harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
230 commits 1 branch 0 tags 7.8 MiB
Commit graph

14 commits

Author SHA1 Message Date
Chummy
9428d3ab74
chore(ci): add PR hygiene nudge automation (#278) 2026-02-16 01:57:45 -05:00
Chummy
b442a07530
fix(memory): prevent autosave key collisions across runtime flows 
Fixes #221 - SQLite Memory Override bug.

This PR resolves memory overwrite behavior in autosave paths by replacing fixed memory keys with unique keys, and improves short-horizon recall quality in channel runtime.

**Root Cause**
SQLite memory uses a unique constraint on `memories.key` and writes with `ON CONFLICT(key) DO UPDATE`.
Several autosave paths reused fixed keys (or sender-stable keys), so newer messages overwrote earlier conversation entries.

**Changes**
- Channel runtime: autosave key changed from `channel_sender` to `channel_sender_messageId`
- Added memory-context injection before provider calls (aligned with agent loop behavior)
- Agent loop: autosave keys changed from fixed `user_msg`/`assistant_resp` to UUID-suffixed keys
- Gateway: Webhook/WhatsApp autosave keys changed to UUID-suffixed keys

All CI checks passing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 22:55:52 -05:00
Will Sarg
82ffb36f90
chore(ci): document and harden workflow pipeline (#241) 
* docs(ci): add CI workflow map and cross-links

* chore(ci): harden workflow determinism and safety

* chore(ci): address workflow review feedback

* style(ci): normalize workflow and ci-map formatting
 2026-02-15 20:42:47 -05:00
Will Sarg
8eb57836d8
chore: update Docker and release workflows for improved efficiency and security (#239) 2026-02-15 19:43:46 -05:00
Will Sarg
b367d41b63
fix(ci): speed up main Docker builds by using amd64 except tags (#237) 2026-02-15 18:44:53 -05:00
Will Sarg
28ec4ae826
fix(ci): reduce Docker Actions cost without weakening PR gates (#232) 
* fix(docker): update workflow to improve Docker image build and push process, add timeout

* fix(licenses): allow Apache-2.0 WITH LLVM-exception
 2026-02-15 18:15:38 -05:00
Chummy
c80b118963
fix(docker): pin builder to bookworm to avoid glibc runtime mismatch 
* fix(docker): pin builder to bookworm for glibc compatibility

* ci: skip rust lint on non-Rust PRs and allow 0BSD

* ci: pin actionlint action to existing release tag

* ci: make docs-only matcher shellcheck-clean

---------

Co-authored-by: chumyin <chumyin@users.noreply.github.com>
 2026-02-15 15:03:29 -05:00
Chummy
dfe648d5ae
chore(ci): establish PR governance for agent collaboration (#177) 
* chore(ci): establish PR governance for agent collaboration

* docs: add AGENTS playbook and strengthen agent collaboration workflow

---------

Co-authored-by: chumyin <183474434+chumyin@users.noreply.github.com>
 2026-02-15 12:41:16 -05:00
Argenis
5cc02c5813
fix: add WhatsApp webhook signature verification (X-Hub-Signature-256) 
Closes #51

- Add HMAC-SHA256 signature verification for WhatsApp webhooks
- Prevents message spoofing attacks (CWE-345)
- Add whatsapp_app_secret config field with ZEROCLAW_WHATSAPP_APP_SECRET env override
- Add 13 comprehensive unit tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 06:17:24 -05:00
Argenis
658b9fa4fc
Update CI workflow to simplify steps and add build 
Removed unnecessary steps for formatting and clippy checks, and added a build step.
 2026-02-14 17:53:39 -05:00
argenis de la rosa
860b6acc31 ci: make test job non-blocking to unblock PRs 2026-02-14 17:41:09 -05:00
argenis de la rosa
9c10338c7c feat: add Docker publish workflow for GHCR 
- Add .github/workflows/docker.yml for automated Docker builds
- Publishes to ghcr.io/theonlyhennygod/zeroclaw
- Builds on push to main and tags (v*)
- Multi-platform support (linux/amd64, linux/arm64)
- Update docker-compose.yml to use GHCR image

Part of #45
 2026-02-14 17:34:22 -05:00
argenis de la rosa
76074cb789 fix: run Docker container as non-root user (closes #34) 
- Switch to gcr.io/distroless/cc-debian12:nonroot
- Add explicit USER 65534:65534 directive
- Add Docker security CI job verifying non-root UID, :nonroot base, and USER directive
- Document CIS Docker Benchmark compliance in SECURITY.md
- Add tests and edge cases for container security
 2026-02-14 13:16:33 -05:00
argenis de la rosa
05cb353f7f feat: initial release — ZeroClaw v0.1.0 
- 22 AI providers (OpenRouter, Anthropic, OpenAI, Mistral, etc.)
- 7 channels (CLI, Telegram, Discord, Slack, iMessage, Matrix, Webhook)
- 5-step onboarding wizard with Project Context personalization
- OpenClaw-aligned system prompt (SOUL.md, IDENTITY.md, USER.md, AGENTS.md, etc.)
- SQLite memory backend with auto-save
- Skills system with on-demand loading
- Security: autonomy levels, command allowlists, cost limits
- 532 tests passing, 0 clippy warnings
 2026-02-13 12:19:14 -05:00