From 9f9e304afdeaf15997a3aee4ef670691aaa82ee8 Mon Sep 17 00:00:00 2001 From: Ronen Kalo Date: Mon, 16 Mar 2026 18:25:35 -0400 Subject: [PATCH 1/2] feat: add open source infrastructure for public release Add CI/CD workflows, contribution guidelines, issue/PR templates, security policy, code of conduct, changelog, and editorconfig. Update Makefile with fmt/vet targets, goreleaser with homebrew tap, and gitignore with additional patterns. --- .editorconfig | 21 ++++++++ .github/ISSUE_TEMPLATE/bug_report.md | 38 ++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 23 ++++++++ .github/pull_request_template.md | 11 ++++ .github/workflows/ci.yml | 32 ++++++++++++ .github/workflows/release.yml | 29 ++++++++++ .gitignore | 10 ++++ .goreleaser.yml | 9 ++++ CHANGELOG.md | 29 ++++++++++ CODE_OF_CONDUCT.md | 45 ++++++++++++++++ CONTRIBUTING.md | 64 +++++++++++++++++++++++ Makefile | 8 ++- SECURITY.md | 34 ++++++++++++ 13 files changed, 352 insertions(+), 1 deletion(-) create mode 100644 .editorconfig create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/pull_request_template.md create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/release.yml create mode 100644 CHANGELOG.md create mode 100644 CODE_OF_CONDUCT.md create mode 100644 CONTRIBUTING.md create mode 100644 SECURITY.md diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..8c3e750 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,21 @@ +root = true + +[*] +charset = utf-8 +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespace = true +indent_style = tab +indent_size = 4 + +[*.{yml,yaml}] +indent_style = space +indent_size = 2 + +[*.md] +indent_style = space +indent_size = 2 +trim_trailing_whitespace = false + +[Makefile] +indent_style = tab diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..e8b2de5 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,38 @@ +--- +name: Bug Report +about: Report a bug to help us improve oclaw +title: "" +labels: bug +assignees: "" +--- + +## Description + +A clear description of the bug. + +## Steps to Reproduce + +1. Run `oclaw ...` +2. Do X +3. See error + +## Expected Behavior + +What you expected to happen. + +## Actual Behavior + +What actually happened. Include any error messages or unexpected output. + +## Environment + +- **OS**: (e.g., macOS 15, Ubuntu 24.04) +- **Terminal**: (e.g., iTerm2, Kitty, WezTerm) +- **oclaw version**: (release tag or `git rev-parse --short HEAD`) +- **Go version** (if built from source): (`go version`) + +## Additional Context + +Any other context, screenshots, or debug logs (`OCLAW_DEBUG=1 oclaw`). + +**Important:** Redact any tokens, keys, or other secrets from debug logs before posting. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..fcb0c80 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,23 @@ +--- +name: Feature Request +about: Suggest a new feature or improvement +title: "" +labels: enhancement +assignees: "" +--- + +## Problem + +What problem does this feature solve? What's missing or frustrating? + +## Proposed Solution + +Describe the feature or change you'd like to see. + +## Alternatives Considered + +Any alternative approaches you've thought about. + +## Additional Context + +Any other context, mockups, or references. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..540743f --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,11 @@ +## Description + +What does this PR do? + +## Checklist + +- [ ] Code compiles without errors (`go build ./...`) +- [ ] All tests pass (`go test ./...`) +- [ ] No vet warnings (`go vet ./...`) +- [ ] Code is formatted (`go fmt ./...`) +- [ ] Breaking changes are documented (if any) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..d1e2122 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,32 @@ +name: CI + +on: + push: + branches: [main] + pull_request: + branches: [main] + +permissions: + contents: read + +jobs: + build: + strategy: + matrix: + os: [ubuntu-latest, macos-latest] + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-go@v5 + with: + go-version-file: go.mod + + - name: Build + run: go build ./... + + - name: Vet + run: go vet ./... + + - name: Test + run: go test ./... diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..d1acf8b --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,29 @@ +name: Release + +on: + push: + tags: + - "v*" + +permissions: + contents: write + +jobs: + goreleaser: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - uses: actions/setup-go@v5 + with: + go-version-file: go.mod + + - uses: goreleaser/goreleaser-action@v6 + with: + version: "~> v2" + args: release --clean + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + HOMEBREW_TAP_TOKEN: ${{ secrets.HOMEBREW_TAP_TOKEN }} diff --git a/.gitignore b/.gitignore index d62ea85..41e1df3 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,14 @@ dist/ *.exe *.test *.out +*.prof +*.pprof .DS_Store +.idea/ +.vscode/ +*.swp +*.swo +*~ +coverage.txt +coverage.html +.env* diff --git a/.goreleaser.yml b/.goreleaser.yml index e74d511..a7a0b2e 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -23,6 +23,15 @@ archives: checksum: name_template: "checksums.txt" +brews: + - repository: + owner: quantum-bytes + name: homebrew-tap + token: "{{ .Env.HOMEBREW_TAP_TOKEN }}" + homepage: "https://github.com/quantum-bytes/oclaw" + description: "Terminal UI for OpenClaw agent chat" + license: "MIT" + changelog: sort: asc filters: diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..ed3c8c3 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,29 @@ +# Changelog + +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [0.1.0] - 2026-03-16 + +### Added + +- Interactive TUI chat with Bubbletea framework +- Streaming responses with real-time token-by-token display +- Thinking model support with toggle visibility (Ctrl+T) +- Multi-agent switching mid-conversation (Ctrl+A) +- Session management: browse, resume, and reset sessions +- Memory persistence via `/save` command +- Markdown rendering with Glamour (code blocks, lists, headings) +- Clickable OSC 8 terminal hyperlinks +- Animated thinking indicator with shimmer gradient +- Slash command autocomplete +- Auto-reconnect with exponential backoff +- Scrollable chat (mouse wheel, PgUp/PgDn, Ctrl+Home/End) +- Zero-config auto-discovery from `~/.openclaw/openclaw.json` +- Ed25519 device signing authentication +- Token-based authentication fallback +- Security hardening: ANSI/OSC sanitization, URL validation, secure key handling +- Debug logging opt-in with secure temp files +- Cross-platform builds (macOS, Linux, Windows on amd64/arm64) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..848eafa --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,45 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone. + +## Our Standards + +Examples of behavior that contributes to a positive environment: + +- Using welcoming and inclusive language +- Being respectful of differing viewpoints and experiences +- Gracefully accepting constructive criticism +- Focusing on what is best for the community + +Examples of unacceptable behavior: + +- Trolling, insulting or derogatory comments, and personal attacks +- Public or private harassment +- Publishing others' private information without explicit permission +- Other conduct which could reasonably be considered inappropriate + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate or harmful. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. + +## Enforcement + +Instances of unacceptable behavior may be reported via +[GitHub's private vulnerability reporting](https://github.com/quantum-bytes/oclaw/security/advisories/new). +All complaints will be reviewed and investigated promptly and fairly. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org), +version 2.1, available at +[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html](https://www.contributor-covenant.org/version/2/1/code_of_conduct.html). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..f334ea3 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,64 @@ +# Contributing to oclaw + +Thanks for your interest in contributing! Here's how to get started. + +## Development Setup + +```bash +git clone https://github.com/quantum-bytes/oclaw +cd oclaw +make build +``` + +Requirements: Go version matching `go.mod` (currently 1.26+) + +## Building and Testing + +```bash +make build # Build binary +make test # Run tests +make lint # Run linter (requires golangci-lint) +make fmt # Format code +make vet # Run go vet +``` + +## Submitting Changes + +1. Fork the repository +2. Create a feature branch (`git checkout -b feat/my-feature`) +3. Make your changes +4. Ensure `make fmt vet test` passes +5. Commit with a descriptive message (see below) +6. Push and open a Pull Request + +## Commit Messages + +Follow conventional commit style: + +- `feat: add agent filtering` — new feature +- `fix: handle nil session` — bug fix +- `docs: update keybindings table` — documentation +- `refactor: extract message parser` — code restructure +- `test: add gateway client tests` — tests +- `chore: update dependencies` — maintenance + +## Code Style + +- Run `go fmt ./...` before committing +- Run `go vet ./...` to catch issues +- Keep functions focused and short +- Add tests for new functionality + +## Reporting Issues + +- Use the GitHub issue templates (bug report or feature request) +- Include your OS, terminal emulator, and oclaw version +- For bugs, include steps to reproduce and debug logs (`OCLAW_DEBUG=1`) + +## Code Review + +All PRs require review before merging. Reviewers will check: + +- Correctness and test coverage +- Code style and readability +- Security implications (especially for input handling and auth) diff --git a/Makefile b/Makefile index 1137b9b..a033f45 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -.PHONY: build run clean test +.PHONY: build run clean test fmt vet lint install build: go build -o oclaw . @@ -9,6 +9,12 @@ run: build test: go test ./... +fmt: + go fmt ./... + +vet: + go vet ./... + clean: rm -f oclaw diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..879008d --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,34 @@ +# Security Policy + +## Supported Versions + +| Version | Supported | +|---------|-----------| +| latest | Yes | + +## Reporting a Vulnerability + +If you discover a security issue, please report it responsibly. + +**Do not open a public GitHub issue for security problems.** + +Instead, use [GitHub's private vulnerability reporting](https://github.com/quantum-bytes/oclaw/security/advisories/new) to submit your report. + +Please include: + +- Description of the issue +- Steps to reproduce +- Potential impact +- Suggested fix (if any) + +You should receive an acknowledgment within 48 hours. We will work with you to understand and address the issue before any public disclosure. + +## Security Considerations + +oclaw handles sensitive data including: + +- Ed25519 device private keys (`~/.openclaw/identity/device.json`) +- Gateway authentication tokens +- WebSocket connections to the gateway + +See the Security section in [README.md](README.md) for details on the hardening measures in place. From 9b0d3abfbd651d6a1085b181040c8f106e0896c9 Mon Sep 17 00:00:00 2001 From: Ronen Kalo Date: Mon, 16 Mar 2026 18:33:14 -0400 Subject: [PATCH 2/2] fix(ci): skip live gateway tests in CI with -short flag TestClientConnectLive requires a running OpenClaw gateway and already has a testing.Short() skip guard. --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d1e2122..fc37e7c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,4 +29,4 @@ jobs: run: go vet ./... - name: Test - run: go test ./... + run: go test -short ./...