Verification: CI and CodeQL passed on the release commit.
Added
- Added typed, durable, proposal-only root-cause cluster assessments to reviews, with strict same-repository canonical-item validation and no repair dispatch, job suppression, sibling mutation, close, or merge behavior.
- Added a fail-closed
CLAWSWEEPER_CODEX_LOGIN_METHOD=chatgptoverride for local Codex OAuth runs while retaining API authentication by default. Thanks @anagnorisis2peripeteia. - Added repair-only PR intake that scans an author's open pull requests for actionable failures and creates durable PR-repair jobs. Thanks @Jhacarreiro.
- Added automatic issue-build lifecycle comments and dashboard cards with issue titles, queued/planning/building/completed/blocked history, live worker links, Actions runs, and generated PR drill-down.
- Show issue and pull request titles alongside target numbers on active dashboard worker cards and worker detail links.
- Added comprehensive documentation for steerable repair automation, covering issue-to-PR and PR-repair intake, GitCrawl Actions consumption, deduplication, opt-out labels, GitHub App token boundaries, durable Codex thread resumption, CrabFleet steering, worker budgets, completion gates, dashboards, and failure recovery.
- Added steerable, resumable Codex app-server sessions for repair GitHub Actions, with CrabFleet terminal attach, durable thread restoration across planning/execution runners, work-state heartbeats, and deterministic completion reporting.
- Added explicit issue-to-PR and PR-repair worker categories to the live dashboard, plus direct live-terminal fleet access and issue/PR-aware drill-down links.
- Added organization-member issue implementation commands while keeping automatic issue pickup behind a new default-off master gate and honoring
clawsweeper:human-revieworclawsweeper:manual-onlybefore branch pushes and PR creation. - Doubled the global worker budget to 64 and the imported GitCrawl cluster-repair lane to 2 while preserving proportional interactive and expansion reserves.
- Added a live fleet overview and per-worker dashboard drill-down with actual GitHub Actions job identity, current step, progress, target, lane, elapsed time, and full step timeline.
- Added coverage-proof gating before duplicate or superseded PR close proposals, so ClawSweeper verifies a covering PR really subsumes the source before closing it. Thanks @jesse-merhi.
- Added proof nudge reminders that periodically prompt PR authors to attach real behavior proof before review or merge automation can progress. Thanks @brokemac79.
- Added richer related issue context in review prompts from linked PRs, local reports, gitcrawl clusters, and exact-event GitHub issue search. Thanks @brokemac79.
- Added the first Cloudflare live dashboard for ClawSweeper observability, with
active worker counts, pipeline rows, CI state, automerge timing, and optional
signed status-event ingest. - Added a live-dashboard panel for the latest closed issues and pull requests
across configured target repositories. - Added 24-hour ClawSweeper-owned close stats to the live dashboard.
- Added a live-dashboard CI refresher workflow that posts target pull request
check summaries into Worker storage, so active rows can show stored PR check
state without slow browser-time GitHub fanout. - Added Cloudflare GitHub App webhook intake for eligible
openclaw/*andsteipete/*issue, pull request, and maintainer comment events so target repos can dispatch exact ClawSweeper runs without waiting for scheduled scans. - Fixed automerge repair evidence so third-party check detail URLs are summarized without tripping ClawSweeper's strict GitHub-only evidence validator.
- Added a read-only live triage dashboard for ClawSweeper advisory-label views, focused issue queues, and linked pull request visibility. Thanks @brokemac79.
- Added a canonical repair
job_intentcontract and orchestration docs so
automerge, issue implementation, commit finding, low-signal cleanup, and
ordinary repair jobs share one routing surface. - Added an audit-only spam scanner lane for new GitHub issue comments and PR
review comments. It uses deterministic prefilters plus the internal model to
write durable spam audit records without blocking users or mutating
repositories. - Added a light privacy reminder and stronger screenshot-or-video nudge to real behavior proof review guidance.
- Added agent-led real behavior proof judgement so ClawSweeper can inspect linked screenshots, videos, logs, and terminal output with a read-only GitHub token, explain the proof verdict in the review comment, tell contributors how to trigger a fresh review after adding proof, and sync
proof: sufficientwhen the evidence is convincing. - Added a durable review-context budget ledger to generated reports so prompt section sizes, hydrated counts, and truncation state are visible after each run, thanks @stainlu.
- Added a real behavior proof assessment to PR reviews so missing, mock-only, or insufficient contributor proof blocks pass/automerge markers and asks for screenshots, terminal output, redacted logs, recordings, linked artifacts, or copied live output instead.
- Added advisory issue labels for reproduction, linked-PR, work-lane,
missing-info, product-decision, and security-review routing states, projected
from existing review report fields without changing repair, merge, or close
behavior. Label-only syncs now recordlabels_synced_atso scheduler cadence
ignores ClawSweeper-owned labelupdated_atchurn. Thanks @brokemac79. - Added
config/automation-limits.jsonplus docs and a drift check so review,
commit-review, repair, and issue-implementation capacity defaults have one
checked-in source of truth. - Replaced per-lane capacity config with a single
workers.maxbudget and
dynamic background lane scheduling. - Added generated coding-plan artifacts for fresh
queue_fix_prwork candidates
and linked them from the dashboard work-candidate tables. Thanks @FerFroid. - Added a generated 1200x630 social preview card plus large-image Open Graph and
Twitter metadata for the docs site. - Added target fanout so ClawSweeper can dispatch conservative scheduled review and audit batches across eligible
openclaw/*andsteipete/*repositories. - Added a PR-only low-signal close reason so ClawSweeper can automatically close net-negative branches whose useful part is tiny but whose diff is mostly unrelated or unmergeable churn.
- Added current-main issue close policy for configured OpenClaw targets, so reviews can close issues that are proven fixed on
maineven before a release ships. - Added stronger ClawSweeper storm controls: exact event reviews now get job-level per-item cancellation, GitHub activity coalesces more aggressively, noncritical intake skips when GitHub core quota is low, hot target fanout is lower, and state hydration avoids partial-clone checkout auth failures by default.
Changed
- Removed the unsupported ephemeral-session flag from repair Codex subprocess invocations. Thanks @Jhacarreiro.
- Enabled automatic implementation plus bounded durable-report backfill for eligible open issues; general viable implementation remains limited to public sibling repositories, while separately gated strict-bug and vision-fit lanes can backfill
openclaw/openclaw. Codex discovers viable implementation and validation strategy, while deterministic security, opt-out, source-state, quota, report-revision receipt, queued-job, and PR/cluster deduplication gates remain. - Increased quiet scheduled review capacity from 48 to 64 workers, switched scheduled backfill to three-item shards to reduce setup and tail-idle overhead, and made seven-day review freshness an explicit scheduler priority.
- Doubled the global Codex worker budget to 128 with proportional reserves, added job-level dashboard error and recovery rates, and moved the bounded failed-review retry backstop to hourly.
- Raised the shared Codex worker budget from 24 to 32, tripling quiet scheduled normal-review capacity from 4 to 12 shards while preserving interactive and matrix-expansion reserves, and synchronized live-dashboard budget reporting.
- Automatically dispatch high-confidence
queue_fix_prissue reviews outsideopenclaw/openclawandopenclaw/clawhubinto the existing implementation worker, then opt generated PRs into a bounded review/autofix/re-review loop that stops clean and leaves them open for maintainer merge. Retryable Codex worker failures now requeue through the bounded repair self-heal path. - Install the latest Codex CLI for every worker run and keep the actual model name in the
CLAWSWEEPER_MODELGitHub Actions secret, exposing only theinternalalias in workflows, reports, and comments. - Removed PR egg hatching, including the
@clawsweeper hatchcommand, hatch dispatch path, generated PR egg comments, andassets/pr-eggspublishing (#210). Thanks @vincentkoc.
Fixed
- Included the shared Codex spawn helper in repair comment-router sparse checkouts, restoring repair builds in that workflow. Thanks @849261680.
- Rendered Mantis proof suggestions as complete copyable PR comments inside fenced text blocks without triggering the suggested command. Thanks @hxy91819.
- Added a cancellation-safe four-slot exact-review semaphore, replacing the proposed state-repository lease with deterministic live Actions ranking. Thanks @hxy91819.
- Made every Codex subprocess honor
CODEX_BIN, safely launch npm-installedcodex.cmdwrappers on native Windows, and terminate their process trees on timeout. Thanks @anagnorisis2peripeteia. - Reserved the full bounded media preprocessing allowance for exact-event review deadlines and command-dispatch fallbacks, including media discovered only after comment hydration.
- Keep generated implementation PR bodies and terminal issue comments concise, avoid stale blocked states while PR checks are pending, and stop adding ClawSweeper itself as a commit co-author.
- Prevented trusted ClawSweeper command status comments from re-entering GitHub activity handling and churning review automation. Thanks @ooiuuii.
- Routed proof-sufficient security reviews that recommend maintainer risk acceptance to maintainer review instead of waiting on the contributor. Thanks @brokemac79.
- Prevented automatic issue backfill from spending Codex workers on reports explicitly blocked by product-decision, no-new-fix-PR, or maintainer-review signals.
- Kept issue-generated PRs out of automerge, migrated their labels to
clawsweeper:autofix, and made clean exact-head autofix reviews wait for required checks to appear, settle green, and reach GitHub merge-state readiness before removing the repair-loop label instead of repeating blocked merge attempts. - Correlated active issue-build workers by workflow run when GitHub job titles omit the target, preserved source issue titles and generated PR links across repair lifecycle events, and stopped generic repository repairs from requiring a nonexistent
pnpm check:changedscript. - Persisted dashboard lifecycle events in a globally consistent Cloudflare Durable Object so automatic issue-build cards remain visible across edge locations, and accepted Ansible plus repository-local shell-script validation commands without permitting inline shell execution.
- Prevented ClawSweeper-owned advisory labels from invalidating queued issue implementation source revisions, and accepted quoted arguments plus common validation toolchains while blocking shell/eval runners and removing GitHub write credentials from target validation.
- Compacted completed ClawSweeper-generated replacement branches to one reviewed commit before publication, removing transient checkpoint and review-repair noise while preserving contributor branch history.
- Skip optional ClawSweeper label additions when an issue or pull request already has GitHub's 100-label maximum, so one saturated item cannot abort a comment-sync batch.
- Served stale dashboard status immediately while coalescing a background refresh, bounded job-detail fanout, and cached and parallelized historical GitHub lookups to reduce cold-load latency, diagnostic timeouts, and API usage.
- Recover transport-exhausted reviews with one bounded lower-effort fallback while preserving the original failure classification when recovery also fails. Thanks @yetval. (#283)
- Preserved records written by concurrent workers during generated-state publish races while retaining deliberate item-to-closed moves and plan cleanup.
- Raised and unified Codex review timeouts at 20 minutes, including exact event reviews, so high-context reviews do not fall back at the previous 10-minute ceiling.
- Scale pull request review timeouts across webhook, command, and post-repair dispatches for large diffs and video proofs while preserving the configured Codex timeout as a floor and budgeting media preprocessing separately. Thanks @TurboTheTurtle.
- Treat failed Codex reviews as infrastructure failures, suppress readiness verdicts, and remove stale PR rating labels until a fresh review completes. Thanks @SYU8384.
- Deferred workflow utility CLI execution until module initialization completes, preventing apply preselection from crashing on close-action constants.
- Prevented verbose Codex review and repair subprocess output from overflowing memory, retained capped durable logs and bounded redacted diagnostic tails, stopped retrying terminal model-access failures, and pinned the CLI/proxy pair to compatible version 0.139.0. Thanks @fuller-stack-dev.
- Hydrated generated pull request review findings into automerge repair jobs instead of routing repairs through the original issue-only artifact.
- Rechecked stale active worker state and durably retried pending repair dispatches instead of leaving review-fix loops waiting after a worker finishes.
- Released automerge repair workers immediately when an exact-head ClawSweeper review requests another repair, allowing the router to dispatch the next Codex worker without waiting for the shepherd timeout.
- Limited issue implementation intake and repair worker state hydration to required records, jobs, and results, avoiding unrelated generated state and proof assets.
- Fixed the GitHub activity bridge's spam-comment dispatch shell block so ordinary activity events continue into normal processing.
- Prevented an older failed re-review command from starting another Codex review after the same requester submitted a newer re-review for the item.
- Retried transient Codex review failures in fresh bounded sessions and redacted the internal model identifier from review failures and debug artifacts.
- Kept sparse repair workflows building after the shared Codex transient helper moved outside the repair subtree.
- Kept ordinary auth-provider and token terminology from being misclassified as a security-sensitive issue implementation blocker.
- Fixed issue implementation duplicate-PR searches to use GitHub's GET endpoint, restoring automatic and explicit issue-build intake.
- Allowed viable issue implementation intake to treat merged or closed pull requests as historical context while retaining live blockers for open matching and generated pull requests.
- Made generated-state checkouts shallow by default so publish, audit, and apply jobs do not download the multi-gigabyte state history before their existing fetch/rebase retry loop.
- Added merged PRs that reference an issue to issue review context when GitHub has no formal closing link, so implemented-on-main decisions can see relevant fix provenance. Thanks @openperf.
- Skipped open-but-locked repair apply targets before close or merge mutations and converted GitHub locked-conversation write denials into terminal skipped records. Thanks @AsishKumarDalal.
- Kept stale queued workflow ghosts out of commit-review capacity probes after GitHub refuses to cancel old queued runs.
- Required OpenClaw config-surface changes to pause automerge for maintainer review instead of emitting pass markers, with durable config-surface report metadata. Thanks @osolmaz.
- Disabled automatic push-triggered commit review while keeping manual commit-review workflow dispatch available.
- Treated target
AGENTS.mdfiles as optional repository-authored review policy
in item and commit review prompts while preserving ClawSweeper repository
profile and fallback behavior (#185, building on #173). Thanks @Takhoffman. - Reduced spam-scanner false positives on legitimate technical GitHub comments by teaching the audit model that on-topic repros, patches, logs, tests, measurements, and migration reports are expected project participation, not spam.
- Allowed verified
implemented_on_mainclose proposals to close
maintainer-authored ormaintainer-labeled items automatically, while keeping
other protected-label and non-fixed maintainer closes blocked. - Retried legacy
skipped_maintainer_authoredandskipped_invalid_decision
reports when they are now verifiedimplemented_on_mainclose candidates. - Retried older
kept_openclose reports and cleared linked-PR issue blockers
after ClawSweeper closes the linked PR earlier in the same apply run. - Closed live no-diff pull requests as duplicate/superseded during apply and
let same-author PR/issue close pairs finish together when both sides already
have closeable reports. - Promoted old F-rated stale PRs, recommended
pause_or_closePRs, and PRs
superseded by linked pull requests into duplicate/superseded apply closes when
no human has responded after the durable review. - Archived live-closed skipped apply records from
items/during apply so the
open-state dashboard sheds stale records faster. - Kept stale GitHub Actions queued ghosts out of the live dashboard capacity and pipeline counts after GitHub leaves old queued runs around for hours.
- Kept event apply runs from failing when GitHub rejects ClawSweeper advisory label sync with a 401; the item is now recorded as kept open for a later retry instead of crashing the workflow.
- Restored UTF-8 emoji labels on the live dashboard after mojibake slipped into the Worker HTML template.
- Sanitized non-
github.comURLs out of repair workerresult.jsonevidence (includingactions[].evidence,needs_human, and everymerge_preflightevidence list) before review so deploy-preview and other external links no longer trip theevidence contains non-GitHub external URLdeterministic gate; deterministic automerge results, dry-run/blocked fallbacks, the Codex-written result, the result-repair retry, and synthetic commit-finding-intake results all share a singlesrc/repair/url-safety.tsallow-list. The intake also rejects dispatchedreport_urloverrides that are not ongithub.comand falls back to the canonical report path. - Kept scheduled target fanout covering public
steipete/*repositories when the ClawSweeper GitHub App is not installed for that owner. - Reduced the shared Codex worker budget from 72 to 57 so background review, commit-review, repair, and issue-implementation lanes run about 20% fewer parallel workers.
- Clarified re-review guidance so PR/issue authors and users with repository write access can request a fresh read-only review without a maintainer relay.
- Mirrored ClawSweeper repair publish events into the live dashboard ingest so the Recent Activity panel shows fleet signals.
- Filled the live dashboard Recent Activity panel from recent ClawSweeper closes when no explicit activity events have arrived yet.
- Deduped live-dashboard PR close activity across explicit
/issues/events and backfilled/pull/rows. - Kept live-dashboard worker pressure focused on ClawSweeper worker runs by separating support workflows such as GitHub activity, spam intake, dashboard CI, CI, and CodeQL.
- Fetched live-dashboard closed-item pages concurrently so the ClawSweeper close stats do not time out and render as zero during busy periods.
- Coalesced duplicate spam comment intake deliveries by target comment so noisy edited-comment bursts stop wasting runner slots.
- Required exact trusted-bot login matches before allowing comment-router mutation actions.
- Limited
/autocloselinked-target expansion to same-repo items explicitly referenced in the maintainer command text. - Restored target checkout file modes after read-only review runs and kept
.gitmetadata writable for local Git inspection. - Counted unverified local-checkout apply records against the apply processed limit so one stale report cannot be retried forever while later records still mutate.
- Ignored stale queued repair workflow runs when reserving live worker capacity, so abandoned Actions queue entries no longer block automerge repair dispatches.
- Kept active automerge opt-ins moving through canonical no-finding human-review pauses instead of requiring a second maintainer approval.
- Retried sweep target repository checkouts without cached Git references when
a stale partial-clone cache breaks shard startup. - Reduced the shared Codex worker budget by 10% so review, commit-review,
repair, automerge, issue-implementation, and dashboard utilization lanes use
lower default fan-out. - Cleared ClawSweeper-owned
eyesreactions from target issues and pull
requests when event reviews complete, while preserving user reactions. Thanks
@samzong. - Kept event re-review progress updates scoped to ClawSweeper-owned status
comments, so empty command markers cannot cause unrelated human comments to be
edited. Thanks @hxy91819. - Added live spam comment intake for GitHub activity events so deterministic
spam candidates dispatch exact comment scans immediately instead of waiting
for the hourly audit sweep. - Counted both trusted ClawSweeper bot logins in live-dashboard close stats.
- Counted active live-dashboard workflow runs from GitHub status-filtered Actions pages so older in-progress reviews are not hidden by newer completed runs.
- Reworked live-dashboard tables into compact linked rows so pipeline run links,
CI state, and side-panel items fit without cramped columns. - Replaced the state-repository PAT dependency with a short-lived GitHub App token for ClawSweeper state checkouts and publishes, so rotated PATs no longer break
openclaw/clawsweeper-stateaccess. - Clarified uneditable source PR replacement comments and PR bodies so they state
the push-rights blocker, explain why source PRs are closed after a replacement
opens, and show preserved co-author credit. - Kept the live dashboard's playful icon treatment while tightening the pipeline
grid so long commit-review SHAs no longer overlap the automerge/status rail. - Replaced
ci unknownon active live-dashboard rows with immediate workflow
run health and stored target-check badges when the CI refresher has published
pull request status. - Enabled a bounded live PR-check fallback for the first visible dashboard rows
so CI badges still show target checks when KV is absent or cache locality
hides a posted status event, while preserving workflow status if GitHub
rejects the live enrichment request. - Tightened the live dashboard desktop layout so the pipeline table scrolls
inside its lane instead of colliding with the side panels, with compact mode
labels for dense worker rows. - Stopped browser-caching the live dashboard HTML shell so UI fixes appear
immediately after Worker deploys. - Served the last good live dashboard snapshot from a longer edge cache when
GitHub rate limits transient live refreshes, avoiding zeroed-out status pages. - Kept the live dashboard stable during refreshes by caching status snapshots at
the edge, retaining the last good browser snapshot, and reducing rate-prone
GitHub detail calls so transient 403s no longer blank the pipeline. - Cleared stale
clawsweeper:human-reviewandclawsweeper:merge-readypause labels when a later exact-head trusted pass arrives for an automerge PR, so transient cancelled reviews no longer strand maintainer opt-ins. - Tightened spam scanner prefilters so GitHub context links, contributor proof
comments, and ordinary external evidence/log links do not trigger audit
records as spam candidates, while broad scans prioritize real spam-shaped
candidates across recent comment churn. - Kept repeated broad spam sweeps from spending their scan cap on already
processed deterministic candidates. - Put duplicate/superseded canonical issue and pull request links directly in
the public close sentence instead of only inside review details. - Kept event re-reviews from failing when a target repository has not created
the optionalproof: sufficientlabel yet. - Removed stale spam audit files when a reprocessed comment no longer matches
the scanner candidate filters. - Derived repair dispatch worker caps from
job_intentwhen no explicit cap is
provided, reducing per-workflow lane branching while preserving the global
worker budget. - Treated explicit
clawsweeper:automergeopt-in as the per-PR automerge
authorization, leaving only the global merge gate so maintainer-approved
automerge PRs do not stall behind a second environment flag. - Strengthened adopted OpenClaw automerge repairs so they run lint and type
checks locally instead of pushing after changed-surface validation alone. - Tightened implemented-on-main review prompts and schema descriptions so close
proposals include the git-history and release/current-main provenance required
by the apply gate. - Added age-gated
mostly_implemented_on_mainPR cleanup so ClawSweeper can
close older pull requests when currentmainalready contains the useful
change and the remaining diff is obsolete, minor, risky churn, or separately
tracked. - Rendered deterministic close comments during review even when the model omits
closeComment, while keeping apply strict about requiring a stored usable
close comment before mutating GitHub. - Counted live normal and hot review capacity from active
Review shardjobs
instead of reserving an entire 35-70 shard lane for every planning or
publishing background run, so saturated backlog runs keep using available
Codex capacity. - Reserved pending/planning background sweep matrices at their quiet lane size
and capped broad manualshard_countinputs by live scheduler allowance, so
overlapping manual or scheduled review runs stay inside the Codex worker
budget while GitHub expands matrix jobs. - Bounded the initial planner dashboard publish to 20 seconds so slow generated
state pushes cannot delay candidate selection or review shard startup. - Switched review and commit-review capacity probes from
gh run listto the
GitHub Actions REST runs list so repository-dispatch review workers are counted
when sizing new shard and commit-review batches. - Ignored non-SHA likely-owner provenance values when rendering public commit
links, avoiding broken/commit/...URLs in review comments. Thanks @samzong. - Kept missing changelog entries as maintainer-owned ClawSweeper repair work instead of asking PR authors to add them. Thanks @obviyus.
- Suppressed changelog-only OpenClaw PR review findings after model output so
contributor PRs do not get needs-changes or fix-required markers solely for
maintainer-owned release notes. Thanks @rubencu. - Clarified likely-owner role wording in generated review comments and reports
so history-based routing does not imply official maintainer status. Thanks
@rubencu. - Taught PR review prompts to inspect matching maintainer notes before reviewing
diffs, avoiding findings that would revert intentional repository decisions.
Thanks @obviyus. - Added explicit timeouts for disabled-target workflow guard jobs and
concurrency groups for write-side repair workflows. Thanks @ds4psb-ai. - Gave manual exact-item review dispatches their own concurrency group so
targeted maintainer reviews no longer wait behind broad normal backfill runs. - Downgraded screenshot-only browser runtime proof so ClawSweeper no longer accepts "no visible console/CSP violation" screenshots as sufficient real behavior proof. Thanks @BunsDev.
- Classified optional bundled skill PRs as
skillitems and routed skill-only
OpenClaw core additions to the ClawHub upload path with clearer close copy. - Required generated public review comments to use full GitHub URLs for
cross-issue and cross-PR references instead of shorthand#123refs. - Added
openclaw/fs-safeas an event-driven review target with conservative
PR implemented-on-main close rules and issue review-only behavior. - Scoped sweep record/status publishing to the active target repository slug so
concurrent runs for other repositories cannot overwrite newly added target
records from stale generated state. - Added data-driven target repository config plus a conservative
openclaw/*
fallback so newly installed OpenClaw repositories can use exact event review
without a TypeScript profile change. - Reduced default worker fan-out by about 20% across review shards, hot intake,
commit review pages, repair live-worker caps, and automatic implementation
dispatches. - Made background review lanes yield to active repair and exact-item work to
lower GitHub and Codex rate-limit pressure during busy periods. - Fixed live worker scheduling to filter GitHub Actions runs through supported
workflowNameJSON fields instead of silently falling back to zero active
workers whengh run list --workflowis unavailable. - Reduced repair live-capacity polling from one GitHub Actions API request per
active status to a single recent-runs request filtered locally, and avoided an
immediate duplicate capacity probe in the dispatch loop. - Cached comment-router open-label issue lookups per run so repair-loop comment
discovery and command synthesis do not repeat identical GitHub searches. - Cached comment-router issue comment lookups per run so targeted command routing
and replay/status checks do not repeat identical comment pagination. - Retried Codex edit workers after TPM/rate-limit exits and collapsed JSONL failure transcripts into concise repair status reasons.
- Added deterministic merged closing-PR provenance to issue close reports and
public close comments when GitHub exposes a high-confidence closing PR. - Allowed repair cluster execute tokens to request workflow-file write
permission, so adopted automerge repairs can rebase PR branches that already
contain.github/workflows/*changes. - Stopped forcing Codex fast mode in review and commit-review runs.
- Marked automerge repair loops as failed or blocked when fix execution ends on
an unrecovered Codex transport error, instead of leaving the PR timeline at a
running step. - Marked GitHub App workflow-file push denials as blocked repair outcomes
instead of failing the repair worker after Codex prepares an otherwise useful
fix. - Published already-prepared fork repairs as credited replacement PRs when
GitHub rejects the contributor-branch push because rebasing would create or
update workflow files without effective workflow permission. - Capped repair Codex prompt payloads by compacting oversized fix artifacts and
repository snippets, and classified Codex context-limit responses as blocked
repair outcomes instead of red workflow failures. - Fetched contributor PR repair heads through the target repository pull-request
ref instead of directly from contributor forks, and treated git fetch timeouts
and push timeouts as blocked repair outcomes. - Skipped self-heal repair redispatches when the same repair job is already
queued or running, avoiding duplicate pending workers for active PR repairs. - Let self-heal rediscover recent failed repair workers from live GitHub run
metadata when a hard execute failure happens before durable run records are
published. - Included the automation limits config in the CI sparse checkout so the new
limits drift check can run on GitHub as well as locally. - Accepted positional automation-limit paths in workflow utilities again so
high-volume commit-review and scheduler workflows keep using the compact
workflow -- limit <path>form. - Included the automation limits config in the repair comment-router sparse
checkout so scheduled maintainer commands can load shared worker caps. - Let the final internal Codex
/reviewin a repair loop feed one last
review-fix pass before blocking, pushing only after changed-surface validation
passes so exact-head review and GitHub checks can finish the merge decision. - Expanded validation-failure detail passed into Codex repair follow-up prompts
so lint/typecheck failures keep the actionable diagnostic instead of only the
package-manager epilogue. - Reduced the default final-base sync loop to one local validation pass before
pushing the synchronized head, relying on exact-head review and GitHub checks
to gate fast-moving automerge branches. - Limited commit-review fan-out to 6 commits per workflow page by default, with
aCLAWSWEEPER_COMMIT_REVIEW_PAGE_SIZEoverride for controlled backfills. - Made trusted human-review and security-sensitive pause reasons include the
actionable review sections instead of only the structured marker. - Removed
actions/setup-nodefrom the high-volume GitHub activity lane and
kept that notifier compatible with runner-provided Node 20+ so bursty
activity forwarding is not blocked by codeload action download timeouts. - Switched repair target checkouts to retryable blobless Git clones with a
shorter per-attempt timeout, avoiding five-minutegh repo clonehangs before
Codex can repair a PR. - Preferred human GitHub Actions URLs when reporting active repair workers,
avoiding API URLs in ClawSweeper status comments and dashboards. - Raised the same-head automatic repair cap to two attempts so a transient
checkout or runner failure does not permanently block the PR head from a
retry. - Skipped routine native and forwarded pull request synchronize events plus
successful workflow-run events before checkout in the GitHub activity lane. - Kept human-review pauses from being cleared by stale trusted pass markers or
replayed automerge commands. - Updated targeted re-review command comments with live progress while the review
workflow runs. - Avoided full-file token scans for repair repository snippets when no discovery
tokens exist, keeping untargeted fix prompts cheaper to build. - Requested 100-item REST pages for paginated GitHub list calls, reducing
review and repair API page fan-out on large issues and pull requests. - Bounded repair cluster PR file and commit hydration to the context carried
into generated plans, avoiding full pagination for very large pull requests. - Compacted review prompt context lazily so large comment, timeline, file, and
commit lists no longer process entries that are omitted from Codex input. - Scoped every sweep workflow status write to the active target repository so
openclaw/clawhubandopenclaw/clawsweeperruns no longer overwrite
openclaw/openclawdashboard telemetry. - Cached the static review prompt and decision schema within each ClawSweeper
process instead of re-reading them during review planning and item prompts. - Thanks @stainlu for the repair prompt, GitHub pagination, lazy context
compaction, review telemetry, live-capacity probe, comment-router cache, and
prompt asset cache PRs.