Patrick Erichsen
6cf06e8e7e
ci: split plugin ClawHub publishing paths
...
* feat: partition clawhub plugin release candidates
* fix: read clawhub trusted publisher config endpoint
* feat: split clawhub plugin bootstrap workflow
* ci: split plugin clawhub publish paths
* ci: pin clawhub package publish workflow
* ci: keep clawhub bootstrap token out of builds
* ci: fix clawhub release dry-run gating
* ci: align clawhub oidc publish refs
* ci: make clawhub bootstrap recovery idempotent
* ci: route clawhub repair candidates through bootstrap
* ci: preserve tideclaw alpha clawhub guards
* ci: simplify clawhub release ref handling
* ci: extract clawhub release routing plan
* ci: extract clawhub release runtime state
* test: guard clawhub release helper executability
* ci: pin ClawHub CLI for plugin publishing
* ci: allow historical ClawHub dry-run validation
* ci: fix ClawHub bootstrap token handoff
2026-06-12 20:16:06 -07:00
Peter Steinberger
8c7e5c6918
feat(moonshot): add Kimi K2.7 Code support ( #92554 )
...
* feat(moonshot): add Kimi K2.7 Code support
* test(moonshot): surface K2.7 live provider errors
* ci(live): accept Kimi key for Moonshot sweeps
* test(moonshot): verify K2.7 across API regions
2026-06-12 17:37:28 -07:00
Dallin Romney
4809ac70fa
Add QA evidence artifact output ( #91484 )
...
* feat: add qa evidence summary normalization
* chore: rename qa evidence target environment
* chore: align qa evidence profile terminology
* chore: align qa evidence summary fields
* chore: add qa evidence taxonomy ref
* test: remove stale multipass evidence example
* test(qa): normalize vitest and playwright evidence
* test(qa): slim evidence summary metadata
* test(qa): clarify evidence summary inputs
* test(qa): rename scenario specs in evidence flow
* test(qa): treat evidence profiles as mapping strings
* test(qa): use neutral evidence test identity
* test(qa): nest evidence summary joins
* refactor(qa): normalize live evidence summaries
* fix(qa): accept normalized telegram rtt summaries
* fix(qa): normalize evidence lane summaries
* fix(qa): align evidence summaries with requirements
* refactor(qa): tighten evidence summary builders
* refactor(qa): restore standard evidence ids
* fix(qa): keep legacy summaries out of rtt evidence
* refactor(qa): make package evidence provenance explicit
* test(qa): keep script tests out of qa lab internals
* refactor(qa): rename scenario evidence definitions
* refactor(qa): clean evidence summary wording
* test(qa): fix evidence summary test inputs
* refactor(qa): simplify evidence identity fields
* refactor(qa): tighten evidence summary inputs
* refactor(qa): rename evidence artifact
2026-06-12 16:12:58 -07:00
Vincent Koc
3b78d41a9e
fix(release): use trusted publishing for plugin npm
2026-06-12 12:07:32 +08:00
Galin Iliev
301213a05f
test(sqlite): add state perf query plan harness
...
Adds a SQLite state query-plan regression test and smoke benchmark, wires the smoke artifact into source performance evidence, validates SQLite smoke output in the performance summary, and removes a retired ClawHub nav entry that broke docs link checks.
Fixes #91616
2026-06-11 14:49:26 -07:00
Patrick Erichsen
9827490f5f
fix: rely on ClawHub plugin publish checks
2026-06-11 11:51:57 -07:00
Vincent Koc
6fb0c940fa
fix(release): gate beta publish on plugin verification
...
Delay public GitHub release publication until postpublish verification, dependency evidence upload, proof append, and required plugin publish gates pass.
Also updates release-maintainer instructions so newly publishable plugins are minted/prepublished through an owner-approved path without consuming the next auto-bumped beta version unless that path is the actual release publish.
2026-06-11 20:42:58 +09:00
Vincent Koc
d07cd4c968
fix(ci): give QA builds larger runners
2026-06-10 16:42:24 +09:00
openclaw-clownfish[bot]
db5b883a9c
fix(ci): include ACPX in shared live-test image
...
* fix(ci): include ACPX in shared live-test image
* fix(clownfish): address review for clawsweeper-commit-openclaw-openclaw-806a0119f3cd (1)
---------
Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
2026-06-10 16:40:25 +09:00
Vincent Koc
fd7e181500
fix(ci): raise QA build heap limit
2026-06-10 16:35:34 +09:00
Vincent Koc
ca4e4d93d2
fix(ci): use cursor pagination for closed issues
2026-06-10 14:53:40 +09:00
dependabot[bot]
69b95c3447
chore(deps): bump useblacksmith/setup-docker-builder ( #91666 )
...
Bumps the actions group with 1 update: [useblacksmith/setup-docker-builder](https://github.com/useblacksmith/setup-docker-builder ).
Updates `useblacksmith/setup-docker-builder` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/useblacksmith/setup-docker-builder/releases )
- [Commits](722e97d12b...ab5c1da94fsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-09 20:57:06 -07:00
Shakker
56d201fa67
fix: retry workflow sanity checkout fetches
2026-06-09 17:39:01 +01:00
Onur Solmaz
3137110167
fix(memory): move local llama.cpp runtime to provider plugin
...
* fix(memory): move local llama.cpp runtime to provider plugin
* chore: ignore llama cpp dynamic dependency
* test: remove invalid local provider alias fixture
* chore: refresh llama cpp shrinkwrap
* chore: drop stale memory embedding defaults facade
2026-06-09 14:30:35 +08:00
Patrick Erichsen
f05e9873c6
fix: let clawhub dry runs skip publish approval ( #91591 )
2026-06-08 21:04:32 -07:00
Patrick Erichsen
e8cf6df3a3
feat: dogfood reusable ClawHub package publish
2026-06-08 20:19:21 -07:00
Vincent Koc
5f6ee9f913
fix(release): prepare ClawHub publish deps after target checkout
2026-06-09 08:48:07 +09:00
Vincent Koc
2a611865f4
ci(release): retry Docker E2E image builds
2026-06-09 01:02:24 +02:00
Vincent Koc
ff5fac1439
ci(release): retry Docker BuildKit bootstrap
2026-06-09 01:02:24 +02:00
dependabot[bot]
646bc0d274
build(deps): bump the android-deps group in /apps/android with 3 updates ( #91365 )
...
* build(deps): bump the android-deps group in /apps/android with 3 updates
Bumps the android-deps group in /apps/android with 3 updates: androidx.core:core-ktx, [org.jetbrains.kotlin.plugin.compose](https://github.com/JetBrains/kotlin ) and [org.jetbrains.kotlin.plugin.serialization](https://github.com/JetBrains/kotlin ).
Updates `androidx.core:core-ktx` from 1.18.0 to 1.19.0
Updates `org.jetbrains.kotlin.plugin.compose` from 2.3.21 to 2.4.0
- [Release notes](https://github.com/JetBrains/kotlin/releases )
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md )
- [Commits](https://github.com/JetBrains/kotlin/compare/v2.3.21...v2.4.0 )
Updates `org.jetbrains.kotlin.plugin.serialization` from 2.3.21 to 2.4.0
- [Release notes](https://github.com/JetBrains/kotlin/releases )
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md )
- [Commits](https://github.com/JetBrains/kotlin/compare/v2.3.21...v2.4.0 )
Updates `org.jetbrains.kotlin.plugin.serialization` from 2.3.21 to 2.4.0
- [Release notes](https://github.com/JetBrains/kotlin/releases )
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md )
- [Commits](https://github.com/JetBrains/kotlin/compare/v2.3.21...v2.4.0 )
---
updated-dependencies:
- dependency-name: androidx.core:core-ktx
dependency-version: 1.19.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: android-deps
- dependency-name: org.jetbrains.kotlin.plugin.compose
dependency-version: 2.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: android-deps
- dependency-name: org.jetbrains.kotlin.plugin.serialization
dependency-version: 2.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: android-deps
- dependency-name: org.jetbrains.kotlin.plugin.serialization
dependency-version: 2.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: android-deps
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix(android): support compile SDK 37
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-06-08 15:34:28 -07:00
dependabot[bot]
c967172f69
build(deps): bump the actions group with 2 updates ( #91367 )
...
Bumps the actions group with 2 updates: [github/codeql-action](https://github.com/github/codeql-action ) and [docker/login-action](https://github.com/docker/login-action ).
Updates `github/codeql-action` from 4.36.1 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v4.36.1...v4.36.2 )
Updates `docker/login-action` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](4907a6ddec...650006c6ebsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-08 15:03:30 -07:00
dependabot[bot]
6aa89bb5f8
build(deps): bump actions/cache from 4 to 5 ( #91369 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-08 15:00:44 -07:00
dependabot[bot]
f9f7475dbf
build(deps): bump actions/github-script from 8 to 9 ( #91368 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 8 to 9.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v8...v9 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-version: '9'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-08 14:54:48 -07:00
Peter Steinberger
6f2b3830f1
fix(qqbot): migrate group tool policy config ( #91128 )
...
* fix(qqbot): migrate group tool policy config
* test: stabilize changed check lanes
* style: format changed main files
* test: align CI matrix expectations
2026-06-07 02:33:06 -07:00
Peter Steinberger
08ae0e6d29
refactor: store Zalo hosted media in plugin state
...
Move Zalo hosted outbound media metadata and expiry into plugin state, add SDK chunked hosted media storage, and keep CI/type/lint gates green after rebase.
2026-06-06 22:56:48 -07:00
Vincent Koc
ab645aca31
fix(test): require enabled live shard proof
2026-06-07 06:47:02 +02:00
Vincent Koc
e74d98bd65
fix(ci): fail release qa verifier closed
2026-06-07 01:17:58 +02:00
Vincent Koc
a9706ddef2
fix(ci): require live kova evidence
2026-06-07 00:48:54 +02:00
Vincent Koc
441a73c492
fix(ci): require docker e2e summaries
2026-06-07 00:35:03 +02:00
Vincent Koc
f5a7f613ee
fix(release): use monthly patch versions
...
Switch release train handling to YYYY.M.PATCH monthly patch numbering, preserve pre-transition compatibility, and pin the June 2026 stable/beta floor at 2026.6.5 after the published beta.
Verification:
- node scripts/run-vitest.mjs run test/appcast.test.ts test/release-check.test.ts test/scripts/package-mac-app.test.ts test/scripts/package-mac-dist.test.ts test/openclaw-npm-release-check.test.ts test/npm-publish-plan.test.ts src/infra/npm-registry-spec.test.ts src/infra/clawhub.test.ts src/plugins/clawhub.test.ts test/plugin-npm-release.test.ts test/scripts/ios-version.test.ts test/scripts/ios-pin-version.test.ts
- node --import tsx scripts/plugin-npm-release-check.ts --base-ref origin/main --head-ref HEAD
- node --import tsx scripts/plugin-clawhub-release-check.ts --base-ref origin/main --head-ref HEAD
- git diff --check origin/main...HEAD
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main --no-web-search
2026-06-06 12:26:32 -07:00
Vincent Koc
e1d18e5d02
fix(ci): surface advisory release QA failures
2026-06-06 19:20:29 +02:00
Vincent Koc
cf152fe76e
fix(ci): require valid Kova partial reports
2026-06-06 18:28:22 +02:00
dependabot[bot]
2ab4eaa2b1
build(deps): bump docker/login-action from 3.6.0 to 4.1.0 ( #74980 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.6.0 to 4.1.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3.6.0...4907a6ddec9925e35a0a9e82d7399ccc52663121 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: 4.1.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-05 14:12:53 -07:00
dependabot[bot]
662d366f01
chore(deps): bump the actions group across 1 directory with 4 updates ( #90601 )
...
Bumps the actions group with 4 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action ), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ), [docker/build-push-action](https://github.com/docker/build-push-action ) and [openai/codex-action](https://github.com/openai/codex-action ).
Updates `github/codeql-action` from 4 to 4.36.1
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v4...v4.36.1 )
Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4d04d5d948...d7f5e7f509https://github.com/docker/build-push-action/releases )
- [Commits](bcafcacb16...f9f3042f7ehttps://github.com/openai/codex-action/blob/main/CHANGELOG.md )
- [Commits](5c3f4ccdb2...e0fdf01220support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-05 13:37:40 -07:00
Matt H
db7d70ae4d
feat(parallel): add Parallel as a bundled web_search provider ( #85158 )
...
- New extensions/parallel package modeled on extensions/exa
- Wires Parallel's POST /v1/search through the generic web_search contract,
exposing Parallel's recommended {objective, search_queries} shape (plus
optional count, session_id, client_model) so the model can supply both the
natural-language goal and 2-3 short keyword queries as Parallel docs advise
- client_model lets the model report its own slug so Parallel can tailor
optimizations for the consuming model's capabilities; partitions the cache
by client_model so different models do not silently share ranked excerpts
- Honors top-level tools.web.search.{maxResults,timeoutSeconds,cacheTtlMinutes}
via the shared SDK helpers (mergeScopedSearchConfig, withTrustedWebSearchEndpoint,
buildSearchCacheKey, read/writeCachedSearchPayload)
- Auto-detect order 75; auth via PARALLEL_API_KEY or
plugins.entries.parallel.config.webSearch.apiKey
- Optional baseUrl override for proxies (e.g. Cloudflare AI Gateway)
- Threads caller-supplied session_id through follow-up calls; strips
auto-generated session_id from the shared cache to avoid cross-task leaks
- Always sends advanced_settings.max_results so result volume matches the
OpenClaw web_search default (5) instead of Parallel's default (10)
- Identifies the plugin via User-Agent header built from package version
- Runtime accepts the generic `query` arg as a fallback so the operator
CLI (openclaw capability web.search) keeps working when Parallel is the
active provider: it is promoted into the lone `search_queries` entry.
`objective` stays optional and is never synthesized from a keyword
query (Parallel documents it as natural-language intent). Agent callers
using the native objective+search_queries shape take precedence; the
schema still advertises only the native keys
- Updates the agent tool-display extractor (src/agents/tool-display-common.ts)
to recognize Parallel's objective+search_queries shape so calls render with
query context in CLI progress and Codex activity metadata
- Adds /tools/parallel-search docs page, web.md provider listing, docs nav,
labeler entry, per-plugin registration contract test, and minimal core
touch-points (legacy migrate, registration cases, providers contract list,
runtime bundled list, vitest extension paths)
2026-06-05 12:01:58 -07:00
Mason Huang
8b29ff5f16
fix(ci): scope PR merge diff checks to first parent ( #90287 )
...
Summary:
- This PR adds opt-in first-parent merge-head diff-base handling for CI changed-scope, changed-lanes, and OpenGrep PR scans, plus synthetic merge coverage and small lint/type cleanups.
- PR surface: Source +6, Tests +204, Config +1, Other +179. Total +390 across 15 files.
- Reproducibility: yes. The synthetic merge tests and PR body live-ref proof show the stale payload-base path can include main-only files, and first-parent mode narrows it to PR-owned paths.
Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(ci): update workflow guard expectations
- PR branch already contained follow-up commit before automerge: fix(ci): resolve plugin guardrail lint failures
- PR branch already contained follow-up commit before automerge: fix(ci): preserve plugin run context typing
- PR branch already contained follow-up commit before automerge: fix(ci): scope PR merge diff checks to first parent
Validation:
- ClawSweeper review passed for head 40235e8c3d40235e8c3dhttps://github.com/openclaw/openclaw/pull/90287#issuecomment-4621155576
Co-authored-by: Mason Huang <masonxhuang@tencent.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com >
2026-06-04 17:24:03 +00:00
Vincent Koc
7dead6537a
test(e2e): keep tui pty smoke off arm gateway runs
2026-06-04 09:50:57 -07:00
Vincent Koc
d26cef4249
fix(ci): preserve crabbox hydrate pnpm store
2026-06-04 03:59:51 +02:00
Vincent Koc
4fbc318e30
ci: stabilize live e2e resource lanes
2026-06-04 02:59:52 +02:00
Peter Steinberger
bf368e7609
ci(release): promote Windows node installers
2026-06-03 22:39:58 +01:00
Vincent Koc
7b82901e58
ci(crabbox): keep hydrated modules under node_modules
2026-06-03 13:50:10 -07:00
Vincent Koc
b7450f83a1
ci(docker): disable alpha image publishes
2026-06-03 06:46:42 -07:00
Vincent Koc
6d788a237c
fix(ci): isolate ARM Testbox workflow
2026-06-03 00:04:12 -07:00
Vincent Koc
78b3f60dbd
fix(ci): reset crabbox pnpm hydrate state
2026-06-03 05:33:59 +02:00
Peter Steinberger
a355c8897d
ci(release): keep docker preflight cheap
2026-06-02 02:48:41 +01:00
Vincent Koc
2e6016fdec
fix(ci): keep crabbox pnpm hydrate off tmpfs
2026-06-02 03:38:51 +02:00
Peter Steinberger
e8120a72e1
ci(release): retry quiet node shard stalls
2026-06-01 23:43:03 +01:00
Peter Steinberger
4e45010203
ci(release): fail fast on red release children
...
(cherry picked from commit 8d7038775f
2026-06-01 22:42:53 +01:00
Kevin Lin
f8491b0fcf
enhance(slack): route plugin approvals through native UI
...
Route Slack plugin approval delivery through the shared native approval route gates while preserving Slack Block Kit buttons and plugin resolver semantics.
Verification: Slack/native approval unit tests, Slack QA Lab, and live clawd native plugin approval via Slack desktop.
2026-06-01 13:55:59 -07:00
Dallin Romney
8ba6dfeaf6
fix(ci): restore dist cache before artifact builds ( #89169 )
2026-06-01 10:55:27 -07:00
