Commit Graph

5207 Commits

Author SHA1 Message Date
Vincent Koc
54cc90b1b1 fix(release): publish ClawHub bootstrap artifacts immutably (#103809)
* fix(release): harden ClawHub bootstrap

* fix(release): centralize publication artifact verification

* fix(release): harden publication artifact verification

* fix(release): lock ClawHub bootstrap toolchain

* test(release): assert locked ClawHub binary

* fix(release): pack with trusted ClawHub harness

* fix(release): bound beta verifier artifact reads

* fix(release): bind target and tooling identities

* fix(release): stabilize signed package ordering

* fix(release): bind ClawHub pretag proof

* fix(release): bind ClawHub OIDC readback

* fix(release): bind ClawHub OIDC readback
2026-07-10 13:33:20 -07:00
Peter Steinberger
fece8c9f54 fix(release): keep validation evidence immutable across reruns (#103906)
* fix(release): bind validation evidence to exact attempts

* test(release): cover exact validation attempts
2026-07-10 20:16:19 +01:00
Vincent Koc
69f8198ba3 fix(release): keep no-push Docker images validation-only (#103891)
* fix(release): make no-push Docker artifacts portable

* fix(release): keep no-push images validation-only
2026-07-10 12:02:57 -07:00
Vincent Koc
2a1d6e49d5 fix(ci): run Telegram release QA from trusted harness (#103207)
* fix(ci): use trusted Telegram QA harness

* fix(ci): restrict trusted Telegram QA candidate

* fix(ci): isolate trusted Telegram QA candidate

* fix(ci): harden Telegram QA process boundary

* fix(ci): pass Telegram QA release gates

* test(qa): stub Telegram env explicitly

* fix(ci): harden Telegram release QA boundary

* test(ci): harden trusted workflow and memory guards
2026-07-10 11:32:24 -07:00
Peter Steinberger
b91e117dcd fix(ci): select full Kova performance reports (#103863) 2026-07-10 19:01:30 +01:00
Peter Steinberger
b597a8d364 fix(release): restore prerelease and release validation startup (#103834)
* fix(release): split image publication from validation

* fix(ci): honor install smoke caller input

* fix(ci): harden Docker rerun targeting
2026-07-10 18:46:08 +01:00
Peter Steinberger
906f1b816f fix(ci): update Kova performance model owners (#103839) 2026-07-10 18:08:37 +01:00
Peter Steinberger
050177c784 fix(clawdock): scope confirmation response (#103837) 2026-07-10 18:06:06 +01:00
Dallin Romney
0b9c2e6f95 fix(qa): simplify smoke lanes and isolate fanout (#102262)
* fix(qa): simplify smoke lanes and isolate fanout

* ci: re-enable repaired QA smoke lanes

* ci: split Crabline smoke into three shards

* ci: eliminate repeated QA smoke builds

* fix(qa): focus control ui smoke scenario

* ci(qa): remove smoke worker launch delay

* ci(qa): bound automatic smoke coverage
2026-07-10 09:48:40 -07:00
Peter Steinberger
c08599c17b fix(clawdock): preserve sourced zsh PATH (#103805)
Co-authored-by: wenhua <lshgdut@qq.com>
2026-07-10 17:46:08 +01:00
Vincent Koc
90322074dd fix(ci): validate Kova bin-only dependency (#103810) 2026-07-10 09:41:01 -07:00
Vincent Koc
daa653c5cc ci(release): add plugin npm artifact preflight (#103759)
* ci(release): add plugin npm preflight proof

* fix(release): bind plugin preflight package evidence

* fix(release): harden plugin preflight trust

* fix(release): bind plugin registry readback

* fix(release): retry npm packument bodies

* fix(release): retry malformed npm packuments

* fix(release): satisfy npm preflight lint
2026-07-10 09:39:10 -07:00
Peter Steinberger
e43f225c81 fix(release): prevent stale beta validation evidence (#103798)
* fix(release): ignore nested squash revert markers

* fix(release): preserve squash revert targets

* docs(release): state installer doctor contract

* fix(release): recognize conventional squash reverts
2026-07-10 17:26:56 +01:00
Vincent Koc
afd0c60f15 fix(ci): bind release status artifacts to run attempts (#103772)
* fix(ci): bind release status artifacts to run attempts

* test(ci): align release summary contract assertions

* fix(ci): preserve Tideclaw advisory status policy
2026-07-10 09:06:42 -07:00
Vincent Koc
155e196e22 fix(release): preserve beta validation evidence (#103796)
* fix(release): proxy upgrade fixtures to npm

(cherry picked from commit 30f54a5fe1)

* fix(release): require installer doctor evidence

(cherry picked from commit 0782a94452)

* test(qa): scope aborted restart outcome to Codex

(cherry picked from commit ac54f80430)

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 09:05:14 -07:00
Peter Steinberger
bd9b1b428c perf(test): scope unit-fast discovery 2026-07-10 12:00:14 -04:00
Peter Steinberger
366d09bcc7 fix(ci): harden release performance evidence (#103790) 2026-07-10 16:59:10 +01:00
Peter Steinberger
5635d74ecc fix(release): contain installer artifact restores (#103608) 2026-07-10 08:27:24 -07:00
Vincent Koc
cbe3731f77 fix(release): make validation proof no-write (#103737)
* fix(release): make validation proof no-write

* test(release): align no-write workflow contracts
2026-07-10 08:18:44 -07:00
Peter Steinberger
48b8dff530 perf(test): accelerate PR lock timing proofs 2026-07-10 11:02:57 -04:00
Peter Steinberger
1439646f19 fix(ci): harden maturity scorecard publication (#103722) 2026-07-10 15:25:15 +01:00
JC
59e95fe3fd feat: support GPT-5.6 Ultra across OpenClaw and Codex runtimes (#98021)
* feat: support GPT-5.6 Ultra across agent runtimes

Co-authored-by: J Cai <anyech@gmail.com>

* fix: keep harness projections discovery-free

* fix(codex): mirror V2 native subagent tasks

* chore: refresh plugin SDK surface budgets

* test: expose Ultra wire effort proof

* test(cron): avoid hoisted mock initialization race

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 15:23:24 +01:00
Peter Steinberger
ea6aa1dc75 fix(pr): prevent same-PR operations from overlapping (#103669)
* fix(pr): serialize operations per pull request

* fix(pr): tighten supervisor error handling
2026-07-10 13:34:03 +01:00
Peter Steinberger
a238dead67 fix(docker): package selected external plugins in source-built images (#103629)
* build(docker): package selected external plugins

* test(docker): auto-clean plugin fixture

* fix(docker): preserve selected image provenance

* fix(docker): accept manifest-only plugin selections

* fix(docker): resolve selected plugin manifest ids

* fix(docker): isolate resolved plugin selection
2026-07-10 13:00:50 +01:00
Peter Steinberger
13819996ad fix(ci): preflight generated PR app permissions (#103671) 2026-07-10 12:57:30 +01:00
Peter Steinberger
a3ef0153fb fix(ci): restore manually dispatched live suites (#103654) 2026-07-10 12:26:44 +01:00
Peter Steinberger
d72e618818 fix(ci): split locale publisher app permissions (#103644)
* fix(ci): split locale publisher app permissions

* fix(ci): prevent stale locale publication
2026-07-10 12:16:03 +01:00
Peter Steinberger
62bd760c0e chore(swift): enforce current formatting and lint rules (#103313)
* style: apply SwiftFormat 0.62.1 rules

Refs #103202

* ci: enforce deterministic Swift lint

Refs #103202

* refactor: keep gateway connect lint-clean

Refs #103202

* style: keep iOS typography checks warning-free

* ci: route MLX Swift changes through pre-push

* fix: preserve native i18n extraction after Swift cleanup

* refactor: keep rebased Swift surfaces lint-clean

* style: format latest Swift additions

* chore: refresh native i18n inventory

* style: keep generated Swift formatter-clean

* fix: preserve node route invalidation callbacks

* fix: keep native translation IDs stable

* fix: retain native translation identifiers

* fix: preserve translations across Swift source moves
2026-07-10 11:54:08 +01:00
Peter Steinberger
bcf2798920 fix(ci): publish locale refreshes through exact merge (#103625) 2026-07-10 11:25:25 +01:00
Peter Steinberger
8d66e47773 fix(release): prove registry tarball identity before resuming a publish
Codex review: version existence alone does not prove the npm registry
serves the tarball this tag's preflight built — the same version could
have been published from a different artifact and npm versions are
immutable. The resume resolver now downloads the preflight manifest,
requires its releaseSha to match the target, and compares the published
registry tarball's sha256 against the manifest before skipping the core
dispatch; mismatches abort with correction-tag guidance.
2026-07-10 03:09:10 -07:00
Peter Steinberger
ef22e77f0b perf(release): make publish reruns resumable and promote assets concurrently
The 2026.7.1 retro measured ~13h tag-to-published for beta.2 and stable
2026.6.11; any post-npm failure previously hard-aborted retries because
the already-published guard refused the whole run.

- resolve_openclaw_npm_publish_state replaces the abort guard: an
  already-published core version skips the core npm dispatch and resumes
  the remaining stages; verify_published_release still proves the
  registry state matches the tag before the page leaves draft.
- Windows and Android promotion runs concurrently with the core npm
  publish (their only shared prerequisite is the draft release page,
  which is now created before the dispatch) and each promotion
  short-circuits when the release already carries its verified asset
  contract, so retries only redo failed stages.
- The release proof cites the core npm run only when this run dispatched
  one; resumed publishes rely on the registry package check.
2026-07-10 03:09:09 -07:00
Peter Steinberger
fde42b5eea perf(ci): reuse npm preflight build outputs on same-SHA re-runs
The preflight ran 61 times at ~14 minutes during 2026.7.1, redoing the
full build and Control UI build after every late-step failure. Restore
dist outputs from an actions/cache keyed on the resolved target SHA and
lockfile hash (mirroring ci.yml's dist-build cache) so re-runs skip only
the build producers; every validation step still runs against the
restored artifacts.
2026-07-10 03:09:08 -07:00
Peter Steinberger
4bc300843d fix(qa): keep runtime parity tiers flow-compatible (#103609)
* fix(qa): keep runtime parity tiers flow-compatible

Refs #103588

* test(qa): follow canonical frontier defaults
2026-07-10 10:51:13 +01:00
Peter Steinberger
7fe004d852 feat: show build identity in About screens (#103595)
* feat: show build identity in About screens

* chore: leave root changelog to release automation

* fix: translate Control UI About build details
2026-07-10 10:42:36 +01:00
Peter Steinberger
ab5d143d59 feat(openai): default new setups to GPT-5.6 (#103581)
* feat(openai): default fresh setup to GPT-5.6

* test(crestodian): expect GPT-5.6 Codex defaults

* test(crestodian): expect GPT-5.6 bootstrap default
2026-07-10 10:22:58 +01:00
Vincent Koc
8755077fe4 fix(release): bundle AI runtime in installer smoke (#103556)
* fix(release): bundle AI runtime in installer smoke

* fix(release): verify bundled AI runtime loadability

* fix(release): preserve advisory doctor exits

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 02:13:41 -07:00
Peter Steinberger
96ec6048eb test(e2e): stabilize ClawRouter log assertions (#103536) 2026-07-10 10:11:30 +01:00
Peter Steinberger
eefe2e8837 fix(release): let alpha tags publish from their exact changelog heading
Shipped alpha tags carry a dedicated ## X-alpha.N heading with no base
section (see v2026.6.20-alpha.1's tagged CHANGELOG.md); the renderer and
candidate provenance now prefer that dedicated heading for alpha and
correction tags while beta/stable remain pinned to the stable base
section per #103222.
2026-07-10 02:06:53 -07:00
Peter Steinberger
c2b4ac02da fix(release): align correction sections, retries, and merged ledger semantics
Codex review + test findings on the pipeline convergence:
- candidate changelog provenance now validates the same section the
  renderer publishes (correction tags may carry their own heading) via a
  shared correctionVersionForTag helper
- guard_existing_public_release accepts a canonical proofless body with
  intact dependency evidence, matching the renderer's documented
  proof-omitted-at-limit state; retries re-append the proof
- ledgerFor regains main's noteReferences threading so prose-cited PRs
  keep their contribution-record rows, and the ledger/verify tests pin
  the merged entry shape (externalReferences) and highlight gate
2026-07-10 02:06:52 -07:00
Peter Steinberger
336e43c314 fix(release): converge on the render-github-release-notes pipeline
Two competing release-notes pipelines existed: the release branch's
hardened render/verify/provenance pipeline (a486f3ab08 + dcee1da876,
battle-tested by 2026.7.1) and main's lighter prepare-github-release-notes
size gate (#103222). Repo policy is one canonical path; the release-branch
pipeline wins and main's unique value is grafted in:

- scripts/render-github-release-notes.mjs becomes the canonical release
  body renderer (full/compact 125k char+byte modes, tag-pinned record
  link, verification tail, canonical shipped-baseline format), now also
  preferring a correction tag's dedicated changelog section (from
  prepare's heading matrix).
- verify-release-notes.mjs is a three-way merge: release's --shipped-ref
  cumulative baselines, provenance checks, highlights gate, and the
  excluded-record rewrite fix, plus main's compact contribution rows,
  externalReferences threading, and both-heading parser compat.
- release-candidate-checklist.mjs gains validateCandidateCheckout and
  changelog-provenance gates that run before any dispatch.
- openclaw-release-publish.yml keeps main's fail-before-mutation early
  notes gate (retargeted to the renderer) and adopts release's
  render/verify_release_tag_target/canonical_release_body_matches flow.
- scripts/prepare-github-release-notes.mjs and its test are deleted;
  release-notes-ledger.test.ts stays and pins the merged verify exports.
- .gitignore tracks every repo skill for Git-aware syncs; SKILL.md
  runbooks and RELEASING.md document the converged contract.
2026-07-10 02:06:52 -07:00
Peter Steinberger
b07ebe3ff3 feat: correlate managed agent requests (#103476) 2026-07-10 08:42:55 +01:00
Peter Steinberger
ace2407acd fix(ci): compare the full harness surface for evidence reuse
Codex review round four: workflows execute helper scripts from the
workflow ref, so comparing only the .github/workflows tree missed
script-only harness changes. Harness equivalence now means the git tree
diff between the candidate run's head SHA and the current workflow SHA
is itself release-metadata-only, using the same canonical classifier as
the target delta. The classifier's worktree overlay no longer applies
when --head is an explicit SHA, keeping SHA-exact comparisons exact.
2026-07-10 00:21:26 -07:00
Peter Steinberger
494987fa6e fix(ci): require an identical workflow harness for evidence reuse
Codex review round three: a prior green run may have executed with
different lane definitions; the resolver now compares the candidate
run head SHA's .github/workflows tree against the current workflow
ref before accepting its manifest.
2026-07-10 00:21:25 -07:00
Peter Steinberger
e8a634f714 test(release): pin extended preflight usage line 2026-07-10 00:21:25 -07:00
Peter Steinberger
e98bb5942a fix(ci): scope beta advisory to live-provider suites and validate reuse targets
Codex review round two: the reusable advisory input is global, so beta
would also have softened hermetic repo/OpenShell E2E — add a scoped
live_advisory input that only covers the live-provider suite jobs and
narrow the umbrella fail-fast exclusion to those job names. Evidence
reuse now also runs the macOS source-version consistency check against
the target (release-preflight --macos-versions-only) so version-stamp
deltas cannot reuse evidence while version surfaces disagree.
2026-07-10 00:21:24 -07:00
Peter Steinberger
6bb240b6da fix(ci): match validation inputs and recheck child runs before evidence reuse
Codex review findings: evidence reuse must not let a default-input run
stand in for a focused provider/mode/filter/package-spec run, and
recorded child runs can be re-run to failure while the parent stays
green. Manifests now record validationInputs; the resolver requires an
exact input match and healthy child runs, and the summary re-verifies
the chain root plus its recorded children. Reuse-mode evidence dispatch
notes now disclose the chain-root relationship.
2026-07-10 00:21:24 -07:00
Peter Steinberger
d3959d97a6 test(ci): pin new release validation concurrency and preflight guards 2026-07-10 00:21:23 -07:00
Peter Steinberger
87f98090e1 feat(ci): reuse release validation evidence and speed up the release pipeline
- Full Release Validation now checks for a prior green validation whose
  target differs only by release metadata (changelog/version stamps) and
  reuses that evidence instead of re-running every lane; disable with
  reuse_evidence=false. Evidence manifests chain through reuse runs via
  evidenceReuse.runId and the summary re-verifies the chain root.
- The Docker runtime-assets preflight no longer serializes the CI,
  plugin-prerelease, release-checks, and performance lanes; it runs in
  parallel and stays enforced by the umbrella verifier.
- Umbrella runs for release/* refs now supersede in-progress runs with
  the same ref and rerun group instead of requiring manual cancels.
- release_profile=beta treats the live-provider E2E suites as advisory
  (third-party model deployments move underneath releases); stable and
  full profiles keep them blocking, and beta live failures no longer
  fail-fast-cancel the remaining release-check matrix.
2026-07-10 00:21:23 -07:00
Vincent Koc
d6b38e2eae fix(release): validate macOS source versions
(cherry picked from commit f7aea57edb)
2026-07-10 00:21:22 -07:00
Vincent Koc
27ceb13e21 fix(ci): select trusted release harness for Docker lanes (#103504) 2026-07-10 00:13:06 -07:00