Installs plugin on ghcr.io/openclaw/openclaw:main via `plugins install`,
starts mock worker + gateway, and verifies 16 checks (discovery, files,
SSE connectivity, gateway plugin load). Includes interactive mode for
human manual testing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
E2E testing against the official OpenClaw Docker image revealed the plugin
was built against a custom interface that didn't match the real SDK:
- api.log() → api.logger.info/warn/error() (PluginLogger interface)
- api.getConfig() → api.pluginConfig (direct property)
- command handler (args[], ctx) → (ctx) with ctx.args string
- service stop optional, service context typed
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Categorized all 27 open PRs into 9 groups (Owner, Security, Critical Bug Fixes,
Windows, Features, Infrastructure, Documentation, Other) with MERGE/REVIEW/CLOSE/DEFER
recommendations. 19 REVIEW, 5 CLOSE, 5 DEFER. Identified key coordination clusters
for security fixes, subprocess management, and session ID handling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Categorized 17 open issues into Tier 1 (Critical Security & Stability)
and Tier 2 (High-Priority Bug Fixes) with KEEP/DISCARD/DEFER
recommendations for each. Cross-referenced 6 issues to active PRs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Move sseAbortController/connectionState from module globals into closure for multi-instance safety
- Make start() idempotent by aborting existing connection before creating a new one
- Track connectionPromise and await it on stop() for proper cleanup
- Guard channel API access lazily to prevent crash when integrations are missing
- Add 1MB MAX_SSE_BUFFER_SIZE to prevent unbounded buffer growth
- Log malformed JSON parse errors instead of silently ignoring
- Replace error: any with proper instanceof Error type narrowing
- Remove hardcoded user paths from TESTING.md
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Confirmed all duplicate issues across 6 clusters (CLAUDE.md pollution,
FOLDER_CLAUDEMD_ENABLED, orphaned processes, Windows popups, Zod schema,
SessionStart exit code) are successfully closed on GitHub.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replaces stub start/stop methods with working SSE consumer that connects to
claude-mem worker's /stream endpoint, parses new_observation events, and
forwards formatted messages to configured OpenClaw channels (Telegram, Discord,
Signal, Slack, WhatsApp, Line). Includes reconnection with exponential backoff
(1s-30s), connection state tracking, and on/off command toggle. Added 17 tests
covering unit and SSE integration scenarios.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Create openclaw/ directory with plugin manifest (openclaw.plugin.json),
package.json, tsconfig.json, and .gitignore. Plugin manifest includes
full configSchema with observationFeed settings for live streaming
observations to messaging channels.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. ProcessManager: Migrate spawnDaemon() from WMIC to PowerShell Start-Process
- WMIC deprecated in Windows 11, PowerShell inherits env vars properly
- Use -WindowStyle Hidden to prevent console popups
- Fix redundant backslash escaping in PowerShell $_ variables
2. ChromaSync: Re-enable vector search on Windows
- Remove overly defensive platform check that disabled all semantic search
- Worker daemon starts with -WindowStyle Hidden; child processes inherit
- MCP SDK's StdioClientTransport uses shell:false, no new console created
3. worker-service: Unified DB-ready gate middleware
- Replace single-endpoint /api/sessions/init wait with global middleware
- Hold all DB-dependent requests until database is initialized (30s timeout)
- Whitelist static assets, /health, and viewer page for immediate response
- Separate dbReadyPromise (DB only) from initializationComplete (full init)
- Fixes "Database not initialized" errors on /stream, /summarize, /init
4. EnvManager: Switch from allowlist to blocklist for subprocess env
- Only strip ANTHROPIC_API_KEY to prevent Issue #733 billing hijack
- Pass through all other vars (ANTHROPIC_AUTH_TOKEN, ANTHROPIC_BASE_URL, etc.)
- Simpler, less fragile than maintaining an exhaustive system vars allowlist
Cherry-picked source changes from PR #657 (224 commits behind main).
Adds `claude-mem generate` and `claude-mem clean` CLI commands:
- New src/cli/claude-md-commands.ts with generateClaudeMd() and cleanClaudeMd()
- Worker service generate/clean case handlers with --dry-run support
- CLAUDE_MD logger component type
- Uses shared isDirectChild from path-utils.ts (DRY improvement over PR original)
Skipped from PR: 91 CLAUDE.md file deletions (stale), build artifacts,
.claude/plans/ dev artifact, smart-install.js shell alias auto-injection
(aggressive profile modification without consent).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Cherry-picked both PRs to main (both had merge conflicts with current main).
PR #920 (@Spunky84): CLAUDE_MEM_EXCLUDED_PROJECTS setting with glob patterns
to exclude entire projects from memory tracking (privacy/confidentiality).
Early-exit in session-init and observation handlers. 11 unit tests.
PR #699 (@leepokai): CLAUDE_MEM_FOLDER_MD_EXCLUDE setting with JSON array
of paths to exclude from CLAUDE.md file generation (fixes SwiftUI/Xcode
build conflicts and drizzle kit migration failures). Closes#620.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds save_memory MCP tool allowing users to manually save observations
for semantic search. Source changes cherry-picked from PR #662 by
@darconada (build artifact conflicts resolved by direct application).
Closes#645.
Co-Authored-By: darconadalabarga <darconada@arsys.es>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Core adapter code is sound but PR includes build artifacts, planning docs,
and settings changes. Requested focused re-submission with source-only changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
OpenAI models are already accessible via OpenRouter. The proposed 491-line
OpenAIAgent duplicates the existing OpenAI-compatible API in OpenRouterAgent.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Memory concerns addressed by PR #806. Two Anthropic providers would create
confusion and maintenance overhead.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Cherry-picked from PR #844 by @thusdigital. Sessions stayed in active
sessions map forever after summarize, causing the orphan reaper to think
all processes were still active. Adds session-complete as Stop phase 2
hook that calls POST /api/sessions/complete to remove sessions from the
active map, allowing the reaper to correctly identify and clean up
orphaned worker processes. Fixes#842.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Cherry-picked source changes from PR #889 by @Et9797. Fixes#846.
Key changes:
- Add ensureMemorySessionIdRegistered() guard in SessionStore.ts
- Add ON UPDATE CASCADE migration (schema v21) for observations and session_summaries FK constraints
- Change message queue from claim-and-delete to claim-confirm pattern (PendingMessageStore.ts)
- Add spawn deduplication and unrecoverable error detection in SessionRoutes.ts and worker-service.ts
- Add forceInit flag to SDKAgent for stale session recovery
Build artifacts skipped (pre-existing dompurify dep issue). Path fixes (HealthMonitor.ts, worker-utils.ts)
already merged via PR #634.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Cherry-picked source changes from PR #721. Fixes two Cursor standalone
setup bugs:
1. findCursorHooksDir() now checks for hooks.json (unified CLI mode)
in addition to legacy common.sh/common.ps1 scripts
2. installCursorHooks() now uses bun instead of node for hook commands
since worker-service.cjs depends on bun:sqlite
3. Added findBunPath() to detect bun executable across platforms
Build artifacts skipped (pre-existing dompurify viewer dep issue).
Source-only cherry-pick, TypeScript compilation clean for modified file.
Co-Authored-By: polux0 <aleksaprosperitylabs@gmail.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Root cause: Claude Code doesn't close stdin after writing hook input,
so stdin.on('end') never fires.
Previous approach: Timeout-based workaround (wait 5s then parse).
New approach: JSON is self-delimiting. We attempt to parse after each
data chunk. Once we have valid JSON, we resolve immediately without
waiting for EOF. This is the proper fix - hooks now exit in <500ms
instead of waiting for any timeout.
Changes:
- Add tryParseJson() to detect complete JSON
- Parse after each stdin chunk, resolve immediately on success
- Add 50ms parse delay for multi-chunk delivery edge case
- Safety timeout (30s) only for truly malformed input
- Removes dependency on stdin.on('end') which never fires
Testing:
- Normal operation: 448ms (was 5000ms+ with timeout approach)
- Stdin stays open: Process exits immediately after JSON complete
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Change from absolute timeout to inactivity timeout (reset on each data chunk)
to avoid truncating large/slow payloads
- Fix race condition: add resolved=true before resolving in catch block
- Fix unreliable readable check: just access the property, don't check value
- Add cleanup() call in catch block for consistency
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixes#727 (PostToolUse hooks hanging at "1/2 done")
Addresses #646 (Bun stdin EINVAL crash)
Root causes:
1. Bun crashes with EINVAL when Claude Code doesn't provide valid stdin fd
2. stdin.on('end') never fires if Claude Code doesn't close stdin properly
Changes:
- Add isStdinAvailable() to safely check stdin before reading
- Wrap stdin access in try-catch to handle Bun's lazy fstat crash
- Add 5-second timeout to prevent indefinite hangs
- Gracefully return undefined instead of crashing on stdin errors
- Properly clean up event listeners to prevent memory leaks
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Alex Newman