Skip to content

[codex] Extract filesystem safety primitives#77918

Merged
steipete merged 25 commits intomainfrom
codex/extract-fs-safe-primitives
May 6, 2026
Merged

[codex] Extract filesystem safety primitives#77918
steipete merged 25 commits intomainfrom
codex/extract-fs-safe-primitives

Conversation

@steipete
Copy link
Copy Markdown
Contributor

@steipete steipete commented May 5, 2026
edited
Loading

Summary

  • Move duplicated safe filesystem primitives out of OpenClaw internals and onto @openclaw/fs-safe.
  • Update OpenClaw call sites to use the reusable root, regular-file append, atomic replace, sibling temp, archive staging, path, timing, and private-state helpers.
  • Clean the fs-safe root/API usage after the package-side breaking refactors: copyIn(rel, source), Root/ReadResult/OpenResult, ensureRoot(), already-exists handling for create(), narrowed store exports, focused JSON API split, and reduced temp/secret surfaces.
  • Consume the published npm package @openclaw/fs-safe@0.1.0 instead of a local link or GitHub source tarball.

The matching fs-safe package changes landed on openclaw/fs-safe@main through 621d643d379533791ab5108e1cf639fc7d8e2c8c and were published to npm as @openclaw/fs-safe@0.1.0.

Real behavior proof

  • Behavior or issue addressed: OpenClaw can install and build against the public @openclaw/fs-safe npm package, with the filesystem safety primitives moved out of OpenClaw internals and low-level lock/pinned-open APIs hidden behind narrower public wrappers.
  • Real environment tested: Local macOS OpenClaw checkout on PR head d6f9591be76eeb7967e3de411da20926dde8723f, installing @openclaw/fs-safe@0.1.0 from the npm registry.
  • Exact steps or command run after this patch: Published @openclaw/fs-safe@0.1.0, verified registry availability with curl https://registry.npmjs.org/%40openclaw%2Ffs-safe, ran pnpm --config.minimum-release-age=0 add -w @openclaw/fs-safe@^0.1.0, then ran the focused OpenClaw outbound/fs-safe/plugin SDK checks and pnpm build.
  • Evidence after fix: Terminal output from the real package publish/install path:
$ npm publish --access public --otp <redacted>
+ @openclaw/fs-safe@0.1.0

$ curl -s -o /tmp/fs-safe-registry.json -w '%{http_code}\n' https://registry.npmjs.org/%40openclaw%2Ffs-safe
200
{"_id":"@openclaw/fs-safe","name":"@openclaw/fs-safe","dist-tags":{"latest":"0.1.0"},"versions":{"0.1.0":{...}}

$ pnpm --config.minimum-release-age=0 add -w @openclaw/fs-safe@^0.1.0
Packages: +9 -201
Done in 5.8s using pnpm v10.33.2

$ pnpm build
[build-all] check-plugin-sdk-exports
OK: All 4 required plugin-sdk exports verified.
[build-all] write-cli-compat
  • Observed result after fix: OpenClaw resolves @openclaw/fs-safe from npm at 0.1.0, package.json no longer uses a GitHub/local source pin, and the rebuilt OpenClaw runtime/plugin SDK output succeeds against the published package.
  • What was not tested: No live messaging-channel send was performed for this filesystem extraction; outbound queue durability behavior is covered by focused recovery tests in this PR.

Verification

Latest focused proof after publishing and rebasing:

  • fs-safe: pnpm build
  • fs-safe: pnpm check
  • fs-safe: pnpm test:coverage -> 85.16% lines/statements, 219 tests
  • fs-safe: pnpm docs:site
  • fs-safe: npm pack --dry-run
  • fs-safe GitHub: ci and coverage passed for 621d643d379533791ab5108e1cf639fc7d8e2c8c
  • OpenClaw: pnpm test src/infra/outbound/deliver.test.ts src/infra/outbound/delivery-queue.storage.test.ts src/infra/outbound/delivery-queue.recovery.test.ts src/infra/outbound/delivery-queue.reconnect-drain.test.ts
  • OpenClaw: pnpm test src/plugin-sdk/file-lock.test.ts src/agents/session-write-lock.test.ts src/gateway/control-ui.http.test.ts src/infra/fs-safe-import-boundary.test.ts src/agents/skills.loadworkspaceskillentries.test.ts src/agents/skills-install.test.ts src/agents/sandbox/fs-bridge.boundary.test.ts src/agents/sandbox/fs-bridge.anchored-ops.test.ts
  • OpenClaw: pnpm plugin-sdk:api:check
  • OpenClaw: pnpm check:docs
  • OpenClaw: pnpm build
  • OpenClaw: git diff --check

Earlier proof retained from this PR:

  • pnpm build
  • pnpm plugin-sdk:api:check
  • pnpm test src/infra/fs-safe.test.ts src/gateway/canvas-documents.test.ts src/agents/apply-patch.test.ts extensions/memory-wiki/src/vault.test.ts src/plugins/install.test.ts src/agents/acp-spawn-parent-stream.test.ts extensions/qa-lab/src/multipass.runtime.test.ts src/auto-reply/reply/commands-export-trajectory.test.ts src/trajectory/export.test.ts src/trajectory/cleanup.test.ts extensions/active-memory/index.test.ts src/infra/diagnostics-timeline.test.ts src/logging/logger-transport.test.ts src/logging/logger.settings.test.ts

@openclaw-barnacle openclaw-barnacle Bot added docs Improvements or additions to documentation channel: bluebubbles Channel integration: bluebubbles channel: discord Channel integration: discord channel: msteams Channel integration: msteams channel: nostr Channel integration: nostr channel: telegram Channel integration: telegram channel: voice-call Channel integration: voice-call channel: whatsapp-web Channel integration: whatsapp-web channel: zalo Channel integration: zalo channel: zalouser Channel integration: zalouser app: web-ui App: web-ui gateway Gateway runtime extensions: llm-task Extension: llm-task extensions: memory-core Extension: memory-core cli CLI command changes commands Command implementations agents Agent runtime and tooling channel: feishu Channel integration: feishu extensions: device-pair extensions: phone-control channel: irc channel: qqbot extensions: qa-lab extensions: memory-wiki extensions: codex extensions: tts-local-cli plugin: migrate-hermes plugin: migrate-claude plugin: file-transfer size: XL labels May 5, 2026
@steipete steipete force-pushed the codex/extract-fs-safe-primitives branch from 2b740fc to d6f9591 Compare May 6, 2026 01:07
@steipete steipete added the proof: supplied External PR includes structured after-fix real behavior proof. label May 6, 2026
@steipete steipete marked this pull request as ready for review May 6, 2026 01:15
@steipete steipete requested review from a team as code owners May 6, 2026 01:15
@steipete steipete merged commit 538605f into main May 6, 2026
7 checks passed
@steipete steipete deleted the codex/extract-fs-safe-primitives branch May 6, 2026 01:15
@github-actions github-actions Bot mentioned this pull request May 6, 2026
Open
@elbeyf elbeyf mentioned this pull request May 6, 2026
Open
18 tasks
@clawsweeper clawsweeper Bot mentioned this pull request May 6, 2026
Open
@github-actions github-actions Bot mentioned this pull request May 6, 2026
Open
@NOVA-Openclaw NOVA-Openclaw mentioned this pull request May 7, 2026
Open
@medusa527 medusa527 mentioned this pull request May 8, 2026
Closed
6 tasks
github-actions Bot pushed a commit to Desicool/openclaw that referenced this pull request May 9, 2026
@steipete
[codex] Extract filesystem safety primitives (openclaw#77918)
e741edc 
* refactor: extract filesystem safety primitives

* refactor: use fs-safe for file access helpers

* refactor: reuse fs-safe for media reads

* refactor: use fs-safe for image reads

* refactor: reuse fs-safe in qqbot media opener

* refactor: reuse fs-safe for local media checks

* refactor: consume cleaner fs-safe api

* refactor: align fs-safe json option names

* fix: preserve fs-safe migration contracts

* refactor: use fs-safe primitive subpaths

* refactor: use grouped fs-safe subpaths

* refactor: align fs-safe api usage

* refactor: adapt private state store api

* chore: refresh proof gate

* refactor: follow fs-safe json api split

* refactor: follow reduced fs-safe surface

* build: default fs-safe python helper off

* fix: preserve fs-safe plugin sdk aliases

* refactor: consolidate fs-safe usage

* refactor: unify fs-safe store usage

* refactor: trim fs-safe temp workspace usage

* refactor: hide low-level fs-safe primitives

* build: use published fs-safe package

* fix: preserve outbound recovery durability after rebase

* chore: refresh pr checks
@clawsweeper clawsweeper Bot mentioned this pull request May 9, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

agents Agent runtime and tooling app: web-ui App: web-ui channel: bluebubbles Channel integration: bluebubbles channel: discord Channel integration: discord channel: feishu Channel integration: feishu channel: irc channel: msteams Channel integration: msteams channel: nostr Channel integration: nostr channel: qqbot channel: telegram Channel integration: telegram channel: voice-call Channel integration: voice-call channel: whatsapp-web Channel integration: whatsapp-web channel: zalo Channel integration: zalo channel: zalouser Channel integration: zalouser cli CLI command changes commands Command implementations docker Docker and sandbox tooling docs Improvements or additions to documentation extensions: codex extensions: device-pair extensions: llm-task Extension: llm-task extensions: memory-core Extension: memory-core extensions: memory-wiki extensions: phone-control extensions: qa-lab extensions: tts-local-cli gateway Gateway runtime maintainer Maintainer-authored PR plugin: file-transfer plugin: migrate-claude plugin: migrate-hermes proof: supplied External PR includes structured after-fix real behavior proof. scripts Repository scripts size: XL

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@steipete