NemoClaw v0.0.57 is out

[cv]

NemoClaw v0.0.57 focuses on making sandbox state less surprising when hosts reboot, containers churn, policies change, and gateways drift. Status and connect paths are more careful about preserving registry state, Docker and gateway failure layers are more explicit, and shields-up hardening now keeps runtime paths usable while still locking down sensitive state.

This release also sharpens the operator loop for OpenClaw, Hermes, Slack, WhatsApp, Jira, and local inference. There are new host-side sessions and agents command groups, better validation before messaging channels are enabled, more visible WhatsApp and policy diagnostics, and a DGX Spark managed-vLLM profile that moves to NVIDIA's Qwen3.6-35B-A3B-NVFP4 setup with clearer download and readiness progress.

The maintenance work is broad too: per-agent documentation variants are now in place for OpenClaw and Hermes, newcomer contribution guidance is clearer, nightly E2E results can surface in Slack, and the test suite has more focused probes for strict tool calls, Docker recovery, sessions and agents, link checking, and other release-sensitive paths.

Sandbox, Security, and Network Stability

• #3785 makes blueprint rollback fail closed when a rollback plan lacks a verifiable sandbox name, preventing cleanup from falling back to the wrong sandbox.
• #4075 moves Claude Code egress out of permissive policies and into an explicit claude-code preset, so broad permissive mode no longer opens those endpoints unless the operator opts in.
• #4155 hardens shields-up state locking while keeping gateway and plugin state readable and agents/*/sessions writable, protecting secret-bearing state without breaking first launch.
• #4388 adds Docker daemon, sandbox container, and dashboard-port failure layers to sandbox status, so text and JSON status report the lower-level cause before probing inference.
• #4578 makes passive status non-destructive when a registered sandbox is temporarily missing from the live gateway, preserving post-reboot registry state for later reconciliation.
• #4600 stops a false Docker-unhealthy classification and adds a paused-container hint, reducing confusing status output when containers are recoverable.
• #4602 surfaces a gateway schema preflight on host-process gateway drift, making mismatched gateway state easier to diagnose before runtime actions depend on it.
• #4605 classifies Docker daemon outages separately from stuck-phase and connect timeouts, giving operators a direct root cause instead of a generic stall.
• #4608 gates host alias setup on Docker and VM drivers, keeping host alias mutation tied to the driver models that need it.
• #4645 binds gateway name, Docker-driver state directory, runtime marker, and compatibility container per gateway port, preventing a second sandbox from tearing down the first sandbox's gateway.
• #4646 skips stale k3s gateway container checks in Docker-driver doctor, keeping doctor output aligned with the active driver.
• #4647 preserves registry entries during stale-sandbox connect recovery, preventing recovery flows from erasing the local record too early.
• #4528 preserves direct-root nemoclaw-start behavior under CAP_DAC_OVERRIDE drops, keeping hardened startup paths working.

Onboarding and Recovery

• #4364 derives onboarding progress labels from FSM metadata, reducing drift between the actual state machine and the skip/resume banners users see.
• #4373 emits lifecycle events for fresh and resumed onboarding sessions, making the start of onboarding observable through the runtime boundary.
• #4374 emits machine events for resume conflicts, so conflict diagnostics are visible without changing the existing console behavior.
• #4267 adds an opt-in NEMOCLAW_AUTO_FIX_FIREWALL=1 path that can apply the UFW sandbox-bridge rule after the same reachability failure the preflight already explains.
• #4407 classifies Docker GPU patch Error-phase failures, improving diagnosis when GPU sandbox creation fails during the patch step.
• #4581 honors exit and quit at numbered onboarding menus, so the wizard cancels instead of silently accepting the default choice.
• #4601 reuses the containerized gateway and repairs routed provider reachability, improving Docker-driver onboarding when provider access must route through the gateway.
• #4609 gates host-network GPU local-inference reachability checks, so Docker GPU onboarding checks the right path before continuing.
• #4642 defers default-sandbox marking until policy presets are confirmed and rolls back a brand-new sandbox on cancellation, preventing a canceled onboarding run from leaving a default sandbox behind.
• #4661 preserves the effective policy preset selection across re-onboard, so user removals and restricted selections survive reuse and recreate flows.
• #4668 debounces transient Docker GPU supervisor reconnect Error phases, preventing healthy GPU sandboxes from failing during brief container churn while still fast-failing sustained errors.

Messaging and OpenClaw Runtime Controls

• #4577 makes channels add atomic when a policy preset is missing, so failed channel setup does not leave partial policy or provider state behind.
• #4582 validates Slack bot and app credentials before onboarding or channels add enables Slack, preventing invalid credentials from being saved as an active channel.
• #4606 installs tmux for the OpenClaw bundled tmux-session flow, keeping the bundled session workflow available inside the sandbox.
• #4607 renders a compact WhatsApp pairing QR and splits gateway diagnostics, making pairing easier to read and failures easier to separate.
• #4615 adds host-side nemoclaw <name> sessions and nemoclaw <name> agents subcommand groups, giving operators sandbox-first controls for listing, resetting, deleting sessions, and adding or deleting OpenClaw agents.
• #4653 adds NEMOCLAW_EXTRA_AGENTS_JSON, allowing operators to bake secondary OpenClaw agents into openclaw.json at onboard time while keeping main as the default agent.
• #4660 normalizes Slack runtime environment placeholders before OpenClaw starts, so OpenShell-resolved credentials remain compatible with Slack Bolt's token-shape checks.

Inference, Policies, and Provider Behavior

• #4163 replaces the vLLM Docker pull hard timeout with a progress-aware watchdog, allowing slow-but-active pulls to continue while still stopping stalled pulls.
• #4204 requests streaming usage for local Ollama, improving local-provider accounting behavior in streaming responses.
• #4569 allows uv in the PyPI policy preset, matching the tooling operators use for Python dependency workflows.
• #4579 makes Jira curl validation observable by switching to a body-visible Atlassian API probe, so network-policy approval has an unambiguous post-approval signal.
• #4611 stops a silent gateway inference revert, preserving the selected inference behavior instead of falling back without a visible signal.
• #4619 switches the DGX Spark managed-vLLM profile to NVIDIA's Qwen3.6-35B-A3B-NVFP4 checkpoint and the upstream vLLM nightly image needed for that setup, while leaving DGX Station and generic Linux profiles pinned to their existing image path.
• #4676 improves managed vLLM download and launch progress by streaming Hugging Face download output and waiting on /v1/models readiness with bounded probes and failure log tails.

Skills, Docs, and Contributor Experience

• #4169 adds Hermes troubleshooting guidance, covering API endpoint expectations, auth shape, sandbox-name conversion, provider auth methods, and common re-onboard surprises.
• #4618 refreshes the 0.0.56 release documentation, keeping release-history context current for readers moving through the docs.
• #4620 adds a newcomer contribution path to CONTRIBUTING.md, including contribution types, where to start, review expectations, and DCO sign-off guidance.
• #4625 syncs onboarding provider values in the docs, reducing mismatch between the wizard and the provider names readers see.
• #4632 adds per-agent documentation variants for OpenClaw and Hermes, including variant navigation, Hermes-focused pages, and generated NemoHermes command reference content.
• #4659 documents the hidden internal:* command family, making internal command behavior discoverable for maintainers without promoting it as normal user workflow.
• #4665 fixes broken documentation links, improving navigation through the Fern docs surface.
• #4677 polishes documentation style across the docs, making the user-facing material more consistent.
• #4678 clarifies install tag pinning, helping operators understand how the installer selects a release ref.

CI and Release Confidence

• #4308 sends nightly E2E scorecards to Slack with run-mode-aware routing, making scheduled and manual run health easier to scan.
• #4541 adds a strict tool-call probe E2E, increasing confidence that agent tool-call behavior stays within the expected contract.
• #4612 blocks newly added JavaScript files in CI, reinforcing the TypeScript-first direction of the CLI codebase.
• #4622 stubs Docker in follow-log tests, reducing environment coupling in CLI test coverage.
• #4640 skips the lifecycle-drive branch of TC-SBX-09 when a sandbox blocks tmux fork, keeping the E2E signal focused on actionable failures.
• #4650 stabilizes platform Vitest runs on main, improving baseline reliability for subsequent release checks.
• #4671 accepts non-root WhatsApp QR preload ownership in E2E, matching the runtime ownership seen in hardened sandbox paths.
• #4672 aligns the double-onboard stale-registry test with the non-destructive status behavior from #4578, keeping coverage consistent with the new recovery contract.
• #4688 resolves Fern routes in the link checker, making docs-link validation match the published route model.

Thank you

Thank you to external contributors @1PoPTRoN for #3785 and #4075, @latenighthackathon for #4169, and @arnavnagzirkar for #4620.

Full compare: v0.0.56...v0.0.57