fix(changelog): reject bot/app handles as Thanks attribution and require explicit human credit

[hxy91819]

Summary

• Expand forbidden changelog Thanks handles to include ClawSweeper bot accounts (clawsweeper, openclaw-clawsweeper, clawsweeper[bot], openclaw-clawsweeper[bot]) and app/ prefixed handles.
• Unify the attribution check predicate between the JS scanner (check-changelog-attributions.mjs) and the shell gate (scripts/pr-lib/changelog.sh) so both use isForbiddenChangelogThanksHandle.
• Require bot/app-authored PR changelog entries to include an explicit human Thanks @handle; reject entries that credit only a bot or omit human credit entirely.
• Add a --is-forbidden-handle CLI flag to the attribution script for shell-side reuse.
• Add tests for multi-handle lines, shared predicate correctness, missing human credit, and valid human credit on bot-authored entries.

Change Type

• Bug fix

Scope

• CI/CD / infra

Linked Issue/PR

• Refs fix(security): inline redact into appendSessionTranscriptMessage #79645

Regression Test Plan

• Unit test
• Target: test/scripts/check-changelog-attributions.test.ts
• Scenarios locked: bot/app handle rejection, multi-handle scanning, shell-side validate_changelog_entry_for_pr requiring explicit human Thanks for bot authors.

User-visible / Behavior Changes

• PRs with bot/app authors must include a credited human Thanks @handle in their CHANGELOG entry line, or the changelog gate will fail.

Security Impact

• New permissions/capabilities? No
• Secrets/tokens handling changed? No
• New/changed network calls? No
• Command/tool execution surface changed? No
• Data access scope changed? No

Compatibility / Migration

• Backward compatible? Yes
• Config/env changes? No
• Migration needed? No

Risks and Mitigations

• Risk: Existing bot-authored PRs with Thanks @clawsweeper in changelog will fail the gate.
  • Mitigation: These are already blocked by the expanded forbidden list; contributors should credit the human author instead.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: fb050dba7d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[clawsweeper]

Codex review: passed.

Summary
The PR expands forbidden changelog Thanks attribution rules for bot/app handles, shares the Node predicate with the shell changelog gate, requires explicit human credit for bot/app-authored changelog entries, and adds focused tests.

Reproducibility: yes. Current main source shows bot/app changelog authors can skip human attribution and bot/app Thanks handles are not all rejected; I did not execute tests because this review was read-only.

Real behavior proof
Not applicable: The contributor proof gate does not apply because this is a MEMBER/maintainer-labeled PR, and ClawSweeper already recorded exact-head validation for the repaired branch.

Next step before merge
No repair job is needed; review findings are empty and the existing automerge gate can proceed on the exact head.

Security
Cleared: The diff touches changelog gate scripts but adds no new dependency, network call, permission, secret handling, or unquoted shell execution path.

Review details

Best possible solution:

Land the repaired head through the existing exact-head checks and maintainer/automerge gate, keeping the shared predicate plus focused regression coverage.

Do we have a high-confidence way to reproduce the issue?

Yes. Current main source shows bot/app changelog authors can skip human attribution and bot/app Thanks handles are not all rejected; I did not execute tests because this review was read-only.

Is this the best way to solve the issue?

Yes. Centralizing the attribution predicate in the Node scanner and calling it from the shell gate is the narrow maintainable fix, and the final diff preserves the existing no-thanks fallback for non-bot forbidden handles.

What I checked:

• Current main scanner gap: Current main only hard-codes codex, openclaw, and steipete as forbidden Thanks handles, so bot/app handles are not rejected by the scanner before this PR. (scripts/check-changelog-attributions.mjs:7, 1f45b37fe17c)
• Current main shell fallback gap: Current main treats app/ClawSweeper-style authors as non-creditable and then skips the contributor Thanks check entirely, so bot/app-authored changelog entries can omit human credit. (scripts/pr-lib/changelog.sh:167, 1f45b37fe17c)
• PR head shared predicate: The PR head adds explicit forbidden handle, prefix, and suffix sets, plus a requiresExplicitHumanChangelogThanks predicate used for bot/app authors. (scripts/check-changelog-attributions.mjs:7, 1e6d0f53ec45)
• PR head shell integration: The shell gate now resolves the repo-local attribution script, delegates forbidden-handle checks to it, preserves the no-thanks fallback for non-bot forbidden handles, and requires any explicit Thanks @... line for bot/app authors. (scripts/pr-lib/changelog.sh:166, 1e6d0f53ec45)
• Gate sequencing prevents bot-only thanks bypass: The prepare gate runs validate_changelog_attribution_policy for any changelog update before validate_changelog_entry_for_pr, so a bot-only Thanks line accepted by the explicit-thanks presence check is still rejected by the scanner. (scripts/pr-lib/gates.sh:61, 1f45b37fe17c)
• Focused regression coverage: The PR adds coverage for multi-handle scanning, shared predicate behavior, bot/app authors missing human credit, valid human credit, and preserving the non-bot forbidden no-thanks fallback. (test/scripts/check-changelog-attributions.test.ts:91, 1e6d0f53ec45)

Likely related people:

• steipete: Introduced the changelog attribution scanner and then wired the attribution policy into PR gates. (role: feature introducer; confidence: high; commits: bbbc80ddcc26, 0f996ad4b01f; files: scripts/check-changelog-attributions.mjs, scripts/pr-lib/changelog.sh, test/scripts/check-changelog-attributions.test.ts)
• gumadeiras: Recent GitHub history shows multiple changes to the PR workflow/changelog script modules around section detection and module splitting. (role: script workflow contributor; confidence: medium; commits: 31a4b45db09f, bf6d3176fcdf, fd65caf4b0ba; files: scripts/pr-lib/changelog.sh)
• shakkernerd: Recent GitHub history shows test maintenance in test/scripts/check-changelog-attributions.test.ts, which is the regression-test surface changed here. (role: recent test area contributor; confidence: medium; commits: b33fe72fc31f; files: test/scripts/check-changelog-attributions.test.ts)

Codex review notes: model gpt-5.5, reasoning high; reviewed against 1f45b37fe17c.

[hxy91819]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: be890d010d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[hxy91819]

/clawsweeper re-review

[hxy91819]

@codex review

[hxy91819]

local codex review:

• The changes consistently tighten changelog attribution checks and wire the shell gating logic to the same
attribution predicate, with tests covering the new bot/app-author requirement and forbidden-handle
detection paths. I did not find a discrete regression in behavior, correctness, or maintainability
introduced by this diff.

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Bravo.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[hxy91819]

/clawsweeper status

[hxy91819]

/clawsweeper automerge

[hxy91819]

/clawsweeper automerge

[clawsweeper]

🦞✅
ClawSweeper merged this PR after the passing review.

Source: clawsweeper[bot]
Feedback: structured ClawSweeper verdict: pass (sha=1e6d0f53ec4505e2b45468becd6e5330a49ed1b0)
Merge status: merged by ClawSweeper automerge
Merged at: 2026-05-14T15:04:44Z
Merge commit: 83d7ab0d362f

What merged:

• The PR expands forbidden changelog Thanks attribution rules for bot/app handles, shares the Node predicate ... ngelog gate, requires explicit human credit for bot/app-authored changelog entries, and adds focused tests.
• Reproducibility: yes. Current main source shows bot/app changelog authors can skip human attribution and bot/app Thanks handles are not all rejected; I did not execute tests because this review was read-only.

Automerge notes:

• PR branch already contained follow-up commit before automerge: fix: simplify bot changelog credit guard
• PR branch already contained follow-up commit before automerge: fix: share changelog credit attribution rule
• PR branch already contained follow-up commit before automerge: fix: tighten changelog attribution scanning
• PR branch already contained follow-up commit before automerge: test: cover legacy changelog credit exclusions
• PR branch already contained follow-up commit before automerge: fix: express changelog credit exclusions as union sets
• PR branch already contained follow-up commit before automerge: fix: avoid substring changelog credit exclusions

The automerge loop is complete.

Automerge progress:

• 2026-05-14 14:27:23 UTC review queued 0842025131a7 (queued)

• 2026-05-14 14:29:27 UTC repair queued 0842025131a7 (autonomous) Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980

• 2026-05-14 14:35:57 UTC repair started (running) in 0s Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980 automerge-openclaw-openclaw-81357

• 2026-05-14 14:36:12 UTC validation plan (passed) in 16s Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980 pnpm check:changed; pnpm lint; pnpm check:test-types

• 2026-05-14 14:36:29 UTC Codex write preflight (passed) in 32s Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980 danger-full-access

• 2026-05-14 14:43:27 UTC Codex edit 1 34b0e711175f (complete) in 7m 31s Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980 exit 0

• 2026-05-14 14:55:27 UTC validation and review 1 1e6d0f53ec45 (complete) in 19m 31s Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980 already-current

• 2026-05-14 14:55:32 UTC repair completed 1e6d0f53ec45 (branch updated) in 19m 36s Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980 initial automerge rebase is delegated to Codex repair

• 2026-05-14 14:55:32 UTC review queued 1e6d0f53ec45 (after repair)

• 2026-05-14 15:04:41 UTC automerge wait 1e6d0f53ec45 (ready) in 28m 45s Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980 checks and exact-head review are ready

• 2026-05-14 15:04:43 UTC repair finished 1e6d0f53ec45 (pushed) in 28m 47s Run: https://github.com/openclaw/clawsweeper/actions/runs/25865795980 repair_contributor_branch

• 2026-05-14 15:04:27 UTC review passed 1e6d0f53ec45 (structured ClawSweeper verdict: pass (sha=1e6d0f53ec4505e2b45468becd6e5330a49ed...)

• 2026-05-14 15:04:46 UTC merged 1e6d0f53ec45 (merged by ClawSweeper automerge)

[clawsweeper]

🦞👀
ClawSweeper status:

• Current PR: 81357
• Branch: fix/changelog-bot-credit-guard
• ClawSweeper PR: no
• Automerge: enabled
• Automerge job: jobs/openclaw/inbox/automerge-openclaw-openclaw-81357.md
• Job: jobs/openclaw/inbox/automerge-openclaw-openclaw-81357.md
• Merge state: UNSTABLE
• Checks: SUCCESS:79 SKIPPED:7 IN_PROGRESS:1
• Check blockers: check-additional:IN_PROGRESS

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/25867652290
• Updated: 2026-05-14T15:07:22.498Z