fix(ci): bound manual git fetches

[RomneyDa]

Summary

• Bound unauthenticated manual Git fetches in CI and workflow sanity paths with timeout --signal=TERM --kill-after=10s 30s.
• Kept public HTTPS remotes and no auth headers, so these remain unauthenticated fetches.
• Added guard coverage for early checkout fetches and the shared ensure-base-commit fetch helper.

Verification

• node scripts/run-vitest.mjs test/scripts/ci-workflow-guards.test.ts
• pnpm format:check test/scripts/ci-workflow-guards.test.ts
• pnpm check:workflows
• git diff --check
• YAML parse check for changed workflow/action files
• .agents/skills/autoreview/scripts/autoreview --mode local

Real behavior proof

Behavior addressed: Manual unauthenticated Git fetches in CI could wedge a runner, including the observed security-fast checkout step.
Real environment tested: Local workflow guard tests and workflow syntax/parsing in the OpenClaw checkout.
Exact steps or command run after this patch: node scripts/run-vitest.mjs test/scripts/ci-workflow-guards.test.ts; pnpm check:workflows; git diff --check.
Evidence after fix: The guard test passes and asserts bounded timeout wrappers on the covered manual checkout/base-fetch paths.
Observed result after fix: Targeted guard test passed with 6 tests; workflow sanity script passed; diff whitespace check passed.
What was not tested: Did not rerun the original GitHub Actions job because the GitHub API was rate-limited while polling the live run.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed May 29, 2026, 1:40 AM ET / 05:40 UTC.

Summary
The PR wraps manual Git fetches in CI, workflow-sanity, and Crabbox hydration paths with bounded timeout handling and updates related workflow guard tests.

PR surface: Tests +80, Config +135. Total +215 across 9 files.

Reproducibility: no. high-confidence live repro was run in this review. Source inspection shows current-main unbounded manual Git fetches in the reported CI surfaces, and the PR body cites an observed security-fast checkout wedge.

Review metrics: 1 noteworthy metric.

• Manual fetch surfaces: 5 workflows plus 1 composite action guarded. The timeout policy spans multiple automation entry points, so maintainers should review it as a workflow behavior change rather than a single checkout edit.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🌊 off-meta tidepool
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P2] Wait for required head checks to finish, especially the in-progress build-artifacts check.
• Have a maintainer confirm the timeout policy across GitHub-hosted, Windows, macOS, and Crabbox hydration runners.

Risk before merge

• [P2] This changes checkout/base-fetch behavior in CI, workflow-sanity, and Crabbox hydration paths; maintainers should confirm the 30s timeout plus 10s kill grace is the desired policy across GitHub-hosted and self-hosted runners.
• [P1] One latest-head build-artifacts check was still in progress at review time, so landing should wait for required checks to finish.

Maintainer options:

1. Review timeout policy before merge (recommended)
   Confirm the 30s fetch timeout and 10s kill grace are acceptable for workflow_dispatch, CI checkout, and Crabbox hydration runners, then land after required checks finish.
2. Accept the automation behavior change
   A maintainer can intentionally accept the new fail-fast behavior if the CI reliability gain outweighs rare slow-network fetch tolerance.

Next step before merge

• No automated repair is indicated; a maintainer should review the automation timeout policy and wait for required head checks before merge.

Security
Cleared: The diff changes workflow execution paths but adds no third-party actions, credentials, auth headers, dependency sources, permissions, or lockfiles; no concrete security or supply-chain concern was found.

Review details

Best possible solution:

Land the bounded unauthenticated fetch wrappers and guard coverage after maintainer review confirms the timeout policy and required head checks are green.

Do we have a high-confidence way to reproduce the issue?

No high-confidence live repro was run in this review. Source inspection shows current-main unbounded manual Git fetches in the reported CI surfaces, and the PR body cites an observed security-fast checkout wedge.

Is this the best way to solve the issue?

Yes, with a maintainer-review caveat. Bounded public unauthenticated fetches plus guard tests are a narrow fix, while the remaining decision is whether the timeout policy is correct across all runner paths.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against e9d49299d67e.

Label changes

Label justifications:

• P2: This is a normal-priority CI reliability fix with limited product blast radius but real maintainer impact when fetches wedge runners.
• merge-risk: 🚨 automation: The diff changes CI checkout, workflow sanity, and Crabbox hydration fetch behavior, so merging it can affect maintainer automation even with green tests.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: This is a maintainer-authored PR with the maintainer label, so the external contributor real-behavior proof gate does not apply; the PR body and head checks still provide useful validation signal.

Evidence reviewed

PR surface:

Tests +80, Config +135. Total +215 across 9 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	0	0	0	0
Tests	3	87	7	+80
Docs	0	0	0	0
Config	6	155	20	+135
Generated	0	0	0	0
Other	0	0	0	0
Total	9	242	27	+215

What I checked:

• Repository policy read: Root AGENTS.md was read fully; its CI/workflow automation merge-risk and validation guidance applies to this PR. (AGENTS.md:1, e9d49299d67e)
• Current-main behavior: Current main still has unbounded manual checkout fetches in the preflight and security-fast checkout paths, matching the PR's stated failure surface. (.github/workflows/ci.yml:89, e9d49299d67e)
• PR implementation: The PR head wraps early checkout fetches with timeout --signal=TERM --kill-after=10s 30s, keeps public HTTPS remotes, and preserves workflow_dispatch fallback handling for non-timeout fetch failures. (.github/workflows/ci.yml:89, 8c204de10ff5)
• Shared fetch helper: The shared ensure-base-commit action now routes deepening and full-history fetches through a bounded helper. (.github/actions/ensure-base-commit/action.yml:41, 8c204de10ff5)
• Guard coverage: The PR adds guard assertions for shared base-commit fetches, early checkout fetches, platform checkout fetches without GNU timeout, and Windows Crabbox hydrate fetches. (test/scripts/ci-workflow-guards.test.ts:35, 8c204de10ff5)
• Head check state: Relevant latest-head checks including preflight, security-fast, actionlint, check, check-guards, and Windows node test were successful, while one build-artifacts check was still in progress at review time. (8c204de10ff5)

Likely related people:

• RomneyDa: Recent merged CI workflow and guard-test work touched .github/workflows/ci.yml and test/scripts/ci-workflow-guards.test.ts, so this account is relevant beyond authoring this PR. (role: recent area contributor; confidence: high; commits: 93c30de17bd2; files: .github/workflows/ci.yml, test/scripts/ci-workflow-guards.test.ts)
• vincentkoc: The shared base-commit fetch helper central to this PR was introduced by commit e9919ea. (role: introduced related behavior; confidence: high; commits: e9919ead49d0; files: .github/actions/ensure-base-commit/action.yml)
• steipete: Recent Crabbox hydrate work touched the same Windows and self-hosted hydration fetch paths updated by this PR. (role: adjacent owner; confidence: medium; commits: 95c8fc967876, 716d719d4c0c; files: .github/workflows/crabbox-hydrate.yml, test/scripts/package-acceptance-workflow.test.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.