Safe Update/Merge

Add hourly auto-run enable/disable dropdown to the OpenClaw Update modal. Toggle reads cron job state on open and calls cron.update to enable/disable the Safe Merge Update Check job. Manual trigger (Run Safe Merge button) still works regardless of toggle state.

v1.2.8: Two-phase promote model — gateway no longer pushes to local-desktop-main until user confirms healthy reload. Phase 1 (automated): merge → build → restart gateway from safe-merge branch. local-desktop-main untouched, no remote push. Phase 2 (--promote, user-confirmed): push to TARGET_REMOTE/TARGET_BRANCH, switch local branch, delete safe-merge branch. Rollback before confirm: just restart from previous build — local-desktop-main was never overwritten. Also fixed: - Metadata: git now declared required (was anyBins with claude — incoherent); claude/python3/systemctl declared as optionalBins with descriptions - redact-secrets.sh: corrected contradictory header comment. Script itself writes only to fd 3; caller (safe-merge-update.sh) wires fd 3 to a mode-700 temp file. Maps DO land on disk — truthfully documented. - restart_gateway() now checks systemctl availability before calling — graceful on non-systemd hosts.

v1.2.7: Zombie-function safety net — validate.sh Check 2b (tsgo TS2304/TS2305 undefined-name scan on src/secrets + src/gateway catches bundler-invisible runtime crashes), Check 9 (post-restart smoke test: HTTP health + journal crash keywords), MERGE_MANIFEST.json refactorChecklist with zombie-functions/import-completeness/schema-field-types checks. Lesson: tsdown/rolldown does NOT type-check; tsgo catches what the bundler misses.

Reinstate auto-resolve as default; add --no-auto-resolve flag for manual review mode

Add --dry-run (shows divergence, zero changes), make --auto-resolve explicit opt-in (default now stops on conflicts for manual review), document LOCAL_BRANCH env var in all tables

Fix all contradictory claims: (1) every reference to allowed tools now consistently says Edit,Read — no Bash anywhere; (2) every reference to map storage accurately says mode-700 temp dir on disk, deleted after restore — no 'in-memory only' or 'never touches disk' language

Fix high-confidence flags: (1) remove Bash from claude allowedTools — model gets Edit+Read only, script handles git commit; (2) correct 'never touches disk' claim — map IS written to chmod-700 temp dir, deleted immediately after restore; (3) declare ANTHROPIC_API_KEY in optionalEnv metadata

Fix VirusTotal flags: wire redact-secrets.sh into claude invocation, configurable remote/branch names via env vars, auto-detect npm vs pnpm, remove 1password tab check, fix 'configured agent model' claim (it is the claude CLI), add prominent operator warnings section

Fully automated pipeline: safe-merge-update.sh handles merge, Claude auto-deconflicts, builds, promotes to local-desktop-main, restarts gateway. Pulls from upstream/main. Auto-prunes stale branches.

v1.2.0: Added Background Sessions Panel (view/talk to cron subagents from UI by clicking the updates badge). MERGE_MANIFEST.json now has 19 protected files. Changelog section + 2026-03-01 merge resolution notes for 148 upstream commits. references/ folder with bg-sessions backend, controller, and view source.

Reupload due to scan error by OpenClaw

safe-merge-update v1.1.0 New Features Update Modal UI — Clicking the topbar update button (any state: Up to Date, N Updates, or Updates Available) now opens a guided modal instead of immediately triggering a merge Step 1: Confirm upstream check + select merge model Step 2: Live fetch with spinner Step 3: Divergence results (commits ahead/behind) with option to run merge Merge Model Selector — Dropdown in the modal lists all available models (same catalog as Agents panel), grouped by provider. Selection persists in localStorage and is passed to the agent as SAFE_MERGE_MODEL in the merge prompt. Defaults to "Agent default model" if unset. Updated Files update-modal.ts — New UI component (modal with model dropdown, upstream check flow, merge trigger) MERGE_MANIFEST.json — v1.0.0 → v1.1.0: Added 6 protected files (update.ts, pipedream.ts, method-scopes.ts, run-loop.ts, run.ts, control-ui-csp.ts), 6 new file patterns, 3 global protected patterns SKILL.md — Rewrote Phase 2 to reflect actual merge workflow (branch → examine → merge --no-commit → resolve → verify). Added UI Update Modal section, Merge Model Selection config docs, 4 new Lessons Learned entries (CSP connect-src, branch naming, auto-merge verification, pnpm packages). Updated Files table. No Breaking Changes — Preflight, validate, redact-secrets scripts unchanged. Merge-agent-prompt unchanged

**Safer credential handling and clearer network activity documentation.** - Secret redaction map is now written only to file descriptor 3; if fd 3 is not open, redaction aborts with an error (never writes to disk, stdout, or stderr). - Build/install phase always passes --ignore-scripts to pnpm install, preventing execution of untrusted lifecycle hooks. - Documentation clarified: the "no network installs" guarantee refers to the skill package, not the merge workflow itself (which uses git fetch and pnpm install). - Added a usage protocol example for redaction/restore with explicit map handling for agents. - Reiterated that only redacted files are ever backed up; secrets are never written to disk.

safe-merge-update v1.0.2 - Redaction map for secrets now stays only in memory; backups in `/tmp/safe-merge/backups/` contain only redacted content, never plaintext secrets. - Updated SKILL metadata to require `REPO_DIR` as an environment variable. - Improved build security recommendations: highlights reviewing new install scripts and suggests running merges in isolated environments for extra safety. - Enhanced documentation for secret redaction, backup procedures, and best practices after merging.

**Added secret redaction for AI-assisted merge.** - Added `scripts/redact-secrets.sh` to automatically detect and redact secrets (API keys, tokens, private keys, passwords) before sending file diffs to the agent model during conflict resolution. - Updated documentation to detail redaction workflow and privacy guarantees: secrets are replaced with placeholders, never leave your machine, and are restored after merging. - Clarified that only conflicting file diffs (never full repo or .env files) are sent to the model, and that your configured OpenClaw agent model is always used. - Improved descriptions of pre-flight safety, validation steps, and backup requirements for increased transparency. - No behavioral changes for existing merge and validation phases except for secret redaction integration.

Initial release of safe-merge-update skill: a background agent for safely merging upstream OpenClaw changes into forks while preserving custom code and UI. - Automates 4 phases: pre-flight conflict detection, AI-assisted merge, validation, and reporting - Preserves plugin/skill registrations, custom UI tabs, workspace code, and protected files using a manifest - Includes full file backup before any merge, per-file strategy overrides, and manifest-driven AI conflict resolution - Provides UI and chat integration for users to control and monitor the update flow - Validates builds, tab presence, plugin registry, and preservation of critical patterns post-merge - Ensures validation passes before commit; if errors, halts and reports while preserving all backups and leaving branch for manual review