chore: promote staging to staging-promote/3ac8e5f7-24538841293 (2026-04-17 04:57 UTC)

[ironclaw-ci]

Auto-promotion from staging CI

Batch range: a53eac5c2dec6b6cd5c08189086093fde64aa9cb..fe5cdceeb2f596532350ca228c2888b2cdc28589
Promotion branch: staging-promote/fe5cdcee-24548466471
Base: staging-promote/3ac8e5f7-24538841293
Triggered by: Staging CI batch at 2026-04-17 04:57 UTC

Commits in this batch (62):

• a7401ec fix(gateway): scope chat approvals to the active thread (fix(gateway): scope chat approvals to the active thread #2267)
• 4032f6d Fix paired Telegram owner scope routine visibility (Fix paired Telegram owner scope routine visibility #2258)
• 7d66d83 fix(engine): always append ActionResult for every tool call (fix(engine): always append ActionResult for every tool call #2322)
• 764e586 feat(engine): LLM council via per-call model override in CodeAct (feat(engine): LLM council via per-call model override in CodeAct #2320)
• 70862ed feat(config): default CLI_MODE to TUI instead of REPL (feat(config): default CLI_MODE to TUI #2329)
• 207c4d4 ci: build docker image in release process (ci: build docker image in release process #2321)
• cd9b60c fix: re-apply Telegram UTF-16 splitting and DB MIGRATION label (fix: re-apply Telegram UTF-16 splitting and DB MIGRATION label #2304)
• 88b87c0 feat: user-facing temperature setting (feat: user-facing temperature setting #2275)
• fdb0a13 chore: sync staging and main (chore: sync staging and main #2337)
• 3cb77fe fix: resolve cargo-deny failures (wildcard deps + rand advisory) (fix: resolve cargo-deny failures (wildcard deps + rand advisory) #2370)
• ed2d6dc fix web chat refresh active thread ([codex] Fix web chat refresh active thread #2330)
• 66ccafb chore(engine): update monty to v0.0.11 (chore(engine): update monty to v0.0.11 #2364)
• 4529f00 fix(engine): track consecutive action errors in orchestrator Tier 0 path (Orchestrator: add action error counting to Python execution loop #2325) (fix(engine): track consecutive action errors in orchestrator (#2325) #2340)
• 50fc280 fix(agent): detect and escalate repeated identical failing tool calls (Agent retries same failing tool call up to 50 times with no duplicate detection #2240) (fix(agent): detect and escalate repeated identical failing tool calls #2338)
• 3f6149c feat(cli): add ironclaw profile list subcommand (feat(cli): add ironclaw profile list subcommand #2288)
• 625cd85 Suppress LLM_BACKEND warning when config.toml and .env values match (Suppress LLM_BACKEND warning when config.toml and .env values match #2388)
• a9cea6c fix(ci): skip NearAI URL DNS validation for non-NearAI backends (fix(ci): skip NearAI URL DNS validation for non-NearAI backends #2080)
• 160a75e fix(llm): image detail field + /v1 base URL normalization (fix(llm): image detail field + /v1 base URL normalization #2380)
• 4dbb44c fix(docker): make runtime-staging the default Docker target for Railway (fix(docker): make runtime-staging the default Docker target for Railway #2244)
• 532fc61 feat: admin management panel — web UI for users and usage monitoring (feat: admin management panel — web UI for users and usage monitoring #1963)
• 16b7b06 feat(web): add ironclaw docs link (feat(web): add ironclaw docs link #2398)
• ba81044 fix(mcp): Install NEAR AI MCP server from environment config (fix(mcp): Install NEAR AI MCP server from environment config #2181)
• 57d7b54 Fix Feishu webhook auth refresh and extension card overflow (fix: Feishu webhook auth refresh and extension card overflow #2443)
• 7425dc0 fix(security): harden approval thread safety (TOCTOU + error handling) (fix(security): harden approval thread safety (TOCTOU + error handling) #2366)
• 86a9d0b fix: image generation with nearai models (fix: image generation with nearai models #1819)
• 46ff740 docs(setup): warn that Telegram open mode splits history (docs(setup): warn that Telegram open mode splits history #2427)
• aea2e87 fix(ux): actionable auth errors and improved CLI help for new users (should make it easy to use #1852) (fix(ux): actionable auth errors and improved CLI help for new users (#1852) #2315)
• ab1f279 fix: more strict check for registry to avoid false positives (fix: more strict check for registry to avoid false positives #2222)
• 019c048 refactor(llm): promote decorator chain settings from NearAiConfig to top-level LlmConfig (refactor(llm): promote decorator chain settings from NearAiConfig to top-level LlmConfig #1749)
• b6f5da8 perf(tunnel): reuse HTTP client in CustomTunnel health checks (perf(tunnel): reuse HTTP client in CustomTunnel health checks #1201)
• fe2b134 fix(engine): guard consecutive-error checks against None limit (fix(engine): guard consecutive-error checks against None limit #2460)
• 37669e6 fix(web): prevent browser crash from timer leaks, DOM growth, SSE buffer ([QA] Pages Unresponsive dialog and black screen crashes #2406) (fix(web): prevent browser crash from timer leaks, DOM growth, SSE buffer (#2406) #2441)
• 1041094 style: fix cargo fmt line wrapping in thread_ops.rs (style: fix cargo fmt in thread_ops.rs #2451)
• 0a9d816 fix(responses-api): thread creation, GET by ID, streaming delta, context injection (fix(responses-api): thread creation, GET by ID, streaming delta, context injection #2167)
• 1fa73a4 docs: add Responses API section to USER_MANAGEMENT_API (docs: add Responses API reference #2440)
• 5140279 docs: guide how to host ironclaw on google cloud (docs: add google tutorial #2262)
• d85c11d fix(telegram): route WASM owner_id fallback (fix(telegram): route WASM owner_id fallback #2349)
• 28c6a15 fix(ci): exclude test files from PR size classification (fix(ci): exclude test files from PR size classification #2387)
• d63601e fix(security): gate test URL rewriters behind #[cfg(test)] (fixes SECURITY: Remove env-var-controlled API URL rewriters from production WASM channel wrapper (Telegram & Slack) #2056) (fix(security): gate test URL rewriters behind #[cfg(test)] (fixes #2056) #2401)
• 82d341d fix(sandbox): try Docker socket before CLI binary check (fix(sandbox): try Docker socket before CLI binary check #2467)
• 2dc78b2 feat(db): add per-user CachedSettingsStore decorator (feat(db): add per-user CachedSettingsStore decorator #2425)
• 8973d1b fix: use gateway owner_id for relay OAuth nonce storage (fix: use gateway owner_id for relay OAuth nonce storage #2473)
• 16a0731 test(e2e): add Playwright persistence happy-path test (test(e2e): add Playwright persistence happy-path test #2475)
• ae1f698 fix(llm): map HTTP 413 to ContextLengthExceeded for auto-compaction (fix(llm): map HTTP 413 to ContextLengthExceeded for auto-compaction #2339)
• 4353493 fix(gateway): resolve assistant thread for threadless broadcasts (fix(gateway): resolve assistant thread for threadless broadcasts #2444)
• be0b33b fix: duplicate reasoning_content fields in chat completions response (fix: duplicate reasoning_content fields in chat completions response #2493)
• 62bb007 feat(tui): add multiline support and input clear (feat(tui): add multiline support and input clear #2449)
• 7206bf0 feat(gateway): rich tool cards in history + thread processing indicator (feat(gateway): rich tool cards in history + thread processing indicator #2477)
• 7008e9a feat(gate): persist "always approve" decisions to DB in v2 engine path (feat(gate): persist "always approve" decisions to DB in v2 engine path #2428)
• 427783d fix(engine): surface action errors to LLM with [ACTION FAILED] prefix (fix(engine): surface action errors to LLM with [ACTION FAILED] prefix #2326)
• ... and 12 more (see compare view)

Current commits in this promotion (2)

Current base: staging-promote/3ac8e5f7-24538841293
Current head: staging-promote/fe5cdcee-24548466471
Current range: origin/staging-promote/3ac8e5f7-24538841293..origin/staging-promote/fe5cdcee-24548466471

• 2474f65 Fix WASM channel startup restore semantics (Fix WASM channel startup restore semantics #2563)
• fe5cdce fix: owner_id was stored as string when recovered from settings on restart (fix: owner_id was stored as string when recovered from settings on restart #2561)

Auto-updated by staging promotion metadata workflow

Waiting for gates:

• Tests: pending
• E2E: pending
• Claude Code review: pending (will post comments on this PR)

---

Auto-created by staging-ci workflow

[claude]

Code review

Found 8 issues:

1. [HIGH:85] O(NM) collision check — registered_channel_names is passed as &[String] and checked with .iter().any() for each loaded channel. With many registered channels, this becomes O(NM). Convert to HashSet at the caller for O(1) lookups.

https://github.com/anthropics/ironclaw/blob/78d59a2bbb12717580c44e24adc404d1308a5ba7/src/channels/wasm/setup.rs#L189-L198

        // Also reject any name that collides with an already-registered
        // channel to prevent a WASM module from shadowing a channel that
        // was registered earlier in the startup sequence.
        if registered_channel_names
            .iter()
            .any(|n| n.to_ascii_lowercase() == name_lower)

2. [MEDIUM:85] Implicit owner_id type inference — build_runtime_config_updates() tries to parse owner_actor_id as i64, falling back to string if parsing fails. This means the owner_id in config can be either JSON number or string depending on parse success. If a caller expects a specific type (e.g., the new test expects a number), this could cause runtime errors for non-numeric owner IDs.

https://github.com/anthropics/ironclaw/blob/78d59a2bbb12717580c44e24adc404d1308a5ba7/src/pairing/approval.rs#L127-L133

    if let Some(owner_actor_id) = owner_actor_id {
        let owner_id_value = owner_actor_id
            .parse::<i64>()
            .map(serde_json::Value::from)
            .unwrap_or_else(|_| serde_json::Value::String(owner_actor_id.to_string()));

3. [MEDIUM:80] Fragmented activation state — Three sources of truth: config.channels.configured_wasm_channels (setup wizard), activated_channels (runtime DB), and ExtensionManager.active_channel_names (in-memory RwLock). This mirrors the legacy "cache + DB" pattern that CLAUDE.md discourages. A single canonical source at startup would improve coherence.

4. [MEDIUM:78] Caller-level testing incomplete — New tests cover register_startup_channels() and load_startup_active_channels(), but the critical orchestration path in main.rs (lines 415–426) that builds startup_active_channel_names and passes it to setup_wasm_channels() is not tested end-to-end. See .claude/rules/testing.md ("Test Through the Caller, Not Just the Helper").

https://github.com/anthropics/ironclaw/blob/78d59a2bbb12717580c44e24adc404d1308a5ba7/src/main.rs#L415-L426

    let startup_active_channel_names = if let Some(ref ext_mgr) = components.extension_manager {
        ext_mgr
            .load_startup_active_channels(
                &config.owner_id,
                config.channels.configured_wasm_channels.clone(),
            )
            .await
    } else {
        normalize_extension_names(config.channels.configured_wasm_channels.clone())
    };

5. [MEDIUM:75] String normalization deferred to call sites — normalize_extension_names() is called in two places (main.rs and ExtensionManager::load_startup_active_channels), but ChannelsConfig::resolve() doesn't normalize configured_wasm_channels at load time. Malformed names silently disappear only when startup code calls the function. Normalizing in the config layer would fail fast.

6. [MEDIUM:75] Inefficient deduplication — normalize_extension_names() clones the name twice per insertion (once in seen.insert(), once in normalized.push()). Collect into HashSet first, then convert to Vec.

https://github.com/anthropics/ironclaw/blob/78d59a2bbb12717580c44e24adc404d1308a5ba7/src/extensions/naming.rs#L50-L72

        if seen.insert(name.clone()) {
            normalized.push(name);
        }

7. [LOW:70] Error messages lack specificity — normalize_extension_names() logs "Skipping invalid startup channel name" for all canonicalization failures, but doesn't distinguish uppercase vs. path traversal vs. empty string. Include the ExtensionError reason in the log.

https://github.com/anthropics/ironclaw/blob/78d59a2bbb12717580c44e24adc404d1308a5ba7/src/extensions/naming.rs#L65-L71

            Err(error) => {
                tracing::warn!(
                    channel = %name,
                    error = %error,
                    "Skipping invalid startup channel name"
                );
            }

8. [LOW:65] Stale comment — ExtensionManager.active_channel_names comment says "Names of WASM channels that were successfully loaded at startup," but after this refactor it holds "currently running" channels, not boot-discovery artifacts. Update the doc comment to reflect actual semantics.

https://github.com/anthropics/ironclaw/blob/78d59a2bbb12717580c44e24adc404d1308a5ba7/src/extensions/manager.rs#L395-L399

    /// Names of channels that are currently running in the process.
    ///
    /// For WASM channels this is no longer seeded from on-disk discovery at
    /// boot; startup only records channels that were actually restored.

---

No security vulnerabilities or logic bugs detected. The architecture properly separates fallback config from runtime state and handles the owner_id type conversion correctly for both numeric and string cases (though the implicit type inference could be clearer).