Doctor: expose device pairing findings#97366
Conversation
|
@clawsweeper review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
|
Codex review: needs maintainer review before merge. Reviewed June 30, 2026, 10:57 PM ET / 02:57 UTC. Summary PR surface: Source +149, Tests +74. Total +223 across 4 files. Reproducibility: not applicable. this is feature-style diagnostic exposure rather than a bug report. The PR body provides after-fix source CLI output for explicit Review metrics: 1 noteworthy metric.
Stored data model Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Risk before merge
Maintainer options:
Next step before merge
Security Review detailsBest possible solution: Land after assigned maintainer approval and green exact-head checks, keeping the check default-disabled, read-only, and tied to the existing device-pairing Doctor diagnostics. Do we have a high-confidence way to reproduce the issue? Not applicable; this is feature-style diagnostic exposure rather than a bug report. The PR body provides after-fix source CLI output for explicit Is this the best way to solve the issue? Yes; keeping the collector in AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against 4ac5cf863673. Label changesLabel justifications:
Evidence reviewedPR surface: Source +149, Tests +74. Total +223 across 4 files. View PR surface stats
What I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
|
galiniliev
left a comment
There was a problem hiding this comment.
This PR refactors the existing device-pairing Doctor diagnostics into issue objects, exposes them as structured core/doctor/device-pairing findings, and registers that check as opt-in for Doctor lint. That matters because operators can explicitly lint device-pairing state without changing broad doctor --lint behavior.
LOC: +256/-33 (4 files)
By: Gio Della-Libera (@giodl73-repo, acct 2025-09-30) | OpenClaw: 194 PRs, 14 issues, 152 commits/12mo | GitHub: 6491 commits, 230 PRs, 29 issues, 17 reviews/12mo
Findings: No blocking findings.
Bug/behavior being fixed: feature-style diagnostic exposure; current origin/main only wires device-pairing Doctor diagnostics through the legacy note path, while this PR adds a structured lint finding surface for the same underlying pairing states.
Affected surface: src/commands/doctor-device-pairing.ts, src/flows/doctor-health-contributions.ts, and the focused tests under src/commands/doctor-device-pairing.test.ts / src/flows/doctor-health-contributions.test.ts.
Provenance: N/A; this is not a regression fix.
Best-fix verdict: best. Keeping the structured collector in src/commands/doctor-device-pairing.ts:600 is the right owner boundary because that module already owns the snapshot loading, local fallback, pairing-store read errors, and legacy note formatting. Registering it on the existing ordered contribution at src/flows/doctor-health-contributions.ts:1650 preserves the Doctor contribution model, and defaultEnabled: false is honored by src/flows/doctor-lint-flow.ts:38 through src/commands/doctor-lint.ts:88.
Alternatives considered:
- Put the check in
CORE_HEALTH_CHECKS: rejected because device pairing is already an ordered Doctor contribution, andresolveDoctorContributionHealthChecks()intentionally normalizes contribution-owned checks before falling back to core ids. - Probe the Gateway from lint mode: rejected because this PR intentionally keeps lint read-only/no-probe and uses the existing local-state fallback; that matches the default-disabled opt-in pattern used by state integrity and plugin registry checks.
- Split a separate detector module: rejected because the current module already owns the private pairing snapshot and issue classification helpers, and no second production caller needs a wider exported surface.
Code read: src/commands/doctor-device-pairing.ts:333, src/commands/doctor-device-pairing.ts:600, src/commands/doctor-device-pairing.ts:632, src/flows/doctor-health-contributions.ts:120, src/flows/doctor-health-contributions.ts:1650, src/flows/doctor-lint-flow.ts:28, src/commands/doctor-lint.ts:84, src/flows/health-checks.ts:31, sibling default-disabled contribution patterns in src/flows/doctor-health-contributions.ts, and current origin/main for the touched surfaces.
Validation run:
node scripts/run-vitest.mjs run src/commands/doctor-device-pairing.test.ts src/flows/doctor-health-contributions.test.ts --reporter=verbosepassed: 59 tests across 2 Vitest shards.
Remaining uncertainty: I did not rerun the PR body's live pnpm openclaw doctor --lint CLI proof locally; the code path and focused tests cover the default-disabled selection and structured finding conversion, and there is no dependency or Codex contract involved.
7792294 to
eff0d3c
Compare
|
@galiniliev thanks for the earlier review. Refreshed this after #97358 landed and rebased onto current main at What changed in the refresh:
Validation passed on the refreshed head: focused device-pairing/contribution Vitest (63 tests), changed-file |
|
@clawsweeper review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
|
Merged via squash.
|
* fix(ios): advance onboarding step after QR scan (#98302)
handleScannedLink does not set self.step = .connect after scanning a QR
code from the welcome step. The scanner sheet dismisses and the UI
returns to the welcome screen instead of showing connection progress.
The sibling handleScannedSetupCode path correctly advances the step;
this aligns the QR scan path.
Fixes #98297
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(anthropic-oauth): bound OAuth token endpoint response reads (#96644)
postJson reads the Anthropic OAuth token endpoint response body with
an unbounded await response.text(). A compromised or hijacked OAuth
endpoint can stream an arbitrarily large body and force the runtime
to buffer the entire payload before parsing — an OOM/DoS vector.
Replace with readResponseWithLimit at 16 MiB cap + TextDecoder decode
to match the sibling bounded-read pattern (provider-http-errors.ts:308).
Co-authored-by: Claude <noreply@anthropic.com>
* fix: warn when configured channel plugins cannot load (#96397)
* fix(gateway): warn for blocked configured channel plugins
* fix(gateway): preserve configured channel warning source
* test: migrate src/commands tests to shared temp dir helpers (#96359)
* test: migrate src/commands tests to shared temp dir helpers
* fix(test): remove unused path import in migrate apply test
* fix(cron): clear agentTurn thinking override by blanking the field (#96293)
* fix(cron): clear agentTurn thinking override when patched with null
Cron agentTurn patches could clear model/fallbacks/toolsAllow overrides by
sending an explicit null, but thinking had no clear path: the patch schema and
normalizer dropped thinking:null before it reached the merge logic, and the
payload merge only handled string values. Blanking the Thinking/Effort field in
the Cron Control UI therefore silently preserved the old value.
Add thinking:null support across the patch schema, exported type, normalizer,
and payload merge (mirroring model). The Control UI now sends an explicit clear
for model/thinking when an edited job blanks a previously stored override, and
the CLI gains --clear-thinking for parity with --clear-model.
* docs(cron): document --clear-thinking beside sibling clear flags
* test: migrate leaky raw mkdtemp calls to createSuiteTempRootTracker() (#96058)
Gap finding: tempdir-8h9i0j1k, tempdir-9i0j1k2l
Replace bare fs.mkdtemp/mkdtempSync calls in 4 test files with the
shared createSuiteTempRootTracker() helper, adding proper cleanup
where none existed.
Background: the project has standardized on shared temp dir helpers
since 88b87d893d (withTempDir) -> 13df67ebc8 (createSuiteTempRootTracker)
-> 06431fd99b / #87298 (CI guard + docs guidance). This PR continues
that migration for the highest-risk files.
Files changed:
- src/skills/lifecycle/install-fallback.test.ts: variable overwrite risk
- src/auto-reply/reply/session-hooks-context.test.ts: helper leaks temp dirs
- src/auto-reply/reply/abort.test.ts: createAbortConfig leaks root dir
- src/auto-reply/inbound.test.ts: test cases without cleanup
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(sessions): avoid cross-cwd recent resumes (#97785)
* fix(pdf): reject empty parsed page ranges (#97698)
* fix(discord): bound requestDiscord happy-path response reads to prevent OOM (#97693)
* fix(discord): bound happy-path API response reads to prevent OOM
Replace the unbounded res.text() call in requestDiscord's success path with
readResponseTextLimited capped at 4 MiB. Discord channel message lists and
attachment payloads can accumulate to large sizes; without a cap the process
can exhaust available memory. The error path already used readResponseTextLimited
with DISCORD_API_ERROR_BODY_LIMIT_BYTES — this applies the same guard to the
happy path using a separate DISCORD_API_RESPONSE_BODY_LIMIT_BYTES constant
sized appropriately for valid API payloads.
* test(discord): upgrade to real HTTP server proof for bound requestDiscord
* fix(discord): remove unnecessary type assertion in bound test
* fix(irc): guard surrogate-range codepoints in \u literal-escape decoder (#97683)
Two-step decode in decodeLiteralEscapes:
- Step 1: regex anchored to high-surrogate range (U+D800–U+DBFF) so a
preceding BMP escape (e.g. \u0041) cannot consume the high-surrogate
half of a valid pair like \uD83D\uDE00 (😀), leaving \uDE00 lone.
- Step 2: decode remaining BMP codepoints; preserve lone surrogates as
six-character literals instead of corrupting them to U+FFFD in the
outbound IRC UTF-8 stream.
* fix(utils): keep reply directive ids unicode-safe (#96938)
* fix(utils): keep reply directive ids unicode-safe
* test(utils): catch trailing lone surrogate in hasUnpairedSurrogate helper
Per PR #96938 review: the test helper missed a high surrogate at end of
string because charCodeAt(out-of-bounds) returns NaN, and NaN comparisons
are always false. Guard bounds explicitly so the truncation test actually
proves what it claims, plus two cases pinning helper behavior.
* chore(utils): rerun QA smoke to confirm memory-index timeout flake on #96938
---------
Co-authored-by: ly-wang19 <ly-wang19@users.noreply.github.com>
* fix(memory): detect unindexed session transcripts in status mode (fixes #97814) (#97857)
* fix(memory): detect unindexed session transcripts in status mode (fixes #97814)
The status-purpose MemoryIndexManager init skips ensureSessionStartupCatchup(),
so openclaw memory status reports dirty=false while unindexed session files
exist on disk. This is a false-clean state: the operator sees no backlog,
but memory search silently misses unindexed transcripts.
Fix: run markSessionStartupCatchupDirtyFiles() in status mode. It checks
for on-disk session files without corresponding memory_index_sources rows
and sets sessionsDirty=true if found, without triggering a full sync.
The full catchup+sync runs on the next non-transient manager cycle (CLI
sync or normal runtime init).
Co-Authored-By: Claude <noreply@anthropic.com>
* fix(memory): await status dirty detection before status() reads the flag (fixes #97814)
The status-purpose MemoryIndexManager init skips ensureSessionStartupCatchup(),
so openclaw memory status reports dirty=false while unindexed session files
exist on disk. This is a false-clean state: the operator sees no backlog,
but memory search silently misses unindexed transcripts.
Fix: move status-mode markSessionStartupCatchupDirtyFiles() from the
constructor (fire-and-forget via void) into the create() factory method
where it is awaited. This guarantees sessionsDirty is set before any
caller reads manager.status(). The detection does NOT trigger a sync,
so status remains lightweight.
Review: verified manually — unit tests 21/21 pass, compilation 0 errors.
* test(memory): add regression test for status-purpose dirty detection (fixes #97814)
Adds a regression test that exercises the actual purpose:'status' manager
flow: create a session file without index row, create status manager, verify
status().dirty is true. This addresses the ClawSweeper P1 finding requesting
a test that exercises the real status path, not only the protected helper.
Also fixes the timing issue: move dirty detection from constructor (void)
to create() factory (await), guaranteeing sessionsDirty is set before any
caller reads manager.status().
---------
Co-authored-by: Claude <noreply@anthropic.com>
* fix(android): clarify gateway auth recovery states (#98094)
* fix(android): clarify gateway auth recovery states
* fix(android): preserve retryable pairing recovery copy
* fix(android): prefer auth recovery detail before stale address
* fix(android): show auth recovery while approval loads
* test(gateway): add unit tests for node wake state tracking and testing seam (#98205)
Add 17 unit tests for nodes-wake-state.ts covering:
- Exported wait/poll constants
- nodeWakeById Map operations (insert, overwrite, multi-entry, inFlight)
- nodeWakeNudgeById Map operations (independent tracking)
- clearNodeWakeState function (removal, no-op, scoped deletion)
- testing seam (getNodeWakeByIdSize, hasNodeWakeEntry, resetWakeState)
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
* fix: surface node approval guidance from devices CLI (#98115)
* fix: surface node approval guidance from devices CLI
* fix: preserve node approval connection guidance
* fix: handle admin retry unknown device approvals
* fix: require stable node approval matches
---------
Co-authored-by: welfo-beo <187608477+welfo-beo@users.noreply.github.com>
Co-authored-by: welfo-beo <welfo-beo@users.noreply.github.com>
* docs: clarify source checkout Node floor (#97898)
* docs: clarify source checkout Node floor
* chore: refresh CI for PR #97898
---------
Co-authored-by: lin-hongkuan <lin-hongkuan@users.noreply.github.com>
* test(telegram): add regression test for forum topic message_thread_id with streamed reasoning (#94526)
* test(telegram): add regression test for forum topic message_thread_id with streamed reasoning
After thorough code tracing of all delivery paths (draft stream, durable,
non-durable, preview hooks), the current main branch already correctly
passes message_thread_id through all paths for the streaming reasoning +
final answer scenario in forum topics. The bug reported in #89352 may have
been resolved by earlier merged changes (media-path preservation,
draft/progress streaming, etc.).
This commit adds a focused regression test covering the combined
scenario to prevent future regressions.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(telegram): assert forum thread at draft-stream boundary for both lanes
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(device-pairing): don't churn requestId on subset re-requests (#98145)
* fix(device-pairing): don't churn requestId on subset re-requests
A reconnect that re-requested a subset of an already-pending device
pairing request still superseded it with a fresh requestId. This is the
root cause of the "unknown requestId" failures during device approval:
1. A TUI connect files a broad scope-upgrade request; the owner copies its
id from `openclaw devices list`.
2. `openclaw devices approve <id>` reconnects as a CLI probe that only needs
`operator.pairing` — a subset of the pending scopes.
3. That subset re-request superseded the pending request with a new id, so
the originally-listed id no longer existed and approve failed.
Refresh the existing request in place when the incoming request only asks
for roles/scopes a single pending request (same device key + role) already
covers. Escalations that request *more* than the pending request still
supersede with a fresh id, so the requestId stays bound to at least the
scope snapshot the owner saw (the existing security-motivated behavior and
its test are preserved).
AI-assisted (Claude Code).
* fix(device-pairing): align subset pairing with scope coverage
* fix(system-prompt): move exec-approval + Authorized Senders below cache boundary (#98267)
* fix(system-prompt): move exec-approval + Authorized Senders below cache boundary
buildExecApprovalPromptGuidance (channel-varying: CLI /approve vs native
approval UI) and buildUserIdentitySection / "## Authorized Senders"
(owner/identity-varying, dropped when minimal) were emitted into the static,
cacheable prefix *above* SYSTEM_PROMPT_CACHE_BOUNDARY. They fork the cacheable
prefix at ~token 1,460, invalidating client-side prefix caching for the rest of
the ~17.8K-token system prompt — causing minutes-long cold prefills on local
models (llama.cpp / MLX / Ollama) after any channel-varying cron/heartbeat turn.
Follow-on to #40256, which moved Messaging/Voice/Reactions below the boundary
but missed these two. Relocates both into the existing below-boundary
channel-guidance block. Pure cache-stability change with no behavioural change
(the guidance is position-independent for correctness). Extends the boundary
test to assert both sections sit below SYSTEM_PROMPT_CACHE_BOUNDARY.
Measured on a local deployment: shared cross-channel prefix grew ~1,460 ->
~15,486 tokens; post-cron interactive turns went from minutes to ~10s.
Fixes #98261
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01H6Hz9UEpxQ4W3d8XecvupH
* fix(system-prompt): suppress relocated exec-approval line under tool_call_style override
Addresses review (clawsweeper): the exec-approval guidance lived inside the
`tool_call_style` fallback, so a provider override of that section previously
replaced it. Relocating it below the boundary emitted it unconditionally, which
changed behaviour for providers/plugins that override `tool_call_style`. Gate the
relocated line on the absence of a `tool_call_style` override, restoring the
original "override replaces the whole section" contract. Extends the
provider-override test to assert the default approval line is suppressed when
the section is overridden.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01H6Hz9UEpxQ4W3d8XecvupH
* fix(system-prompt): tighten cache boundary proof
* fix(system-prompt): tighten cache boundary proof
* fix(system-prompt): tighten cache boundary proof
---------
Co-authored-by: headbouyJB <23249268+headbouyJB@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* Preserve chat soft line breaks on iOS (#98304)
* fix(openrouter): send explicit auth headers (#98187)
* fix(openrouter): send explicit auth headers
* test(openrouter): type stream mock calls
* fix(web): render WebChat preamble progress
Render Control UI item and preamble progressText events as chat stream segments and preserve pre-final stream commentary before appending final assistant messages. Keyed preamble segments stay independent from accumulated stream snapshots, so distinct same-text commentary items render intact.
Co-authored-by: Chisel <chisel@psiclawops.dev>
* fix(web): label preamble proof blocks
Co-authored-by: Chisel <chisel@psiclawops.dev>
* feat(web): make WebChat commentary persistence configurable
Add a per-viewer 'Keep commentary' toggle (UiSettings.chatPersistCommentary,
default true) that controls whether keyed Codex preamble/commentary blocks
stay after the final answer or clear with it.
- Persist (default): keyed commentary materializes as durable blocks, current
behavior, existing proof unchanged.
- Transient (toggle off): commentary stays live during streaming but is never
materialized, so it disappears as the final message arrives. This is the
transient-only behavior from #92236, now user-selectable instead of a
maintainer-level either/or policy choice.
Single gating point in materializeVisibleStreamState (skip itemId-keyed parts
when persistCommentary is false); threaded from settings through the chat
event handler. Adds desktop + mobile header toggles and an en.ts label
(locale bundles regenerated via ui:i18n:sync, English fallback).
Tests: reconciliation persist/transient coverage, final-event handler honors
the setting, settings round-trip + header button assertions updated.
* fix(web): order keyed commentary by timestamp with tool cards
Keyed preamble commentary was appended after the whole tool loop, so it relied solely on the final visible-time sort for placement and lost the insertion-order tiebreaker against tool cards. Splice each keyed commentary segment into the items list before the first item with a strictly-later timestamp, so a preamble that arrived before a later tool renders above that tool while the run is live (not only after final materialization). Tools sharing the commentary timestamp that are already visible stay above it. Adds a buildChatItems regression covering a keyed preamble between two tools.
* fix(web): distill WebChat commentary persistence
* fix(web): reconcile transient commentary history
* chore(ui): refresh zh-TW control ui locale
* chore(ui): refresh de control ui locale
* chore(ui): refresh zh-CN control ui locale
* chore(deadcode): remove stale ACP testing aliases
* chore(deadcode): remove stale outbound testing aliases
* chore(deadcode): remove stale CLI testing aliases
* chore(ui): refresh pt-BR control ui locale
* chore(ui): refresh es control ui locale
* chore(ui): refresh ja-JP control ui locale
* chore(ui): refresh ko control ui locale
* chore(ui): refresh fr control ui locale
* chore(ui): refresh ar control ui locale
* chore(ui): refresh it control ui locale
* chore(ui): refresh tr control ui locale
* chore(ui): refresh id control ui locale
* chore(ui): refresh uk control ui locale
* chore(ui): refresh pl control ui locale
* chore(ui): refresh th control ui locale
* chore(ui): refresh vi control ui locale
* chore(ui): refresh nl control ui locale
* chore(ui): refresh fa control ui locale
* fix(tui): correct disconnect copy for device scope upgrades (#98144)
* fix(tui): correct disconnect copy for device scope upgrades
On disconnect, the TUI told users "Pairing required. Run `openclaw devices
list`, approve your request ID, then reconnect." This is misleading: the
gateway is asking for a device *scope upgrade* (the device is already
paired), and "pairing" points users at `openclaw pairing`, which only
handles chat DM pairing — a different subsystem.
- Reword the hint to name the scope upgrade and the actual recovery command
(`openclaw devices approve --latest`), including the `--token`/`--password`
escape hatch for when the device can't approve its own upgrade.
- Also match the gateway's "scope upgrade" disconnect reason, not just
"pairing required".
AI-assisted (Claude Code).
* fix(tui): clarify device approval preview hint
* fix(anthropic): surface Discord pre-tool commentary
Route Anthropic pre-tool narration through the commentary progress lane, preserve shared channel progress defaults, and keep Discord/Telegram reasoning gates explicit.
Thanks @Marvinthebored!
* Add Swedish mobile app localization (#98043)
* feat: add Swedish mobile app localization
* fix: remove dead Swedish watch extension localization
* docs: document iOS metadata locale directories
---------
Co-authored-by: Daniel Nylander <daniel@danielnylander.se>
* fix(sms): guard Twilio JSON.parse against malformed API response bodies (#97999)
Wrap JSON.parse in parseTwilioListPayload and retrieveTwilioMessagingService with try/catch to prevent a malformed Twilio API response from throwing an unhandled SyntaxError.
- parseTwilioListPayload: return [] on parse failure (fail-safe for phone number listing)
- retrieveTwilioMessagingService: throw descriptive Error on parse failure
Note: parseTwilioApiError and parseTwilioSuccessPayload already had try/catch guards (lines 85-97, 104-121).
Signed-off-by: lsr911 <liao.shirong@xydigit.com>
Co-authored-by: Claude <noreply@anthropic.com>
* fix(matrix): guard JSON.parse against malformed homeserver response bodies (#97973)
Wrap JSON.parse(text) in MatrixAuthedHttpClient.requestJson with try/catch to prevent a malformed Matrix homeserver response from throwing an unhandled SyntaxError.
On parse failure, throw an Error with statusCode attached (matching the buildHttpError convention) so callers can handle it like any other Matrix API error.
Signed-off-by: lsr911 <liao.shirong@xydigit.com>
Co-authored-by: Claude <noreply@anthropic.com>
* fix(core): propagate caller env PATHEXT through isExecutableFile on Windows (#98093)
* fix(core): propagate caller env PATHEXT through isExecutableFile on Windows
isExecutableFile hardcoded undefined when calling resolveWindowsExecutableExtSet,
ignoring any caller-provided custom env.PATHEXT. This meant resolveExecutablePath
and resolveExecutableFromPathEnv would fall back to process.env.PATHEXT even when
the caller supplied a different env with an extended PATHEXT (e.g. .PS1).
- Add optional options.env parameter to isExecutableFile
- resolveWindowsExecutableExtSet now reads from options?.env
- All 3 callers pass their available env through
Affects Windows deployments using sandbox/container environments where
PATHEXT differs from process.env (Docker Windows containers, CI runners, tests).
Fully backward compatible: undefined env falls back to process.env.PATHEXT.
* fix(core): also propagate caller env PATHEXT in node-host invoke resolver
- Fix sibling system.which resolver in src/node-host/invoke.ts:378
to use caller env PATHEXT instead of process.env only
- Add comprehensive Windows-mocked tests for caller env PATHEXT
propagation through isExecutableFile, resolveExecutableFromPathEnv,
and resolveExecutablePath
- Tests cover: custom env accepted, fallback to process.env,
path-separator and PATH-based resolution paths
* fix(core): also propagate caller env PATHEXT through node-host invoke resolver
- Add env?.PathExt and process.env.PathExt casing to both
resolveWindowsExecutableExtSet and resolveWindowsExecutableExtensions
for compatibility with callers using PascalCase env keys
- Isolate positive PATHEXT tests from process.env.PATHEXT by
explicitly setting it to .TXT before each test, ensuring they
prove caller env propagation rather than host env leak
* fix(core): add env?.PathExt casing to node-host system.which resolver
---------
Co-authored-by: wendy-chsy <wan.wenyan@xydigit.com>
* test(utils): add unit tests for chunkItems (#98219)
Add 8 test cases covering fixed-size array splitting, empty input,
size <= 0, size=1, size > length, exact division, readonly input
preservation, and fractional size behavior.
* test(config): add unit tests for resolveExecCommandHighlighting (#98087)
* test(infra): add unit tests for SQLite number normalization (#98009)
* test(infra): add unit tests for SQLite number normalization
* fix: remove undefined param test, not in function signature
* fix(gateway): iOS Talk treats SecretRef-backed API keys as missing (#98210)
* fix(gateway): resolve Talk SecretRefs for scoped native clients
* fix(gateway): constrain Talk secret materialization
* fix(gateway): redact Talk source provider secrets
* fix(gateway): satisfy Talk config lint
* docs(gateway): clarify Talk secret config payload
---------
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
* feat(gateway): scoped attach grants for external MCP loopback clients
Per-session, TTL-bounded, revocable bearer grants (mcp-grant-store) let an external/interactive
harness reach the gateway's scoped MCP loopback tools without the cli-backend's process-global
token. A grant is a lower-trust boundary: it binds the session server-side AND fail-closes on every
caller-supplied context header (x-session-key plus message-channel/account/current-channel/thread/
source-reply/event-kind), so a grant holder can neither scope-shop the session nor spoof
delivery/action context into scoped tools or the message tool. New attach.grant/attach.revoke
operator methods mint/revoke grants and return the loopback MCP config. Owner/non-owner cli-backend
path unchanged.
* refactor(gateway): trim attach grant implementation
* fix(agents): keep merged delivery routes account-bound (#98240)
* fix(agents): keep merged delivery routes account-bound
mergeDeliveryContext gated route-field crossing on channel only, so a
completion origin that knew its account but not a concrete target
inherited a different account's to/threadId on the same channel. A
subagent, cron, or media completion for bot-a could be addressed to
bot-b's chat but sent through bot-a (cross-account misroute) or dropped.
This restores the account-bound guard added in 1ed8592467 and removed as
collateral by 025db6cf9e (PR #89949); same-account and missing-account
merges still backfill so the media route-pin path is preserved. Restores
the deleted regression test.
* fix(agents): centralize account-bound completion routes
---------
Co-authored-by: Peter Steinberger <steipete@golden-gate.local>
* Redact bare Fireworks API keys (#98226)
* Redact bare Fireworks API keys
* fix(logging): harden Fireworks key redaction
* fix(logging): harden Fireworks key redaction
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* docs: publish release notes for v2026.6.11 (#98319)
* fix: show in-progress status for channel runs (#98257)
Summary:
- Merged fix: show in-progress status for channel runs after ClawSweeper review.
Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head 08eec41769bd918a21e247404ad691d5707a79e1.
- Required merge gates passed before the squash merge.
Prepared head SHA: 08eec41769bd918a21e247404ad691d5707a79e1
Review: https://github.com/openclaw/openclaw/pull/98257#issuecomment-4849525931
Co-authored-by: scotthuang <scotthuang@tencent.com>
Approved-by: takhoffman
* fix(gateway): keep provider-owned CLI sessions across the daily default reset (#97931)
The gateway agent.run freshness decision called evaluateSessionFreshness
directly at both of its decision sites with no provider-owned guard, so a
provider-owned CLI session (claude-cli, codex, gemini-cli) under the default
reset config was rotated after the daily boundary when a turn ran through the
gateway path (webchat, openclaw agent, ACP, control UI, cron, heartbeat). The
rotation cleared the CLI session binding and split the transcript, violating
the documented exemption that the inbound auto-reply path and the canonical
session helper already honor.
Route both gateway freshness decisions through the same
resetPolicy.configured !== true && hasProviderOwnedSession(entry) skip the
inbound path uses, and export hasProviderOwnedSession so the predicate has one
shared definition instead of a third copy. Explicit session.reset and /reset
still cut these sessions.
* docs: refresh docs map for v2026.6.11 (#98325)
* fix(auto-reply): stop level directives from eating the next message word (#97929)
matchLevelDirective consumed the token after a level directive
(/think, /verbose, /trace, /fast, /reasoning, /elevated) as the level
argument unconditionally, and extractLevelDirective stripped it from the
body whether or not it was a valid level. So a message like
"/verbose explain quantum computing" reached the agent as
"quantum computing", silently dropping the user's first word, and the
whitespace scan crossed newlines so "/verbose\nSummarize this" lost
"Summarize".
Treat the trailing token as the directive argument only when it
normalizes to a valid level or is the sole remaining token (preserving
the unrecognized-level hint and the default/inherit clear sentinels).
When two or more words follow, the directive acts argument-less and the
message text is preserved intact, matching the exec and queue parsers
that stop at an unrecognized token.
* fix(agents): estimate harness role sizes in context guard char estimator (#97928)
The in-loop context-overflow guard (installToolResultContextGuard) sizes
transcript messages via estimateMessageChars, which only handled user,
assistant, and toolResult roles. Harness roles (bashExecution,
compactionSummary, branchSummary, custom) fell through to a flat 256-char
return, causing the guard to undercount summary- and bash-dominated
context by orders of magnitude.
This is the sibling defect of the just-merged #97861 which fixed the same
class in estimateMessageTokenPressure (the pre-prompt precheck). This
commit applies the identical pattern to the live in-loop guard estimator.
Fixes #97927
* doctor: add memory search lint findings (#97137)
* doctor: add memory search lint findings
* fix(doctor): quiet memory lint for auth-profile sources
* fix(doctor): require provider-specific auth source for memory lint
* fix(doctor): preserve qmd memory lint warnings
* fix(doctor): validate auth source credentials
* Doctor: expose workspace status findings (#97358)
* doctor: expose workspace status findings
* fix(doctor): pass workspace drift into lint
* fix(doctor): pass allow-exec into workspace lint drift
* test(qa-lab): harden whatsapp qa scenarios (#95622)
* fix(whatsapp): preserve group participant identity in QA driver
* fix(whatsapp): infer same-chat action targets
* test(qa-lab): record whatsapp scenario posture
* test(qa-lab): harden whatsapp live scenario coverage
* docs(qa): describe whatsapp qa lane coverage
* fix: prevent skill-creator from bypassing workshop proposals (#98346)
Summary:
- The branch adds bundled skill-creator guidance to route durable OpenClaw skill work through Skill Workshop proposals and removes the direct `init_skill.py` scaffold helper plus its test.
- PR surface: Docs +6, Other -429. Total -423 across 3 files.
- Reproducibility: yes. source-level: current main has `init_skill.py` writing a live `SKILL.md` directly, whi ... `. I did not run the direct helper as a repro because this review was read-only and that path writes files.
Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head 8eca1654472e50283ba7deed5f3220cc8213be94.
- Required merge gates passed before the squash merge.
Prepared head SHA: 8eca1654472e50283ba7deed5f3220cc8213be94
Review: https://github.com/openclaw/openclaw/pull/98346#issuecomment-4849855806
Co-authored-by: momothemage <niuzhengnan@163.com>
Approved-by: momothemage
* fix(heartbeat): scope commitment fan-out prompts (#98169)
* fix(heartbeat): scope commitment fan-out prompts
* fix(heartbeat): isolate commitment fan-out runs
* fix(heartbeat): isolate commitment fan-out runs
---------
Co-authored-by: Benjamin Badejo <ben@benbadejo.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* doctor: expose device pairing findings (#97366)
* Fix Android TLS fingerprint timeout handling (#98366)
* fix(ios): open app on chat by default (#98353)
Co-authored-by: BSnizND <199837910+BsnizND@users.noreply.github.com>
* fix(security): warn on agent skill MCP boundary drift (#98352)
Summary:
- Merged fix(security): warn on agent skill MCP boundary drift after ClawSweeper review.
Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head ab3c29ef4c731dfdbff75f2f5c7ec65c63ec195d.
- Required merge gates passed before the squash merge.
Prepared head SHA: ab3c29ef4c731dfdbff75f2f5c7ec65c63ec195d
Review: https://github.com/openclaw/openclaw/pull/98352#issuecomment-4850104358
Co-authored-by: momothemage <niuzhengnan@163.com>
Approved-by: momothemage
* fix: retry image describe fallback models (#98347)
Summary:
- Merged fix: retry image describe fallback models after ClawSweeper review.
Automerge notes:
- Addressed earlier ClawSweeper review findings before merge.
Validation:
- ClawSweeper review passed for head 55b26bd37374de551fd13595751350f261d6a832.
- Required merge gates passed before the squash merge.
Prepared head SHA: 55b26bd37374de551fd13595751350f261d6a832
Review: https://github.com/openclaw/openclaw/pull/98347#issuecomment-4850122718
Co-authored-by: momothemage <niuzhengnan@163.com>
Approved-by: momothemage
* fix(ios): avoid transient duplicate final replies (#98117)
* Fix iOS final reply dedupe
* fix(ios): scope final message reconciliation
* docs(ios): explain final message reconciliation key
---------
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
* fix(gateway): emit stale exec approval followup diagnostics (#98293)
* fix(gateway): emit stale exec approval followup diagnostics
* fix(gateway): cover approval suppression diagnostics in ci
* fix(logging): preserve approval ids in stability bundles
* docs(exec): document suppression diagnostics
---------
Co-authored-by: BSnizND <199837910+BsnizND@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@golden-gate.local>
* fix(ios): use Gateway speech providers in Talk (#98376)
* fix(ios): route gateway speech through talk.speak
* fix(ios): preserve realtime fallback state
* fix(ios): satisfy audio delegate concurrency
* fix(ios): ignore stale audio callbacks
* fix(ios): ignore stale audio callbacks
---------
Co-authored-by: Peter Steinberger <steipete@golden-gate.local>
* Suppress expired exec approval followup warnings (#66685)
* fix(agents): suppress expired approval followup warnings
* fix(agents): suppress expired approval followup warnings
---------
Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
* fix: show actionable mobile protocol mismatch recovery (#98385)
* Fix mobile protocol mismatch recovery
* Test iOS protocol mismatch connect failures
* Fix iOS protocol mismatch problem actions
* fix(cli): explain how to recover from device approve deadlock (#98146)
* fix(cli): explain how to recover from device approve deadlock
`openclaw devices approve` could fail two ways with no path forward:
- When the calling device can't approve its own scope upgrade (it lacks
operator.approvals) and no loopback local fallback is available (e.g. a
remote --url gateway), the raw "scope upgrade pending approval" error
propagated with no guidance.
- When the request id wasn't found in pending state (already approved,
expired, or superseded), it printed only "unknown requestId".
Surface actionable guidance instead:
- On an authorization failure, explain that the device can't approve its
own upgrade and point to `--token`/`--password` (gateway owner creds) or
approving from a device that already holds operator.approvals.
- On a missing request, point to `openclaw devices list` and
`openclaw devices approve --latest`.
AI-assisted (Claude Code).
* fix(cli): clarify device approval recovery
* fix(cli): avoid unusable approval credential advice
* improve(ios): clarify Control and Talk visual hierarchy (#98423)
* feat(ios): refine control and talk visual hierarchy
* feat(ios): refine control and talk visual hierarchy
* feat(ios): refine control and talk visual hierarchy
* fix(doctor): recover legacy cron archive across devices (#98217)
* fix(doctor): recover legacy cron archive across devices
* fix(doctor): harden legacy cron archive retries
* fix(doctor): canonicalize shipped cron retry shape
* fix(doctor): persist legacy cron migration receipts
---------
Co-authored-by: Peter Steinberger <steipete@golden-gate.local>
* feat(openai): add GPT-5.6 series support (#98333)
* feat(openai): add GPT-5.6 series support
* docs: refresh map for GPT-5.6
* fix(openai): preserve GPT-5.6 thinking metadata
* fix(codex): sync managed app server version
* fix(codex): sync managed app server version
* fix(openai): account for GPT-5.6 cache writes
---------
Co-authored-by: Peter Steinberger <steipete@golden-gate.local>
* fix(cron): preserve action-required command output
* fix(cron): strip nested job diagnostics from webhook payloads
* test(gateway): remove cron redaction casts
* fix(ios): classify TLS fingerprint timeouts (#98429)
* fix(ios): classify gateway TLS fingerprint timeouts
* Add discovered TLS trust regression test
* fix: Android setup codes accept local mDNS gateway hosts (#98439)
* Fix Android mDNS setup-code cleartext policy
* Align Android gateway diagnostics cleartext guidance
* fix(ios): improve light and dark appearance contrast (#98443)
* fix(llm): preserve structured tool result replay
Preserve structured tool-result replay text across provider transports while keeping provider-facing redaction and Anthropic media ordering intact.
Thanks @snowzlmbot!
* fix(status): surface unregistered memory embedding providers (#97968)
* refactor(sessions): centralize scoped store path resolution
* refactor(agents): reuse process stdin writer
* refactor(security): centralize safe-bin config normalization
* refactor(sessions): centralize export transcript parsing
* fix(agents): preserve runtime settings overrides (#92237)
* Fix active-memory stale ops summaries (#95888)
Co-authored-by: costaff <costaff-lapclaw-001@efiducian.com>
* fix(gateway): surface systemd start-limit exhaustion (#98291)
* fix(gateway): surface systemd start-limit exhaustion
* fix(gateway): avoid start-limit false positive for exit 78
* fix(gateway): hint missing external plugin for web login (#90517)
* fix(gateway): hint missing official plugin for web login
* fix(gateway): keep missing web login hints actionable
* test(infra): add unit tests for SQLite user_version pragma helper (#98369)
* test(infra): add unit tests for SQLite user_version pragma helper
* ci: trigger re-review
* fix(android): hide status bar in release screenshots
* Fix extension exec process-tree termination (#98340)
* fix(ui): collapse duplicate assistant groups during segmented streaming (#92063)
Fold a contiguous run of in-flight stream/reading-indicator items into one
assistant group (one avatar/footer, segments stacked as bubbles) so a segmented
streaming reply no longer flashes a separate avatar+footer per segment.
Render-layer only: the shared ChatItem types and build-chat-items.ts are
untouched, and a message/group/divider breaks the run so interleaved tool calls
keep their own groups.
Refs #63956
AI-assisted (Claude Code).
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
* fix(infra): guard delivery queue inflate against corrupted entry_json (#98354)
* fix(infra): guard delivery queue inflate against corrupted entry_json
* fix(infra): use toSorted in delivery queue test
* fix(agents): warn on cron announce skip (#90566)
* fix(agents): warn on cron announce skip
* fix(agents): gate cron announce skip warnings
* fix(ports): validate lsof PID parsing before assignment (#98371)
* fix(ports): validate lsof PID parsing before assignment
Add Number.isFinite guard on lsof 'p' line PID parsing in
parseLsofOutput, consistent with the netstat branch in the same
function which already validates with Number.isNaN.
While the downstream if (current.pid) truthiness check catches
NaN (falsy), adding validation at the parse site is defense-in-
depth and eliminates an inconsistency within the same function.
* test(ports): add edge case tests for parseLsofOutput
Add test coverage for malformed lsof 'p' lines (empty PID, non-numeric
suffix), zero PID, and empty input to verify the Number.isFinite guard
correctly filters invalid entries.
* fix(cron): keep provider-owned CLI sessions across the daily default reset (#98356)
The provider-owned CLI session exemption added for the gateway agent.run path
in #97931 was not applied to the non-gateway session resolvers. Scheduled
isolated-agent cron jobs run through runCronIsolatedAgentTurn ->
resolveCronSession, and the local openclaw command runs through resolveSession;
both called evaluateSessionFreshness directly with no provider-owned guard.
Under the default reset config a persistent-target cron job on a CLI runtime
(claude-cli, codex, gemini-cli) therefore rotated its session after the daily
boundary, minting a new sessionId and dropping the cliSessionBindings, so the
agent silently lost its underlying CLI conversation every morning and the
transcript was split. Because resolveCronSession also backs the heartbeat
runner, that surface was affected too.
Route both resolvers through the same
resetPolicy.configured !== true && hasProviderOwnedSession(entry) skip the
gateway and inbound paths already use. Explicit session.reset and configured
resets still rotate these sessions, and the command path still rotates when the
terminal main transcript is newer than the registry.
* test(shared): add unit tests for account enabled guard (#98395)
* fix(agents): recover thinking errors from provider body (#98411)
* docs(skills): parameterize landable bug sweeps (#98494)
* fix: report codex chatgpt status auth (#91240)
* test(agents): add unit tests for thinking block detection (#98370)
* test: prefer shared temp dir helpers in config, gateway, cron, crestodian, and state tests (#96711)
* fix: add temp dir cleanup to 14 P0 test files (Group A)
* fix: restore os import and fix fs.rmSync call in temp dir cleanup
* fix: use shared temp dir helpers in config, gateway, cron, crestodian, and state tests
* fix(test): rename underscore-prefixed temp dir vars and remove unused imports
* fix(test): remove unused path import in crestodian audit test
* fix(test): reorder expected plans to match buildVitestRunPlans output after rebase
* Fix Android QR scan pairing flow (#98483)
* fix docs-list-mdx-pages (#95230)
* fix(minimax): bound OAuth JSON response via shared provider reader (#96322)
Use readProviderJsonResponse (shared 16 MiB default cap) instead of
unbounded response.json() for MiniMax OAuth authorization code endpoint.
Signed-off-by: lsr911 <liao.shirong@xydigit.com>
Co-authored-by: Claude <noreply@anthropic.com>
* fix(config): warn when permission hardening fails during recovery (#95348)
Surface chmod failures during config backup restore, last-known-good
promotion/recovery, and prefix recovery instead of swallowing them silently.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(copilot): guard against undefined runtime.state during cli-metadata registration (#95229)
Co-authored-by: sunlit-deng <sunlit.deng@example.com>
* fix(memory): skip raw snippets during promotion (#94636)
* [AI] fix(feishu): guard partial channelRuntime in monitor startup (#94013)
* [AI] fix(feishu): guard partial channelRuntime in monitor startup
When the gateway passes a partial channelRuntime (ChannelRuntimeSurface
with only runtimeContexts but no inbound/debounce), the ?? operator in
monitor.account.ts selects it over the full local runtime, causing
monitor startup to crash on channelRuntime.debounce access.
Mirror the same ?.inbound guard pattern from bot.ts:739 (PR #93466)
to monitor.account.ts:487. When the runtime lacks inbound, fall back
to getFeishuRuntime().channel which always has the full surface.
No test: the guard mirrors an already-merged pattern (#93466) and only
affects the partial-runtime edge case that requires a gateway context.
Related to #92595
* [AI] test(feishu): add channelRuntime guard tests for monitorSingleAccount
Three test cases for the channelRuntime guard at
monitor.account.ts:489:
1. Partial channelRuntime (no inbound) → falls back to local runtime
2. Full channelRuntime with inbound → uses provided runtime
3. No channelRuntime (undefined) → falls back to local runtime
Related to #92595
* fix: hide expired pairing QR cards in Control UI (#98049)
* Hide expired pairing QR codes
* Schedule pairing QR expiry refresh
* test(memory): cover live manager after CLI reindex (#96094)
* fix: advertise route-aware LAN Control UI links (#98482)
* Route LAN pairing URLs by default route
* Advertise route-aware LAN Control UI links
* Fix route-aware LAN test mocks
* Narrow advertised LAN SDK export
* Recover archived (.reset) session transcripts in memory hook + session-logs skill (#71537)
* fix(session-memory): recover archived reset transcripts
* docs(session-logs): include archived transcripts in skill examples
Plain .jsonl globs miss .jsonl.reset.*Z and .jsonl.deleted.*Z files,
which still contain real transcript content. Add explicit guidance and
a list_session_transcripts helper so searches can opt in to full
history when needed.
Pairs with the session-memory recover-from-archive fix in the same
branch.
* docs(session-logs): scope nullglob and use while-read in helper
Address Greptile review feedback on PR #71537:
* nullglob is now saved and restored inside list_session_transcripts so
the helper does not change the caller shell environment when sourced.
* Replace 'for f in $(list_session_transcripts)' tip with a 'while
IFS= read -r' loop so paths with spaces or other IFS characters are
handled correctly. Include a worked example using the same date+size
listing the surrounding section already documents.
Doc only, no runtime behavior change.
* docs(config-agents): correct built-in alias table for opus and gpt (#96375)
The built-in alias shorthands table listed stale model ids that no longer
match src/config/defaults.ts (DEFAULT_MODEL_ALIASES):
opus: anthropic/claude-opus-4-6 -> anthropic/claude-opus-4-8
gpt: openai/gpt-5.5 -> openai/gpt-5.4
These now match defaults.ts and the help/faq-models alias table, and resolve
an internal contradiction on this same page (its runtime-policy example already
uses anthropic/claude-opus-4-8).
* docs(gateway): fix Telegram streaming default in config-channels.md (#98453)
The config example in docs/gateway/config-channels.md incorrectly
listed streaming default as "off". The actual runtime default is
"partial", as confirmed by the Telegram plugin's default resolver.
docs/channels/telegram.md already correctly documents the default
as "partial".
Co-authored-by: Claude <noreply@anthropic.com>
* test: repair hosted CI baseline assertions (#98533)
* feat(imessage): native poll support — create, read, vote (#98421)
* feat(imessage): add native poll action
Wire the imsg CLI 'poll send' bridge command into the iMessage channel
message-tool action surface, mirroring the existing Discord poll action.
Adds the 'poll' action (gate: polls), a sendPoll runtime, selector-gated
capability advertisement (pollPayloadMessage), config type + zod schema,
regenerated channel metadata, docs, and tests.
* feat(imessage): read inbound polls, vote, and suppress vote echo
Builds on the native poll send action:
- Inbound polls now render to the agent as a readable line (question +
numbered options + tallies) instead of the raw 0xFFFD balloon placeholder,
so a received poll no longer reads as an empty message.
- New `poll-vote` action casts a vote via `imsg poll vote`, resolving a
1-based option index / text / UUID to the poll's option identifier.
- message_tool_only echo guard: the model tends to narrate its choice in a
text reply right after voting ("Blue."), which is redundant since the vote
shows on the poll. A new `poll_vote_echo` suppression reason (alongside
inbound_metadata_echo / internal_runtime_context_echo) drops a send/reply
that exactly restates the just-cast vote, using the option label imsg
returns. Extra content passes through untouched.
* fix(imessage): gate poll-vote on imsg poll.vote rpc capability
Released imsg carries the pollPayloadMessage selector (poll create) but
predates the poll.vote CLI/RPC. Gating both poll and poll-vote on that
selector alone would advertise a vote action the released CLI rejects.
Gate poll-vote additionally on the advertised poll.vote rpc method so this
plugin can ship ahead of the imsg release.
* fix(imessage): enforce poll.vote capability at execution, not just discovery
Codex review flagged the discovery gate as bypassable: a caller that already
knows action=poll-vote skips describeMessageTool and reaches handleAction
directly. Add the same imessageRpcSupportsMethod(status, 'poll.vote') check in
the poll-vote execution path (after assertPrivateApiEnabled), so a direct
dispatch on released imsg fails closed with a clear message instead of an
opaque CLI rejection. Adds a negative handleAction test.
* fix(imessage): harden native poll support
* fix(message): validate targets before channel discovery
* fix(message): validate targets before channel discovery
---------
Co-authored-by: Omar Shahine <lobster@users.noreply.github.com>
Co-authored-by: Omar Shahine <10343873+omarshahine@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* docs(matrix): document missing streaming.progress mode, progress sub-fields, and mentionPatterns config (#98318)
* docs(matrix): document missing streaming.progress mode, progress sub-fields, and mentionPatterns config
* docs: clarify Matrix progress labels
---------
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
* docs(onboard): document 11 missing non-interactive CLI flags (#97753)
* docs(onboard): document 11 missing non-interactive CLI flags
* docs: correct token profile default wording
* docs: update generated docs map
---------
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
* fix(mattermost): bound null-body error response reads (#97851)
Co-authored-by: Pick-cat <266665499+Pick-cat@users.noreply.github.com>
* fix(memory-wiki): preserve notes after transient page reads (#98360)
* test: fix stale core test type failures (#98551)
* fix(browser): bound error body read in fetchHttpJson to prevent OOM (#98455)
* fix(browser): bound error body read in fetchHttpJson to prevent OOM
* fix(browser): enforce strict error response limit
---------
Co-authored-by: Peter Steinberger <58493+steipete@users.noreply.github.com>
* fix(code-mode): surface QuickJS error name and message to the model (#95906)
* fix(code-mode): surface QuickJS error name and message to the model
* fix(code-mode): preserve host error diagnostics
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
* fix(agents): don't crash autoreview copilot engine on Windows temp-dir cleanup (#97901)
On Windows the spawned copilot process and its MCP subprocesses keep the
TemporaryDirectory as their cwd briefly after exit, holding a directory handle.
That makes TemporaryDirectory's rmtree raise PermissionError (WinError 32) on
__exit__, aborting the run with a traceback even though the review completed
successfully. Pass ignore_cleanup_errors=True so cleanup is best-effort and a
post-review cleanup race never fails the run.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix(slack): truncate served arg-menu option labels on a surrogate boundary (#97923)
* fix(update): validate bundle plugin payloads by manifest contract (#98010)
* fix(update): validate bundle plugin payloads by manifest contract
Closes #97985
* fix(update): preserve native payload checks for dual-format plugins
* fix(update): satisfy payload validation lint
* fix(update): cover persisted marketplace bundles
* fix(codex): derive terminal-idle watchdog from explicit run timeout (#85296)
* fix(codex): derive terminal-idle watchdog from effective run timeout
Fixes the early-abort half of #85242. The Codex app-server terminal-idle
watchdog used a hardcoded 30-minute default that was not derived from the
effective run timeout, so a scheduled turn configured with a longer
timeoutSeconds could be aborted early at 30 minutes even with budget left.
resolveCodexTurnTerminalIdleTimeoutMs (now in attempt-timeouts.ts after the
upstream split) accepts the effective run timeout and, with no explicit
override, follows the run budget instead of the 30-minute default:
- explicit override always wins (advanced config / tests)
- otherwise terminal-idle = max(30min floor, run budget), so a longer run is
no longer cut short and existing protection is never shortened
- falls back to the 30min default when no run budget is known
Reuses the existing resolvePositiveIntegerTimeoutMs helper, matching the
neighbouring post-tool resolver. Adds focused unit tests for the derivation.
The diagnostic-wording half of #85242 (naming the terminal-idle watchdog in
the surfaced guidance) is left as a separate follow-up.
* fix(codex): derive terminal-idle watchdog from effective run timeout
* fix(codex): preserve default terminal idle watchdog
---------
Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
* feat(i18n): inventory native app UI strings
* feat(i18n): define native locale matrix
* fix(i18n): keep native refresh inventory clean
* fix(i18n): guard native inventory in CI
* fix(i18n): skip non-runtime native source literals
* fix(i18n): preserve native placeholders and whitespace
* ci(i18n): run native checks for tooling changes
* fix(i18n): preserve Kotlin native placeholders
* fix(i18n): parse native interpolation expressions
* feat(i18n): inventory native resources and wrappers
* fix(i18n): align native scan scope and build exclusions
* fix(i18n): inventory conditional native labels
* fix(i18n): cover all native source roots
* fix(i18n): filter non-translatable native literals
* fix(i18n): restrict native UI extraction
* fix(i18n): route native inventory checks narrowly
* feat(i18n): add Swedish native locale
* fix(ci): route native locale refresh checks
* fix(i18n): cover structured native UI strings
* fix(i18n): scope native UI helper extraction
* fix(i18n): cover native conditional UI strings
* fix(i18n): parse native UI string expressions
* fix(i18n): include custom SwiftUI helper labels
* fix(i18n): stabilize native inventory generation
* chore(i18n): refresh native inventory line mappings
* fix(ui): localize expired pairing QR notice
* fix(ui): localize expired pairing QR notice
* fix: allow config.patch with defaulted provider baseUrl (#98396)
Summary:
- Merged fix: allow config.patch with defaulted provider baseUrl after ClawSweeper review.
Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head 68fbf67640f7abe2d6e78ee935dddaa0caae0a27.
- Required merge gates passed before the squash merge.
Prepared head SHA: 68fbf67640f7abe2d6e78ee935dddaa0caae0a27
Review: https://github.com/openclaw/openclaw/pull/98396#issuecomment-4853365525
Co-authored-by: momothemage <niuzhengnan@163.com>
Approved-by: momothemage
* chore(ui): refresh zh-TW control ui locale
* chore(ui): refresh de control ui locale
* chore(ui): refresh pt-BR control ui locale
* chore(ui): refresh zh-CN control ui locale
* chore(ui): refresh es control ui locale
* chore(ui): refresh ja-JP control ui locale
* chore(ui): refresh ko control ui locale
* chore(ui): refresh fr control ui locale
* chore(ui): refresh ar control ui locale
* chore(ui): refresh tr control ui locale
* chore(ui): refresh uk control ui locale
* chore(ui): refresh it control ui locale
* chore(ui): refresh id control ui locale
* chore(ui): refresh pl control ui locale
* chore(ui): refresh th control ui locale
* chore(ui): refresh vi control ui locale
* chore(ui): refresh nl control ui locale
* chore(ui): refresh fa control ui locale
* fix(usage-bar): use Object.hasOwn instead of in operator to avoid prototype chain pollution (#98503)
The in operator traverses the prototype chain, causing keys like toString,
constructor, valueOf, and __proto__ to incorrectly match Object.prototype
inherited properties in alias table lookups and map segment case lookups.
Replace with Object.hasOwn (ES2022) which only checks own properties.
Fixes #98466
Co-authored-by: Claude <noreply@anthropic.com>
* feat(android): localize gateway onboarding
* feat(android): localize every native locale
* fix(android): complete localized gateway trust flows
* test(android): enforce localized resource coverage
* fix(android): preserve Swedish app name
* fix(android): validate resource apostrophe syntax
* fix(media): normalize Windows inbound paths case-insensitively
* fix Windows inbound media path casing
* test: cover Windows inbound path casing
* test(plugin-sdk): cover media runtime inbound path casing
* fix(agents): skip implicit discovery in models replace mode
* fix(agents): skip implicit provider discovery when models.mode is 'replace' [AI-assisted]
resolveProvidersForModelsJsonWithDeps unconditionally awaited the implicit
provider resolver before honoring models.mode. With mode: 'replace' the user
opts out of discovery, so add a 3-line early-return guard that returns only the
explicit providers — eliminating the (slow) discovery pass for replace-mode.
Closes #66957.
AI-assisted contribution.
* chore: re-trigger CI (transient checkout/flaky core-check failures + cancelled gates; no code change)
* fix(sessions): preserve lineage metadata in JSON
* fix(message-tool): apply responsePrefix to outbound sends
* fix(message-tool): apply messages.responsePrefix to outbound sends
* fix(message-tool): interpolate responsePrefix templates on sends and skip unresolved model tokens
* fix(embedded-agent): classify Cloudflare challenge HTML as upstream failure
* fix: #94432 classify Cloudflare challenge 403 as upstream_html instead of auth_html
* chore: trigger CI re-run for Real behavior proof validation
* fix: align Cloudflare challenge detector with shared challenge markers
Extend CLOUDFLARE_CHALLENGE_RE to also match cdn-cgi/challenge-platform
and challenge-error-text — patterns already recognized by the shared
STANDALONE_HTML_ERROR_HINT_RE in assistant-error-format.ts.
Add regression tests for both new marker variants to ensure coverage.
* fix(embedded-agent): suppress raw Cloudflare HTML in console after upstream_html reclassification
- Add upstream_html to RAW_ERROR_CONSOLE_SUPPRESSED_FAILURE_KINDS so
Cloudflare challenge 403 pages classified as upstream_html do not
leak raw HTML into lifecycle/failover console rawError= diagnostics
- Add regression test verifying upstream_html suppression in
failover observation console messages
Re: #94432
---------
Co-authored-by: lzyyzznl <lzyyzznl@users.noreply.github.com>
Co-authored-by: lizeyu-xydt <lizeyu@xydigit.com>
* fix(docker): reduce local build memory pressure
* feat(node): add gateway context path support
* fix(irc): classify host-less nick!user allowlist entries as mutable
An IRC sender mask is nick!user@host where only host is server verified;
nick and user (ident) are client supplied and spoofable. The allowlist
identity classifier treated any entry containing "!" or "@" as a verified
stable identity, so a host-less nick!user entry was classified stable and
matched by the host-less nick!user subject candidate. With
dangerouslyAllowNameMatching at its secure default (off), the mutable
identifier policy only strips entries owned by a dangerous field, so the
host-less entry was never stripped and a remote sender presenting the same
nick and ident was admitted regardless of host.
Require a verified @host component before an entry or subject is classified
stable. Host-less nick and host-less nick!user are now both routed to a
dangerous (mutable) field so they are gated by the same name-matching policy.
The doctor mutable-allowlist detector now also flags host-less nick!user
entries so operators who typed that undocumented shape get a warning. The
documented full nick!user@host mask stays stable and unaffected.
* fix(matrix): bound raw transport response reads
* fix(matrix): bound raw transport response reads to prevent OOM
* test(matrix): add real node:http server proof for bound transport
Two new integration-style tests drive performMatrixRequest against a real
node:http server (no stubRuntimeFetch mock) using real undici + SSRF
dispatcher and ssrfPolicy.allowPrivateNetwork:
- over-cap: server declares Content-Length > MATRIX_SDK_RESPONSE_MAX_BYTES
with maxBytes omitted → rejects MatrixMediaSizeLimitError (68 ms wall)
- under-cap: server returns small payload with maxBytes omitted → Buffer
returned correctly (12 ms wall)
Addresses ClawSweeper feedback: previous proof showed only Vitest mock
output; these tests exercise the real Matrix runtime fetch path end-to-end.
* test(matrix): satisfy lint for transport proof
* fix(matrix): preserve encrypted media download limits
* test(matrix): add streaming OOM guard proof via real node:http server without Content-Length
Drive readResponseWithLimit directly by omitting Content-Length so that
enforceDeclaredResponseSize is a no-op and the streaming byte cap is the
sole enforcement path. A 20 MiB chunked server response with a 16 MiB
cap confirms the stream is canceled before full buffering (chunksWritten
< TOTAL_CHUNKS). A second case verifies under-cap payloads pass through.
* test(matrix): fix lint errors in real HTTP server proof (curly)
* test(matrix): add under-cap proof to real HTTP server test
* fix(feishu): hoist abortable delay timer binding
The finish() closure referenced timer which was declared with const after
finish was defined. If finish(false) ran via the abort signal check at
line 99 or via the abort event listener before the const timer assignment,
accessing timer in the temporal dead zone would throw a ReferenceError.
Hoist timer as a let binding above finish so it is safely undefined when
finish fires early, and the guard in finish handles it.
* fix: clear Tailscale probe timeout
The checkBinary helper used Promise.race with a setTimeout-based timeout
but never cleared the timer when runExec completed first. Wrap the race
in a try/finally that clears the timer handle to avoid a dangling timer.
* fix(sms): strip internal tool traces from replies
* fix(browser): decode CDP URL credentials
* fix(reply): honor suppressToolErrors for progress
5.22 already drops the tool-error WARNING text via payloads.ts, but the
error tool-result payload was still delivered as channel progress unless
sourceReplyDeliveryMode was message_tool_only. Operators who opt into
messages.suppressToolErrors expect no tool-error noise in chat at all.
Add a config-gated early-return in the onToolResult dispatch path so the
visible progress delivery is dropped too, matching the warning-text policy.
No-op unless messages.suppressToolErrors is true. Folds the mac-mini deploy
hotfix into the tracked branch.
(cherry picked from commit a973410e6d3ddbbaa4c3fb308ad4247274a9633a)
Co-authored-by: amittell <mittell@me.com>
* fix(reload): cancel deferred channel reload on restart
Fixes #79487
* fix: restore main lint after timer repairs
Preserve the Tailscale timeout cleanup from #98134 and the Feishu TDZ fix from #98137 while satisfying the repository lint rules.
Credit: @zhangLei99586 authored both underlying fixes.
Co-authored-by: Peter Steinberger <58493+steipete@users.noreply.github.com>
Co-authored-by: zhangLei99586 <zhang.lei162@xydigit.com>
* fix(slack): guard relay frame parsing
* fix(slack): guard relay WebSocket frame JSON.parse against malformed input
Slack Socket Mode relay receives WebSocket frames from external
infrastructure. parseRelayFrame() used bare JSON.parse() which would
throw raw SyntaxError on malformed frames, potentially crashing the
relay connection.
Wrap JSON.parse in try/catch and throw SlackRelayMalformedFrameError
with the original SyntaxError as cause, so callers can distinguish
transport errors from parse errors.
D4 dimension — all competitors have zero coverage.
Signed-off-by: lsr911 <liao.shirong@xydigit.com>
* fix(slack): repair relay frame guard tests
---------
Signed-off-by: lsr911 <liao.shirong@xydigit.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
* fix(memory-core): skip qmd zero-hit search sync
* fix(transcripts): close stream on parse failure
* fix(cli): show exit code when plugin npm install returns empty output (#98497)
* fix(cli): show exit code when npm install returns empty output
installPackageDir previously produced 'npm install failed:' with an empty
suffix when npm exited non-zero without writing to stdout or stderr. Users
running 'openclaw plugins install @openclaw/acpx' saw only that empty line
followed by the misleading hook-pack fallback error, leaving nothing
actionable in the output.
Add a small helper that keeps npm's own output when it exists but falls
back to reporting the exit code, signal, and termination reason when both
streams are empty. Regression tests cover the empty-output exit case and
the signal-terminated case; the existing stderr surfacing test still
passes unchanged.
Refs #98484
* fix(cli): narrow npm install failure diagnostics
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
* feat(apple): add Russian and Hindi app catalogs
* feat(apple): localize native app surfaces
* style(apple): format localized share extension
* feat(apple): complete core locale coverage
* test(apple): enforce phased catalog coverage
* fix(macos): package localized app resources
* fix(macos): compile packaged localizations
* fix(apple): preserve localized static labels
* fix: restore tooling CI after transcript test addition (#98610)
* test: update transcript helper routing expectation
* test: update transcript helper routing expectation
---------
Co-authored-by: Peter Steinberger <58493+steipete@users.noreply.github.com>
* fix(subagent): preserve steered task text on restart redispatch
Squashed from PR #77539 after maintainer CI repair.
* feat(i18n): refresh native locale artifacts
* feat(i18n): refresh every native locale
* fix(ci): commit first native locale artifacts
* docs(i18n): clarify native artifact ownership
* fix(i18n): validate native translation structure
* fix(ci): restrict native locale refresh dispatch
* fix(i18n): validate Kotlin and Swift placeholders
* fix(i18n): cover all native source roots
* fix(i18n): guard native refresh inputs
* test(i18n): prove native refresh creation and no-op
* test(ci): guard native locale refresh retries
* fix(i18n): allow locale placeholder reordering
* fix(i18n): validate native refresh inputs
* fix(i18n): name Swedish in translation prompts
* fix(i18n): preserve native printf placeholders
* fix(ci): refresh native locales for glossary changes
* test(i18n): use shared temp directory helper…
Summary
core/doctor/device-pairingfindingsdoctor --lintbehavior is unchanged unless operators use--allor explicit--onlyPublic contract
No public SDK, plugin manifest, config schema, CLI flag, or persisted data-model contract changes.
Validation
PNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false node scripts/run-vitest.mjs run src/commands/doctor-device-pairing.test.ts src/flows/doctor-health-contributions.test.ts --reporter=verbose(63 tests across 2 shards)PNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false pnpm exec oxfmt --check --threads=1 src/commands/doctor-device-pairing.ts src/commands/doctor-device-pairing.test.ts src/flows/doctor-health-contributions.ts src/flows/doctor-health-contributions.test.tsPNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false node scripts/run-oxlint.mjs src/commands/doctor-device-pairing.ts src/commands/doctor-device-pairing.test.ts src/flows/doctor-health-contributions.ts src/flows/doctor-health-contributions.test.tsPNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false pnpm tsgo:corePNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false pnpm plugin-sdk:surface:checkPNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false pnpm plugin-sdk:check-exportsgit diff --check origin/main...HEADReal behavior proof
Behavior or issue addressed:
Expose the existing device-pairing Doctor diagnostics through explicit structured lint selection without changing broad
doctor --lintdefaults or probing Gateway from lint.Real environment tested:
Ubuntu 24.04 WSL root, source checkout at
eff0d3cdae1ddab01f5daf7546c245f78a2ebd91, isolated tempOPENCLAW_CONFIG_PATHandOPENCLAW_STATE_DIR, no live Gateway service required for the quiet-path lint proof.Exact steps or command run after this patch:
OPENCLAW_CONFIG_PATH=<temp>/openclaw.json OPENCLAW_STATE_DIR=<temp>/state PNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false pnpm openclaw doctor --lint --json --only core/doctor/device-pairingOPENCLAW_CONFIG_PATH=<temp>/openclaw.json OPENCLAW_STATE_DIR=<temp>/state PNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false pnpm openclaw doctor --lint --jsonEvidence after fix:
{ "onlyExit": 0, "onlyChecksRun": 1, "onlyChecksSkipped": 35, "onlyDeviceFindings": 0, "defaultExit": 1, "defaultDeviceFindings": 0 }Observed result after fix:
Explicit
--only core/doctor/device-pairingruns the new structured check and exits cleanly against isolated quiet state. Broad default lint still emits nocore/doctor/device-pairingfindings, preserving the default-disabled contract.What was not tested:
No live Gateway pairing service was exercised in this refresh; existing focused tests cover pending scope upgrades, corrupt local pairing state, stale cached device tokens, sanitization, and structured conversion.