Mirrors/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-15 21:30:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
49,436 Commits 1,624 Branches 194 Tags
a0f35574d047e2a9f2bf3198e7a86d1bbae6770e
Commit Graph

3051 Commits

Author SHA1 Message Date
Peter Steinberger
a0f35574d0 Remove codex-cli backend and migrate to Codex runtime 
Remove the bundled codex-cli backend, migrate legacy codex-cli refs and runtime pins to the Codex app-server runtime, and update live/backend workflow coverage for the supported CLI lanes.
 2026-05-14 10:07:18 +01:00
scotthuang
c35634c729 Fix/weixin catalog update 2.4.3 (#81730) 
* fix(weixin): upgrade catalog to 2.4.3

* fix(weixin): update catalog integrity for 2.4.3

---------

Co-authored-by: scotthuang <scotthuang@tencent.com>
 2026-05-14 03:32:38 -05:00
Vincent Koc
94f3ecae9a perf(cli): route plugin list json directly 2026-05-14 16:29:21 +08:00
Vincent Koc
8717525fbc test(cli): cover parent startup budgets 2026-05-14 16:18:26 +08:00
Peter Steinberger
0916a19cb5 ci: block new package patches 2026-05-14 07:57:59 +01:00
Peter Steinberger
81b239dc98 build: externalize slack openshell vertex plugins 2026-05-14 07:46:58 +01:00
Peter Steinberger
36755e4057 [codex] externalize amazon bedrock providers (#81687) 
* build: externalize amazon bedrock providers

* build: skip external plugins in root dist graph

* test: update managed npm override expectation

* build: mark amazon providers external-only
 2026-05-14 07:27:40 +01:00
Vincent Koc
e064cc98f0 fix(ci): skip locale refresh on invalid provider auth 2026-05-14 14:13:39 +08:00
Vincent Koc
8f612787a8 fix(ci): restore control ui locale refresh 2026-05-14 13:58:27 +08:00
Vincent Koc
bc0def52af fix(ci): read sparse package manifests from index 2026-05-14 13:11:42 +08:00
Vincent Koc
fe89243c3b fix(plugin-sdk): restore memory core alias 2026-05-14 12:50:22 +08:00
rolandrscheel
e4cee2eb69 perf(gateway): cache session list resolver lookups 
Refs #75839.\n\nRebases and lands the sessions.list resolver-cache fix from #77187 after maintainer conflict repair. The change keeps cache state scoped to a single sessions.list call and memoizes deterministic per-row resolver work for repeated provider/model tuples.\n\nVerification:\n- pnpm test src/gateway/session-utils.perf.test.ts src/gateway/session-utils.test.ts\n- pnpm exec oxfmt --check --threads=1 src/gateway/session-utils.ts src/gateway/session-utils.perf.test.ts scripts/github/real-behavior-proof-policy.mjs\n- git diff --check HEAD -- CHANGELOG.md scripts/github/real-behavior-proof-policy.mjs src/gateway/session-utils.perf.test.ts src/gateway/session-utils.ts\n- GitHub PR checks: 87 passing, CodeQL neutral, 21 skipped\n\nCo-authored-by: OpenClaw Agent <openclaw-agent@users.noreply.github.com>
 2026-05-13 23:20:40 -05:00
Vincent Koc
5b418c3c4f fix(channels): preserve Telegram ordering without blocking follow-ups 2026-05-14 12:19:02 +08:00
Josh Lehman
aac216d699 fix: route plugin LLM completions through Codex runtime (#81511) 
* fix: route plugin LLM completions through Codex runtime

* fix: preserve OpenRouter completion model ids

* fix: allow registry config compat guards
 2026-05-13 21:02:28 -07:00
Vincent Koc
5923d9e807 fix(plugin-sdk): export codex runtime helpers 2026-05-14 09:19:04 +08:00
Peter Steinberger
dc7fab4dc5 perf: cache pi model discovery 2026-05-14 00:13:29 +01:00
Vincent Koc
d08f68dee7 test(e2e): cover root-managed VPS upgrades 2026-05-14 06:50:58 +08:00
Kevin Lin
6a23e26a27 docs: consolidate plugin install docs (#81167) 
* docs: consolidate plugin install docs

* docs: align plugin getting started page

* snap

* docs: add reusable audit viewer tooling

* docs: add audit viewer doc mode

* docs: add audit viewer diff mode

* docs: strengthen plugin docs audit coverage

* docs: preserve plugin scan order reference

* docs: resolve plugin audit coverage gaps

* docs: strengthen audit line mappings

* docs: narrow plugin docs refactor scope

* docs: preserve plugin audit facts

* docs: keep audit skill local

* docs: remove audit skill from pr

* fix: satisfy plugin scan lint

* docs: address plugin docs review
 2026-05-13 13:17:39 -07:00
Peter Steinberger
ebd829cffd test: add release qa docker lanes 2026-05-13 20:57:44 +01:00
AI-HUB
b7d3b74f1c fix(ui): order live chat items by timestamp (#81016) 
* fix(ui): order live chat items by timestamp

* fix(ui): stabilize chat timestamp sorting

* test: refresh core lint fixtures

* test: refresh current main guard fixtures

* test: refresh codex prompt snapshots

* test(matrix): keep runtime helper local

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-13 20:30:44 +01:00
Peter Steinberger
8a406528b4 fix(codex): project user MCP servers into app-server threads 
Fixes #80814.

Co-authored-by: kinjitakabe <273844887+kinjitakabe@users.noreply.github.com>
 2026-05-13 20:07:10 +01:00
Peter Steinberger
58bfefbad3 test: add release user journey docker lane 2026-05-13 19:17:57 +01:00
Altay
a40499b21a fix(test): isolate auth profile secrets in test state (#81393) 
Merged via squash.

Prepared head SHA: fde8787cb7
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-05-13 17:34:45 +03:00
Peter Steinberger
1c28e4a0bb test: add docker live subagent announce proof 2026-05-13 15:21:37 +01:00
Peter Steinberger
53d007bc87 refactor(media): centralize bounded remote downloads 
Co-authored-by: samzong <samzong.lu@gmail.com>
 2026-05-13 15:04:49 +01:00
Peter Steinberger
756379b11d refactor: centralize config mutations 2026-05-13 15:00:07 +01:00
Peter Steinberger
488a3d8e52 fix(ci): refresh stale metadata ownership 2026-05-13 14:59:47 +01:00
Peter Steinberger
4785a073d6 feat(channels): add generic bot loop protection 2026-05-13 14:59:47 +01:00
Peter Steinberger
714f62f976 test: add live subagent steering proof 2026-05-13 14:24:45 +01:00
brokemac79
3cf296185f fix(docker): pin setup cli container paths 2026-05-13 14:13:57 +01:00
brokemac79
f2cbe9ecc5 fix(channel): refresh wecom onboarding install 2026-05-13 13:52:05 +01:00
Peter Steinberger
694ca50e97 Revert "refactor: move runtime state to SQLite" 
This reverts commit f91de52f0d.
 2026-05-13 13:33:38 +01:00
Peter Steinberger
d1fdd6e186 fix(installer): honor git install versions 2026-05-13 13:17:29 +01:00
Peter Steinberger
f91de52f0d refactor: move runtime state to SQLite 
* refactor: remove stale file-backed shims

* fix: harden sqlite state ci boundaries

* refactor: store matrix idb snapshots in sqlite

* fix: satisfy rebased CI guardrails

* refactor: store current conversation bindings in sqlite table

* refactor: store tui last sessions in sqlite table

* refactor: reset sqlite schema history

* refactor: drop unshipped sqlite table migration

* refactor: remove plugin index file rollback

* refactor: drop unshipped sqlite sidecar migrations

* refactor: remove runtime commitments kv migration

* refactor: preserve kysely sync result types

* refactor: drop unshipped sqlite schema migration table

* test: keep session usage coverage sqlite-backed

* refactor: keep sqlite migration doctor-only

* refactor: isolate device legacy imports

* refactor: isolate push voicewake legacy imports

* refactor: isolate remaining runtime legacy imports

* refactor: tighten sqlite migration guardrails

* test: cover sqlite persisted enum parsing

* refactor: isolate legacy update and tui imports

* refactor: tighten sqlite state ownership

* refactor: move legacy imports behind doctor

* refactor: remove legacy session row lookup

* refactor: canonicalize memory transcript locators

* refactor: drop transcript path scope fallbacks

* refactor: drop runtime legacy session delivery pruning

* refactor: store tts prefs only in sqlite

* refactor: remove cron store path runtime

* refactor: use cron sqlite store keys

* refactor: rename telegram message cache scope

* refactor: read memory dreaming status from sqlite

* refactor: rename cron status store key

* refactor: stop remembering transcript file paths

* test: use sqlite locators in agent fixtures

* refactor: remove file-shaped commitments and cron store surfaces

* refactor: keep compaction transcript handles out of session rows

* refactor: derive transcript handles from session identity

* refactor: derive runtime transcript handles

* refactor: remove gateway session locator reads

* refactor: remove transcript locator from session rows

* refactor: store raw stream diagnostics in sqlite

* refactor: remove file-shaped transcript rotation

* refactor: hide legacy trajectory paths from runtime

* refactor: remove runtime transcript file bridges

* refactor: repair database-first rebase fallout

* refactor: align tests with database-first state

* refactor: remove transcript file handoffs

* refactor: sync post-compaction memory by transcript scope

* refactor: run codex app-server sessions by id

* refactor: bind codex runtime state by session id

* refactor: pass memory transcripts by sqlite scope

* refactor: remove transcript locator cleanup leftovers

* test: remove stale transcript file fixtures

* refactor: remove transcript locator test helper

* test: make cron sqlite keys explicit

* test: remove cron runtime store paths

* test: remove stale session file fixtures

* test: use sqlite cron keys in diagnostics

* refactor: remove runtime delivery queue backfill

* test: drop fake export session file mocks

* refactor: rename acp session read failure flag

* refactor: rename acp row session key

* refactor: remove session store test seams

* refactor: move legacy session parser tests to doctor

* refactor: reindex managed memory in place

* refactor: drop stale session store wording

* refactor: rename session row helpers

* refactor: rename sqlite session entry modules

* refactor: remove transcript locator leftovers

* refactor: trim file-era audit wording

* refactor: clean managed media through sqlite

* fix: prefer explicit agent for exports

* fix: use prepared agent for session resets

* fix: canonicalize legacy codex binding import

* test: rename state cleanup helper

* docs: align backup docs with sqlite state

* refactor: drop legacy Pi usage auth fallback

* refactor: move legacy auth profile imports to doctor

* refactor: keep Pi model discovery auth in memory

* refactor: remove MSTeams legacy learning key fallback

* refactor: store model catalog config in sqlite

* refactor: use sqlite model catalog at runtime

* refactor: remove model json compatibility aliases

* refactor: store auth profiles in sqlite

* refactor: seed copied auth profiles in sqlite

* refactor: make auth profile runtime sqlite-addressed

* refactor: migrate hermes secrets into sqlite auth store

* refactor: move plugin install config migration to doctor

* refactor: rename plugin index audit checks

* test: drop auth file assumptions

* test: remove legacy transcript file assertions

* refactor: drop legacy cli session aliases

* refactor: store skill uploads in sqlite

* refactor: keep subagent attachments in sqlite vfs

* refactor: drop subagent attachment cleanup state

* refactor: move legacy session aliases to doctor

* refactor: require node 24 for sqlite state runtime

* refactor: move provider caches into sqlite state

* fix: harden virtual agent filesystem

* refactor: enforce database-first runtime state

* refactor: rename compaction transcript rotation setting

* test: clean sqlite refactor test types

* refactor: consolidate sqlite runtime state

* refactor: model session conversations in sqlite

* refactor: stop deriving cron delivery from session keys

* refactor: stop classifying sessions from key shape

* refactor: hydrate announce targets from typed delivery

* refactor: route heartbeat delivery from typed sqlite context

* refactor: tighten typed sqlite session routing

* refactor: remove session origin routing shadow

* refactor: drop session origin shadow fixtures

* perf: query sqlite vfs paths by prefix

* refactor: use typed conversation metadata for sessions

* refactor: prefer typed session routing metadata

* refactor: require typed session routing metadata

* refactor: resolve group tool policy from typed sessions

* refactor: delete dead session thread info bridge

* Show Codex subscription reset times in channel errors (#80456)

* feat(plugin-sdk): consolidate session workflow APIs

* fix(agents): allow read-only agent mount reads

* [codex] refresh plugin regression fixtures

* fix(agents): restore compaction gateway logs

* test: tighten gateway startup assertions

* Redact persisted secret-shaped payloads [AI] (#79006)

* test: tighten device pair notify assertions

* test: tighten hermes secret assertions

* test: assert matrix client error shapes

* test: assert config compat warnings

* fix(heartbeat): remap cron-run exec events to session keys (#80214)

* fix(codex): route btw through native side threads

* fix(auth): accept friendly OpenAI order for Codex profiles

* fix(codex): rotate auth profiles inside harness

* fix: keep browser status page probe within timeout

* test: assert agents add outputs

* test: pin cron read status

* fix(agents): avoid Pi resource discovery stalls

Co-authored-by: dataCenter430 <titan032000@gmail.com>

* fix: retire timed-out codex app-server clients

* test: tighten qa lab runtime assertions

* test: check security fix outputs

* test: verify extension runtime messages

* feat(wake): expose typed sessionKey on wake protocol + system event CLI

* fix(gateway): await session_end during shutdown drain and track channel + compaction lifecycle paths (#57790)

* test: guard talk consult call helper

* fix(codex): scale context engine projection (#80761)

* fix(codex): scale context engine projection

* fix: document Codex context projection scaling

* fix: document Codex context projection scaling

* fix: document Codex context projection scaling

* fix: document Codex context projection scaling

* chore: align Codex projection changelog

* chore: realign Codex projection changelog

* fix: isolate Codex projection patch

---------

Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org>
Co-authored-by: Josh Lehman <josh@martian.engineering>

* refactor: move agent runtime state toward piless

* refactor: remove cron session reaper

* refactor: move session management to sqlite

* refactor: finish database-first state migration

* chore: refresh generated sqlite db types

* refactor: remove stale file-backed shims

* test: harden kysely type coverage

# Conflicts:
#	.agents/skills/kysely-database-access/SKILL.md
#	src/infra/kysely-sync.types.test.ts
#	src/proxy-capture/store.sqlite.test.ts
#	src/state/openclaw-agent-db.test.ts
#	src/state/openclaw-state-db.test.ts

* refactor: remove cron store path runtime

* refactor: keep compaction transcript handles out of session rows

* refactor: derive embedded transcripts from sqlite identity

* refactor: remove embedded transcript locator handoff

* refactor: remove runtime transcript file bridges

* refactor: remove transcript file handoffs

* refactor: remove MSTeams legacy learning key fallback

* refactor: store model catalog config in sqlite

* refactor: use sqlite model catalog at runtime

# Conflicts:
#	docs/cli/secrets.md
#	docs/gateway/authentication.md
#	docs/gateway/secrets.md

* fix: keep oauth sibling sync sqlite-local

# Conflicts:
#	src/commands/onboard-auth.test.ts

* refactor: remove task session store maintenance

# Conflicts:
#	src/commands/tasks.ts

* refactor: keep diagnostics in state sqlite

* refactor: enforce database-first runtime state

* refactor: consolidate sqlite runtime state

* Show Codex subscription reset times in channel errors (#80456)

* fix(codex): refresh subscription limit resets

* fix(codex): format reset times for channels

* Update CHANGELOG with latest changes and fixes

Updated CHANGELOG with recent fixes and improvements.

* fix(codex): keep command load failures on codex surface

* fix(codex): format account rate limits as rows

* fix(codex): summarize account limits as usage status

* fix(codex): simplify account limit status

* test: tighten subagent announce queue assertion

* test: tighten session delete lifecycle assertions

* test: tighten cron ops assertions

* fix: track cron execution milestones

* test: tighten hermes secret assertions

* test: assert matrix sync store payloads

* test: assert config compat warnings

* fix(codex): align btw side thread semantics

* fix(codex): honor codex fallback blocking

* fix(agents): avoid Pi resource discovery stalls

* test: tighten codex event assertions

* test: tighten cron assertions

* Fix Codex app-server OAuth harness auth

* refactor: move agent runtime state toward piless

* refactor: move device and push state to sqlite

* refactor: move runtime json state imports to doctor

* refactor: finish database-first state migration

* chore: refresh generated sqlite db types

* refactor: clarify cron sqlite store keys

* refactor: remove stale file-backed shims

* refactor: bind codex runtime state by session id

* test: expect sqlite trajectory branch export

* refactor: rename session row helpers

* fix: keep legacy device identity import in doctor

* refactor: enforce database-first runtime state

* refactor: consolidate sqlite runtime state

* build: align pi contract wrappers

* chore: repair database-first rebase

* refactor: remove session file test contracts

* test: update gateway session expectations

* refactor: stop routing from session compatibility shadows

* refactor: stop persisting session route shadows

* refactor: use typed delivery context in clients

* refactor: stop echoing session route shadows

* refactor: repair embedded runner rebase imports

# Conflicts:
#	src/agents/pi-embedded-runner/run/attempt.tool-call-argument-repair.ts

* refactor: align pi contract imports

* refactor: satisfy kysely sync helper guard

* refactor: remove file transcript bridge remnants

* refactor: remove session locator compatibility

* refactor: remove session file test contracts

* refactor: keep rebase database-first clean

* refactor: remove session file assumptions from e2e

* docs: clarify database-first goal state

* test: remove legacy store markers from sqlite runtime tests

* refactor: remove legacy store assumptions from runtime seams

* refactor: align sqlite runtime helper seams

* test: update memory recall sqlite audit mock

* refactor: align database-first runtime type seams

* test: clarify doctor cron legacy store names

* fix: preserve sqlite session route projections

* test: fix copilot token cache test syntax

* docs: update database-first proof status

* test: align database-first test fixtures

* docs: update database-first proof status

* refactor: clean extension database-first drift

* test: align agent session route proof

* test: clarify doctor legacy path fixtures

* chore: clean database-first changed checks

* chore: repair database-first rebase markers

* build: allow baileys git subdependency

* chore: repair exp-vfs rebase drift

* chore: finish exp-vfs rebase cleanup

* chore: satisfy rebase lint drift

* chore: fix qqbot rebase type seam

* chore: fix rebase drift leftovers

* fix: keep auth profile oauth secrets out of sqlite

* fix: repair rebase drift tests

* test: stabilize pairing request ordering

* test: use source manifests in plugin contract checks

* fix: restore gateway session metadata after rebase

* fix: repair database-first rebase drift

* fix: clean up database-first rebase fallout

* test: stabilize line quick reply receipt time

* fix: repair extension rebase drift

* test: keep transcript redaction tests sqlite-backed

* fix: carry injected transcript redaction through sqlite

* chore: clean database branch rebase residue

* fix: repair database branch CI drift

* fix: repair database branch CI guard drift

* fix: stabilize oauth tls preflight test

* test: align database branch fast guards

* test: repair build artifact boundary guards

* chore: clean changelog rebase markers

---------

Co-authored-by: pashpashpash <nik@vault77.ai>
Co-authored-by: Eva <eva@100yen.org>
Co-authored-by: stainlu <stainlu@newtype-ai.org>
Co-authored-by: Jason Zhou <jason.zhou.design@gmail.com>
Co-authored-by: Ruben Cuevas <hi@rubencu.com>
Co-authored-by: Pavan Kumar Gondhi <pavangondhi@gmail.com>
Co-authored-by: Shakker <shakkerdroid@gmail.com>
Co-authored-by: Kaspre <36520309+Kaspre@users.noreply.github.com>
Co-authored-by: dataCenter430 <titan032000@gmail.com>
Co-authored-by: Kaspre <kaspre@gmail.com>
Co-authored-by: pandadev66 <nova.full.stack@outlook.com>
Co-authored-by: Eva <admin@100yen.org>
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org>
Co-authored-by: Josh Lehman <josh@martian.engineering>
Co-authored-by: jeffjhunter <support@aipersonamethod.com>
 2026-05-13 13:15:12 +01:00
Peter Steinberger
0a9f7afb66 fix(agents): surface memory-flush errors safely 
Refs #80755.
Replaces #80884.

Verification:
- pnpm test src/plugins/contracts/extension-runtime-dependencies.contract.test.ts src/auto-reply/reply/agent-runner-memory.test.ts
- pnpm changed:lanes --json
- git diff --check
- node scripts/run-oxlint.mjs --tsconfig config/tsconfig/oxlint.scripts.json scripts/generate-plugin-inventory-doc.mjs scripts/deadcode-unused-files.allowlist.mjs
- pnpm deadcode:unused-files
- pnpm check:changed via Blacksmith Testbox tbx_01krgjhyx965k8ew4qg9nxq8yn
- GitHub CI on PR #81387 head 695f694b70

Co-authored-by: kinjitakabe <273844887+kinjitakabe@users.noreply.github.com>
 2026-05-13 12:56:09 +01:00
Jamil Zakirov
68c77bb55d feat(plugin-sdk): export plugin hook types 
Add `openclaw/plugin-sdk/types` entrypoint that re-exports plugin hook
types, so external plugins can import typed hook interfaces without
reaching into internal paths.

Also export `resolveActiveEmbeddedRunSessionId` from
`agent-harness-runtime` for session resolution in embedded runs.
 2026-05-13 11:40:25 +01:00
Peter Steinberger
85f9276624 build(whatsapp): externalize whatsapp plugin 2026-05-13 11:21:17 +01:00
samzong
94aae40c28 feat(scripts): allow worktree heavy-check locks 
Signed-off-by: samzong <samzong.lu@gmail.com>
 2026-05-13 13:38:52 +05:30
Josh Avant
bd4db5ee62 Add dependency release safety evidence and PR awareness (#81325) 
* test: cover dependency pin guard

* build: add dependency vulnerability gate

* build: add dependency risk report

* build: add dependency drift reports

* build: include dependency ownership surface evidence

* build: rename dependency report commands

* build: respect release age exclusions in risk report

* build: clarify transitive risk accounting

* build: remove transitive risk exception registry

* build: clarify transitive risk signal wording

* ci: attach dependency evidence to release preflight

* ci: extract dependency release evidence generator

* build: rename ownership surface dependency report

* ci: clarify release evidence naming

* build: clarify recently published risk report

* build: reorder transitive risk report sections

* build: fix ownership surface pluralization

* ci: surface dependency changes on PRs

* ci: harden dependency change awareness

* ci: use dependency changed PR label

* build: fix dependency report lint

* docs: add dependency safety changelog
 2026-05-13 03:05:09 -05:00
Peter Steinberger
f5be0d1406 fix: make codex harness live test portable 2026-05-13 08:16:47 +01:00
Peter Steinberger
f1ddaf46c7 ci: avoid pnpm prompts in live docker tests 2026-05-13 03:46:33 +01:00
Sarah Fortune
d06f0a0ee7 fix(install): don't abort install.ps1 when git writes to stderr (#80834) 
PowerShell 7+ honors $ErrorActionPreference=Stop for native commands,
so git's normal progress line ("From https://...") on stderr during
`git pull --rebase` would turn into a terminating error and abort the
installer immediately after a fresh clone — before pnpm install/build
ever runs. The existing `2>$null` redirects the display but the error
record is still generated.

Wrap the git status / pull calls in try/catch so the pull stays
best-effort and the rest of the installer can proceed. Reproduced on
Windows 11 ARM under PowerShell 7.x with -InstallMethod git.
 2026-05-12 17:26:30 -07:00
Pavan Kumar Gondhi
b6a94d4ef9 Require auth for sandbox browser CDP relay [AI] (#81002) 
* fix: require auth for sandbox browser cdp relay

* addressing review-skill

* addressing review-skill

* addressing review-skill

* addressing codex review

* addressing claude review

* docs: add changelog entry for PR merge
 2026-05-12 19:37:32 +05:30
Ayaan Zaidi
c025291df7 docs(docker): document auth profile key mount 2026-05-12 16:35:53 +05:30
Ayaan Zaidi
c3e3146639 fix(docker): persist auth profile key mount 2026-05-12 16:35:53 +05:30
Peter Steinberger
815af80363 test: raise macos update smoke heap 2026-05-12 08:28:28 +01:00
Peter Steinberger
04a868b98d fix: skip metadata for build-excluded bundled plugins 
Fix bundled plugin metadata copying to follow the build-entry set, so build-excluded plugins like QQ Bot do not leave stale dist metadata advertising missing runtime files.

Verification:
- pnpm test src/plugins/copy-bundled-plugin-metadata.test.ts test/scripts/bundled-plugin-build-entries.test.ts
- git diff --check
- pnpm openclaw gateway status --deep
- CI run 25718250461
- CodeQL run 25718250402
- CodeQL Critical Quality run 25718250418
- Real behavior proof run 25718290985
 2026-05-12 07:51:11 +01:00
Peter Steinberger
f6d787cc5c build: hard-pin dependency specs 2026-05-12 07:10:13 +01:00
Peter Steinberger
2e8f8f8b3a fix: keep release fast pretag check branch-safe 
(cherry picked from commit 5a14f7b500)
 2026-05-12 06:21:10 +01:00
Peter Steinberger
38593cc8fc fix: preserve beta verifier parse errors 
(cherry picked from commit 454f6ed402)
 2026-05-12 06:21:10 +01:00