Commit Graph

15788 Commits

Author SHA1 Message Date
Peter Steinberger
801ec63f92 refactor(cli): rely on Commander contracts (#106366) 2026-07-13 05:05:31 -07:00
Peter Steinberger
d262cad41f refactor: burn down Matrix, Telegram, and outbound dead exports (#106153)
* refactor(matrix): remove unused internal exports

* refactor(telegram): remove unused internal exports

* refactor(matrix): remove stale thread binding imports

* refactor(outbound): remove unused internal exports

* style(outbound): format dead export cleanup
2026-07-13 04:39:58 -07:00
Peter Steinberger
418dd85e66 improve: speed up focused test execution (#106307)
* test: speed up focused test execution

* style: format vitest config test

* test: preserve targeted watch routing
2026-07-13 04:38:05 -07:00
Peter Steinberger
279f21e02b chore(deps): remove redundant Commander declarations (#106345) 2026-07-13 04:34:19 -07:00
Peter Steinberger
fa963eee06 refactor(copilot): use SDK contracts (#106208) 2026-07-13 04:00:17 -07:00
Joshua West
392a02a396 fix(workboard): resolve parent dependency status via targeted lookups, not a full-corpus scan (#104668)
* fix(workboard): resolve parent dependency status via targeted lookups, not a full-corpus scan

dependencyTargetStatus() called the fully unscoped store.list() (every card,
every board, fully materialized via entries()+readCard()) just to look up the
status of a card's own parent id(s) -- almost always exactly one. dispatch()
calls promoteDependencyReady() once per card in its board-scoped pass, so
every parented card in that pass re-paid for a full-corpus re-scan.

Confirmed via a live CDP CPU profile of a real "openclaw workboard dispatch"
call (--inspect attached to a running gateway, Profiler.start/stop scoped to
the repro, elapsed 161.8s matching a known 160s+ stall): 93.3% of the time
(142s + 8.7s of 162s) was inside native SQLite all()/prepare() bindings, all
funneling through dispatch -> promoteDependencyReady -> dependencyTargetStatus
-> list -> entries -> readCard (readCard issues 4 separate synchronous SQL
statements per card). On a corpus of ~5770 cards, this is O(parented_cards_in_pass
x corpus_size x 4_queries) -- a genuine algorithmic defect, not event-loop
starvation from a concurrent session as originally suspected for this symptom.

Replace the unscoped list()+Map lookup with targeted get(parentId) calls
(already a single indexed-row lookup used everywhere else in this file) --
O(parents.length), normally O(1), instead of O(corpus size). Behavior is
unchanged: parent?.status === "done" on the get() result is exactly what
cards.get(parentId)?.status === "done" computed from the unscoped list().

Adds a regression test asserting the underlying store's entries() is called
at most once while promoting 8 parented cards together in one dispatch pass
(would have been 9 calls before this fix -- 1 outer scoped list() + 1 inner
unscoped list() per parented card).

* fix(workboard): address review feedback on dependency-target-status fastpath

Two findings from the automated PR review, both confirmed real:

- Remove an incomplete, unrelated active-owner fast-path (listActiveOwnerIds()
  in store.ts + its cross-board test in store.test.ts) that leaked into this
  commit from separate, still-in-progress local work. It imported
  WorkboardActiveOwnerQueryable, a type that isn't defined anywhere in this
  PR's tree, breaking typecheck and the bundled-extension lint check. Not
  part of the dependencyTargetStatus fix this PR is scoped to.
- Replace the comparator-free, mutating .sort() calls in the new dependency
  regression test with .toSorted() plus an explicit localeCompare comparator,
  per the repo's lint rules.

Re-ran locally against just these two files (the actual PR diff, review WIP
set aside): pnpm lint --threads=8, pnpm format:check, pnpm tsgo:prod, pnpm
check:test-types, pnpm run lint:extensions:bundled all pass; full workboard
extension suite 111/111 (two removed tests belonged to the unrelated
active-owner code, not this fix).

---------

Co-authored-by: ClawBox <clawbox@cayk.ca>
2026-07-13 03:46:05 -07:00
Peter Steinberger
88e0bbc86f fix(ci): drop unused msteams media placeholder test constants
Companion to 4bb4ffc55c: check-lint (no-unused-vars) still fails on
attachments.helpers.test.ts after #106279 trimmed their usages.
2026-07-13 03:43:17 -07:00
Peter Steinberger
4bb4ffc55c fix(ci): drop dangling msteams attachment placeholder helper 2026-07-13 03:42:39 -07:00
Peter Steinberger
a17058d191 feat(usage): show the account email with plan windows in the chat context popover (#106200)
* feat(usage): surface plan windows and account email in the chat context popover

The context-window popover now shows which account a session runs on:
provider usage snapshots carry an accountEmail resolved from the auth
profile when stored, the ChatGPT access-token JWT claims (openai/codex),
or the Claude CLI config file (~/.claude.json oauthAccount) for
keychain-synced logins. models.authStatus embeds it, quota groups keep
distinct accounts separate, and the popover renders the email under the
plan header for local CLI sessions and OpenClaw-configured subscriptions
alike.

* test(openai): assemble the fake usage JWT from parts

* test(usage): keep fixture tokens and identity plumbing scanner-safe

* fix(usage): verify the Claude CLI login before labeling usage with its email

Review findings: the CLI-config email fallback now requires the usage token
to match the cached CLI credential (and honors CLAUDE_CONFIG_DIR), so an
ambient login for another account never labels a snapshot; token-type
credentials propagate their stored email alongside oauth ones.

* style(anthropic): scanner-safe local for the CLI login read

* fix(usage): capture the Claude CLI account email on the credential

Review findings: reading ambient CLI config at usage-fetch time could not
verify keychain-only logins and could go stale across account switches.
The credential reader now captures oauthAccount.emailAddress next to the
credential it belongs to, the synced claude-cli profile carries it, and
the anthropic fetcher uses only the credential-borne identity.

* style(usage): scanner-safe credential fixtures and helper naming

* fix(auth): backfill the CLI account email onto existing synced profiles

Profiles synced before identity capture stay usable and skip CLI reads,
so upgraded installs would never gain the email until token rotation.
While the stored token material matches the CLI login, merge the
non-secret email onto the stored profile.

* style(test): scanner-safe email assertion

* test(auth): pin the no-reread invariant to identity-complete profiles
2026-07-13 03:39:16 -07:00
Peter Steinberger
1577c28500 refactor(deadcode): trim msteams private exports (#106279)
* refactor(deadcode): trim msteams private exports

* chore(deadcode): refresh unused export baseline
2026-07-13 03:26:24 -07:00
Arca
0e5ed900b0 fix(discord): retry stale preview cleanup after final delivery (#104893)
* fix(discord): retry stale preview cleanup

* test(channels): use compatible deferred helper

* test(channels): satisfy deferred lint

* chore: prepare Discord preview cleanup

* fix(channels): retain failed draft cleanup targets

* fix(channels): separate draft cleanup callbacks

* fix(channels): claim standalone draft cleanup ids

---------

Co-authored-by: Cad from Arca <cad@arcabot.ai>
Co-authored-by: Colin <colin@solvely.net>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-13 03:23:27 -07:00
Peter Steinberger
a2da4700be refactor: consolidate remaining bounded concurrency (#106265) 2026-07-13 03:16:28 -07:00
Peter Steinberger
6bb85f177f feat(onepassword): optional 1Password secrets broker plugin (#106133)
* feat(onepassword): add optional 1Password secrets broker plugin

Curated slug registry with per-item auto/approve/deny policy, plugin-approval
gating with expiring allow-always grants, SQLite audit history, onepassword
status/audit CLI, and a single-attempt op client (--cache=false, minimal env).

Closes #105924

* docs(plugins): refresh generated inventory count after rebase

* fix(onepassword): scope grants and field reads

* fix(onepassword): bound grant retention

* fix(onepassword): satisfy deadcode ratchet and hook allowlist contract

* fix(onepassword): honor live policy reloads

* refactor(onepassword): trim private exports

* test(onepassword): satisfy plugin boundaries

* test(onepassword): document temp directory boundary
2026-07-13 03:12:47 -07:00
xingzhou
c3cb1af93c fix(transcripts): stop live capture when the agent run is canceled (#104123)
* fix(transcripts): stop live capture when the agent run is canceled

* fix(transcripts): preserve startup cleanup ownership

* fix(transcripts): keep runtime session type internal

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-13 03:11:25 -07:00
Peter Steinberger
581cf6601a refactor(deadcode): trim memory-core type exports (#106263) 2026-07-13 03:04:08 -07:00
Peter Steinberger
69710f1e88 refactor(deadcode): trim whatsapp session config exports (#106256) 2026-07-13 02:53:15 -07:00
Peter Steinberger
7efdd9d706 fix(ci): import oc-path limits from their defining module in security test 2026-07-13 02:47:57 -07:00
Peter Steinberger
9ea4b167fa refactor(deadcode): trim channel auth exports (#106247) 2026-07-13 02:45:34 -07:00
Peter Steinberger
9b565e8d50 refactor(plugins): trim long-tail dead exports (#106230)
* refactor(extensions): trim long-tail plugin exports

* refactor(whatsapp): remove dead media relay
2026-07-13 02:34:06 -07:00
Peter Steinberger
598e3092f7 refactor(deadcode): trim oc-path barrel (#106240) 2026-07-13 02:33:39 -07:00
Peter Steinberger
938d41014f feat(mobile): default pairing to full node access (#105928)
* feat(mobile): default pairing to full node access

* chore: leave release notes to release workflow

* refactor(mobile): bound pairing helpers

* chore(i18n): refresh mobile access inventory

* chore(ci): lower mobile pairing LOC baseline

* fix(mobile): complete pairing validation artifacts

* ci: remove stale transcript target export baseline

* fix(ios): wrap access upgrade guidance

* fix(ios): preserve localized access key

* fix(ci): dedupe read-only SQLite guardrail

* fix(mobile): secure full-access node setup
2026-07-13 02:30:45 -07:00
Peter Steinberger
d71a9e1a13 refactor(slack): use Web API response contracts (#106234) 2026-07-13 02:26:49 -07:00
chengzhichao-xydt
1ed04910e2 fix(azure-speech): add timeout to voices list request (#102984)
* fix(azure-speech): add timeout to voices list request

* test(azure-speech): simplify voice timeout proof

* test(azure-speech): mark voice keys as placeholders

---------

Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-13 02:25:13 -07:00
mushuiyu886
ed57c6cd88 fix(agents): honor claude-cli contextTokens setting (#93198)
* fix: honor claude-cli configured context tokens

* test: cover claude-cli native compaction budget

* test: cover ordinary claude-cli budget persistence

* test: migrate claude-cli budget fixtures to session accessor

* fix(agents): carry CLI provider into context budget

* fix(agents): guard optional CLI context metadata

* fix(agents): align Claude CLI native compaction budget

Co-authored-by: 杨浩宇0668001029 <yang.haoyu@xydigit.com>

* fix(agents): apply selected CLI context cap

Co-authored-by: 杨浩宇0668001029 <yang.haoyu@xydigit.com>

* fix(agents): preserve prepared CLI context budgets

Co-authored-by: 杨浩宇0668001029 <yang.haoyu@xydigit.com>

* fix(agents): resolve prepared CLI context ownership

Co-authored-by: 杨浩宇0668001029 <yang.haoyu@xydigit.com>

* test(agents): type CLI context budget cases

Co-authored-by: 杨浩宇0668001029 <yang.haoyu@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-13 01:58:44 -07:00
Peter Steinberger
a788617325 fix(qa-lab): report authoritative Crabline readiness artifact (#106039)
* fix(qa-lab): preserve readiness artifact path

* test(qa-lab): keep readiness fixture in generation

* docs(qa-lab): explain readiness fallback order

* style(qa-lab): format readiness fixture

* refactor(qa-lab): isolate Crabline artifact paths

* refactor(qa-lab): keep artifact path type local

* fix(qa-lab): remove stale Crabline type import

* fix(qa-lab): restore Crabline selection type import
2026-07-13 01:55:12 -07:00
Peter Steinberger
1136757174 refactor: consolidate bounded concurrency on p-limit and p-map (#106002)
* refactor: adopt p-limit and p-map for bounded concurrency

* chore: normalize lockfile ordering

* fix: preserve memory host concurrency export

* refactor: keep media apply within size budget

* fix: drain memory concurrency before failure

* fix: satisfy memory concurrency guards

* chore: scope memory host dead-code checks

* chore: lower concurrency LOC baselines

* fix: preserve concurrency API surfaces

* chore: reconcile concurrency LOC baseline

* test: keep memory concurrency gate portable

* style: simplify concurrency drain

* ci: refresh deadcode export baseline
2026-07-13 01:53:28 -07:00
Peter Steinberger
83bf0379c9 refactor(channels): share plugin contract scaffolds (#105838)
* refactor(channels): share plugin contract scaffolds

* fix: preserve channel config hint metadata

* chore: refresh Plugin SDK API baseline

* ci: refresh plugin SDK surface budget

* fix(ci): allow read-only state database boundary

* fix(ci): dedupe read-only state database boundary
2026-07-13 01:51:32 -07:00
Peter Steinberger
39cda9e548 refactor(mattermost): trim private runtime facade (#106114)
* refactor(mattermost): trim private runtime facade

* refactor(mattermost): remove stale runtime note

* fix(mattermost): preserve legacy history exports

* chore(deadcode): refresh export baseline
2026-07-13 01:49:21 -07:00
Peter Steinberger
2e622491eb style(codex): restore event projector formatting 2026-07-13 09:48:42 +01:00
Peter Steinberger
61a9b49cea refactor(telegram): remove dead private exports (#106175)
* refactor(extensions): trim channel-private exports

* chore(deadcode): refresh Telegram export baseline

* fix(telegram): drop unused media import

* refactor(telegram): drop dead media re-export

* style(telegram): format media runtime imports
2026-07-13 01:46:24 -07:00
Peter Steinberger
c2da10585c refactor(plugin-sdk): prune eligible deprecated exports (#106010)
* refactor(plugin-sdk): remove unshipped compatibility exports

* refactor(zalo): use typed outbound delivery results

* chore(plugin-sdk): ratchet deprecated surface budgets

* chore(changelog): defer release note to release automation

* fix(zalo): reject failed message adapter sends

* refactor(zalo): share typed send boundary

* chore(plugin-sdk): account for main deprecation drift
2026-07-13 01:39:38 -07:00
Alix-007
d33254b7ec fix(google): bound realtime browser token requests (#106034)
* fix(google): bound realtime browser token requests

* fix(google): satisfy realtime timeout checks

* test(google): use placeholder browser key

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-13 01:36:19 -07:00
Peter Steinberger
35f80a1564 fix(discord): honor command owners in voice (#106155)
* fix(discord): honor command owners in voice

* chore(discord): defer voice note to release flow

* chore(discord): refresh pull request head
2026-07-13 01:34:49 -07:00
wuqxuan
6739b9fa07 fix(codex): do not promote missing_tool_result on abort/interrupt (#104955)
* fix(codex): do not promote missing_tool_result on abort/interrupt

Keep synthetic tool.result rows for transcript integrity, but skip
promoting the missing-tool invariant to promptError when the turn is
already aborted or interrupted so mid-exec cancel paths keep abort
classification and assistant text (#104898).

* fix(codex): preserve explicit abort outcome

---------

Co-authored-by: Altay <altay@hey.com>
2026-07-13 11:34:47 +03:00
Peter Steinberger
477499c9c0 refactor(lobster): drop stale Ajv cache shim (#106179) 2026-07-13 01:31:16 -07:00
Peter Steinberger
0bae4e0e43 fix(codex): update managed app-server to 0.144.3 [AI] (#106098)
* fix(codex): update managed app-server to 0.144.2

* fix(codex): update managed app-server to 0.144.3
2026-07-13 01:27:42 -07:00
Pavan Kumar Gondhi
ffff72c43a fix(line): keep group allowlists scoped (#106056)
Prevent LINE group allowlist policy from inheriting DM allowFrom entries, so open DMs do not broaden group access. Keep group-specific allowlists and per-group overrides as the only group admission sources, and document the scoped behavior.

Co-authored-by: pgondhi987 <pgondhi987@users.noreply.github.com>
2026-07-13 01:18:31 -07:00
Peter Steinberger
5cd1d13493 fix(discord): hydrate missing reply references (#106176)
Fix Discord inbound replies where Discord provides a message reference but omits the nested referenced message payload.

Refactor hydration so complete gateway replies fetch only the missing referenced message, while partial payloads still hydrate the current message first and reuse any referenced payload returned by Discord. Preserve non-blocking behavior for deleted references, forwarded messages, and failed reference fetches.

Closes #105862.
Supersedes #105901.

Co-authored-by: momothemage <niuzhengnan@163.com>
2026-07-13 01:11:40 -07:00
Peter Steinberger
c2521d7c47 fix(ui): catalog sessions select in place and continue from desktop-app sources (#106074)
* fix(ui): make catalog sessions selectable in place and continuable from desktop-app sources

- sidebar: no phantom chat row for catalog keys, active highlight on catalog rows,
  adopted sessions render as their live row inside the catalog group (deduped from
  the regular list), host subtitle only for paired-node rows
- chat: view-only banner only after catalog metadata proves canContinue=false
- chat->sidebar continued event binds the adopted row before the next catalog poll
- anthropic: local claude-desktop sessions share the ~/.claude/projects store, so
  list them as continuable and allow catalog continue to fork-resume them

* refactor(ui): extract catalog row rendering and lookup into shared modules

Keeps app-sidebar/chat-pane/anthropic session-catalog under the LOC ratchet by
moving cohesive blocks: sidebar catalog groups + adopted-row binding into
app-sidebar-session-catalogs.ts, the catalog metadata lookup into
catalog-key.ts, and the Claude node-host commands into
session-catalog-node-commands.ts; ratchet baselines down for all three.

* fix(ui): explain the disabled composer when catalog metadata cannot resolve a session

* style(ui): keep chat-pane within the LOC ratchet

* fix(anthropic): keep catalog node-command helpers module-local and repin SDK surface

The node-command module now owns its capability constant, projects-store
probe, and params parsing, so the catalog engine exports nothing new.
Repin the SDK surface budgets (+1 export/+1 callable landed on main
without a pin bump); unexport the UI helper types knip flagged.
2026-07-13 00:49:35 -07:00
Peter Steinberger
700c87f0f2 refactor(whatsapp): reuse Baileys helpers (#106125)
Refs #106123
2026-07-13 00:36:11 -07:00
Peter Steinberger
2237196871 refactor(extensions): remove dead QA and utility exports (#105914)
* refactor(extensions): remove dead QA and utility exports

* refactor(extensions): trim Matrix QA internal exports

* chore(deadcode): refresh extension export baseline

* chore(ci): reconcile deadcode and LOC baselines

* chore(deadcode): refresh baseline after main advance

* chore(deadcode): refresh baseline after main advance

* refactor(plugins): keep channel snapshot type private

* fix(ci): align Linux deadcode baseline
2026-07-13 00:34:46 -07:00
mushuiyu886
4200745a98 fix(matrix): handle event decryption errors during sync (#94416)
Co-authored-by: mushuiyu886 <mushuiyu886@users.noreply.github.com>
2026-07-13 00:32:05 -07:00
Ben Badejo
2725742cad fix(memory): respect QMD timeout for memory_search (#95757)
* fix(memory): scope qmd search deadline

Preserve the phase-scoped QMD timeout semantics on current main.

Co-authored-by: Peter Steinberger <58493+steipete@users.noreply.github.com>

* docs: refresh generated docs map

* test(memory): reconcile manager mock with current main

* test(memory): isolate deadline mock import

* style(memory): format search test mocks

* test(memory): decouple mock from deadline symbol

* chore(memory): refresh reviewed pull request head

---------

Co-authored-by: Benjamin Badejo <ben@benbadejo.com>
Co-authored-by: Peter Steinberger <58493+steipete@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-13 00:05:13 -07:00
Peter Steinberger
4cbbb86d5e refactor(zalouser): share offset-preserving text chunk ranges (#105842)
* refactor(zalouser): share text chunk ranges

* chore(plugin-sdk): refresh combined API baseline
2026-07-12 23:46:16 -07:00
Peter Steinberger
adf6b08ab4 refactor: consolidate duration parsing and formatting (#105988)
* refactor: consolidate duration handling

* docs: leave release notes to release workflow

* fix: preserve build timing precision

* ci: align plugin sdk surface budgets
2026-07-12 23:38:22 -07:00
Peter Steinberger
0633afe6a5 fix(config): reject schema-only keys (#106031)
* fix(config): reject schema-only keys

* chore(config): refresh plugin SDK baseline

* test(config): remove stale remote enabled fixtures
2026-07-12 23:10:12 -07:00
Peter Steinberger
6410e33cb0 refactor(ci): restore LOC ratchet headroom (#106063)
* refactor(ci): restore TypeScript LOC ratchet

* fix(ci): keep source reply item type internal
2026-07-12 23:09:25 -07:00
Peter Steinberger
9cdf166d2e refactor(mattermost): trim monitor gating facade (#106021)
* refactor(mattermost): trim monitor gating facade

* chore(ci): shrink Mattermost LOC baseline

* chore(ci): refresh deadcode export baseline
2026-07-12 23:09:15 -07:00
Paul Campbell
008f04a656 feat(mxc): add Windows MXC sandbox backend (#97086)
* feat(mxc): add Windows MXC sandbox backend

Add the official MXC sandbox plugin package with Windows ProcessContainer execution, plugin-owned MXC SDK dependency packaging, host-backed filesystem bridge support, and configured MXC policy file loading via mxcPolicyPaths.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix(mxc): preserve Windows binary override paths

* fix: remove stray sandbox barrel export

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Copilot-Session: 9ea19539-b8ca-44fb-93bd-b8496e3deb2c

* fix(mxc): address sandbox review feedback

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>

* fix(mxc): satisfy test type checks

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>

* fix(mxc): clarify protected skill enforcement

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>

* test(mxc): align fail-closed expectations

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>

* fix(mxc): satisfy extension lint

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>

* fix(plugin-sdk): narrow fs-safe remove surface

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>

* fix(mxc): repair rebased CI failures

* fix(scripts): declare shrinkwrap override normalizer

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com>
Co-authored-by: Dallin Romney <dallinromney@gmail.com>
2026-07-12 23:07:25 -07:00
Peter Steinberger
a5883c33d1 refactor: use semver package for version ordering (#105944)
* refactor: use semver package for version ordering

* refactor: centralize semver validation

* chore: keep release notes in PR body

* refactor: update semver LOC ratchet
2026-07-12 23:02:25 -07:00