fix: remediate v2026.3.1 and v2026.3.2 sync regressions#2191
Merged
alexey-pelykh merged 1 commit intomainfrom Apr 10, 2026
Merged
fix: remediate v2026.3.1 and v2026.3.2 sync regressions#2191alexey-pelykh merged 1 commit intomainfrom
alexey-pelykh merged 1 commit intomainfrom
Conversation
2b1c998 to
d1cd434
Compare
This was referenced Apr 10, 2026
3e2abc6 to
952e009
Compare
Systematic audit of 1,561 files found 35 regressions where fork-specific code was silently replaced by upstream equivalents during DIFF-SYNC B3 (v2026.3.1) and B4 (v2026.3.2). All fixed by restoring from correct pre-regression states on the current DIFF-SYNC lineage. CRITICAL: - agent.ts: restore ChannelBridge (remove Pi-embedded runEmbeddedPiAgent) - followup-runner.ts: restore ChannelBridge.handle() (was no-op stub) - sessions.ts: restore fork subagent handlers, remove Pi-embedded imports - acp/client.ts: restrict SAFE_AUTO_APPROVE_TOOL_IDS to ["search"] - Config schemas: restore editableFiles and boot.file fields HIGH: - DELETE src/agents/pi-embedded.ts stub + eliminate all pi-embedded imports - compat/legacy-names.ts: PROJECT_NAME "openclaw" -> "remoteclaw" - Rebuild hook + plugin test fixtures with remoteclaw manifest key - Restore 12 command/infra files from pre-B3 MEDIUM: - Delete 5 re-introduced skills UI files + strip skills from UI files - Restore commands-registry.data.ts (/remoteclaw, re-gut 12 commands) - Fix URL domain: docs.remoteclaw.ai -> docs.remoteclaw.org - Remove re-introduced SecretRef in gateway - Android gradle: CalVer 2026.3.2 -> semver 0.1.0 - Wire toolContext fallback for channel resolution LOW: - Restore fork branding, test coverage - Adapt tests semantically to match restored production code Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
952e009 to
5c17354
Compare
This was referenced Apr 10, 2026
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…te-runner from v2026.3.1/v2026.3.2 (#2207) Re-applies upstream improvements lost during PR #2191 wholesale restoration: message-action-runner.ts: - Extract 45-line inline target/channel inference to normalizeMessageActionInput() - Add toolContext fallback source handling in resolveChannel - Remove unused imports (applyTargetToParams, actionHasTarget, etc.) update-runner.ts: - Add git-based self-update mode with preflight worktree validation - Add globalInstallFallbackArgs for install error resilience - Use resolveStableNodePath for doctor invocation - Delegate tag normalization to normalizePackageTagInput - Add runStep helper for consistent step tracking - Add UI assets health verification post-doctor Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…26.3.2 (#2205) Re-apply upstream performance and feature improvements that were discarded during PR #2191 wholesale restoration: Performance: - DeferredResult<T> pattern for parallelizing async operations - scanStatusJsonFast dedicated fast path for --json mode - Parallelized tailscale, update, agent, and summary probes - Security audit runs in parallel with scan in JSON mode Features: - lookupContextTokens resolves per-model context windows (fixes hardcoded 200K for non-200K models) - Configured model display replaces "unknown" in status summary - installKind/gitTag/gitBranch in update channel display - formatGitInstallLabel row in status overview - bootstrapPendingCount in agents display - thinking/reasoning/elevated level flags in session data - config passthrough in getStatusSummary avoids redundant loadConfig Code quality: - resolveGatewayProbeSnapshot DRY extraction - resolveChannelsStatus DRY extraction - groupChannelIssuesByChannel replaces inline IIFE - resolveSessionStoreTargetsOrExit replaces try/catch pattern Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
5 tasks
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…te-runner from v2026.3.1/v2026.3.2 (#2207) (#2252) Re-applies upstream improvements lost during PR #2191 wholesale restoration: message-action-runner.ts: - Extract 45-line inline target/channel inference to normalizeMessageActionInput() - Add toolContext fallback source handling in resolveChannel - Remove unused imports (applyTargetToParams, actionHasTarget, etc.) update-runner.ts: - Add git-based self-update mode with preflight worktree validation - Add globalInstallFallbackArgs for install error resilience - Use resolveStableNodePath for doctor invocation - Delegate tag normalization to normalizePackageTagInput - Add runStep helper for consistent step tracking - Add UI assets health verification post-doctor Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
#2201) PR #2191 wholesale-restored 20 files from pre-v2026.3.1, discarding legitimate upstream security improvements. Re-apply 3 of 4 findings (finding #1 was already present): - acp/client.ts: scoped read-tool auto-approval — auto-approves `read` calls only when target path is within cwd, preventing unrestricted filesystem access. Adds `web_search` to safe auto-approve set. Excludes `memory_search` (gutted subsystem). - doctor-config-flow.ts: allowlist policy detection + repair — `detectEmptyAllowlistPolicy` warns when empty allowlists silently block all DMs/group messages. `maybeRepairAllowlistPolicyAllowFrom` auto-recovers from pairing store. - config/defaults.ts: replace naive string-based API key check with `hasConfiguredSecretInput()` to properly handle secret references (`$ENV_VAR`, `op://vault/item`). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…26.3.2 (#2205) (#2253) Re-apply upstream performance and feature improvements that were discarded during PR #2191 wholesale restoration: Performance: - DeferredResult<T> pattern for parallelizing async operations - scanStatusJsonFast dedicated fast path for --json mode - Parallelized tailscale, update, agent, and summary probes - Security audit runs in parallel with scan in JSON mode Features: - lookupContextTokens resolves per-model context windows (fixes hardcoded 200K for non-200K models) - Configured model display replaces "unknown" in status summary - installKind/gitTag/gitBranch in update channel display - formatGitInstallLabel row in status overview - bootstrapPendingCount in agents display - thinking/reasoning/elevated level flags in session data - config passthrough in getStatusSummary avoids redundant loadConfig Code quality: - resolveGatewayProbeSnapshot DRY extraction - resolveChannelsStatus DRY extraction - groupChannelIssuesByChannel replaces inline IIFE - resolveSessionStoreTargetsOrExit replaces try/catch pattern Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
7 tasks
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
#2201) (#2254) PR #2191 wholesale-restored 20 files from pre-v2026.3.1, discarding legitimate upstream security improvements. Re-apply 3 of 4 findings (finding #1 was already present): - acp/client.ts: scoped read-tool auto-approval — auto-approves `read` calls only when target path is within cwd, preventing unrestricted filesystem access. Adds `web_search` to safe auto-approve set. Excludes `memory_search` (gutted subsystem). - doctor-config-flow.ts: allowlist policy detection + repair — `detectEmptyAllowlistPolicy` warns when empty allowlists silently block all DMs/group messages. `maybeRepairAllowlistPolicyAllowFrom` auto-recovers from pairing store. - config/defaults.ts: replace naive string-based API key check with `hasConfiguredSecretInput()` to properly handle secret references (`$ENV_VAR`, `op://vault/item`). Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…v2026.3.1/v2026.3.2 (#2204) Re-apply ~400 LoC of upstream diagnostic and repair features lost during PR #2191 wholesale restoration. All dependency modules exist in the fork. Feature groups re-applied: 1. noteOpencodeProviderOverrides — replace no-op stub with real implementation detecting OpenCode Zen provider overrides 2. collectMissingDefaultAccountBindingWarnings — new channel-layer diagnostic warning when accounts lack default/binding coverage 3. Exec safe-bin profile scaffolding — 3 types + 6 functions (normalizeConfiguredSafeBins, collectExecSafeBinScopes, scanExecSafeBinCoverage, scanExecSafeBinTrustedDirHints, maybeRepairExecSafeBinProfiles, normalizeConfiguredTrustedSafeBinDirs) 4. "Legacy" to "Compatibility" terminology rename (3 occurrences) 5. formatConfigIssueLines usage from dedicated issue-format module 6. Supporting imports (isRecord, formatConfigIssueLines, exec-safe-bin modules) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
6 tasks
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…v2026.3.1/v2026.3.2 (#2204) (#2256) Re-apply ~400 LoC of upstream diagnostic and repair features lost during PR #2191 wholesale restoration. All dependency modules exist in the fork. Feature groups re-applied: 1. noteOpencodeProviderOverrides — replace no-op stub with real implementation detecting OpenCode Zen provider overrides 2. collectMissingDefaultAccountBindingWarnings — new channel-layer diagnostic warning when accounts lack default/binding coverage 3. Exec safe-bin profile scaffolding — 3 types + 6 functions (normalizeConfiguredSafeBins, collectExecSafeBinScopes, scanExecSafeBinCoverage, scanExecSafeBinTrustedDirHints, maybeRepairExecSafeBinProfiles, normalizeConfiguredTrustedSafeBinDirs) 4. "Legacy" to "Compatibility" terminology rename (3 occurrences) 5. formatConfigIssueLines usage from dedicated issue-format module 6. Supporting imports (isRecord, formatConfigIssueLines, exec-safe-bin modules) Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…3.1 (#2206) Re-apply upstream heartbeat protocol improvements that were lost during PR #2191 wholesale restoration of heartbeat-runner.ts. Changes re-applied: - ackMaxChars configuration — configurable max chars for heartbeat ack responses, preventing verbose acks from flooding channels - HEARTBEAT.md file gating — skip heartbeat when file is effectively empty, with bypass for exec/cron/wake events and ENOENT handling - HEARTBEAT_TOKEN structured protocol — heartbeat OK uses structured token instead of raw text, paired with stripHeartbeatToken extraction - buildOutboundSessionContext — session-aware outbound delivery for heartbeat-originated messages - Exec fallback text — better exec-completion handling when token stripping empties the response - HeartbeatSkipReason type — typed skip reasons for heartbeat skip reporting - stripLeadingHeartbeatResponsePrefix — regex boundary fix preventing short prefixes like "Hi" from stripping words like "History" Intentionally NOT re-applied (gutted subsystem code): - bootstrapContextMode / lightContext (Pi bootstrap) - includeReasoning / resolveHeartbeatReasoningPayloads (Pi reasoning) - resolveHeartbeatPrompt signature change (deferred to #2194) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
6 tasks
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…improvements (#2208) Re-apply 5 upstream improvements from v2026.3.1/v2026.3.2 that were lost during PR #2191 wholesale file restoration: - doctor.ts: import + call noteStartupOptimizationHints() - doctor.ts: import + call noteOpenAIOAuthTlsPrerequisites() - routes.ts: conditional loadPlugins for health --json — skip plugin preload when JSON output requested - acp/client.ts: wire resolveAcpClientSpawnInvocation into createAcpClient — enables Windows .cmd shim handling and windowsHide - doctor-legacy-config.ts: replace inline Slack migration messages with shared formatSlackStream*() formatters from discord-preview-streaming.ts Skipped (already present or not in upstream B3/B4 diffs): - config/defaults.ts cacheRetention: "short" — already in current code - sessions.ts CONTROL_UI filter — not present in upstream B3/B4 commits Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merged
5 tasks
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…3.1 (#2206) (#2257) Re-apply upstream heartbeat protocol improvements that were lost during PR #2191 wholesale restoration of heartbeat-runner.ts. Changes re-applied: - ackMaxChars configuration — configurable max chars for heartbeat ack responses, preventing verbose acks from flooding channels - HEARTBEAT.md file gating — skip heartbeat when file is effectively empty, with bypass for exec/cron/wake events and ENOENT handling - HEARTBEAT_TOKEN structured protocol — heartbeat OK uses structured token instead of raw text, paired with stripHeartbeatToken extraction - buildOutboundSessionContext — session-aware outbound delivery for heartbeat-originated messages - Exec fallback text — better exec-completion handling when token stripping empties the response - HeartbeatSkipReason type — typed skip reasons for heartbeat skip reporting - stripLeadingHeartbeatResponsePrefix — regex boundary fix preventing short prefixes like "Hi" from stripping words like "History" Intentionally NOT re-applied (gutted subsystem code): - bootstrapContextMode / lightContext (Pi bootstrap) - includeReasoning / resolveHeartbeatReasoningPayloads (Pi reasoning) - resolveHeartbeatPrompt signature change (deferred to #2194) Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…/v2026.3.2 (#2203) Re-apply upstream improvements to src/commands/agent.ts that were lost during the PR #2191 wholesale restoration. Adapted for the fork's ChannelBridge dispatch architecture. Applied: - Subsystem logger: createSubsystemLogger("commands/agent") - mergeSessionEntry with OverrideFieldClearedByDelete tracking in persistSessionEntry — prevents concurrent session clobber - runAgentAttempt extraction — extracts bridge dispatch to standalone function with typed params - Session-expired retry flow — detects session_expired from bridge errors, clears stale CLI session, retries once - runBridgeWithSession closure — DRY for initial and retry dispatch Blocked (noted for tracking): - trigger: "user" field — SessionEntry has no trigger field; was a pi-embedded parameter in upstream Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merged
6 tasks
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…improvements (#2208) (#2258) Re-apply 5 upstream improvements from v2026.3.1/v2026.3.2 that were lost during PR #2191 wholesale file restoration: - doctor.ts: import + call noteStartupOptimizationHints() - doctor.ts: import + call noteOpenAIOAuthTlsPrerequisites() - routes.ts: conditional loadPlugins for health --json — skip plugin preload when JSON output requested - acp/client.ts: wire resolveAcpClientSpawnInvocation into createAcpClient — enables Windows .cmd shim handling and windowsHide - doctor-legacy-config.ts: replace inline Slack migration messages with shared formatSlackStream*() formatters from discord-preview-streaming.ts Skipped (already present or not in upstream B3/B4 diffs): - config/defaults.ts cacheRetention: "short" — already in current code - sessions.ts CONTROL_UI filter — not present in upstream B3/B4 commits Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alexey-pelykh
added a commit
that referenced
this pull request
Apr 10, 2026
…/v2026.3.2 (#2203) (#2259) Re-apply upstream improvements to src/commands/agent.ts that were lost during the PR #2191 wholesale restoration. Adapted for the fork's ChannelBridge dispatch architecture. Applied: - Subsystem logger: createSubsystemLogger("commands/agent") - mergeSessionEntry with OverrideFieldClearedByDelete tracking in persistSessionEntry — prevents concurrent session clobber - runAgentAttempt extraction — extracts bridge dispatch to standalone function with typed params - Session-expired retry flow — detects session_expired from bridge errors, clears stale CLI session, retries once - runBridgeWithSession closure — DRY for initial and retry dispatch Blocked (noted for tracking): - trigger: "user" field — SessionEntry has no trigger field; was a pi-embedded parameter in upstream Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Systematic audit of 1,561 files (pre-v2026.2.26 baseline vs HEAD) found 35 regressions where the v2026.3.1 and v2026.3.2 DIFF-SYNC batches silently replaced fork-specific code with upstream equivalents. All fixed by restoring from correct pre-regression states on the current DIFF-SYNC lineage.
128 files changed, +2,751/-10,163 lines.
CRITICAL fixes
src/commands/agent.ts: Restore ChannelBridge (remove Pi-embeddedrunEmbeddedPiAgent)src/auto-reply/reply/followup-runner.ts: Restore ChannelBridge.handle() (was no-op — followup queue broken)src/gateway/server-methods/sessions.ts: Restore fork subagent handlers, remove Pi-embedded/ACP importssrc/acp/client.ts: RestrictSAFE_AUTO_APPROVE_TOOL_IDSto["search"]onlyeditableFilesandboot.filefields (configs failed.strict()validation)HIGH fixes
src/agents/pi-embedded.tsstub + eliminate all 20 pi-embedded imports (tests now mock ChannelBridge)src/compat/legacy-names.ts:PROJECT_NAME = "remoteclaw"(was "openclaw" — hooks silently failed)remoteclawmanifest keyMEDIUM fixes
/remoteclaw, re-gut 12 commands)docs.remoteclaw.ai->docs.remoteclaw.org2026.3.2-> semver0.1.0LOW fixes
--runtime/--auth-tokentest coverageProcess improvements (applied to skills)
fork-syncPhase D.3 — zero new stubs allowed after build stabilizationfork-openclaw— 12 grep-verifiable checksTest plan
pnpm checkpasses (format + typecheck + lint + rebrand gate)remoteclaw.aiURLs in src/pi-embeddedimports (except 1 negative test assertion)SAFE_AUTO_APPROVE_TOOL_IDS = ["search"]onlyPROJECT_NAME = "remoteclaw"🤖 Generated with Claude Code