Fix security: only expose auth vars to containers, not full .env#2
Merged
Fix security: only expose auth vars to containers, not full .env#2
Conversation
Previously, the entire .env file was copied and mounted into containers, exposing all environment variables to the agent. Now only the specific authentication variables needed by Claude Code (CLAUDE_CODE_OAUTH_TOKEN and ANTHROPIC_API_KEY) are extracted and mounted. https://claude.ai/code/session_01Y6Az5oUPkYmJhA1N9MUd67
deverman
pushed a commit
to deverman/nanoclawswift
that referenced
this pull request
Feb 2, 2026
…e-LEzJ8 Fix security: only expose auth vars to containers, not full .env
Rlin1027
referenced
this pull request
in Rlin1027/NanoGemClaw
Feb 6, 2026
Feature 1 - Web Search Integration: - Added enableWebSearch field to RegisteredGroup (default: true) - Passed through ContainerInput to agent-runner - Gemini CLI uses built-in Google Search grounding Feature 2 - Custom System Prompt (Per-Group): - Added systemPrompt field to RegisteredGroup - Injected as [SYSTEM INSTRUCTIONS] block in agent-runner - Allows different personas per group Both features now flow from group config -> index.ts/scheduler -> container-runner -> agent-runner -> Gemini CLI execution.
gavrielc
added a commit
that referenced
this pull request
Feb 17, 2026
…ting Code fix: - migrate.ts: migrateExisting() now calls recordCustomModification() to register the migration patch in state.yaml (was writing patch to disk but never recording it in state tracking). Also switched from shell-interpolated diff to execFileSync for path safety. Doc updates to resolve 11 inconsistencies between architecture docs and v0.1 implementation: - #7: Base is now documented as updating after every skill apply (accumulated-state model), not only during core updates - #1: State example uses name: (matching AppliedSkill type), not skill: - #2: file_hashes documented as flat single-hash, with three-part (base/skill/merged) noted as future - #3-5: Missing fields (installed_at, path_remap, author, license, tested_with, post_apply, etc.) documented as planned for future - #9: Manifest example updated to use core_version: 0.1.0 - #11: Execution order updated to match actual implementation (backup, lock, base update, test rollback steps) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
mehdimashayekhi
added a commit
to mehdimashayekhi/nanoclaw
that referenced
this pull request
Feb 21, 2026
Adds deduplication check before executing /clear: - Checks if conversation has exactly 1 message - Checks if that message starts with '[Conversation cleared]' - If both true, responds 'Conversation was just cleared' instead of re-executing This prevents: - Redundant API calls when user double-clicks /clear - Wasteful re-summarization of already-cleared conversations - Unnecessary FS operations Race condition scenario: 1. User sends /clear #1 → processing starts 2. User sends /clear qwibitai#2 → queued (state.active = true) 3. /clear #1 completes → DB now has only [summary] 4. /clear qwibitai#2 dequeues → detects summary → skips execution Advances cursor in both cases so message doesn't get reprocessed.
tunmaker
pushed a commit
to tunmaker/nanoclaw
that referenced
this pull request
Feb 24, 2026
…e-LEzJ8 Fix security: only expose auth vars to containers, not full .env
blaykeelder1-commits
pushed a commit
to blaykeelder1-commits/nanoclaw
that referenced
this pull request
Feb 25, 2026
- Fix IDLE_TIMEOUT default from 30min to 5min (was same as CONTAINER_TIMEOUT, causing containers to always be hard-killed instead of graceful shutdown) - Fix message cursor: defer lastAgentTimestamp advancement until agent succeeds, preventing permanent message loss on timeout - Add webhook rate limiting (30 req/min/IP) - Add webhook signature verification (HMAC-SHA256 via openphone-signature) - Add Zod schema validation for webhook payloads - Add 1MB body size limit on webhook requests - Add nginx reverse proxy config with TLS, rate limiting, security headers - Add fail2ban filter/jail for webhook abuse detection - Add structured audit logging for security events - Update setup-vps.sh: nginx/certbot install, close port 3100 externally - Document secret rotation procedure and webhook security in SECURITY.md - Mark bugs qwibitai#2 and qwibitai#3 as FIXED in DEBUG_CHECKLIST.md Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
disruptDevWS
added a commit
to disruptDevWS/forge-os-pipeline
that referenced
this pull request
Feb 26, 2026
…tecture dir Bug qwibitai#2 — parseArchitectureBlueprint() now derives silo names from "### Silo N:" headings, skips non-silo tables (Parts 2-4), prioritizes URL column over Page column, and deduplicates by slug. Fixes 61 duplicates in "Uncategorized" → 22 pages across 5 named silos. Bug qwibitai#3 — syncDwight() now checks architecture/ directory as fallback for semantically_similar_report.csv when auditor/ report is empty. Fixes semantic conflicts showing 0 despite data existing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
atakankarsli
pushed a commit
to atakankarsli/nanoclaw
that referenced
this pull request
Feb 27, 2026
- Agent-runner main() was called at module scope, causing tests to trigger full startup and process.exit(1) in CI (addresses PR qwibitai#2 review) - Add GitHub Actions workflow: typecheck, format check, tests on PRs Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
atakankarsli
added a commit
to atakankarsli/nanoclaw
that referenced
this pull request
Feb 27, 2026
…overage-DmTJA test: add comprehensive test coverage and refactor for testability
asantopietro
added a commit
to asantopietro/nanoclaw
that referenced
this pull request
Mar 1, 2026
asantopietro
added a commit
to asantopietro/nanoclaw
that referenced
this pull request
Mar 1, 2026
asantopietro
added a commit
to asantopietro/nanoclaw
that referenced
this pull request
Mar 1, 2026
asantopietro
added a commit
to asantopietro/nanoclaw
that referenced
this pull request
Mar 1, 2026
asantopietro
added a commit
to asantopietro/nanoclaw
that referenced
this pull request
Mar 1, 2026
asantopietro
added a commit
to asantopietro/nanoclaw
that referenced
this pull request
Mar 1, 2026
Marko-StellarDev
added a commit
to Marko-StellarDev/nanoclaw
that referenced
this pull request
Mar 2, 2026
…tion Task run history (UI qwibitai#2): - db.ts: getTaskRunLogs(taskId, limit) + TaskRunLogEntry interface - api.ts: GET /api/tasks/:id/runs endpoint - api.service.ts: TaskRun interface + getTaskRuns() method - tasks.component.ts: expandable history sub-row per task (◷ button), fmtDuration() helper, run-badge styled by status Slack file uploads (qwibitai#8): - slack.ts: handle file_share subtype, download files to groups/{folder}/uploads/ via authenticated fetch (50MB cap) - Agent sees [Attached file: name → /workspace/group/uploads/name] - Audio files routed through Whisper transcription Voice note transcription (qwibitai#15): - src/transcription.ts: isAudioMimetype() + transcribeAudioFile() using OpenAI Whisper API (whisper-1, dynamic import) - slack.ts: audio/video mimetypes transcribed; agent sees [Voice: text] instead of a file path; falls back gracefully if key not set - package.json: added openai dependency - .env.example: OPENAI_API_KEY documented Watchdog auto-restart (qwibitai#12): - scripts/watchdog.sh: single-shot health check, 3-failure threshold, state file tracks consecutive failures, restarts via launchctl - INTEL_SETUP.md: Watchdog Setup section with plist template + usage Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
dongpil
added a commit
to dongpil/nanoclaw
that referenced
this pull request
Mar 8, 2026
aibilia
pushed a commit
to aibilia/nanoclaw
that referenced
this pull request
Mar 9, 2026
…ng-policy feat: Discord restructuring, language policy, auth fix
akasha-scheuermann
pushed a commit
to rscheuermann/nanoclaw
that referenced
this pull request
Mar 14, 2026
…e-LEzJ8 Fix security: only expose auth vars to containers, not full .env
bebekim
referenced
this pull request
in bebekim/goodclaw
Mar 14, 2026
Fix security: only expose auth vars to containers, not full .env
kvasa
referenced
this pull request
in kvasa/nanoclaw
Mar 15, 2026
…itai#8, qwibitai#11 + tests) Security: - Fix command injection in stopContainer(): use execFileSync/execFile with argument arrays instead of exec() with shell string interpolation. Renamed stopContainer() to stopContainerArgs() returning [bin, ...args]. Robustness: - Fix cursor race condition (index.ts): saveState(chatJid) now does atomic read-modify-write of only that group's cursor, preventing cross-group cursor clobber when concurrent groups save/rollback simultaneously. - Cap outgoing message queues in WhatsApp and Slack channels at 1000 entries to prevent OOM when connection stays down. - Add double-resolve guard in container-runner Promise (safeResolve()). - Cache loadSenderAllowlist() result with 5s TTL to avoid synchronous file I/O on every incoming message. Tests: - mount-security.test.ts: 32 new tests for validateMount, validateAdditionalMounts, loadMountAllowlist (previously zero coverage on security-critical module). - reaction-tracker.test.ts: 11 new tests covering race conditions between finalize() and transition timer. - cursor-isolation.test.ts: 6 regression tests verifying per-group cursor isolation. - Updated container-runtime.test.ts and sender-allowlist.test.ts for new APIs. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
4 tasks
bryantb2
referenced
this pull request
in bryantb2/nanoclaw
Mar 28, 2026
Nightly review proposals #1, #2, #3 — applied from fleet-ops analysis: - Subagent Selection table: REQUIRED mapping of task types to specialist subagents. general-purpose reserved for uncategorized work only. - Agent Teams REQUIRED criteria: auto-parallel for 2+ independent tasks, 3+ unrelated modules, or explicit user request. Sequential execution when criteria are met is a process violation. - QA Review Policy: mandatory completion gate with exact 4-step sequence. No exceptions, even for simple changes. Co-Authored-By: Agent Fleet <fleet@krewtrack.com>
pillaiinfotechbot
pushed a commit
to pillaiinfotechbot/nanoclaw-updated
that referenced
this pull request
Mar 30, 2026
The PHP heartbeat cron (cron qwibitai#2) was disabled as part of migration to NanoClaw scheduling. However, the poller was still only fetching in_progress tasks, which were never transitioned from pending state. This left 18 critical tasks stuck. Updated poller to fetch both pending AND in_progress tasks, replacing the PHP cron dependency. Tasks now flow: pending → inject → in_progress → executed. This unblocks critical infrastructure tasks (qwibitai#781, qwibitai#794, qwibitai#796, qwibitai#798, qwibitai#800) that were queued since the 24h outage yesterday. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
tipani86
added a commit
to tipani86/nanoclaw
that referenced
this pull request
Mar 30, 2026
…t races When nanoclaw restarts rapidly, multiple invocations of start-agentnet-daemon.sh can race. The daemon writes api.token before successfully binding port 9900, so if instance qwibitai#2 fails to bind (because #1 is still running), it leaves a stale token on disk. The running daemon (#1) won't accept qwibitai#2's token → unauthorized. Using flock ensures only one invocation runs at a time. If another is already running, the new one exits gracefully instead of attempting to restart. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
nightcrawlerxme
added a commit
to nightcrawlerxme/nanoclaw
that referenced
this pull request
Mar 30, 2026
feat: 12 autonomous intelligence features — metabolism, memory, emergence
morrowgarrett
added a commit
to morrowgarrett/nanoclaw
that referenced
this pull request
Apr 1, 2026
#1 AbortController idle timeout (PR qwibitai#1572): - Aborts hung SDK queries after 5min of no messages - Configurable via QUERY_IDLE_TIMEOUT env var - Container exits with error for host retry qwibitai#2 Session JSONL rotation (PR qwibitai#700): - Rotates session files exceeding 5MB - Prevents container timeouts from session bloat - Auto-creates fresh session on rotation qwibitai#3 Per-group .mcp.json config (PR qwibitai#1515): - Groups can define MCP servers in .mcp.json - Servers auto-discovered and tools auto-allowed - No code changes needed to add group-specific MCP Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
8 tasks
ridermw
added a commit
to ridermw/nanoclaw
that referenced
this pull request
Apr 4, 2026
- 13-item gap report with P0-P3 grading and git blame research - 6 gaps accepted for v1, agent swarms de-scoped to v2 - Architecture: remove remote-control, token via stdin+constructor, timeout retry - Test plan: 100% agent-runner coverage + smoke integration test - Codex outside voice: 5 findings adopted (pin SDK, smoke test, log redaction) - Acceptance criteria: 10 items defined - 0 unresolved decisions, 0 critical gaps Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
niztal
added a commit
to TVClaw/nanoclaw2
that referenced
this pull request
Apr 4, 2026
niztal
added a commit
to TVClaw/nanoclaw2
that referenced
this pull request
Apr 5, 2026
Shn-NC
added a commit
to Shn-NC/nanoclaw
that referenced
this pull request
Apr 10, 2026
…v1.3 test pages
staysocialmarketing
added a commit
to staysocialmarketing/nanoclaw
that referenced
this pull request
Apr 10, 2026
Adds groups/lev/CLAUDE.md defining Lev as Stay Social's AI Chief of Staff — Corey's qwibitai#2 with full business context, content workflow, and delegation role. Updates .gitignore to track the new lev group folder. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
kenansun-dev-bot bot
referenced
this pull request
in kenansun-dev/nanoclaw-github-copilot
Apr 12, 2026
feat: replace Claude Agent SDK with GitHub Copilot SDK
kenansun-dev-bot bot
referenced
this pull request
in kenansun-dev/nanoclaw-github-copilot
Apr 12, 2026
* fix: init adds mode selection and better auth detection - Interactive mode selection: sandbox (Docker) vs host - Auto-detects Docker availability, defaults to host if unavailable - Better auth detection: checks copilot CLI availability - updateConfigField helper for programmatic config changes * fix: add ~/.copilot/ auth detection in init Addresses review feedback #2 on PR qwibitai#135. --------- Co-authored-by: Kenan Rpi5 Claw <rpi5-claw@nanoclaw.dev>
foxsky
added a commit
to foxsky/nanoclaw
that referenced
this pull request
Apr 12, 2026
…+ synthetic future
Second-pass Codex review of b67ac77 flagged two residual partials in
an already-shipped fix: HIGH on soft-interrogative comma-less leak,
MEDIUM on synthetic-future form not covered by INTENT_DECLARATION.
1. SOFT NO-COMMA IMPERATIVE GATE (HIGH — Codex second pass)
First-pass isReadQuery() exempted any soft interrogative message
with no comma:
"Quando concluir T5 avise o João" → isRead=true (WRONG)
Informal Portuguese often drops the comma before the command
clause, and the auditor silently skipped mutation check.
Fix: new IMPERATIVE_VERB_PATTERN matches 2nd/3rd person singular
and plural imperative forms of TaskFlow task verbs:
conclu[ai]m?, atribu[aei]m?, cri[ae]m?, cancel[ea]m?,
adicion[ea]m?, aprov[ea]m?, descart[ea]m?, mov[ae]m?,
adi[ae]m?, alter[ea]m?, remov[ae]m?, renomei[ea]m?,
finaliz[ea]m?, process[ea]m?, devolv[ae]m?, retom[ae]m?,
delegu[ea]m?, registr[ea]m?, avis[ea]m?, alert[ea]m?,
inform[ea]m?, comuniqu[ea]m?, notifiqu[ea]m?, peç[ao]m?,
pe[cç]am?
isReadQuery SOFT branch tightened:
if (text.includes(',')) return false;
return !IMPERATIVE_VERB_PATTERN.test(text);
Word-boundary matched to avoid substring false positives
("criança" → "cria", "extremos" → "mov"). Verb list stays tight;
generic verbs like vai/faz/dá are intentionally out-of-scope.
2. SYNTHETIC FUTURE + FUTURE PERFECT (MEDIUM — Codex second pass)
INTENT_DECLARATION_PATTERN only recognized periphrastic future
(vou/vamos/pretendo/estou indo + infinitive). Formal WhatsApp
messages often use synthetic future instead:
"Concluirei T5 amanhã" → intent=false (WRONG)
"Atualizarei a descrição amanhã" → intent=false (WRONG)
"Terei finalizado P10 até amanhã" → intent=false (WRONG)
Extended INTENT_DECLARATION_PATTERN to four alternatives:
1. Periphrastic (unchanged)
2. 1sg synthetic future — \\S{3,}(?:a|e|i)rei\\b
3. 1pl synthetic future — \\S{3,}(?:a|e|i)remos\\b
4. Future perfect — (?:terei|teremos) + 0-2 adverbs + past
participle (ado|ido|ído|to|so)
\\S{3,} minimum stem length prevents "rei" (king), "Rei" (name),
"remos" (rowers), and "extremos" (adjective) from matching as
verbs. The ído participle alternative covers accented forms like
"concluído" in future perfect.
Residual known gap: irregular 1-char-stem synthetic futures
(farei, serei, direi, darei) don't match because the stem is
too short. These are rare in WhatsApp task contexts; accepted
and documented in the INTENT_DECLARATION_PATTERN comment.
Tests: 126 → 144 tests (+5 read-query negatives for comma-less
imperative variants, +8 intent positives for synthetic/future
perfect forms, +4 intent negatives for noun/adjective false
positive guards). Drift guard extended to pin
IMPERATIVE_VERB_PATTERN byte-identically alongside the other five
regexes. Full container agent-runner suite: 328/329 pass (1 todo).
Heredoc validated with `node --check`.
Codex second-pass review: HIGH #1 addressed, MEDIUM qwibitai#2 addressed,
scheduled_tasks and drift-guard classes already CONFIRMED in
b67ac77.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
foxsky
added a commit
to foxsky/nanoclaw
that referenced
this pull request
Apr 12, 2026
…+ synthetic future
Second-pass Codex review of b67ac77 flagged two residual partials in
an already-shipped fix: HIGH on soft-interrogative comma-less leak,
MEDIUM on synthetic-future form not covered by INTENT_DECLARATION.
1. SOFT NO-COMMA IMPERATIVE GATE (HIGH — Codex second pass)
First-pass isReadQuery() exempted any soft interrogative message
with no comma:
"Quando concluir T5 avise o João" → isRead=true (WRONG)
Informal Portuguese often drops the comma before the command
clause, and the auditor silently skipped mutation check.
Fix: new IMPERATIVE_VERB_PATTERN matches 2nd/3rd person singular
and plural imperative forms of TaskFlow task verbs:
conclu[ai]m?, atribu[aei]m?, cri[ae]m?, cancel[ea]m?,
adicion[ea]m?, aprov[ea]m?, descart[ea]m?, mov[ae]m?,
adi[ae]m?, alter[ea]m?, remov[ae]m?, renomei[ea]m?,
finaliz[ea]m?, process[ea]m?, devolv[ae]m?, retom[ae]m?,
delegu[ea]m?, registr[ea]m?, avis[ea]m?, alert[ea]m?,
inform[ea]m?, comuniqu[ea]m?, notifiqu[ea]m?, peç[ao]m?,
pe[cç]am?
isReadQuery SOFT branch tightened:
if (text.includes(',')) return false;
return !IMPERATIVE_VERB_PATTERN.test(text);
Word-boundary matched to avoid substring false positives
("criança" → "cria", "extremos" → "mov"). Verb list stays tight;
generic verbs like vai/faz/dá are intentionally out-of-scope.
2. SYNTHETIC FUTURE + FUTURE PERFECT (MEDIUM — Codex second pass)
INTENT_DECLARATION_PATTERN only recognized periphrastic future
(vou/vamos/pretendo/estou indo + infinitive). Formal WhatsApp
messages often use synthetic future instead:
"Concluirei T5 amanhã" → intent=false (WRONG)
"Atualizarei a descrição amanhã" → intent=false (WRONG)
"Terei finalizado P10 até amanhã" → intent=false (WRONG)
Extended INTENT_DECLARATION_PATTERN to four alternatives:
1. Periphrastic (unchanged)
2. 1sg synthetic future — \\S{3,}(?:a|e|i)rei\\b
3. 1pl synthetic future — \\S{3,}(?:a|e|i)remos\\b
4. Future perfect — (?:terei|teremos) + 0-2 adverbs + past
participle (ado|ido|ído|to|so)
\\S{3,} minimum stem length prevents "rei" (king), "Rei" (name),
"remos" (rowers), and "extremos" (adjective) from matching as
verbs. The ído participle alternative covers accented forms like
"concluído" in future perfect.
Residual known gap: irregular 1-char-stem synthetic futures
(farei, serei, direi, darei) don't match because the stem is
too short. These are rare in WhatsApp task contexts; accepted
and documented in the INTENT_DECLARATION_PATTERN comment.
Tests: 126 → 144 tests (+5 read-query negatives for comma-less
imperative variants, +8 intent positives for synthetic/future
perfect forms, +4 intent negatives for noun/adjective false
positive guards). Drift guard extended to pin
IMPERATIVE_VERB_PATTERN byte-identically alongside the other five
regexes. Full container agent-runner suite: 328/329 pass (1 todo).
Heredoc validated with `node --check`.
Codex second-pass review: HIGH #1 addressed, MEDIUM qwibitai#2 addressed,
scheduled_tasks and drift-guard classes already CONFIRMED in
b67ac77.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
(cherry picked from commit 19b598996445818646b84d55e6cf7f76a60fe4c1)
foxsky
added a commit
to foxsky/nanoclaw
that referenced
this pull request
Apr 12, 2026
Three parallel subagent reviews (correctness, tests, template/bot-flow) of 6e33f39 + f859aa6 flagged three material gaps. All addressed here. TEMPLATE — recoverable-error retry loop (Agent 3 finding qwibitai#4) The existing success:false handler at L567 said "If error exists, present it in {{LANGUAGE}}" — which degrades into "sorry, registration failed" when the engine rejects register_person with the new missing- fields error. The bot would just show the error to the user instead of parsing which fields are missing and asking for them. Added a new "Recoverable-error retry loop" bullet right after the generic handler that teaches the bot to: 1. Parse the missing-field list from the error text 2. Ask the user in ONE concise question for only those specific fields 3. Retry the SAME register_person call with the complete payload 4. Only degrade to "sorry, failed" if the user refuses or retry errors This is a two-turn conversation, not a failure. TEMPLATE — Cross-Board Assignee Guard 4-field reminder (Agent 3 qwibitai#6) M8 already cross-referenced the offer_register branch for handling cross-board reassignment rejects, but didn't inline the 4-field rule. Added an explicit note on the offer_register diagnose step so a reader landing there directly understands the hierarchy-board requirement without chasing the cross-reference to L545. TESTS — 3 new cases closing Agent 2 coverage gaps container/agent-runner/src/taskflow-engine.test.ts: 1. Hierarchy board missing ALL three fields (phone + group_name + group_folder) → error message lists all three. Guards the dynamic `missing.join(', ')` output so the bot can ask for everything in one prompt instead of discovering the fields one by one across multiple retries. 2. Legacy board with max_depth = NULL → canDelegateDown() returns false, so the validation does NOT fire and a 3-field register_person call succeeds. Pre-hierarchy installs (before the hierarchy schema was added) still have max_depth NULL in the boards table; this regression guard prevents my validation from breaking them. 3. offer_register on a LEAF board → message does NOT include the division/sigla ask. Counterpart to the existing assertion that the sigla IS present on the hierarchy fixture. Locks down the canDelegateDown() branch in buildOfferRegisterError. 218 container engine tests pass (up from 214). DEFERRED (pre-existing, out of scope): Agent 3 qwibitai#2 suggested injecting a pre-resolved {{IS_HIERARCHY_BOARD}} boolean into the generator instead of using literal {{HIERARCHY_LEVEL}} < {{MAX_DEPTH}} comparisons that render as "3 < 3" in rendered group prompts. The current pattern is functional — LLMs read "3 < 3 = false" correctly — but it's cognitively more expensive than a pre-resolved flag. Changing this would require generator refactoring and touches L293, L294, L534, L545 and other places that use the same pattern. Out of scope for the Edilson fix; worth a separate refactor commit later. REGEN 11 groups/*/CLAUDE.md re-rendered to pick up the L545 retry-loop and cross-board 4-field additions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
dm-j
pushed a commit
to dm-j/nanoclaw
that referenced
this pull request
Apr 13, 2026
…e-LEzJ8 Fix security: only expose auth vars to containers, not full .env
NV-xiaoyongs
pushed a commit
to NV-xiaoyongs/nanoclaw
that referenced
this pull request
Apr 14, 2026
…ai#2) Multiple NanoClaw installs sharing a Docker daemon use the same `nanoclaw-` container name prefix. Shutdown handlers and orphan cleanup from one install can kill containers belonging to another, causing crash loops on restart. Add CONTAINER_PREFIX env var (defaults to "nanoclaw") so each install can use a unique prefix. Affects container name construction, orphan cleanup, and shutdown handler filtering. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
NV-xiaoyongs
pushed a commit
to NV-xiaoyongs/nanoclaw
that referenced
this pull request
Apr 16, 2026
…ai#2) Multiple NanoClaw installs sharing a Docker daemon use the same `nanoclaw-` container name prefix. Shutdown handlers and orphan cleanup from one install can kill containers belonging to another, causing crash loops on restart. Add CONTAINER_PREFIX env var (defaults to "nanoclaw") so each install can use a unique prefix. Affects container name construction, orphan cleanup, and shutdown handler filtering. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alanz
added a commit
to alanz/nanoclaw
that referenced
this pull request
Apr 18, 2026
…g fixes Three divergences resolved against the current implementation: - Incremental reset archives (#1/qwibitai#2): ArchiveAndStartThrowawayOnReset now binds a prior_archives lookup, derives latest_prior_at, and passes it as messages_since on the new archive (null = full transcript). Added NonOverlappingArchivesPerSession invariant to assert no message timestamp sits inside the range of two non-placeholder archives for the same session. All other creation sites set messages_since: null. - Path format (qwibitai#4): all example archive paths now include the {HHmm} time component that the code has always written. - ThrowawaySession status (qwibitai#5): creation sites changed from status: queued (undeclared) to status: running, matching the code where runContainerAgent is called immediately with no queued step. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
5 tasks
gavrielc
added a commit
that referenced
this pull request
Apr 18, 2026
refactor: scaffold module registries + default-module layout (PR #2)
gavrielc
added a commit
that referenced
this pull request
Apr 18, 2026
Merge v2 → channels. Picks up v1 deletion and the module-registry scaffolding (PR #1, PR #2). Resolves src/channels/index.ts by keeping the full channel import list — channels branch is the fully-loaded runnable branch. No channel adapter changes required: the scaffolding only added new registries with empty defaults. Existing `registerChannelAdapter()` / `ChannelAdapter` interface is unchanged. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
7 tasks
gavrielc
added a commit
that referenced
this pull request
Apr 18, 2026
Moves the scheduling surface — 5 delivery actions (schedule_task, cancel_task, pause_task, resume_task, update_task), handleRecurrence, applyPreTaskScripts, and task DB helpers — out of core and into src/modules/scheduling/ (host) and container/agent-runner/src/scheduling/ (container). First PR to fill the MODULE-HOOK markers introduced in PR #2: - src/host-sweep.ts MODULE-HOOK:scheduling-recurrence now dynamically imports handleRecurrence from the module each sweep tick. - container/agent-runner/src/poll-loop.ts MODULE-HOOK:scheduling-pre-task dynamically imports applyPreTaskScripts before the provider call. When the marker block is empty (scheduling uninstalled), `keep` falls back to `normalMessages` so non-task messages still flow. The 5 task cases are removed from delivery.ts's handleSystemAction switch — the registry now routes them. Task DB helpers moved out of src/db/session-db.ts (which kept `nextEvenSeq` as a named export so the module can uphold the host-writes-even-seq invariant). Test suite split to match: scheduling-specific tests live in the module. No migration — tasks are messages_in rows with kind='task'. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously, the entire .env file was copied and mounted into containers,
exposing all environment variables to the agent. Now only the specific
authentication variables needed by Claude Code (CLAUDE_CODE_OAUTH_TOKEN
and ANTHROPIC_API_KEY) are extracted and mounted.
https://claude.ai/code/session_01Y6Az5oUPkYmJhA1N9MUd67