Peter Steinberger
252a76d25c
refactor: stage external output writes through fs-safe
2026-05-07 06:05:24 +01:00
Sarah Fortune
7d5d01b4f9
chore(deps): bump @openclaw/fs-safe pin to 3412e03 ( #78670 )
...
Pulls in 26 commits since the previous pin (3c50873):
- fix(workspace): add packages field so pnpm prepare succeeds
(openclaw/fs-safe#10 ) — unblocks fresh installs that were failing
with ERR_PNPM_INVALID_WORKSPACE_CONFIGURATION during the prepare step
pnpm runs inside the github-hosted dep tarball.
- Filesystem boundary-guard hardening: centralized boundary primitives,
guarded fallback handles, prune/trash race fixes, durable queue id
validation, archive staged-merge fixes, public path mode preservation.
- json: avoid copy fallback symlink writes.
- temp: keep helpers in private dirs; preserve workspace leaf filename
contract.
Verification:
- corepack pnpm install — clean install, no prepare error.
- pnpm openclaw setup — wrote ~/.openclaw/openclaw.json, workspace, and
sessions dirs.
- pnpm test src/infra/{fs-safe,boundary-file-read,fs-safe-defaults,
fs-safe-import-boundary}.test.ts — 37/37 passed.
2026-05-06 19:47:14 -07:00
Vincent Koc
2ab74e9ef7
fix(deps): pin fs-safe with full git sha
2026-05-06 15:22:59 -07:00
Sally O'Malley
3be4251f21
fix(deps): bump basic-ftp ( #78637 )
...
* fix(deps): bump basic-ftp
Signed-off-by: sallyom <somalley@redhat.com >
* docs: note basic-ftp advisory fix
Signed-off-by: sallyom <somalley@redhat.com >
---------
Signed-off-by: sallyom <somalley@redhat.com >
2026-05-06 17:31:12 -04:00
Peter Steinberger
0b88d6286c
chore: bump version to 2026.5.6
2026-05-06 09:47:34 +01:00
Vincent Koc
f8bb00bb8b
fix(deps): override vulnerable ip-address
2026-05-05 23:59:43 -07:00
Peter Steinberger
8f3a34e2a1
refactor: share fs-safe JSON helpers
2026-05-06 07:40:10 +01:00
Peter Steinberger
20163313af
fix: resolve fs-safe post-land fallout
2026-05-06 02:41:36 +01:00
Peter Steinberger
538605ff44
[codex] Extract filesystem safety primitives ( #77918 )
...
* refactor: extract filesystem safety primitives
* refactor: use fs-safe for file access helpers
* refactor: reuse fs-safe for media reads
* refactor: use fs-safe for image reads
* refactor: reuse fs-safe in qqbot media opener
* refactor: reuse fs-safe for local media checks
* refactor: consume cleaner fs-safe api
* refactor: align fs-safe json option names
* fix: preserve fs-safe migration contracts
* refactor: use fs-safe primitive subpaths
* refactor: use grouped fs-safe subpaths
* refactor: align fs-safe api usage
* refactor: adapt private state store api
* chore: refresh proof gate
* refactor: follow fs-safe json api split
* refactor: follow reduced fs-safe surface
* build: default fs-safe python helper off
* fix: preserve fs-safe plugin sdk aliases
* refactor: consolidate fs-safe usage
* refactor: unify fs-safe store usage
* refactor: trim fs-safe temp workspace usage
* refactor: hide low-level fs-safe primitives
* build: use published fs-safe package
* fix: preserve outbound recovery durability after rebase
* chore: refresh pr checks
2026-05-06 02:15:17 +01:00
Peter Steinberger
8bfabd6bb1
feat: add channel message lifecycle sdk
2026-05-06 01:46:42 +01:00
Kevin Lin
81349cdc2a
feat: improve Codex skill migration selection ( #77597 )
...
* feat: improve Codex skill migration selection
* docs: add Codex migration changelog entry
* fix codex skill migration bulk toggles
* fix codex migration skip selection
* fix codex migration skip option order
* fix: handle codex migration shortcut toggles
* fix codex migration shortcut reconciliation
* fix: unblock Codex migration CI
2026-05-05 16:41:26 -07:00
Patrick Erichsen
8aa7b7a4ca
Tolerate corrupt plugins during update ( #77706 )
...
* fix(update): tolerate corrupt plugin state
* fix(update): preserve corrupt plugin proof state
* fix(update): narrow corrupt plugin warnings
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-05 14:18:26 -07:00
Andrew Porter
9abf01faf0
feat(DX): Add Out-of-the-Box Support for Debugging in VSCode-Based IDEs ( #45710 )
...
Merged via squash.
Prepared head SHA: dd5c0c59f27257907+SwissArmyBud@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-05-05 12:41:28 -07:00
Peter Steinberger
c37871e77b
chore(release): bump version to 2026.5.5
2026-05-05 17:23:39 +01:00
Vincent Koc
2de0113608
test(update): cover authenticated restart updates
2026-05-04 21:58:47 -07:00
Peter Steinberger
47411f7c52
build: bump axios override
2026-05-05 01:51:23 +01:00
Vincent Koc
44a10ceea2
test(live): run cache probe with node
2026-05-04 17:16:47 -07:00
Vincent Koc
a491090b48
fix(release): refresh plugin sdk api gate
...
Refresh release baseline hashes and raise the Plugin SDK API baseline heap cap so release preflight reports real drift instead of OOMing.
2026-05-04 17:13:47 -07:00
Kevin Lin
cb9824d6b4
test: add slack onboarding channel smoke ( #77575 )
2026-05-04 16:51:34 -07:00
Vincent Koc
cf1bd30509
test(plugins): add kitchen sink rpc walk
2026-05-04 16:48:02 -07:00
Vincent Koc
9eed48fde5
test(docker): align published upgrade timeout
2026-05-04 16:17:51 -07:00
Peter Steinberger
8ee08b2b77
chore: update dependencies
2026-05-04 23:07:09 +01:00
Vincent Koc
ed1089f822
test(plugins): source Testbox auth for kitchen sink live
2026-05-04 14:07:03 -07:00
Vincent Koc
e2eb8e3cfe
test(plugins): harden kitchen sink live gauntlet
2026-05-04 14:01:59 -07:00
Jesse Merhi
d5b0083300
fix: proxy direct APNs HTTP2 sessions ( #74905 )
...
Summary:
- This PR routes direct APNs HTTP/2 sends through an APNs allowlisted managed-proxy CONNECT wrapper, adds APNs proxy validation/docs/guardrails, and expands regression and live-test coverage.
- Reproducibility: yes. source-reproducible: current main `sendApnsRequest()` still uses raw `http2.connect(au ... nly covers HTTP/global-agent/Undici hooks. I did not run a live APNs reproduction in this read-only review.
Automerge notes:
- PR branch already contained follow-up commit before automerge: test: guard raw HTTP2 APNs connections
- PR branch already contained follow-up commit before automerge: test: guard raw HTTP2 with OpenGrep
- PR branch already contained follow-up commit before automerge: lint: ban raw HTTP2 imports
- PR branch already contained follow-up commit before automerge: fix: use managed proxy state for APNs
- PR branch already contained follow-up commit before automerge: test: exercise APNs active proxy state
- PR branch already contained follow-up commit before automerge: fix: reject conflicting managed proxy activation
Validation:
- ClawSweeper review passed for head dab7c86a75dab7c86a75https://github.com/openclaw/openclaw/pull/74905#issuecomment-4350181159
Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
2026-05-04 11:04:17 +00:00
Peter Steinberger
5397667272
chore(release): prepare 2026.5.4
2026-05-04 10:09:55 +01:00
Peter Steinberger
d8da04e58e
chore: improve beta smoke release tooling
2026-05-04 07:28:57 +01:00
Otto Deng
df5c453625
fix(workspace): allow @whiskeysockets/libsignal-node in onlyBuiltDependencies ( #76539 )
...
pnpm v9+ defaults blockExoticSubdeps=true, which rejects
@whiskeysockets/libsignal-node — a tarball-URL subdep of
@whiskeysockets/baileys. This silently breaks the WhatsApp channel and
silences all inbound agent replies on fresh installs.
Add @whiskeysockets/libsignal-node to onlyBuiltDependencies in both
package.json and pnpm-workspace.yaml — the same exemption already used
for @whiskeysockets/baileys itself.
Fixes #76539 .
2026-05-03 16:49:36 -07:00
Peter Steinberger
ad1ccd671b
chore: move oxlint tsconfigs under config
2026-05-03 15:12:06 +01:00
Peter Steinberger
e7bb5d6ddf
chore: move swift configs under config
2026-05-03 14:51:56 +01:00
Peter Steinberger
d0f0fe97a6
chore: move root tool configs
2026-05-03 14:42:56 +01:00
Peter Steinberger
4760ee4055
chore: remove root assets
2026-05-03 13:20:26 +01:00
Peter Steinberger
adc4fd453b
chore: move test tsconfigs
2026-05-03 12:56:52 +01:00
Vincent Koc
2a1c6cf179
test(plugins): expose discord onboarding lane
2026-05-03 02:24:24 -07:00
Vincent Koc
4781b46056
fix(channels): load third-party official channel packages
2026-05-03 01:30:43 -07:00
Vincent Koc
ea45950a9d
test(plugins): add lifecycle matrix coverage
...
Add plugin lifecycle matrix Docker E2E coverage, resource metrics, fixture registry version support, and gauntlet handling for bundled plugin ids / required config.
2026-05-03 01:18:31 -07:00
Vincent Koc
95001d6c41
fix(memory): keep sqlite-vec optional
2026-05-02 23:44:01 -07:00
Jesse Merhi
207aa18c40
Add shell command explainer ( #75004 )
...
Summary:
- The PR adds an internal Tree-sitter-backed shell command explainer under `src/infra`, parser runtime/tests, dependency/build-policy updates, an index export, and a changelog entry.
- Reproducibility: not applicable. this is a feature PR rather than a bug report. For the prior PR blocker, source inspection shows byte-to-string span conversion and focused Unicode span coverage on the exact head.
Automerge notes:
- Ran the ClawSweeper repair loop before final review.
- Included post-review commit in the final squash: Repair shell command explainer automerge blockers
- Included post-review commit in the final squash: fix(clawsweeper): address review for automerge-openclaw-openclaw-7500…
Validation:
- ClawSweeper review passed for head 47577579e947577579e9https://github.com/openclaw/openclaw/pull/75004#issuecomment-4351322592
Co-authored-by: Jesse Merhi <jessejmerhi@gmail.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
2026-05-03 06:05:29 +00:00
Vincent Koc
d002c2f0ee
fix(release): raise plugin sdk api check heap
2026-05-02 19:41:16 -07:00
Peter Steinberger
31161abd40
chore(release): bump version to 2026.5.3
2026-05-03 03:08:47 +01:00
Vincent Koc
e3d76d2e1f
fix(channels): keep matrix and mattermost bundled
2026-05-02 15:32:29 -07:00
pashpashpash
9e57b98bb9
Improve Codex happy path prompt snapshots ( #76229 )
...
* test: add Codex model prompt layers to snapshots
* test: keep rendered prompt snapshots raw
* test: check prompt snapshot drift in ci
* test: prefer codex model cache for prompt fixtures
* fix: exclude publishable plugin dist from core package
2026-05-03 06:40:20 +09:00
Peter Steinberger
3afd4fdeeb
fix(release): exclude publishable plugin dist trees
2026-05-02 22:19:28 +01:00
Vincent Koc
d4268b1b2b
fix(plugins): catalog externalized npm installs
2026-05-02 13:30:07 -07:00
Vincent Koc
44f3b5ad89
fix(plugins): keep externalized launch installs on npm
2026-05-02 12:24:48 -07:00
Peter Steinberger
23ac9ccfd5
test: add codex npm plugin Docker live proof
2026-05-02 20:08:48 +01:00
Peter Steinberger
93ffc80e9e
ci: use gpt-5.4 for codex cli live smoke
2026-05-02 19:02:35 +01:00
Peter Steinberger
25ca5cc8df
ci: add source performance probes
2026-05-02 17:46:10 +01:00
pashpashpash
563dca82f4
Add Codex happy path prompt snapshots ( #75807 )
...
* Add Codex prompt snapshots
* Fix prompt snapshot scenario catalogs
* Harden prompt snapshot drift check
* Fix CLI compat build export
* fix: keep codex snapshots out of core plugin surface
* fix: harden prompt snapshot ci checks
* fix: accept readonly web search onboarding scopes
* fix: repair plugin sdk package boundary types
* fix: clear prompt snapshot ci regressions
* fix: clear latest main ci checks
* fix: resolve latest main discord helper overlap
* fix: refresh codex dynamic tool snapshots
* fix: align prompt snapshot branch with latest ci
* fix: isolate plugin auto enable tests
* test: refresh prompt dynamic tool snapshots
* fix: stabilize bundled channel auto enable
* fix: clean stale prompt snapshots
2026-05-03 00:59:55 +09:00
Peter Steinberger
0be7a78479
ci: add OpenClaw performance reports
2026-05-02 16:48:33 +01:00
