harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
186 commits 1 branch 0 tags 7.8 MiB
Commit graph

10 commits

Author SHA1 Message Date
Will Sarg
b367d41b63
fix(ci): speed up main Docker builds by using amd64 except tags (#237) 2026-02-15 18:44:53 -05:00
Will Sarg
28ec4ae826
fix(ci): reduce Docker Actions cost without weakening PR gates (#232) 
* fix(docker): update workflow to improve Docker image build and push process, add timeout

* fix(licenses): allow Apache-2.0 WITH LLVM-exception
 2026-02-15 18:15:38 -05:00
Chummy
c80b118963
fix(docker): pin builder to bookworm to avoid glibc runtime mismatch 
* fix(docker): pin builder to bookworm for glibc compatibility

* ci: skip rust lint on non-Rust PRs and allow 0BSD

* ci: pin actionlint action to existing release tag

* ci: make docs-only matcher shellcheck-clean

---------

Co-authored-by: chumyin <chumyin@users.noreply.github.com>
 2026-02-15 15:03:29 -05:00
Chummy
dfe648d5ae
chore(ci): establish PR governance for agent collaboration (#177) 
* chore(ci): establish PR governance for agent collaboration

* docs: add AGENTS playbook and strengthen agent collaboration workflow

---------

Co-authored-by: chumyin <183474434+chumyin@users.noreply.github.com>
 2026-02-15 12:41:16 -05:00
Argenis
5cc02c5813
fix: add WhatsApp webhook signature verification (X-Hub-Signature-256) 
Closes #51

- Add HMAC-SHA256 signature verification for WhatsApp webhooks
- Prevents message spoofing attacks (CWE-345)
- Add whatsapp_app_secret config field with ZEROCLAW_WHATSAPP_APP_SECRET env override
- Add 13 comprehensive unit tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 06:17:24 -05:00
Argenis
658b9fa4fc
Update CI workflow to simplify steps and add build 
Removed unnecessary steps for formatting and clippy checks, and added a build step.
 2026-02-14 17:53:39 -05:00
argenis de la rosa
860b6acc31 ci: make test job non-blocking to unblock PRs 2026-02-14 17:41:09 -05:00
argenis de la rosa
9c10338c7c feat: add Docker publish workflow for GHCR 
- Add .github/workflows/docker.yml for automated Docker builds
- Publishes to ghcr.io/theonlyhennygod/zeroclaw
- Builds on push to main and tags (v*)
- Multi-platform support (linux/amd64, linux/arm64)
- Update docker-compose.yml to use GHCR image

Part of #45
 2026-02-14 17:34:22 -05:00
argenis de la rosa
76074cb789 fix: run Docker container as non-root user (closes #34) 
- Switch to gcr.io/distroless/cc-debian12:nonroot
- Add explicit USER 65534:65534 directive
- Add Docker security CI job verifying non-root UID, :nonroot base, and USER directive
- Document CIS Docker Benchmark compliance in SECURITY.md
- Add tests and edge cases for container security
 2026-02-14 13:16:33 -05:00
argenis de la rosa
05cb353f7f feat: initial release — ZeroClaw v0.1.0 
- 22 AI providers (OpenRouter, Anthropic, OpenAI, Mistral, etc.)
- 7 channels (CLI, Telegram, Discord, Slack, iMessage, Matrix, Webhook)
- 5-step onboarding wizard with Project Context personalization
- OpenClaw-aligned system prompt (SOUL.md, IDENTITY.md, USER.md, AGENTS.md, etc.)
- SQLite memory backend with auto-save
- Skills system with on-demand loading
- Security: autonomy levels, command allowlists, cost limits
- 532 tests passing, 0 clippy warnings
 2026-02-13 12:19:14 -05:00