Skip to content

fix(dcode): allow first-run name prompt while suppressing model picker#6418

Merged
cv merged 3 commits into
NVIDIA:mainfrom
senthilr-nv:fix/dcode-allow-name-prompt-suppress-model-picker
Jul 7, 2026
Merged

fix(dcode): allow first-run name prompt while suppressing model picker#6418
cv merged 3 commits into
NVIDIA:mainfrom
senthilr-nv:fix/dcode-allow-name-prompt-suppress-model-picker

Conversation

@senthilr-nv

@senthilr-nv senthilr-nv commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Summary

Restores the optional Deep Agents Code first-run name prompt while keeping dependency and model selection under NemoClaw control.
This follows #6414 by replacing blanket onboarding suppression with pinned launch-flow overrides that continue directly to the NemoClaw-selected model.

Changes

  • Stop patching onboarding.py so the upstream optional name prompt can run.
  • Override the dependency/model launch boundaries to return no selection screen and a resolved (False, None) result.
  • Teach the live TUI check to submit an empty optional name, continue to readiness, and still fail if the model picker appears.
  • Add direct-module, TUI state-machine, and patch-idempotence coverage for the revised behavior.
  • Update the Deep Agents Code quickstart to describe the retained name prompt and suppressed dependency/model screens.

Type of Change

  • Code change (feature, bug fix, or refactor)
  • Code change with doc updates
  • Doc only (prose changes, no code sample modifications)
  • Doc only (includes code sample changes)

Quality Gates

  • Tests added or updated for changed behavior
  • Existing tests cover changed behavior — justification:
  • Tests not applicable — justification:
  • Docs updated for user-facing behavior changes
  • Docs not applicable — justification:
  • Sensitive paths changed (security, policy, credentials, preflight, onboarding, inference, runner, sandbox, or messaging)
  • Sensitive-path review completed or maintainer-approved waiver recorded — reviewer/approval link/justification: @cv reviewed the production delta at b9f006359; follow-up da7c0e35f adds only tests, comments, and docs. All nine security categories pass, and the live DCode target remains required before approval.
  • Non-success, skipped, or missing CI check accepted by maintainer — check name, approval link, and follow-up issue:

Verification

  • PR description includes the DCO sign-off declaration and every commit appears as Verified in GitHub
  • Normal pre-commit, commit-msg, and pre-push hooks passed, or npm run check:diff passed when hooks were skipped or unavailable
  • Targeted behavior tests pass for the current change set, or tests are marked not applicable above — vitest --project integration passed 65/65 across the progressive-disclosure, direct-module, and TUI startup suites.
  • Applicable broad gate passed — npm test for broad runtime/test-harness changes; npm run check for repo-wide validation/coverage changes — command/result:
  • Quality Gates section completed with required justifications or waivers
  • No secrets, API keys, or credentials committed
  • npm run docs builds without warnings (doc changes only)
  • Doc pages follow the style guide (doc changes only)
  • New doc pages include SPDX header and frontmatter (new pages only)

Additional evidence: npm run docs passed with zero errors; Fern reported two existing warnings. The author also reported a successful DGX Spark first-run proof, but the required auditable live workflow is still pending.


Signed-off-by: Senthil Ravichandran senthilr@nvidia.com

Summary by CodeRabbit

  • New Features
    • Improved DeepAgents Code first-run flow: the optional “name” prompt can appear, while the model picker and dependency/model selection screens are skipped for a smoother start.
  • Bug Fixes
    • Fixed managed interactive-session startup to avoid mis-handling first-run screen sequencing (now continues after naming rather than pausing for picker prompts).
  • Documentation
    • Updated the DeepAgents Code quickstart to match the revised first-run behavior.
  • Tests
    • Expanded/adjusted TUI startup and progressive-disclosure test coverage for the new first-run name prompt flow and updated patched-module expectations.

@coderabbitai

coderabbitai Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

📝 Walkthrough

Walkthrough

Replaces onboarding-based model picker suppression with new DeepAgentsApp overrides that bypass the dependency/model picker flow. Updates the fixture, startup harnesses, e2e script, tests, and docs to treat the first-run name prompt separately from the model picker.

Changes

Model picker skip override

Layer / File(s) Summary
Patcher overrides and onboarding removal
agents/langchain-deepagents-code/patch-managed-deepagents-code.py
Adds override functions to skip the model picker and pre-resolve the dependencies-then-model prompt, wires them into DeepAgentsApp, updates AST required-method checks, and removes the onboarding patch path, onboarding.py references, and transformation logic.
Fixture implementation of new overrides
test/fixtures/langchain-deepagents-code/app.py
Adds _prompt_launch_dependencies_then_model and _build_launch_dependencies_prompt methods returning a pre-resolved suppression result.
Patch verification and docs
test/langchain-deepagents-code-direct-module-patch.test.ts, test/langchain-deepagents-code-image.test.ts, test/langchain-deepagents-code-progressive-tool-disclosure.test.ts, docs/get-started/quickstart-langchain-deepagents-code.mdx
Updates patch assertions, marker checks, and quickstart wording to match the removed onboarding path and new startup flow.
TUI startup expect harness and tests
test/deepagents-code-tui-startup-check.test.ts
Adds a namePrompt Expect event and branch, narrows the first-run pattern to the model picker, adds a separate name-prompt pattern, and updates the startup tests to allow the name prompt flow.
E2E interactive startup check script
test/e2e/e2e-cloud-experimental/checks/10-deepagents-code-tui-startup.sh
Adds a separate name-prompt regex and expect branch, narrows the first-run pattern, and exports the new pattern into the expect harness environment.

Estimated code review effort: 3 (Moderate) | ~25 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main change: keep the first-run name prompt while suppressing the model picker.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands.

@senthilr-nv senthilr-nv self-assigned this Jul 7, 2026
PR NVIDIA#6414 suppressed the entire DCode onboarding flow including the name
prompt. This restores the name prompt by removing ONBOARDING_PATCH
(which forced should_run_onboarding() to False) and instead overriding
_build_launch_dependencies_prompt and _prompt_launch_dependencies_then_model
to return (False, None), which skips the model picker while allowing
the upstream name screen to appear.

Closes NVIDIA#6410 (follow-up)
@senthilr-nv
senthilr-nv force-pushed the fix/dcode-allow-name-prompt-suppress-model-picker branch from d723257 to e3c069e Compare July 7, 2026 19:47

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
test/deepagents-code-tui-startup-check.test.ts (1)

245-259: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Duplicated name-prompt regex literal across files.

The pattern "(your name \\(optional\\)|what should deep agents call you)" is hardcoded here, again at lines 155-156 in this same file, and once more in test/e2e/e2e-cloud-experimental/checks/10-deepagents-code-tui-startup.sh. If the production regex changes in the shell script, none of these hardcoded copies would fail loudly — they'd just silently stop reflecting production behavior. Consider extracting this pattern into a single shared constant (or reading it from the actual shell script) to keep the test honest about drift.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@test/deepagents-code-tui-startup-check.test.ts` around lines 245 - 259, The
name-prompt regex is duplicated in the startup check test and the e2e shell
check, so the test can drift from the real TUI behavior. Extract the pattern
used by isNamePrompt in deepagents-code-tui-startup-check.test.ts into a shared
source of truth, or read it from 10-deepagents-code-tui-startup.sh, and update
the existing hardcoded copies to reference that shared constant so changes in
the prompt regex stay aligned.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@test/deepagents-code-tui-startup-check.test.ts`:
- Around line 245-259: The name-prompt regex is duplicated in the startup check
test and the e2e shell check, so the test can drift from the real TUI behavior.
Extract the pattern used by isNamePrompt in
deepagents-code-tui-startup-check.test.ts into a shared source of truth, or read
it from 10-deepagents-code-tui-startup.sh, and update the existing hardcoded
copies to reference that shared constant so changes in the prompt regex stay
aligned.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 9e24a4e7-3833-45c4-937c-0b65000ae942

📥 Commits

Reviewing files that changed from the base of the PR and between 376ebe2 and d723257.

📒 Files selected for processing (7)
  • agents/langchain-deepagents-code/patch-managed-deepagents-code.py
  • ci/test-file-size-budget.json
  • test/deepagents-code-tui-startup-check.test.ts
  • test/e2e/e2e-cloud-experimental/checks/10-deepagents-code-tui-startup.sh
  • test/fixtures/langchain-deepagents-code/app.py
  • test/langchain-deepagents-code-direct-module-patch.test.ts
  • test/langchain-deepagents-code-image.test.ts

@senthilr-nv senthilr-nv added integration: dcode LangChain Deep Code integration behavior area: onboarding Onboarding FSM, provider setup, sandbox launch, or first-run flow area: ui Web UI, terminal display, visual layout, or UX behavior enhancement New capability or improvement request labels Jul 7, 2026
@senthilr-nv
senthilr-nv requested review from cv and ericksoa July 7, 2026 20:02
@senthilr-nv senthilr-nv added the v0.0.76 Release target label Jul 7, 2026

@cv cv left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Security review of exact head b9f006359: PASS for the production delta. No security finding blocks this change.

Category results:

  1. Secrets and credentials: PASS. No secret material or credential path was added.
  2. Input validation and sanitization: PASS. The name prompt remains upstream-controlled, and the live capture continues through canonical secret redaction.
  3. Authentication and authorization: PASS. Auth prompts, provider selection, and credential stores remain blocked by the managed patch.
  4. Dependencies and third-party libraries: PASS. No dependency or pin changed.
  5. Error handling and logging: PASS. The TUI harness records only sanitized markers and fails closed on an unexpected model picker.
  6. Cryptography and data protection: PASS. No cryptographic behavior changed.
  7. Configuration and security posture: PASS. NemoClaw still owns model configuration; dependency and model selection screens are suppressed.
  8. Security testing: PASS. Direct-module, TUI state-machine, and patch-idempotence coverage passed 64/64, including the corrected unpatched-onboarding assertion.
  9. Holistic posture: PASS. User hooks remain disabled, no new command or network path exists, and the override matches pinned Deep Agents Code 0.1.30 launch sequencing.

Files reviewed: all PR-changed Python, TypeScript, shell, fixture, and quickstart files, plus the pinned upstream launch flow.

This is a security verdict only, not merge approval. Required CI, automated advisor review, and ubuntu-repo-cloud-langchain-deepagents-code live evidence remain pending.

@cv

cv commented Jul 7, 2026

Copy link
Copy Markdown
Collaborator

/ok to test b9f0063

@cv

cv commented Jul 7, 2026

Copy link
Copy Markdown
Collaborator

/ok to test da7c0e3

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

E2E Target Results — ❌ Some jobs failed

Run: 28899544572
Workflow ref: codex/pr-6418-e2e
Requested targets: ubuntu-repo-cloud-langchain-deepagents-code
Requested jobs: (default — all default-enabled free-standing jobs; explicit-only jobs openshell-gateway-auth-contract, mcp-bridge-dev, hermes-gpu-startup, sandbox-rlimits-connect, and jetson-nvmap-gpu are skipped unless selected)
Summary: 0 passed, 1 failed, 0 cancelled, 0 skipped

Job Result
live ❌ failure

Failed jobs: live. Check run artifacts for logs.

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

E2E Target Results — ✅ All selected jobs passed

Run: 28899544572
Workflow ref: codex/pr-6418-e2e
Requested targets: ubuntu-repo-cloud-langchain-deepagents-code
Requested jobs: (default — all default-enabled free-standing jobs; explicit-only jobs openshell-gateway-auth-contract, mcp-bridge-dev, hermes-gpu-startup, sandbox-rlimits-connect, and jetson-nvmap-gpu are skipped unless selected)
Summary: 1 passed, 0 failed, 0 cancelled, 0 skipped

Job Result
live ✅ success

@cv cv left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving exact head da7c0e35f38ae372fc6ba8b77e47715140645629.

  • All attached CI is green or expected-skipped, with no pending/failing checks and no unresolved review threads.
  • The required exact-head Deep Agents Code live target passed on attempt 2: https://github.com/NVIDIA/NemoClaw/actions/runs/28899544572/job/85733616029
    • The TUI proof observed the usable startup prompt, clean exit, and secret-safe capture: 4 passed, 0 failed.
    • Attempt 1 was infrastructure-only: two preconfigured Microsoft apt repositories prevented installing expect; onboarding, inference, lifecycle, policy, and secret-boundary suites had passed. The exact-head rerun installed expect and passed the full target.
  • The nine-category security review passed with no vulnerability findings.
  • DCO is present and all three commits are GitHub Verified.
  • The primary advisor found no blockers and recommended merging as-is. The secondary advisor's useful sequence-test suggestion is addressed at this head: the harness now models exp_continue, and the negative namePrompt -> firstRun path proves the model picker cannot follow the optional name prompt.
  • Focused tests pass 65/65, and the docs build passes with zero errors (two pre-existing Fern warnings).

The follow-up from the reviewed production head contains tests, comments, and docs only.

@cv
cv merged commit 0411656 into NVIDIA:main Jul 7, 2026
192 of 193 checks passed
apurvvkumaria pushed a commit that referenced this pull request Jul 8, 2026
## Summary

Consume the official Nemotron 3 Ultra profile from
`deepagents-code[nvidia]==0.1.34`, which pins `deepagents==0.7.0a6`.
This keeps the managed model IDs and public behavior unchanged while
preserving the optional first-run name prompt and suppressed
dependency/model pickers from #6410 and #6418.

## Changes

- Pin `deepagents-code[nvidia]==0.1.34` and `deepagents==0.7.0a6`;
regenerate the hash-locked dependency set with only
`langchain-google-genai` moving from `4.2.6` to `4.2.7`.
- Remove the temporary profile source and license wiring, then retain an
atomic, idempotent, fail-closed alias bridge for
`openai:nvidia/nemotron-3-ultra-550b-a55b` and
`openai:nvidia/nvidia/nemotron-3-ultra`.
- Bind removal of that bridge to its exact DCode/Deep Agents
version-and-hash gate in `dependency-review.md`; this PR intentionally
does not create a separate follow-up issue.
- Port the managed DCode hardening patch to the `0.1.34` package layout
and direct-return MCP loader while preserving JSON diagnostics and the
#6418 launch overrides.
- Validate the official wheels, all 12 native middleware entries,
unrelated-model isolation, complete graph compilation, and equivalent
single-dispatch behavior for parser-repaired and native `execute` calls.
- Update the DCode documentation and cloud acceptance checks for the
released versions, native profile, TUI startup behavior, and
direct/login-shell inference.

## Type of Change

- [ ] Code change (feature, bug fix, or refactor)
- [x] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates

- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [x] Docs updated for user-facing behavior changes
- [ ] Docs not applicable — justification:
- [x] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [x] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification: [cv's deterministic TUI
contract](#6416 (comment))
is implemented and passed exact-head server acceptance; cv also [waived
a separate bridge-removal
issue](#6416 (comment))
and [accepted the trusted-apt warning as
nonblocking](#6416 (comment))
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification

- [x] PR description includes the DCO sign-off declaration and every
commit appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable —
normal hooks and `npm run check:diff` passed
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — official-wheel hash-locked validators
passed; profile patch 12/12, direct module 34 passed/1 Linux-only skip,
progressive disclosure 13/13, image 75/75, TUI 19/19, independent DCode
image/TUI 94/94, platform parity 10/10, managed entrypoints 24/24,
workflow boundary 39/39, and updated CLI/onboarding fixtures passed;
repository checks, typecheck, test-size, and `pip-audit` passed
- [x] Applicable broad gate passed — `npm test` for broad
runtime/test-harness changes; `npm run check` for repo-wide
validation/coverage changes — all exact-head Linux CI and
[`ubuntu-repo-cloud-langchain-deepagents-code`](https://github.com/NVIDIA/NemoClaw/actions/runs/28907835011)
passed for `928b50626b303b2008d35f844408a1f83a43a404`
- [x] Quality Gates section completed with required justifications or
waivers — 42 applicable exact-head checks passed; cv recorded the two
advisor dispositions linked above
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only) — passed
with 0 errors and 2 existing repository warnings
- [x] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only); `npm run docs:sync-agent-variants` passed
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

---
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>

---------

Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
apurvvkumaria added a commit that referenced this pull request Jul 8, 2026
<!-- markdownlint-disable MD041 -->
## Summary

Prepares the user-facing documentation for NemoClaw v0.0.76 and closes
the release-prep documentation gate. It adds the release highlights,
documents the arm64 Local NIM warning and expanded image cleanup
behavior, and fixes agent-specific command headings in generated guides.

## Changes

- Add the v0.0.76 release-notes section and move the shared-gateway
route containment entry out of the v0.0.74 history where it was
incorrectly placed.
- Document the advisory Linux arm64 Local NIM manifest warning in the
canonical platform matrix and local-inference guidance.
- Document that `gc` scans both gateway-built and locally prebuilt
sandbox image repositories.
- Keep OpenClaw and Hermes session headings out of the generated Deep
Agents command guide.
- Add a focused variant regression test for the agent-specific session
headings.

### Source summary

| Merged sources | Documentation coverage |
| --- | --- |
| [#6414](#6414),
[#6418](#6418),
[#6416](#6416),
[#6344](#6344) | v0.0.76 release
notes and the Deep Agents quickstart/inference routes |
| [#6340](#6340) | v0.0.76
release notes and existing Deep Agents observability guidance |
| [#6338](#6338),
[#6378](#6378),
[#6297](#6297) | v0.0.76 release
notes and existing inference/troubleshooting guidance |
| [#6362](#6362) | v0.0.76
release notes and existing lifecycle, command, and credential guidance |
| [#6330](#6330),
[#6307](#6307),
[#6008](#6008) | v0.0.76 release
notes and existing security, troubleshooting, and command guidance |
| [#6382](#6382) | v0.0.76
release notes and existing MCP/command guidance |
| [#6326](#6326),
[#5868](#5868),
[#5539](#5539) | v0.0.76 release
notes, platform matrix, inference options, and local-inference guidance
|
| [#6396](#6396),
[#6390](#6390),
[#6007](#6007) | v0.0.76 release
notes and existing messaging guidance |
| [#5388](#5388),
[#6249](#6249),
[#6303](#6303),
[#6306](#6306) | v0.0.76 release
notes and command/lifecycle guidance |

## Type of Change

- [ ] Code change (feature, bug fix, or refactor)
- [x] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates

- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [x] Docs updated for user-facing behavior changes
- [ ] Docs not applicable — justification:
- [ ] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [ ] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification:
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification

- [x] PR description includes the DCO sign-off declaration and every
commit appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `npx vitest run --project integration
test/generate-platform-docs.test.ts test/agent-variant-docs.test.ts
test/sync-agent-variant-docs.test.ts` (3 files, 29 tests passed)
- [ ] Applicable broad gate passed — `npm test` for broad
runtime/test-harness changes; `npm run check` for repo-wide
validation/coverage changes — command/result:
- [x] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only) —
completed with 0 errors and 2 pre-existing Fern warnings
- [x] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

---
Signed-off-by: Apurv Kumaria <akumaria@nvidia.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Documentation**
* Added v0.0.76 release notes content, and removed an older conflicting
bullet from the surrounding release history.
* Expanded Local NVIDIA NIM guidance across inference/provider docs,
including an advisory for Linux arm64 DGX Spark/DGX Station hosts when a
matching `linux/arm64` image manifest is unavailable.
* Updated the command reference for correct session-section rendering
and clarified `gc` image cleanup sources.
* **Tests**
* Added coverage ensuring Deep Agents omits sessions headings while
Hermes includes them.
* **CI**
* Refreshed Local NVIDIA NIM provider notes used in the platform matrix.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Apurv Kumaria <akumaria@nvidia.com>
cv added a commit that referenced this pull request Jul 8, 2026
…6431)

<!-- markdownlint-disable MD041 -->
## Summary
Replaces NemoClaw's build-time mutation of the released Deep Agents
bootstrap with a first-party `deepagents.harness_profiles` plugin for
`deepagents-code==0.1.34` / `deepagents==0.7.0a6`. The two managed
OpenAI-compatible model keys continue to receive the released native
Nemotron 3 Ultra profile, with exact version/source gates and no
third-party source changes.

## Related Issue
Fixes #6424

## Changes
- Add and install `nemoclaw-deepagents-profile==0.1.0` through Deep
Agents' supported profile entry-point lifecycle.
- Register only the two NemoClaw-managed aliases against the released
canonical Ultra profile, atomically and idempotently.
- Fail the image build on missing or unimportable dependencies,
mismatched distribution/package roots, copied/installed adapter-source
drift, or released-profile/bootstrap drift.
- Run a DCode-only negative Docker build from the current hash-locked
base, strip both upstream distributions, and prove failure occurs at the
isolated import gate before the later dependency check.
- Build and install a real unreviewed-version plugin wheel and prove the
actual validator rejects it.
- Verify entry-point discovery, all 12 middleware entries,
unrelated-model isolation, graph compilation, and allowed/denied
execute-dispatch parity against the official wheels.
- Split image/runtime and credential-boundary contracts into balanced
756/755-line suites with a 113-line shared helper, preserving all 75
original tests and substantial per-file size headroom.
- Remove the installed-bootstrap patcher and document that the adapter
must be removed, not rehashed, once reviewed dependencies provide both
exact aliases.
- Preserve the merged DCode hardening and paced `/agents` first-run TUI
behavior from #6410 / #6418.

## Automated review dispositions

- **License metadata:** the production package keeps the PEP 639 SPDX
string and builds unchanged with lock-pinned `setuptools==82.0.1`; the
production validator now requires exact installed-wheel
`License-Expression: Apache-2.0` metadata, with a negative
metadata-drift test. The legacy conversion is a localized offline
wrong-version fixture with explicit source-boundary and
removal-condition documentation. Remove the fixture-only conversion once
runner setuptools accepts PEP 639 strings; production never uses it.
- **Plain-progress build output:** plain progress remains necessary to
prove the exact import-failure marker. Before Docker runs, the gate now
rejects every Docker `ARG` name outside a complete reviewed allowlist,
while tests pin the only passed build arguments to the two public
`BASE_IMAGE` references. Behavior tests inject unreviewed uppercase,
lowercase, and continued ARG declarations across all three Dockerfiles
and prove rejection occurs before any build; the targeted DCode E2E job
runs the same script with real Docker before live tests.
- **Adapter build-layer retention:** Docker can retain the copied
project tree in an image layer or failed local build cache. This is
accepted because it contains only public, first-party Apache-2.0 source
and metadata, while the installed Python module necessarily ships the
same source; revisit if any adapter input becomes secret-bearing or
non-public.
- **Credential redaction parity:** `PASS`/`PASSWD`,
quoted/space-separated assignments, punctuation-bearing values, and
bounded camel/acronym aliases now share the same fail-closed policy
across the Bash wrapper, managed Python runtime, observability scrubber,
config filter, full/sensitive-text redactors, structured-log classifier,
TUI sanitizer, and E2E redactors. The separator lookbehind is capped at
32 horizontal characters to prevent attacker-controlled scans;
private-key blocks are scrubbed before assignment matching. Positive
tests cover `customPass`, `DBPass`, and known secret `*Key` families,
while `COMPASS`/`BYPASS`, `TOPSECRET`/`SUBTOKEN`, pass-rate fields,
`publicKey`, and `customKey` remain untouched.
- **OpenShell TLS key provenance:** the canonical mounted path is
intentionally accepted only from the supervisor-owned runtime
environment and rejected from the mutable DCode `.env`. The split
credential suite now proves both sides explicitly, matching the existing
wrapper-identity coverage; allowing it in `.env` would weaken the
boundary.
- **Docker auth cleanup:** the shared workflow validator requires
exactly one canonical cleanup with `if: always()` as the final job step.
A DCode-specific mutation test now also rejects moving cleanup before
the import gate.
- **Private-key and fixture helpers:** multiline private-key matching is
consolidated into the live generic matcher with a required-newline mode,
preserving comment behavior while removing 12 lines. Profile-hash
fixture replacement is now whitespace/quote tolerant while still
requiring one exact reviewed constant and digest. A focused regression
covers both formatting variants and duplicate-definition rejection; use
an AST transform only if the current two-constant scope grows.

## Type of Change

- [x] Code change (feature, bug fix, or refactor)
- [ ] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates
- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [ ] Docs updated for user-facing behavior changes
- [x] Docs not applicable — justification: public CLI, configuration,
model IDs, and user-visible behavior are unchanged; the existing DCode
quickstart is implementation-neutral.
- [x] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [x] Sensitive-path review completed or maintainer-approved waiver
recorded — the prior security and supply-chain approval is
#6431 (review);
fresh exact-head re-review will be requested after the current full
fan-out because the head changed.
- [x] Non-success, skipped, or missing CI check accepted by maintainer —
`e2e-all` baseline failures accepted in
#6431 (review);
follow-ups #6381/#6384 and #6467/#6474.

## Verification
- [x] PR description includes the DCO sign-off declaration and every
commit appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `npm run check:diff` passed on
`e78d3ef7`; the independently runnable image/runtime and
credential-boundary suites passed 18 of 18 and 123 of 123; the final
cross-surface security/parity audit passed 96 of 96; fresh-cache
real-wheel validation and the isolated three-package import probe
passed.
- [ ] Applicable broad gate passed — exact-head focused DCode run
[28971629788](https://github.com/NVIDIA/NemoClaw/actions/runs/28971629788)
and cloud-onboard run
[28971629739](https://github.com/NVIDIA/NemoClaw/actions/runs/28971629739)
passed on `e78d3ef7`; full fan-out run
[28972330045](https://github.com/NVIDIA/NemoClaw/actions/runs/28972330045)
is in progress. The prior full run
[28919686103](https://github.com/NVIDIA/NemoClaw/actions/runs/28919686103)
passed 77 of 79 applicable jobs; its two failures reproduced identically
on retry and `main` run
[28911441118](https://github.com/NVIDIA/NemoClaw/actions/runs/28911441118),
with the prior maintainer waiver recorded
[here](#6431 (review)).
- [x] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only)
- [ ] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

## Exact-head advisor evidence

- [`ubuntu-repo-cloud-langchain-deepagents-code` run
28971629788](https://github.com/NVIDIA/NemoClaw/actions/runs/28971629788)
passed on exact head `e78d3ef7f43f3242486dedc4b5b2b42e0585d041`. The
production-image validator covered plugin discovery and
installed-distribution binding, official source hashes, both aliases and
all 12 middleware entries, unrelated-model isolation, graph compilation,
and allowed/denied execute dispatch parity.
- The same exact-head run passed the real-Docker stripped-dependency
import gate before live E2E, then passed image version checks
(`deepagents-code==0.1.34`, `deepagents==0.7.0a6`), direct and
login-shell headless `PONG`, and interactive TUI acceptance with the
optional name prompt and no model picker.
- The advisor-required [`cloud-onboard` run
28971629739](https://github.com/NVIDIA/NemoClaw/actions/runs/28971629739)
also passed on that exact SHA.
- CodeRabbit is green with no unresolved threads. Exact-head advisor run
28971565095 reported zero GPT findings but requested the runtime
evidence above; Nemotron's two attempts were non-advisory JSON-parse
failures. Both advisors will be rerun against this updated evidence.
- The localized import-gate removal condition is tracked in #6424 rather
than a new cleanup issue.
- Exact-head full fan-out run
[28972330045](https://github.com/NVIDIA/NemoClaw/actions/runs/28972330045)
is in progress; the prior baseline waiver remains applicable only if the
same two unrelated failures recur.

---
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a first-party Nemotron 3 Ultra profile plugin that registers
managed model aliases.
* **Bug Fixes / Security**
* Strengthened fail-closed validation for the released profile,
including integrity checks and managed vs native dispatch parity (with
denied-shell behavior).
* Hardened secret/credential detection and redaction so `PASS`-keyed
values are treated as sensitive.
* **CI / Quality**
* Added build-time and workflow-boundary checks ensuring images reject
missing base dependencies.
* **Tests**
* Expanded plugin/profile-contract, image behavior, and
end-to-end/workflow coverage.
* **Chores**
* Updated the container build flow to install and validate the plugin
artifact at build time, removing the standalone patch approach.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Carlos Villela <cvillela@nvidia.com>
Signed-off-by: cjagwani <cjagwani@nvidia.com>
Co-authored-by: Carlos Villela <cvillela@nvidia.com>
Co-authored-by: cjagwani <cjagwani@nvidia.com>
Hadar301 pushed a commit to Hadar301/NemoClaw-OpenShift that referenced this pull request Jul 12, 2026
NVIDIA#6418)

## Summary

Restores the optional Deep Agents Code first-run name prompt while
keeping dependency and model selection under NemoClaw control.
This follows NVIDIA#6414 by replacing blanket onboarding suppression with
pinned launch-flow overrides that continue directly to the
NemoClaw-selected model.

## Changes

- Stop patching `onboarding.py` so the upstream optional name prompt can
run.
- Override the dependency/model launch boundaries to return no selection
screen and a resolved `(False, None)` result.
- Teach the live TUI check to submit an empty optional name, continue to
readiness, and still fail if the model picker appears.
- Add direct-module, TUI state-machine, and patch-idempotence coverage
for the revised behavior.
- Update the Deep Agents Code quickstart to describe the retained name
prompt and suppressed dependency/model screens.

## Type of Change

- [ ] Code change (feature, bug fix, or refactor)
- [x] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates

- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [x] Docs updated for user-facing behavior changes
- [ ] Docs not applicable — justification:
- [x] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [x] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification: @cv reviewed the
production delta at `b9f006359`; follow-up `da7c0e35f` adds only tests,
comments, and docs. All nine security categories pass, and the live
DCode target remains required before approval.
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification

- [x] PR description includes the DCO sign-off declaration and every
commit appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `vitest --project integration` passed
65/65 across the progressive-disclosure, direct-module, and TUI startup
suites.
- [ ] Applicable broad gate passed — `npm test` for broad
runtime/test-harness changes; `npm run check` for repo-wide
validation/coverage changes — command/result:
- [x] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only)
- [x] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

Additional evidence: `npm run docs` passed with zero errors; Fern
reported two existing warnings. The author also reported a successful
DGX Spark first-run proof, but the required auditable live workflow is
still pending.

---

Signed-off-by: Senthil Ravichandran <senthilr@nvidia.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Improved DeepAgents Code first-run flow: the optional “name” prompt
can appear, while the model picker and dependency/model selection
screens are skipped for a smoother start.
* **Bug Fixes**
* Fixed managed interactive-session startup to avoid mis-handling
first-run screen sequencing (now continues after naming rather than
pausing for picker prompts).
* **Documentation**
* Updated the DeepAgents Code quickstart to match the revised first-run
behavior.
* **Tests**
* Expanded/adjusted TUI startup and progressive-disclosure test coverage
for the new first-run name prompt flow and updated patched-module
expectations.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Carlos Villela <cvillela@nvidia.com>
Hadar301 pushed a commit to Hadar301/NemoClaw-OpenShift that referenced this pull request Jul 12, 2026
## Summary

Consume the official Nemotron 3 Ultra profile from
`deepagents-code[nvidia]==0.1.34`, which pins `deepagents==0.7.0a6`.
This keeps the managed model IDs and public behavior unchanged while
preserving the optional first-run name prompt and suppressed
dependency/model pickers from NVIDIA#6410 and NVIDIA#6418.

## Changes

- Pin `deepagents-code[nvidia]==0.1.34` and `deepagents==0.7.0a6`;
regenerate the hash-locked dependency set with only
`langchain-google-genai` moving from `4.2.6` to `4.2.7`.
- Remove the temporary profile source and license wiring, then retain an
atomic, idempotent, fail-closed alias bridge for
`openai:nvidia/nemotron-3-ultra-550b-a55b` and
`openai:nvidia/nvidia/nemotron-3-ultra`.
- Bind removal of that bridge to its exact DCode/Deep Agents
version-and-hash gate in `dependency-review.md`; this PR intentionally
does not create a separate follow-up issue.
- Port the managed DCode hardening patch to the `0.1.34` package layout
and direct-return MCP loader while preserving JSON diagnostics and the
NVIDIA#6418 launch overrides.
- Validate the official wheels, all 12 native middleware entries,
unrelated-model isolation, complete graph compilation, and equivalent
single-dispatch behavior for parser-repaired and native `execute` calls.
- Update the DCode documentation and cloud acceptance checks for the
released versions, native profile, TUI startup behavior, and
direct/login-shell inference.

## Type of Change

- [ ] Code change (feature, bug fix, or refactor)
- [x] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates

- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [x] Docs updated for user-facing behavior changes
- [ ] Docs not applicable — justification:
- [x] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [x] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification: [cv's deterministic TUI
contract](NVIDIA#6416 (comment))
is implemented and passed exact-head server acceptance; cv also [waived
a separate bridge-removal
issue](NVIDIA#6416 (comment))
and [accepted the trusted-apt warning as
nonblocking](NVIDIA#6416 (comment))
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification

- [x] PR description includes the DCO sign-off declaration and every
commit appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable —
normal hooks and `npm run check:diff` passed
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — official-wheel hash-locked validators
passed; profile patch 12/12, direct module 34 passed/1 Linux-only skip,
progressive disclosure 13/13, image 75/75, TUI 19/19, independent DCode
image/TUI 94/94, platform parity 10/10, managed entrypoints 24/24,
workflow boundary 39/39, and updated CLI/onboarding fixtures passed;
repository checks, typecheck, test-size, and `pip-audit` passed
- [x] Applicable broad gate passed — `npm test` for broad
runtime/test-harness changes; `npm run check` for repo-wide
validation/coverage changes — all exact-head Linux CI and
[`ubuntu-repo-cloud-langchain-deepagents-code`](https://github.com/NVIDIA/NemoClaw/actions/runs/28907835011)
passed for `928b50626b303b2008d35f844408a1f83a43a404`
- [x] Quality Gates section completed with required justifications or
waivers — 42 applicable exact-head checks passed; cv recorded the two
advisor dispositions linked above
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only) — passed
with 0 errors and 2 existing repository warnings
- [x] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only); `npm run docs:sync-agent-variants` passed
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

---
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>

---------

Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Hadar301 pushed a commit to Hadar301/NemoClaw-OpenShift that referenced this pull request Jul 12, 2026
<!-- markdownlint-disable MD041 -->
## Summary

Prepares the user-facing documentation for NemoClaw v0.0.76 and closes
the release-prep documentation gate. It adds the release highlights,
documents the arm64 Local NIM warning and expanded image cleanup
behavior, and fixes agent-specific command headings in generated guides.

## Changes

- Add the v0.0.76 release-notes section and move the shared-gateway
route containment entry out of the v0.0.74 history where it was
incorrectly placed.
- Document the advisory Linux arm64 Local NIM manifest warning in the
canonical platform matrix and local-inference guidance.
- Document that `gc` scans both gateway-built and locally prebuilt
sandbox image repositories.
- Keep OpenClaw and Hermes session headings out of the generated Deep
Agents command guide.
- Add a focused variant regression test for the agent-specific session
headings.

### Source summary

| Merged sources | Documentation coverage |
| --- | --- |
| [NVIDIA#6414](NVIDIA#6414),
[NVIDIA#6418](NVIDIA#6418),
[NVIDIA#6416](NVIDIA#6416),
[NVIDIA#6344](NVIDIA#6344) | v0.0.76 release
notes and the Deep Agents quickstart/inference routes |
| [NVIDIA#6340](NVIDIA#6340) | v0.0.76
release notes and existing Deep Agents observability guidance |
| [NVIDIA#6338](NVIDIA#6338),
[NVIDIA#6378](NVIDIA#6378),
[NVIDIA#6297](NVIDIA#6297) | v0.0.76 release
notes and existing inference/troubleshooting guidance |
| [NVIDIA#6362](NVIDIA#6362) | v0.0.76
release notes and existing lifecycle, command, and credential guidance |
| [NVIDIA#6330](NVIDIA#6330),
[NVIDIA#6307](NVIDIA#6307),
[NVIDIA#6008](NVIDIA#6008) | v0.0.76 release
notes and existing security, troubleshooting, and command guidance |
| [NVIDIA#6382](NVIDIA#6382) | v0.0.76
release notes and existing MCP/command guidance |
| [NVIDIA#6326](NVIDIA#6326),
[NVIDIA#5868](NVIDIA#5868),
[NVIDIA#5539](NVIDIA#5539) | v0.0.76 release
notes, platform matrix, inference options, and local-inference guidance
|
| [NVIDIA#6396](NVIDIA#6396),
[NVIDIA#6390](NVIDIA#6390),
[NVIDIA#6007](NVIDIA#6007) | v0.0.76 release
notes and existing messaging guidance |
| [NVIDIA#5388](NVIDIA#5388),
[NVIDIA#6249](NVIDIA#6249),
[NVIDIA#6303](NVIDIA#6303),
[NVIDIA#6306](NVIDIA#6306) | v0.0.76 release
notes and command/lifecycle guidance |

## Type of Change

- [ ] Code change (feature, bug fix, or refactor)
- [x] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates

- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [x] Docs updated for user-facing behavior changes
- [ ] Docs not applicable — justification:
- [ ] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [ ] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification:
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification

- [x] PR description includes the DCO sign-off declaration and every
commit appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `npx vitest run --project integration
test/generate-platform-docs.test.ts test/agent-variant-docs.test.ts
test/sync-agent-variant-docs.test.ts` (3 files, 29 tests passed)
- [ ] Applicable broad gate passed — `npm test` for broad
runtime/test-harness changes; `npm run check` for repo-wide
validation/coverage changes — command/result:
- [x] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only) —
completed with 0 errors and 2 pre-existing Fern warnings
- [x] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

---
Signed-off-by: Apurv Kumaria <akumaria@nvidia.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Documentation**
* Added v0.0.76 release notes content, and removed an older conflicting
bullet from the surrounding release history.
* Expanded Local NVIDIA NIM guidance across inference/provider docs,
including an advisory for Linux arm64 DGX Spark/DGX Station hosts when a
matching `linux/arm64` image manifest is unavailable.
* Updated the command reference for correct session-section rendering
and clarified `gc` image cleanup sources.
* **Tests**
* Added coverage ensuring Deep Agents omits sessions headings while
Hermes includes them.
* **CI**
* Refreshed Local NVIDIA NIM provider notes used in the platform matrix.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Apurv Kumaria <akumaria@nvidia.com>
Hadar301 pushed a commit to Hadar301/NemoClaw-OpenShift that referenced this pull request Jul 12, 2026
…VIDIA#6431)

<!-- markdownlint-disable MD041 -->
## Summary
Replaces NemoClaw's build-time mutation of the released Deep Agents
bootstrap with a first-party `deepagents.harness_profiles` plugin for
`deepagents-code==0.1.34` / `deepagents==0.7.0a6`. The two managed
OpenAI-compatible model keys continue to receive the released native
Nemotron 3 Ultra profile, with exact version/source gates and no
third-party source changes.

## Related Issue
Fixes NVIDIA#6424

## Changes
- Add and install `nemoclaw-deepagents-profile==0.1.0` through Deep
Agents' supported profile entry-point lifecycle.
- Register only the two NemoClaw-managed aliases against the released
canonical Ultra profile, atomically and idempotently.
- Fail the image build on missing or unimportable dependencies,
mismatched distribution/package roots, copied/installed adapter-source
drift, or released-profile/bootstrap drift.
- Run a DCode-only negative Docker build from the current hash-locked
base, strip both upstream distributions, and prove failure occurs at the
isolated import gate before the later dependency check.
- Build and install a real unreviewed-version plugin wheel and prove the
actual validator rejects it.
- Verify entry-point discovery, all 12 middleware entries,
unrelated-model isolation, graph compilation, and allowed/denied
execute-dispatch parity against the official wheels.
- Split image/runtime and credential-boundary contracts into balanced
756/755-line suites with a 113-line shared helper, preserving all 75
original tests and substantial per-file size headroom.
- Remove the installed-bootstrap patcher and document that the adapter
must be removed, not rehashed, once reviewed dependencies provide both
exact aliases.
- Preserve the merged DCode hardening and paced `/agents` first-run TUI
behavior from NVIDIA#6410 / NVIDIA#6418.

## Automated review dispositions

- **License metadata:** the production package keeps the PEP 639 SPDX
string and builds unchanged with lock-pinned `setuptools==82.0.1`; the
production validator now requires exact installed-wheel
`License-Expression: Apache-2.0` metadata, with a negative
metadata-drift test. The legacy conversion is a localized offline
wrong-version fixture with explicit source-boundary and
removal-condition documentation. Remove the fixture-only conversion once
runner setuptools accepts PEP 639 strings; production never uses it.
- **Plain-progress build output:** plain progress remains necessary to
prove the exact import-failure marker. Before Docker runs, the gate now
rejects every Docker `ARG` name outside a complete reviewed allowlist,
while tests pin the only passed build arguments to the two public
`BASE_IMAGE` references. Behavior tests inject unreviewed uppercase,
lowercase, and continued ARG declarations across all three Dockerfiles
and prove rejection occurs before any build; the targeted DCode E2E job
runs the same script with real Docker before live tests.
- **Adapter build-layer retention:** Docker can retain the copied
project tree in an image layer or failed local build cache. This is
accepted because it contains only public, first-party Apache-2.0 source
and metadata, while the installed Python module necessarily ships the
same source; revisit if any adapter input becomes secret-bearing or
non-public.
- **Credential redaction parity:** `PASS`/`PASSWD`,
quoted/space-separated assignments, punctuation-bearing values, and
bounded camel/acronym aliases now share the same fail-closed policy
across the Bash wrapper, managed Python runtime, observability scrubber,
config filter, full/sensitive-text redactors, structured-log classifier,
TUI sanitizer, and E2E redactors. The separator lookbehind is capped at
32 horizontal characters to prevent attacker-controlled scans;
private-key blocks are scrubbed before assignment matching. Positive
tests cover `customPass`, `DBPass`, and known secret `*Key` families,
while `COMPASS`/`BYPASS`, `TOPSECRET`/`SUBTOKEN`, pass-rate fields,
`publicKey`, and `customKey` remain untouched.
- **OpenShell TLS key provenance:** the canonical mounted path is
intentionally accepted only from the supervisor-owned runtime
environment and rejected from the mutable DCode `.env`. The split
credential suite now proves both sides explicitly, matching the existing
wrapper-identity coverage; allowing it in `.env` would weaken the
boundary.
- **Docker auth cleanup:** the shared workflow validator requires
exactly one canonical cleanup with `if: always()` as the final job step.
A DCode-specific mutation test now also rejects moving cleanup before
the import gate.
- **Private-key and fixture helpers:** multiline private-key matching is
consolidated into the live generic matcher with a required-newline mode,
preserving comment behavior while removing 12 lines. Profile-hash
fixture replacement is now whitespace/quote tolerant while still
requiring one exact reviewed constant and digest. A focused regression
covers both formatting variants and duplicate-definition rejection; use
an AST transform only if the current two-constant scope grows.

## Type of Change

- [x] Code change (feature, bug fix, or refactor)
- [ ] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates
- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [ ] Docs updated for user-facing behavior changes
- [x] Docs not applicable — justification: public CLI, configuration,
model IDs, and user-visible behavior are unchanged; the existing DCode
quickstart is implementation-neutral.
- [x] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [x] Sensitive-path review completed or maintainer-approved waiver
recorded — the prior security and supply-chain approval is
NVIDIA#6431 (review);
fresh exact-head re-review will be requested after the current full
fan-out because the head changed.
- [x] Non-success, skipped, or missing CI check accepted by maintainer —
`e2e-all` baseline failures accepted in
NVIDIA#6431 (review);
follow-ups NVIDIA#6381/NVIDIA#6384 and NVIDIA#6467/NVIDIA#6474.

## Verification
- [x] PR description includes the DCO sign-off declaration and every
commit appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `npm run check:diff` passed on
`e78d3ef7`; the independently runnable image/runtime and
credential-boundary suites passed 18 of 18 and 123 of 123; the final
cross-surface security/parity audit passed 96 of 96; fresh-cache
real-wheel validation and the isolated three-package import probe
passed.
- [ ] Applicable broad gate passed — exact-head focused DCode run
[28971629788](https://github.com/NVIDIA/NemoClaw/actions/runs/28971629788)
and cloud-onboard run
[28971629739](https://github.com/NVIDIA/NemoClaw/actions/runs/28971629739)
passed on `e78d3ef7`; full fan-out run
[28972330045](https://github.com/NVIDIA/NemoClaw/actions/runs/28972330045)
is in progress. The prior full run
[28919686103](https://github.com/NVIDIA/NemoClaw/actions/runs/28919686103)
passed 77 of 79 applicable jobs; its two failures reproduced identically
on retry and `main` run
[28911441118](https://github.com/NVIDIA/NemoClaw/actions/runs/28911441118),
with the prior maintainer waiver recorded
[here](NVIDIA#6431 (review)).
- [x] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only)
- [ ] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

## Exact-head advisor evidence

- [`ubuntu-repo-cloud-langchain-deepagents-code` run
28971629788](https://github.com/NVIDIA/NemoClaw/actions/runs/28971629788)
passed on exact head `e78d3ef7f43f3242486dedc4b5b2b42e0585d041`. The
production-image validator covered plugin discovery and
installed-distribution binding, official source hashes, both aliases and
all 12 middleware entries, unrelated-model isolation, graph compilation,
and allowed/denied execute dispatch parity.
- The same exact-head run passed the real-Docker stripped-dependency
import gate before live E2E, then passed image version checks
(`deepagents-code==0.1.34`, `deepagents==0.7.0a6`), direct and
login-shell headless `PONG`, and interactive TUI acceptance with the
optional name prompt and no model picker.
- The advisor-required [`cloud-onboard` run
28971629739](https://github.com/NVIDIA/NemoClaw/actions/runs/28971629739)
also passed on that exact SHA.
- CodeRabbit is green with no unresolved threads. Exact-head advisor run
28971565095 reported zero GPT findings but requested the runtime
evidence above; Nemotron's two attempts were non-advisory JSON-parse
failures. Both advisors will be rerun against this updated evidence.
- The localized import-gate removal condition is tracked in NVIDIA#6424 rather
than a new cleanup issue.
- Exact-head full fan-out run
[28972330045](https://github.com/NVIDIA/NemoClaw/actions/runs/28972330045)
is in progress; the prior baseline waiver remains applicable only if the
same two unrelated failures recur.

---
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a first-party Nemotron 3 Ultra profile plugin that registers
managed model aliases.
* **Bug Fixes / Security**
* Strengthened fail-closed validation for the released profile,
including integrity checks and managed vs native dispatch parity (with
denied-shell behavior).
* Hardened secret/credential detection and redaction so `PASS`-keyed
values are treated as sensitive.
* **CI / Quality**
* Added build-time and workflow-boundary checks ensuring images reject
missing base dependencies.
* **Tests**
* Expanded plugin/profile-contract, image behavior, and
end-to-end/workflow coverage.
* **Chores**
* Updated the container build flow to install and validate the plugin
artifact at build time, removing the standalone patch approach.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Carlos Villela <cvillela@nvidia.com>
Signed-off-by: cjagwani <cjagwani@nvidia.com>
Co-authored-by: Carlos Villela <cvillela@nvidia.com>
Co-authored-by: cjagwani <cjagwani@nvidia.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area: onboarding Onboarding FSM, provider setup, sandbox launch, or first-run flow area: ui Web UI, terminal display, visual layout, or UX behavior enhancement New capability or improvement request integration: dcode LangChain Deep Code integration behavior v0.0.76 Release target

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants