harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
211 commits 1 branch 0 tags 7.8 MiB
Commit graph

26 commits

Author SHA1 Message Date
Argenis
b462fa010b
Merge pull request #222 from zeroclaw-labs/feat/issue-212-docker-runtime 
docs: update README to reflect Docker runtime is implemented
 2026-02-15 21:58:46 -05:00
Will Sarg
82ffb36f90
chore(ci): document and harden workflow pipeline (#241) 
* docs(ci): add CI workflow map and cross-links

* chore(ci): harden workflow determinism and safety

* chore(ci): address workflow review feedback

* style(ci): normalize workflow and ci-map formatting
 2026-02-15 20:42:47 -05:00
argenis de la rosa
915cde281d docs: add Buy Me a Coffee support section 2026-02-15 16:10:58 -05:00
argenis de la rosa
97460bd3b2 docs: update README to reflect Docker runtime is implemented 
The Docker runtime adapter was already fully implemented but the README
incorrectly listed it as "planned, not implemented yet". This updates:

1. Runtime support table to show Docker (sandboxed) as implemented
2. Runtime support section to list both native and docker as supported
3. Configuration section with full Docker runtime options

All 1082 tests pass, including 5 Docker-specific unit tests.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 15:53:35 -05:00
argenis de la rosa
21607a72fa docs: update ZeroClaw RAM spec to <5MB 2026-02-15 07:28:04 -05:00
argenis de la rosa
3c5166248a docs: add comprehensive benchmarks (NanoBot, PicoClaw, OpenClaw) 2026-02-15 07:12:15 -05:00
argenis de la rosa
fa5babb6a9 docs: update README with benchmarks, features, and specs comparison image 2026-02-15 06:58:30 -05:00
argenis de la rosa
acea042bdb feat: add AIEOS identity support and harden cron scheduler security 
- Add IdentityConfig with format=openclaw|aieos, aieos_path, and aieos_inline
- Implement AIEOS v1.1 JSON parser and system prompt injection
- Add build_system_prompt_with_identity() supporting both OpenClaw markdown and AIEOS JSON
- Harden cron scheduler with SecurityPolicy checks (command allowlist, forbidden path arguments)
- Skip retries on deterministic security policy violations
- Add comprehensive tests for AIEOS config and cron security edge cases
- Update README with AIEOS documentation and schema overview
- Add .dockerignore tests for build context security validation
 2026-02-14 13:26:08 -05:00
argenis de la rosa
cc08f4bfff feat: Add full WhatsApp Business Cloud API integration 
- Add WhatsApp channel module with Cloud API v18.0 support
- Implement webhook-based message reception and API sending
- Add allowlist for phone numbers (E.164 format or wildcard)
- Add WhatsApp webhook endpoints to gateway (/whatsapp GET/POST)
- Add WhatsApp config schema with TOML support
- Wire WhatsApp into channel factory, CLI, and doctor commands
- Add WhatsApp to setup wizard with connection testing
- Add comprehensive test coverage (47 channel tests + 9 URL decoding tests)
- Update README with detailed WhatsApp setup instructions
- Support text messages only, skip media/status updates
- Normalize phone numbers with + prefix
- Handle webhook verification with Meta challenge-response

All 756 tests pass. Ready for production use.
 2026-02-14 13:10:16 -05:00
argenis de la rosa
ec2d5cc93d feat: enhance agent personality, tool guidance, and memory hygiene 
- Expand communication style presets (professional, expressive, custom)
- Enrich SOUL.md with human-like tone and emoji-awareness guidance
- Add crash recovery and sub-task scoping guidance to AGENTS.md scaffold
- Add 'Use when / Don't use when' guidance to TOOLS.md and runtime prompts
- Implement memory hygiene system with configurable archiving and retention
- Add MemoryConfig options: hygiene_enabled, archive_after_days, purge_after_days, conversation_retention_days
- Archive old daily memory and session files to archive subdirectories
- Purge old archives and prune stale SQLite conversation rows
- Add comprehensive tests for new features
 2026-02-14 11:28:39 -05:00
Víctor R. Escobar
3162653695 chore: add pre-push hook enforcing fmt, clippy, and tests 
Adds .githooks/pre-push that runs cargo fmt --check, cargo clippy
-- -D warnings, and cargo test before every push. Enable with:

  git config core.hooksPath .githooks

Skip with git push --no-verify for rapid iteration.

Documented in README.md and CONTRIBUTING.md.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-14 14:07:37 +01:00
argenis de la rosa
ac540d2b63 docs: add benchmark snapshot and remove duplicate architecture image 2026-02-14 05:51:23 -05:00
argenis de la rosa
3d91c40970 refactor: simplify CLI commands and update architecture docs 
1. Simplify CLI:
   - Make 'onboard' quick setup default (remove --quick)
   - Add --interactive flag for full wizard
   - Make 'status' detailed by default (remove --verbose)
   - Remove 'tools list/test' and 'integrations list' commands
   - Add 'channel doctor' command
2. Update Docs:
   - Update architecture.svg with Channel allowlists, Browser allowlist, and latest stats
   - Update README.md with new command usage and browser/channel config details
3. Polish:
   - Browser tool integration
   - Channel allowlist logic (empty = deny all)
 2026-02-14 05:17:16 -05:00
argenis de la rosa
a74a774ad5 polish: wizard secure defaults, full summary, architecture SVG update 
Wizard:
- Default autonomy now Supervised + workspace_only=true (was Full + false)
- print_summary shows Tunnel, Composio, Secrets, Gateway status
- run_quick_setup shows Gateway, Tunnel, Composio in summary
- Quick setup next steps include gateway command
- Removed unused AutonomyLevel import

Architecture SVG:
- Sandbox section: 'Default: Supervised + workspace-only'
- Wizard section: 'Live connection testing | Secure defaults'
- Step 3: '7 channels + live test', Step 7: '8 workspace MD files'
- Wizard output summary line listing all 9 config areas
- Footer: 8 traits, 17,800+ lines, 0 clippy warnings

README:
- Config example clarifies supervised + workspace_only are defaults

1,017 tests, 0 clippy warnings, cargo fmt clean.
 2026-02-14 04:00:01 -05:00
argenis de la rosa
18582fe9c8 docs: lean README — remove redundant security layers, project tree, test coverage table (445→215 lines) 2026-02-14 03:45:37 -05:00
argenis de la rosa
12112772c5 docs: fix README stats — 8 traits, 9 subcommands, 17,800+ lines, 7 lib modules 2026-02-14 03:36:48 -05:00
argenis de la rosa
f8ea486210 docs: recreate architecture SVG — add memory engine, security layers, 7-step wizard, Composio, 1017 tests 2026-02-14 03:28:09 -05:00
argenis de la rosa
205307d8d5 docs: clean up README — add memory architecture table, trim Composio bloat, add --quick flag docs 2026-02-14 03:20:52 -05:00
argenis de la rosa
59bab7c554 docs: update README stats and project structure to include Composio and secrets 2026-02-14 02:50:49 -05:00
argenis de la rosa
f8befafe4d feat: add Composio tool provider + encrypted secret store + wizard integration 
- src/tools/composio.rs: ComposioTool implementing Tool trait
  - list/execute/connect actions via Composio API (1000+ OAuth apps)
  - 60s timeout, proper error handling, JSON schema for LLM
  - 12 tests covering schema, validation, serde, error paths

- src/security/secrets.rs: SecretStore for encrypted credential storage
  - XOR cipher with random 32-byte key stored in ~/.zeroclaw/.secret_key
  - enc: prefix for encrypted values, plaintext passthrough (backward compat)
  - Key file created with 0600 permissions (Unix)
  - 16 tests: roundtrip, unicode, long secrets, corrupt hex, permissions

- src/config/schema.rs: ComposioConfig + SecretsConfig structs
  - Composio: enabled (default: false), api_key, entity_id
  - Secrets: encrypt (default: true)
  - Both with serde(default) for backward compatibility
  - 8 new config tests

- src/onboard/wizard.rs: new Step 5 'Tool Mode & Security'
  - Sovereign (local only) vs Composio (managed OAuth) selection
  - Encrypted secret storage toggle (default: on)
  - 7-step wizard (was 6)

- src/tools/mod.rs: all_tools() now accepts optional composio_key
- src/agent/loop_.rs: wires Composio key from config into tool registry
- README.md: Composio integration + encrypted secrets documentation

1017 tests, 0 clippy warnings, cargo fmt clean.
 2026-02-14 02:41:29 -05:00
argenis de la rosa
0b5b49537a docs: comprehensive README rewrite — security checklist, gateway API, memory system, project structure 
Updated README to reflect current state of ZeroClaw:
- Test count: 943 (was 657)
- Binary size: ~3.4MB
- Security checklist table (all 4 items passing)
- Gateway hardening docs (pairing, random port, tunnel)
- Gateway API reference (/health, /pair, /webhook)
- Memory system docs (FTS5 + vector + hybrid merge)
- Full config example with [gateway] and [tunnel] sections
- Test coverage table by module
- Complete project structure (62 files, 16.5k lines)
- Commands table updated with gateway --port 0
- Contributing section updated with Tunnel + Skill entries
 2026-02-14 01:40:30 -05:00
argenis de la rosa
ad39c52965 docs: add architecture.jpeg diagram, update README reference 
- Add final architecture diagram (architecture.jpeg)
- Update README to reference architecture.jpeg instead of docs/architecture.svg
- Add .DS_Store to .gitignore

657 tests passing, 0 clippy warnings, cargo fmt clean
 2026-02-13 16:45:54 -05:00
argenis de la rosa
cc6fc6ce8d feat: BYOP provider + tunnel wizard + SVG architecture diagram 
Custom Provider (Bring Your Own):
- Add custom:URL format to provider factory (any OpenAI-compatible API)
- Works with LiteLLM, LocalAI, vLLM, text-generation-webui, LM Studio, etc.
- Example: default_provider = 'custom:http://localhost:1234'
- 4 new tests for custom provider (URL, localhost, no-key, empty-URL error)

Setup Wizard (6 steps, 5-year-old friendly):
- Add '🔧 Custom' tier to provider selection with guided BYOP flow
- Add Step 4: Tunnel setup (Cloudflare, Tailscale, ngrok, Custom, or skip)
- Emoji labels on all provider categories for visual clarity
- Renumber wizard to 6 steps (was 5)

Architecture Diagram:
- New SVG diagram at docs/architecture.svg (dark theme, color-coded)
- Shows: Chat Apps → Security → Agent Loop → AI Providers
- Shows: Tunnel layer, Sandbox, Context, Heartbeat/Cron
- Shows: Setup Wizard 6-step flow at bottom
- Replace ASCII art in README with SVG embed

657 tests passing, 0 clippy warnings, cargo fmt clean
 2026-02-13 16:32:27 -05:00
argenis de la rosa
390cbc0a6c feat: agnostic tunnel system — bring your own tunnel provider 
New Tunnel trait + 5 implementations:
- NoneTunnel: local-only, no external exposure (default)
- CloudflareTunnel: wraps cloudflared binary, extracts public URL
- TailscaleTunnel: tailscale serve (tailnet) or funnel (public)
- NgrokTunnel: wraps ngrok binary, supports custom domains
- CustomTunnel: user-provided command with {port}/{host} placeholders

Config schema:
- [tunnel] section with provider selector
- Provider-specific sub-configs: cloudflare, tailscale, ngrok, custom
- Backward compatible (serde default = "none")

Gateway integration:
- Tunnel starts automatically on 'zeroclaw gateway'
- Prints public URL on success, falls back to local on failure

20 new tests (factory, constructors, NoneTunnel async start/health)
649 tests passing, 0 clippy warnings, cargo fmt clean
 2026-02-13 16:25:01 -05:00
argenis de la rosa
a5887ad2dc docs+tests: architecture diagram, security docs, 75 new edge-case tests 
README:
- Add ASCII architecture flow diagram showing all layers
- Add Security Architecture section (Layer 1: Channel Auth,
  Layer 2: Rate Limiting, Layer 3: Tool Sandbox)
- Update test count to 629

New edge-case tests (75 new):
- SecurityPolicy: command injection (semicolon, backtick, dollar-paren,
  env prefix, newline), path traversal (encoded dots, double-dot in
  filename, null byte, symlink, tilde-ssh, /var/run), rate limiter
  boundaries (exactly-at, zero, high), autonomy+command combos,
  from_config fresh tracker
- Discord: exact match not substring, empty user ID, wildcard+specific,
  case sensitivity, base64 edge cases
- Slack: exact match, empty user ID, case sensitivity, wildcard combo
- Telegram: exact match, empty string, case sensitivity, wildcard combo
- Gateway: first-match-wins, empty value, colon in value, different
  headers, empty request, newline-only request
- Config schema: backward compat (Discord/Slack without allowed_users),
  TOML roundtrip, webhook secret presence/absence

629 tests passing, 0 clippy warnings
 2026-02-13 16:00:15 -05:00
argenis de la rosa
05cb353f7f feat: initial release — ZeroClaw v0.1.0 
- 22 AI providers (OpenRouter, Anthropic, OpenAI, Mistral, etc.)
- 7 channels (CLI, Telegram, Discord, Slack, iMessage, Matrix, Webhook)
- 5-step onboarding wizard with Project Context personalization
- OpenClaw-aligned system prompt (SOUL.md, IDENTITY.md, USER.md, AGENTS.md, etc.)
- SQLite memory backend with auto-save
- Skills system with on-demand loading
- Security: autonomy levels, command allowlists, cost limits
- 532 tests passing, 0 clippy warnings
 2026-02-13 12:19:14 -05:00