Deduplicate gateway sessions server-side using sessionId as primary key,
falling back to agent:key composite for sessions without sessionId. This
prevents duplicate React keys when OpenClaw tracks cron runs under the
same session ID as the parent session.
Also adds EditTaskModal to the task board panel with inline edit button
in the task detail modal, and improves CreateTaskModal error handling.
Cherry-picked and adapted from PR #77 by @arana198.
Closes#80
Add client-side Ed25519 key pair generation and nonce signing for
OpenClaw gateway protocol v3 connect.challenge flow. Keys persist in
localStorage and are reused across sessions. The handshake falls back
gracefully to auth-token-only mode when Ed25519 is unavailable.
Closes#74, closes#79, closes#81
Bug 1 (#78): Dockerfile HEALTHCHECK curled authenticated /api/status,
always got 401 in production. Changed to /login which is public.
Bug 2 (#78): Login hangs on HTTP deployments because secure=true cookie
is silently rejected. Now auto-detects protocol from x-forwarded-proto
header, only sets secure when request actually came over HTTPS.
Bug 3 (#78): Agent model field from OpenClaw 2026.3.x is {primary: "name"}
object instead of string, causing React error #31. Added normalizeModel()
helper and applied it in all WebSocket/session mapping code paths.
When no OpenClaw gateway is detected, Mission Control now automatically
switches to Local Mode — showing a clear info banner, greying out
gateway-dependent panels, and surfacing Claude Code session stats,
GitHub profile data, and subscription-aware cost display.
Changes:
- Add capabilities endpoint to detect gateway, Claude home, subscription
- Add dashboardMode/gatewayAvailable/subscription state to Zustand store
- Add dismissible LocalModeBanner component
- Grey out Agents/Spawn/Config nav items when no gateway
- Show blue "Local Mode" indicator instead of red "Disconnected"
- Dashboard shows local metric cards (sessions, projects, tokens, cost)
- Claude Code Stats panel with session/token/cost breakdown
- GitHub panel with repo stats, languages, star/fork counts
- Subscription detection from ~/.claude/.credentials.json
- Show "Included (Max plan)" instead of dollar cost for subscribers
- Fix token cost estimation (cache reads at 10%, not 100%)
- Sessions API falls back to local Claude session scanner
- Live feed injects session items in local mode
- Memory browser auto-creates data dir with fallback path
Cherry-picks three valuable fixes from @doanbactam's WebSocket refactor PR:
1. Feed item ID collision fix — prefix log IDs with 'log-' to avoid
React key collisions with activity IDs in the combined feed
2. Jittered reconnect backoff — add random jitter (0-50% of base) to
WebSocket exponential backoff to prevent thundering-herd reconnects
when multiple tabs reconnect after a server restart
3. Cron job deduplication + async I/O — deduplicate jobs.json entries
by name (keeps latest), prevent duplicates on add, and convert
sync file reads/writes to async to avoid blocking the event loop
Co-authored-by: Doan Bac Tam <24356000+doanbactam@users.noreply.github.com>
getModelInfo() always returned the first model (haiku) for unrecognized
model names because providerAliases was a truthy string used directly
as a .find() predicate. Fix by comparing m.alias === matchedAlias.
Credit: @TGLTommy (PR #67)
Security hardening:
- Fix timing-safe comparison bugs in webhooks.ts and auth.ts (was comparing buffer with itself)
- Harden rate limiter IP extraction — use rightmost untrusted IP from XFF chain with MC_TRUSTED_PROXIES support
- Add 12-char minimum password validation in Zod schema and runtime check
- Add Zod validation on PUT /api/tasks bulk status update
Webhook retry system (completing in-progress feature):
- Exponential backoff with circuit breaker in webhooks.ts
- POST /api/webhooks/retry endpoint for manual retry
- GET /api/webhooks/verify-docs endpoint for signature verification docs
- Scheduler integration for automatic retry processing
- Unit tests for signature verification and backoff logic
Local Claude Code session tracking:
- New claude-sessions.ts scanner parses JSONL transcripts from ~/.claude/projects/
- Extracts model, tokens, messages, cost estimates, active status per session
- Migration 020 adds claude_sessions table
- GET/POST /api/claude/sessions endpoint with filtering and aggregate stats
- Scheduler runs scan every 60s with MC_CLAUDE_HOME config
Quality improvements:
- Replace all console.error/warn with structured logger across 31 API routes
- Add Docker HEALTHCHECK directive
- Add vitest coverage config with v8 provider (60% threshold)
- Update README with new features, API docs, env vars, and roadmap items
- Fix E2E tests for password length and rate limiter IP changes
* fix: resolve all 44 failing CI E2E tests
- Bypass non-critical rate limiters in test env (MC_DISABLE_RATE_LIMIT=1)
to prevent 429s when 165 tests share the same IP bucket
- Make admin seed idempotent (INSERT OR IGNORE) to fix UNIQUE constraint
race when multiple Next.js workers initialize concurrently
- Add distinct x-forwarded-for headers to login-flow tests so they never
share the critical login rate-limit bucket with other test suites
- Add missing 018_token_usage migration that the heartbeat POST handler
depends on, fixing the 500 on inline token reporting
* docs: update README with latest features and test count
- Update migration count from 15 to 18
- Update E2E test count from 146 to 165
- Move Direct CLI, OpenAPI docs, and GitHub sync to completed roadmap
- Add Direct CLI and GitHub sync feature descriptions
- Add /api/connect and /api/github to API reference
- Remove resolved known limitation (vitest stubs)
- Update repo description
* fix: prevent build-time admin seed with wrong credentials in CI
Move `cp .env.test .env` before `pnpm build` in CI workflow so env vars
are present during build. Add NEXT_PHASE guard to skip seed during build
as belt-and-suspenders — env vars may not be available at build time.
Root cause: `next build` imports db.ts, triggering seedAdminUserFromEnv()
with undefined AUTH_USER/AUTH_PASS, seeding user `admin` instead of
`testadmin`. Runtime seed then sees count > 0 and skips. Tests login
as `testadmin` which doesn't exist → 401.
Fix WebSocket reconnect storm (issue #53) caused by stale closure
reading connection.reconnectAttempts from Zustand state. Use a ref
to track attempts, avoiding the closure capture problem entirely.
Improve Dockerfile: create .data directory with correct ownership for
SQLite, set PORT/HOSTNAME env vars explicitly.
Add deployment guide documenting Ubuntu prerequisites (python3, make,
g++ for better-sqlite3 native compilation) and platform-specific
build constraints.
- Add openapi.json spec covering all 59 API routes (~95 operations)
- Serve spec at GET /api/docs (no auth required, cached)
- Add interactive Scalar API reference UI at /docs
- Allow unauthenticated access to /api/docs and /docs in middleware
- Add @scalar/api-reference-react dependency
- Add 3 E2E tests for spec validation and auth bypass
- Add `agents` field to tokens action=stats response (groups by agent
extracted from sessionId split on ':')
- Add new action=agent-costs returning per-agent stats, model breakdown,
session list, and daily cost/token timeline
- New AgentCostPanel with summary cards, pie chart, trend lines,
efficiency bars, and expandable ranking table
- Add nav-rail entry in OBSERVE group after Tokens
- Add ContentRouter case for agent-costs tab
- Add 5 E2E tests for the new API endpoints
OpenClaw does not create a memory/ subdirectory under OPENCLAW_HOME.
Agent memory markdown files (daily logs, MEMORY.md, etc.) live in each
agent's workspace directory, not in ~/.openclaw/memory/.
Without OPENCLAW_MEMORY_DIR set, the memory browser falls back to
OPENCLAW_HOME, which only contains .sqlite session indices — not the
human-readable markdown files users expect to see.
Document the correct value and add an inline note to .env.example.
OpenClaw gateway configured with auth.mode='token' expects
{ token: '...' } in the connect handshake params, not { password: '...' }.
Sending 'password' causes the gateway to reject the handshake, resulting
in a disconnect→reconnect loop that floods the error log.
Tested against OpenClaw gateway v2026.2.25 with auth.mode='token'.
The triggerJob function was sending { command: job.command } to the API,
but the backend expects jobId or jobName to identify the job. This caused
all manual cron triggers to fail with "Job ID required" (400 error).
Also adds the missing `id` field to the CronJob store interface so
TypeScript recognizes the field already returned by the API.
User feedback: per-agent cost visibility is a top priority for
operators running their own agent orchestration setups. Currently
derivable from per-session data but not yet a dedicated panel.
- Sanitize session ID in control route to prevent command injection
via unsanitized URL params interpolated into shell commands
- Add mutationLimiter and structured logging to session control endpoint
- Install python3/make/g++ in Dockerfile deps stage for better-sqlite3
native addon compilation
- Handle missing public/ directory in Docker COPY with glob pattern
- Guard pino-pretty transport against missing devDependency at runtime
- Add `PRAGMA foreign_keys = ON` to db.ts — without this, all
ON DELETE CASCADE constraints across 7 tables are silently ignored
(SQLite disables foreign keys by default)
- Add migration 015 with indexes on hot query paths:
notifications(read_at), notifications(recipient, read_at),
activities(actor), activities(entity_type, entity_id),
messages(read_at)
nyk
Nyk
rezero-household