* chore(ci): retrigger PR checks after intake body update
* fix(ci): stabilize local quality gates on rebased main
---------
Co-authored-by: Chummy <chumyin0912@gmail.com>
Co-authored-by: xj <gh-xj@users.noreply.github.com>
- Add non-loopback auth guard to /v1/chat/completions (matching /api/chat)
- Fix migration guide references to non-existent files (api_chat.rs,
openai_compat_shim.rs, mod_patch.rs) — endpoints live in openclaw_compat.rs
- Remove phantom `provider` field from /api/chat response docs
- Add TOML string escaping to config converter to handle special chars
- Add proper JSON parse error handling in config converter
- Update deployment checklist and troubleshooting to match actual file layout
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add a complete OpenClaw → ZeroClaw migration toolkit:
- POST /api/chat: ZeroClaw-native endpoint with full agent loop (tools, memory,
context enrichment). Supports session_id scoping and context[] injection for
conversation history. Same code path as Linq/WhatsApp/Nextcloud handlers.
- POST /v1/chat/completions: OpenAI-compatible shim that routes through
run_gateway_chat_with_tools instead of the simple provider.chat_with_history
path. Extracts last user message + up to 10 messages of conversation context
from the messages[] array. Supports streaming (simulated SSE). Drop-in
replacement for OpenClaw callers with zero code changes.
Both endpoints include full observability instrumentation (AgentStart, LlmRequest,
LlmResponse, RequestLatency, AgentEnd), auth (pairing + webhook secret), rate
limiting, auto-save to memory, and response sanitization.
Also adds:
- scripts/convert-openclaw-config.py: Converts openclaw.json → config.toml with
provider mapping, channel detection, and migration notes
- docs/migration/openclaw-migration-guide.md: Full migration walkthrough with
endpoint reference, config mapping, callsite examples, and deployment checklist
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(providers): implement Qwen OAuth quota tracking
Add static quota display for Qwen OAuth provider (portal.qwen.ai).
Qwen OAuth API does not return rate-limit headers, so this provides
a static quota indicator based on known OAuth free-tier limits.
Changes:
- Add QwenQuotaExtractor in quota_adapter.rs
- Parses rate-limit errors for retry backoff
- Registered for all Qwen aliases (qwen, qwen-code, dashscope, etc.)
- Add Qwen OAuth detection in quota_cli.rs
- Auto-detects ~/.qwen/oauth_creds.json
- Displays static quota: ?/1000 (unknown remaining, 1000/day total)
- Improve quota display formatting
- Shows "?/total" when only total limit is known
- Add comprehensive test report and testing scripts
- Full integration test report: docs/qwen-provider-test-report.md
- Model availability, context window, and latency tests
- Reusable test scripts in scripts/ directory
Test results:
- Available model: qwen3-coder-plus (verified)
- Context window: ~32K tokens
- Average latency: ~2.8s
- All 15 quota tests passing
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
(cherry picked from commit fa91b6a170)
* docs: satisfy markdownlint spacing in qwen docs
---------
Co-authored-by: ZeroClaw Bot <zeroclaw_bot@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(installer): add guided zeroclaw installer entrypoint
- add top-level POSIX wrapper (zeroclaw_install.sh) that ensures bash is present
- route bootstrap/install compatibility scripts through the new installer entrypoint
- improve Linux dependency handling for Alpine/Fedora/Arch, including pacman container fallback
* fix(ci): resolve dependabot config conflict and run daily
- remove duplicate docker ecosystem entry with overlapping directory/target-branch
- switch cargo, github-actions, and docker schedules from monthly to daily
- Add `scripts/install.sh` — a single `curl | bash` installer that handles system deps, Rust, clone, build, and install
automatically.
- Update README Linux/macOS section with a "One-Line Installer (Recommended)" block above the existing manual steps.
1. Detects OS (Linux apt/dnf, macOS Xcode CLT)
2. Installs build deps + git via system package manager (sudo only here)
3. Installs Rust via rustup (skipped if already present)
4. Shallow-clones the repo to `/tmp/zeroclaw-install`
5. `cargo build --release --locked` + `cargo install --path . --force --locked`
6. Cleans up temp dir and prints next steps (`source ~/.cargo/env`, `zeroclaw onboard`)
* feat: Add GitHub Actions workflows for security audits, CodeQL analysis, contributor updates, performance benchmarks, integration tests, fuzz testing, and reusable Rust build jobs
- Implemented `sec-audit.yml` for Rust package security audits using `rustsec/audit-check` and `cargo-deny-action`.
- Created `sec-codeql.yml` for CodeQL analysis scheduled twice daily.
- Added `sync-contributors.yml` to update the NOTICE file with new contributors automatically.
- Introduced `test-benchmarks.yml` for performance benchmarks using Criterion.
- Established `test-e2e.yml` for running integration and end-to-end tests.
- Developed `test-fuzz.yml` for fuzz testing with configurable runtime.
- Created `test-rust-build.yml` as a reusable job for executing Rust commands with customizable parameters.
- Documented main branch delivery flows in `main-branch-flow.md` for clarity on CI/CD processes.
* ci(workflows): update workflow scripts and rename for clarity; remove obsolete lint feedback script
* chore(ci): externalize workflow scripts and relocate main flow doc
The CI workflow contained a ~90-line bash script for change-detection
(lines 38-128) and a ~80-line JavaScript block for lint feedback
(lines 292-370) directly inline in the YAML. Large inline scripts are
harder to test, lint, and maintain than standalone files.
Extract:
- Change-detection logic → scripts/ci/detect_change_scope.sh
- Lint feedback logic → scripts/ci/lint_feedback.js
The workflow now calls these external scripts. GitHub expression values
that were previously interpolated inline are passed as environment
variables instead.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
