chore: upgrade OpenClaw to 2026.5.22#4260
Merged
Merged
Conversation
Contributor
📝 WalkthroughWalkthroughPins OpenClaw to 2026.5.22 across build/config, enforces a pinned npm integrity for that release, updates in-image upgrade logic to validate version bounds and only upgrade when current < target, broadens the chat-send patch to handle new followup-runner shapes, and aligns tests and docs to 2026.5.22. ChangesOpenClaw 2026.5.22 Version Pin and Compatibility
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Suggested labels
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Warning There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure. 🔧 ESLint
ESLint skipped: no ESLint configuration detected in root package.json. To enable, add Comment |
Contributor
|
🌿 Preview your docs: https://nvidia-preview-pr-4260.docs.buildwithfern.com/nemoclaw |
Contributor
E2E Advisor RecommendationRequired E2E: Dispatch hint: Auto-dispatched E2E: Full advisor summaryE2E Recommendation AdvisorBase: Required E2E
Optional E2E
New E2E recommendations
Dispatch hint
|
Contributor
E2E Scenario Advisor RecommendationRequired scenario E2E: None Full scenario advisor summaryE2E Scenario AdvisorBase: Required scenario E2E
Optional scenario E2E
Relevant changed files
|
Contributor
PR Review AdvisorFindings: 0 needs attention, 0 worth checking, 0 nice ideas This is an automated advisory review. A human maintainer must make the final merge decision. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
🧹 Nitpick comments (3)
Dockerfile.base (1)
181-181: Run the sandbox-impact E2E suite for this base-image pin bump.Since this changes
Dockerfile.base, run the recommended nightly jobs before merge to validate runtime behavior across onboard, recovery, rebuild persistence, and OpenClaw chat correlation:$ gh workflow run nightly-e2e.yaml --ref <branch> -f jobs=cloud-e2e,sandbox-survival-e2e,hermes-e2e,rebuild-openclaw-e2e,openclaw-tui-chat-correlation-e2eAs per coding guidelines: "
Dockerfile.base... changes are only testable with a real container build" and the listed E2E recommendations should be run.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@Dockerfile.base` at line 181, You changed the base image version ARG OPENCLAW_VERSION in Dockerfile.base; before merging, run the recommended nightly E2E jobs to validate runtime behavior by invoking the GitHub workflow (nightly-e2e.yaml) for the current branch and pass jobs=cloud-e2e,sandbox-survival-e2e,hermes-e2e,rebuild-openclaw-e2e,openclaw-tui-chat-correlation-e2e so the sandbox-impact suites (onboard, recovery, rebuild persistence, and OpenClaw chat correlation) execute and verify the pin bump.Dockerfile (1)
311-311: Validate this image-layer change path via the recommended E2E jobs.$ gh workflow run nightly-e2e.yaml --ref <branch> -f jobs=cloud-e2e,sandbox-survival-e2e,hermes-e2e,rebuild-openclaw-e2e,openclaw-tui-chat-correlation-e2eAs per coding guidelines: "
Dockerfile... changes are only testable with a real container build" and should use the specified E2E set.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@Dockerfile` at line 311, The Dockerfile image-layer change must be validated by running the specified end-to-end job suite; trigger the nightly-e2e.yaml workflow and run the jobs cloud-e2e, sandbox-survival-e2e, hermes-e2e, rebuild-openclaw-e2e, and openclaw-tui-chat-correlation-e2e against your branch to confirm the layer and OpenClaw 2026.5.22 runtime exposure work correctly; report any failing E2E errors and iterate on the Dockerfile change until all listed jobs pass.scripts/patch-openclaw-chat-send.js (1)
107-107: Run the recommended E2E test to verify TUI message correlation.Changes to this patch script can affect TUI message ordering, duplicate sends, and user/assistant turn correlation when OpenClaw is the active agent.
As per coding guidelines, run the
openclaw-tui-chat-correlation-e2etest to validate the change:$ gh workflow run nightly-e2e.yaml --ref <branch> -f jobs=openclaw-tui-chat-correlation-e2e🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@scripts/patch-openclaw-chat-send.js` at line 107, Summary: After changing the block that creates replyOperation and generates runId, verify TUI message correlation. Instruction: After editing the code around createReplyOperation (the object with sessionId: run.sessionId, sessionKey: replySessionKey ?? "", resetTriggered: false, upstreamAbortSignal: queued.abortSignal (?? opts?.abortSignal)) and the runId = crypto.randomUUID() insertion, run the openclaw-tui-chat-correlation-e2e test via the GH workflow (gh workflow run nightly-e2e.yaml --ref <branch> -f jobs=openclaw-tui-chat-correlation-e2e) and confirm TUI ordering, duplicate sends, and user/assistant turn correlation are correct; if failures occur, adjust the ordering or scoping of replyOperation vs runId (ensuring createReplyOperation receives the correct sessionId/sessionKey/resetTriggered/upstreamAbortSignal and runId is generated at the correct time) until the e2e passes.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@Dockerfile`:
- Line 311: The Dockerfile image-layer change must be validated by running the
specified end-to-end job suite; trigger the nightly-e2e.yaml workflow and run
the jobs cloud-e2e, sandbox-survival-e2e, hermes-e2e, rebuild-openclaw-e2e, and
openclaw-tui-chat-correlation-e2e against your branch to confirm the layer and
OpenClaw 2026.5.22 runtime exposure work correctly; report any failing E2E
errors and iterate on the Dockerfile change until all listed jobs pass.
In `@Dockerfile.base`:
- Line 181: You changed the base image version ARG OPENCLAW_VERSION in
Dockerfile.base; before merging, run the recommended nightly E2E jobs to
validate runtime behavior by invoking the GitHub workflow (nightly-e2e.yaml) for
the current branch and pass
jobs=cloud-e2e,sandbox-survival-e2e,hermes-e2e,rebuild-openclaw-e2e,openclaw-tui-chat-correlation-e2e
so the sandbox-impact suites (onboard, recovery, rebuild persistence, and
OpenClaw chat correlation) execute and verify the pin bump.
In `@scripts/patch-openclaw-chat-send.js`:
- Line 107: Summary: After changing the block that creates replyOperation and
generates runId, verify TUI message correlation. Instruction: After editing the
code around createReplyOperation (the object with sessionId: run.sessionId,
sessionKey: replySessionKey ?? "", resetTriggered: false, upstreamAbortSignal:
queued.abortSignal (?? opts?.abortSignal)) and the runId = crypto.randomUUID()
insertion, run the openclaw-tui-chat-correlation-e2e test via the GH workflow
(gh workflow run nightly-e2e.yaml --ref <branch> -f
jobs=openclaw-tui-chat-correlation-e2e) and confirm TUI ordering, duplicate
sends, and user/assistant turn correlation are correct; if failures occur,
adjust the ordering or scoping of replyOperation vs runId (ensuring
createReplyOperation receives the correct
sessionId/sessionKey/resetTriggered/upstreamAbortSignal and runId is generated
at the correct time) until the e2e passes.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 4d8aada3-b633-4f7b-aca4-257d1404db2d
📒 Files selected for processing (11)
DockerfileDockerfile.baseagents/openclaw/manifest.yamldocs/reference/commands.mdxnemoclaw-blueprint/blueprint.yamlscripts/patch-openclaw-chat-send.jssrc/lib/sandbox/version.test.tssrc/lib/verify-deployment.test.tstest/e2e/test-openclaw-tui-chat-correlation.shtest/fetch-guard-patch-regression.test.tstest/openclaw-chat-send-patch.test.ts
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 26468536223
|
Contributor
Selective E2E Results — ❌ Some jobs failedRun: 26468476226
|
Contributor
There was a problem hiding this comment.
🧹 Nitpick comments (1)
scripts/patch-openclaw-chat-send.js (1)
90-126: Run the targeted chat-correlation E2E before merge.This helper directly affects OpenClaw chat-send ordering/correlation behavior, so please run
openclaw-tui-chat-correlation-e2eon this branch.As per coding guidelines "scripts/patch-openclaw-chat-send.js ... changes can affect TUI message ordering, duplicate sends, and user/assistant turn correlation ... E2E test recommendation: openclaw-tui-chat-correlation-e2e".
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@scripts/patch-openclaw-chat-send.js` around lines 90 - 126, The patch modifies run-id handling in patchFollowupRunnerFile (changing runId initialization to use queued.runId ?? opts?.runId ?? crypto.randomUUID()) which can affect message ordering/correlation—before merging, run the targeted end-to-end test openclaw-tui-chat-correlation-e2e against this branch and verify chat/send ordering, duplicate sends, and assistant/user turn correlation; if the test fails, revert or adjust the runId replacement logic in patchFollowupRunnerFile and re-run the E2E until it passes.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@scripts/patch-openclaw-chat-send.js`:
- Around line 90-126: The patch modifies run-id handling in
patchFollowupRunnerFile (changing runId initialization to use queued.runId ??
opts?.runId ?? crypto.randomUUID()) which can affect message
ordering/correlation—before merging, run the targeted end-to-end test
openclaw-tui-chat-correlation-e2e against this branch and verify chat/send
ordering, duplicate sends, and assistant/user turn correlation; if the test
fails, revert or adjust the runId replacement logic in patchFollowupRunnerFile
and re-run the E2E until it passes.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 62622366-3b01-4a80-a37c-fe01598bbcf5
📒 Files selected for processing (10)
DockerfileDockerfile.basedocs/about/release-notes.mdxdocs/reference/commands.mdxnemoclaw-blueprint/blueprint.yamlnemoclaw/package.jsonnemoclaw/src/package-metadata.test.tsscripts/patch-openclaw-chat-send.jstest/fetch-guard-patch-regression.test.tstest/openclaw-chat-send-patch.test.ts
✅ Files skipped from review due to trivial changes (5)
- nemoclaw/src/package-metadata.test.ts
- nemoclaw/package.json
- docs/about/release-notes.mdx
- docs/reference/commands.mdx
- nemoclaw-blueprint/blueprint.yaml
Contributor
Selective E2E Results — ❌ Some jobs failedRun: 26469418993
|
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 26469480317
|
Contributor
Selective E2E Results — ❌ Some jobs failedRun: 26471497587
|
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 26471546489
|
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@nemoclaw-blueprint/blueprint.yaml`:
- Line 7: The blueprint's min_openclaw_version value was bumped to "2026.5.22"
but the blueprint still points to an immutable sandbox image digest (the pinned
sandbox digest referenced elsewhere in this file), causing a mismatch between
advertised minimum OpenClaw and the actual image; either revert
min_openclaw_version back to the version that matches the pinned digest or
update the sandbox image digest in this same change so the digest-backed image
actually meets "2026.5.22". Locate the min_openclaw_version key and the sandbox
image digest entries (the pinned sandbox image references) and either restore
the previous version string or replace the digest with the new image digest that
was built with OpenClaw 2026.5.22, ensuring both are updated together.
In `@test/fetch-guard-patch-regression.test.ts`:
- Around line 91-93: The test currently hard-sets the synthetic blueprint
minimum to the exact Dockerfile pin by writing openclawVersion into the
blueprint (openclawVersion, openclawIntegrity, fs.writeFileSync(blueprint,...))
and later asserts equality (lines referenced around 246-248); change this so the
blueprint minimum is not forced equal to the runtime target: write a
lower/compatible version or a range into the blueprint (e.g., decrement or use a
semver-min string) and update the assertion that checks the runtime/base target
to assert ">= blueprint min" (use a semver comparison rather than strict
equality) so the test covers the stale-digest path and enforces runtime >=
blueprint minimum instead of ==.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 4242d233-987d-4c84-b0a5-f14cc48edcda
📒 Files selected for processing (5)
Dockerfiledocs/about/release-notes.mdxdocs/reference/commands.mdxnemoclaw-blueprint/blueprint.yamltest/fetch-guard-patch-regression.test.ts
✅ Files skipped from review due to trivial changes (2)
- docs/reference/commands.mdx
- docs/about/release-notes.mdx
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 26471562073
|
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 26471704158
|
ericksoa
added
v0.0.52
ericksoa
added
Integration: Discord
ericksoa
added
fix
status: rfr
cv
approved these changes
May 26, 2026
Contributor
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
Dockerfile (1)
93-126:⚠️ Potential issue | 🟠 Major | ⚡ Quick winInstall the pinned OpenClaw version when the base is newer, not just when it is stale.
With
BASE_IMAGEdefaulting tosandbox-base:latest, the>=check lets a newer base image bypass the reinstall and silently ship a different OpenClaw version thanOPENCLAW_VERSION. That breaks the runtime pin and can leave the later patch block running against an unreviewed dist shape.Suggested fix
- if [ "$(printf '%s\n%s' "$OPENCLAW_VERSION" "$CUR_VER" | sort -V | head -n1)" = "$OPENCLAW_VERSION" ]; then \ - echo "INFO: OpenClaw $CUR_VER is current (>= $OPENCLAW_VERSION), no upgrade needed"; \ + if [ "$CUR_VER" = "$OPENCLAW_VERSION" ]; then \ + echo "INFO: OpenClaw $CUR_VER matches pinned target, no upgrade needed"; \ else \ - echo "INFO: Base image has OpenClaw $CUR_VER, upgrading to $OPENCLAW_VERSION"; \ + echo "INFO: Base image has OpenClaw $CUR_VER, installing pinned $OPENCLAW_VERSION"; \ # npm 10's atomic-move install can hit EROFS on overlayfs when the # prior install spans multiple image layers (e.g. openclaw was # baked into sandbox-base, then we upgrade on top here). Clearing🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@Dockerfile` around lines 93 - 126, The current version check uses sort -V to skip reinstall when the base image has a newer OpenClaw (CUR_VER >= OPENCLAW_VERSION), which allows an unpinned newer runtime; change the logic so we only skip when CUR_VER equals OPENCLAW_VERSION and always install the requested OPENCLAW_VERSION otherwise. Update the conditional around CUR_VER/OPENCLAW_VERSION (the if that echoes "INFO: OpenClaw $CUR_VER is current (>= $OPENCLAW_VERSION), no upgrade needed") to test equality (CUR_VER = OPENCLAW_VERSION) and move the rm -rf /usr/local/lib/node_modules/openclaw /usr/local/bin/openclaw; npm install -g ... "openclaw@${OPENCLAW_VERSION}" into the else branch for any non-equal case so the pinned version is installed even when the base is newer.
🧹 Nitpick comments (1)
docs/reference/commands.mdx (1)
410-410: ⚡ Quick winUse active voice in this sentence.
is declared byis passive. Rephrase with an active subject so it matches the docs style used elsewhere on the page.As per coding guidelines, "Active voice required. Flag passive constructions."
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@docs/reference/commands.mdx` at line 410, Rewrite the passive sentence to active voice by making the Dockerfiles the subject; e.g., state that the NemoClaw Dockerfiles declare the runtime build target using the OPENCLAW_VERSION variable. Ensure the revised sentence mentions the same identifiers (OPENCLAW_VERSION and NemoClaw Dockerfiles) and keeps the original meaning while using active voice.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Outside diff comments:
In `@Dockerfile`:
- Around line 93-126: The current version check uses sort -V to skip reinstall
when the base image has a newer OpenClaw (CUR_VER >= OPENCLAW_VERSION), which
allows an unpinned newer runtime; change the logic so we only skip when CUR_VER
equals OPENCLAW_VERSION and always install the requested OPENCLAW_VERSION
otherwise. Update the conditional around CUR_VER/OPENCLAW_VERSION (the if that
echoes "INFO: OpenClaw $CUR_VER is current (>= $OPENCLAW_VERSION), no upgrade
needed") to test equality (CUR_VER = OPENCLAW_VERSION) and move the rm -rf
/usr/local/lib/node_modules/openclaw /usr/local/bin/openclaw; npm install -g ...
"openclaw@${OPENCLAW_VERSION}" into the else branch for any non-equal case so
the pinned version is installed even when the base is newer.
---
Nitpick comments:
In `@docs/reference/commands.mdx`:
- Line 410: Rewrite the passive sentence to active voice by making the
Dockerfiles the subject; e.g., state that the NemoClaw Dockerfiles declare the
runtime build target using the OPENCLAW_VERSION variable. Ensure the revised
sentence mentions the same identifiers (OPENCLAW_VERSION and NemoClaw
Dockerfiles) and keeps the original meaning while using active voice.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 6c7aac6a-fe6b-412f-a157-f33165f1241d
📒 Files selected for processing (7)
Dockerfiledocs/about/release-notes.mdxdocs/reference/architecture.mdxdocs/reference/commands.mdxnemoclaw-blueprint/blueprint.yamlschemas/blueprint.schema.jsontest/fetch-guard-patch-regression.test.ts
✅ Files skipped from review due to trivial changes (3)
- schemas/blueprint.schema.json
- docs/reference/architecture.mdx
- docs/about/release-notes.mdx
Contributor
Selective E2E Results — ❌ Some jobs failedRun: 26478183772
|
4 tasks
cv
added a commit
that referenced
this pull request
May 27, 2026
## Summary Refresh NemoClaw documentation and regenerated user skills for the v0.0.52 release-prep window. Adds the v0.0.52 release-notes entry and regenerates `nemoclaw-user-*` skills so the published Fern docs and the agent-skill references stay in sync. ## Source summary - #4260 -> `docs/about/release-notes.mdx`: Document the OpenClaw runtime bump to 2026.5.22 and call out the `min_openclaw_version` compatibility floor versus `OPENCLAW_VERSION` Dockerfile pin. (Architecture and commands pages were already updated in #4260 itself.) - #4272 -> `docs/about/release-notes.mdx`: Document the Hermes v0.14 root-entrypoint sandbox layout repair (precreated runtime dirs, sticky group-writable `/sandbox/.hermes`, removed `gateway.pid` symlink precreation, legacy state cleanup at launch). - #4261 -> `docs/about/release-notes.mdx`: Document the onboard ready output restoration that points users at `nemoclaw <name> dashboard-url --quiet`. - #4200 -> `docs/about/release-notes.mdx`: Document Slack token validation in onboarding so invalid `SLACK_BOT_TOKEN` values trigger a re-prompt instead of silent advance. - #4278 -> `docs/about/release-notes.mdx`: Document the Windows bootstrap regression fix that restores the separate Ubuntu setup handoff window, keeps `Ubuntu-24.04` as the default distro, and documents `-DistroName Ubuntu` to reuse an existing distro. (The `docs/get-started/windows-preparation.mdx` page was already updated in #4278 itself.) - #4092 -> `docs/about/release-notes.mdx`: Document the blueprint private-network blocklist reload when `private-networks.yaml` changes on disk. - Release cleanup -> `.agents/skills/nemoclaw-user-*`: Regenerate user skills with `scripts/docs-to-skills.py docs/ .agents/skills/ --prefix nemoclaw-user --doc-platform fern-mdx` so the agent-skill references pick up the v0.0.52 release-notes update plus the WeChat / WhatsApp doc changes that already landed in #4276. ## Type of Change - [ ] Code change (feature, bug fix, or refactor) - [ ] Code change with doc updates - [x] Doc only (prose changes, no code sample modifications) - [ ] Doc only (includes code sample changes) ## Verification - `python3 scripts/docs-to-skills.py docs/ .agents/skills/ --prefix nemoclaw-user --doc-platform fern-mdx` -> 10 skills, 1724 lines, 29 reference files. - `npm run docs` -> 0 errors, 1 warning (Fern check clean). - `npm run build:cli` -> success (refreshed `dist/` so the pre-push TypeScript hook passes). - Skip-list check against `docs/.docs-skip` `skip-terms`: no "permissive mode", "shields down", "shields up", "shields status", "config rotate-token", or "rotate-token" strings in `docs/` or generated skills. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Experimental WeChat messaging channel added (QR pairing), alongside Telegram, Discord, Slack, and WhatsApp. * **Documentation** * Updated onboarding, messaging-channel, CLI, and troubleshooting docs to include WeChat/WhatsApp (marked experimental) and new onboarding flags/notes. * Clarified provider validation and runtime routing behavior for OpenAI-compatible endpoints and Google Gemini. * Updated Windows bootstrap/WSL guidance to target Ubuntu 24.04. * **Chores** * Added v0.0.52 release notes (runtime upgrade, sandbox hardening, onboarding and network fixes). <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/NVIDIA/NemoClaw/pull/4293?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: Carlos Villela <cvillela@nvidia.com>
](https://app.coderabbit.ai/change-stack/NVIDIA/NemoClaw/pull/4293?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack){kind=link}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bump NemoClaw's runtime OpenClaw target from
2026.5.18to2026.5.22acrossDockerfile.base, the productionDockerfile, the OpenClaw agent manifest, package metadata, status docs, and version assertions.The runtime build path now installs OpenClaw 2026.5.22 explicitly and records the expected npm integrity for
openclaw@2026.5.22. Stale base images are upgraded during the production image build, so this PR tests the actual 5.22 upgrade path instead of leaving the runtime on the old version.Important blueprint note:
nemoclaw-blueprint/blueprint.yamlnow keepsmin_openclaw_versionas the direct-blueprint compatibility floor, not the NemoClaw runtime pin. It is set to2026.3.11because the pinned legacyopenshell-communitysandbox image digest runs OpenClaw 2026.3.11. Normal NemoClaw onboarding builds fromghcr.io/nvidia/nemoclaw/sandbox-baseand uses DockerfileOPENCLAW_VERSIONas the runtime source of truth. Follow-up #4271 tracks resolving or retiring that legacy blueprint image contract.This also updates the bundled NemoClaw OpenClaw plugin metadata to 5.22 and tightens the chat-send compatibility patch with an executable 2026.5.22 follow-up runner fixture plus a real-package patch check.
Review Feedback
min_openclaw_versiona compatibility floor and requiring Dockerfile runtime targets to be at least that floor instead of exactly equal.Issue impact
Candidate fixes or meaningful retest coverage from the OpenClaw 2026.5.22 bump:
web_fetchprivate/internal host behavior still needs targeted confirmation before we call that portion fixed.channels.discordexists butplugins.entries.discordis missing and the bot never connects. The full PR nightly passedopenclaw-discord-pairing-e2eon 2026.5.22.enabled: true, env vars present, and plugin installed #4189: possible fix / strong regression coverage. The report is Slack channel startup being skipped with a 2026.5.18 runtime while 2026.5.22 Slack plugin bits are present. Aligning the OpenClaw runtime and plugin line to 2026.5.22 is exactly the suspicious skew, and the full PR nightly passedopenclaw-slack-pairing-e2e.channels-add-remove-e2e,channels-stop-start-e2e,messaging-providers-e2e, and Telegram injection coverage.clawhubegress policy in this PR, so registry-fetch/policy failures should not be called fixed without a focused repro.Related bugs considered but not claimed fixed by this PR: #4238, #4211, #4010, #3947, and #4065. Those involve pre-sandbox Telegram reachability handling, pricing egress defaults,
/nemoclawslash command behavior, local Ollama token accounting, or shields-up filesystem permissions rather than the 2026.5.18 -> 2026.5.22 runtime pin itself.Validation
Latest local validation on current head:
npm run typecheck:clinpx vitest run test/fetch-guard-patch-regression.test.ts test/validate-blueprint.test.ts test/validate-config-schemas.test.tsgit diff --checkEarlier validation for the runtime upgrade stack:
npm run build:clinpx vitest run test/fetch-guard-patch-regression.test.ts test/openclaw-chat-send-patch.test.ts test/validate-blueprint.test.ts nemoclaw/src/package-metadata.test.tsopenclaw@2026.5.22and ran:node scripts/patch-openclaw-chat-send.js <openclaw-2026.5.22>/distnode scripts/patch-openclaw-tool-catalog.js <openclaw-2026.5.22>/distE2E
Full
nightly-e2efor the runtime upgrade head passed: https://github.com/NVIDIA/NemoClaw/actions/runs/26471704158db6c7aa9a98b6dc815b96d6db21b24c1ed2646a1gpu-e2e,gpu-double-onboard-e2e,notify-on-failure)The latest follow-up commit keeps the runtime OpenClaw pin at 2026.5.22 and only decouples blueprint compatibility metadata, docs, and the guard test invariant.
Summary by CodeRabbit
Chores
Tests
Documentation