Remove message content from info-level logs#9
Merged
Conversation
Previously logged first 50 chars of message text at info level, which could expose sensitive user content in production logs. Now logs only message length instead. https://claude.ai/code/session_01V9b7PCAVA7LoyrR89t3GTG
deverman
pushed a commit
to deverman/nanoclawswift
that referenced
this pull request
Feb 2, 2026
…data-xb0E8 Remove message content from info-level logs
Rlin1027
added a commit
to Rlin1027/NanoGemClaw
that referenced
this pull request
Feb 6, 2026
Config (config.ts): - ALERTS.FAILURE_THRESHOLD: 3 consecutive failures - ALERTS.ALERT_COOLDOWN_MINUTES: 30 min between alerts - ALERTS.ENABLED: Toggle via env Error Tracking (db.ts): - recordError(): Increment consecutive failure count - resetErrors(): Clear on successful execution - getErrorState(): Get current error state for group - getAllErrorStates(): List all groups with errors - markAlertSent(): Track when alert was sent Integration (container-runner.ts): - Records errors when container returns error status - Resets counter on successful runs Admin Command (index.ts): - /admin errors: Display groups with consecutive failures This enables proactive error monitoring and tracking.
gavrielc
added a commit
that referenced
this pull request
Feb 17, 2026
…ting Code fix: - migrate.ts: migrateExisting() now calls recordCustomModification() to register the migration patch in state.yaml (was writing patch to disk but never recording it in state tracking). Also switched from shell-interpolated diff to execFileSync for path safety. Doc updates to resolve 11 inconsistencies between architecture docs and v0.1 implementation: - #7: Base is now documented as updating after every skill apply (accumulated-state model), not only during core updates - #1: State example uses name: (matching AppliedSkill type), not skill: - #2: file_hashes documented as flat single-hash, with three-part (base/skill/merged) noted as future - #3-5: Missing fields (installed_at, path_remap, author, license, tested_with, post_apply, etc.) documented as planned for future - #9: Manifest example updated to use core_version: 0.1.0 - #11: Execution order updated to match actual implementation (backup, lock, base update, test rollback steps) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
tunmaker
pushed a commit
to tunmaker/nanoclaw
that referenced
this pull request
Feb 24, 2026
…data-xb0E8 Remove message content from info-level logs
asantopietro
added a commit
to asantopietro/nanoclaw
that referenced
this pull request
Mar 1, 2026
## Summary - Validates act_runner functionality after Gitea 1.22 → 1.24.7 upgrade - Test change to skill PR check workflow echo statement ## Test plan - [x] Skill PR Check workflow triggers on this PR - [x] act_runner picks up and executes the job - [x] Job completes successfully Reviewed-on: https://gitea.cluster.lab1.lan/asantopietro/nanoclaw/pulls/9 Co-authored-by: Tony Santopietro <asantopietro@gmail.com> Co-committed-by: Tony Santopietro <asantopietro@gmail.com>
nempyxaa
added a commit
to nempyxaa/nanoclaw
that referenced
this pull request
Mar 4, 2026
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
index-engine
pushed a commit
to index-engine/nanoclaw
that referenced
this pull request
Mar 8, 2026
Reads Things 3 SQLite DB directly for Today items, creates fleeting note files in Obsidian vault, and marks Things items as completed. Features: - Direct SQLite read (no CLI dependency for reading) - UUID-based deduplication against existing fleeting notes - Project detection via registry @tags and routing keywords - Unix timestamp handling (not Core Data epoch — known issue qwibitai#9) - Empty title filtering - Slug generation with special char stripping and 60-char limit 26 passing tests covering: slugify, path generation, frontmatter building, Things DB reading, deduplication, project detection, timestamp handling, empty title filtering. Refs: qwibitai#811 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
terrylica
added a commit
to terrylica/nanoclaw
that referenced
this pull request
Mar 10, 2026
Both orchestrator state and evolution state now use tmp-file-then-rename pattern to prevent corruption if the process crashes mid-write. Addresses blind spot analysis finding qwibitai#9 (non-atomic state writes).
5 tasks
5queezer
added a commit
to 5queezer/nanoclaw
that referenced
this pull request
Mar 14, 2026
- Prevent API key leak in reranking fallback error log (high qwibitai#7) - MCP tools expose actual categories instead of silently-mapped aliases (medium qwibitai#9) - Chunker validates overlapSize < maxChunkSize to guarantee progress (medium qwibitai#13) - Add rerankProvider to DEFAULT_RETRIEVAL_CONFIG (low) - Remove dead findLastIndexWithin from chunker (low) - Deduplicate loadLanceDB() call in doInitialize (low) - Extract BM25 sigmoid divisor to documented constant (low) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
akasha-scheuermann
pushed a commit
to rscheuermann/nanoclaw
that referenced
this pull request
Mar 14, 2026
…data-xb0E8 Remove message content from info-level logs
bebekim
pushed a commit
to bebekim/goodclaw
that referenced
this pull request
Mar 14, 2026
…data-xb0E8 Remove message content from info-level logs
LeeJuOh
added a commit
to LeeJuOh/nanoclaw
that referenced
this pull request
Mar 22, 2026
…nd-brain skill - Add Platform Detection section: 7 platforms (YouTube, Twitter/X, Threads, GitHub, Reddit, Medium, web) with source_type mapping - Add Crawl Diagnostics section: $VAULT/_logs/crawl.jsonl schema for debugging crawl failures - Create references/platform-strategies.md: per-platform crawling strategies (browser-first for Twitter/Threads, API for GitHub/Reddit, paywall handling for Medium) - Expand source_type from web|youtube|memo to include twitter|threads|github|reddit|medium - Add platform-specific gotchas (Threads login wall, Twitter thread collection) - Add 4 new eval cases (qwibitai#9-12): Twitter pipeline, Threads failure handling, YouTube without yt-dlp, crawl log debugging - Track previously gitignored references/ files (schema.md, para.md) by scoping .gitignore pattern to /references - Add _logs/ to vault .gitignore template
thegreatestcompany
added a commit
to thegreatestcompany/otto
that referenced
this pull request
Mar 28, 2026
The onboarding page now asks for the client's phone number, then displays a pairing code to enter in WhatsApp. Much more reliable than QR code scanning for a headless VPS. Flow: phone number → API spawns auth → pairing code displayed → client enters code in WhatsApp → connected → channel registered → PM2 process started → Otto sends first message. Also documented: reconnection mechanism (qwibitai#10) and client cancellation/data export (qwibitai#9) gaps in postmortem. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
nightcrawlerxme
added a commit
to nightcrawlerxme/nanoclaw
that referenced
this pull request
Mar 30, 2026
…ext-bridge Emit Jarvis events from chats and task runs
morrowgarrett
added a commit
to morrowgarrett/nanoclaw
that referenced
this pull request
Apr 1, 2026
…wibitai#11 skill-as-markdown qwibitai#9 Container network restrictions: - scripts/setup-container-network.sh creates restricted Docker network - Containers can only reach proxy, memU, Tailscale, Google APIs, SSH - Opt-in setup script (not auto-applied) qwibitai#10 Credential pool with failover: - Supports multiple comma-separated OAuth tokens in CLAUDE_CODE_OAUTH_TOKEN - Round-robin selection with cooldown on errors - 429 rate limits: 60s cooldown; 401 auth: 1hr cooldown - Auto-failover to next available token qwibitai#11 Skill-as-markdown (autonomous skill creation): - Agent can save learned procedures as /workspace/group/skills/*.md - Skills auto-loaded into system prompt at container start - YAML frontmatter (name, description) for organization - Instructions added to Clutch's CLAUDE.md Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
agent-fleet-bot bot
referenced
this pull request
in bryantb2/nanoclaw
Apr 3, 2026
…t preamble Proposal #7 — Scheduled Task Failure Alerting When a cron/scheduled session hits a critical blocker (missing auth, env var not set, unavailable API), it must: write a local error record, post a Slack failure notification, and exit cleanly. Mirrors the budget- exhaustion Slack alert pattern in task-scheduler.ts. Evidence: sessions d9257a52 and 0fedc55c both failed silently on 2026-03-31. Proposal #8 — Nightly Review Phase 0: Compliance Check Adds a Phase 0 to the nightly-review skill that checks each proposal merged in the last 7 days for compliance or regression before Phase 1 observation begins. Regressions on approved proposals take priority over new findings. Evidence: proposals #1-3 merged 2026-03-27; all three behaviors recurred on 2026-03-30 (session f497c6f8) without being flagged as regressions. Proposal #9 — Scheduled Task Preamble: Fail Fast on Missing Dependencies Scheduled sessions must verify all required external dependencies at startup before doing any substantive work. If any dependency is missing: notify Slack and exit immediately. General principle — not GH_TOKEN specific (GH_TOKEN injection is now fixed upstream). Evidence: sessions d9257a52 and 0fedc55c ran for minutes before discovering auth failures. Approved by Blake (operator) via Slack on 2026-04-02. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
6 tasks
dm-j
pushed a commit
to dm-j/nanoclaw
that referenced
this pull request
Apr 13, 2026
…data-xb0E8 Remove message content from info-level logs
foxsky
pushed a commit
to foxsky/nanoclaw
that referenced
this pull request
Apr 15, 2026
Closes the detection gap exposed by the Giovanni weekday bug earlier today:
the bot responded, delivered, persisted — payload just had the wrong date.
noResponse and auditTrailDivergence both miss this class.
New check: SQL self-join on task_history finds pairs of same-user same-task
date-field mutations within 60 min with a.details <> b.details, scoped to
engine-emitted prefixes ("Reunião reagendada, "Prazo definido: ) so freeform
note bodies don't match. Each pair is annotated with the triggering user
message, looked up via board_people.name resolution so attribution sticks to
the actual corrector, not just whoever typed last.
auditor-prompt.txt gains rule qwibitai#9: classify each pair as 🔴 bot error (trigger
message uses explicit DD/MM to fix bot resolution) or ⚪ legitimate iteration.
Codex gpt-5.4 high reviewed twice; tweaks applied (structured LIKE prefixes,
a.details <> b.details, sender-aware trigger lookup, LIKE-wildcard escape on
user-controlled display name). /simplify round applied.
Dry-run on 14 days of production data: 2 hits, 1 canonical bug (Giovanni M1,
32-min window), 1 marginal (joao-antonio T1 same-minute). Zero false positives
after tightening.
Scope: date fields only (scheduled_at + due_date). Wrong-assignee and
wrong-task-targeted corrections deferred to LLM-in-the-loop follow-up.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously logged first 50 chars of message text at info level, which
could expose sensitive user content in production logs. Now logs only
message length instead.
https://claude.ai/code/session_01V9b7PCAVA7LoyrR89t3GTG