mirror of
https://github.com/openclaw/openclaw.git
synced 2026-07-09 12:43:56 +00:00
* feat(logbook): automatic work journal plugin with a plugin-contributed Control UI tab Squash of PR #99930 work for rebase onto the Control UI route refactor: - extensions/logbook: Dayflow-style capture -> observations -> timeline cards pipeline with SQLite store, node capture commands, standup/ask, retention - plugin SDK/gateway seam: surface "tab" Control UI descriptors projected into hello-ok controlUiTabs (scope-filtered, deterministic order) - Control UI: dynamic plugin tabs with bundled Logbook view - docs, tests, labeler wiring * feat(ui): port plugin tabs and Logbook to the route-owned Control UI architecture - shared /plugin route carries the tab id in the query (?id=<tab>), matching the router's exact-path contract - openclaw-plugin-page renders bundled views (Logbook), sandboxed plugin frames (descriptor path), or the unavailable card - sidebar renders hello controlUiTabs after each group's static routes - Logbook view/controller live under ui/src/pages/plugin/ * fix(ui): namespace plugin tabs by pluginId to prevent cross-plugin tab id collisions * fix(logbook): prefer app capture nodes and rotate off failing nodes * fix(plugins): reject protocol-relative Control UI tab paths * fix(logbook): harden automatic journal * docs(changelog): remove maintainer self-credit * chore(ui): refresh locale metadata after rebase * fix(logbook): preserve analysis window boundaries * fix(logbook): align status privacy and timezone * fix(ui): stop hidden plugin tab polling
OpenClaw macOS app (dev + signing)
Quick dev run
# from repo root
scripts/restart-mac.sh
Options:
scripts/restart-mac.sh --no-sign # fastest dev; ad-hoc signing (TCC permissions do not stick)
scripts/restart-mac.sh --sign # force code signing (requires cert)
Packaging flow
scripts/package-mac-app.sh
Creates dist/OpenClaw.app and signs it via scripts/codesign-mac-app.sh.
Signing behavior
Auto-selects identity (first match):
- Developer ID Application
- Apple Distribution
- Apple Development
- first available identity
If none found:
- errors by default
- set
ALLOW_ADHOC_SIGNING=1orSIGN_IDENTITY="-"to ad-hoc sign
Team ID audit (Sparkle mismatch guard)
After signing, we read the app bundle Team ID and compare every Mach-O inside the app. If any embedded binary has a different Team ID, signing fails.
Skip the audit:
SKIP_TEAM_ID_CHECK=1 scripts/package-mac-app.sh
Library validation workaround (dev only)
If Sparkle Team ID mismatch blocks loading (common with Apple Development certs), opt in:
DISABLE_LIBRARY_VALIDATION=1 scripts/package-mac-app.sh
This adds com.apple.security.cs.disable-library-validation to app entitlements.
Use for local dev only; keep off for release builds.
Useful env flags
SIGN_IDENTITY="Apple Development: Your Name (TEAMID)"ALLOW_ADHOC_SIGNING=1(ad-hoc, TCC permissions do not persist)CODESIGN_TIMESTAMP=off(offline debug)DISABLE_LIBRARY_VALIDATION=1(dev-only Sparkle workaround)SKIP_TEAM_ID_CHECK=1(bypass audit)