Commit Graph

268 Commits

Author SHA1 Message Date
Peter Steinberger
49941fab6d fix(ci): keep hydrate-github pnpm shims writable (#103971) 2026-07-10 23:36:10 +01:00
Vincent Koc
b0e3c85a61 fix(release): bind publish children to trusted SHAs (#103913)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 23:25:26 +01:00
Vincent Koc
022dd9dc27 fix(release): unblock Meta npm bootstrap publication (#103951)
* fix(release): isolate Meta npm bootstrap

* test(release): assert OIDC npm version guard
2026-07-10 14:50:00 -07:00
Vincent Koc
54cc90b1b1 fix(release): publish ClawHub bootstrap artifacts immutably (#103809)
* fix(release): harden ClawHub bootstrap

* fix(release): centralize publication artifact verification

* fix(release): harden publication artifact verification

* fix(release): lock ClawHub bootstrap toolchain

* test(release): assert locked ClawHub binary

* fix(release): pack with trusted ClawHub harness

* fix(release): bound beta verifier artifact reads

* fix(release): bind target and tooling identities

* fix(release): stabilize signed package ordering

* fix(release): bind ClawHub pretag proof

* fix(release): bind ClawHub OIDC readback

* fix(release): bind ClawHub OIDC readback
2026-07-10 13:33:20 -07:00
Peter Steinberger
fece8c9f54 fix(release): keep validation evidence immutable across reruns (#103906)
* fix(release): bind validation evidence to exact attempts

* test(release): cover exact validation attempts
2026-07-10 20:16:19 +01:00
Vincent Koc
2a1d6e49d5 fix(ci): run Telegram release QA from trusted harness (#103207)
* fix(ci): use trusted Telegram QA harness

* fix(ci): restrict trusted Telegram QA candidate

* fix(ci): isolate trusted Telegram QA candidate

* fix(ci): harden Telegram QA process boundary

* fix(ci): pass Telegram QA release gates

* test(qa): stub Telegram env explicitly

* fix(ci): harden Telegram release QA boundary

* test(ci): harden trusted workflow and memory guards
2026-07-10 11:32:24 -07:00
Peter Steinberger
b597a8d364 fix(release): restore prerelease and release validation startup (#103834)
* fix(release): split image publication from validation

* fix(ci): honor install smoke caller input

* fix(ci): harden Docker rerun targeting
2026-07-10 18:46:08 +01:00
Vincent Koc
afd0c60f15 fix(ci): bind release status artifacts to run attempts (#103772)
* fix(ci): bind release status artifacts to run attempts

* test(ci): align release summary contract assertions

* fix(ci): preserve Tideclaw advisory status policy
2026-07-10 09:06:42 -07:00
Vincent Koc
cbe3731f77 fix(release): make validation proof no-write (#103737)
* fix(release): make validation proof no-write

* test(release): align no-write workflow contracts
2026-07-10 08:18:44 -07:00
JC
59e95fe3fd feat: support GPT-5.6 Ultra across OpenClaw and Codex runtimes (#98021)
* feat: support GPT-5.6 Ultra across agent runtimes

Co-authored-by: J Cai <anyech@gmail.com>

* fix: keep harness projections discovery-free

* fix(codex): mirror V2 native subagent tasks

* chore: refresh plugin SDK surface budgets

* test: expose Ultra wire effort proof

* test(cron): avoid hoisted mock initialization race

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 15:23:24 +01:00
Peter Steinberger
8d66e47773 fix(release): prove registry tarball identity before resuming a publish
Codex review: version existence alone does not prove the npm registry
serves the tarball this tag's preflight built — the same version could
have been published from a different artifact and npm versions are
immutable. The resume resolver now downloads the preflight manifest,
requires its releaseSha to match the target, and compares the published
registry tarball's sha256 against the manifest before skipping the core
dispatch; mismatches abort with correction-tag guidance.
2026-07-10 03:09:10 -07:00
Peter Steinberger
ef22e77f0b perf(release): make publish reruns resumable and promote assets concurrently
The 2026.7.1 retro measured ~13h tag-to-published for beta.2 and stable
2026.6.11; any post-npm failure previously hard-aborted retries because
the already-published guard refused the whole run.

- resolve_openclaw_npm_publish_state replaces the abort guard: an
  already-published core version skips the core npm dispatch and resumes
  the remaining stages; verify_published_release still proves the
  registry state matches the tag before the page leaves draft.
- Windows and Android promotion runs concurrently with the core npm
  publish (their only shared prerequisite is the draft release page,
  which is now created before the dispatch) and each promotion
  short-circuits when the release already carries its verified asset
  contract, so retries only redo failed stages.
- The release proof cites the core npm run only when this run dispatched
  one; resumed publishes rely on the registry package check.
2026-07-10 03:09:09 -07:00
Peter Steinberger
4bc300843d fix(qa): keep runtime parity tiers flow-compatible (#103609)
* fix(qa): keep runtime parity tiers flow-compatible

Refs #103588

* test(qa): follow canonical frontier defaults
2026-07-10 10:51:13 +01:00
Peter Steinberger
7fe004d852 feat: show build identity in About screens (#103595)
* feat: show build identity in About screens

* chore: leave root changelog to release automation

* fix: translate Control UI About build details
2026-07-10 10:42:36 +01:00
Peter Steinberger
c2b4ac02da fix(release): align correction sections, retries, and merged ledger semantics
Codex review + test findings on the pipeline convergence:
- candidate changelog provenance now validates the same section the
  renderer publishes (correction tags may carry their own heading) via a
  shared correctionVersionForTag helper
- guard_existing_public_release accepts a canonical proofless body with
  intact dependency evidence, matching the renderer's documented
  proof-omitted-at-limit state; retries re-append the proof
- ledgerFor regains main's noteReferences threading so prose-cited PRs
  keep their contribution-record rows, and the ledger/verify tests pin
  the merged entry shape (externalReferences) and highlight gate
2026-07-10 02:06:52 -07:00
Peter Steinberger
336e43c314 fix(release): converge on the render-github-release-notes pipeline
Two competing release-notes pipelines existed: the release branch's
hardened render/verify/provenance pipeline (a486f3ab08 + dcee1da876,
battle-tested by 2026.7.1) and main's lighter prepare-github-release-notes
size gate (#103222). Repo policy is one canonical path; the release-branch
pipeline wins and main's unique value is grafted in:

- scripts/render-github-release-notes.mjs becomes the canonical release
  body renderer (full/compact 125k char+byte modes, tag-pinned record
  link, verification tail, canonical shipped-baseline format), now also
  preferring a correction tag's dedicated changelog section (from
  prepare's heading matrix).
- verify-release-notes.mjs is a three-way merge: release's --shipped-ref
  cumulative baselines, provenance checks, highlights gate, and the
  excluded-record rewrite fix, plus main's compact contribution rows,
  externalReferences threading, and both-heading parser compat.
- release-candidate-checklist.mjs gains validateCandidateCheckout and
  changelog-provenance gates that run before any dispatch.
- openclaw-release-publish.yml keeps main's fail-before-mutation early
  notes gate (retargeted to the renderer) and adopts release's
  render/verify_release_tag_target/canonical_release_body_matches flow.
- scripts/prepare-github-release-notes.mjs and its test are deleted;
  release-notes-ledger.test.ts stays and pins the merged verify exports.
- .gitignore tracks every repo skill for Git-aware syncs; SKILL.md
  runbooks and RELEASING.md document the converged contract.
2026-07-10 02:06:52 -07:00
Peter Steinberger
6bb240b6da fix(ci): match validation inputs and recheck child runs before evidence reuse
Codex review findings: evidence reuse must not let a default-input run
stand in for a focused provider/mode/filter/package-spec run, and
recorded child runs can be re-run to failure while the parent stays
green. Manifests now record validationInputs; the resolver requires an
exact input match and healthy child runs, and the summary re-verifies
the chain root plus its recorded children. Reuse-mode evidence dispatch
notes now disclose the chain-root relationship.
2026-07-10 00:21:24 -07:00
Peter Steinberger
d3959d97a6 test(ci): pin new release validation concurrency and preflight guards 2026-07-10 00:21:23 -07:00
krissding
1a0dc9b83f fix(opencode-go): remove deprecated mimo-v2-omni and mimo-v2-pro model aliases (#103329)
* fix(opencode-go): remove deprecated mimo-v2-omni and mimo-v2-pro model aliases

These deprecated aliases reject agent requests from the OpenCode Go gateway.
Remove them from the provider catalog and clean up all references in probe
skip lists, CI workflows, and tests.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix(opencode-go): complete deprecated MiMo cleanup

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 06:49:09 +01:00
Peter Steinberger
cd2f70c7ab fix(ci): pin DeepSeek live gateway models (#103321) 2026-07-10 04:43:16 +01:00
Peter Steinberger
a24139e199 ci: require enabled Telegram package proof (#103310) 2026-07-10 04:24:36 +01:00
Peter Steinberger
31f76b9792 fix(release): validate GitHub notes before publish (#103222) 2026-07-10 02:33:23 +01:00
Peter Steinberger
71f7fef7a2 fix(ci): isolate OpenWebUI release smoke (#103095)
* fix(ci): isolate OpenWebUI release smoke

* docs: format release validation table
2026-07-09 21:38:33 +01:00
Peter Steinberger
aca96d2dcf ci: retry transient release workflow reads (#102896) 2026-07-09 15:34:02 +01:00
Peter Steinberger
11dda0e5fd ci: make release child dispatch idempotent (#102858) 2026-07-09 15:03:46 +01:00
Vincent Koc
0535679083 fix(release): validate exact prepared npm package sets (#102759)
* fix(release): validate prepared npm package sets

Forward-port the beta3 package-set preflight, Telegram, and Parallels validation to main while preserving main's existing Bun install smoke. Recompute decoded proxy response lengths and require artifact tarballs to exactly match the verified manifest.

* fix(release): lock fixture registry proxy origin
2026-07-09 05:19:24 -07:00
brokemac79
037412ec7d ci(mantis): add web UI chat proof lane (#100472)
* ci(mantis): add web ui chat proof lane

* ci(mantis): tighten web ui proof candidate parsing

* ci: tighten Mantis Web UI proof lane

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 10:54:35 +01:00
Peter Steinberger
054e3675e1 feat(android): publish signed APKs with stable releases (#101212)
* feat(android): publish signed release APKs

* fix(android): preserve fallback corrections

* test(android): isolate APK signer fixtures

* docs: refresh generated docs map
2026-07-07 00:39:59 +01:00
Peter Steinberger
2424fdf8e5 ci: keep native landing validation off queued Blacksmith capacity (#101196)
* ci: route native i18n release gates to hosted runners

* ci: keep Testbox PR validation on hosted runners

* fix(ci): gate Testbox lifecycle to real leases
2026-07-06 23:14:27 +01:00
Vincent Koc
96e676c2b3 fix(release): hydrate fresh Anthropic OAuth access 2026-07-06 04:20:58 -07:00
Vincent Koc
cbf9acff37 fix(release): reuse setup-token for Anthropic live checks 2026-07-06 03:46:22 -07:00
Vincent Koc
fa70403403 fix(release): isolate Claude ACP subscription auth 2026-07-06 02:58:59 -07:00
Vincent Koc
23f492fcaf test(release): cover pinned Claude CLI install 2026-07-06 00:41:41 -07:00
Vincent Koc
7b6b39e0f8 fix(ci): keep full Anthropic Docker proof advisory 2026-07-05 23:01:01 -07:00
Kevin Lin
5fdaa04eca feat(qa-lab): add Codex Slack approval scenarios (#91519)
* feat(qa-lab): add codex slack approval scenarios

* fix(qa-lab): harden Codex Slack approval proof

* fix(qa-lab): validate Codex approval model

* test(qa-lab): verify approved Codex operation

* fix(qa-lab): normalize Slack QA account routing

* fix(qa-lab): read Codex tool result transcripts

* fix(qa-lab): harden Codex approval cleanup

* fix(qa-lab): support Codex Mantis checkpoints

* fix(qa-lab): repair Mantis pnpm bootstrap

* fix(qa-lab): normalize Codex tool result text

* fix(qa-lab): scope Mantis pnpm fallback

* fix(qa-lab): bootstrap pinned pnpm without npm

* fix(qa-lab): terminate pnpm metadata record

* fix(qa-lab): bootstrap official node for mantis

* fix(qa-lab): make mantis pnpm shim executable

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-05 22:47:18 +01:00
Vincent Koc
7dac5c2778 fix(ci): install release packaging dependencies (#100459) 2026-07-05 14:33:10 -07:00
Peter Steinberger
062f88e3e3 refactor: extract reusable AI runtime package (#99059)
* refactor: extract reusable AI runtime package

* refactor: complete AI provider relocation

* refactor: keep llm core internal

* refactor(ai): make @openclaw/ai self-contained with host policy ports

Move pure transport helpers (tool projections, strict-schema normalization,
prompt-cache boundary, stream guards, anthropic/openai compat, request
activity) from src into packages/ai; move utf16-slice into
normalization-core. Inject host policy (guarded fetch, redaction,
strict-tool defaults, diagnostics logging) through AiTransportHost with
inert library defaults installed by src/llm/stream.ts. Narrow the public
barrel to instance-scoped createApiRegistry/createLlmRuntime; the
process-default runtime moves behind internal/ and
registerBuiltInApiProviders takes an explicit registry. Delete the
src/llm/api-registry re-export facade.

* fix(ai): teach node, jiti, and vite resolvers the @openclaw/ai and utf16-slice subpaths

The workspace alias tables in root-alias.cjs, plugin-sdk-native-resolver,
sdk-alias, the shared vitest config, and the Control UI vite config only
knew @openclaw/llm-core; Node-side plugin loading resolved @openclaw/ai
through the pnpm symlink to the unbuilt dist (checks-node-compact CI
failures), and the Control UI build broke on the new
normalization-core/utf16-slice subpath.

* chore(ui): drop leftover service-worker debug logging

* build(release): ship @openclaw/ai with its own shrinkwrap and honest dependency set

packages/ai declares only its six real runtime deps (kysely, chalk, json5,
tslog, zod, fs-safe, and proxyline were never imported); orphaned root deps
removed. generate-npm-shrinkwrap now treats publishable packages/* like
publishable plugins so the AI tarball pins its transitive tree even though
workspace deps are omitted from the root shrinkwrap. knip learns the
package entry points; the tsdown dts neverBundle option moves to its
documented deps.dts home; the README documents the no-semver internal/*
contract and host ports.

* docs(ai): add minimal external-consumer example app

examples/ai-chat consumes only the public @openclaw/ai surface (built dist
via the workspace link): isolated runtime, built-in provider registration,
one streamed completion. Supports Anthropic/OpenAI via env keys and a
keyless local Ollama target; live-verified against Ollama.

* docs(ai): document the @openclaw/ai package and workspace shrinkwrap boundary

* chore(check): include examples/ in duplicate-scan targets

* fix: emit normalization package subpaths

* fix: complete AI package boundary artifacts

* fix: align AI package boundary contracts

* fix(ci): stabilize package release contracts

* test: align documentation contract checks

* test: keep cron docs guard aligned

* test: align restored docs contract guards

* test: follow upstream docs contracts

* docs: drop superseded talk wording
2026-07-05 01:56:40 -04:00
Kevin Lin
ba7b5db74c feat(release): add monthly npm extended-stable publication (#99352)
* feat(release): add npm stable publication

* fix(release): allow stable full validation

* feat(release): add stable guard test bypass

* fix(release): allow stable maintenance after month rollover

* docs: refresh release documentation map

* refactor(release): rename monthly channel to extended-stable

* fix(release): repair extended-stable selector forward

* docs(release): fix extended-stable link
2026-07-04 08:22:39 -07:00
Peter Steinberger
716b351619 feat: allow custom sandbox image tags (#99915)
* feat: allow custom sandbox image tags

* test: align Crabbox default acceptance
2026-07-04 06:40:45 -04:00
Patrick Erichsen
5a89484eb3 fix: preserve legacy ClawHub plugin family (#98249) 2026-06-30 12:20:08 -07:00
Patrick Erichsen
5e0652f284 fix: bump ClawHub publish CLI pin (#98233) 2026-06-30 11:26:51 -07:00
Patrick Erichsen
d43366b4e3 ci: bump ClawHub package publish workflow (#97907) 2026-06-29 12:17:49 -07:00
Josh Avant
cee2aca409 Scope agent cron operations to the calling agent (#96883)
* Scope agent cron operations to caller

* Scope OpenClaw tools MCP cron by session

* Address cron scope review feedback

* Preserve unscoped cron update retargeting

* Move cron caller identity into gateway context

* Clarify Gateway restart guidance

* Add cron caller identity regression proof
2026-06-26 21:41:14 -05:00
Vincent Koc
59713194fc fix(ci): avoid relinking identical node tools 2026-06-24 02:43:25 +08:00
Vincent Koc
78a8caef38 fix(release): require postpublish evidence artifact 2026-06-23 14:53:14 +08:00
Vincent Koc
3e84836b01 fix(ci): require release QA evidence artifacts 2026-06-23 14:30:11 +08:00
Vincent Koc
381cec0051 fix(ci): require live proof evidence artifacts
Require live Mantis and Telegram proof artifact uploads to fail when evidence is missing and guard the workflow invariant.
2026-06-23 12:43:09 +08:00
Vincent Koc
cfff6b2ac6 fix(ci): require QA live evidence artifacts
Require QA live artifact uploads to fail when evidence is missing and guard the workflow invariant.
2026-06-23 12:07:48 +08:00
Vincent Koc
ca0eb62c87 fix(ci): finalize Windows Testbox after setup failures
Ensure the Windows Testbox workflow runs its lifecycle loop after setup failures and guard the shared Testbox finalization invariant.
2026-06-23 11:47:10 +08:00
Vincent Koc
f80d9b6eae fix(ci): finalize testbox sessions after setup failures
Ensure Testbox wrapper workflows finalize backend sessions even when setup fails, align the check timeout fallback with the documented 120-minute default, and guard the workflow invariants.
2026-06-23 11:26:30 +08:00