harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
741 commits 1 branch 0 tags 7.8 MiB
Commit graph

5 commits

Author SHA1 Message Date
fettpl
2ecfcb9072
ci: add explicit advisory severity thresholds to deny.toml (#393) 
* ci: add explicit advisory severity thresholds to deny.toml

- Set vulnerability = "deny" to fail CI on known vulnerabilities
- Set unmaintained = "warn" (changed from "workspace" for clarity)
- Set notice = "warn" to surface informational advisories
- Keep yanked = "warn" as before

This improves signal-to-noise by ensuring genuine vulnerabilities
block CI while less critical advisories are surfaced as warnings.

Closes #363

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: use valid cargo-deny v2 schema values for advisories

In v2, vulnerability/notice fields are removed (always error).
- unmaintained: change "workspace" → "all" (check all deps, not just direct)
- yanked: change "warn" → "deny" (fail CI on yanked crates)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(deny): ignore RUSTSEC-2025-0141 bincode unmaintained advisory

bincode v2.0.1 is a transitive dependency via probe-rs that we cannot
easily replace. The advisory notes the project considers v1.3.3 complete.
Adding to ignore list so unmaintained="all" check passes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 15:14:41 -05:00
Will Sarg
28ec4ae826
fix(ci): reduce Docker Actions cost without weakening PR gates (#232) 
* fix(docker): update workflow to improve Docker image build and push process, add timeout

* fix(licenses): allow Apache-2.0 WITH LLVM-exception
 2026-02-15 18:15:38 -05:00
Chummy
c80b118963
fix(docker): pin builder to bookworm to avoid glibc runtime mismatch 
* fix(docker): pin builder to bookworm for glibc compatibility

* ci: skip rust lint on non-Rust PRs and allow 0BSD

* ci: pin actionlint action to existing release tag

* ci: make docs-only matcher shellcheck-clean

---------

Co-authored-by: chumyin <chumyin@users.noreply.github.com>
 2026-02-15 15:03:29 -05:00
argenis de la rosa
4fceba0740 fix: CI failures — update deny.toml for cargo-deny v2, fix clippy derivable_impls 
- deny.toml: remove deprecated fields (vulnerability, notice, unlicensed, copyleft)
  that were removed in cargo-deny v2. Add CDLA-Permissive-2.0 for webpki-roots.
- security/policy.rs: replace manual Default impl for AutonomyLevel with
  #[derive(Default)] + #[default] attribute (clippy::derivable_impls on Rust 1.93)

657 tests passing, 0 clippy warnings (Rust 1.93.1), cargo-deny clean
 2026-02-13 17:09:22 -05:00
argenis de la rosa
05cb353f7f feat: initial release — ZeroClaw v0.1.0 
- 22 AI providers (OpenRouter, Anthropic, OpenAI, Mistral, etc.)
- 7 channels (CLI, Telegram, Discord, Slack, iMessage, Matrix, Webhook)
- 5-step onboarding wizard with Project Context personalization
- OpenClaw-aligned system prompt (SOUL.md, IDENTITY.md, USER.md, AGENTS.md, etc.)
- SQLite memory backend with auto-save
- Skills system with on-demand loading
- Security: autonomy levels, command allowlists, cost limits
- 532 tests passing, 0 clippy warnings
 2026-02-13 12:19:14 -05:00