chore: promote staging to staging-promote/8fffa879-24726363404 (2026-04-21 17:03 UTC)

[ironclaw-ci]

Auto-promotion from staging CI

Batch range: 7fb41555a9e55677d1aaea29ca567a5b369c2b05..c0b4e30cf6f07c0852612c9f38d7c1e65ee7eab0
Promotion branch: staging-promote/c0b4e30c-24735636972
Base: staging-promote/8fffa879-24726363404
Triggered by: Staging CI batch at 2026-04-21 17:03 UTC

Commits in this batch (64):

• 77c3821 feat(common): apply ExtensionName newtype to fan-out sites (PR 2/2) (feat(common): apply ExtensionName newtype to fan-out sites (PR 2/2) #2617)
• 3d51423 fix(llm): default missing OpenAI image detail to auto (fix(llm): default missing OpenAI image detail to auto #1940)
• 0af0267 feat(engine-v2): per-project sandbox (Phases 1–7) (feat(engine-v2): per-project sandbox (Phases 1–7) #2211)
• 4104e87 fix(secrets): TOCTOU-safe auto-generate, lazy keychain probe, fail-loud on stale DB (fix(secrets): TOCTOU-safe auto-generate, lazy keychain probe, fail-loud on stale DB #2653)
• 43d6fc1 feat(engine-v2): Phase 4 cost tracking + Phase 6 mission lifecycle acceptance (feat(engine-v2): Phase 4 cost tracking + Phase 6 mission lifecycle acceptance #2660)
• 08693aa feat(skills): activation feedback pipeline + install idempotence (feat(skills): activation feedback pipeline + install idempotence #2530)
• 81aec81 fix(gateway): v2 engine tool_calls persistence + e2e test coverage (fix(gateway): v2 engine tool_calls persistence + e2e test coverage #2452)
• a524bf8 refactor(gateway): stage 4b slices + empty allowlist — ironclaw#2599 (refactor(gateway): stage 4b slices + empty allowlist — ironclaw#2599 #2665)
• 14333e4 fix(wasm): run leak scan on pre-injection headers in channel callbacks (fix(wasm): run leak scan on pre-injection headers in channel callbacks #1377)
• c854a21 fix(cli): suppress non-CLI listeners under --cli-only (--cli-only still starts webhook server and ignores HTTP_HOST/HTTP_PORT #1840) (fix(cli): suppress non-CLI listeners under --cli-only (#1840) #1869)
• 90a6dad fix(cli): prevent UTF-8 panic in MCP tool description truncation (fixes bug(cli): MCP test-server tool description truncation panics on multi-byte UTF-8 #1947) (fix(cli): prevent UTF-8 panic in MCP tool description truncation (fixes #1947) #2008)
• 5fe3be8 refactor(gateway): extract features/chat/ — ironclaw#2599 stage 4c (refactor(gateway): extract features/chat/ — ironclaw#2599 stage 4c #2680)
• e8ae948 fix(telegram): unblock e2e activation flow (fix(telegram): unblock e2e activation flow #2652)
• a35f9d9 refactor(gateway): split monolithic style.css and app.js into per-surface modules (refactor(gateway): split monolithic style.css and app.js into per-surface modules #2683)
• cad5e50 feat(llm): hot-reload provider chain from settings (supersedes feat(llm): hot-reload provider chain from settings (#1350) #2059) (feat(llm): hot-reload provider chain from settings (supersedes #2059) #2673)
• 6419347 Preserve paused leases across engine auth resume (Preserve paused leases across engine auth resume #2631)
• 4ab8e43 fix(gateway): unify v2 extension auth resume flow (fix(gateway): unify v2 extension auth resume flow #2622)
• 3c1f37b fix(slack): remember thread participation across replies (fix(slack): remember thread participation across replies #1540)
• 737029d fix(ci): target promotion PR for Claude review comments (fix(ci): target promotion PR for Claude review comments #2576)
• fddf56b docs(engine): clarify ENGINE_V2 opt-in startup (docs(engine): clarify ENGINE_V2 opt-in startup #2694)
• e2544ed feat(engine): add mission_get action for retrieving mission results (feat(engine): add mission_get action for retrieving mission results #2549)
• 544a893 refactor(gateway): extract extensions + jobs + settings + routines — ironclaw#2599 stages 4d + 5 (refactor(gateway): extract extensions + jobs + settings + routines — ironclaw#2599 stages 4d + 5 #2687)
• fb4fc82 refactor(ownership): collapse OwnerId+Identity into UserId with role variants (refactor(ownership): collapse OwnerId+Identity into UserId with role variants #2677)
• fdaba10 feat(gateway): add attachment flows, v2 skill install coverage, and e2e stabilization (feat(gateway): add attachment flows, v2 skill install coverage, and e2e stabilization #2385)
• e88236a refactor(events): replace JobResult.status String with JobResultStatus enum (refactor(events): replace JobResult.status String with JobResultStatus enum #2678)
• 010bb70 refactor(gateway): promote cross-slice GatewayState builders to test_helpers — ironclaw#2599 stage-6 prereq (refactor(gateway): promote cross-slice GatewayState test builders — ironclaw#2599 stage-6 prereq #2704)
• 141435e feat(gateway): expose engine v2 threads in chat history and sidebar (feat(gateway): expose engine v2 threads in chat history and sidebar #2532)
• d30c76d feat: add debug inspector panel for web gateway (feat: add debug inspector panel for web gateway #1873)
• b5dde50 fix(gateway): address PR fix(gateway): unify v2 extension auth resume flow #2622 review feedback (follow-up) (fix(gateway): address PR #2622 review feedback (follow-up) #2701)
• 3c7925c refactor(gateway): delete server.rs shim + relocate tests to slices — ironclaw#2599 stage 6 (refactor(gateway): delete server.rs shim + relocate tests to slices — ironclaw#2599 stage 6 #2706)
• 0a8428f fix(telegram): handle 'message is too long' with retry splitting (fix(telegram): handle 'message is too long' with retry splitting #1943)
• 77e746f feat(portfolio): complete tool, tests, widget, and share-gains flow (feat(portfolio): complete tool, tests, widget, and share-gains flow #2368)
• 8bf25bc fix(setup): run migrations during onboard when DATABASE_URL preset (onboard fails with "Failed to save settings to database", but ironclaw starts successfully and applies migrations #846) (fix(setup): run migrations during onboard when DATABASE_URL preset (#846) #2309)
• f2c4c25 docs(skills): clarify /search/issues returns issues and PRs (docs(skills): clarify /search/issues returns issues and PRs #2713)
• 0476a3d fix(gateway): Settings extension button label reflects auth state ([QA] Activate button shows credential popup for already-installed tools #2235) (fix(gateway): Settings extension button label reflects auth state (#2235) #2709)
• 833cb48 refactor(channels): introduce ExternalThreadId newtype at channel boundary (refactor(channels): introduce ExternalThreadId newtype at channel boundary #2685)
• d8802e6 fix(wasm): gate websocket runtime on auth and stop reconnect loop on fatal closes (WASM channel runtime: stop websocket/poll reconnect loops when auth is missing or rejected #2557) (fix(wasm): gate websocket runtime on auth and stop reconnect loop on fatal closes (#2557) #2707)
• a69aa54 refactor(gateway): hygiene batch — delete dead handler, tighten boundaries, add caller-level chat tests (refactor(gateway): hygiene batch — delete dead handler, tighten boundaries, add caller-level chat tests #2712)
• 862ac13 feat(memory): configurable insights interval, session summary hook, reasoning-augmented recall (feat(memory): configurable insights interval, session summary hook, reasoning-augmented recall #2336)
• 532e07f fix: prevent immediate requests creating missions (fix: prevent immediate requests creating missions #2328)
• c8f8753 fix(gateway): remove v2 active-work pills from web ui (fix(gateway): remove v2 active-work pills from web ui #2671)
• 038853f refactor(types): adopt MissionId in router + introduce McpServerName (refactor(types): adopt MissionId in router + introduce McpServerName #2681)
• ab38a0b feat(bridge): workspace-backed project registration + adapter improvements (feat(bridge): workspace-backed project registration + adapter improvements #2533)
• 5d99d55 fix(gate): handle orphaned approval gates when thread deleted (fix(gate): handle orphaned approval gates when thread deleted #2347)
• c725366 docs(rules): add review-driven guidance for Claude Code (docs(rules): add review-driven guidance for Claude Code #2714)
• e0c029c ci: validate Cargo.toml version before use in Docker workflows ([CRITICAL] Command injection vulnerability: extracted VERSION from Cargo.toml is used in sh #1901) (ci: validate Cargo.toml version before use in Docker workflows (#1901) #2742)
• 4577d0e fix(gateway): wire standalone missions tab (load, back, refresh) (fix(gateway): wire standalone missions tab (load, back, refresh) #2745)
• 392a33a feat(tui): support multiline message drafting (feat(tui): support multiline message drafting #2462)
• ae9b179 fix(channel): feishu pairing (fix(channel): feishu pairing #2454)
• e35099d [codex] Support web document uploads ([codex] Support web document uploads #2332)
• ... and 14 more (see compare view)

Current commits in this promotion (1)

Current base: staging-promote/8fffa879-24726363404
Current head: staging-promote/c0b4e30c-24735636972
Current range: origin/staging-promote/8fffa879-24726363404..origin/staging-promote/c0b4e30c-24735636972

• c0b4e30 ci: release versioned docker image (ci: release ironclaw docker image with version tag #2795)

Auto-updated by staging promotion metadata workflow

Waiting for gates:

• Tests: pending
• E2E: pending
• Claude Code review: pending (will post comments on this PR)

---

Auto-created by staging-ci workflow

[claude]

Code review

Found 5 issues:

1. [CRITICAL:95] Authorization bypass - release input exposed in workflow_dispatch. This allows any GitHub contributor with actions:write permission to manually trigger release-style tagging without going through the approved release.yml workflow.

   Fix: Remove release from workflow_dispatch.inputs and only accept it in workflow_call.
   

   ironclaw/.github/workflows/docker.yml

   Lines 17 to 21 in 5e076d2

   	# On-demand builds
   	workflow_dispatch:
   	inputs:
   	release:
   	description: "Set true to force release-style tags (:version, :latest, :sha-xxx)"

2. [HIGH:85] Downstream dispatch silently skips on transient failures. The ironclaw-dind trigger step (line 210-218) has continue-on-error:true on token creation. If gh api fails transiently, dispatch is silently skipped with no notification.

   Fix: Either remove continue-on-error or add explicit logging if dispatch is skipped.
   

   ironclaw/.github/workflows/docker.yml

   Lines 192 to 218 in 5e076d2

   	continue-on-error: true
   	uses: actions/create-github-app-token@fee1f7d63c2ff003460e3d139729b119787bc349 # v2
   	with:
   	app-id: ${{ secrets.GH_RELEASES_MANAGER_APP_ID }}
   	private-key: ${{ secrets.GH_RELEASES_MANAGER_APP_PRIVATE_KEY }}
   	owner: nearai
   	repositories: ironclaw-dind
   	- name: Trigger ironclaw-dind Build & Push
   	if: steps.app-token.outcome == 'success' && steps.check.outputs.skip != 'true'
   	continue-on-error: true
   	env:
   	GH_TOKEN: ${{ steps.app-token.outputs.token }}
   	EVENT_NAME: ${{ github.event_name }}
   	IS_RELEASE_BUILD: ${{ inputs.release && 'true' || 'false' }}
   	INPUT_TAG: ${{ inputs.tag }}
   	VERSION: ${{ steps.version.outputs.version }}
   	run: |
   	if [[ "${IS_RELEASE_BUILD}" == "true" && -n "${VERSION}" ]]; then
   	gh api repos/nearai/ironclaw-dind/dispatches \
   	--method POST \
   	-f event_type="ironclaw_image_published" \
   	-f client_payload[version]="${VERSION}"
   	elif [[ "${EVENT_NAME}" == "schedule" ]] || [[ "${INPUT_TAG}" == "staging" ]]; then
   	gh api repos/nearai/ironclaw-dind/dispatches \
   	--method POST \
   	-f event_type="ironclaw_image_published"

3. [MEDIUM:92] Boolean casting via ternary is fragile. Lines 76 and 206 use indirect conversion of the boolean input to shell variable.

   Fix: Use inputs.release directly; GitHub Actions natively coerces to string true/false.
   

   ironclaw/.github/workflows/docker.yml

   Line 76 in 5e076d2

   IS_RELEASE_BUILD: ${{ inputs.release && 'true' || 'false' }}

4. [MEDIUM:72] Unused environment variable after refactor. EVENT_NAME is exported (line 75) but no longer referenced.

   Fix: Remove to reduce cognitive load.
   

   ironclaw/.github/workflows/docker.yml

   Line 75 in 5e076d2

   EVENT_NAME: ${{ github.event_name }}

5. [MEDIUM:68] Release dispatch lacks VERSION guarantee. The condition at line 210 checks for non-empty VERSION but if version extraction fails, dispatch is silently skipped.

   Fix: Document this dependency or add validation.
   

   ironclaw/.github/workflows/docker.yml

   Lines 207 to 218 in 5e076d2

   	INPUT_TAG: ${{ inputs.tag }}
   	VERSION: ${{ steps.version.outputs.version }}
   	run: |
   	if [[ "${IS_RELEASE_BUILD}" == "true" && -n "${VERSION}" ]]; then
   	gh api repos/nearai/ironclaw-dind/dispatches \
   	--method POST \
   	-f event_type="ironclaw_image_published" \
   	-f client_payload[version]="${VERSION}"
   	elif [[ "${EVENT_NAME}" == "schedule" ]] || [[ "${INPUT_TAG}" == "staging" ]]; then
   	gh api repos/nearai/ironclaw-dind/dispatches \
   	--method POST \
   	-f event_type="ironclaw_image_published"