NemoClaw v0.0.51

[ericksoa]

Tonight, NemoClaw v0.0.51 looks less like a single bright feature than a careful alignment of instruments. A system that lives between local machines, sandboxes, model servers, tunnels, and chat channels has many small uncertainties; this release spends its energy making those uncertainties observable, bounded, and kinder to the person at the terminal.

The most visible new star is Slack channel allowlisting in #1757. Slack now has a setup guide and can carry SLACK_ALLOWED_CHANNELS through onboarding into the sandbox image, so Socket Mode deployments can name the channels where an agent may speak instead of discovering, after launch, that every channel is dark. The same release gives tunnels a steadier orbit with Cloudflare named tunnel support in #4134 and adds sharper policy guidance for Jira validation in #4185.

On the onboard path, v0.0.51 is a study in making first contact with a machine more truthful. Docker daemon failures, exhausted dashboard ports, CDI GPU discovery, stale Ollama daemons, memory-sized starter models, DGX Spark and Station vLLM choices, and root-owned sandbox config directories now report and recover closer to the cause. These are not glamorous changes, but in a working system they are the difference between a mystery and a diagnosis.

Below the surface, the release continues the long architectural work of turning onboarding into smaller, testable machines. The final onboard shell refactors, public installer target-ref fixes, and reusable nightly E2E runner all point the same way: more evidence, fewer accidental assumptions, and a release train that can tell us where it is before we ask it to go farther.

Slack, Tunnels, and Policy

• #1757 Add Slack channel allowlisting
  Adds SLACK_ALLOWED_CHANNELS support alongside the existing Telegram allowlist path, bakes Slack channel IDs into openclaw.json at image build time, and adds a Slack Socket Mode setup guide covering token collection and channel allowlisting.
• #4134 Support Cloudflare named tunnels
  Adds CLOUDFLARE_TUNNEL_TOKEN support for nemoclaw tunnel start, passes the token through the environment instead of argv, and teaches URL detection to handle named tunnel hostnames as well as quick tunnel URLs.
• #4185 Clarify Jira policy validation
  Keeps the Jira preset scoped to Node while documenting the manual Node and curl probes needed to distinguish a blocked request from Atlassian's empty redirect behavior. This fixes #3758.
• #3451 Document routed provider keys
  Improves CLI documentation for routed provider key behavior so provider setup and recovery are easier to reason about.

Onboarding, Inference, and Resource Setup

• #3348 Add resource profiles and nemoclaw resources
  Adds a hardware inventory command, percentage-based resource profiles in the blueprint, and onboard-time resource selection that can apply CPU and memory limits when the installed OpenShell supports them.
• #2372 Detect unreachable Docker daemons in preflight
  Fixes #2348 by treating Docker's ServerErrors output as an explicit daemon-down signal instead of accepting a zero-value JSON response as "Docker is running."
• #4072 Poll openshell forward list for dashboard readiness
  Replaces a fragile background forward wait with detached launch plus live forward-list polling, safer cleanup, conflict diagnostics, and progress logging. This fixes dashboard-forward timeouts where the forward was healthy but the CLI process never returned cleanly.
• #4132 Pick Ollama starter models from available memory
  Routes model defaults, menu choices, explicit env-var selections, and recovered sessions through a memory-aware registry so hosts are not promoted into models that exceed currently available GPU memory. This fixes #4113.
• #4135 Add user-local Ollama install fallback
  Adds a sudo-free user-local Linux install mode for non-interactive Ollama onboarding, plus NEMOCLAW_OLLAMA_INSTALL_MODE to explicitly choose system or user install paths. This resolves #4114.
• #4186 Offer Ollama upgrades when the host version is too old
  Detects stale Ollama CLI binaries and running daemons, keeps install/upgrade as an explicit onboard option, pins successful upgrades back to loopback, and fails non-interactive validation cleanly instead of looping. This fixes #4178.
• #4205 Restore DGX Spark and Station vLLM menu entries
  Restores gpu.platform propagation after the onboard refactor so managed vLLM remains visible by default on DGX Spark and DGX Station.
• #3980 Fail fast when all dashboard ports are occupied
  Moves full dashboard port-range exhaustion detection into preflight, with per-port diagnostics and guidance to free a sandbox or choose a different control UI port. This fixes #3953.
• #3675 Scan default CDI directories for NVIDIA specs
  Keeps CDI GPU mode in the candidate list on Docker 29 hosts when Docker omits CDI directories from docker info but standard NVIDIA CDI specs exist on disk. This closes #3575.
• #4133 Harden onboard FSM follow-ups
  Keeps completion behind successful verification, hardens extracted onboarding helpers, handles credential rotation edge cases, and prevents stale Model Router PID reuse from killing unrelated processes.
• #4183 Normalize plugin build-context permissions
  Ensures the staged nemoclaw/ subtree is readable inside Docker build contexts so restrictive host checkout modes cannot make /opt/nemoclaw/package.json unreadable in the sandbox. This fixes #4177.
• #4199 Preserve root-owned sandbox config sync directories
  Keeps owner-only config hardening while skipping directory chmod on root-owned sandbox config directories, restoring the step-7 OpenClaw setup path without weakening config.json permissions.

Sandbox, Security, and Runtime Health

• #4054 Enforce owner-only config permissions
  Tightens ~/.nemoclaw directories and config files to owner-only permissions across local adapter state, sandbox sync, and Model Router state. This closes #4009.
• #4180 Align Docker health with OpenShell-managed runtimes
  Adds a layered Docker HEALTHCHECK fallback for runtimes where the dashboard port is reachable through the OpenShell delivery chain but not from the container network namespace, and surfaces Docker health in nemoclaw status. This fixes #3975.
• #4130 Auto-unlock shields during rebuild
  Temporarily lowers shields before rebuild backup when protected state would block the operation, skips the internal auto-restore timer, and re-applies shields after sandbox recreation and state restore. This fixes #3113.
• #4149 Apply --tail once to merged logs
  Merges log sources first and then applies --tail, so nemoclaw <sandbox> logs --tail N returns at most N lines instead of 2N. This fixes #4100.
• #4168 Tolerate per-directory find failures in pre-backup audit
  Makes state backup auditing more resilient when one directory cannot be traversed cleanly.
• #4150 Retry gosu release downloads
  Adds retry behavior around gosu release download so sandbox image builds are less brittle under transient network failures.
• #3890 Explain restricted dmesg output
  Improves debug output when kernel log access is restricted, helping users distinguish permissions from missing signal.
• #3447 Point OpenShell commands to openshell
  Aligns CLI OpenShell command invocation with the current executable name.

Onboard Architecture and CLI Maintainability

• #3873 Extract the onboard agent setup handler
  Moves agent setup behavior out of the main onboard entrypoint so future agent changes can be tested and reviewed in a narrower surface.
• #3874 Extract the onboard policies handler
  Separates policy handling from the onboard shell and makes policy setup less entangled with unrelated steps.
• #3876 Extract the onboard finalization handler
  Moves final verification and completion behavior into a dedicated handler.
• #3879 Route agent setup session writes through context
  Keeps agent setup session state updates flowing through the onboard context instead of scattered writes.
• #3882 Emit resume skip repair events
  Adds clearer eventing when resume logic skips repair steps, improving observability during partial-onboard recovery.
• #3883 Route final machine transitions
  Moves final state transitions through the extracted onboard machinery.
• #3919 Reduce the onboard shell implementation
  Continues the large onboard shell extraction, removing more than a thousand lines from the central onboard entrypoint and leaving smaller helpers in its place.
• #2824 Add explicit Docker helper return types
  Tightens helper contracts in Docker-related code.
• #4162 Review localized patches at source
  Improves review-advisor behavior by evaluating localized patches where they originate.
• #3284 Remove local OpenClaw examples
  Cleans stale local OpenClaw examples from the docs and source tree.

CI, E2E, and Release Confidence

• #4151 Reuse a nightly E2E script runner workflow
  Adds a reusable E2E script-runner workflow and composite action, then migrates 34 simple nightly jobs onto the shared path with standardized environment, secret, and artifact wiring.
• #4214 Install the target ref in public onboard E2Es
  Passes target_ref || github.sha through the public installer path and TUI correlation wrapper, with validation so workflow-dispatched E2Es cannot silently install main while testing another ref.
• #4119 Record the release blocker validation run
  Captures the release-blocker validation work that guarded this train.
• #4123 Cover agent setup session boundaries
  Adds tests for the session boundaries introduced by the extracted agent setup flow.
• #4136 Repair nightly GPU proof validation
  Restores the nightly validation signal for GPU proof coverage.
• #4137 and #4141 Stabilize WSL platform fixtures
  Makes WSL platform vitest fixtures more reliable and keeps the WSL gitconfig fixture suite scoped.
• #1800 Add coverage for runner.js and credentials.js
  Broadens test coverage around runner and credential handling code.
• #4138 Catch scanner source-shape assertions
  Adds scanner test coverage for source-shape assumptions.
• #4152, #4153, #4154, #4157, #4158, and #4173 Classify and retry known E2E flakes
  Improves handling for inference switch verification, Kimi trajectory acceptance, quick tunnel flakes, skill-agent model flakes, Hermes live switch timeouts, and OpenClaw live switch timeouts.
• #4196 Update the cloudflared tunnel pin
  Refreshes the E2E cloudflared tunnel pin used by tunnel validation.
• #3955 Bump CodeQL action
  Updates github/codeql-action from 4.35.4 to 4.35.5.
• 4fce71d Stabilize platform vitest main checks
  Adds a direct main-line test stabilization commit ahead of the release ref.