Commit Graph

313 Commits

Author SHA1 Message Date
Peter Steinberger
d8624a4e1b fix: fail release performance when reports do not publish (#103126)
* fix(ci): harden performance report publishing

* ci: use scoped app token for reports

* ci: pin Kova readiness probe fix

* ci: pin latest Kova readiness checks

* ci: pin Kova startup sequencing fix

* ci: pin calibrated Kova release policy
2026-07-10 01:27:26 +01:00
Peter Steinberger
dc3d06c5d6 fix(ci): calibrate hosted startup memory 2026-07-09 19:54:42 -04:00
Peter Steinberger
71f7fef7a2 fix(ci): isolate OpenWebUI release smoke (#103095)
* fix(ci): isolate OpenWebUI release smoke

* docs: format release validation table
2026-07-09 21:38:33 +01:00
Vincent Koc
f643c9b2f8 perf(ci): raise Node shard parallelism to 28 (#101174) 2026-07-06 21:59:22 -07:00
Peter Steinberger
aed2482292 fix(qa): restore automatic smoke coverage across channels (#101186)
* fix(qa): restore channel-sharded smoke coverage

Co-authored-by: Peter Steinberger <steipete@gmail.com>

Co-authored-by: Dallin Romney <dallinromney@gmail.com>

* fix(qa): restore channel-sharded smoke coverage

* fix(qa): restore channel-sharded smoke coverage

* fix(qa): restore channel-sharded smoke coverage

---------

Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
Co-authored-by: Dallin Romney <dallinromney@gmail.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-07-06 17:09:40 -07:00
Dallin Romney
6bffda4166 ci: temporarily disable QA smoke (#101185) 2026-07-06 13:38:33 -07:00
Peter Steinberger
b6f4cf5ac4 docs: default agent validation to remote runners (#100220)
* docs: default agent validation to remote runners

* docs: isolate untrusted validation networking

* fix: harden untrusted Crabbox validation

* docs: refresh generated docs map
2026-07-05 02:01:51 -07:00
Peter Steinberger
f7d7148cf0 docs: rewrite published docs grounded in current source (#100142)
Source-grounded rewrite of 529 published docs pages with per-unit information-loss verification: 1,713 factual corrections cited to src/**, generated surfaces regenerated, frontmatter titles preserved for i18n, release notes pages untouched. All docs gates green.

Closes #100141
2026-07-05 00:32:47 -04:00
Kevin Lin
d214622320 feat(update): support extended-stable package updates (#99811)
* feat(update): add extended-stable channel contract

* feat(update): implement extended-stable package flow

* docs(update): document extended-stable behavior

* fix(update): preserve extended-stable preflight guarantees

* fix(update): reject extended-stable Git repair

* fix(update): support loopback extended-stable canaries

* fix(update): preserve scoped package roots
2026-07-04 12:34:29 -07:00
Kevin Lin
ba7b5db74c feat(release): add monthly npm extended-stable publication (#99352)
* feat(release): add npm stable publication

* fix(release): allow stable full validation

* feat(release): add stable guard test bypass

* fix(release): allow stable maintenance after month rollover

* docs: refresh release documentation map

* refactor(release): rename monthly channel to extended-stable

* fix(release): repair extended-stable selector forward

* docs(release): fix extended-stable link
2026-07-04 08:22:39 -07:00
Peter Steinberger
c669b09d4b ci: increase artifact Testbox memory (#99820)
* ci: increase artifact Testbox memory

* ci: increase artifact Testbox memory

* ci: increase artifact Testbox memory
2026-07-03 22:13:47 -07:00
Peter Steinberger
5ef2c81ed2 ci: reuse one package in QA smoke (#99793)
* docs(ci): document QA smoke runner

* ci: increase QA smoke build memory

* ci: route QA smoke to 16 vCPU runner
2026-07-03 21:39:56 -07:00
Mason Huang
b60e8c4838 ci: add process exec CodeQL security shard (#92667)
Summary:
- The PR adds a `process-exec-boundary` CodeQL high-security shard, wires it into the CodeQL workflow, expands PR path triggers for process-owning plugin/script paths, and updates CI docs.
- PR surface: Docs +1, Config +87. Total +88 across 3 files.
- Reproducibility: not applicable. this is CI/security-scanner configuration rather than a runtime bug. The behavior is source-reviewable and the exact-head `Security High (process-exec-boundary)` check passed.

Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.

Validation:
- ClawSweeper review passed for head 066d54b633.
- Required merge gates passed before the squash merge.

Prepared head SHA: 066d54b633
Review: https://github.com/openclaw/openclaw/pull/92667#issuecomment-4698545987

Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Approved-by: hxy91819
2026-07-02 12:50:45 +00:00
Vincent Koc
18b2ff683f docs(ci): update runner registration budget (#97943) 2026-06-29 16:27:32 -07:00
Shakker
461e551e85 test: clarify delegated Testbox proof status 2026-06-27 23:53:52 +01:00
Vincent Koc
a82902c725 ci: right-size runner registration caps (#97119) 2026-06-27 07:01:26 +08:00
Colin Johnson
4ae0a5d958 ci: run QA smoke profile in CI (#94291)
* ci: add qa lab smoke profile dispatch

* ci: prove qa lab smoke profile on prs

* ci: preserve manual qa lab profile dispatch

* ci: run qa lab smoke profile on pull requests

* ci: keep QA smoke mock lane bounded

* ci: run QA smoke PR proof through crabline

* ci: keep mock QA timeouts on caller fallbacks

* ci: prebuild QA smoke runtime

* ci: delegate smoke QA evidence workflow

* ci: trust release branch smoke evidence refs

* ci: trim smoke evidence workflow comments

* ci: align smoke evidence wrapper with QA profile contract

* ci: keep smoke profile evidence mock-only

* ci: make smoke profile evidence manual

* ci: shard qa smoke profile in ci

* ci: drop qa-channel-only smoke shard

* ci: derive qa smoke shards from taxonomy

* ci: keep qa smoke planner legacy-safe

* ci: enforce qa smoke shard failures

* ci: run qa smoke in existing fast shard

* ci: opt qa smoke into crabline concurrency

* test(ci): align qa smoke guard with taxonomy cleanup

* ci: split qa smoke into dedicated check

---------

Co-authored-by: Dallin Romney <dallinromney@gmail.com>
2026-06-24 09:47:45 -07:00
Vincent Koc
89460288c4 ci: move codeql quality off blacksmith (#96258) 2026-06-24 11:48:32 +08:00
Vincent Koc
cc981f8a73 ci: build iOS app for iOS changes 2026-06-24 04:32:08 +08:00
Dallin Romney
7e0083ce0b ci: add release QA profile evidence (#95094)
* ci: add release qa profile evidence

* ci: simplify release qa profile evidence

* ci: reuse qa profile evidence workflow

* ci: remove inherited secrets lint comment

* ci: pass qa profile evidence secret explicitly

* ci: run maturity scorecard in release checks

* ci: declare maturity scorecard reusable secret
2026-06-23 02:27:00 -07:00
Dallin Romney
a1c2454b08 ci: move tui pty into node ci shard (#95872) 2026-06-22 15:25:20 -07:00
Vincent Koc
607b2e9663 fix(ci): debounce canonical main runner admission (#95681)
Compacts canonical pull request CI to 18 bounded Node jobs, preserves isolated subprocess execution, and delays canonical main runner admission to smooth GitHub runner-registration bursts.

Verification: focused CI planner/workflow tests passed; fresh autoreview clean. Hosted CI had two pre-existing runtime-config failures on the current main baseline; merged with explicit maintainer override.
2026-06-22 16:55:56 +08:00
Vincent Koc
7d3bc4d944 fix(ci): bundle test shards and right-size runners
Bundles only isolated low-risk Node shards, keeps stateful suites isolated, and right-sizes Blacksmith runners to reduce runner-registration bursts. Exact-head CI run 27932220655 passed the changed CI planning lanes; its two remaining agent test reds match latest main baseline run 27929063460 and are unrelated to this CI-only diff.
2026-06-22 14:05:40 +08:00
Vincent Koc
f3ee317f71 fix(ci): deduplicate release Telegram validation 2026-06-21 12:24:15 +08:00
Hannes Rudolph
4a0f497f16 improve: simplify PR context and evidence (#94676)
* improve: simplify PR context and evidence

* improve: decouple PR context from proof labels

* fix: satisfy PR context lint
2026-06-19 14:00:38 -06:00
Vincent Koc
abb6f04e0c ci(release): harden release controls
One-time maintainer-authorized bootstrap merge for the release-gate verifier policy. Exact hosted CI and all supporting workflow gates passed on 66133de419.
2026-06-18 03:11:20 +08:00
Jason (Json)
8ae1adfdcc ci: gate stable releases on Windows companion assets (#92555)
* ci: gate stable releases on Windows companion assets

* fix(release): reject malformed Windows checksum manifests

* fix(release): make Windows recovery fail closed

* fix(release): tighten Windows asset identity checks

* fix(release): validate prepared candidate tarballs

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-06-13 19:33:33 -07:00
Galin Iliev
301213a05f test(sqlite): add state perf query plan harness
Adds a SQLite state query-plan regression test and smoke benchmark, wires the smoke artifact into source performance evidence, validates SQLite smoke output in the performance summary, and removes a retired ClawHub nav entry that broke docs link checks.

Fixes #91616
2026-06-11 14:49:26 -07:00
Vincent Koc
f5a7f613ee fix(release): use monthly patch versions
Switch release train handling to YYYY.M.PATCH monthly patch numbering, preserve pre-transition compatibility, and pin the June 2026 stable/beta floor at 2026.6.5 after the published beta.

Verification:
- node scripts/run-vitest.mjs run test/appcast.test.ts test/release-check.test.ts test/scripts/package-mac-app.test.ts test/scripts/package-mac-dist.test.ts test/openclaw-npm-release-check.test.ts test/npm-publish-plan.test.ts src/infra/npm-registry-spec.test.ts src/infra/clawhub.test.ts src/plugins/clawhub.test.ts test/plugin-npm-release.test.ts test/scripts/ios-version.test.ts test/scripts/ios-pin-version.test.ts
- node --import tsx scripts/plugin-npm-release-check.ts --base-ref origin/main --head-ref HEAD
- node --import tsx scripts/plugin-clawhub-release-check.ts --base-ref origin/main --head-ref HEAD
- git diff --check origin/main...HEAD
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main --no-web-search
2026-06-06 12:26:32 -07:00
Vincent Koc
023427b1d5 test(docker): cap npm scheduler concurrency 2026-06-04 12:04:45 -07:00
WT-WSL
462b52f62c fix(ci): guard workflow template injection
Guard the remaining Windows Testbox workflow ref logging against GitHub Actions template injection by moving `target_ref` through step env before PowerShell reads it.

Extend the local workflow check wrapper to run pinned `zizmor` across every workflow file, and keep Workflow Sanity's CI audit explicit with trusted-base pre-commit and zizmor configs for pull-request runs.

Thanks @WT-WSL for the original report and patch.

Co-authored-by: dev111-actor <captaintobb@outlook.com>
2026-05-31 20:28:40 +01:00
Peter Steinberger
d4f78c9339 ci: harden Crabbox Testbox runs 2026-05-31 09:29:56 +01:00
Dallin Romney
93c30de17b ci: restore timing summary artifact (#87832)
* ci: restore timing summary artifact

* ci: report pnpm warmup fanout timing

* ci: run timing summary from trusted base
2026-05-28 18:08:12 -07:00
Dallin Romney
5cccfe1c17 docs: correct ci timing summary guidance (#87813) 2026-05-28 17:36:54 -07:00
Dallin Romney
2be9eb1e97 ci: consolidate Blacksmith runner defaults (#87503) 2026-05-28 13:28:22 -07:00
Vincent Koc
f9834a3f95 ci: pin macOS runner labels 2026-05-28 20:52:52 +02:00
Peter Steinberger
a1934e9d0e fix(cli): handle Bun launcher module misses
Fixes #86198.

Co-authored-by: Gio Della-Libera <giodl73@gmail.com>
2026-05-27 01:20:14 +01:00
Peter Steinberger
e20b8d70a6 fix: simplify testbox changed-check delegation 2026-05-26 11:33:09 +01:00
Peter Steinberger
3b0805414e ci: report memory metrics 2026-05-25 22:49:23 +01:00
Jason O'Neal
7fffbf60b0 fix: harden package URL downloads (#85578)
* fix: harden package URL downloads

Guard package acceptance URL downloads with HTTPS-only validation, no embedded credentials, private/special-use DNS and IP rejection, manual redirect checks, bounded timeout/size limits, pinned lookup, and atomic temp-file writes. Add tooling tests for unsafe URLs, redirect validation, size limits, and successful writes.

* fix: cancel redirect response bodies before closing dispatcher

ClawSweeper P2: the redirect branch in openPackageDownloadResponse cleared
the timeout and awaited dispatcher.close() without first cancelling
response.body. Undici's close() is graceful — it waits for in-flight
requests to complete — so a malicious redirect with a slow/never-ending
body could hang the hardened downloader.

Fix: call response.body?.cancel() before dispatcher.close() to abort the
redirect body immediately.

Test: add a regression test that uses a ReadableStream with an indefinite
interval to simulate a hanging body, and asserts cancel() was called.

Refs: clawsweeper review on PR #85512

* test: harden redirect body cancellation race in regression test

Guard the ReadableStream controller.enqueue() call with a cancelled
flag and try/catch to prevent ERR_INVALID_STATE when the interval
fires after cancel() closes the controller.

* fix: cancel final response body before closing dispatcher in downloadUrl

ClawSweeper P2: the HTTP-error and declared-oversize early-exit paths
in downloadUrl threw before consuming or canceling response.body. The
finally block then cleared the timeout and awaited graceful
dispatcher.close() with the body still open, allowing a slow/never-ending
response to hang release tooling.

Fix: add response.body?.cancel() in the finally block before
dispatcher.close().

Tests: add two regressions:
- HTTP 500 with slow body: asserts cancel() called before dispatcher close
- Declared content-length oversize with slow body: same assertion

* fix: add trusted package URL source policy

* fix: keep package URL resolver dependency-free

* test: cover encoded IPv6 package URL bypasses

* docs: sync package acceptance source overview

* docs: restore release doc formatting

* docs: sync package acceptance trusted-url source

* test: cover dotted IPv4 embedded IPv6 package URLs

* fix: parse dotted IPv4 embedded in IPv6 package URLs

* test: isolate anthropic pruning defaults

* test: move anthropic dated model coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-05-23 17:28:29 +01:00
Dallin Romney
0a50cbdf34 Add TUI PTY integration coverage (#85485)
* test: add TUI PTY integration coverage

* test: stabilize TUI PTY CI

* test: speed up TUI PTY coverage

* test: bound TUI PTY local waits

* ci: keep TUI PTY gate fast

* test: route TUI PTY project in full suite

* ci: run TUI PTY on routing edits
2026-05-22 13:42:58 -07:00
Peter Steinberger
e0fda55cf7 docs: absorb maintainer docs sweep
Co-authored-by: Bob Du <i@bobdu.cc>
Co-authored-by: alitariksahin <alitariksah@gmail.com>
Co-authored-by: Jefsky <hwj3344@hotmail.com>
Co-authored-by: Musaab Hasan <m9.3b@Hotmail.com>
Co-authored-by: Intern Dev <dev@wukongai.io>
Co-authored-by: majin.nathan <majin.nathan@bytedance.com>
2026-05-22 20:29:10 +01:00
Peter Steinberger
3eb2d64392 ci: add live Codex plugin release check 2026-05-21 08:44:18 +01:00
Peter Steinberger
9e00234d2d ci: split cron runtime shard 2026-05-18 08:21:35 +01:00
Peter Steinberger
eca402da79 ci: consolidate short CI shards 2026-05-18 06:29:14 +01:00
Peter Steinberger
71ed6526b1 ci: reduce aggregate runner jobs 2026-05-18 04:53:40 +01:00
Vincent Koc
58e1351863 fix(qa-lab): hard gate runtime tool coverage 2026-05-18 10:05:04 +08:00
Vincent Koc
1926982c4c fix(qa-lab): refresh parity model targets 2026-05-17 23:12:26 +08:00
Vincent Koc
5496c0d5b7 docs(testing): clarify pnpm proof routing 2026-05-14 12:09:17 +08:00
Peter Steinberger
694ca50e97 Revert "refactor: move runtime state to SQLite"
This reverts commit f91de52f0d.
2026-05-13 13:33:38 +01:00