feat: open source readiness infrastructure

.editorconfig

@@ -0,0 +1,21 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = tab
+indent_size = 4
+
+[*.{yml,yaml}]
+indent_style = space
+indent_size = 2
+
+[*.md]
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = false
+
+[Makefile]
+indent_style = tab

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,38 @@
+---
+name: Bug Report
+about: Report a bug to help us improve oclaw
+title: ""
+labels: bug
+assignees: ""
+---
+
+## Description
+
+A clear description of the bug.
+
+## Steps to Reproduce
+
+1. Run `oclaw ...`
+2. Do X
+3. See error
+
+## Expected Behavior
+
+What you expected to happen.
+
+## Actual Behavior
+
+What actually happened. Include any error messages or unexpected output.
+
+## Environment
+
+- **OS**: (e.g., macOS 15, Ubuntu 24.04)
+- **Terminal**: (e.g., iTerm2, Kitty, WezTerm)
+- **oclaw version**: (release tag or `git rev-parse --short HEAD`)
+- **Go version** (if built from source): (`go version`)
+
+## Additional Context
+
+Any other context, screenshots, or debug logs (`OCLAW_DEBUG=1 oclaw`).
+
+**Important:** Redact any tokens, keys, or other secrets from debug logs before posting.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,23 @@
+---
+name: Feature Request
+about: Suggest a new feature or improvement
+title: ""
+labels: enhancement
+assignees: ""
+---
+
+## Problem
+
+What problem does this feature solve? What's missing or frustrating?
+
+## Proposed Solution
+
+Describe the feature or change you'd like to see.
+
+## Alternatives Considered
+
+Any alternative approaches you've thought about.
+
+## Additional Context
+
+Any other context, mockups, or references.

.github/pull_request_template.md

@@ -0,0 +1,11 @@
+## Description
+
+What does this PR do?
+
+## Checklist
+
+- [ ] Code compiles without errors (`go build ./...`)
+- [ ] All tests pass (`go test ./...`)
+- [ ] No vet warnings (`go vet ./...`)
+- [ ] Code is formatted (`go fmt ./...`)
+- [ ] Breaking changes are documented (if any)

.github/workflows/ci.yml

@@ -0,0 +1,32 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest]
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - name: Build
+        run: go build ./...
+
+      - name: Vet
+        run: go vet ./...
+
+      - name: Test
+        run: go test -short ./...

.github/workflows/release.yml

@@ -0,0 +1,29 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - "v*"
+
+permissions:
+  contents: write
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - uses: goreleaser/goreleaser-action@v6
+        with:
+          version: "~> v2"
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          HOMEBREW_TAP_TOKEN: ${{ secrets.HOMEBREW_TAP_TOKEN }}

.gitignore

@@ -3,4 +3,14 @@ dist/
 *.exe
 *.test
 *.out
+*.prof
+*.pprof
 .DS_Store
+.idea/
+.vscode/
+*.swp
+*.swo
+*~
+coverage.txt
+coverage.html
+.env*

.goreleaser.yml

@@ -23,6 +23,15 @@ archives:
 checksum:
   name_template: "checksums.txt"
 
+brews:
+  - repository:
+      owner: quantum-bytes
+      name: homebrew-tap
+      token: "{{ .Env.HOMEBREW_TAP_TOKEN }}"
+    homepage: "https://github.com/quantum-bytes/oclaw"
+    description: "Terminal UI for OpenClaw agent chat"
+    license: "MIT"
+
 changelog:
   sort: asc
   filters:

CHANGELOG.md

@@ -0,0 +1,29 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.1.0] - 2026-03-16
+
+### Added
+
+- Interactive TUI chat with Bubbletea framework
+- Streaming responses with real-time token-by-token display
+- Thinking model support with toggle visibility (Ctrl+T)
+- Multi-agent switching mid-conversation (Ctrl+A)
+- Session management: browse, resume, and reset sessions
+- Memory persistence via `/save` command
+- Markdown rendering with Glamour (code blocks, lists, headings)
+- Clickable OSC 8 terminal hyperlinks
+- Animated thinking indicator with shimmer gradient
+- Slash command autocomplete
+- Auto-reconnect with exponential backoff
+- Scrollable chat (mouse wheel, PgUp/PgDn, Ctrl+Home/End)
+- Zero-config auto-discovery from `~/.openclaw/openclaw.json`
+- Ed25519 device signing authentication
+- Token-based authentication fallback
+- Security hardening: ANSI/OSC sanitization, URL validation, secure key handling
+- Debug logging opt-in with secure temp files
+- Cross-platform builds (macOS, Linux, Windows on amd64/arm64)

CODE_OF_CONDUCT.md

@@ -0,0 +1,45 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment:
+
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+
+Examples of unacceptable behavior:
+
+- Trolling, insulting or derogatory comments, and personal attacks
+- Public or private harassment
+- Publishing others' private information without explicit permission
+- Other conduct which could reasonably be considered inappropriate
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate or harmful.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+
+## Enforcement
+
+Instances of unacceptable behavior may be reported via
+[GitHub's private vulnerability reporting](https://github.com/quantum-bytes/oclaw/security/advisories/new).
+All complaints will be reviewed and investigated promptly and fairly.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org),
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html](https://www.contributor-covenant.org/version/2/1/code_of_conduct.html).

CONTRIBUTING.md

@@ -0,0 +1,64 @@
+# Contributing to oclaw
+
+Thanks for your interest in contributing! Here's how to get started.
+
+## Development Setup
+
+```bash
+git clone https://github.com/quantum-bytes/oclaw
+cd oclaw
+make build
+```
+
+Requirements: Go version matching `go.mod` (currently 1.26+)
+
+## Building and Testing
+
+```bash
+make build      # Build binary
+make test       # Run tests
+make lint       # Run linter (requires golangci-lint)
+make fmt        # Format code
+make vet        # Run go vet
+```
+
+## Submitting Changes
+
+1. Fork the repository
+2. Create a feature branch (`git checkout -b feat/my-feature`)
+3. Make your changes
+4. Ensure `make fmt vet test` passes
+5. Commit with a descriptive message (see below)
+6. Push and open a Pull Request
+
+## Commit Messages
+
+Follow conventional commit style:
+
+- `feat: add agent filtering` — new feature
+- `fix: handle nil session` — bug fix
+- `docs: update keybindings table` — documentation
+- `refactor: extract message parser` — code restructure
+- `test: add gateway client tests` — tests
+- `chore: update dependencies` — maintenance
+
+## Code Style
+
+- Run `go fmt ./...` before committing
+- Run `go vet ./...` to catch issues
+- Keep functions focused and short
+- Add tests for new functionality
+
+## Reporting Issues
+
+- Use the GitHub issue templates (bug report or feature request)
+- Include your OS, terminal emulator, and oclaw version
+- For bugs, include steps to reproduce and debug logs (`OCLAW_DEBUG=1`)
+
+## Code Review
+
+All PRs require review before merging. Reviewers will check:
+
+- Correctness and test coverage
+- Code style and readability
+- Security implications (especially for input handling and auth)

Makefile

@@ -1,4 +1,4 @@
-.PHONY: build run clean test
+.PHONY: build run clean test fmt vet lint install
 
 build:
 	go build -o oclaw .
@@ -9,6 +9,12 @@ run: build
 test:
 	go test ./...
 
+fmt:
+	go fmt ./...
+
+vet:
+	go vet ./...
+
 clean:
 	rm -f oclaw
 

SECURITY.md

@@ -0,0 +1,34 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| latest  | Yes       |
+
+## Reporting a Vulnerability
+
+If you discover a security issue, please report it responsibly.
+
+**Do not open a public GitHub issue for security problems.**
+
+Instead, use [GitHub's private vulnerability reporting](https://github.com/quantum-bytes/oclaw/security/advisories/new) to submit your report.
+
+Please include:
+
+- Description of the issue
+- Steps to reproduce
+- Potential impact
+- Suggested fix (if any)
+
+You should receive an acknowledgment within 48 hours. We will work with you to understand and address the issue before any public disclosure.
+
+## Security Considerations
+
+oclaw handles sensitive data including:
+
+- Ed25519 device private keys (`~/.openclaw/identity/device.json`)
+- Gateway authentication tokens
+- WebSocket connections to the gateway
+
+See the Security section in [README.md](README.md) for details on the hardening measures in place.