docs(windows): companion app copy and GitHub auth notes

[Tianworld]

Summary

• Fix awkward, duplicated wording in the Windows companion app section.
• Add a short "Git and GitHub connectivity (contributors)" section for Windows: unstable HTTPS to GitHub, failed gh auth login device flow, and authenticating via GH_TOKEN plus gh auth setup-git, with optional read:org refresh.

Why

New contributors on Windows often hit clone/auth timeouts; documenting PAT-based gh auth reduces friction.

Testing

• pnpm exec oxfmt --write docs/platforms/windows.md

AI-assisted

• AI-assisted (editing/drafting); I reviewed the diff and tested as noted above
• Lightly tested (formatting only)
• I understand what changed and why

[greptile-apps]

Greptile Summary

This PR makes two documentation updates to docs/platforms/windows.md: it fixes a minor wording duplication in the Windows companion app blurb ("contributions" appeared twice), and adds a new section guiding contributors through GitHub connectivity issues on restricted networks, including how to authenticate with a personal access token when gh auth login fails.

• The companion app wording fix is clean and correct.
• The new "Git and GitHub connectivity" section has a logic gap in step 3: gh auth refresh -h github.com -s read:org works only against credentials stored via gh auth login. Since the entire purpose of the section is to work around a failed gh auth login (due to network blocks), no stored OAuth session exists for gh auth refresh to act on. On the same blocked network it would simply attempt the browser/device flow again and time out. The right fix for missing read:org in the PAT flow is to create a new token with the required scope and reassign the environment variable.

Confidence Score: 3/5

• Safe to merge after correcting the gh auth refresh step in the PAT-based auth flow
• The companion app wording fix is straightforward. The new connectivity section is helpful, but step 3 gives instructions (gh auth refresh) that won't work in the scenario the section describes — using GH_TOKEN env var precisely because stored credentials don't exist. That's a concrete, fixable accuracy issue that would mislead contributors hitting this edge case.
• docs/platforms/windows.md — specifically the step 3 gh auth refresh instruction in the new "Git and GitHub connectivity" section

Prompt To Fix All With AI

This is a comment left during a code review.
Path: docs/platforms/windows.md
Line: 262-265

Comment:
**`gh auth refresh` inapplicable in the env-var PAT flow**

Step 3 instructs the user to run `gh auth refresh -h github.com -s read:org`, but `gh auth refresh` operates on credentials stored via `gh auth login` — not on the `GH_TOKEN` environment variable set in step 2. Since the whole reason for using the env-var approach is that `gh auth login` failed due to network issues, there are no stored credentials to refresh, and this command will either fail or attempt to re-initiate the browser/device flow on the same blocked network.

The correct resolution in the PAT flow is to create a new token that already includes the `read:org` scope and reassign the variable — not to call `gh auth refresh`. (`gh auth refresh` is the right command only when the user has gone through `gh auth login` and needs to add scopes to a stored OAuth session, which is exactly the path this section works around.)

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "docs(windows): clarify companion app CTA..." | Re-trigger Greptile}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9c444c6ec9

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[Tianworld]

This PR only changes docs/platforms/windows.md. The failing WhatsApp extension-fast tests appear unrelated to this change. If I don't have permission to re-run CI on this repo, a maintainer could re-run the failed jobs.

[Tianworld]

Addressed Greptile’s note about the PAT env-var flow: when using \GH_TOKEN, we no longer recommend \gh auth refresh. If \gh auth status\ warns about missing
ead:org, the correct fix is to mint a new token that includes that scope and reassign $env:GH_TOKEN. The doc also clarifies that \gh auth refresh\ only applies when you authenticated via \gh auth login\ and have stored credentials to refresh.

[Tianworld]

@openclaw-barnacle This PR is now MERGEABLE + CLEAN, and checks are green (or marked as skipping). Also, Greptile’s note about the PAT env-var flow has been addressed in the doc: for the \GH_TOKEN\ path we no longer recommend \gh auth refresh; if \gh auth status\ warns about missing
ead:org, the guidance is to mint a new token including that scope and reassign $env:GH_TOKEN. If you have a moment, could you please take a look and merge? Thanks!

[clawsweeper]

Codex review: needs changes before merge.

Summary
The PR edits docs/platforms/windows.md to fix duplicated Windows companion-app wording and add Windows contributor guidance for GitHub connectivity and PAT-based gh authentication.

Reproducibility: not applicable. this is a docs-only PR, not a runtime bug. The high-confidence check is comparing current main with the PR head and GitHub's mergeability state.

Next step before merge
The remaining blocker is a narrow one-file branch update/conflict repair that automation can attempt; maintainer merge and docs-scope judgment remain afterward.

Security
Cleared: The diff is documentation-only and explicitly warns not to commit or paste tokens; it does not change code, CI, dependencies, or secret storage.

Review findings

• [P2] Resolve the Windows docs conflict — docs/platforms/windows.md:273

Review details

Best possible solution:

Update the PR branch over current main, preserve main's Windows docs navigation and WSL/source-dev guidance, then let maintainers decide whether to merge the docs addition.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this is a docs-only PR, not a runtime bug. The high-confidence check is comparing current main with the PR head and GitHub's mergeability state.

Is this the best way to solve the issue?

Yes after branch update: a one-file docs change is the narrowest maintainable place for this wording and contributor troubleshooting note, provided the conflict resolution keeps current-main content.

Full review comments:

• [P2] Resolve the Windows docs conflict — docs/platforms/windows.md:273
  The PR head is dirty against current main and its Windows docs file still carries older page content while ending after the new token warning. Rebase or merge main and preserve the current no-H1 page, WSL install/source-dev flow, and Related links when keeping the new connectivity section.
  Confidence: 0.9

Overall correctness: patch is incorrect
Overall confidence: 0.88

Acceptance criteria:

• git diff --check
• pnpm exec oxfmt --check --threads=1 docs/platforms/windows.md

What I checked:

• Current main still lacks the PR content: At current main, the Windows companion-app paragraph still contains the duplicated wording and the page goes directly to the Related section with no Git/GitHub connectivity guidance. Public docs: docs/platforms/windows.md. (docs/platforms/windows.md:248, 7c0f5463a564)
• Current main has content the PR branch must preserve: Current main has no duplicate H1, has updated WSL install/source-dev commands, and has Related links after the companion-app section; the PR head still carries older top-of-file and WSL install text and ends after the token warning. Public docs: docs/platforms/windows.md. (docs/platforms/windows.md:221, 7c0f5463a564)
• PR diff is docs-only: The current PR diff modifies only docs/platforms/windows.md, replacing the duplicated companion-app sentence and adding the Git/GitHub connectivity section. Public docs: docs/platforms/windows.md. (docs/platforms/windows.md:237, 446aac5d9931)
• Prior PAT-flow review concern is addressed: The PR head tells GH_TOKEN users to mint a token with read:org instead of running gh auth refresh, and separately says gh auth refresh applies only to stored gh auth login credentials. Public docs: docs/platforms/windows.md. (docs/platforms/windows.md:262, 446aac5d9931)
• GitHub CLI auth semantics checked: Local gh help says GH_TOKEN avoids prompts and takes precedence for github.com commands, while gh auth refresh expands or fixes scopes for stored credentials.
• PR is currently unmergeable: The GitHub pull API reports mergeable false, rebaseable false, and mergeable_state dirty for head 446aac5d9931e1c37453e2f438619a220e055457. (446aac5d9931)

Likely related people:

• vincentkoc: Recent current-main history on the Windows platform doc includes Related-section navigation, duplicate-H1 cleanup, and native Windows/WSL2 clarification work near this PR's conflict area. (role: recent maintainer; confidence: high; commits: 8d1f98ef08cd, 4a2cd533acac, 22c1bda2a0fb; files: docs/platforms/windows.md, docs/platforms/index.md, docs/start/getting-started.md)
• steipete: Earlier history ties the Windows platform page structure, WSL2 recommendation, OpenClaw rebrand, and gateway service wording to this area. (role: introduced behavior and adjacent docs owner; confidence: medium; commits: 0116184b1c63, 2d0ca7528277, 9a7160786a7d; files: docs/platforms/windows.md, docs/start/getting-started.md)
• rubencu: Recent docs work changed the WSL install and source dev loop text that the PR branch must preserve when resolving the conflict. (role: adjacent contributor; confidence: medium; commits: 6d427f8c2ac0; files: docs/platforms/windows.md)

Remaining risk / open question:

• The PR head is dirty and cannot merge until it is updated against current main.
• Maintainer docs-scope judgment remains for whether Windows-specific contributor GitHub auth troubleshooting belongs on the platform page.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 7c0f5463a564.

[BradGroux]

Maintainer prep done for this docs-only PR.

What changed from the stale branch:

• rebased the content onto current main
• preserved the current Windows docs structure, WSL/source-dev guidance, and Related links
• kept the companion-app wording fix and the Git/GitHub connectivity note
• kept the PAT guidance from the earlier review fix: GH_TOKEN users should mint a token with the needed scopes; gh auth refresh only applies to stored gh auth login credentials

Prepared head: bdb37d7e82f509ed31dcf3fe666d0f410ea39892

Local verification:

• git diff --check
• pnpm exec oxfmt --check --threads=1 docs/platforms/windows.md
• pnpm check:docs

CI is green after applying proof: override; this is docs-only and the docs validation above is the behavioral proof for the change.