* fix(cli): explain how to recover from device approve deadlock
`openclaw devices approve` could fail two ways with no path forward:
- When the calling device can't approve its own scope upgrade (it lacks
operator.approvals) and no loopback local fallback is available (e.g. a
remote --url gateway), the raw "scope upgrade pending approval" error
propagated with no guidance.
- When the request id wasn't found in pending state (already approved,
expired, or superseded), it printed only "unknown requestId".
Surface actionable guidance instead:
- On an authorization failure, explain that the device can't approve its
own upgrade and point to `--token`/`--password` (gateway owner creds) or
approving from a device that already holds operator.approvals.
- On a missing request, point to `openclaw devices list` and
`openclaw devices approve --latest`.
AI-assisted (Claude Code).
* fix(cli): clarify device approval recovery
* fix(cli): avoid unusable approval credential advice
Summary:
- The PR teaches `openclaw devices approve <requestId>` to approve a compatible same-device replacement request during local fallback and adds focused CLI, infra, and changelog coverage.
- Reproducibility: yes. Source inspection shows current main rejects the gateway's replacement requestId as a ... adds focused infra and CLI tests for the churn path; I did not run tests because this review is read-only.
Automerge notes:
- PR branch already contained follow-up commit before automerge: docs: note device approval recovery
Validation:
- ClawSweeper review passed for head 1d2f2e9b2f.
- Required merge gates passed before the squash merge.
Prepared head SHA: 1d2f2e9b2f
Review: https://github.com/openclaw/openclaw/pull/85342#issuecomment-4518449317
Co-authored-by: masonxhuang <masonxhuang@tencent.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Fix logs.tail credential-header redaction and JSON-mode gateway transport errors.\n\nFixes #66832.\nFixes #79108.\nSupersedes #67041.\nSupersedes #79233.\n\nCo-authored-by: Mil Wang <mingjwan@microsoft.com>\nCo-authored-by: Andy Ye <35905412+TurboTheTurtle@users.noreply.github.com>
* fix: require confirmation before implicit device approval
Keep re-requested pairing entries from jumping the queue and force operators to confirm implicit latest-request approval so a refreshed attacker request cannot be silently approved.
* fix: require exact device pairing approval
* fix: stabilize reply CI checks
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>