惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
O
OpenAI News
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 三生石上(FineUI控件)
Webroot Blog
Webroot Blog
GbyAI
GbyAI
S
SegmentFault 最新的问题
Cyberwarzone
Cyberwarzone
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
J
Java Code Geeks
Google DeepMind News
Google DeepMind News
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
博客园 - 【当耐特】
S
Secure Thoughts
酷 壳 – CoolShell
酷 壳 – CoolShell
AWS News Blog
AWS News Blog
Engineering at Meta
Engineering at Meta
S
Security Affairs
H
Help Net Security
Microsoft Security Blog
Microsoft Security Blog
D
DataBreaches.Net
云风的 BLOG
云风的 BLOG
Hugging Face - Blog
Hugging Face - Blog
Google DeepMind News
Google DeepMind News
Spread Privacy
Spread Privacy
T
Threatpost
Forbes - Security
Forbes - Security
C
Cisco Blogs
Scott Helme
Scott Helme
Attack and Defense Labs
Attack and Defense Labs
Simon Willison's Weblog
Simon Willison's Weblog
腾讯CDC
The Last Watchdog
The Last Watchdog
Cloudbric
Cloudbric
Last Week in AI
Last Week in AI
Recorded Future
Recorded Future
小众软件
小众软件
V
Vulnerabilities – Threatpost
美团技术团队
人人都是产品经理
人人都是产品经理
有赞技术团队
有赞技术团队
Apple Machine Learning Research
Apple Machine Learning Research
Hacker News - Newest:
Hacker News - Newest: "LLM"
I
Intezer
月光博客
月光博客
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园 - 司徒正美
C
Cybersecurity and Infrastructure Security Agency CISA
Martin Fowler
Martin Fowler
博客园 - 聂微东

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311 test: trim remaining hotspot tests · openclaw/openclaw@6ba8626 test: narrow hotspot mocks · openclaw/openclaw@dbc8179 test: isolate gemini embedding request helpers · openclaw/openclaw@cd330f5 test: trim memory and mcp hotspots · openclaw/openclaw@fd48dfa test: slim provider registry mocks · openclaw/openclaw@2e08c77 test: harden Parallels update smoke · openclaw/openclaw@1a98090 feat: default Anthropic to Opus 4.7 · openclaw/openclaw@628b454 fix: harden node-host shell payload mutability checks · openclaw/openclaw@75c551e fix: land node-host approval binding for native binaries (#66731) (th… · openclaw/openclaw@29919bb CI: add daily schedule to CodeQL workflow (#67645) · openclaw/openclaw@69d25f5 fix(gateway): capture config hash after plugin auto-enable to prevent… · openclaw/openclaw@8c11210 fix: repair sanitized replay tool results before send (#67620) (thank… · openclaw/openclaw@c3c7a99 fix: restrict HTML timeout short-circuit to transient statuses · openclaw/openclaw@de129a6 fix: keep TUI watchdog bound to active run (#67401) (thanks @xantorres) · openclaw/openclaw@3525273 Gateway/skills: dedupe skills prefix-match + drop dead fallback on log · openclaw/openclaw@d7f489f Extensions/lmstudio: back off inference preload after consecutive fai… · openclaw/openclaw@b555214 TUI/streaming: add watchdog that resets the activity indicator after … · openclaw/openclaw@f44ab20 Agents/tool-loop: enable unknown-tool stream guard by default · openclaw/openclaw@36ed367 Gateway/skills: invalidate session skills snapshot on config write · openclaw/openclaw@b23d59a fix: classify HTML provider error pages correctly (#67642) (thanks @s… · openclaw/openclaw@e588e90 fix(skills): remove unused model-usage import (#67641) · openclaw/openclaw@55f05df docs(changelog): credit codex fix superseded PRs · openclaw/openclaw@e485f24 fix(openai-codex): normalize stale transport metadata in resolution a… · openclaw/openclaw@90801ba CI: pin Docker-related GitHub Actions (#67632) · openclaw/openclaw@f697b01 Android: modernize WebView and discovery API usage (#67627) · openclaw/openclaw@44a6e50 fix(deps): bump hono to 4.12.14 and @hono/node-server to 1.19.14 (GHS… · openclaw/openclaw@fbccc18 fix(deps): bump dompurify to 3.4.0 (#67614) · openclaw/openclaw@2c2dc00 CI: add explicit permissions to all workflow jobs (fixes code-scannin… · openclaw/openclaw@01b7516 fix: register bundled TTS providers and route overrides correctly (#6… · openclaw/openclaw@6ea3cdd fix: align host tilde paths with OS home (#62804) (thanks @stainlu) · openclaw/openclaw@ecfaf64 fix: flush creds queue before reconnect socket open (#67464) (thanks … · openclaw/openclaw@405c63f fix: strip standalone <function> tool call tags from visible text (#6… · openclaw/openclaw@78df859 fix(agents): preserve cli session metadata before transcript persist … · openclaw/openclaw@898fd04 docs(changelog): move cli transcript entry · openclaw/openclaw@c1817c6 fix(agents): normalize cli transcript api field · openclaw/openclaw@3a3fae0 docs(changelog): note cli transcript persistence · openclaw/openclaw@6c343f1 fix(agents): persist cli transcript turns · openclaw/openclaw@b8ef507 fix(msteams): harden security-sensitive flows (#65841) · openclaw/openclaw@c56b56e [Dashboard] Fix exec approval modal overflow for long command content… · openclaw/openclaw@053c5b0 Docs: remove QA changelog entry · openclaw/openclaw@7fd5771 QA: fix private runtime source loading (#67428) · openclaw/openclaw@d5933af docs(gateway): correct protocol.md schema path, hello-ok example, aut… · openclaw/openclaw@489404d CI: pin Node 22 runners to 22.18.0 · openclaw/openclaw@4ffa621 models.authStatus: normalize provider ids + tighten env-backed escape… · openclaw/openclaw@f2fdb9d Update CHANGELOG.md · openclaw/openclaw@7694a92 test(parallels): clean up npm update guard jobs · openclaw/openclaw@045ea7b Plugins: prefer scanDir override paths · openclaw/openclaw@b2974da fix(dreaming): default storage.mode to "separate" so phase blocks sto… · openclaw/openclaw@8c392f0 fix(memory-core): skip dreaming transcript ingestion via session stor… · openclaw/openclaw@a1b01f0 fix: dedupe replayed exec.finished node events (#67281) · openclaw/openclaw@5dcf526
docs(release): require early performance regression check · openclaw/openclaw@0336938
steipete · 2026-05-25 · via Recent Commits to openclaw:main

@@ -59,6 +59,15 @@ Use this skill for release and publish-time workflow. Keep ordinary development

5959

fixes that landed after the release branch cut and backport only important

6060

low-risk fixes. Operators may authorize up to 4 autonomous beta attempts;

6161

after 4 failed beta attempts, stop and report.

62+

- As soon as the release candidate SHA exists, dispatch `OpenClaw Performance`

63+

with `target_ref=<release-sha>` in parallel with the other release work. Do

64+

not wait for full release validation to start the performance signal.

65+

- Before publish/closeout, compare available product performance metrics with

66+

earlier releases: Kova agent-turn/resource metrics, gateway startup

67+

ready/listen/RSS/CPU metrics, and CLI startup metrics from release evidence

68+

or clawgrit reports. Report regressions explicitly. A major regression is a

69+

release blocker unless the operator waives it or the data clearly proves

70+

infrastructure noise.

6271

- Use `/changelog` before version/tag preparation so the top changelog section

6372

is deduped and ordered by user impact.

6473

- Do not create beta-specific `CHANGELOG.md` headings. Beta releases use the

@@ -540,50 +549,58 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>

540549

6. Create `release/YYYY.M.D` from that post-changelog `main` commit.

541550

7. Make every repo version location match the beta tag before creating it.

542551

8. Commit release preparation changes on the release branch and push the branch.

543-

9. Run the fast local beta preflight from the release branch before any npm

544-

preflight or publish. Keep expensive Docker, Parallels, and published-package

545-

install/update lanes for after the beta is live unless the operator asks to

546-

run them before beta publication.

547-

10. For beta releases, skip mac app build/sign/notarize unless beta scope or a

552+

9. Immediately dispatch Actions > `OpenClaw Performance` from `main` with

553+

`target_ref=<release-sha>`, `profile=release`, `repeat=3`, deep profiling

554+

off, live OpenAI off, and regression failure off. Let it run in parallel

555+

with preflight and validation work.

556+

10. Run the fast local beta preflight from the release branch before any npm

557+

preflight or publish. Keep expensive Docker, Parallels, and published-package

558+

install/update lanes for after the beta is live unless the operator asks to

559+

run them before beta publication.

560+

11. For beta releases, skip mac app build/sign/notarize unless beta scope or a

548561

release blocker specifically requires it. For stable releases, include the

549562

mac app, signing, notarization, and appcast path.

550-

11. Confirm the target npm version is not already published.

551-

12. Create and push the git tag from the release branch.

552-

13. Create or refresh the matching GitHub release.

553-

14. Dispatch Actions > `QA-Lab - All Lanes` against the release tag and wait

563+

12. Confirm the target npm version is not already published.

564+

13. Create and push the git tag from the release branch.

565+

14. Create or refresh the matching GitHub release.

566+

15. Dispatch Actions > `QA-Lab - All Lanes` against the release tag and wait

554567

for the mock parity, live Matrix, and live Telegram credentialed-channel

555568

lanes to pass.

556-

15. Start `.github/workflows/openclaw-npm-release.yml` from the release branch

569+

16. Start `.github/workflows/openclaw-npm-release.yml` from the release branch

557570

with `preflight_only=true`

558571

and choose the intended `npm_dist_tag` (`beta` default; `latest` only for

559572

an intentional direct stable publish). Wait for it to pass. Save that run id

560573

because the real publish requires it to reuse the prepared npm tarball.

561-

16. For stable releases, start `.github/workflows/macos-release.yml` in

574+

17. Before real publish, review the early performance run if it has completed.

575+

Compare against earlier release evidence or clawgrit reports where

576+

available. Call out minor regressions in the release proof; block on major

577+

regressions unless waived or proven noisy.

578+

18. For stable releases, start `.github/workflows/macos-release.yml` in

562579

`openclaw/openclaw` and wait for the public validation-only run to pass.

563-

17. For stable releases, start

580+

19. For stable releases, start

564581

`openclaw/releases-private/.github/workflows/openclaw-macos-validate.yml`

565582

with the same tag and wait for the private mac validation lane to pass.

566-

18. For stable releases, start

583+

20. For stable releases, start

567584

`openclaw/releases-private/.github/workflows/openclaw-macos-publish.yml`

568585

with `preflight_only=true` and wait for it to pass. Save that run id because

569586

the real publish requires it to reuse the notarized mac artifacts.

570-

19. If any preflight or validation run fails, fix the issue on a new commit,

587+

21. If any preflight or validation run fails, fix the issue on a new commit,

571588

delete the tag and matching GitHub release, recreate them from the fixed

572589

commit, and rerun all relevant preflights from scratch before continuing.

573590

Never reuse old preflight results after the commit changes. For pushed or

574591

published beta tags, do not delete/recreate; increment to the next beta tag.

575592

For preflight-only failures where npm did not publish the beta version,

576593

delete/recreate the same beta tag and prerelease at the fixed commit instead

577594

of skipping a prerelease number.

578-

20. Start `.github/workflows/openclaw-npm-release.yml` from the same branch with

595+

22. Start `.github/workflows/openclaw-npm-release.yml` from the same branch with

579596

the same tag for the real publish, choose `npm_dist_tag` (`beta` default,

580597

`latest` only when you intentionally want direct stable publish), keep it

581598

the same as the preflight run, and pass the successful npm

582599

`preflight_run_id`.

583-

21. Wait for `npm-release` approval from `@openclaw/openclaw-release-managers`.

584-

22. Run postpublish verification:

600+

23. Wait for `npm-release` approval from `@openclaw/openclaw-release-managers`.

601+

24. Run postpublish verification:

585602

`node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>`.

586-

23. Run the post-published beta verification roster. First scan current `main`

603+

25. Run the post-published beta verification roster. First scan current `main`

587604

for critical fixes that landed after the release branch cut; backport only

588605

important low-risk fixes before starting expensive lanes, or increment to

589606

the next beta if the fix must change the already-published package. If any

@@ -597,35 +614,35 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>

597614

If a pre-npm lane fails before any tag/package leaves the machine, fix and

598615

rerun the same intended beta attempt. Repeat up to the operator's

599616

authorized beta-attempt limit, normally 4.

600-

24. Announce the beta/stable release on Discord best-effort using the configured secret workflow.

601-

25. If the operator requested beta only, stop after beta verification and the

617+

26. Announce the beta/stable release on Discord best-effort using the configured secret workflow.

618+

27. If the operator requested beta only, stop after beta verification and the

602619

announcement.

603-

26. If the stable release was published to `beta`, use the light stable

620+

28. If the stable release was published to `beta`, use the light stable

604621

promotion roster when the matching beta already carried the full confidence

605622

pass: published npm postpublish verify, Docker install/update smoke,

606623

macOS-only Parallels install/update smoke, and required QA signal.

607624

Then start the private

608625

`openclaw/releases-private/.github/workflows/openclaw-npm-dist-tags.yml`

609626

workflow to promote that stable version from `beta` to `latest`, then

610627

verify `latest` now points at that version.

611-

27. If the stable release was published directly to `latest` and `beta` should

628+

29. If the stable release was published directly to `latest` and `beta` should

612629

follow it, start that same private dist-tag workflow to point `beta` at the

613630

stable version, then verify both `latest` and `beta` point at that version.

614-

28. For stable releases, start

631+

30. For stable releases, start

615632

`openclaw/releases-private/.github/workflows/openclaw-macos-publish.yml`

616633

for the real publish with the successful private mac `preflight_run_id` and

617634

wait for success.

618-

29. Verify the successful real private mac run uploaded the `.zip`, `.dmg`,

635+

31. Verify the successful real private mac run uploaded the `.zip`, `.dmg`,

619636

and `.dSYM.zip` artifacts to the existing GitHub release in

620637

`openclaw/openclaw`.

621-

30. For stable releases, download `macos-appcast-<tag>` from the successful

638+

32. For stable releases, download `macos-appcast-<tag>` from the successful

622639

private mac run, update `appcast.xml` on `main`, and verify the feed. Merge

623640

or cherry-pick release branch changes back to `main` after stable succeeds.

624-

31. For beta releases, publish the mac assets only when intentionally requested;

641+

33. For beta releases, publish the mac assets only when intentionally requested;

625642

expect no shared production

626643

`appcast.xml` artifact and do not update the shared production feed unless a

627644

separate beta feed exists.

628-

32. After publish, verify npm and the attached release artifacts.

645+

34. After publish, verify npm and the attached release artifacts.

629646630647

## GHSA advisory work

631648