Skip to content

chore(openshell): upgrade supported version to 0.0.85#6726

Merged
apurvvkumaria merged 78 commits into
mainfrom
dep/openshell-v0.0.82-6379
Jul 17, 2026
Merged

chore(openshell): upgrade supported version to 0.0.85#6726
apurvvkumaria merged 78 commits into
mainfrom
dep/openshell-v0.0.82-6379

Conversation

@ericksoa

@ericksoa ericksoa commented Jul 12, 2026

Copy link
Copy Markdown
Contributor

Summary

This PR upgrades every stable NemoClaw OpenShell selector and consumed artifact from 0.0.72 to stable 0.0.85, including the #6379 credential-rewrite fix and OpenShell's multiline exec contract. Stable v0.0.85 is verified at 3dee5570a46076a57a3b056f35f35ebc0861ac85. Base-owned structured trust landed in #6778 and #6779, the exact v0.0.85 manifest identities landed separately in #7069, and the controller-compatible legacy gateway evidence matrix landed in #7055.

The branch is refreshed on current main. Exact-head GitHub CI, automated review, protected runtime proofs, and platform-specific acceptance are running or pending below.

Related Issue

Fixes #6379.

Changes

  • Audit all 13 adjacent OpenShell ranges from v0.0.72 through v0.0.85: 67 commits and 283 changed paths, including the unpublished v0.0.84 source boundary. Release notes were treated as leads rather than proof.
  • Verify stable tag v0.0.85 at 3dee5570, successful producer run 29507522595, and inclusion of required credential fix 40194f93.
  • Advance the blueprint floor/ceiling, installer floor/ceiling/dev floor, Brev defaults, stable E2E gateway-auth pin, supervisor index, sandbox-build fallback, credential manifest, current docs, and user-visible messages to 0.0.85.
  • Pin all eight CLI/gateway/sandbox release archives, three component manifests, extracted release-binary identities, and the multi-arch supervisor image to immutable v0.0.85 identities. Historical 0.0.72 and 0.0.82 references remain only where cleanup, fallback, trust, or compatibility evidence requires them.
  • Retain both v0.0.82 standalone sandbox digest fallbacks when host-side --version cannot run, and exercise the true 0.0.86 above-maximum boundary.
  • Replace the migration ledger with docs/security/openshell-0.0.85-migration-review.md, covering the complete range, dependency delta, consumed contracts, evidence-backed exclusions, mitigations, and blocking runtime/release gates.
  • Reject OpenShell's revisioned credential-name namespace before provider mutation while preserving cleanup of persisted legacy entries across host and Hermes adapters.
  • Report OpenShell's fail-closed CONNECT 503 as unavailable TLS credential rewriting instead of a generic curl transport error.
  • Preserve LF, CR, CRLF, quotes, and heredocs byte-exactly across multiline exec while retaining NUL, multiline-workdir, and request-environment boundaries.
  • Reject supervisor-only OPENSHELL_TLS_CA, OPENSHELL_TLS_CERT, and OPENSHELL_TLS_KEY if an entrypoint, exec, or connect child receives them.
  • Validate that each selected OpenShell archive contains exactly one expected regular binary before extraction; reject absolute paths, traversal, duplicates, extras, links, and devices.
  • Prove the exact head on the supported Linux x86, macOS Docker Desktop/Colima, WSL, Colossus, and DGX Spark paths selected by CI/advisor.
  • On a physical Docker 27 DGX Spark arm64 host, prove honest mcp status, real credential substitution, an authenticated MCP tool call, rotation/rebuild/removal behavior, and absence of literal openshell:resolve:env: leakage.
  • Record the platform decision for Docker 27 versus upstream OpenShell's Docker 28 requirement.

Release provenance

  • All eight consumed release archives have valid GitHub SLSA attestations bound to source commit 3dee5570; the three published checksum manifests and all ten installer/Brev references were independently reverified after the update.
  • The selected supervisor image is the immutable multi-arch index sha256:f4226253a3525c3832adac5b38b419a0f27d1e915effe565b5885e20f93cd5e9.
  • GitHub currently exposes no OCI referrer/attestation/SBOM for that supervisor image, and its configs contain no source/revision/version labels. The review records that upstream provenance limitation rather than inferring missing evidence.

Type of Change

  • Code change (feature, bug fix, or refactor)
  • Code change with doc updates
  • Doc only (prose changes, no code sample modifications)
  • Doc only (includes code sample changes)

Quality Gates

  • Tests added or updated for changed behavior
  • Existing tests cover changed behavior — justification:
  • Tests not applicable — justification:
  • Docs updated for user-facing behavior changes
  • Docs not applicable — justification:
  • Sensitive paths changed (security, policy, credentials, preflight, onboarding, inference, runner, sandbox, or messaging)
  • Sensitive-path review completed or maintainer-approved waiver recorded — reviewer/approval link/justification: pending exact-head maintainer review
  • Non-success, skipped, or missing CI check accepted by maintainer — check name, approval link, and follow-up issue:

Verification

  • PR description includes DCO sign-off declarations and all 78 commits currently appear as Verified in GitHub
  • Normal commit/push hooks and npm run check:diff passed; the generated-platform citation repair is signed, and current exact head 610f7cd9ff9cc8d3fdc47f40271d0b56b452a0cc is GitHub-verified
  • The checker is byte-identical to current main; the base-owned scripts/check-installer-hash.sh passed all three manifests and all ten consumed release references against published v0.0.85 assets
  • Focused current-head repairs passed: feature gate 15/15, installer integration 47 passed with 1 intentional skip, installer-hash and migration ledger 78/78, gateway workflow boundary 4/4, PR E2E controller 27/27, and generated platform docs 19/19
  • Broader compatibility, MCP boundary, Hermes, and E2E-support tests passed earlier in the migration; the opt-in version-pin live suite passed all three gh and curl paths
  • The fix(ci): run selected typed targets in PR E2E #7046 conflict refresh preserves all four gateway-upgrade shards and the typed DCode target; combined integration passed 172/172, serial E2E-support passed 1,156 with 2 intentional skips, and file-size/project-membership checks passed
  • npm run docs completed successfully, including generated variants, route validation, and Fern checks (0 errors; 2 existing warnings)
  • Exact-head GitHub CI, automated review, and protected E2E passed — ordinary CI, both advisor lanes, and protected E2E are running or pending at head 610f7cd9ff9cc8d3fdc47f40271d0b56b452a0cc
  • Quality Gates section completed with required justifications or waivers
  • No secrets, API keys, or credentials committed
  • Doc pages follow the style guide (doc changes only)
  • New doc pages include SPDX header and frontmatter (new pages only) — the security review has the required SPDX header and is not a Fern page.

Signed-off-by: Aaron Erickson aerickson@nvidia.com
Signed-off-by: Charan Jagwani cjagwani@nvidia.com

Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
@ericksoa ericksoa self-assigned this Jul 12, 2026
@copy-pr-bot

copy-pr-bot Bot commented Jul 12, 2026

Copy link
Copy Markdown

Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually.

Contributors can view more details about this message here.

@coderabbitai

coderabbitai Bot commented Jul 12, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

OpenShell is pinned from 0.0.72 to 0.0.82 across installers, manifests, blueprint constraints, tests, and documentation. Sandbox execution now supports native multiline argv transport. Supervisor-only TLS variables are rejected, and credential-generation-window and exact-main runtime proofs are integrated into MCP E2E workflows.

Changes

OpenShell 0.0.82 migration

Layer / File(s) Summary
Release pins and credential boundaries
agents/hermes/*, agents/langchain-deepagents-code/*, scripts/*, nemoclaw-blueprint/*, src/lib/actions/sandbox/*, src/lib/onboard/*
Version pins, checksums, manifests, fallback versions, and revisioned credential-name validation target OpenShell 0.0.82. Supervisor-only TLS identity variables are rejected from managed runtime and .env inputs.
Native multiline execution
src/lib/actions/sandbox/*, src/lib/onboard/*, test/e2e/fixtures/*, test/e2e/live/*, test/e2e/e2e-cloud-experimental/checks/*
Base64 and temporary-file transport is replaced with direct multiline argv, node -e, python -c, heredoc, and sh -lc execution paths.
Credential generation-window proof
test/e2e/live/openshell-credential-generation-window.*, tools/e2e/assert-mcp-agent-matrix-artifacts.mts, test/mcp-*
Adds credential rotation, expiry, retention, eviction, detach, rebuild, artifact validation, and secret-scanning coverage.
Exact-main runtime proof
test/e2e/live/openshell-exact-main-*, test/e2e/support/openshell-exact-main-*
Adds capability, supervisor-identity, driver-config, tmpfs, policy/nft, executable-replacement, bypass-denial, provenance, and MCP log-privacy checks.
Workflow and migration gates
.github/workflows/e2e.yaml, tools/e2e/*, docs/security/openshell-0.0.82-migration-review.md
Pins provenance and supervisor-image inputs, isolates credential-window execution to its shard, validates legacy shard extraction, and documents migration evidence and acceptance gates.

Estimated code review effort: 5 (Critical) | ~120 minutes

Possibly related PRs

Suggested labels: dependencies, area: ci

Suggested reviewers: cv

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 11.63% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check ⚠️ Warning The title is misleading because it says 0.0.85, but the PR actually upgrades supported OpenShell version to 0.0.82. Change the title to match the actual version bump, e.g. "chore(openshell): upgrade supported version to 0.0.82".
✅ Passed checks (3 passed)
Check name Status Explanation
Linked Issues check ✅ Passed The changes align with #6379 by upgrading OpenShell to 0.0.82 and adding credential-resolution and namespace coverage.
Out of Scope Changes check ✅ Passed The added tests, docs, and hardening work all support the OpenShell 0.0.82 upgrade and related MCP security boundaries.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dep/openshell-v0.0.82-6379

Comment @coderabbitai help to get the list of available commands.

@github-actions

github-actions Bot commented Jul 12, 2026

Copy link
Copy Markdown
Contributor

PR Review Advisor — Informational

Advisor assessment: Informational / high confidence
Next action: No advisor follow-up needed.
Findings: 0 blockers · 0 warnings · 0 suggestions
Status: No actionable findings remain in the canonical review ledger.

Model lanes

  • GPT-5.6 Terra (primary): Completed · high confidence · 0 blockers · 0 warnings · 0 suggestions
  • Nemotron 3 Ultra (second opinion): Completed · high confidence · 0 blockers · 0 warnings · 0 suggestions
  • Model comparison: normalized findings match; normalized E2E selections differ; severity counts match.

Nemotron output stays in workflow artifacts and does not change the assessment above.

Since last review: 0 prior items resolved · 0 still apply · 0 new items found

E2E guidance

Advisory only. E2E / PR Gate selects and runs jobs independently.

Recommended E2E: cloud-onboard, credential-sanitization, full-e2e, hermes-e2e, security-posture, bedrock-runtime-compatible-anthropic, cron-preflight-inference-local, gateway-guard-recovery, hermes-discord, inference-routing, mcp-bridge, mcp-bridge-dev, messaging-compatible-endpoint, network-policy, onboard-repair, onboard-resume, openclaw-inference-switch, openclaw-plugin-runtime-exdev, openclaw-skill-cli, openshell-gateway-auth-contract (+5 more)

1 optional E2E recommendation
  • e2e-all

Workflow run details

This automated review informs maintainers. Warnings and suggestions do not require a response. A maintainer decides whether to merge.

Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
@github-code-quality

github-code-quality Bot commented Jul 12, 2026

Copy link
Copy Markdown
Contributor

Code Coverage Overview

Languages: TypeScript

TypeScript / code-coverage/plugin

The overall coverage remains at 96%, unchanged from the branch.

TypeScript / code-coverage/cli

The overall coverage in the branch remains at 80%, unchanged from the branch.

Show a code coverage summary of the most impacted files.
File c84cb72 610f7cd +/-
src/lib/inferen...lama/process.ts 100% 50% -50%
src/lib/domain/.../connect-env.ts 97% 89% -8%
src/lib/inferen...er-lifecycle.ts 71% 65% -6%
src/lib/actions...air-approval.ts 44% 40% -4%
src/lib/onboard...dpoint-smoke.ts 78% 77% -1%
src/lib/actions.../gateway-rpc.ts 90% 89% -1%
src/lib/actions...sandbox/exec.ts 84% 83% -1%
src/lib/actions...e-validation.ts 83% 84% +1%
src/lib/actions...ndbox/doctor.ts 74% 77% +3%
src/lib/onboard...hell-install.ts 60% 71% +11%

Updated July 17, 2026 04:42 UTC
Code Coverage is in Public Preview. Learn more and provide us with your feedback.

@github-actions

Copy link
Copy Markdown
Contributor

@github-actions

Copy link
Copy Markdown
Contributor

E2E Target Results — ❌ Some tests failed

Run: 29207131689
Workflow ref: dep/openshell-v0.0.82-6379
Requested targets: (default — all supported)
Requested test IDs: mcp-bridge
Summary: 0 passed, 1 failed, 0 cancelled, 0 skipped, 0 unknown

Test Result
mcp-bridge ❌ failure

Failed tests: mcp-bridge. Check run artifacts for logs.

@github-actions

Copy link
Copy Markdown
Contributor

E2E Target Results — ✅ All requested tests passed

Run: 29207131689
Workflow ref: dep/openshell-v0.0.82-6379
Requested targets: (default — all supported)
Requested test IDs: mcp-bridge
Summary: 1 passed, 0 failed, 0 cancelled, 0 skipped, 0 unknown

Test Result
mcp-bridge ✅ success

Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
@cv cv added the v0.0.82 Release target label Jul 12, 2026
@wscurran wscurran added area: sandbox OpenShell sandbox lifecycle, runtime, config, or recovery chore Build, CI, dependency, or tooling maintenance platform: dgx-spark Affects DGX Spark hardware or workflows security labels Jul 12, 2026
ericksoa added 12 commits July 12, 2026 20:16
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Apurv Kumaria <akumaria@nvidia.com>
@cjagwani cjagwani changed the title chore(openshell): upgrade supported version to 0.0.82 chore(openshell): upgrade supported version to 0.0.85 Jul 17, 2026
apurvvkumaria pushed a commit that referenced this pull request Jul 17, 2026
<!-- markdownlint-disable MD041 -->
## Summary

This PR extends the base-owned OpenShell release-manifest trust anchor
to stable `v0.0.85`. It is the narrow prerequisite that allows PR #6726
to verify the `v0.0.85` checksums, gateway, and sandbox manifests before
proposed branch code executes.

## Changes

- Retain the existing `v0.0.72` and `v0.0.82` trusted manifest
identities.
- Add the three published `v0.0.85` manifest SHA-256 identities
independently verified against the stable release.
- Keep the candidate version selectors and consumed artifact pins out of
this base-owned trust change; those remain in PR #6726.

## Type of Change

- [x] Code change (feature, bug fix, or refactor)
- [ ] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates

- [ ] Tests added or updated for changed behavior
- [x] Existing tests cover changed behavior — justification:
`test/installer-hash-check.test.ts` enforces the manifest allowlist
contract, and the base-owned checker passed all three manifests plus all
ten consumed `v0.0.85` artifact references from PR #6726.
- [ ] Tests not applicable — justification:
- [ ] Docs updated for user-facing behavior changes
- [x] Docs not applicable — justification: this is an internal
release-manifest trust prerequisite; the OpenShell version migration and
user-facing documentation remain in PR #6726.
- [x] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [ ] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification: pending maintainer
review
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification

- [x] PR description includes a `Signed-off-by:` line and every commit
appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `npx vitest run --project integration
test/installer-hash-check.test.ts` (69 passed);
`NEMOCLAW_INSTALLER_HASH_REPO_ROOT=/private/tmp/nemoclaw-pr6726-v85.cJMI5J/wt
scripts/check-installer-hash.sh` (3 manifests and 10 consumed references
passed)
- [ ] Applicable broad gate passed — `npm test` for broad
runtime/test-harness changes; `npm run check` for repo-wide
validation/coverage changes — command/result:
- [x] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only)
- [ ] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

---
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Updated trusted release verification data for OpenShell version
0.0.85.
* Installer integrity checks now recognize the official checksum
manifests for this release.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
apurvvkumaria added a commit that referenced this pull request Jul 17, 2026
<!-- markdownlint-disable MD041 -->
## Summary
The trusted PR E2E controller currently cannot select the existing
OpenShell gateway-upgrade job because that job uses an unsupported named
matrix. This change expresses the same three upgrade fixtures with the
controller-supported `matrix.include` contract and gives each fixture a
unique evidence shard, allowing the exact-head gate for #6726 to proceed
after this PR is merged.

## Changes
- Convert the existing OpenShell gateway-upgrade matrix from
`matrix.legacy` to `matrix.include` without changing its three release
fixtures.
- Publish a unique, safe `NEMOCLAW_E2E_SHARD` for each fixture and
retain fixture-specific artifact names.
- Update the gateway-upgrade boundary and PR controller tests to enforce
the supported evidence contract.
- Preserve and credit the original gateway-upgrade contributors, Aaron
Erickson and Prekshi Vyas, as co-authors.

## Type of Change

- [x] Code change (feature, bug fix, or refactor)
- [ ] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates
<!-- Check one tests line and one docs line. Check other lines when
applicable. Add every requested justification or approval reference. -->
- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [ ] Docs updated for user-facing behavior changes
- [x] Docs not applicable — justification: this only changes the
internal trusted E2E evidence matrix and controller contract;
user-facing behavior is unchanged.
- [x] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [ ] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification: pending human review of
the trusted workflow change.
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification
<!-- Check each applicable item only when supported by the requested
evidence. Run targeted tests once per relevant change set and rerun
after later edits or hook autofixes that can affect the tested behavior.
Do not rerun hook-covered checks. -->
- [x] PR description includes a `Signed-off-by:` line and every commit
appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `test/pr-e2e-gate.test.ts` (27 passed)
and gateway/artifact E2E workflow boundary tests (11 passed).
- [ ] Applicable broad gate passed — `npm test` for broad
runtime/test-harness changes; `npm run check` for repo-wide
validation/coverage changes — not applicable because the change is
confined to one workflow job and its focused contracts.
- [x] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only)
- [ ] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

---
<!-- DCO sign-off is required in this PR description, and every commit
must appear as Verified in GitHub. Run: git config user.name && git
config user.email -->
Signed-off-by: Apurv Kumaria <akumaria@nvidia.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Refactor**
* Streamlined the OpenShell gateway upgrade workflow matrix
configuration.
* Updated job, runner, shard, environment, and artifact handling to use
the revised matrix fields.

* **Tests**
* Updated workflow validation coverage for runner, shard, fixture, and
artifact requirements.
  * Added validation for expected upgrade workflow signal shards.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Signed-off-by: Apurv Kumaria <akumaria@nvidia.com>
Co-authored-by: Aaron Erickson <aerickson@nvidia.com>
Co-authored-by: Prekshi Vyas <prekshiv@nvidia.com>
Co-authored-by: cjagwani <cjagwani@nvidia.com>
cjagwani added 2 commits July 16, 2026 20:17
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
…85-6726

# Conflicts:
#	test/e2e/support/openshell-gateway-upgrade-workflow-boundary.test.ts
#	test/pr-e2e-gate.test.ts
#	tools/e2e/openshell-gateway-upgrade-workflow-boundary.mts
@cjagwani

Copy link
Copy Markdown
Collaborator

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

cjagwani and others added 4 commits July 16, 2026 20:29
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
Co-authored-by: Aaron Erickson <aerickson@nvidia.com>
Signed-off-by: Apurv Kumaria <akumaria@nvidia.com>
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
@cjagwani

Copy link
Copy Markdown
Collaborator

@cv Exact-head handoff after resolving the #7046 conflict: current head 610f7cd9ff9cc8d3fdc47f40271d0b56b452a0cc is mergeable on base c84cb7270f4ff263fae1e5ea273a8acf354cd8d8.

  • The signed, DCO-signed merge commit is GitHub Verified and preserves both #6726s four gateway-upgrade evidence shards and #7046s typed DCode target.
  • Exact-head ordinary GitHub CI is fully green, including all eight CLI shards and merged coverage, self-hosted image builds, WSL, macOS, CodeQL, security checks, docs, DCO, and commit lint.
  • Both PR Review Advisor lanes and CodeRabbit are green. The thread-aware audit finds 10 review threads and 0 unresolved threads.
  • Local combined verification passed: 172 integration tests; 1,156 E2E-support tests with 2 intentional skips; CLI build/typecheck; file-size, project-membership, commit, and pre-push hooks. The required docs review found no documentation change needed for the test-only split.

The sole check still pending is protected E2E coordination. A maintainer/admin should run E2E / PR Gate Controller from main with:

  • operation: run-control-plane
  • pr_number: 6726
  • expected_head_sha: 610f7cd9ff9cc8d3fdc47f40271d0b56b452a0cc
  • expected_base_sha: c84cb7270f4ff263fae1e5ea273a8acf354cd8d8
  • review_reason: Exact-head conflict resolution, ordinary CI, advisors, security checks, and resolved review threads verified; run the protected credentialed E2E plan.
  • evidence_url: leave blank

This supersedes all earlier dispatch requests. After protected E2E, the stale CHANGES_REQUESTED decision and the explicitly listed physical Docker 27 DGX Spark / Docker 27-vs-28 product acceptance items remain maintainer-owned gates. No merge is requested here.

@apurvvkumaria
apurvvkumaria enabled auto-merge (squash) July 17, 2026 04:51
@apurvvkumaria
apurvvkumaria merged commit 44de877 into main Jul 17, 2026
77 of 79 checks passed
@apurvvkumaria
apurvvkumaria deleted the dep/openshell-v0.0.82-6379 branch July 17, 2026 05:02
cv pushed a commit that referenced this pull request Jul 17, 2026
<!-- markdownlint-disable MD041 -->
## Summary

Add the canonical dated changelog entry required before the v0.0.85
release plan can be generated.
The entry summarizes the user-visible OpenShell, DGX Station, inference,
MCP, onboarding, and recovery changes merged since v0.0.84 and links to
their owning guides.

## Changes

- Add `docs/changelog/2026-07-16.mdx` with the exact `## v0.0.85`
heading, parser-safe SPDX comment, release summary, and detailed
bullets.
- Link every documented theme to its most specific published OpenClaw
guide routes.
- Reconcile the release entry with these merged source PRs:
- #6726 -> `docs/changelog/2026-07-16.mdx`: Document the supported
OpenShell v0.0.85 upgrade, immutable consumed artifacts, multiline exec,
credential rewrite diagnostics, and child-process TLS boundary.
- #6986 -> `docs/changelog/2026-07-16.mdx`: Document managed MCP
behavior shared across supported agents.
- #6991 and #7045 -> `docs/changelog/2026-07-16.mdx`: Document qualified
DGX Station host preparation and the interactive-terminal boundary for
`--station-deepseek`.
- #6992, #7001, #7006, and #7044 -> `docs/changelog/2026-07-16.mdx`:
Document managed-model reasoning behavior, safe inference route
mutation, and verified vLLM served aliases.
- #6865, #7010, and #7028 -> `docs/changelog/2026-07-16.mdx`: Document
onboarding DNS recovery, explicit notice acceptance, and upgrades with
user-local OpenShell.
- #7005, #7021, #7029, and #7049 -> `docs/changelog/2026-07-16.mdx`:
Document rebuild backup safety, no-dashboard state, managed gateway
discovery, and Hermes shields topology checks.

## Type of Change

- [ ] Code change (feature, bug fix, or refactor)
- [ ] Code change with doc updates
- [x] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates

- [ ] Tests added or updated for changed behavior
- [x] Existing tests cover changed behavior — justification:
`test/changelog-docs.test.ts` validates the canonical heading,
parser-safe SPDX comment, and detailed entry structure; the docs build
validates published routes.
- [ ] Tests not applicable — justification:
- [x] Docs updated for user-facing behavior changes
- [ ] Docs not applicable — justification:
- [ ] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [ ] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification:
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification

- [x] PR description includes a `Signed-off-by:` line and every commit
appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `npx vitest run
test/changelog-docs.test.ts` passed 6/6.
- [ ] Applicable broad gate passed — `npm test` for broad
runtime/test-harness changes; `npm run check` for repo-wide
validation/coverage changes — not applicable to this doc-only entry.
- [x] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only) — passed
with 0 errors and 2 pre-existing Fern warnings.
- [x] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [x] New doc pages include SPDX header and frontmatter (new pages only)
— native changelog entries use the required parser-safe MDX SPDX comment
instead of frontmatter.

---
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Documentation**
  * Added release notes for NemoClaw v0.0.85.
* Documented improvements to compatibility, credential handling, setup
validation, recovery workflows, endpoint configuration, gateway
discovery, and runtime validation.
  * Added links to relevant user-guide sections.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area: sandbox OpenShell sandbox lifecycle, runtime, config, or recovery area: security Security controls, permissions, secrets, or hardening chore Build, CI, dependency, or tooling maintenance platform: dgx-spark Affects DGX Spark hardware or workflows v0.0.85 Release target

Projects

None yet

7 participants