Commit graph

61 commits

Author SHA1 Message Date
Vincent Koc
ba7af36306
refactor(deadcode): localize script constants (#101892) 2026-07-07 15:17:41 -07:00
Vincent Koc
d563101a82
refactor(deadcode): localize test and tooling helpers (#101875) 2026-07-07 13:45:26 -07:00
Vincent Koc
56fe5d0459
fix(release): skip loader lifecycle scripts on Windows 2026-07-06 04:57:57 -07:00
Dallin Romney
e7b5946da0
refactor(scripts): share regexp literal escaping (#99778) 2026-07-03 20:20:28 -07:00
Vincent Koc
1d6cbbc428
fix(ci): support mac bash in ref resolver 2026-07-04 04:21:59 +02:00
Vincent Koc
94c7b5a874
fix(test): route release ref resolver 2026-06-21 17:27:29 +02:00
Vincent Koc
ba43be9424
refactor(github): share guard comment helpers 2026-06-20 06:10:37 +08:00
Vincent Koc
aa479ac7d8
refactor(github): share guard request helpers 2026-06-20 06:07:12 +08:00
Vincent Koc
0eed410bd0
refactor(tooling): remove unused cleanup helpers 2026-06-20 05:52:30 +08:00
Hannes Rudolph
4a0f497f16
improve: simplify PR context and evidence (#94676)
* improve: simplify PR context and evidence

* improve: decouple PR context from proof labels

* fix: satisfy PR context lint
2026-06-19 14:00:38 -06:00
Vincent Koc
afd9cb0c10
fix(github): cancel maintainer membership bodies 2026-06-19 08:02:41 +02:00
Vincent Koc
36bfe77db1
fix(github): bound guard response bodies 2026-06-19 05:47:19 +02:00
Vincent Koc
9f5c9b2e22
refactor(test): remove unused proof and channel helpers 2026-06-18 18:00:46 +08:00
joshavant
5d9c010628
ci: add security-sensitive file guard 2026-06-17 12:50:18 +02:00
Peter Steinberger
613a2835cb docs: document scoped script helpers 2026-06-04 23:57:22 -04:00
Vincent Koc
420450b5cb
fix(ci): timeout dependency guard GitHub requests 2026-06-01 22:59:55 +02:00
Dallin Romney
e3d24faecd
fix: allow admins to approve dependency guard (#88966)
* fix: allow admins to approve dependency guard

* fix: auto-bypass trusted dependency authors
2026-06-01 10:17:14 -07:00
Peter Steinberger
27dde7a4d6
chore(lint): enable stricter error rules 2026-06-01 01:12:21 +01:00
Peter Steinberger
304e2c83c0
chore(lint): enable stricter oxlint rules 2026-05-31 18:59:02 +01:00
Ted Li
1cab722fe0
fix(ci): ignore fenced headings in proof parser (#87390)
Harden real behavior proof parsing for fenced transcript Markdown. Ref #87341. Thanks @MonkeyLeeT.
2026-05-30 23:14:06 +01:00
Dallin Romney
29b32050c1
feat(ci): autoscrub dependency lockfile-only PR changes (#87796)
* ci: autoscrub dependency lockfile residue

* ci: harden dependency autoscrub commits

* ci: scope dependency autoscrub tokens

* ci: split autoscrub base reads

* ci: expand autoscrub proof comment
2026-05-29 19:37:16 -07:00
Vincent Koc
ecc5601b2a
fix(github): bound proof comment API bodies 2026-05-30 01:58:19 +02:00
Vincent Koc
ba55b3e360
refactor: share script bounded response helper 2026-05-29 20:54:29 +02:00
Vincent Koc
9ad3ed481f
fix(ci): cap dependency guard error bodies 2026-05-29 19:20:01 +02:00
Peter Steinberger
2209faef40
feat: improve cron create delivery ergonomics
Summary:
- Add Hermes-style schedule-first cron create parsing while preserving flagged create options.
- Support webhook create/edit delivery and clear stale webhook/chat delivery fields across mode changes.
- Update cron docs and schedule identity normalization tests.

Verification:
- pnpm test src/cron/schedule-identity.test.ts src/cli/cron-cli.test.ts src/cron/service.jobs.test.ts -- --reporter=verbose
- pnpm test src/cli/cron-cli.test.ts src/cron/service.jobs.test.ts -- --reporter=verbose
- pnpm check:test-types
- pnpm check:import-cycles
- pnpm check:docs
- pnpm check:changed via Crabbox run_8c44bcb158da, exit 0
- autoreview branch diff clean
2026-05-29 04:34:50 +01:00
Dallin Romney
e0aa820257
ci: rename dependency guard workflow (#87842) 2026-05-28 18:26:49 -07:00
Dallin Romney
c8f2bbf76d
ci: guard dependency graph PR changes (#87791) 2026-05-28 18:13:54 -07:00
Vincent Koc
4a8d89f8b5 fix(ci): bound real behavior proof API waits 2026-05-27 15:12:53 +02:00
Shadow
7671068daf
fix(ci): evaluate duplicate proof sections 2026-05-26 11:18:42 -05:00
Dallin Romney
6b52dff22d
fix(github): preserve sufficient proof against negative relabel (#85567) 2026-05-22 19:13:33 -07:00
clawsweeper[bot]
77a1b7625d
fix: preserve Google Gemini 3 cron thinking (#85300)
Summary:
- The branch adds a Google provider thinking-policy resolver and opt-in profile flag, updates shared thinking validation and cron/proof-policy tests, and adjusts ClawSweeper proof parsing.
- Reproducibility: yes. source-reproducible: current main applies the generic off-only profile before provider ... figured thinking through that resolver. I did not execute a live systemd cron run in this read-only review.

Automerge notes:
- PR branch already contained follow-up commit before automerge: fix: preserve Google Gemini 3 cron thinking

Validation:
- ClawSweeper review passed for head a6cd2e826e.
- Required merge gates passed before the squash merge.

Prepared head SHA: a6cd2e826e
Review: https://github.com/openclaw/openclaw/pull/85300#issuecomment-4517662575

Co-authored-by: Neerav Makwana <261249544+neeravmakwana@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com>
2026-05-22 11:21:57 +00:00
Tak Hoffman
9968db65db
fix(github): preserve clawsweeper proof labels (#83781) 2026-05-18 17:10:35 -05:00
Tak Hoffman
c92ebd6a41
fix(ci): preserve Barnacle proof labels (#83735)
* fix(ci): preserve sufficient proof override

* fix(ci): keep sufficient proof on label churn
2026-05-18 14:37:20 -05:00
Tak Hoffman
06a39015f2
fix(ci): authenticate proof verdict markers (#83692)
Summary:
- The branch restricts exact-head ClawSweeper proof markers to GitHub App-authored comments, adds read-only issue-comment token fallback for the proof workflow, and adds focused regression tests plus a changelog entry.
- Reproducibility: yes. Source inspection of current main shows any issue comment body with a matching `clawsw ...  SHA is accepted without author/App authentication; the PR adds focused negative tests for forged comments.

Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(ci): authenticate proof verdict markers

Validation:
- ClawSweeper review passed for head f4c375eaa7.
- Required merge gates passed before the squash merge.

Prepared head SHA: f4c375eaa7
Review: https://github.com/openclaw/openclaw/pull/83692#issuecomment-4479843682

Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com>
2026-05-18 17:42:10 +00:00
Tak Hoffman
e4fba78d81
fix(ci): honor exact-head proof verdicts (#83688) 2026-05-18 11:39:30 -05:00
Dallin Romney
cf194419c3
ci(proof): skip real-behavior-proof gate for private maintainers (#83418)
* ci(proof): trust maintainer label for private org members

Private organization memberships report author_association=CONTRIBUTOR
on PRs, so the real-behavior-proof gate currently demands proof from
maintainers whose membership is private. The labeler workflow already
applies the 'maintainer' label via the team-membership API (which sees
private members), so treat that label as an equivalent privileged
signal in evaluateRealBehaviorProof.

* ci(proof): drop noisy comments

* ci(proof): check maintainer team membership via GitHub App token

Replace the label-based private-maintainer skip with a direct
getMembershipForUserInOrg call using a minted GitHub App token, mirroring
the pattern labeler.yml already uses for the same lookup. Removes the
race against the labeler workflow and the implicit dependency on the
'maintainer' label having landed first.

The App-token steps are continue-on-error so the gate still runs (using
the existing author_association path) when the App key secrets are
absent or both mints fail.

* ci(proof): narrow App token to members:read

ClawSweeper review #83418: actions/create-github-app-token defaults to
the full installation permission set, but the proof gate only needs the
org-members read scope used by teams.getMembershipForUserInOrg. Set
permission-members: read on both the primary and fallback mint steps.

* docs(changelog): private maintainers skip the real-behavior-proof gate
2026-05-18 09:22:59 -07:00
Shadow
90ae151154
fix: prevent barnacle vetoing clawsweeper proof 2026-05-15 22:25:29 -05:00
rolandrscheel
e4cee2eb69
perf(gateway): cache session list resolver lookups
Refs #75839.\n\nRebases and lands the sessions.list resolver-cache fix from #77187 after maintainer conflict repair. The change keeps cache state scoped to a single sessions.list call and memoizes deterministic per-row resolver work for repeated provider/model tuples.\n\nVerification:\n- pnpm test src/gateway/session-utils.perf.test.ts src/gateway/session-utils.test.ts\n- pnpm exec oxfmt --check --threads=1 src/gateway/session-utils.ts src/gateway/session-utils.perf.test.ts scripts/github/real-behavior-proof-policy.mjs\n- git diff --check HEAD -- CHANGELOG.md scripts/github/real-behavior-proof-policy.mjs src/gateway/session-utils.perf.test.ts src/gateway/session-utils.ts\n- GitHub PR checks: 87 passing, CodeQL neutral, 21 skipped\n\nCo-authored-by: OpenClaw Agent <openclaw-agent@users.noreply.github.com>
2026-05-13 23:20:40 -05:00
Peter Steinberger
f6e2ad07ec
ci(release): normalize Windows loader npm paths 2026-05-10 02:14:00 +01:00
Patrick Erichsen
10f9a758b6
docs: add dedicated ClawHub docs tab (#79159)
* docs: add clawhub docs tab

* fix: satisfy docs sync lint

* docs: prune internal clawhub nav pages

* docs: include ClawHub publishing page in nav

* docs: use clawhub how-it-works route
2026-05-07 18:55:08 -07:00
Vincent Koc
0fca665497
docs(imessage): document bluebubbles deprecation 2026-05-07 13:12:00 -07:00
Peter Steinberger
cc9f88e6e6
ci: fix release cross-os loader path
Some checks are pending
CI / checks-node-compat-node22 (push) Blocked by required conditions
CI / -5 (push) Blocked by required conditions
CI / checks-node-core (push) Blocked by required conditions
CI / check-dependencies (push) Blocked by required conditions
CI / check-strict-smoke (push) Blocked by required conditions
CI / check-lint (push) Blocked by required conditions
CI / check-policy-guards (push) Blocked by required conditions
CI / check-preflight-guards (push) Blocked by required conditions
CI / check-prod-types (push) Blocked by required conditions
CI / check-test-types (push) Blocked by required conditions
CI / check (push) Blocked by required conditions
CI / check-additional-boundaries-a (push) Blocked by required conditions
CI / check-additional-boundaries-b (push) Blocked by required conditions
CI / check-additional-boundaries-c (push) Blocked by required conditions
CI / check-additional-boundaries-d (push) Blocked by required conditions
CI / check-additional-extension-bundled (push) Blocked by required conditions
CI / check-additional-extension-channels (push) Blocked by required conditions
CI / check-additional-extension-package-boundary (push) Blocked by required conditions
CI / check-additional-runtime-topology-architecture (push) Blocked by required conditions
CI / build-smoke (push) Blocked by required conditions
CI / check-docs (push) Blocked by required conditions
CI / skills-python (push) Blocked by required conditions
CI / -6 (push) Blocked by required conditions
CI / -7 (push) Blocked by required conditions
CI / macos-swift (push) Blocked by required conditions
CI / -8 (push) Blocked by required conditions
ClawSweeper Dispatch / dispatch (push) Waiting to run
Workflow Sanity / no-tabs (push) Waiting to run
Workflow Sanity / actionlint (push) Waiting to run
Workflow Sanity / generated-doc-baselines (push) Waiting to run
2026-05-06 12:20:56 +01:00
Peter Steinberger
cf21cbafc4
ci: harden release validation harness checks 2026-05-06 12:08:45 +01:00
pashpashpash
33c42c8d3b
chore: add positive proof labels (#78117) 2026-05-06 08:10:17 +09:00
pashpashpash
70f34bf177
Require real behavior proof for external PRs (#77622)
* ci: require real behavior proof for external PRs

* fix: tighten real behavior proof heuristics

* fix: reject test-only real behavior proof labels

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-05-05 05:45:30 +01:00
Vincent Koc
c1db7df2ea
fix(ci): run cross-os checks on Windows 2026-05-03 18:05:50 -07:00
Vincent Koc
1b951c565e
fix(github): raise Barnacle active PR limit 2026-05-02 10:37:46 -07:00
Peter Steinberger
c571debf83
refactor: hide barnacle triage helpers 2026-05-02 07:43:43 +01:00
clawsweeper[bot]
e47a7448e9
fix(ci): GitHub App active-PR-limit exemption regression (#75311)
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-30 17:10:20 -07:00
Shadow
ef799fd57a
ci: exclude app PRs from active limit 2026-04-30 18:34:41 -05:00