.ts ? module-level registry with
duplicate-id rejection + test reset helper.
- src/flows/doctor-lint-flow.ts ? runner over registered checks.
Catches throws into synthetic error findings (anchored at check id;
message scrubbed of control chars, capped at 256 bytes). Sorts
findings by severity desc, check id, path. Exports
exitCodeFromFindings (1 if any warning/error, 0 otherwise).
- src/flows/doctor-core-checks.ts ? 4 modern HealthChecks rewriting
logic from existing legacy run*Health functions:
core/doctor/gateway-config (warning)
core/doctor/command-owner (info)
core/doctor/workspace-status (info)
core/doctor/final-config-validation (error)
Each was audited safe per the proposal's adapter constraints
(no writes, no repair calls, no prompts, no probes incl. local-bind).
Legacy run*Health contributions in doctor-health-contributions.ts
are unchanged ? doctor mode (no --lint) still runs the existing 35.
- src/commands/doctor-lint.ts ? CLI dispatch for --lint. Reads config
snapshot, builds HealthCheckContext (mode: "lint"), runs the registry,
filters by --severity-min, emits human or JSON output, returns exit
code from unfiltered set so --severity-min hides info findings
without changing CI signal.
- src/cli/program/register.maintenance.ts ? adds --lint, --json,
--severity-min, --skip, --only flags to existing doctor command.
--lint branches to runDoctorLintCli; without --lint, doctor runs
unchanged.
LoC: 382 src across 6 files. Tests + doc + oc-path-side rule packs
follow as separate commits on this branch.
* fix: avoid string spread in doctor errors
* chore: refresh plugin SDK API baseline
* docs: clarify doctor lint usage
* feat(doctor): prepare repairs for dry-run reporting
2026-05-17 12:29:57 -07:00
Peter Steinberger
b08e0da25b
fix: clarify provider timeout ceiling
2026-05-16 01:08:07 +01:00
Peter Steinberger
694ca50e97
Revert "refactor: move runtime state to SQLite"
...
This reverts commit f91de52f0d .
2026-05-13 13:33:38 +01:00
Peter Steinberger
f91de52f0d
refactor: move runtime state to SQLite
...
* refactor: remove stale file-backed shims
* fix: harden sqlite state ci boundaries
* refactor: store matrix idb snapshots in sqlite
* fix: satisfy rebased CI guardrails
* refactor: store current conversation bindings in sqlite table
* refactor: store tui last sessions in sqlite table
* refactor: reset sqlite schema history
* refactor: drop unshipped sqlite table migration
* refactor: remove plugin index file rollback
* refactor: drop unshipped sqlite sidecar migrations
* refactor: remove runtime commitments kv migration
* refactor: preserve kysely sync result types
* refactor: drop unshipped sqlite schema migration table
* test: keep session usage coverage sqlite-backed
* refactor: keep sqlite migration doctor-only
* refactor: isolate device legacy imports
* refactor: isolate push voicewake legacy imports
* refactor: isolate remaining runtime legacy imports
* refactor: tighten sqlite migration guardrails
* test: cover sqlite persisted enum parsing
* refactor: isolate legacy update and tui imports
* refactor: tighten sqlite state ownership
* refactor: move legacy imports behind doctor
* refactor: remove legacy session row lookup
* refactor: canonicalize memory transcript locators
* refactor: drop transcript path scope fallbacks
* refactor: drop runtime legacy session delivery pruning
* refactor: store tts prefs only in sqlite
* refactor: remove cron store path runtime
* refactor: use cron sqlite store keys
* refactor: rename telegram message cache scope
* refactor: read memory dreaming status from sqlite
* refactor: rename cron status store key
* refactor: stop remembering transcript file paths
* test: use sqlite locators in agent fixtures
* refactor: remove file-shaped commitments and cron store surfaces
* refactor: keep compaction transcript handles out of session rows
* refactor: derive transcript handles from session identity
* refactor: derive runtime transcript handles
* refactor: remove gateway session locator reads
* refactor: remove transcript locator from session rows
* refactor: store raw stream diagnostics in sqlite
* refactor: remove file-shaped transcript rotation
* refactor: hide legacy trajectory paths from runtime
* refactor: remove runtime transcript file bridges
* refactor: repair database-first rebase fallout
* refactor: align tests with database-first state
* refactor: remove transcript file handoffs
* refactor: sync post-compaction memory by transcript scope
* refactor: run codex app-server sessions by id
* refactor: bind codex runtime state by session id
* refactor: pass memory transcripts by sqlite scope
* refactor: remove transcript locator cleanup leftovers
* test: remove stale transcript file fixtures
* refactor: remove transcript locator test helper
* test: make cron sqlite keys explicit
* test: remove cron runtime store paths
* test: remove stale session file fixtures
* test: use sqlite cron keys in diagnostics
* refactor: remove runtime delivery queue backfill
* test: drop fake export session file mocks
* refactor: rename acp session read failure flag
* refactor: rename acp row session key
* refactor: remove session store test seams
* refactor: move legacy session parser tests to doctor
* refactor: reindex managed memory in place
* refactor: drop stale session store wording
* refactor: rename session row helpers
* refactor: rename sqlite session entry modules
* refactor: remove transcript locator leftovers
* refactor: trim file-era audit wording
* refactor: clean managed media through sqlite
* fix: prefer explicit agent for exports
* fix: use prepared agent for session resets
* fix: canonicalize legacy codex binding import
* test: rename state cleanup helper
* docs: align backup docs with sqlite state
* refactor: drop legacy Pi usage auth fallback
* refactor: move legacy auth profile imports to doctor
* refactor: keep Pi model discovery auth in memory
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
* refactor: remove model json compatibility aliases
* refactor: store auth profiles in sqlite
* refactor: seed copied auth profiles in sqlite
* refactor: make auth profile runtime sqlite-addressed
* refactor: migrate hermes secrets into sqlite auth store
* refactor: move plugin install config migration to doctor
* refactor: rename plugin index audit checks
* test: drop auth file assumptions
* test: remove legacy transcript file assertions
* refactor: drop legacy cli session aliases
* refactor: store skill uploads in sqlite
* refactor: keep subagent attachments in sqlite vfs
* refactor: drop subagent attachment cleanup state
* refactor: move legacy session aliases to doctor
* refactor: require node 24 for sqlite state runtime
* refactor: move provider caches into sqlite state
* fix: harden virtual agent filesystem
* refactor: enforce database-first runtime state
* refactor: rename compaction transcript rotation setting
* test: clean sqlite refactor test types
* refactor: consolidate sqlite runtime state
* refactor: model session conversations in sqlite
* refactor: stop deriving cron delivery from session keys
* refactor: stop classifying sessions from key shape
* refactor: hydrate announce targets from typed delivery
* refactor: route heartbeat delivery from typed sqlite context
* refactor: tighten typed sqlite session routing
* refactor: remove session origin routing shadow
* refactor: drop session origin shadow fixtures
* perf: query sqlite vfs paths by prefix
* refactor: use typed conversation metadata for sessions
* refactor: prefer typed session routing metadata
* refactor: require typed session routing metadata
* refactor: resolve group tool policy from typed sessions
* refactor: delete dead session thread info bridge
* Show Codex subscription reset times in channel errors (#80456 )
* feat(plugin-sdk): consolidate session workflow APIs
* fix(agents): allow read-only agent mount reads
* [codex] refresh plugin regression fixtures
* fix(agents): restore compaction gateway logs
* test: tighten gateway startup assertions
* Redact persisted secret-shaped payloads [AI] (#79006 )
* test: tighten device pair notify assertions
* test: tighten hermes secret assertions
* test: assert matrix client error shapes
* test: assert config compat warnings
* fix(heartbeat): remap cron-run exec events to session keys (#80214 )
* fix(codex): route btw through native side threads
* fix(auth): accept friendly OpenAI order for Codex profiles
* fix(codex): rotate auth profiles inside harness
* fix: keep browser status page probe within timeout
* test: assert agents add outputs
* test: pin cron read status
* fix(agents): avoid Pi resource discovery stalls
Co-authored-by: dataCenter430 <titan032000@gmail.com >
* fix: retire timed-out codex app-server clients
* test: tighten qa lab runtime assertions
* test: check security fix outputs
* test: verify extension runtime messages
* feat(wake): expose typed sessionKey on wake protocol + system event CLI
* fix(gateway): await session_end during shutdown drain and track channel + compaction lifecycle paths (#57790 )
* test: guard talk consult call helper
* fix(codex): scale context engine projection (#80761 )
* fix(codex): scale context engine projection
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* chore: align Codex projection changelog
* chore: realign Codex projection changelog
* fix: isolate Codex projection patch
---------
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
* refactor: move agent runtime state toward piless
* refactor: remove cron session reaper
* refactor: move session management to sqlite
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: remove stale file-backed shims
* test: harden kysely type coverage
# Conflicts:
# .agents/skills/kysely-database-access/SKILL.md
# src/infra/kysely-sync.types.test.ts
# src/proxy-capture/store.sqlite.test.ts
# src/state/openclaw-agent-db.test.ts
# src/state/openclaw-state-db.test.ts
* refactor: remove cron store path runtime
* refactor: keep compaction transcript handles out of session rows
* refactor: derive embedded transcripts from sqlite identity
* refactor: remove embedded transcript locator handoff
* refactor: remove runtime transcript file bridges
* refactor: remove transcript file handoffs
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
# Conflicts:
# docs/cli/secrets.md
# docs/gateway/authentication.md
# docs/gateway/secrets.md
* fix: keep oauth sibling sync sqlite-local
# Conflicts:
# src/commands/onboard-auth.test.ts
* refactor: remove task session store maintenance
# Conflicts:
# src/commands/tasks.ts
* refactor: keep diagnostics in state sqlite
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* Show Codex subscription reset times in channel errors (#80456 )
* fix(codex): refresh subscription limit resets
* fix(codex): format reset times for channels
* Update CHANGELOG with latest changes and fixes
Updated CHANGELOG with recent fixes and improvements.
* fix(codex): keep command load failures on codex surface
* fix(codex): format account rate limits as rows
* fix(codex): summarize account limits as usage status
* fix(codex): simplify account limit status
* test: tighten subagent announce queue assertion
* test: tighten session delete lifecycle assertions
* test: tighten cron ops assertions
* fix: track cron execution milestones
* test: tighten hermes secret assertions
* test: assert matrix sync store payloads
* test: assert config compat warnings
* fix(codex): align btw side thread semantics
* fix(codex): honor codex fallback blocking
* fix(agents): avoid Pi resource discovery stalls
* test: tighten codex event assertions
* test: tighten cron assertions
* Fix Codex app-server OAuth harness auth
* refactor: move agent runtime state toward piless
* refactor: move device and push state to sqlite
* refactor: move runtime json state imports to doctor
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: clarify cron sqlite store keys
* refactor: remove stale file-backed shims
* refactor: bind codex runtime state by session id
* test: expect sqlite trajectory branch export
* refactor: rename session row helpers
* fix: keep legacy device identity import in doctor
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* build: align pi contract wrappers
* chore: repair database-first rebase
* refactor: remove session file test contracts
* test: update gateway session expectations
* refactor: stop routing from session compatibility shadows
* refactor: stop persisting session route shadows
* refactor: use typed delivery context in clients
* refactor: stop echoing session route shadows
* refactor: repair embedded runner rebase imports
# Conflicts:
# src/agents/pi-embedded-runner/run/attempt.tool-call-argument-repair.ts
* refactor: align pi contract imports
* refactor: satisfy kysely sync helper guard
* refactor: remove file transcript bridge remnants
* refactor: remove session locator compatibility
* refactor: remove session file test contracts
* refactor: keep rebase database-first clean
* refactor: remove session file assumptions from e2e
* docs: clarify database-first goal state
* test: remove legacy store markers from sqlite runtime tests
* refactor: remove legacy store assumptions from runtime seams
* refactor: align sqlite runtime helper seams
* test: update memory recall sqlite audit mock
* refactor: align database-first runtime type seams
* test: clarify doctor cron legacy store names
* fix: preserve sqlite session route projections
* test: fix copilot token cache test syntax
* docs: update database-first proof status
* test: align database-first test fixtures
* docs: update database-first proof status
* refactor: clean extension database-first drift
* test: align agent session route proof
* test: clarify doctor legacy path fixtures
* chore: clean database-first changed checks
* chore: repair database-first rebase markers
* build: allow baileys git subdependency
* chore: repair exp-vfs rebase drift
* chore: finish exp-vfs rebase cleanup
* chore: satisfy rebase lint drift
* chore: fix qqbot rebase type seam
* chore: fix rebase drift leftovers
* fix: keep auth profile oauth secrets out of sqlite
* fix: repair rebase drift tests
* test: stabilize pairing request ordering
* test: use source manifests in plugin contract checks
* fix: restore gateway session metadata after rebase
* fix: repair database-first rebase drift
* fix: clean up database-first rebase fallout
* test: stabilize line quick reply receipt time
* fix: repair extension rebase drift
* test: keep transcript redaction tests sqlite-backed
* fix: carry injected transcript redaction through sqlite
* chore: clean database branch rebase residue
* fix: repair database branch CI drift
* fix: repair database branch CI guard drift
* fix: stabilize oauth tls preflight test
* test: align database branch fast guards
* test: repair build artifact boundary guards
* chore: clean changelog rebase markers
---------
Co-authored-by: pashpashpash <nik@vault77.ai >
Co-authored-by: Eva <eva@100yen.org >
Co-authored-by: stainlu <stainlu@newtype-ai.org >
Co-authored-by: Jason Zhou <jason.zhou.design@gmail.com >
Co-authored-by: Ruben Cuevas <hi@rubencu.com >
Co-authored-by: Pavan Kumar Gondhi <pavangondhi@gmail.com >
Co-authored-by: Shakker <shakkerdroid@gmail.com >
Co-authored-by: Kaspre <36520309+Kaspre@users.noreply.github.com >
Co-authored-by: dataCenter430 <titan032000@gmail.com >
Co-authored-by: Kaspre <kaspre@gmail.com >
Co-authored-by: pandadev66 <nova.full.stack@outlook.com >
Co-authored-by: Eva <admin@100yen.org >
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
Co-authored-by: jeffjhunter <support@aipersonamethod.com >
2026-05-13 13:15:12 +01:00
Alex Naidis
a290cd633f
fix(doctor): repair managed plugin peer links
...
Repair managed npm plugin OpenClaw peer links across doctor, install, and update flows.
- relink `peerDependencies.openclaw` packages under managed npm roots during doctor repair
- make read-only doctor preview broken peer links with a `doctor --fix` hint
- reject target plugin installs when their own peer link cannot be repaired, without blocking unrelated installs for stale sibling packages
- preserve update warning behavior for unrepairable package-local `node_modules`
Verification:
- `pnpm test src/plugins/plugin-peer-link.test.ts src/plugins/install.test.ts src/plugins/install.npm-spec.test.ts src/plugins/update.test.ts src/commands/doctor-plugin-registry.test.ts src/commands/doctor/repair-sequencing.test.ts -- --reporter=verbose`
- `pnpm exec oxfmt --check --threads=1 ...`
- `git diff --check`
- Crabbox/Testbox `tbx_01krde1jx199rnpm2rv1rdcj76`: focused tests + `pnpm check:changed`, exit 0
- Real CLI proof in PR body: read-only `openclaw doctor` warning plus `openclaw doctor --fix` symlink repair
Thanks @TheCrazyLex.
2026-05-12 07:49:08 +01:00
Peter Steinberger
15cf49222f
build: refresh deps and route testbox through crabbox
2026-05-11 03:41:00 +01:00
Peter Steinberger
a39c05559b
fix: preserve Codex auth during route repair
...
Summary:
- repair legacy openai-codex model refs to canonical openai refs without losing Codex auth intent
- keep scoped repairs from broadening runtime policy to unrelated agent/channel routes
- preserve explicit concrete model runtime pins and shield listed-agent canonical refs from default policy spillover
Verification:
- pnpm test src/commands/doctor/shared/codex-route-warnings.test.ts src/config/plugin-auto-enable.core.test.ts src/commands/doctor/shared/missing-configured-plugin-install.test.ts
- env -u OPENCLAW_TESTBOX -u OPENCLAW_TESTBOX_ID pnpm check:changed
- GitHub checks for 81b2934240
2026-05-10 04:53:44 -04:00
MkDev11
e37a3050d9
fix(agents): clean false-live session locks ( #76854 )
...
Summary:
- Clean false-live session locks whose live PID resolves to a non-OpenClaw owner.
- Tighten owner argv detection so generic JS entrypoints require an OpenClaw command token.
- Add regression coverage for generic non-OpenClaw entrypoints and preserve real gateway argv.
Verification:
- pnpm test src/agents/session-write-lock.test.ts src/commands/doctor-session-locks.test.ts
- pnpm test src/infra/gateway-process-argv.test.ts
- pnpm exec oxfmt --check --threads=1 src/agents/session-write-lock.ts src/agents/session-write-lock.test.ts src/commands/doctor-session-locks.ts src/commands/doctor-session-locks.test.ts docs/gateway/doctor.md CHANGELOG.md
- node scripts/run-oxlint.mjs src/agents/session-write-lock.ts src/agents/session-write-lock.test.ts src/commands/doctor-session-locks.ts src/commands/doctor-session-locks.test.ts
- CI workflow success on d42f9c46ef
Co-authored-by: mkdev11 <MkDev11@users.noreply.github.com >
2026-05-10 02:13:55 -04:00
Kevin Lin
b79de62b3c
fix(codex): remove dynamic tools profile option
2026-05-09 21:34:33 -07:00
Andy Ye
368c21e211
fix(daemon): include Homebrew in macOS service PATH
...
Summary:
- Document the canonical macOS LaunchAgent PATH including Apple Silicon Homebrew bin directories.
- Add service-audit regression coverage that flags stale macOS service PATHs missing Homebrew directories.
- Record the user-facing Gateway/macOS fix in the changelog.
Verification:
- Exact PR head 8aa19dde07 was approved, CLEAN, and MERGEABLE before merge.
- GitHub exact-head CI/check-docs/proof lanes were green with no failing or pending check runs.
- pnpm exec oxfmt --check --threads=1 CHANGELOG.md docs/gateway/doctor.md src/daemon/service-audit.test.ts src/daemon/service-env.ts src/daemon/service-env.test.ts src/commands/daemon-install-helpers.test.ts
- pnpm check:changelog-attributions
2026-05-08 17:59:46 -05:00
pashpashpash
02fe0d8978
Keep OpenAI Codex migrations on automatic runtime routing ( #79238 )
...
* fix: keep migrated openai codex routes automatic
* scope runtime policy to providers and models
* fix runtime policy surfaces
* fix ci runtime policy checks
* fix doctor stale session runtime pins
2026-05-08 16:05:35 +09:00
pashpashpash
1c33990108
Route OpenAI agents through Codex by default ( #78899 )
...
* route openai agent runs through codex
* fix: load codex plugin for implicit openai runtime
* fix: preserve explicit OpenAI PI Codex auth routing
* fix: show codex auth for openai model listing
* fix: map codex auth into configured openai list rows
* fix: preserve explicit openai pi auth routes
* docs: keep openai model route examples canonical
* fix: clean openai codex test fixtures
* fix: scope codex auth status fallback
* fix: repair current ci boundary drift
2026-05-07 19:46:49 +09:00
pashpashpash
3a901b5e95
Revert "Install Codex plugin on OpenAI model selection ( #78799 )" ( #78878 )
...
This reverts commit c8f3fecad6 .
2026-05-07 18:13:59 +09:00
pashpashpash
c8f3fecad6
Install Codex plugin on OpenAI model selection ( #78799 )
...
* route openai agent runs through codex
* fix: load codex plugin for implicit openai runtime
* docs: credit openai codex auth fix
* fix(agents): respect custom openai runtime routing
* fix(agents): install codex plugin on openai selection
* fix(agents): preserve OpenAI Codex auth switching
* fix(ci): restore channel contract runner expression
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org >
2026-05-07 01:57:34 -07:00
Peter Steinberger
330ba1fa31
refactor: move canvas to plugin surfaces
2026-05-07 09:07:18 +01:00
Peter Steinberger
a4d7206558
fix(discord): audit voice channel permissions
2026-05-07 04:47:35 +01:00
Kevin Lin
6aafdf121a
fix(cron): repair bad persisted model sentinels ( #78641 )
...
* fix(cron): repair bad persisted model sentinels
* test(cron): relax model preservation assertion
2026-05-06 15:31:21 -07:00
the sun gif man
d4b4660026
config: stop automatic writes and guard Nix mutators ( #78047 )
...
Keep startup-derived plugin enablement, gateway auth tokens, control UI origins, and owner-display secrets runtime-only instead of persisting them into openclaw.json.
Refuse config writers, mutating update/plugin lifecycle commands, and doctor repair/token generation in Nix mode with agent-first nix-openclaw guidance.
Verification:
- pnpm check
- pnpm build
- pnpm test -- src/config/io.write-config.test.ts src/config/mutate.test.ts src/config/io.owner-display-secret.test.ts src/gateway/server-startup-config.recovery.test.ts src/gateway/startup-auth.test.ts src/gateway/startup-control-ui-origins.test.ts src/cli/plugins-cli.install.test.ts src/cli/plugins-cli.policy.test.ts src/cli/plugins-cli.uninstall.test.ts src/cli/plugins-cli.update.test.ts src/cli/update-cli.test.ts src/auto-reply/reply/commands-plugins.install.test.ts src/auto-reply/reply/commands-plugins.test.ts src/commands/onboarding-plugin-install.test.ts src/commands/doctor.runs-legacy-state-migrations-yes-mode-without.e2e.test.ts src/commands/doctor/shared/codex-route-warnings.test.ts src/commands/doctor/repair-sequencing.test.ts src/agents/auth-profile-runtime-contract.test.ts src/auto-reply/reply/agent-runner-execution.test.ts
- GitHub CI green on 05a2c71b90
Co-authored-by: Codex <noreply@openai.com >
2026-05-06 14:43:32 +02:00
Peter Steinberger
24853ced11
docs: outline unified talk API
2026-05-06 02:39:15 +01:00
Vincent Koc
bca6709203
fix(doctor): repair legacy Codex route config
...
Repair legacy openai-codex route config and session pins safely.
2026-05-05 17:42:41 -07:00
Vincent Koc
5a0d6c7ad8
fix(gateway): keep reset and refresh paths responsive ( #77701 )
...
* fix(hooks): keep session memory slugging off reset hot path
* fix(hooks): run session memory capture asynchronously
* fix(cli): avoid stuck gateway command exits
* fix(gateway): cache empty read-only model catalog
* fix(doctor): stop stale TUI clients for WhatsApp responsiveness
2026-05-05 00:59:13 -07:00
Vincent Koc
0131343db8
docs(doctor): clarify configured plugin repair ( #77613 )
2026-05-04 18:16:29 -07:00
Peter Steinberger
b17bb63b9e
fix: repair stale session route state in doctor
2026-05-05 01:51:23 +01:00
Peter Steinberger
b2096d19ec
fix(plugins): default bundled discovery to allowlist
2026-05-04 23:50:03 +01:00
Peter Steinberger
41257a5f6f
fix(plugins): rename bundled allowlist discovery policy
2026-05-04 23:50:03 +01:00