24dc91c6ef
ci add time-gated boundary inventory jobs
2026-03-17 22:53:12 -05:00
5a2a4abc12
CI: add built plugin singleton smoke ( #48710 )
2026-03-17 15:17:41 -05:00
df76e0f44b
test: harden CI-sensitive test suites
2026-03-17 16:21:57 +00:00
f036ed27f4
CI: guard gateway watch against duplicate runtime regressions ( #49048 )
2026-03-17 10:55:55 -04:00
7cd0acf8af
CI: rename startup memory smoke ( #49041 )
2026-03-17 09:53:51 -05:00
916db21fe5
fix(ci): harden zizmor workflow diffing
2026-03-17 08:08:33 +00:00
527a1919ea
fix(ci): quote changed extension matrix input
2026-03-17 08:04:47 +00:00
8b2f0cbb6c
CI: run global contract lane
2026-03-16 17:59:39 -07:00
313e5bb58b
Fix launcher startup regressions ( #48501 )
...
* Fix launcher startup regressions
* Fix CI follow-up regressions
* Fix review follow-ups
* Fix workflow audit shell inputs
* Handle require resolve gaxios misses
2026-03-16 17:21:18 -05:00
5336c4e945
CI: add changed extension test lane
2026-03-16 02:29:46 -07:00
c0e0115b31
CI: add CLI startup memory regression check
2026-03-15 17:42:48 -07:00
cbec476b6b
Docs: add config drift baseline statefile ( #45891 )
...
* Docs: add config drift statefile generator
* Docs: generate config drift baseline
* CI: move config docs drift runner into workflow sanity
* Docs: emit config drift baseline json
* Docs: commit config drift baseline json
* Docs: wire config baseline into release checks
* Config: fix baseline drift walker coverage
* Docs: regenerate config drift baselines
2026-03-14 14:23:30 -07:00
d33f3f843a
ci: allow fallback npm correction tags ( #46486 )
2026-03-14 19:38:14 +01:00
ac29edf6c3
fix(ci): update vitest configs after channel move to extensions/ (openclaw#46066)
...
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: scoootscooob <167050519+scoootscooob@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-14 13:23:25 -05:00
62afc4b514
ci: add manual backfill support to Docker release ( #46269 )
...
* ci: add docker release backfill workflow
* ci: add manual backfill support to docker release
* ci: keep docker latest tags off manual backfills
2026-03-14 16:36:20 +01:00
b5ba2101c7
ci: move Docker release to GitHub-hosted runners ( #46247 )
...
* ci: move docker release to GitHub-hosted runners
* ci: annotate docker release runner guardrails
2026-03-14 15:54:06 +01:00
c08317203d
ci: enforce calver freshness on npm publish
2026-03-14 13:45:40 +01:00
00891dee90
ci: switch npm release workflow to trusted publishing
2026-03-14 13:45:40 +01:00
02a86da23a
ci: preserve manual npm release approval delays
2026-03-14 13:45:40 +01:00
2eea93982f
ci: make npm release preview more verbose
2026-03-14 13:45:40 +01:00
78d2bfc4d8
ci: add dry-run gate to npm release workflow
2026-03-14 13:45:40 +01:00
bc3319207c
ci: add npm token fallback for npm releases
2026-03-14 05:08:19 +00:00
5c07207dd1
ci: trim PR critical path
2026-03-13 20:38:24 +00:00
d17490ff54
ci: speed up scoped workflow lanes
2026-03-13 19:53:40 +00:00
9b5000057e
ci: remove Android Node 20 action warnings
2026-03-13 17:41:58 +00:00
6a812b621d
ci: modernize GitHub Actions workflow versions
2026-03-13 16:57:23 +00:00
966653e174
ci: suppress expected zizmor pull_request_target findings
2026-03-13 16:48:34 +00:00
41718404a1
ci: opt workflows into Node 24 action runtime
2026-03-13 16:41:22 +00:00
9f08af1f06
fix(ci): harden docker builds and unblock config docs
2026-03-12 16:45:29 +00:00
797b6fe614
ci: tighten cache docs and node22 gate
2026-03-12 20:07:44 +05:30
deada7edd3
build: default to Node 24 and keep Node 22 compat
2026-03-12 20:07:44 +05:30
b16ee34c34
fix(ci): auto-close and lock r: spam items
2026-03-10 15:58:24 -05:00
23cd997526
fix: make install smoke docker-driver safe
2026-03-10 20:02:26 +00:00
8ba1b6eff1
ci: add npm release workflow and CalVer checks ( #42414 ) (thanks @onutc)
2026-03-10 20:09:25 +01:00
936607ca22
ci: drop detect-secrets check
2026-03-10 20:35:23 +05:30
5296147c20
CI: select Swift 6.2 toolchain for CodeQL ( #41787 )
...
Merged via squash.
Prepared head SHA: 8abc6c1657
2026-03-10 01:22:41 -05:00
93c44e3dad
ci: drop gha cache from docker release ( #41692 )
2026-03-10 09:14:57 +05:30
1720174757
fix: auto-close no-ci PR label and document triage labels
2026-03-09 21:30:47 -05:00
6d5e142b93
Docker: improve build cache reuse ( #40351 )
...
* Docker: improve build cache reuse
* Tests: cover Docker build cache layout
* Docker: fix sandbox cache mount continuations
* Docker: document qr-import manifest scope
* Docker: narrow e2e install inputs
* CI: cache Docker builds in workflows
* CI: route sandbox smoke through setup script
* CI: keep sandbox smoke on script path
2026-03-08 17:57:46 -07:00
dadd7f99cd
fix(ci): scope secrets scan to branch changes
2026-03-08 22:21:49 +02:00
bdf9739e59
Add too-many-prs override label handling
2026-03-08 13:13:53 -05:00
b6520d7172
CI: scope CodeQL JavaScript analysis
2026-03-08 10:29:56 -07:00
c6ff137a6f
CI: make CodeQL manual only
2026-03-07 18:23:21 -08:00
1e3daa6373
CI: fix CodeQL concurrency
2026-03-07 18:20:32 -08:00
31564bed1d
CI: fix CodeQL manual builds
2026-03-07 18:18:53 -08:00
b2f8f5e4dd
CI: add CodeQL workflow
2026-03-07 18:15:06 -08:00
d5803cc4ee
CI: remove Knip dead-code report job
2026-03-07 15:58:01 -08:00
07cccfc926
CI: drop duplicate strict smoke build check
2026-03-07 15:58:01 -08:00
499c1ee6e3
reduce image size, offer slim image ( #38479 )
...
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 14:26:29 -05:00
912f7a5525
CI: enable Windows pnpm side-effects cache
2026-03-07 10:11:52 -08:00
de7848e227
CI: cache Python and Windows pnpm stores
2026-03-07 10:11:51 -08:00
14c61bb33f
fix(ci): re-enable detect-secrets on main
2026-03-07 16:09:12 +05:30
91494b2596
fix: repair auto-response workflow YAML
2026-03-06 16:24:50 -06:00
c301c5d083
fix: add no-ci-pr auto-response label
2026-03-06 15:53:59 -06:00
b17baca871
CI: enable report-only Knip deadcode job
2026-03-06 15:15:16 -05:00
9c55299a82
CI: skip detect-secrets on main temporarily
2026-03-06 15:00:46 -05:00
82eebc905d
Install Smoke: fetch docs base on demand
2026-03-06 14:45:37 -05:00
9c464c274c
CI: fetch base history on demand
2026-03-06 14:45:34 -05:00
66112980aa
CI: keep full secret scans on main
2026-03-06 14:41:20 -05:00
ec3df0dd8f
CI: scope secret scans to changed files
2026-03-06 14:34:46 -05:00
5e05a9cb79
Install Smoke: cache docker smoke builds
2026-03-06 14:23:04 -05:00
afdbc472a4
Install Smoke: shallow docs-scope checkout
2026-03-06 14:15:15 -05:00
067ec4f0f9
CI: shallow scope checkouts
2026-03-06 14:15:15 -05:00
9a1a63a667
chore: disable contributor labels
2026-03-06 12:37:14 -06:00
3e967cbc22
fix: add stale workflow fallback run
2026-03-06 12:15:28 -06:00
b782538743
fix: tune stale workflow limits
2026-03-06 12:08:53 -06:00
e3390bfb70
CI: add Barnacle r: too-many-prs guard
...
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 11:37:00 -06:00
57f19f0d5c
container builds: opt-in extension deps via OPENCLAW_EXTENSIONS build arg ( #32223 )
...
* Docker: opt-in extension deps via OPENCLAW_EXTENSIONS build arg
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: sallyom <somalley@redhat.com>
* CI: clarify extension smoke scope
* Tests: allow digest-pinned multi-stage FROM lines
* Changelog: note container extension preinstall option
---------
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 12:18:42 -05:00
6a9deb21b8
CI: cover skill and extension tests
2026-03-06 11:21:03 -05:00
9917a3fb77
CI: run changed-scope on main pushes
2026-03-06 10:51:32 -05:00
a820c63912
CI: drop unused install-smoke bootstrap
2026-03-06 10:40:41 -05:00
2a888c5703
ci: enable stale workflow
2026-03-02 23:21:34 -06:00
d45aa68ae8
CI: disable flaky sticky disk mount for Windows pnpm setup
2026-03-02 20:34:10 -08:00
be5de30de5
CI: start push test lanes earlier and drop check gating
2026-03-02 20:29:06 -08:00
a5a6952bf2
CI: reduce critical path for check build and windows jobs
2026-03-02 20:11:28 -08:00
5ef04d2822
CI: speed up Windows dependency warmup
2026-03-02 20:11:12 -08:00
a951ecdd7b
CI: shard Windows tests into sixths and skip cache restore
2026-03-02 19:54:52 -08:00
99a48aad08
CI: increase checks-windows test shards to 4
2026-03-02 19:32:46 -08:00
8b80848ae9
CI: increase checks-windows test shards to 3
2026-03-02 19:31:27 -08:00
153a4f55db
CI: reduce pre-test Windows setup latency
2026-03-02 19:30:29 -08:00
2c6616b830
CI: gate Windows checks by windows-relevant scope ( #32456 )
...
* CI: add windows scope output for changed-scope
* Test: cover windows scope gating in changed-scope
* CI: gate checks-windows by windows scope
* Docs: update CI windows scope and runner label
* CI: move checks-windows to 32 vCPU runner
* Docs: align CI windows runner with workflow
2026-03-02 19:10:58 -08:00
f2c37e543e
CI: optimize Windows lane by splitting bundle and dropping duplicate lanes
2026-03-02 18:58:43 -08:00
806803b7ef
feat(secrets): expand SecretRef coverage across user-supplied credentials ( #29580 )
...
* feat(secrets): expand secret target coverage and gateway tooling
* docs(secrets): align gateway and CLI secret docs
* chore(protocol): regenerate swift gateway models for secrets methods
* fix(config): restore talk apiKey fallback and stabilize runner test
* ci(windows): reduce test worker count for shard stability
* ci(windows): raise node heap for test shard stability
* test(feishu): make proxy env precedence assertion windows-safe
* fix(gateway): resolve auth password SecretInput refs for clients
* fix(gateway): resolve remote SecretInput credentials for clients
* fix(secrets): skip inactive refs in command snapshot assignments
* fix(secrets): scope gateway.remote refs to effective auth surfaces
* fix(secrets): ignore memory defaults when enabled agents disable search
* fix(secrets): honor Google Chat serviceAccountRef inheritance
* fix(secrets): address tsgo errors in command and gateway collectors
* fix(secrets): avoid auth-store load in providers-only configure
* fix(gateway): defer local password ref resolution by precedence
* fix(secrets): gate telegram webhook secret refs by webhook mode
* fix(secrets): gate slack signing secret refs to http mode
* fix(secrets): skip telegram botToken refs when tokenFile is set
* fix(secrets): gate discord pluralkit refs by enabled flag
* fix(secrets): gate discord voice tts refs by voice enabled
* test(secrets): make runtime fixture modes explicit
* fix(cli): resolve local qr password secret refs
* fix(cli): fail when gateway leaves command refs unresolved
* fix(gateway): fail when local password SecretRef is unresolved
* fix(gateway): fail when required remote SecretRefs are unresolved
* fix(gateway): resolve local password refs only when password can win
* fix(cli): skip local password SecretRef resolution on qr token override
* test(gateway): cast SecretRef fixtures to OpenClawConfig
* test(secrets): activate mode-gated targets in runtime coverage fixture
* fix(cron): support SecretInput webhook tokens safely
* fix(bluebubbles): support SecretInput passwords across config paths
* fix(msteams): make appPassword SecretInput-safe in onboarding/token paths
* fix(bluebubbles): align SecretInput schema helper typing
* fix(cli): clarify secrets.resolve version-skew errors
* refactor(secrets): return structured inactive paths from secrets.resolve
* refactor(gateway): type onboarding secret writes as SecretInput
* chore(protocol): regenerate swift models for secrets.resolve
* feat(secrets): expand extension credential secretref support
* fix(secrets): gate web-search refs by active provider
* fix(onboarding): detect SecretRef credentials in extension status
* fix(onboarding): allow keeping existing ref in secret prompt
* fix(onboarding): resolve gateway password SecretRefs for probe and tui
* fix(onboarding): honor secret-input-mode for local gateway auth
* fix(acp): resolve gateway SecretInput credentials
* fix(secrets): gate gateway.remote refs to remote surfaces
* test(secrets): cover pattern matching and inactive array refs
* docs(secrets): clarify secrets.resolve and remote active surfaces
* fix(bluebubbles): keep existing SecretRef during onboarding
* fix(tests): resolve CI type errors in new SecretRef coverage
* fix(extensions): replace raw fetch with SSRF-guarded fetch
* test(secrets): mark gateway remote targets active in runtime coverage
* test(infra): normalize home-prefix expectation across platforms
* fix(cli): only resolve local qr password refs in password mode
* test(cli): cover local qr token mode with unresolved password ref
* docs(cli): clarify local qr password ref resolution behavior
* refactor(extensions): reuse sdk SecretInput helpers
* fix(wizard): resolve onboarding env-template secrets before plaintext
* fix(cli): surface secrets.resolve diagnostics in memory and qr
* test(secrets): repair post-rebase runtime and fixtures
* fix(gateway): skip remote password ref resolution when token wins
* fix(secrets): treat tailscale remote gateway refs as active
* fix(gateway): allow remote password fallback when token ref is unresolved
* fix(gateway): ignore stale local password refs for none and trusted-proxy
* fix(gateway): skip remote secret ref resolution on local call paths
* test(cli): cover qr remote tailscale secret ref resolution
* fix(secrets): align gateway password active-surface with auth inference
* fix(cli): resolve inferred local gateway password refs in qr
* fix(gateway): prefer resolvable remote password over token ref pre-resolution
* test(gateway): cover none and trusted-proxy stale password refs
* docs(secrets): sync qr and gateway active-surface behavior
* fix: restore stability blockers from pre-release audit
* Secrets: fix collector/runtime precedence contradictions
* docs: align secrets and web credential docs
* fix(rebase): resolve integration regressions after main rebase
* fix(node-host): resolve gateway secret refs for auth
* fix(secrets): harden secretinput runtime readers
* gateway: skip inactive auth secretref resolution
* cli: avoid gateway preflight for inactive secret refs
* extensions: allow unresolved refs in onboarding status
* tests: fix qr-cli module mock hoist ordering
* Security: align audit checks with SecretInput resolution
* Gateway: resolve local-mode remote fallback secret refs
* Node host: avoid resolving inactive password secret refs
* Secrets runtime: mark Slack appToken inactive for HTTP mode
* secrets: keep inactive gateway remote refs non-blocking
* cli: include agent memory secret targets in runtime resolution
* docs(secrets): sync docs with active-surface and web search behavior
* fix(secrets): keep telegram top-level token refs active for blank account tokens
* fix(daemon): resolve gateway password secret refs for probe auth
* fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled
* fix(secrets): align token inheritance and exec timeout defaults
* docs(secrets): clarify active-surface notes in cli docs
* cli: require secrets.resolve gateway capability
* gateway: log auth secret surface diagnostics
* secrets: remove dead provider resolver module
* fix(secrets): restore gateway auth precedence and fallback resolution
* fix(tests): align plugin runtime mock typings
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-03-03 02:58:20 +00:00
24fd6c8278
CI: use Blacksmith docker builder in sandbox smoke
2026-03-02 18:48:18 -08:00
5cffbbda32
CI: use Blacksmith docker builder in install smoke
2026-03-02 18:48:18 -08:00
85d17fd429
CI: migrate docker release build cache to Blacksmith
2026-03-02 18:48:18 -08:00
96d56a9721
CI: enable sticky-disk pnpm cache on Linux CI jobs
2026-03-02 18:48:18 -08:00
6bf1abf603
ci: use valid Blacksmith Windows runner label
2026-03-03 02:47:06 +00:00
40f2e2b8a6
ci: scale Windows CI runner and test workers
2026-03-03 02:42:32 +00:00
59567a8c5d
ci: move changed-scope logic into tested script
2026-03-03 02:37:23 +00:00
0fd77c9856
refactor: modularize plugin runtime and test hooks
2026-03-03 02:06:58 +00:00
1a42ea3abf
fix(auto-reply): normalize block-reply callback to Promise for timeout path ( #31200 )
...
* Auto-reply: wrap block reply callback in Promise.resolve for timeout safety
* Build: add strict smoke build script for CI regression gating
* CI: gate strict TS smoke build in check workflow
* docs(changelog): add auto-reply block reply timeout fix under Unreleased
* docs(changelog): credit original #19779 contributor and vincentkoc
2026-03-01 19:23:38 -08:00
030565b18c
Docker: add OCI base-image labels and document base-image metadata ( #31196 )
...
* Docker: add OCI base image labels
* Docs(Docker): document base image metadata context
* Changelog: note Docker base annotation docs update
* Changelog: add author credit for Docker base annotations
* Update docker.md
* Docker: add OCI source and docs labels
* CI(Docker): publish OCI revision/version labels
* Docs(Docker): list OCI image annotations
* Changelog: expand OCI annotation coverage note
* Docker: set OCI license annotation to MIT
* Docs(Docker): align OCI license annotation to MIT
* Docker: note docs sync path for OCI annotations
* Docker: normalize OCI label block indentation
2026-03-01 19:22:44 -08:00
94a5d28d26
CI: remove Vitest JSON report artifacts ( #30976 )
...
* CI: remove vitest JSON report upload steps
* Tests: stop injecting vitest JSON reporter
* Tests: remove vitest slowest report script
2026-03-01 13:03:06 -08:00
ff563eef0f
Issues: unify bug form and subtype auto-labeling (openclaw#30733) thanks @Takhoffman
...
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-01 09:20:57 -06:00
54c46b7c8c
temp disable stale workflow to help with ratelimits
2026-02-28 22:51:34 -06:00
3685ccb536
chore: lock inactive closed issues
2026-02-28 20:48:02 -06:00
a5b1e86535
chore: add fallback GitHub App token
2026-02-27 22:49:58 -06:00
645791c35e
ci: add timeout for windows checks job
2026-02-27 16:20:02 +00:00
e8e673992a
CI: smoke test root Dockerfile openclaw CLI ( #28308 )
2026-02-26 23:54:17 -05:00
Tak Hoffman
Peter Steinberger
Harold Hunt
Vincent Koc
Onur
scoootscooob
Altay
Shadow
Ayaan Zaidi
Val Alexander
Ayaan Zaidi
Nimrod Gutman
Sally O'Malley
Josh Avant