Peter Steinberger
fa77fe10d5
chore: migrate active GPT-5.5 references to GPT-5.6 ( #104452 )
...
* chore(models): migrate active GPT-5.5 references
* test(workboard): expect GPT-5.6 Sol default
* chore: keep release notes in PR body
* test(models): align picker fixtures with Sol default
* test: update PDF default model expectation
* test(qa): migrate thinking smoke to Luna
* test(gateway): align mock catalog with Sol default
* ci: retrigger exact-head PR checks
* test(gateway): document default catalog invariant
2026-07-11 06:30:57 -07:00
Vincent Koc
c47ceb0f3d
improve(release): reuse exact-SHA validation evidence ( #104162 )
...
* perf(release): share changelog verification snapshots
* perf(release): reuse exact-SHA validation evidence
* feat(release): checkpoint candidate workflow state
* feat(release): watch CI transitions compactly
* fix(testbox): rotate stale reusable leases
* refactor(release): move CI verifier into scripts
* fix(release): preserve verifier executable mode
* fix(testbox): force noninteractive remote hydration
* perf(testbox): skip sync for proven clean heads
* fix(testbox): keep changed gates synchronized
* fix(testbox): isolate git state probes
* fix(testbox): isolate wrapper git commands
* fix(testbox): preserve git command contracts
* fix(release): validate reused SHA evidence
* fix(release): resume serialized plugin selections
* fix(testbox): sync source on every lease reuse
* fix(release): verify from trusted workflow checkout
* fix(release): gate evidence reuse on trusted lineage
* fix(release): support legacy verifier checkouts
* fix(testbox): export CI across shell snippets
* fix(release): revalidate reused evidence before publish
* fix(release): reject untrusted reuse before lookup
* fix(release): reuse SHA-pinned root evidence
* fix(ci): allow unreleased notes in QA packages
* fix(release): satisfy script lint contracts
* fix(release): handle Unicode workflow refs safely
2026-07-11 12:48:27 +08:00
Vincent Koc
b0e3c85a61
fix(release): bind publish children to trusted SHAs ( #103913 )
...
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-10 23:25:26 +01:00
Vincent Koc
54cc90b1b1
fix(release): publish ClawHub bootstrap artifacts immutably ( #103809 )
...
* fix(release): harden ClawHub bootstrap
* fix(release): centralize publication artifact verification
* fix(release): harden publication artifact verification
* fix(release): lock ClawHub bootstrap toolchain
* test(release): assert locked ClawHub binary
* fix(release): pack with trusted ClawHub harness
* fix(release): bound beta verifier artifact reads
* fix(release): bind target and tooling identities
* fix(release): stabilize signed package ordering
* fix(release): bind ClawHub pretag proof
* fix(release): bind ClawHub OIDC readback
* fix(release): bind ClawHub OIDC readback
2026-07-10 13:33:20 -07:00
Peter Steinberger
fece8c9f54
fix(release): keep validation evidence immutable across reruns ( #103906 )
...
* fix(release): bind validation evidence to exact attempts
* test(release): cover exact validation attempts
2026-07-10 20:16:19 +01:00
Vincent Koc
cbe3731f77
fix(release): make validation proof no-write ( #103737 )
...
* fix(release): make validation proof no-write
* test(release): align no-write workflow contracts
2026-07-10 08:18:44 -07:00
Peter Steinberger
8d66e47773
fix(release): prove registry tarball identity before resuming a publish
...
Codex review: version existence alone does not prove the npm registry
serves the tarball this tag's preflight built — the same version could
have been published from a different artifact and npm versions are
immutable. The resume resolver now downloads the preflight manifest,
requires its releaseSha to match the target, and compares the published
registry tarball's sha256 against the manifest before skipping the core
dispatch; mismatches abort with correction-tag guidance.
2026-07-10 03:09:10 -07:00
Peter Steinberger
ef22e77f0b
perf(release): make publish reruns resumable and promote assets concurrently
...
The 2026.7.1 retro measured ~13h tag-to-published for beta.2 and stable
2026.6.11; any post-npm failure previously hard-aborted retries because
the already-published guard refused the whole run.
- resolve_openclaw_npm_publish_state replaces the abort guard: an
already-published core version skips the core npm dispatch and resumes
the remaining stages; verify_published_release still proves the
registry state matches the tag before the page leaves draft.
- Windows and Android promotion runs concurrently with the core npm
publish (their only shared prerequisite is the draft release page,
which is now created before the dispatch) and each promotion
short-circuits when the release already carries its verified asset
contract, so retries only redo failed stages.
- The release proof cites the core npm run only when this run dispatched
one; resumed publishes rely on the registry package check.
2026-07-10 03:09:09 -07:00
Peter Steinberger
336e43c314
fix(release): converge on the render-github-release-notes pipeline
...
Two competing release-notes pipelines existed: the release branch's
hardened render/verify/provenance pipeline (a486f3ab08 + dcee1da876 ,
battle-tested by 2026.7.1) and main's lighter prepare-github-release-notes
size gate (#103222 ). Repo policy is one canonical path; the release-branch
pipeline wins and main's unique value is grafted in:
- scripts/render-github-release-notes.mjs becomes the canonical release
body renderer (full/compact 125k char+byte modes, tag-pinned record
link, verification tail, canonical shipped-baseline format), now also
preferring a correction tag's dedicated changelog section (from
prepare's heading matrix).
- verify-release-notes.mjs is a three-way merge: release's --shipped-ref
cumulative baselines, provenance checks, highlights gate, and the
excluded-record rewrite fix, plus main's compact contribution rows,
externalReferences threading, and both-heading parser compat.
- release-candidate-checklist.mjs gains validateCandidateCheckout and
changelog-provenance gates that run before any dispatch.
- openclaw-release-publish.yml keeps main's fail-before-mutation early
notes gate (retargeted to the renderer) and adopts release's
render/verify_release_tag_target/canonical_release_body_matches flow.
- scripts/prepare-github-release-notes.mjs and its test are deleted;
release-notes-ledger.test.ts stays and pins the merged verify exports.
- .gitignore tracks every repo skill for Git-aware syncs; SKILL.md
runbooks and RELEASING.md document the converged contract.
2026-07-10 02:06:52 -07:00
Peter Steinberger
87f98090e1
feat(ci): reuse release validation evidence and speed up the release pipeline
...
- Full Release Validation now checks for a prior green validation whose
target differs only by release metadata (changelog/version stamps) and
reuses that evidence instead of re-running every lane; disable with
reuse_evidence=false. Evidence manifests chain through reuse runs via
evidenceReuse.runId and the summary re-verifies the chain root.
- The Docker runtime-assets preflight no longer serializes the CI,
plugin-prerelease, release-checks, and performance lanes; it runs in
parallel and stays enforced by the umbrella verifier.
- Umbrella runs for release/* refs now supersede in-progress runs with
the same ref and rerun group instead of requiring manual cancels.
- release_profile=beta treats the live-provider E2E suites as advisory
(third-party model deployments move underneath releases); stable and
full profiles keep them blocking, and beta live failures no longer
fail-fast-cancel the remaining release-check matrix.
2026-07-10 00:21:23 -07:00
Peter Steinberger
71f7fef7a2
fix(ci): isolate OpenWebUI release smoke ( #103095 )
...
* fix(ci): isolate OpenWebUI release smoke
* docs: format release validation table
2026-07-09 21:38:33 +01:00
Peter Steinberger
054e3675e1
feat(android): publish signed APKs with stable releases ( #101212 )
...
* feat(android): publish signed release APKs
* fix(android): preserve fallback corrections
* test(android): isolate APK signer fixtures
* docs: refresh generated docs map
2026-07-07 00:39:59 +01:00
Kevin Lin
9d2d517296
feat: publish plugins with extended-stable releases ( #100448 )
...
* feat(release): publish plugins on extended-stable
* feat(plugins): align extended-stable with core
* docs: explain extended-stable plugin alignment
* fix(release): make plugin convergence recoverable
* fix(plugins): preserve extended-stable fallback intent
* fix(release): keep plugin tag mutation credential-isolated
2026-07-05 16:16:26 -07:00
Peter Steinberger
062f88e3e3
refactor: extract reusable AI runtime package ( #99059 )
...
* refactor: extract reusable AI runtime package
* refactor: complete AI provider relocation
* refactor: keep llm core internal
* refactor(ai): make @openclaw/ai self-contained with host policy ports
Move pure transport helpers (tool projections, strict-schema normalization,
prompt-cache boundary, stream guards, anthropic/openai compat, request
activity) from src into packages/ai; move utf16-slice into
normalization-core. Inject host policy (guarded fetch, redaction,
strict-tool defaults, diagnostics logging) through AiTransportHost with
inert library defaults installed by src/llm/stream.ts. Narrow the public
barrel to instance-scoped createApiRegistry/createLlmRuntime; the
process-default runtime moves behind internal/ and
registerBuiltInApiProviders takes an explicit registry. Delete the
src/llm/api-registry re-export facade.
* fix(ai): teach node, jiti, and vite resolvers the @openclaw/ai and utf16-slice subpaths
The workspace alias tables in root-alias.cjs, plugin-sdk-native-resolver,
sdk-alias, the shared vitest config, and the Control UI vite config only
knew @openclaw/llm-core; Node-side plugin loading resolved @openclaw/ai
through the pnpm symlink to the unbuilt dist (checks-node-compact CI
failures), and the Control UI build broke on the new
normalization-core/utf16-slice subpath.
* chore(ui): drop leftover service-worker debug logging
* build(release): ship @openclaw/ai with its own shrinkwrap and honest dependency set
packages/ai declares only its six real runtime deps (kysely, chalk, json5,
tslog, zod, fs-safe, and proxyline were never imported); orphaned root deps
removed. generate-npm-shrinkwrap now treats publishable packages/* like
publishable plugins so the AI tarball pins its transitive tree even though
workspace deps are omitted from the root shrinkwrap. knip learns the
package entry points; the tsdown dts neverBundle option moves to its
documented deps.dts home; the README documents the no-semver internal/*
contract and host ports.
* docs(ai): add minimal external-consumer example app
examples/ai-chat consumes only the public @openclaw/ai surface (built dist
via the workspace link): isolated runtime, built-in provider registration,
one streamed completion. Supports Anthropic/OpenAI via env keys and a
keyless local Ollama target; live-verified against Ollama.
* docs(ai): document the @openclaw/ai package and workspace shrinkwrap boundary
* chore(check): include examples/ in duplicate-scan targets
* fix: emit normalization package subpaths
* fix: complete AI package boundary artifacts
* fix: align AI package boundary contracts
* fix(ci): stabilize package release contracts
* test: align documentation contract checks
* test: keep cron docs guard aligned
* test: align restored docs contract guards
* test: follow upstream docs contracts
* docs: drop superseded talk wording
2026-07-05 01:56:40 -04:00
Peter Steinberger
f7d7148cf0
docs: rewrite published docs grounded in current source ( #100142 )
...
Source-grounded rewrite of 529 published docs pages with per-unit information-loss verification: 1,713 factual corrections cited to src/**, generated surfaces regenerated, frontmatter titles preserved for i18n, release notes pages untouched. All docs gates green.
Closes #100141
2026-07-05 00:32:47 -04:00
Kevin Lin
ba7b5db74c
feat(release): add monthly npm extended-stable publication ( #99352 )
...
* feat(release): add npm stable publication
* fix(release): allow stable full validation
* feat(release): add stable guard test bypass
* fix(release): allow stable maintenance after month rollover
* docs: refresh release documentation map
* refactor(release): rename monthly channel to extended-stable
* fix(release): repair extended-stable selector forward
* docs(release): fix extended-stable link
2026-07-04 08:22:39 -07:00
Vincent Koc
cb301cd16f
fix(ci): skip stable closeout without rollback vars
2026-06-22 17:17:36 +08:00
Vincent Koc
f3ee317f71
fix(ci): deduplicate release Telegram validation
2026-06-21 12:24:15 +08:00
Vincent Koc
abb6f04e0c
ci(release): harden release controls
...
One-time maintainer-authorized bootstrap merge for the release-gate verifier policy. Exact hosted CI and all supporting workflow gates passed on 66133de419 .
2026-06-18 03:11:20 +08:00
Vincent Koc
06ddc85857
docs(release): require stable main closeout
2026-06-17 08:18:00 +08:00
Jason (Json)
8ae1adfdcc
ci: gate stable releases on Windows companion assets ( #92555 )
...
* ci: gate stable releases on Windows companion assets
* fix(release): reject malformed Windows checksum manifests
* fix(release): make Windows recovery fail closed
* fix(release): tighten Windows asset identity checks
* fix(release): validate prepared candidate tarballs
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-06-13 19:33:33 -07:00
Vincent Koc
fb9dc867b1
docs(release): fix sequential patch numbering
2026-06-11 02:31:50 +09:00
openclaw-clownfish[bot]
5e1fbca3cb
docs: clarify Android opt-in for release CI ( #91665 )
...
Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
2026-06-09 18:20:39 +09:00
openclaw-clownfish[bot]
56fe1e0c95
docs: include plugin prerelease in release validation approval ( #91637 )
...
Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
2026-06-09 15:42:13 +09:00
Vincent Koc
e74d98bd65
fix(ci): fail release qa verifier closed
2026-06-07 01:17:58 +02:00
Vincent Koc
f5a7f613ee
fix(release): use monthly patch versions
...
Switch release train handling to YYYY.M.PATCH monthly patch numbering, preserve pre-transition compatibility, and pin the June 2026 stable/beta floor at 2026.6.5 after the published beta.
Verification:
- node scripts/run-vitest.mjs run test/appcast.test.ts test/release-check.test.ts test/scripts/package-mac-app.test.ts test/scripts/package-mac-dist.test.ts test/openclaw-npm-release-check.test.ts test/npm-publish-plan.test.ts src/infra/npm-registry-spec.test.ts src/infra/clawhub.test.ts src/plugins/clawhub.test.ts test/plugin-npm-release.test.ts test/scripts/ios-version.test.ts test/scripts/ios-pin-version.test.ts
- node --import tsx scripts/plugin-npm-release-check.ts --base-ref origin/main --head-ref HEAD
- node --import tsx scripts/plugin-clawhub-release-check.ts --base-ref origin/main --head-ref HEAD
- git diff --check origin/main...HEAD
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main --no-web-search
2026-06-06 12:26:32 -07:00
Peter Steinberger
ed283490b5
docs(release): require verified Windows asset links
2026-06-03 22:42:53 +01:00
Peter Steinberger
bf368e7609
ci(release): promote Windows node installers
2026-06-03 22:39:58 +01:00
Peter Steinberger
cb765f1664
ci(release): require all plugins for core publish
2026-05-29 12:07:03 +01:00
Rohit
376b03f8ea
fix(plugins): reject incompatible package plugin API installs ( #87477 )
...
* fix(plugins): enforce package plugin API compatibility
* fix(plugins): preserve plugin API prerelease floors
* fix(plugins): gate persisted plugin api compatibility
* fix(plugins): skip incompatible package discovery
* fix(plugins): check api compatibility before package shape
* fix(plugins): gate bundle package api compatibility
* docs(plugins): clarify plugin API release sync
* test(agents): keep dynamic live model unit test runtime-free
* fix(plugins): normalize correction plugin api floors
* test(agents): align dynamic normalizer expectation
* fix(plugins): reject malformed plugin api metadata
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-28 20:25:30 +01:00
Peter Steinberger
910354b07f
docs: point release process at public evidence repo
2026-05-28 15:04:33 +01:00
Vincent Koc
9be760fb37
test(qa): add collector-backed otel smoke
2026-05-25 23:51:17 +02:00
Peter Steinberger
c0f2d89c20
docs: make changelog release-owned
2026-05-25 19:15:37 +01:00
Jason O'Neal
7fffbf60b0
fix: harden package URL downloads ( #85578 )
...
* fix: harden package URL downloads
Guard package acceptance URL downloads with HTTPS-only validation, no embedded credentials, private/special-use DNS and IP rejection, manual redirect checks, bounded timeout/size limits, pinned lookup, and atomic temp-file writes. Add tooling tests for unsafe URLs, redirect validation, size limits, and successful writes.
* fix: cancel redirect response bodies before closing dispatcher
ClawSweeper P2: the redirect branch in openPackageDownloadResponse cleared
the timeout and awaited dispatcher.close() without first cancelling
response.body. Undici's close() is graceful — it waits for in-flight
requests to complete — so a malicious redirect with a slow/never-ending
body could hang the hardened downloader.
Fix: call response.body?.cancel() before dispatcher.close() to abort the
redirect body immediately.
Test: add a regression test that uses a ReadableStream with an indefinite
interval to simulate a hanging body, and asserts cancel() was called.
Refs: clawsweeper review on PR #85512
* test: harden redirect body cancellation race in regression test
Guard the ReadableStream controller.enqueue() call with a cancelled
flag and try/catch to prevent ERR_INVALID_STATE when the interval
fires after cancel() closes the controller.
* fix: cancel final response body before closing dispatcher in downloadUrl
ClawSweeper P2: the HTTP-error and declared-oversize early-exit paths
in downloadUrl threw before consuming or canceling response.body. The
finally block then cleared the timeout and awaited graceful
dispatcher.close() with the body still open, allowing a slow/never-ending
response to hang release tooling.
Fix: add response.body?.cancel() in the finally block before
dispatcher.close().
Tests: add two regressions:
- HTTP 500 with slow body: asserts cancel() called before dispatcher close
- Declared content-length oversize with slow body: same assertion
* fix: add trusted package URL source policy
* fix: keep package URL resolver dependency-free
* test: cover encoded IPv6 package URL bypasses
* docs: sync package acceptance source overview
* docs: restore release doc formatting
* docs: sync package acceptance trusted-url source
* test: cover dotted IPv4 embedded IPv6 package URLs
* fix: parse dotted IPv4 embedded in IPv6 package URLs
* test: isolate anthropic pruning defaults
* test: move anthropic dated model coverage
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-23 17:28:29 +01:00
Vincent Koc
7f05be041e
fix(diagnostics): harden observability exports and smokes ( #85371 )
...
* test(diagnostics): widen observability smokes
* fix(diagnostics): sanitize observability exports
* docs(diagnostics): format otel export docs
2026-05-23 15:27:43 +08:00
Peter Steinberger
71ed6526b1
ci: reduce aggregate runner jobs
2026-05-18 04:53:40 +01:00
Vincent Koc
58e1351863
fix(qa-lab): hard gate runtime tool coverage
2026-05-18 10:05:04 +08:00
Peter Steinberger
1ceebf8a01
ci: harden release publish evidence
2026-05-17 06:34:58 +01:00
Peter Steinberger
694ca50e97
Revert "refactor: move runtime state to SQLite"
...
This reverts commit f91de52f0d .
2026-05-13 13:33:38 +01:00
Peter Steinberger
f91de52f0d
refactor: move runtime state to SQLite
...
* refactor: remove stale file-backed shims
* fix: harden sqlite state ci boundaries
* refactor: store matrix idb snapshots in sqlite
* fix: satisfy rebased CI guardrails
* refactor: store current conversation bindings in sqlite table
* refactor: store tui last sessions in sqlite table
* refactor: reset sqlite schema history
* refactor: drop unshipped sqlite table migration
* refactor: remove plugin index file rollback
* refactor: drop unshipped sqlite sidecar migrations
* refactor: remove runtime commitments kv migration
* refactor: preserve kysely sync result types
* refactor: drop unshipped sqlite schema migration table
* test: keep session usage coverage sqlite-backed
* refactor: keep sqlite migration doctor-only
* refactor: isolate device legacy imports
* refactor: isolate push voicewake legacy imports
* refactor: isolate remaining runtime legacy imports
* refactor: tighten sqlite migration guardrails
* test: cover sqlite persisted enum parsing
* refactor: isolate legacy update and tui imports
* refactor: tighten sqlite state ownership
* refactor: move legacy imports behind doctor
* refactor: remove legacy session row lookup
* refactor: canonicalize memory transcript locators
* refactor: drop transcript path scope fallbacks
* refactor: drop runtime legacy session delivery pruning
* refactor: store tts prefs only in sqlite
* refactor: remove cron store path runtime
* refactor: use cron sqlite store keys
* refactor: rename telegram message cache scope
* refactor: read memory dreaming status from sqlite
* refactor: rename cron status store key
* refactor: stop remembering transcript file paths
* test: use sqlite locators in agent fixtures
* refactor: remove file-shaped commitments and cron store surfaces
* refactor: keep compaction transcript handles out of session rows
* refactor: derive transcript handles from session identity
* refactor: derive runtime transcript handles
* refactor: remove gateway session locator reads
* refactor: remove transcript locator from session rows
* refactor: store raw stream diagnostics in sqlite
* refactor: remove file-shaped transcript rotation
* refactor: hide legacy trajectory paths from runtime
* refactor: remove runtime transcript file bridges
* refactor: repair database-first rebase fallout
* refactor: align tests with database-first state
* refactor: remove transcript file handoffs
* refactor: sync post-compaction memory by transcript scope
* refactor: run codex app-server sessions by id
* refactor: bind codex runtime state by session id
* refactor: pass memory transcripts by sqlite scope
* refactor: remove transcript locator cleanup leftovers
* test: remove stale transcript file fixtures
* refactor: remove transcript locator test helper
* test: make cron sqlite keys explicit
* test: remove cron runtime store paths
* test: remove stale session file fixtures
* test: use sqlite cron keys in diagnostics
* refactor: remove runtime delivery queue backfill
* test: drop fake export session file mocks
* refactor: rename acp session read failure flag
* refactor: rename acp row session key
* refactor: remove session store test seams
* refactor: move legacy session parser tests to doctor
* refactor: reindex managed memory in place
* refactor: drop stale session store wording
* refactor: rename session row helpers
* refactor: rename sqlite session entry modules
* refactor: remove transcript locator leftovers
* refactor: trim file-era audit wording
* refactor: clean managed media through sqlite
* fix: prefer explicit agent for exports
* fix: use prepared agent for session resets
* fix: canonicalize legacy codex binding import
* test: rename state cleanup helper
* docs: align backup docs with sqlite state
* refactor: drop legacy Pi usage auth fallback
* refactor: move legacy auth profile imports to doctor
* refactor: keep Pi model discovery auth in memory
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
* refactor: remove model json compatibility aliases
* refactor: store auth profiles in sqlite
* refactor: seed copied auth profiles in sqlite
* refactor: make auth profile runtime sqlite-addressed
* refactor: migrate hermes secrets into sqlite auth store
* refactor: move plugin install config migration to doctor
* refactor: rename plugin index audit checks
* test: drop auth file assumptions
* test: remove legacy transcript file assertions
* refactor: drop legacy cli session aliases
* refactor: store skill uploads in sqlite
* refactor: keep subagent attachments in sqlite vfs
* refactor: drop subagent attachment cleanup state
* refactor: move legacy session aliases to doctor
* refactor: require node 24 for sqlite state runtime
* refactor: move provider caches into sqlite state
* fix: harden virtual agent filesystem
* refactor: enforce database-first runtime state
* refactor: rename compaction transcript rotation setting
* test: clean sqlite refactor test types
* refactor: consolidate sqlite runtime state
* refactor: model session conversations in sqlite
* refactor: stop deriving cron delivery from session keys
* refactor: stop classifying sessions from key shape
* refactor: hydrate announce targets from typed delivery
* refactor: route heartbeat delivery from typed sqlite context
* refactor: tighten typed sqlite session routing
* refactor: remove session origin routing shadow
* refactor: drop session origin shadow fixtures
* perf: query sqlite vfs paths by prefix
* refactor: use typed conversation metadata for sessions
* refactor: prefer typed session routing metadata
* refactor: require typed session routing metadata
* refactor: resolve group tool policy from typed sessions
* refactor: delete dead session thread info bridge
* Show Codex subscription reset times in channel errors (#80456 )
* feat(plugin-sdk): consolidate session workflow APIs
* fix(agents): allow read-only agent mount reads
* [codex] refresh plugin regression fixtures
* fix(agents): restore compaction gateway logs
* test: tighten gateway startup assertions
* Redact persisted secret-shaped payloads [AI] (#79006 )
* test: tighten device pair notify assertions
* test: tighten hermes secret assertions
* test: assert matrix client error shapes
* test: assert config compat warnings
* fix(heartbeat): remap cron-run exec events to session keys (#80214 )
* fix(codex): route btw through native side threads
* fix(auth): accept friendly OpenAI order for Codex profiles
* fix(codex): rotate auth profiles inside harness
* fix: keep browser status page probe within timeout
* test: assert agents add outputs
* test: pin cron read status
* fix(agents): avoid Pi resource discovery stalls
Co-authored-by: dataCenter430 <titan032000@gmail.com >
* fix: retire timed-out codex app-server clients
* test: tighten qa lab runtime assertions
* test: check security fix outputs
* test: verify extension runtime messages
* feat(wake): expose typed sessionKey on wake protocol + system event CLI
* fix(gateway): await session_end during shutdown drain and track channel + compaction lifecycle paths (#57790 )
* test: guard talk consult call helper
* fix(codex): scale context engine projection (#80761 )
* fix(codex): scale context engine projection
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* chore: align Codex projection changelog
* chore: realign Codex projection changelog
* fix: isolate Codex projection patch
---------
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
* refactor: move agent runtime state toward piless
* refactor: remove cron session reaper
* refactor: move session management to sqlite
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: remove stale file-backed shims
* test: harden kysely type coverage
# Conflicts:
# .agents/skills/kysely-database-access/SKILL.md
# src/infra/kysely-sync.types.test.ts
# src/proxy-capture/store.sqlite.test.ts
# src/state/openclaw-agent-db.test.ts
# src/state/openclaw-state-db.test.ts
* refactor: remove cron store path runtime
* refactor: keep compaction transcript handles out of session rows
* refactor: derive embedded transcripts from sqlite identity
* refactor: remove embedded transcript locator handoff
* refactor: remove runtime transcript file bridges
* refactor: remove transcript file handoffs
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
# Conflicts:
# docs/cli/secrets.md
# docs/gateway/authentication.md
# docs/gateway/secrets.md
* fix: keep oauth sibling sync sqlite-local
# Conflicts:
# src/commands/onboard-auth.test.ts
* refactor: remove task session store maintenance
# Conflicts:
# src/commands/tasks.ts
* refactor: keep diagnostics in state sqlite
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* Show Codex subscription reset times in channel errors (#80456 )
* fix(codex): refresh subscription limit resets
* fix(codex): format reset times for channels
* Update CHANGELOG with latest changes and fixes
Updated CHANGELOG with recent fixes and improvements.
* fix(codex): keep command load failures on codex surface
* fix(codex): format account rate limits as rows
* fix(codex): summarize account limits as usage status
* fix(codex): simplify account limit status
* test: tighten subagent announce queue assertion
* test: tighten session delete lifecycle assertions
* test: tighten cron ops assertions
* fix: track cron execution milestones
* test: tighten hermes secret assertions
* test: assert matrix sync store payloads
* test: assert config compat warnings
* fix(codex): align btw side thread semantics
* fix(codex): honor codex fallback blocking
* fix(agents): avoid Pi resource discovery stalls
* test: tighten codex event assertions
* test: tighten cron assertions
* Fix Codex app-server OAuth harness auth
* refactor: move agent runtime state toward piless
* refactor: move device and push state to sqlite
* refactor: move runtime json state imports to doctor
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: clarify cron sqlite store keys
* refactor: remove stale file-backed shims
* refactor: bind codex runtime state by session id
* test: expect sqlite trajectory branch export
* refactor: rename session row helpers
* fix: keep legacy device identity import in doctor
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* build: align pi contract wrappers
* chore: repair database-first rebase
* refactor: remove session file test contracts
* test: update gateway session expectations
* refactor: stop routing from session compatibility shadows
* refactor: stop persisting session route shadows
* refactor: use typed delivery context in clients
* refactor: stop echoing session route shadows
* refactor: repair embedded runner rebase imports
# Conflicts:
# src/agents/pi-embedded-runner/run/attempt.tool-call-argument-repair.ts
* refactor: align pi contract imports
* refactor: satisfy kysely sync helper guard
* refactor: remove file transcript bridge remnants
* refactor: remove session locator compatibility
* refactor: remove session file test contracts
* refactor: keep rebase database-first clean
* refactor: remove session file assumptions from e2e
* docs: clarify database-first goal state
* test: remove legacy store markers from sqlite runtime tests
* refactor: remove legacy store assumptions from runtime seams
* refactor: align sqlite runtime helper seams
* test: update memory recall sqlite audit mock
* refactor: align database-first runtime type seams
* test: clarify doctor cron legacy store names
* fix: preserve sqlite session route projections
* test: fix copilot token cache test syntax
* docs: update database-first proof status
* test: align database-first test fixtures
* docs: update database-first proof status
* refactor: clean extension database-first drift
* test: align agent session route proof
* test: clarify doctor legacy path fixtures
* chore: clean database-first changed checks
* chore: repair database-first rebase markers
* build: allow baileys git subdependency
* chore: repair exp-vfs rebase drift
* chore: finish exp-vfs rebase cleanup
* chore: satisfy rebase lint drift
* chore: fix qqbot rebase type seam
* chore: fix rebase drift leftovers
* fix: keep auth profile oauth secrets out of sqlite
* fix: repair rebase drift tests
* test: stabilize pairing request ordering
* test: use source manifests in plugin contract checks
* fix: restore gateway session metadata after rebase
* fix: repair database-first rebase drift
* fix: clean up database-first rebase fallout
* test: stabilize line quick reply receipt time
* fix: repair extension rebase drift
* test: keep transcript redaction tests sqlite-backed
* fix: carry injected transcript redaction through sqlite
* chore: clean database branch rebase residue
* fix: repair database branch CI drift
* fix: repair database branch CI guard drift
* fix: stabilize oauth tls preflight test
* test: align database branch fast guards
* test: repair build artifact boundary guards
* chore: clean changelog rebase markers
---------
Co-authored-by: pashpashpash <nik@vault77.ai >
Co-authored-by: Eva <eva@100yen.org >
Co-authored-by: stainlu <stainlu@newtype-ai.org >
Co-authored-by: Jason Zhou <jason.zhou.design@gmail.com >
Co-authored-by: Ruben Cuevas <hi@rubencu.com >
Co-authored-by: Pavan Kumar Gondhi <pavangondhi@gmail.com >
Co-authored-by: Shakker <shakkerdroid@gmail.com >
Co-authored-by: Kaspre <36520309+Kaspre@users.noreply.github.com >
Co-authored-by: dataCenter430 <titan032000@gmail.com >
Co-authored-by: Kaspre <kaspre@gmail.com >
Co-authored-by: pandadev66 <nova.full.stack@outlook.com >
Co-authored-by: Eva <admin@100yen.org >
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
Co-authored-by: jeffjhunter <support@aipersonamethod.com >
2026-05-13 13:15:12 +01:00
Josh Avant
bd4db5ee62
Add dependency release safety evidence and PR awareness ( #81325 )
...
* test: cover dependency pin guard
* build: add dependency vulnerability gate
* build: add dependency risk report
* build: add dependency drift reports
* build: include dependency ownership surface evidence
* build: rename dependency report commands
* build: respect release age exclusions in risk report
* build: clarify transitive risk accounting
* build: remove transitive risk exception registry
* build: clarify transitive risk signal wording
* ci: attach dependency evidence to release preflight
* ci: extract dependency release evidence generator
* build: rename ownership surface dependency report
* ci: clarify release evidence naming
* build: clarify recently published risk report
* build: reorder transitive risk report sections
* build: fix ownership surface pluralization
* ci: surface dependency changes on PRs
* ci: harden dependency change awareness
* ci: use dependency changed PR label
* build: fix dependency report lint
* docs: add dependency safety changelog
2026-05-13 03:05:09 -05:00
Peter Steinberger
a4acd33097
ci: speed up beta release verification
...
(cherry picked from commit 7ca9b58a27 )
2026-05-12 06:21:09 +01:00
Peter Steinberger
18997be120
ci: speed up release validation reruns
2026-05-11 00:22:19 +01:00
samzong
d832ad214c
[Feat] Add upload archive install RPC ( #74430 )
...
* feat(skills): add upload archive install RPC
- src/agents/skills-archive-install.ts:83 [BOT-SCOPE]: `withExtractedArchiveRoot()` still returns unstructured extract failures, so exact transient-vs-terminal classification should be moved into the shared install-flow layer in a follow-up rather than expanding this PR.
Signed-off-by: samzong <samzong.lu@gmail.com >
* fix(skills): address archive upload review findings
Signed-off-by: samzong <samzong.lu@gmail.com >
* fix(skills): regen protocol bindings and classify transient archive errors
* feat: gate uploaded skill installs by config
* test: add docker skill install proof
* docs: clarify uploaded skill archive gate
* chore: refresh config docs baseline
* style: format docker e2e plan test
* fix: use fs-safe path checks for skill archives
* fix: classify skill publish failures as unavailable
* test: update skill clawhub path mock
* fix: pass mutable archive root markers
* fix: use current json dir mode option
* test: satisfy skill upload lint
* test: refresh core support expectations
---------
Signed-off-by: samzong <samzong.lu@gmail.com >
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-09 20:44:18 -04:00
Peter Steinberger
3a452a029c
ci(release): automate stable appcast handoff
2026-05-07 23:46:33 +01:00
Peter Steinberger
fa8a85586c
ci(release): create GitHub release during publish
2026-05-07 22:03:46 +01:00
Peter Steinberger
a68ad39877
ci(release): speed up beta publish path
2026-05-07 15:02:24 +01:00
Peter Steinberger
330ba1fa31
refactor: move canvas to plugin surfaces
2026-05-07 09:07:18 +01:00
Peter Steinberger
a8801350d8
docs: clarify planned monthly support lines
2026-05-07 01:42:20 +01:00
Peter Steinberger
39b17310b6
ci: parallelize release publish workflows
2026-05-06 10:45:29 +01:00