fix(cli): align shields status and logs tail UX#3866
Merged
Conversation
Signed-off-by: Yimo Jiang <yimoj@nvidia.com>
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (7)
📝 WalkthroughWalkthroughThis PR unifies shields status terminology across CLI commands by introducing a ShieldsPosture abstraction with canonical wording, and clarifies documentation for the semantic mismatch between NemoClaw's and OpenShell's ChangesShields Posture Model & Terminology Unification
CLI Documentation for --tail Flag Semantics
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related issues
Possibly related PRs
Suggested labels
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Warning There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure. 🔧 ESLint
ESLint skipped: no ESLint configuration detected in root package.json. To enable, add Comment |
Contributor
|
✨ Related open issues: |
This was referenced May 21, 2026
This was referenced May 21, 2026
ericksoa
approved these changes
May 22, 2026
12 tasks
miyoungc
added a commit
that referenced
this pull request
May 22, 2026
Audit found the v0.0.49 release notes promised behaviors that did not ship or were never implemented. Realign to the actual code on main. - Drop the EXDEV runtime-deps claim: #3820 was reverted by #4051 in this release window, so the behavior is not present. - Drop the "skip broad permission repair" claim: no corresponding commit in v0.0.48..v0.0.49. - Rewrite the gateway probe classifier list in release-notes.mdx and commands.mdx to match the real states emitted by src/lib/status-command-deps.ts (named gateway unreachable / present but not Connected / pointing at a different name / not configured). The previous "non-JSON health response" example did not exist in code. - Expand the channel-removal bullet to describe #4001's user-visible teardown (durable QR-paired state wipe, abort-on-failure, config.json re-sync) in addition to the existing #4013 sync. - Add bullets for user-visible PRs that were merged in the release window but missing from the notes: #3854 (restricted dmesg in debug output), #3866 (shields status and logs --tail UX), #3984 (Hermes messaging policy scoping), and #4011 (Docker group security note). Regenerated nemoclaw-user-overview and nemoclaw-user-reference skills from the updated docs via scripts/docs-to-skills.py. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
cv
pushed a commit
that referenced
this pull request
May 22, 2026
## Summary Refreshes the NemoClaw docs for the v0.0.49 hardening release, including release notes, command reference updates, troubleshooting guidance, version metadata, and regenerated user skills. ## Changes - #3796, #3854, #3863, #3866, #3984, #4001, #4011, #4013, #4020, #4022, #4023, #4060, #4062 -> `docs/about/release-notes.mdx`: Adds the v0.0.49 hardening release summary covering gateway reliability, status/doctor/shields and debug UX, OpenClaw compatibility, messaging channel teardown, Hermes policy scoping, snapshots, source installs and Docker group security note, GPU preflight, CLI usage, E2E, and CI improvements. - #3796 -> `docs/manage-sandboxes/backup-restore.mdx` and `docs/reference/commands.mdx`: Documents `snapshot restore --to` overwrite protection and the `--force` opt-in. - #3863, #4013, #4020, #4023 -> `docs/reference/commands.mdx`: Documents missing channel argument usage, sandbox-scoped custom preset matching, session policy preset sync, and gateway failure classification (uses the real probe states from `src/lib/status-command-deps.ts`). - #4022, #4060, #4062 -> `docs/reference/troubleshooting.mdx`: Adds guidance for gateway-down `connect`, source checkout OpenShell bootstrapping, WDDM placeholder GPU names, and Jetson sandbox GPU passthrough. - Release prep -> `docs/project.json`, `docs/versions1.json`, `.agents/skills/nemoclaw-user-*`: Bumps docs metadata to 0.0.49 and refreshes generated user skills from the Fern docs. ## Type of Change - [ ] Code change (feature, bug fix, or refactor) - [ ] Code change with doc updates - [ ] Doc only (prose changes, no code sample modifications) - [x] Doc only (includes code sample changes) ## Verification - [x] `npx prek run --all-files` passes - [ ] `npm test` passes - [ ] Tests added or updated for new or changed behavior - [x] No secrets, API keys, or credentials committed - [x] Docs updated for user-facing behavior changes - [ ] `make docs` builds without warnings (doc changes only) - [x] Doc pages follow the [style guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md) (doc changes only) - [ ] New doc pages include SPDX header and frontmatter (new pages only) \`make docs\` was attempted locally but did not complete because \`npm\` returned \`403 Forbidden\` while fetching \`fern-api\` from \`registry.npmjs.org\` in the sandboxed environment. --- Signed-off-by: Miyoung Choi <miyoungc@nvidia.com> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Released v0.0.49 with reliability and compatibility improvements including faster gateway failure diagnostics and safer snapshot restore behavior * Enhanced snapshot restore documentation with `--to` cloning and `--force` overwrite requirements * Expanded troubleshooting guides for source installs, GPU setup, and gateway recovery * Clarified Docker group access requirements and improved CLI command reference * **Chores** * Version bumped to 0.0.49 <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/NVIDIA/NemoClaw/pull/4078?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This was referenced May 24, 2026
This was referenced May 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Aligns status and doctor shields wording with the canonical shields state so fresh mutable sandboxes report as not configured instead of down. Clarifies NemoClaw versus OpenShell log tail semantics and locks the combined
logs --follow --tail <lines>argv behavior with tests.Related Issue
Fixes #3702
Changes
getShieldsPosture()for canonical shields state labels and reused it instatus,doctor, andshields status.logs --follow --tail <lines>routing.--tail <lines>from OpenShell--tailfollow behavior.Type of Change
Verification
npx prek run --all-filespassesnpm testpassesmake docsbuilds without warnings (doc changes only)Focused verification run locally:
npm run build:clinpx vitest run src/lib/domain/sandbox/logs.test.ts src/lib/shields/index.test.ts test/cli.test.ts -t "sandbox logs helpers|shields — unit logic|doctor reports fresh shields state|status reports fresh shields state|passes --tail line count|passes -n line count|passes --follow --tail line count|maps --follow to OpenShell live log streaming|passes plain logs through without the tail flag"HOME=/tmp/nemoclaw-fix-3702-home/NEMOCLAW_HOME=/tmp/nemoclaw-fix-3702-home/.nemoclaw, includingtimeout 30s node bin/nemoclaw.js fix3702-alpha logs --follow --tail 7npm run typecheck:clicd nemoclaw && npm run buildmake docs(Fern reported 0 errors and 2 hidden warnings)codex review -c sandbox_mode="danger-full-access" --uncommittednpx prek run --all-fileswas attempted. Static/docs/plugin stages passed, but the full CLI coverage hook failed after about 13.5 minutes in unrelated broad-suite paths: multiple existingtest/cli.test.tstimeouts,test/fetch-guard-patch-regression.test.ts, andtest/sandbox-connect-inference.test.ts. Scoped regressions and typecheck/build/docs checks above passed after that.Signed-off-by: Yimo Jiang yimoj@nvidia.com
Summary by CodeRabbit
Release Notes
Documentation
openshell logscommand flag semantics and usage in CLI guides with explicit examples and NemoClaw comparison.Bug Fixes