Skip to content

ClawSweeper 0.3.0

Latest

Choose a tag to compare

@steipete steipete released this 15 Jun 22:59

Verification: CI and CodeQL passed on the release commit.

Added

  • Added typed, durable, proposal-only root-cause cluster assessments to reviews, with strict same-repository canonical-item validation and no repair dispatch, job suppression, sibling mutation, close, or merge behavior.
  • Added a fail-closed CLAWSWEEPER_CODEX_LOGIN_METHOD=chatgpt override for local Codex OAuth runs while retaining API authentication by default. Thanks @anagnorisis2peripeteia.
  • Added repair-only PR intake that scans an author's open pull requests for actionable failures and creates durable PR-repair jobs. Thanks @Jhacarreiro.
  • Added automatic issue-build lifecycle comments and dashboard cards with issue titles, queued/planning/building/completed/blocked history, live worker links, Actions runs, and generated PR drill-down.
  • Show issue and pull request titles alongside target numbers on active dashboard worker cards and worker detail links.
  • Added comprehensive documentation for steerable repair automation, covering issue-to-PR and PR-repair intake, GitCrawl Actions consumption, deduplication, opt-out labels, GitHub App token boundaries, durable Codex thread resumption, CrabFleet steering, worker budgets, completion gates, dashboards, and failure recovery.
  • Added steerable, resumable Codex app-server sessions for repair GitHub Actions, with CrabFleet terminal attach, durable thread restoration across planning/execution runners, work-state heartbeats, and deterministic completion reporting.
  • Added explicit issue-to-PR and PR-repair worker categories to the live dashboard, plus direct live-terminal fleet access and issue/PR-aware drill-down links.
  • Added organization-member issue implementation commands while keeping automatic issue pickup behind a new default-off master gate and honoring clawsweeper:human-review or clawsweeper:manual-only before branch pushes and PR creation.
  • Doubled the global worker budget to 64 and the imported GitCrawl cluster-repair lane to 2 while preserving proportional interactive and expansion reserves.
  • Added a live fleet overview and per-worker dashboard drill-down with actual GitHub Actions job identity, current step, progress, target, lane, elapsed time, and full step timeline.
  • Added coverage-proof gating before duplicate or superseded PR close proposals, so ClawSweeper verifies a covering PR really subsumes the source before closing it. Thanks @jesse-merhi.
  • Added proof nudge reminders that periodically prompt PR authors to attach real behavior proof before review or merge automation can progress. Thanks @brokemac79.
  • Added richer related issue context in review prompts from linked PRs, local reports, gitcrawl clusters, and exact-event GitHub issue search. Thanks @brokemac79.
  • Added the first Cloudflare live dashboard for ClawSweeper observability, with
    active worker counts, pipeline rows, CI state, automerge timing, and optional
    signed status-event ingest.
  • Added a live-dashboard panel for the latest closed issues and pull requests
    across configured target repositories.
  • Added 24-hour ClawSweeper-owned close stats to the live dashboard.
  • Added a live-dashboard CI refresher workflow that posts target pull request
    check summaries into Worker storage, so active rows can show stored PR check
    state without slow browser-time GitHub fanout.
  • Added Cloudflare GitHub App webhook intake for eligible openclaw/* and steipete/* issue, pull request, and maintainer comment events so target repos can dispatch exact ClawSweeper runs without waiting for scheduled scans.
  • Fixed automerge repair evidence so third-party check detail URLs are summarized without tripping ClawSweeper's strict GitHub-only evidence validator.
  • Added a read-only live triage dashboard for ClawSweeper advisory-label views, focused issue queues, and linked pull request visibility. Thanks @brokemac79.
  • Added a canonical repair job_intent contract and orchestration docs so
    automerge, issue implementation, commit finding, low-signal cleanup, and
    ordinary repair jobs share one routing surface.
  • Added an audit-only spam scanner lane for new GitHub issue comments and PR
    review comments. It uses deterministic prefilters plus the internal model to
    write durable spam audit records without blocking users or mutating
    repositories.
  • Added a light privacy reminder and stronger screenshot-or-video nudge to real behavior proof review guidance.
  • Added agent-led real behavior proof judgement so ClawSweeper can inspect linked screenshots, videos, logs, and terminal output with a read-only GitHub token, explain the proof verdict in the review comment, tell contributors how to trigger a fresh review after adding proof, and sync proof: sufficient when the evidence is convincing.
  • Added a durable review-context budget ledger to generated reports so prompt section sizes, hydrated counts, and truncation state are visible after each run, thanks @stainlu.
  • Added a real behavior proof assessment to PR reviews so missing, mock-only, or insufficient contributor proof blocks pass/automerge markers and asks for screenshots, terminal output, redacted logs, recordings, linked artifacts, or copied live output instead.
  • Added advisory issue labels for reproduction, linked-PR, work-lane,
    missing-info, product-decision, and security-review routing states, projected
    from existing review report fields without changing repair, merge, or close
    behavior. Label-only syncs now record labels_synced_at so scheduler cadence
    ignores ClawSweeper-owned label updated_at churn. Thanks @brokemac79.
  • Added config/automation-limits.json plus docs and a drift check so review,
    commit-review, repair, and issue-implementation capacity defaults have one
    checked-in source of truth.
  • Replaced per-lane capacity config with a single workers.max budget and
    dynamic background lane scheduling.
  • Added generated coding-plan artifacts for fresh queue_fix_pr work candidates
    and linked them from the dashboard work-candidate tables. Thanks @FerFroid.
  • Added a generated 1200x630 social preview card plus large-image Open Graph and
    Twitter metadata for the docs site.
  • Added target fanout so ClawSweeper can dispatch conservative scheduled review and audit batches across eligible openclaw/* and steipete/* repositories.
  • Added a PR-only low-signal close reason so ClawSweeper can automatically close net-negative branches whose useful part is tiny but whose diff is mostly unrelated or unmergeable churn.
  • Added current-main issue close policy for configured OpenClaw targets, so reviews can close issues that are proven fixed on main even before a release ships.
  • Added stronger ClawSweeper storm controls: exact event reviews now get job-level per-item cancellation, GitHub activity coalesces more aggressively, noncritical intake skips when GitHub core quota is low, hot target fanout is lower, and state hydration avoids partial-clone checkout auth failures by default.

Changed

  • Removed the unsupported ephemeral-session flag from repair Codex subprocess invocations. Thanks @Jhacarreiro.
  • Enabled automatic implementation plus bounded durable-report backfill for eligible open issues; general viable implementation remains limited to public sibling repositories, while separately gated strict-bug and vision-fit lanes can backfill openclaw/openclaw. Codex discovers viable implementation and validation strategy, while deterministic security, opt-out, source-state, quota, report-revision receipt, queued-job, and PR/cluster deduplication gates remain.
  • Increased quiet scheduled review capacity from 48 to 64 workers, switched scheduled backfill to three-item shards to reduce setup and tail-idle overhead, and made seven-day review freshness an explicit scheduler priority.
  • Doubled the global Codex worker budget to 128 with proportional reserves, added job-level dashboard error and recovery rates, and moved the bounded failed-review retry backstop to hourly.
  • Raised the shared Codex worker budget from 24 to 32, tripling quiet scheduled normal-review capacity from 4 to 12 shards while preserving interactive and matrix-expansion reserves, and synchronized live-dashboard budget reporting.
  • Automatically dispatch high-confidence queue_fix_pr issue reviews outside openclaw/openclaw and openclaw/clawhub into the existing implementation worker, then opt generated PRs into a bounded review/autofix/re-review loop that stops clean and leaves them open for maintainer merge. Retryable Codex worker failures now requeue through the bounded repair self-heal path.
  • Install the latest Codex CLI for every worker run and keep the actual model name in the CLAWSWEEPER_MODEL GitHub Actions secret, exposing only the internal alias in workflows, reports, and comments.
  • Removed PR egg hatching, including the @clawsweeper hatch command, hatch dispatch path, generated PR egg comments, and assets/pr-eggs publishing (#210). Thanks @vincentkoc.

Fixed

  • Included the shared Codex spawn helper in repair comment-router sparse checkouts, restoring repair builds in that workflow. Thanks @849261680.
  • Rendered Mantis proof suggestions as complete copyable PR comments inside fenced text blocks without triggering the suggested command. Thanks @hxy91819.
  • Added a cancellation-safe four-slot exact-review semaphore, replacing the proposed state-repository lease with deterministic live Actions ranking. Thanks @hxy91819.
  • Made every Codex subprocess honor CODEX_BIN, safely launch npm-installed codex.cmd wrappers on native Windows, and terminate their process trees on timeout. Thanks @anagnorisis2peripeteia.
  • Reserved the full bounded media preprocessing allowance for exact-event review deadlines and command-dispatch fallbacks, including media discovered only after comment hydration.
  • Keep generated implementation PR bodies and terminal issue comments concise, avoid stale blocked states while PR checks are pending, and stop adding ClawSweeper itself as a commit co-author.
  • Prevented trusted ClawSweeper command status comments from re-entering GitHub activity handling and churning review automation. Thanks @ooiuuii.
  • Routed proof-sufficient security reviews that recommend maintainer risk acceptance to maintainer review instead of waiting on the contributor. Thanks @brokemac79.
  • Prevented automatic issue backfill from spending Codex workers on reports explicitly blocked by product-decision, no-new-fix-PR, or maintainer-review signals.
  • Kept issue-generated PRs out of automerge, migrated their labels to clawsweeper:autofix, and made clean exact-head autofix reviews wait for required checks to appear, settle green, and reach GitHub merge-state readiness before removing the repair-loop label instead of repeating blocked merge attempts.
  • Correlated active issue-build workers by workflow run when GitHub job titles omit the target, preserved source issue titles and generated PR links across repair lifecycle events, and stopped generic repository repairs from requiring a nonexistent pnpm check:changed script.
  • Persisted dashboard lifecycle events in a globally consistent Cloudflare Durable Object so automatic issue-build cards remain visible across edge locations, and accepted Ansible plus repository-local shell-script validation commands without permitting inline shell execution.
  • Prevented ClawSweeper-owned advisory labels from invalidating queued issue implementation source revisions, and accepted quoted arguments plus common validation toolchains while blocking shell/eval runners and removing GitHub write credentials from target validation.
  • Compacted completed ClawSweeper-generated replacement branches to one reviewed commit before publication, removing transient checkpoint and review-repair noise while preserving contributor branch history.
  • Skip optional ClawSweeper label additions when an issue or pull request already has GitHub's 100-label maximum, so one saturated item cannot abort a comment-sync batch.
  • Served stale dashboard status immediately while coalescing a background refresh, bounded job-detail fanout, and cached and parallelized historical GitHub lookups to reduce cold-load latency, diagnostic timeouts, and API usage.
  • Recover transport-exhausted reviews with one bounded lower-effort fallback while preserving the original failure classification when recovery also fails. Thanks @yetval. (#283)
  • Preserved records written by concurrent workers during generated-state publish races while retaining deliberate item-to-closed moves and plan cleanup.
  • Raised and unified Codex review timeouts at 20 minutes, including exact event reviews, so high-context reviews do not fall back at the previous 10-minute ceiling.
  • Scale pull request review timeouts across webhook, command, and post-repair dispatches for large diffs and video proofs while preserving the configured Codex timeout as a floor and budgeting media preprocessing separately. Thanks @TurboTheTurtle.
  • Treat failed Codex reviews as infrastructure failures, suppress readiness verdicts, and remove stale PR rating labels until a fresh review completes. Thanks @SYU8384.
  • Deferred workflow utility CLI execution until module initialization completes, preventing apply preselection from crashing on close-action constants.
  • Prevented verbose Codex review and repair subprocess output from overflowing memory, retained capped durable logs and bounded redacted diagnostic tails, stopped retrying terminal model-access failures, and pinned the CLI/proxy pair to compatible version 0.139.0. Thanks @fuller-stack-dev.
  • Hydrated generated pull request review findings into automerge repair jobs instead of routing repairs through the original issue-only artifact.
  • Rechecked stale active worker state and durably retried pending repair dispatches instead of leaving review-fix loops waiting after a worker finishes.
  • Released automerge repair workers immediately when an exact-head ClawSweeper review requests another repair, allowing the router to dispatch the next Codex worker without waiting for the shepherd timeout.
  • Limited issue implementation intake and repair worker state hydration to required records, jobs, and results, avoiding unrelated generated state and proof assets.
  • Fixed the GitHub activity bridge's spam-comment dispatch shell block so ordinary activity events continue into normal processing.
  • Prevented an older failed re-review command from starting another Codex review after the same requester submitted a newer re-review for the item.
  • Retried transient Codex review failures in fresh bounded sessions and redacted the internal model identifier from review failures and debug artifacts.
  • Kept sparse repair workflows building after the shared Codex transient helper moved outside the repair subtree.
  • Kept ordinary auth-provider and token terminology from being misclassified as a security-sensitive issue implementation blocker.
  • Fixed issue implementation duplicate-PR searches to use GitHub's GET endpoint, restoring automatic and explicit issue-build intake.
  • Allowed viable issue implementation intake to treat merged or closed pull requests as historical context while retaining live blockers for open matching and generated pull requests.
  • Made generated-state checkouts shallow by default so publish, audit, and apply jobs do not download the multi-gigabyte state history before their existing fetch/rebase retry loop.
  • Added merged PRs that reference an issue to issue review context when GitHub has no formal closing link, so implemented-on-main decisions can see relevant fix provenance. Thanks @openperf.
  • Skipped open-but-locked repair apply targets before close or merge mutations and converted GitHub locked-conversation write denials into terminal skipped records. Thanks @AsishKumarDalal.
  • Kept stale queued workflow ghosts out of commit-review capacity probes after GitHub refuses to cancel old queued runs.
  • Required OpenClaw config-surface changes to pause automerge for maintainer review instead of emitting pass markers, with durable config-surface report metadata. Thanks @osolmaz.
  • Disabled automatic push-triggered commit review while keeping manual commit-review workflow dispatch available.
  • Treated target AGENTS.md files as optional repository-authored review policy
    in item and commit review prompts while preserving ClawSweeper repository
    profile and fallback behavior (#185, building on #173). Thanks @Takhoffman.
  • Reduced spam-scanner false positives on legitimate technical GitHub comments by teaching the audit model that on-topic repros, patches, logs, tests, measurements, and migration reports are expected project participation, not spam.
  • Allowed verified implemented_on_main close proposals to close
    maintainer-authored or maintainer-labeled items automatically, while keeping
    other protected-label and non-fixed maintainer closes blocked.
  • Retried legacy skipped_maintainer_authored and skipped_invalid_decision
    reports when they are now verified implemented_on_main close candidates.
  • Retried older kept_open close reports and cleared linked-PR issue blockers
    after ClawSweeper closes the linked PR earlier in the same apply run.
  • Closed live no-diff pull requests as duplicate/superseded during apply and
    let same-author PR/issue close pairs finish together when both sides already
    have closeable reports.
  • Promoted old F-rated stale PRs, recommended pause_or_close PRs, and PRs
    superseded by linked pull requests into duplicate/superseded apply closes when
    no human has responded after the durable review.
  • Archived live-closed skipped apply records from items/ during apply so the
    open-state dashboard sheds stale records faster.
  • Kept stale GitHub Actions queued ghosts out of the live dashboard capacity and pipeline counts after GitHub leaves old queued runs around for hours.
  • Kept event apply runs from failing when GitHub rejects ClawSweeper advisory label sync with a 401; the item is now recorded as kept open for a later retry instead of crashing the workflow.
  • Restored UTF-8 emoji labels on the live dashboard after mojibake slipped into the Worker HTML template.
  • Sanitized non-github.com URLs out of repair worker result.json evidence (including actions[].evidence, needs_human, and every merge_preflight evidence list) before review so deploy-preview and other external links no longer trip the evidence contains non-GitHub external URL deterministic gate; deterministic automerge results, dry-run/blocked fallbacks, the Codex-written result, the result-repair retry, and synthetic commit-finding-intake results all share a single src/repair/url-safety.ts allow-list. The intake also rejects dispatched report_url overrides that are not on github.com and falls back to the canonical report path.
  • Kept scheduled target fanout covering public steipete/* repositories when the ClawSweeper GitHub App is not installed for that owner.
  • Reduced the shared Codex worker budget from 72 to 57 so background review, commit-review, repair, and issue-implementation lanes run about 20% fewer parallel workers.
  • Clarified re-review guidance so PR/issue authors and users with repository write access can request a fresh read-only review without a maintainer relay.
  • Mirrored ClawSweeper repair publish events into the live dashboard ingest so the Recent Activity panel shows fleet signals.
  • Filled the live dashboard Recent Activity panel from recent ClawSweeper closes when no explicit activity events have arrived yet.
  • Deduped live-dashboard PR close activity across explicit /issues/ events and backfilled /pull/ rows.
  • Kept live-dashboard worker pressure focused on ClawSweeper worker runs by separating support workflows such as GitHub activity, spam intake, dashboard CI, CI, and CodeQL.
  • Fetched live-dashboard closed-item pages concurrently so the ClawSweeper close stats do not time out and render as zero during busy periods.
  • Coalesced duplicate spam comment intake deliveries by target comment so noisy edited-comment bursts stop wasting runner slots.
  • Required exact trusted-bot login matches before allowing comment-router mutation actions.
  • Limited /autoclose linked-target expansion to same-repo items explicitly referenced in the maintainer command text.
  • Restored target checkout file modes after read-only review runs and kept .git metadata writable for local Git inspection.
  • Counted unverified local-checkout apply records against the apply processed limit so one stale report cannot be retried forever while later records still mutate.
  • Ignored stale queued repair workflow runs when reserving live worker capacity, so abandoned Actions queue entries no longer block automerge repair dispatches.
  • Kept active automerge opt-ins moving through canonical no-finding human-review pauses instead of requiring a second maintainer approval.
  • Retried sweep target repository checkouts without cached Git references when
    a stale partial-clone cache breaks shard startup.
  • Reduced the shared Codex worker budget by 10% so review, commit-review,
    repair, automerge, issue-implementation, and dashboard utilization lanes use
    lower default fan-out.
  • Cleared ClawSweeper-owned eyes reactions from target issues and pull
    requests when event reviews complete, while preserving user reactions. Thanks
    @samzong.
  • Kept event re-review progress updates scoped to ClawSweeper-owned status
    comments, so empty command markers cannot cause unrelated human comments to be
    edited. Thanks @hxy91819.
  • Added live spam comment intake for GitHub activity events so deterministic
    spam candidates dispatch exact comment scans immediately instead of waiting
    for the hourly audit sweep.
  • Counted both trusted ClawSweeper bot logins in live-dashboard close stats.
  • Counted active live-dashboard workflow runs from GitHub status-filtered Actions pages so older in-progress reviews are not hidden by newer completed runs.
  • Reworked live-dashboard tables into compact linked rows so pipeline run links,
    CI state, and side-panel items fit without cramped columns.
  • Replaced the state-repository PAT dependency with a short-lived GitHub App token for ClawSweeper state checkouts and publishes, so rotated PATs no longer break openclaw/clawsweeper-state access.
  • Clarified uneditable source PR replacement comments and PR bodies so they state
    the push-rights blocker, explain why source PRs are closed after a replacement
    opens, and show preserved co-author credit.
  • Kept the live dashboard's playful icon treatment while tightening the pipeline
    grid so long commit-review SHAs no longer overlap the automerge/status rail.
  • Replaced ci unknown on active live-dashboard rows with immediate workflow
    run health and stored target-check badges when the CI refresher has published
    pull request status.
  • Enabled a bounded live PR-check fallback for the first visible dashboard rows
    so CI badges still show target checks when KV is absent or cache locality
    hides a posted status event, while preserving workflow status if GitHub
    rejects the live enrichment request.
  • Tightened the live dashboard desktop layout so the pipeline table scrolls
    inside its lane instead of colliding with the side panels, with compact mode
    labels for dense worker rows.
  • Stopped browser-caching the live dashboard HTML shell so UI fixes appear
    immediately after Worker deploys.
  • Served the last good live dashboard snapshot from a longer edge cache when
    GitHub rate limits transient live refreshes, avoiding zeroed-out status pages.
  • Kept the live dashboard stable during refreshes by caching status snapshots at
    the edge, retaining the last good browser snapshot, and reducing rate-prone
    GitHub detail calls so transient 403s no longer blank the pipeline.
  • Cleared stale clawsweeper:human-review and clawsweeper:merge-ready pause labels when a later exact-head trusted pass arrives for an automerge PR, so transient cancelled reviews no longer strand maintainer opt-ins.
  • Tightened spam scanner prefilters so GitHub context links, contributor proof
    comments, and ordinary external evidence/log links do not trigger audit
    records as spam candidates, while broad scans prioritize real spam-shaped
    candidates across recent comment churn.
  • Kept repeated broad spam sweeps from spending their scan cap on already
    processed deterministic candidates.
  • Put duplicate/superseded canonical issue and pull request links directly in
    the public close sentence instead of only inside review details.
  • Kept event re-reviews from failing when a target repository has not created
    the optional proof: sufficient label yet.
  • Removed stale spam audit files when a reprocessed comment no longer matches
    the scanner candidate filters.
  • Derived repair dispatch worker caps from job_intent when no explicit cap is
    provided, reducing per-workflow lane branching while preserving the global
    worker budget.
  • Treated explicit clawsweeper:automerge opt-in as the per-PR automerge
    authorization, leaving only the global merge gate so maintainer-approved
    automerge PRs do not stall behind a second environment flag.
  • Strengthened adopted OpenClaw automerge repairs so they run lint and type
    checks locally instead of pushing after changed-surface validation alone.
  • Tightened implemented-on-main review prompts and schema descriptions so close
    proposals include the git-history and release/current-main provenance required
    by the apply gate.
  • Added age-gated mostly_implemented_on_main PR cleanup so ClawSweeper can
    close older pull requests when current main already contains the useful
    change and the remaining diff is obsolete, minor, risky churn, or separately
    tracked.
  • Rendered deterministic close comments during review even when the model omits
    closeComment, while keeping apply strict about requiring a stored usable
    close comment before mutating GitHub.
  • Counted live normal and hot review capacity from active Review shard jobs
    instead of reserving an entire 35-70 shard lane for every planning or
    publishing background run, so saturated backlog runs keep using available
    Codex capacity.
  • Reserved pending/planning background sweep matrices at their quiet lane size
    and capped broad manual shard_count inputs by live scheduler allowance, so
    overlapping manual or scheduled review runs stay inside the Codex worker
    budget while GitHub expands matrix jobs.
  • Bounded the initial planner dashboard publish to 20 seconds so slow generated
    state pushes cannot delay candidate selection or review shard startup.
  • Switched review and commit-review capacity probes from gh run list to the
    GitHub Actions REST runs list so repository-dispatch review workers are counted
    when sizing new shard and commit-review batches.
  • Ignored non-SHA likely-owner provenance values when rendering public commit
    links, avoiding broken /commit/... URLs in review comments. Thanks @samzong.
  • Kept missing changelog entries as maintainer-owned ClawSweeper repair work instead of asking PR authors to add them. Thanks @obviyus.
  • Suppressed changelog-only OpenClaw PR review findings after model output so
    contributor PRs do not get needs-changes or fix-required markers solely for
    maintainer-owned release notes. Thanks @rubencu.
  • Clarified likely-owner role wording in generated review comments and reports
    so history-based routing does not imply official maintainer status. Thanks
    @rubencu.
  • Taught PR review prompts to inspect matching maintainer notes before reviewing
    diffs, avoiding findings that would revert intentional repository decisions.
    Thanks @obviyus.
  • Added explicit timeouts for disabled-target workflow guard jobs and
    concurrency groups for write-side repair workflows. Thanks @ds4psb-ai.
  • Gave manual exact-item review dispatches their own concurrency group so
    targeted maintainer reviews no longer wait behind broad normal backfill runs.
  • Downgraded screenshot-only browser runtime proof so ClawSweeper no longer accepts "no visible console/CSP violation" screenshots as sufficient real behavior proof. Thanks @BunsDev.
  • Classified optional bundled skill PRs as skill items and routed skill-only
    OpenClaw core additions to the ClawHub upload path with clearer close copy.
  • Required generated public review comments to use full GitHub URLs for
    cross-issue and cross-PR references instead of shorthand #123 refs.
  • Added openclaw/fs-safe as an event-driven review target with conservative
    PR implemented-on-main close rules and issue review-only behavior.
  • Scoped sweep record/status publishing to the active target repository slug so
    concurrent runs for other repositories cannot overwrite newly added target
    records from stale generated state.
  • Added data-driven target repository config plus a conservative openclaw/*
    fallback so newly installed OpenClaw repositories can use exact event review
    without a TypeScript profile change.
  • Reduced default worker fan-out by about 20% across review shards, hot intake,
    commit review pages, repair live-worker caps, and automatic implementation
    dispatches.
  • Made background review lanes yield to active repair and exact-item work to
    lower GitHub and Codex rate-limit pressure during busy periods.
  • Fixed live worker scheduling to filter GitHub Actions runs through supported
    workflowName JSON fields instead of silently falling back to zero active
    workers when gh run list --workflow is unavailable.
  • Reduced repair live-capacity polling from one GitHub Actions API request per
    active status to a single recent-runs request filtered locally, and avoided an
    immediate duplicate capacity probe in the dispatch loop.
  • Cached comment-router open-label issue lookups per run so repair-loop comment
    discovery and command synthesis do not repeat identical GitHub searches.
  • Cached comment-router issue comment lookups per run so targeted command routing
    and replay/status checks do not repeat identical comment pagination.
  • Retried Codex edit workers after TPM/rate-limit exits and collapsed JSONL failure transcripts into concise repair status reasons.
  • Added deterministic merged closing-PR provenance to issue close reports and
    public close comments when GitHub exposes a high-confidence closing PR.
  • Allowed repair cluster execute tokens to request workflow-file write
    permission, so adopted automerge repairs can rebase PR branches that already
    contain .github/workflows/* changes.
  • Stopped forcing Codex fast mode in review and commit-review runs.
  • Marked automerge repair loops as failed or blocked when fix execution ends on
    an unrecovered Codex transport error, instead of leaving the PR timeline at a
    running step.
  • Marked GitHub App workflow-file push denials as blocked repair outcomes
    instead of failing the repair worker after Codex prepares an otherwise useful
    fix.
  • Published already-prepared fork repairs as credited replacement PRs when
    GitHub rejects the contributor-branch push because rebasing would create or
    update workflow files without effective workflow permission.
  • Capped repair Codex prompt payloads by compacting oversized fix artifacts and
    repository snippets, and classified Codex context-limit responses as blocked
    repair outcomes instead of red workflow failures.
  • Fetched contributor PR repair heads through the target repository pull-request
    ref instead of directly from contributor forks, and treated git fetch timeouts
    and push timeouts as blocked repair outcomes.
  • Skipped self-heal repair redispatches when the same repair job is already
    queued or running, avoiding duplicate pending workers for active PR repairs.
  • Let self-heal rediscover recent failed repair workers from live GitHub run
    metadata when a hard execute failure happens before durable run records are
    published.
  • Included the automation limits config in the CI sparse checkout so the new
    limits drift check can run on GitHub as well as locally.
  • Accepted positional automation-limit paths in workflow utilities again so
    high-volume commit-review and scheduler workflows keep using the compact
    workflow -- limit <path> form.
  • Included the automation limits config in the repair comment-router sparse
    checkout so scheduled maintainer commands can load shared worker caps.
  • Let the final internal Codex /review in a repair loop feed one last
    review-fix pass before blocking, pushing only after changed-surface validation
    passes so exact-head review and GitHub checks can finish the merge decision.
  • Expanded validation-failure detail passed into Codex repair follow-up prompts
    so lint/typecheck failures keep the actionable diagnostic instead of only the
    package-manager epilogue.
  • Reduced the default final-base sync loop to one local validation pass before
    pushing the synchronized head, relying on exact-head review and GitHub checks
    to gate fast-moving automerge branches.
  • Limited commit-review fan-out to 6 commits per workflow page by default, with
    a CLAWSWEEPER_COMMIT_REVIEW_PAGE_SIZE override for controlled backfills.
  • Made trusted human-review and security-sensitive pause reasons include the
    actionable review sections instead of only the structured marker.
  • Removed actions/setup-node from the high-volume GitHub activity lane and
    kept that notifier compatible with runner-provided Node 20+ so bursty
    activity forwarding is not blocked by codeload action download timeouts.
  • Switched repair target checkouts to retryable blobless Git clones with a
    shorter per-attempt timeout, avoiding five-minute gh repo clone hangs before
    Codex can repair a PR.
  • Preferred human GitHub Actions URLs when reporting active repair workers,
    avoiding API URLs in ClawSweeper status comments and dashboards.
  • Raised the same-head automatic repair cap to two attempts so a transient
    checkout or runner failure does not permanently block the PR head from a
    retry.
  • Skipped routine native and forwarded pull request synchronize events plus
    successful workflow-run events before checkout in the GitHub activity lane.
  • Kept human-review pauses from being cleared by stale trusted pass markers or
    replayed automerge commands.
  • Updated targeted re-review command comments with live progress while the review
    workflow runs.
  • Avoided full-file token scans for repair repository snippets when no discovery
    tokens exist, keeping untargeted fix prompts cheaper to build.
  • Requested 100-item REST pages for paginated GitHub list calls, reducing
    review and repair API page fan-out on large issues and pull requests.
  • Bounded repair cluster PR file and commit hydration to the context carried
    into generated plans, avoiding full pagination for very large pull requests.
  • Compacted review prompt context lazily so large comment, timeline, file, and
    commit lists no longer process entries that are omitted from Codex input.
  • Scoped every sweep workflow status write to the active target repository so
    openclaw/clawhub and openclaw/clawsweeper runs no longer overwrite
    openclaw/openclaw dashboard telemetry.
  • Cached the static review prompt and decision schema within each ClawSweeper
    process instead of re-reading them during review planning and item prompts.
  • Thanks @stainlu for the repair prompt, GitHub pagination, lazy context
    compaction, review telemetry, live-capacity probe, comment-router cache, and
    prompt asset cache PRs.