Commit Graph

362 Commits

Author SHA1 Message Date
Pavan Kumar Gondhi
436ed5f308 fix: redact diagnostics config with schema hints (#102426) 2026-07-09 20:49:21 +05:30
Peter Steinberger
e2a112a556 feat(onboard): guided CLI onboarding with live AI verification and classic fallback (#101880)
* feat(onboard): guided CLI onboarding with live AI verification and classic fallback

Interactive `openclaw onboard` (and bare `openclaw` on a fresh install) now
runs a guided flow with macOS-app parity: detect existing AI access, live-test
candidates with a real completion before persisting anything, walk down the
ladder on failure with mapped reasons, and offer verified manual API-key entry
from installed provider manifests (masked input). In-flow escapes: classic
wizard, Crestodian chat, skip-AI. Classic wizard gains an optional post-auth
live verification step. `--classic`, `--modern`, and `--non-interactive`
contracts unchanged. Docs corrected for post-#99935 routing.

Closes #101851

* improve(onboard): quiet probe diagnostics in wizard TTY, carry risk ack into classic escape

Candidate live-tests during guided setup are probes: rename their run id and
lane to the existing probe conventions (logging/subsystem.ts console
suppression, command-queue quiet probe lanes) so expected failures stop
leaking raw diagnostics into the Clack UI; file diagnostics unchanged. The
classic-wizard escape now passes the already-collected risk acknowledgement
through instead of re-prompting in the same session.

* fix(onboard): quiet the session-derived setup-inference probe lane too

The live-test run enqueues on two lanes: the explicit probe lane and one
derived from its temp session key. Extend the shared quiet-probe predicate to
cover the derived lane so a failing candidate cannot leak lane-task
diagnostics into the wizard TTY.

* improve(onboard): suppress subsystem console output during wizard live tests

Provider-transport subsystem loggers (model-fetch start/response, transport
errors) carry no run id, so probe suppression cannot catch them and a failing
candidate printed raw log lines into the Clack TTY. Reuse the TUI console
subsystem-filter seam via a finally-safe scoped helper around guided
activation and the classic live-verify; file logging is unchanged and the
gateway (macOS app) surface is unaffected.

* fix(onboard): never auto-replace a configured model when its live check fails

The re-run verification probe executes outside the configured workspace (setup
never runs workspace plugins), so a workspace-backed current model can fail
the check while working fine in the agent. Stop the auto ladder on an
existing-model failure and hand the decision to the manual stage instead of
silently persisting a different candidate as the default. Docs note the
fail-safe and the workspace caveat.

* feat(onboard): two-way switching between Crestodian chat and the menu wizards

From the chat, `open setup wizard`, `open classic wizard`, and `open channel
wizard for <channel>` hand off to the guided flow, the classic wizard, or the
masked `channels add` wizard after the chat TUI tears down (mirrors the
open-tui handoff; gateway surface gets a text pointer instead). The hosted
channel wizard no longer dead-ends at sensitive steps — it offers the switch
and remembers the channel. New read-only `channel info <channel>` operation
and ring-zero action surface label, blurb, configured state, and the real
docs URL from channel-setup discovery so the assistant can explain Slack or
Telegram prerequisites instead of guessing; both prompts instruct it to use
them. `channels add --channel <id>` now preselects the channel. Docs cover
the interchangeable flows.

* fix(onboard): avoid param reassignment in open-setup handoff

* improve(onboard): separate ask-about vs connect intent in channel prompt guidance

Live test showed the agent detouring an explicit connect request through
channel_info because the guidance said to consult it first. Both prompts now
distinguish asking about a channel (channel info + docs link) from asking to
connect (connect right away).

* fix(channels): mark channel token entry as sensitive input

The shared single-token prompt lacked sensitive:true, so terminal wizards
echoed pasted channel tokens and the Crestodian chat bridge (which refuses
plain-text secrets based on this flag) hosted the Telegram token step in
visible chat. Found live-testing the chat-to-wizard switch; pre-existing on
main but load-bearing for the masked-wizard contract this PR documents.

* fix(onboard): restore terminal state around the guided flow's TUI launch

Mirror the classic finalize handoff so the chat TUI never inherits the wizard
prompter's raw/paused terminal state on the default first-run path.

* fix(channels): type the token prompter mock for the sensitive-flag assertion

* fix(gateway): map the TUI-only open-setup action to none for app clients

Engine-side surface gating already prevents open-setup replies on the gateway
surface; this keeps the client-visible action enum stable even if that gate
ever regresses. (Reviewed with the switching round; missed in its commit.)

* docs: regenerate docs map for onboarding page changes
2026-07-09 12:40:55 +01:00
lsr911
b8cca6ac72 fix(logging): use truncateUtf16Safe in diagnostic stability and session context (#102570)
* fix(logging): use truncateUtf16Safe in diagnostic stability and session context

Replace naive .slice(0, N) with truncateUtf16Safe() in:
- diagnostic-stability-bundle.ts: error message sanitization
- diagnostic-session-context.ts: quoted field value truncation

Co-Authored-By: Claude <noreply@anthropic.com>

* test(logging): cover diagnostic UTF-16 bounds

* style(logging): normalize diagnostic imports

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:45:28 +01:00
lsr911
0de5d37f92 fix(logging): keep bounded log text UTF-16 safe (#102560)
* fix(logging): use truncateUtf16Safe in diagnostic log text clamp

Replace naive .slice(0, maxChars) with truncateUtf16Safe() in
clampDiagnosticLogText() — the core helper used by all diagnostic
log output (sanitizeDiagnosticLogText, formatDiagnosticAttributes,
etc.). This prevents surrogate pair splitting across the entire
diagnostic logging subsystem.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(logging): preserve UTF-16 in bounded log text

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:11:27 +01:00
Ayaan Zaidi
c2789b52a7 fix(agents): respect the blocked-tool floor in stale takeover and steer gates 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
969efdac4f fix(agents): make run liveness evidence-based 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
953f1c7d0c fix(auto-reply): stamp activity per event and deprecate recovery exports 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
f178553df6 refactor(auto-reply): drop injection activity stamp and orphaned recovery exports 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
19803a147f fix(auto-reply): bound terminal reply-run settle and reclaim stale lanes 2026-07-09 14:26:05 +05:30
Peter Steinberger
d6ec1c6cea fix(secrets): prevent capture and sentinel credential retention (#102420)
* fix(secrets): harden sentinel capture lifecycle

* chore: leave release notes to release automation
2026-07-09 05:50:28 +01:00
Peter Steinberger
4bf70be01a feat(secrets): egress-time credential injection with process-local sentinels (#102009)
* feat(secrets): resolve SecretRef model credentials at egress via process-local sentinels

SecretRef-managed model-provider credentials now travel as opaque
oc-sent-v1 sentinels through auth storage, stream options, and SDK
config; the guarded model fetch injects real values into headers and
URLs immediately before the SSRF-guarded send and fails closed on
unknown sentinels. packages/ai adapters converge on the host guarded
fetch where the SDK supports custom fetch and unwrap at construction
where it does not. Resolved values (and their percent-encoded forms)
register for exact-value log redaction. Kill switch:
OPENCLAW_SECRET_SENTINELS=off. Also fixes a pre-existing unhandled
rejection race in capNonOkResponseBodyLazily (pipeThrough writer leak).

* test(plugin-sdk): update public surface budget
2026-07-08 12:56:41 +01:00
Vincent Koc
1b6f3e43d1 refactor(deadcode): trim private helper exports (#101886) 2026-07-07 14:43:45 -07:00
Vincent Koc
f565138ddc refactor(deadcode): localize core helpers (#101869) 2026-07-07 13:16:57 -07:00
Vincent Koc
3d206140f3 refactor: localize internal implementation constants (#101758) 2026-07-07 08:34:13 -07:00
Vincent Koc
c8d95da14c refactor: localize file-private exports (#101701) 2026-07-07 06:57:19 -07:00
Ayaan Zaidi
b1da734a1e fix(logging): recover orphaned stalled lanes
Stalled sessions could leave a session lane occupied by an orphaned active task after the embedded run handle was gone. Diagnostics repeatedly reported the stuck state, but the lane stayed held and queued turns could remain blocked indefinitely.

Release ownerless active lane tasks after the stale threshold, while guarding against fresh lane work and raised compaction safety windows so recovery does not double-run serialized session work or overlap transcript compaction. Stalled model-call recovery also no longer requires an in-process embedded run handle, so no-handle stalls can be reclaimed by the existing conservative recovery path.

Refs #99847.

Refs #94650.
2026-07-07 02:07:45 +00:00
Peter Steinberger
f53346944d feat: correlate native search outcomes in audit history (#98704)
* feat: correlate native search outcomes in audit history

Metadata-only audit ledger for agent runs and tool actions in the shared
state DB: stable event identity, closed action/status/error vocabularies,
one-way-hashed tool-call ids, never-inferred terminal outcomes for native
web-search (explicit completed/failed only; otherwise unknown), bounded
retention, audit.list gateway RPC and openclaw audit CLI. Squashed from
the 82-commit audit stack for replay onto current main.

* feat(audit): add audit.enabled config gate (default on)

The metadata-only audit ledger records by default: an audit trail enabled
only after an incident cannot explain the incident, and the rows are
strictly less sensitive than the transcripts every install already
stores. audit.enabled=false stops new writes at the gateway subscription
seam; audit.list and openclaw audit keep serving existing records until
they expire. Documented in the configuration reference, protocol page,
and CLI reference.

* fix: repair full-matrix CI findings after rebase

- break the dynamic-tools/dynamic-tool-execution import cycle by
  extracting resolveCodexToolAbortTerminalReason into a leaf module
- restore main's session-worktree protocol exports lost in the
  index.ts auto-merge
- register the audit event writer worker as a knip entry point
- docs table formatting; subagent wait-cancellation test scoped to its
  audit intent (outcome + timing) and advanced past main's new
  lifecycle-timeout retry grace
2026-07-06 12:30:12 +01:00
Peter Steinberger
060a5dbf88 test(logging): reset diagnostic capture state 2026-07-05 07:15:07 -07:00
Peter Steinberger
1f484a8dbd test: speed up and stabilize full suite 2026-07-05 08:00:23 -04:00
Dallin Romney
9c75a14d5c refactor(infra): consolidate SHA-256 digest helpers (#99687) 2026-07-03 16:18:31 -07:00
Dallin Romney
0cd936cc77 test(qa): redact script evidence diagnostics (#99629) 2026-07-03 15:42:33 -07:00
Dallin Romney
5fa2082655 refactor(shared): consolidate core leaf lazy loaders (#99278) 2026-07-02 18:06:00 -07:00
snowzlmbot
b63e06f68a fix(llm): preserve structured tool result replay
Preserve structured tool-result replay text across provider transports while keeping provider-facing redaction and Anthropic media ordering intact.

Thanks @snowzlmbot!
2026-06-30 23:44:02 -07:00
Brian Snyder
9f98b6e174 fix(gateway): emit stale exec approval followup diagnostics (#98293)
* fix(gateway): emit stale exec approval followup diagnostics

* fix(gateway): cover approval suppression diagnostics in ci

* fix(logging): preserve approval ids in stability bundles

* docs(exec): document suppression diagnostics

---------

Co-authored-by: BSnizND <199837910+BsnizND@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@golden-gate.local>
2026-07-01 05:20:53 +01:00
ooiuuii
c5bc35de12 Redact bare Fireworks API keys (#98226)
* Redact bare Fireworks API keys

* fix(logging): harden Fireworks key redaction

* fix(logging): harden Fireworks key redaction

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-06-30 18:40:25 -07:00
Vincent Koc
284e514e19 refactor(logging): share log file path primitives 2026-06-23 03:34:43 +08:00
imadalin
e0d7c4c548 fix(logging): use run progress age for embedded recovery (#94701) 2026-06-22 17:20:24 +00:00
Vincent Koc
49e95c5308 fix(logging): project security diagnostics for stability 2026-06-17 16:11:32 +08:00
Vincent Koc
54bcdea342 refactor(logging): hide diagnostic capture type 2026-06-17 12:36:52 +08:00
Vincent Koc
dbb62bba85 refactor(logging): hide stability evidence types 2026-06-17 12:35:19 +08:00
Vincent Koc
0c6ebcd6c0 refactor(logging): hide diagnostic bundle types 2026-06-17 12:33:20 +08:00
Vincent Koc
22405223c2 refactor(logging): hide recovery helper types 2026-06-17 12:31:19 +08:00
litang9
0f71a665ed fix(logging): avoid stalled warnings for active model calls
Classify owned silent model calls as long-running until the abort threshold while preserving stalled handling for ownerless stale activity, with diagnostics tests and docs.
2026-06-16 06:27:40 +08:00
KRATOS
4e4ea1c16b fix(diagnostics): keep recovery scheduling out of the stuck-session warning backoff (#92752)
Summary:
- The branch changes diagnostic stuck/long-running warning backoff so recovery-eligible classifications are still returned during throttled warning ticks and updates the diagnostic tests.
- PR surface: Source +17, Tests +48. Total +65 across 2 files.
- Reproducibility: yes. Current main source shows logSessionAttention can return undefined during stuck or lon ... g backoff before the heartbeat reaches requestStuckSessionRecovery; I did not run a live QQ gateway replay.

Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(diagnostics): keep recovery scheduling out of the stuck-session w…

Validation:
- ClawSweeper review passed for head f61ec3a33f.
- Required merge gates passed before the squash merge.

Prepared head SHA: f61ec3a33f
Review: https://github.com/openclaw/openclaw/pull/92752#issuecomment-4699298908

Co-authored-by: Gnanam <gnanasekaran.sekareee@gmail.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com>
2026-06-13 20:05:33 +00:00
Josh Avant
f3eb8e9714 Fix OTLP log trace correlation (#92276)
* fix diagnostics otel log trace correlation

* test diagnostics trace provenance contract
2026-06-12 10:54:21 -05:00
Chunyue Wang
f194be19e2 fix(diagnostics): release wedged session lane when stuck recovery aborts with queued session work (#91802) 2026-06-11 09:59:22 +09:00
Alex Knight
3faf669801 Redact tool output secrets (#85196)
* redact tool output secrets

* Expand tool-output secret redaction

* fix(security): keep redaction prefilter in sync with expanded defaults

- build DEFAULT_REDACT_PREFILTER_RE from sources covering every default
  pattern family: new vendor prefixes, webhook hosts, bare query/form keys,
  userinfo/connection-string passwords, and percent/plus/invisible
  obfuscated keys (including trailing separator splices)
- run default-pattern redaction tests through the default options path and
  redact the vendor corpus per token so prefilter gaps fail tests
- fix quoted standalone assignment values containing the other quote char
  or an unterminated quote; never re-mask *** placeholders
- align net-policy URL query-name separator stripping with logging key
  normalization (Hangul fillers)

* fix(security): keep base64-prefix redaction out of media payloads

- pure-base64-alphabet token prefixes (gAAAA, AKIA, ASIA, dapi,
  ATCTT3xFfG, ATATT, ATBB) now require a non-alphanumeric left boundary,
  skip explicit ;base64, payload spans, and run unchunked so chunk starts
  cannot fake the boundary or hide the container from the lookbehind
- tokens after URL/path delimiters or assignments still mask; data-URL
  media survives redaction byte-identical (fixes chat media mirror CI)
- regression tests: tiny-PNG data URL, in-blob plus boundary,
  chunk-aligned large data URL, reset-path Fernet token, path AWS key

---------

Co-authored-by: Alex Knight <15041791+amknight@users.noreply.github.com>
2026-06-11 07:34:50 +10:00
Josh Avant
cfdabfbaab Fix stale visible reply recovery (#91840)
* fix visible reply stale recovery

* fix visible recovery lint loop

* fix visible reply registry recovery

* test: cover failed visible recovery admission
2026-06-10 02:56:15 -05:00
Vincent Koc
b00e1b2e7b fix(diagnostics): make memory pressure logs actionable
Log warning memory pressure at WARN level, add readable RSS/heap/threshold units, threshold ratio, and a concrete operator next step while preserving raw byte fields for diagnostics consumers.

Fixes #90783
2026-06-07 19:27:29 +09:00
Shakker
78f67fa85f fix: manage diagnostic session state 2026-06-06 21:59:54 +01:00
Shakker
27406dc6fb test: scope logging config env 2026-06-06 21:59:24 +01:00
Shakker
5a0f9cb03c test: scope logging config path env 2026-06-05 16:39:50 +01:00
Shakker
95d51c5fe8 test: snapshot redact config env 2026-06-05 01:51:48 +01:00
Shakker
5c6a501269 test: snapshot log tail config env 2026-06-05 01:51:48 +01:00
Shakker
dc4c9030fc test: snapshot diagnostic state env 2026-06-05 01:51:48 +01:00
Shakker
abc00f4c98 test: snapshot logging config env 2026-06-05 01:51:27 +01:00
Shakker
28737a0b09 test: snapshot console settings env 2026-06-05 01:51:27 +01:00
Shakker
28b63e69e9 test: snapshot logger settings env 2026-06-05 01:51:27 +01:00
Shakker
5392cb7139 test: snapshot logger level env 2026-06-05 01:51:27 +01:00
Peter Steinberger
add135d238 docs: document logging helpers 2026-06-04 20:04:06 -04:00