Peter Steinberger
4b7661e9a0
feat(ios): durable offline command outbox for chat sends ( #100331 )
...
* feat(ios): durable offline command outbox for chat sends
Text messages sent while the gateway is unreachable queue in a durable
per-gateway outbox (new outbox_commands table in the per-gateway chat
cache SQLite store, schema v2) instead of failing. Queued bubbles render
with visible Queued/Sending/Not sent states and flush strictly in
createdAt order once transport health recovers; each command's client
UUID rides as the send idempotency key, so at-least-once delivery plus
gateway dedupe keeps the transcript exact.
Contract summary:
- Bounds: 50 queued commands per gateway; refused enqueues keep the
draft. Queued rows older than 48h expire to failed("expired") rather
than silently sending stale commands; tap-to-retry refreshes
createdAt so an expired row can resend as new intent.
- Failure taxonomy: transport-level failures keep rows queued without
burning retry attempts (backoff ladder, then health drops so the
reconnect machinery owns pacing); gateway rejections burn attempts
and fail terminally after 3, with context-menu retry/delete.
- Deletes are tombstoned synchronously and rechecked after the claim
await so an active flush can never send a removed command; Delete is
hidden while a bubble is already in flight; offline enqueue is
guarded against double submit during the health probe.
- Post-reconnect live sends route behind draining outbox rows (FIFO),
and a cold open assumes a backlog until restore adopts durable rows.
- Crash safety: 'sending' rows revert to 'queued' at startup; flushed
turns are spliced into the session's cached transcript before their
outbox row is deleted, and stale history snapshots cannot evict a
just-flushed turn until a snapshot confirms it.
- Per-gateway scoping and purge ride the transcript cache: one SQLite
file per gateway; reset/forget drops the queue with the cache.
Fixture/unpaired transports get no outbox.
Part of #46664
* chore(ios): sync native i18n inventory
* style(chat-ui): satisfy strict SwiftFormat lint (doc comment, scope blank line)
2026-07-06 05:23:46 +01:00
Peter Steinberger
443c582949
fix(ios): restore in-flight runs after reconnect ( #100277 )
...
* fix(ios): restore in-flight chat runs from gateway history
Restore active Apple chat ownership across reconnect, foreground, and sequence-gap recovery using the existing chat.history snapshot. Preserve agent/session scoping and Gateway user-turn identity across Codex and Copilot mirrors, including current offline-cache integration.
* fix(ios): restore in-flight chat runs from gateway history
2026-07-06 03:23:38 +01:00
Peter Steinberger
5d8293c1fe
feat(ios): read-only offline cache for chat sessions and transcripts ( #100219 )
...
* feat(ios): read-only offline cache for chat sessions and transcripts
Cache-first cold open for the iOS chat tab: the last known transcript and
session list render immediately from a local SQLite cache, then live gateway
history replaces them wholesale through the existing reconciliation path.
When the gateway is unreachable, recent sessions and transcripts stay
browsable read-only; sending remains gated by the existing connection state.
- New OpenClawChatTranscriptCache protocol seam plus SQLite-backed store in
OpenClawChatUI (raw SQLite3, no new dependencies), scoped per gateway
stableID so transcripts never leak across paired gateways.
- Bounds: 50 sessions, 50 transcripts, 200 messages per session; text rows
only (attachment/binary payloads and tool arguments are stripped).
- Disposable cache: schema versioned via user_version; any open/schema/decode
mismatch drops and rebuilds silently. File protection
completeUntilFirstUserAuthentication on iOS.
- View model pre-paints from cache only until a live response applies
(hasAppliedLiveHistory/hasAppliedLiveSessions guards); write-through is
chained and off the render path.
- iOS wiring keys the chat view model identity on transport mode plus cache
gateway ID so switching paired gateways rebuilds the view model.
Part of #100194
* fix(ios): harden offline transcript cache
* fix(ios): expose offline cached sessions
* fix(ios): isolate transcript caches by gateway
* chore(i18n): sync native inventory
* fix(ios): allow cache extension to replace messages
2026-07-06 01:02:15 +01:00
Peter Steinberger
aaf5ab910c
fix: land ten small reliability fixes ( #100483 )
...
* fix(agents): harden LSP process failures
Source: #100450
Co-authored-by: morluto <williamlin1327@gmail.com >
* fix(sandbox): report effective workspace layout
Sources: #100435 , #100439
Co-authored-by: Aniruddha Adak <aniruddhaadak80@users.noreply.github.com >
Co-authored-by: ZengWen-DT <ceng.wen@xydigit.com >
* fix(security): fail install checks on stream errors
Source: #100413
Co-authored-by: 陈宪彪0668000387 <chen.xianbiao@xydigit.com >
* fix(android): normalize all-day calendar events
Source: #100032
Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com >
* fix(ios): serialize push-to-talk lifecycle
Source: #99942
Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com >
* fix(talk): reject inherited provider names
Source: #99849
Co-authored-by: zenglingbiao <zeng.lingbiao@xydigit.com >
* fix(android): stop voice capture in background
Source: #99840
Co-authored-by: xialonglee <li.xialong@xydigit.com >
* fix(cron): preserve fallback result classification
Source: #99913
Co-authored-by: jincheng-xydt <xu.jincheng@xydigit.com >
* fix(google): bound Vertex response decompression
Source: #99812
Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com >
* fix(plugins): report malformed discovery JSON
Source: #99892
Co-authored-by: 陈宪彪0668000387 <chen.xianbiao@xydigit.com >
* test(sandbox): configure non-default workspace fixture
* test: fix small-fix batch validation
---------
Co-authored-by: morluto <williamlin1327@gmail.com >
Co-authored-by: ZengWen-DT <ceng.wen@xydigit.com >
Co-authored-by: 陈宪彪0668000387 <chen.xianbiao@xydigit.com >
Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com >
Co-authored-by: zenglingbiao <zeng.lingbiao@xydigit.com >
Co-authored-by: xialonglee <li.xialong@xydigit.com >
Co-authored-by: jincheng-xydt <xu.jincheng@xydigit.com >
Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com >
2026-07-06 00:08:51 +01:00
PollyBot13
a320f775f0
fix(ios): defer QR pairing after scanner dismissal ( #99572 )
...
* fix(ios): defer QR pairing after scanner dismissal
* fix(ios): process QR pairing after scanner dismissal
* fix(ios): harden QR scanner handoff
* fix(ios): give QR scanner dismissal more time
* fix(ios): keep onboarding open for QR trust prompt
* fix(ios): keep QR trust prompt owned by onboarding
* fix(ios): recover operator pairing after QR bootstrap
* fix(ios): cancel stale QR scanner handoffs
Co-authored-by: PollyBot13 <pollybot13@gmail.com >
* fix(ios): defer QR setup until onboarding closes
* fix(ios): keep QR setup links with visible settings
* fix(ios): consume setup links during onboarding
* fix(ios): handle setup links during onboarding launch
* fix(ios): route setup links through active onboarding
* fix(ios): harden QR gateway handoff
* fix(ios): cancel superseded gateway attempts
* fix(ios): serialize scanner result delivery
* fix(ios): prevent stale gateway reconnects
* fix(ios): serialize gateway target handoff
* fix(ios): disable stale gateway relaunch route
* fix(ios): await staged bootstrap reset
* test(ios): bound gateway reset handoff
* fix(ios): preserve explicit gateway handoff
* fix(ios): harden gateway lifecycle ownership
* chore(ios): sync native i18n inventory
* test(ios): align gateway ownership assertions
* refactor(ios): remove superseded gateway helpers
* fix(ios): keep gateway auth route scoped
* fix(ios): restore gateway target review state
* fix(protocol): refresh Swift plugin approval model
* test(ios): isolate state directory overrides
* fix(ios): preserve watch alerts across gateway switches
* fix(ios): bind deferred work to gateway ownership
* docs(changelog): credit iOS gateway handoff fix
* chore(i18n): sync native app inventory
* test(ios): remove unused Watch approval hooks
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-05 12:31:53 -07:00
Peter Steinberger
70f2bef6b4
fix(ios): persist queued Watch replies ( #100372 )
...
* fix(ios): persist queued watch replies
Route Apple Watch quick replies through the durable, gateway-scoped Watch message outbox with restart-safe routing and deduplication.
Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com >
* fix(ios): preserve pre-upgrade Watch replies
Bind shipped notification prompts without routing metadata to the current Gateway once, while keeping explicit and persisted Gateway owners fail-closed.
---------
Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com >
2026-07-05 09:14:49 -07:00
Peter Steinberger
245092dc3a
feat(ios): add Apple Watch voice turns ( #100283 )
...
* feat(ios): add Apple Watch voice turns
* chore(ios): sync native i18n inventory
* fix(ios): preserve Watch message label
2026-07-05 06:40:03 -07:00
PollyBot13
671c315072
feat: clarify iOS Location Always permission flow ( #99247 )
...
* feat: clarify iOS Location Always permission flow
* fix(ios): avoid stale location permission summary
* fix(ios): clarify disabled location permission grants
* fix(ios): sync external location grants into settings
* chore(ios): refresh native i18n inventory
* fix(ios): preserve location off during permission sync
* fix(ios): preserve while using during location sync
* fix(ios): wait for location permission prompts
* fix(ios): reconcile significant location monitoring
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-03 14:16:20 -07:00
Lokimorty
4f933ccf7b
fix(ios): gateway error shows twice on the Settings Gateway page ( #98856 )
...
* fix(ios): show gateway errors once as a swipeable animated toast
Gateway connection errors on the Settings > Gateway page appeared twice:
as the app-wide toast and again as an embedded banner section. Remove the
embedded banner (and its now-dead sheet/action helpers) so problems surface
only via the root toast, animate the toast in smoothly from the top, and
support swipe-up to dismiss with re-arm on new problems.
* fix(ios): re-surface gateway toast on repeated problem reports
A swiped-away toast stayed hidden when a retry failed with an identical
problem, because value equality alone produces no observable change. The
model now counts every problem report; a report while hidden re-shows the
toast, and a report while visible shakes it instead of stacking a new one.
* fix(ios): keep reset-onboarding action on the gateway toast and sync i18n inventory
The root toast is now the only gateway problem surface outside covers, so it
must keep the reset-onboarding primary action the removed settings banner had:
auth-token-mismatch problems now show Reset onboarding and run the full
GatewayOnboardingReset flow. Also refreshes the native i18n inventory for the
changed Swift strings.
* fix(ios): preserve gateway problem recovery state
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-02 04:50:12 -07:00
Josh Avant
0c7bac34ae
fix(ios): classify TLS fingerprint timeouts ( #98429 )
...
* fix(ios): classify gateway TLS fingerprint timeouts
* Add discovered TLS trust regression test
2026-07-01 01:06:13 -05:00
joshavant
8efed50c4e
fix: gate ios push enrollment on notification consent
2026-06-23 01:38:24 -05:00
joshavant
f2b8668a54
feat: add ios push relay diagnostics
2026-06-22 22:17:04 -05:00
joshavant
97a015bace
fix(ios): drop unused bootstrap test hook
2026-06-21 23:40:56 -04:00
joshavant
0bd2aa8ee0
feat(ios): consolidate notification permission UX
2026-06-21 23:40:56 -04:00
Josh Avant
5d1e649aea
fix: route mobile exec approvals to reviewer device ( #95175 )
...
* fix: route mobile exec approvals to reviewer device
* fix: surface iOS approval events in foreground
* fix: forward codex approval reviewer device
* test: harden approval reviewer device contract
* test: cover reviewer approval fallback resolvers
2026-06-21 08:47:52 -05:00
Colin Johnson
c45c87acca
feat(ios): add watch action surface ( #93387 )
...
* feat(ios): add watch action surface
* fix: harden watch action surface
* fix: clean watch codegen lint
* fix(ios): scope watch chat commands to gateway
---------
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com >
2026-06-16 15:22:16 +02:00
joshavant
377f6181a9
feat: add ios screenshot fixture mode
2026-06-15 19:27:55 +02:00
joshavant
c932bf377b
chore: update ios configuration
2026-06-15 19:27:54 +02:00
Sash Zats
233b48daaa
refactor: prune unused iOS code ( #91996 )
...
Prune unused iOS surfaces and regenerate the Xcode project. Add a scoped Periphery PR gate with hardened artifact handling and stale-status cleanup.
Co-authored-by: Sash Zats <sash@zats.io >
2026-06-15 02:07:15 -07:00
Colin Johnson
e58310b000
fix(ios): force stale foreground gateway reconnects ( #92552 )
2026-06-13 20:33:39 +02:00
Colin Johnson
bf89552e67
Improve iPad and iPhone control surfaces ( #91557 )
...
* feat(ios): expand iPad layout support
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
* feat: improve iPad and iPhone control surfaces
* fix: preserve workboard dispatch compatibility
* fix: keep Talk reachable on iPad
* fix: add universal iPad app icons
* fix: address ready-review iOS feedback
* fix: avoid workboard board id shadowing
* fix ios sidebar separators
---------
Co-authored-by: Solvely-Colin <211764741+Solvely-Colin@users.noreply.github.com >
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com >
2026-06-09 21:46:02 -05:00
Nimrod Gutman
59ed6413d9
[codex] Add iOS Apple Review demo mode ( #90919 )
...
Merged via squash.
Prepared head SHA: e7f7db3cb5
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Reviewed-by: @ngutman
2026-06-06 17:43:48 +03:00
joshavant
67dc71983c
fix(ios): show focused session agent
2026-06-06 04:41:32 -05:00
joshavant
5c07f7ccf0
Fix iOS selected agent chat routing
2026-06-06 04:41:32 -05:00
joshavant
8f6f18b6e7
fix ios operator recovery live activity
2026-06-06 04:41:32 -05:00
joshavant
1746319db5
fix ios operator scope upgrade state
2026-06-06 04:41:32 -05:00
joshavant
19e827c969
fix ios operator admin scope requests
2026-06-06 04:41:32 -05:00
joshavant
cb4f6af504
fix ios canvas presentation
2026-06-04 10:15:32 -07:00
joshavant
81c8f525eb
fix ios gateway forced reconnect
2026-06-04 10:15:32 -07:00
joshavant
d5d3e9983e
fix: harden mobile a2ui bridge trust
2026-06-03 16:50:08 -07:00
Peter Steinberger
551c9637d8
fix(ios): polish iPad gateway setup
2026-06-01 03:47:09 +01:00
Colin Johnson
f6e51ff99a
feat(ios): refresh pro UI and gateway flows ( #87367 )
...
Summary:
- Replace the legacy iOS shell with Pro Command, Chat, Agents, and Settings tabs.
- Wire iOS chat/session/settings/diagnostics and realtime Talk flows through gateway-backed APIs.
- Add gateway/session and shared chat coverage for the new iOS flow.
Verification:
- git diff --check
- node scripts/run-vitest.mjs src/gateway/server.sessions.create.test.ts src/gateway/talk-realtime-relay.test.ts
- swift test --filter ChatViewModelTests (apps/shared/OpenClawKit)
- xcodebuild build for Nimrod's iPhone succeeded; install succeeded; launch was blocked because the phone was locked
Known follow-up:
- Preserve traceLevel in sessions.create parent runtime inheritance and keep the changelog credit in the follow-up patch.
2026-05-28 17:23:26 +03:00
Nimrod Gutman
9ca52ce3d9
[codex] improve iOS realtime talk mode ( #86355 )
...
Merged via squash.
Prepared head SHA: 3f5aedb265
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Reviewed-by: @ngutman
2026-05-25 13:27:37 +03:00
Colin Johnson
e730e9bd0b
feat(ios): add realtime talk relay mode
...
Adds realtime Gateway Talk relay support for iOS, including OpenAI realtime provider selection and voice selection controls.
Maintainer fixups preserved provider auth fallback resolution, kept setup-code/manual auth through TLS trust prompts, recomputed pairing auth from current form fields, fixed the realtime voice label Swift compile issue, added provider auth regression coverage, and refreshed shrinkwrap metadata for the current CI merge base.
Verification:
- `fnm exec --using 24.15.0 pnpm deps:shrinkwrap:check`
- `git diff --check`
- `swiftformat --lint --config config/swiftformat --unexclude apps/ios/Sources apps/ios/Sources/Gateway/GatewayConnectionController.swift apps/ios/Sources/Onboarding/GatewayOnboardingView.swift apps/ios/Sources/Onboarding/OnboardingWizardView.swift apps/ios/Sources/Settings/SettingsTab.swift apps/ios/Sources/Voice/TalkModeGatewayConfig.swift`
- `swiftlint lint --config apps/ios/.swiftlint.yml apps/ios/Sources/Gateway/GatewayConnectionController.swift apps/ios/Sources/Onboarding/GatewayOnboardingView.swift apps/ios/Sources/Onboarding/OnboardingWizardView.swift apps/ios/Sources/Settings/SettingsTab.swift apps/ios/Sources/Voice/TalkModeGatewayConfig.swift`
- `AUTOREVIEW_AUTO_TESTS=0 .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main`
- GitHub CI clean for `8a76c829611c0eb70d4c3b5328f1868aaf3516e1` (cancelled `auto-response` ignored)
Co-authored-by: Colin Johnson <colin@solvely.net >
2026-05-22 17:34:06 +01:00
Nimrod Gutman
b823a5a266
fix(ios): improve live activity lifecycle ( #83597 )
...
Merged via squash.
Prepared head SHA: 6bd991dafb
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Reviewed-by: @ngutman
2026-05-18 16:11:54 +03:00
Nimrod Gutman
a7ab09fa4e
fix(gateway): allow mobile OS metadata refresh ( #83490 )
...
Merged via squash.
Prepared head SHA: 5fae3757e9
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Reviewed-by: @ngutman
2026-05-18 15:23:55 +03:00
Peter Steinberger
694ca50e97
Revert "refactor: move runtime state to SQLite"
...
This reverts commit f91de52f0d .
2026-05-13 13:33:38 +01:00
Peter Steinberger
f91de52f0d
refactor: move runtime state to SQLite
...
* refactor: remove stale file-backed shims
* fix: harden sqlite state ci boundaries
* refactor: store matrix idb snapshots in sqlite
* fix: satisfy rebased CI guardrails
* refactor: store current conversation bindings in sqlite table
* refactor: store tui last sessions in sqlite table
* refactor: reset sqlite schema history
* refactor: drop unshipped sqlite table migration
* refactor: remove plugin index file rollback
* refactor: drop unshipped sqlite sidecar migrations
* refactor: remove runtime commitments kv migration
* refactor: preserve kysely sync result types
* refactor: drop unshipped sqlite schema migration table
* test: keep session usage coverage sqlite-backed
* refactor: keep sqlite migration doctor-only
* refactor: isolate device legacy imports
* refactor: isolate push voicewake legacy imports
* refactor: isolate remaining runtime legacy imports
* refactor: tighten sqlite migration guardrails
* test: cover sqlite persisted enum parsing
* refactor: isolate legacy update and tui imports
* refactor: tighten sqlite state ownership
* refactor: move legacy imports behind doctor
* refactor: remove legacy session row lookup
* refactor: canonicalize memory transcript locators
* refactor: drop transcript path scope fallbacks
* refactor: drop runtime legacy session delivery pruning
* refactor: store tts prefs only in sqlite
* refactor: remove cron store path runtime
* refactor: use cron sqlite store keys
* refactor: rename telegram message cache scope
* refactor: read memory dreaming status from sqlite
* refactor: rename cron status store key
* refactor: stop remembering transcript file paths
* test: use sqlite locators in agent fixtures
* refactor: remove file-shaped commitments and cron store surfaces
* refactor: keep compaction transcript handles out of session rows
* refactor: derive transcript handles from session identity
* refactor: derive runtime transcript handles
* refactor: remove gateway session locator reads
* refactor: remove transcript locator from session rows
* refactor: store raw stream diagnostics in sqlite
* refactor: remove file-shaped transcript rotation
* refactor: hide legacy trajectory paths from runtime
* refactor: remove runtime transcript file bridges
* refactor: repair database-first rebase fallout
* refactor: align tests with database-first state
* refactor: remove transcript file handoffs
* refactor: sync post-compaction memory by transcript scope
* refactor: run codex app-server sessions by id
* refactor: bind codex runtime state by session id
* refactor: pass memory transcripts by sqlite scope
* refactor: remove transcript locator cleanup leftovers
* test: remove stale transcript file fixtures
* refactor: remove transcript locator test helper
* test: make cron sqlite keys explicit
* test: remove cron runtime store paths
* test: remove stale session file fixtures
* test: use sqlite cron keys in diagnostics
* refactor: remove runtime delivery queue backfill
* test: drop fake export session file mocks
* refactor: rename acp session read failure flag
* refactor: rename acp row session key
* refactor: remove session store test seams
* refactor: move legacy session parser tests to doctor
* refactor: reindex managed memory in place
* refactor: drop stale session store wording
* refactor: rename session row helpers
* refactor: rename sqlite session entry modules
* refactor: remove transcript locator leftovers
* refactor: trim file-era audit wording
* refactor: clean managed media through sqlite
* fix: prefer explicit agent for exports
* fix: use prepared agent for session resets
* fix: canonicalize legacy codex binding import
* test: rename state cleanup helper
* docs: align backup docs with sqlite state
* refactor: drop legacy Pi usage auth fallback
* refactor: move legacy auth profile imports to doctor
* refactor: keep Pi model discovery auth in memory
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
* refactor: remove model json compatibility aliases
* refactor: store auth profiles in sqlite
* refactor: seed copied auth profiles in sqlite
* refactor: make auth profile runtime sqlite-addressed
* refactor: migrate hermes secrets into sqlite auth store
* refactor: move plugin install config migration to doctor
* refactor: rename plugin index audit checks
* test: drop auth file assumptions
* test: remove legacy transcript file assertions
* refactor: drop legacy cli session aliases
* refactor: store skill uploads in sqlite
* refactor: keep subagent attachments in sqlite vfs
* refactor: drop subagent attachment cleanup state
* refactor: move legacy session aliases to doctor
* refactor: require node 24 for sqlite state runtime
* refactor: move provider caches into sqlite state
* fix: harden virtual agent filesystem
* refactor: enforce database-first runtime state
* refactor: rename compaction transcript rotation setting
* test: clean sqlite refactor test types
* refactor: consolidate sqlite runtime state
* refactor: model session conversations in sqlite
* refactor: stop deriving cron delivery from session keys
* refactor: stop classifying sessions from key shape
* refactor: hydrate announce targets from typed delivery
* refactor: route heartbeat delivery from typed sqlite context
* refactor: tighten typed sqlite session routing
* refactor: remove session origin routing shadow
* refactor: drop session origin shadow fixtures
* perf: query sqlite vfs paths by prefix
* refactor: use typed conversation metadata for sessions
* refactor: prefer typed session routing metadata
* refactor: require typed session routing metadata
* refactor: resolve group tool policy from typed sessions
* refactor: delete dead session thread info bridge
* Show Codex subscription reset times in channel errors (#80456 )
* feat(plugin-sdk): consolidate session workflow APIs
* fix(agents): allow read-only agent mount reads
* [codex] refresh plugin regression fixtures
* fix(agents): restore compaction gateway logs
* test: tighten gateway startup assertions
* Redact persisted secret-shaped payloads [AI] (#79006 )
* test: tighten device pair notify assertions
* test: tighten hermes secret assertions
* test: assert matrix client error shapes
* test: assert config compat warnings
* fix(heartbeat): remap cron-run exec events to session keys (#80214 )
* fix(codex): route btw through native side threads
* fix(auth): accept friendly OpenAI order for Codex profiles
* fix(codex): rotate auth profiles inside harness
* fix: keep browser status page probe within timeout
* test: assert agents add outputs
* test: pin cron read status
* fix(agents): avoid Pi resource discovery stalls
Co-authored-by: dataCenter430 <titan032000@gmail.com >
* fix: retire timed-out codex app-server clients
* test: tighten qa lab runtime assertions
* test: check security fix outputs
* test: verify extension runtime messages
* feat(wake): expose typed sessionKey on wake protocol + system event CLI
* fix(gateway): await session_end during shutdown drain and track channel + compaction lifecycle paths (#57790 )
* test: guard talk consult call helper
* fix(codex): scale context engine projection (#80761 )
* fix(codex): scale context engine projection
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* chore: align Codex projection changelog
* chore: realign Codex projection changelog
* fix: isolate Codex projection patch
---------
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
* refactor: move agent runtime state toward piless
* refactor: remove cron session reaper
* refactor: move session management to sqlite
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: remove stale file-backed shims
* test: harden kysely type coverage
# Conflicts:
# .agents/skills/kysely-database-access/SKILL.md
# src/infra/kysely-sync.types.test.ts
# src/proxy-capture/store.sqlite.test.ts
# src/state/openclaw-agent-db.test.ts
# src/state/openclaw-state-db.test.ts
* refactor: remove cron store path runtime
* refactor: keep compaction transcript handles out of session rows
* refactor: derive embedded transcripts from sqlite identity
* refactor: remove embedded transcript locator handoff
* refactor: remove runtime transcript file bridges
* refactor: remove transcript file handoffs
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
# Conflicts:
# docs/cli/secrets.md
# docs/gateway/authentication.md
# docs/gateway/secrets.md
* fix: keep oauth sibling sync sqlite-local
# Conflicts:
# src/commands/onboard-auth.test.ts
* refactor: remove task session store maintenance
# Conflicts:
# src/commands/tasks.ts
* refactor: keep diagnostics in state sqlite
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* Show Codex subscription reset times in channel errors (#80456 )
* fix(codex): refresh subscription limit resets
* fix(codex): format reset times for channels
* Update CHANGELOG with latest changes and fixes
Updated CHANGELOG with recent fixes and improvements.
* fix(codex): keep command load failures on codex surface
* fix(codex): format account rate limits as rows
* fix(codex): summarize account limits as usage status
* fix(codex): simplify account limit status
* test: tighten subagent announce queue assertion
* test: tighten session delete lifecycle assertions
* test: tighten cron ops assertions
* fix: track cron execution milestones
* test: tighten hermes secret assertions
* test: assert matrix sync store payloads
* test: assert config compat warnings
* fix(codex): align btw side thread semantics
* fix(codex): honor codex fallback blocking
* fix(agents): avoid Pi resource discovery stalls
* test: tighten codex event assertions
* test: tighten cron assertions
* Fix Codex app-server OAuth harness auth
* refactor: move agent runtime state toward piless
* refactor: move device and push state to sqlite
* refactor: move runtime json state imports to doctor
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: clarify cron sqlite store keys
* refactor: remove stale file-backed shims
* refactor: bind codex runtime state by session id
* test: expect sqlite trajectory branch export
* refactor: rename session row helpers
* fix: keep legacy device identity import in doctor
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* build: align pi contract wrappers
* chore: repair database-first rebase
* refactor: remove session file test contracts
* test: update gateway session expectations
* refactor: stop routing from session compatibility shadows
* refactor: stop persisting session route shadows
* refactor: use typed delivery context in clients
* refactor: stop echoing session route shadows
* refactor: repair embedded runner rebase imports
# Conflicts:
# src/agents/pi-embedded-runner/run/attempt.tool-call-argument-repair.ts
* refactor: align pi contract imports
* refactor: satisfy kysely sync helper guard
* refactor: remove file transcript bridge remnants
* refactor: remove session locator compatibility
* refactor: remove session file test contracts
* refactor: keep rebase database-first clean
* refactor: remove session file assumptions from e2e
* docs: clarify database-first goal state
* test: remove legacy store markers from sqlite runtime tests
* refactor: remove legacy store assumptions from runtime seams
* refactor: align sqlite runtime helper seams
* test: update memory recall sqlite audit mock
* refactor: align database-first runtime type seams
* test: clarify doctor cron legacy store names
* fix: preserve sqlite session route projections
* test: fix copilot token cache test syntax
* docs: update database-first proof status
* test: align database-first test fixtures
* docs: update database-first proof status
* refactor: clean extension database-first drift
* test: align agent session route proof
* test: clarify doctor legacy path fixtures
* chore: clean database-first changed checks
* chore: repair database-first rebase markers
* build: allow baileys git subdependency
* chore: repair exp-vfs rebase drift
* chore: finish exp-vfs rebase cleanup
* chore: satisfy rebase lint drift
* chore: fix qqbot rebase type seam
* chore: fix rebase drift leftovers
* fix: keep auth profile oauth secrets out of sqlite
* fix: repair rebase drift tests
* test: stabilize pairing request ordering
* test: use source manifests in plugin contract checks
* fix: restore gateway session metadata after rebase
* fix: repair database-first rebase drift
* fix: clean up database-first rebase fallout
* test: stabilize line quick reply receipt time
* fix: repair extension rebase drift
* test: keep transcript redaction tests sqlite-backed
* fix: carry injected transcript redaction through sqlite
* chore: clean database branch rebase residue
* fix: repair database branch CI drift
* fix: repair database branch CI guard drift
* fix: stabilize oauth tls preflight test
* test: align database branch fast guards
* test: repair build artifact boundary guards
* chore: clean changelog rebase markers
---------
Co-authored-by: pashpashpash <nik@vault77.ai >
Co-authored-by: Eva <eva@100yen.org >
Co-authored-by: stainlu <stainlu@newtype-ai.org >
Co-authored-by: Jason Zhou <jason.zhou.design@gmail.com >
Co-authored-by: Ruben Cuevas <hi@rubencu.com >
Co-authored-by: Pavan Kumar Gondhi <pavangondhi@gmail.com >
Co-authored-by: Shakker <shakkerdroid@gmail.com >
Co-authored-by: Kaspre <36520309+Kaspre@users.noreply.github.com >
Co-authored-by: dataCenter430 <titan032000@gmail.com >
Co-authored-by: Kaspre <kaspre@gmail.com >
Co-authored-by: pandadev66 <nova.full.stack@outlook.com >
Co-authored-by: Eva <admin@100yen.org >
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
Co-authored-by: jeffjhunter <support@aipersonamethod.com >
2026-05-13 13:15:12 +01:00
Peter Steinberger
bdba90a20b
feat: add authenticated iOS background presence beacon ( #73330 )
...
* feat: add iOS background presence beacon
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
* fix: keep iOS background reconnects ahead of beacon throttle
* build: refresh gateway protocol swift models
* fix: emit swift protocol string enums
---------
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
2026-04-28 08:10:35 +01:00
Peter Steinberger
482c74b724
refactor: remove narrow SwiftLint suppressions
2026-04-28 02:38:44 +01:00
Peter Steinberger
b294f7c467
fix: harden ios app build hygiene
2026-04-28 01:42:10 +01:00
Peter Steinberger
73f4bfadc1
style: fix ios app lint warnings
2026-04-20 14:17:25 +01:00
Nimrod Gutman
f3c304917a
revert: undo background alive review findings fix
2026-04-08 14:02:49 +03:00
Nimrod Gutman
b328c66115
fix: resolve background alive beacon review findings
2026-04-08 13:46:39 +03:00
Nimrod Gutman
6380c872bc
feat(ios): improve gateway connection error ux ( #62650 )
...
* feat(ios): improve gateway connection error ux
* fix(ios): address gateway problem review feedback
* feat(ios): improve gateway connection error ux (#62650 ) (thanks @ngutman)
2026-04-07 21:53:22 +03:00
Nimrod Gutman
6f566585d8
fix(ios): harden watch exec approval review ( #61757 )
...
* fix(ios): harden watch exec approval review
* fix(ios): address watch approval review feedback
* fix(ios): finalize watch approval background recovery
* fix(ios): finalize watch approval background recovery (#61757 ) (thanks @ngutman)
2026-04-06 17:42:42 +03:00
Nimrod Gutman
28955a36e7
feat(ios): add exec approval notification flow ( #60239 )
...
* fix(auth): hand off qr bootstrap to bounded device tokens
* feat(ios): add exec approval notification flow
* fix(gateway): harden approval notification delivery
* docs(changelog): add ios exec approval entry (#60239 ) (thanks @ngutman)
2026-04-05 16:33:22 +03:00
Nimrod Gutman
226ca1f324
fix(auth): address qr bootstrap review feedback
2026-04-04 15:57:38 +09:00
Nimrod Gutman
a9140abea6
fix(auth): hand off qr bootstrap to bounded device tokens
2026-04-04 15:57:38 +09:00
Agustin Rivera
49d08382a9
iOS: restrict A2UI action dispatch to trusted canvas URLs ( #58471 )
...
* fix(ios): restrict a2ui bridge trust
* test(ios): cover fragment-strip trust and document raw-string equality
* fix(ios): normalize capability URL before trust comparison in canvas commands
* fix(ios): trim canvas.navigate url before trust comparison
* chore: add changelog for iOS A2UI trust boundary
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-02 11:51:09 -06:00