Commit Graph

1675 Commits

Author SHA1 Message Date
Vincent Koc
cbf9acff37 fix(release): reuse setup-token for Anthropic live checks 2026-07-06 03:46:22 -07:00
Vincent Koc
fa70403403 fix(release): isolate Claude ACP subscription auth 2026-07-06 02:58:59 -07:00
Vincent Koc
65131633a1 fix(ci): tolerate periphery comment permission denials 2026-07-06 11:18:58 +02:00
Vincent Koc
7b6b39e0f8 fix(ci): keep full Anthropic Docker proof advisory 2026-07-05 23:01:01 -07:00
Kevin Lin
9d2d517296 feat: publish plugins with extended-stable releases (#100448)
* feat(release): publish plugins on extended-stable

* feat(plugins): align extended-stable with core

* docs: explain extended-stable plugin alignment

* fix(release): make plugin convergence recoverable

* fix(plugins): preserve extended-stable fallback intent

* fix(release): keep plugin tag mutation credential-isolated
2026-07-05 16:16:26 -07:00
Kevin Lin
5fdaa04eca feat(qa-lab): add Codex Slack approval scenarios (#91519)
* feat(qa-lab): add codex slack approval scenarios

* fix(qa-lab): harden Codex Slack approval proof

* fix(qa-lab): validate Codex approval model

* test(qa-lab): verify approved Codex operation

* fix(qa-lab): normalize Slack QA account routing

* fix(qa-lab): read Codex tool result transcripts

* fix(qa-lab): harden Codex approval cleanup

* fix(qa-lab): support Codex Mantis checkpoints

* fix(qa-lab): repair Mantis pnpm bootstrap

* fix(qa-lab): normalize Codex tool result text

* fix(qa-lab): scope Mantis pnpm fallback

* fix(qa-lab): bootstrap pinned pnpm without npm

* fix(qa-lab): terminate pnpm metadata record

* fix(qa-lab): bootstrap official node for mantis

* fix(qa-lab): make mantis pnpm shim executable

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-05 22:47:18 +01:00
Vincent Koc
7dac5c2778 fix(ci): install release packaging dependencies (#100459) 2026-07-05 14:33:10 -07:00
Peter Steinberger
c730d8f1f1 feat(logbook): automatic work journal plugin with Control UI timeline tab (#99930)
* feat(logbook): automatic work journal plugin with a plugin-contributed Control UI tab

Squash of PR #99930 work for rebase onto the Control UI route refactor:
- extensions/logbook: Dayflow-style capture -> observations -> timeline cards
  pipeline with SQLite store, node capture commands, standup/ask, retention
- plugin SDK/gateway seam: surface "tab" Control UI descriptors projected
  into hello-ok controlUiTabs (scope-filtered, deterministic order)
- Control UI: dynamic plugin tabs with bundled Logbook view
- docs, tests, labeler wiring

* feat(ui): port plugin tabs and Logbook to the route-owned Control UI architecture

- shared /plugin route carries the tab id in the query (?id=<tab>), matching
  the router's exact-path contract
- openclaw-plugin-page renders bundled views (Logbook), sandboxed plugin
  frames (descriptor path), or the unavailable card
- sidebar renders hello controlUiTabs after each group's static routes
- Logbook view/controller live under ui/src/pages/plugin/

* fix(ui): namespace plugin tabs by pluginId to prevent cross-plugin tab id collisions

* fix(logbook): prefer app capture nodes and rotate off failing nodes

* fix(plugins): reject protocol-relative Control UI tab paths

* fix(logbook): harden automatic journal

* docs(changelog): remove maintainer self-credit

* chore(ui): refresh locale metadata after rebase

* fix(logbook): preserve analysis window boundaries

* fix(logbook): align status privacy and timezone

* fix(ui): stop hidden plugin tab polling
2026-07-05 11:50:44 -07:00
Peter Steinberger
e62cf76bd5 fix(ci): catch native-only mobile protocol drift (#100278)
* fix(ci): cover native-only protocol event drift

* fix(ci): ignore quoted Swift event constants
2026-07-05 09:23:45 -07:00
Peter Steinberger
601b80c5f4 ci: pin website checkout branch 2026-07-05 08:37:59 -04:00
Peter Steinberger
4a2629ebe3 ci: pin ClawHub docs checkout branch 2026-07-05 08:17:32 -04:00
Peter Steinberger
5af24d16bf chore(ci): fail CI when gateway events go unhandled by the mobile apps (#100206)
* ci: guard gateway protocol event coverage for iOS/Android clients (#100198)

Adds scripts/check-protocol-event-coverage.mjs, which derives the
server->client event catalog from GATEWAY_EVENTS in
src/gateway/server-methods-list.ts, extracts the events each mobile app
handles from Swift/Kotlin dispatch sites, and fails on gateway events no
client handles unless allowlisted with a reason in
scripts/protocol-event-coverage.allowlist.json. Wired as
pnpm check:protocol-coverage in the CI guards shard.

* fix(ci): scope Kotlin event extraction to handle*Event dispatch functions (#100198)

Bare event == "..." literals in predicate helpers outside the dispatch
path (gatewayEventInvalidatesNodesDevices in NodeRuntime.kt, which has no
production caller) counted as Android coverage, silently masking that
node.pair.requested/resolved have no live handler. Kotlin extraction now
only reads when(event) labels and event comparisons inside fun
handle*Event(...) bodies; node.pair.* moved to the Android allowlist with
a truthful reason. Swift extraction stays tree-wide because consumption
there always reads .event off a received EventFrame.

* fix(android): remove dead node pairing event helper

* fix(ci): preserve protocol allowlist parse errors

* test(ci): align tooling import plan
2026-07-05 03:06:52 -07:00
Vincent Koc
53bd4dde6c fix(ci): stabilize manual dispatch checkout 2026-07-05 10:22:26 +02:00
Peter Steinberger
062f88e3e3 refactor: extract reusable AI runtime package (#99059)
* refactor: extract reusable AI runtime package

* refactor: complete AI provider relocation

* refactor: keep llm core internal

* refactor(ai): make @openclaw/ai self-contained with host policy ports

Move pure transport helpers (tool projections, strict-schema normalization,
prompt-cache boundary, stream guards, anthropic/openai compat, request
activity) from src into packages/ai; move utf16-slice into
normalization-core. Inject host policy (guarded fetch, redaction,
strict-tool defaults, diagnostics logging) through AiTransportHost with
inert library defaults installed by src/llm/stream.ts. Narrow the public
barrel to instance-scoped createApiRegistry/createLlmRuntime; the
process-default runtime moves behind internal/ and
registerBuiltInApiProviders takes an explicit registry. Delete the
src/llm/api-registry re-export facade.

* fix(ai): teach node, jiti, and vite resolvers the @openclaw/ai and utf16-slice subpaths

The workspace alias tables in root-alias.cjs, plugin-sdk-native-resolver,
sdk-alias, the shared vitest config, and the Control UI vite config only
knew @openclaw/llm-core; Node-side plugin loading resolved @openclaw/ai
through the pnpm symlink to the unbuilt dist (checks-node-compact CI
failures), and the Control UI build broke on the new
normalization-core/utf16-slice subpath.

* chore(ui): drop leftover service-worker debug logging

* build(release): ship @openclaw/ai with its own shrinkwrap and honest dependency set

packages/ai declares only its six real runtime deps (kysely, chalk, json5,
tslog, zod, fs-safe, and proxyline were never imported); orphaned root deps
removed. generate-npm-shrinkwrap now treats publishable packages/* like
publishable plugins so the AI tarball pins its transitive tree even though
workspace deps are omitted from the root shrinkwrap. knip learns the
package entry points; the tsdown dts neverBundle option moves to its
documented deps.dts home; the README documents the no-semver internal/*
contract and host ports.

* docs(ai): add minimal external-consumer example app

examples/ai-chat consumes only the public @openclaw/ai surface (built dist
via the workspace link): isolated runtime, built-in provider registration,
one streamed completion. Supports Anthropic/OpenAI via env keys and a
keyless local Ollama target; live-verified against Ollama.

* docs(ai): document the @openclaw/ai package and workspace shrinkwrap boundary

* chore(check): include examples/ in duplicate-scan targets

* fix: emit normalization package subpaths

* fix: complete AI package boundary artifacts

* fix: align AI package boundary contracts

* fix(ci): stabilize package release contracts

* test: align documentation contract checks

* test: keep cron docs guard aligned

* test: align restored docs contract guards

* test: follow upstream docs contracts

* docs: drop superseded talk wording
2026-07-05 01:56:40 -04:00
Kevin Lin
ba7b5db74c feat(release): add monthly npm extended-stable publication (#99352)
* feat(release): add npm stable publication

* fix(release): allow stable full validation

* feat(release): add stable guard test bypass

* fix(release): allow stable maintenance after month rollover

* docs: refresh release documentation map

* refactor(release): rename monthly channel to extended-stable

* fix(release): repair extended-stable selector forward

* docs(release): fix extended-stable link
2026-07-04 08:22:39 -07:00
Vincent Koc
1e20f15581 fix(ci): batch i18n locale refresh commits 2026-07-04 00:50:21 -07:00
Vincent Koc
c4083e32f5 fix(ci): allow jsonl socket boundary helper 2026-07-04 09:34:54 +02:00
Peter Steinberger
c669b09d4b ci: increase artifact Testbox memory (#99820)
* ci: increase artifact Testbox memory

* ci: increase artifact Testbox memory

* ci: increase artifact Testbox memory
2026-07-03 22:13:47 -07:00
Peter Steinberger
5ef2c81ed2 ci: reuse one package in QA smoke (#99793)
* docs(ci): document QA smoke runner

* ci: increase QA smoke build memory

* ci: route QA smoke to 16 vCPU runner
2026-07-03 21:39:56 -07:00
Dallin Romney
26cb189276 fix(qa): stabilize primary smoke runtime evidence (#99784)
* fix(qa): restore fast smoke profile evidence

* fix(qa): reuse one package across smoke Docker lanes

* fix(qa): keep OTEL smoke output repo-relative
2026-07-03 20:59:48 -07:00
Peter Steinberger
4a354f76c1 feat(providers): add ClawRouter routing and quotas (#99658)
* feat(providers): add ClawRouter routing and quotas

* docs(plugins): refresh Ollama inventory

* test(plugins): register ClawRouter boundary coverage

* docs(i18n): add ClawRouter glossary terms

* docs(providers): expand ClawRouter setup guide
2026-07-03 18:29:14 -07:00
Peter Steinberger
1fef99962e feat(nodes): add auto-discovered Ollama inference (#99234)
* feat(nodes): add local Ollama inference

* fix(gateway): preserve plugin node runtime for agent turns

* feat(ollama): add node inference opt-out

* test(security): preserve plugin runtime exports

* test(security): preserve plugin runtime exports

* test(security): preserve plugin runtime exports

* fix(ci): raise artifact build heap
2026-07-03 01:14:30 -07:00
Josh Avant
1a508d7915 fix: ignore test-only network CI guard lines (#99233) 2026-07-02 16:18:21 -05:00
Shakker
28fee00559 fix: retry repository OpenAI key for locale refresh 2026-07-02 15:40:44 +01:00
Shakker
4614449d98 fix: fall back to OpenAI for locale refresh 2026-07-02 15:25:14 +01:00
Mason Huang
b60e8c4838 ci: add process exec CodeQL security shard (#92667)
Summary:
- The PR adds a `process-exec-boundary` CodeQL high-security shard, wires it into the CodeQL workflow, expands PR path triggers for process-owning plugin/script paths, and updates CI docs.
- PR surface: Docs +1, Config +87. Total +88 across 3 files.
- Reproducibility: not applicable. this is CI/security-scanner configuration rather than a runtime bug. The behavior is source-reviewable and the exact-head `Security High (process-exec-boundary)` check passed.

Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.

Validation:
- ClawSweeper review passed for head 066d54b633.
- Required merge gates passed before the squash merge.

Prepared head SHA: 066d54b633
Review: https://github.com/openclaw/openclaw/pull/92667#issuecomment-4698545987

Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Approved-by: hxy91819
2026-07-02 12:50:45 +00:00
Dallin Romney
d32c4cf300 perf(build): canonicalize plugin SDK declarations (#98758) 2026-07-02 00:21:41 -07:00
Vincent Koc
d310b786cf fix(ci): reset SwiftPM state between build retries 2026-07-01 20:26:18 -07:00
joshavant
8e95e56e2d chore(ios): generate release artifacts locally 2026-07-01 22:05:26 -05:00
joshavant
7fa26e088d ci: remove security guard rollout floor 2026-07-01 21:21:31 -05:00
Peter Steinberger
c1eee1a41a fix(ci): recover incomplete Swift build caches (#98818) 2026-07-02 02:23:08 +01:00
Vincent Koc
1611e04fd9 fix(ci): keep locale refresh matrices alive 2026-07-01 06:16:30 -07:00
Vincent Koc
b881a978fb fix(ci): refresh native locales for glossary changes 2026-07-01 06:16:30 -07:00
Vincent Koc
3029006364 test(ci): guard native locale refresh retries 2026-07-01 06:16:30 -07:00
Vincent Koc
90c46f48b6 fix(ci): restrict native locale refresh dispatch 2026-07-01 06:16:30 -07:00
Vincent Koc
10d463d5ad fix(ci): commit first native locale artifacts 2026-07-01 06:16:30 -07:00
Vincent Koc
f588a49a36 feat(i18n): refresh every native locale 2026-07-01 06:16:30 -07:00
Vincent Koc
8d18dacaa9 feat(i18n): refresh native locale artifacts 2026-07-01 06:16:30 -07:00
Vincent Koc
a53b6823c6 test(apple): enforce phased catalog coverage 2026-07-01 05:19:12 -07:00
Vincent Koc
02046b665f feat(apple): add Russian and Hindi app catalogs 2026-07-01 05:19:12 -07:00
Vincent Koc
5e786ac27a test(android): enforce localized resource coverage 2026-07-01 03:43:03 -07:00
Vincent Koc
af00b0bebf feat(android): localize gateway onboarding 2026-07-01 03:43:03 -07:00
Vincent Koc
9fd6ca9602 fix(i18n): route native inventory checks narrowly 2026-07-01 03:28:23 -07:00
Vincent Koc
8c179bfc7e ci(i18n): run native checks for tooling changes 2026-07-01 03:28:23 -07:00
Vincent Koc
0a16d9e578 fix(i18n): guard native inventory in CI 2026-07-01 03:28:23 -07:00
Vincent Koc
9eae0b4d38 feat(i18n): inventory native app UI strings 2026-07-01 03:28:23 -07:00
Vincent Koc
a841c27882 ci(release): stabilize anthropic live smoke selection
(cherry picked from commit e085fa1a3f)
2026-06-30 15:54:12 -07:00
Vincent Koc
e03f12ef3b ci(release): restore plugin npm token env
(cherry picked from commit 9c154ffa46)
2026-06-30 15:54:11 -07:00
Vincent Koc
ccb515fa69 ci(release): restore trusted plugin npm publishing
(cherry picked from commit 866fc34e30)
2026-06-30 15:54:11 -07:00
Vincent Koc
4355e719b8 ci(release): allow token plugin npm recovery
(cherry picked from commit faa99eeb63)
2026-06-30 15:54:11 -07:00