test: prove OpenClaw 2026.5.27 resolves #4434 unreachable inference TUI error#4437
Conversation
|
Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually. Contributors can view more details about this message here. |
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (5)
💤 Files with no reviewable changes (1)
🚧 Files skipped from review as they are similar to previous changes (3)
📝 WalkthroughWalkthroughBumps OpenClaw to 2026.5.27 across builds, manifests, package metadata, tests and docs; widens followup-runner patching and fixtures for admission-shaped runners; adds Vitest and opt-in E2E tests reproducing TUI unreachable-inference behavior; and adds a selective nightly E2E job with CI wiring. ChangesOpenClaw 2026.5.27 upgrade with issue
Sequence Diagram(s)(The changes do not introduce a new multi-component runtime flow beyond tests and CI wiring that would benefit from a sequence diagram, so no diagrams are included here.) Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Suggested labels
Suggested reviewers
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
E2E Advisor RecommendationRequired E2E: Dispatch hint: Auto-dispatched E2E: Full advisor summaryE2E Recommendation AdvisorBase: Required E2E
Optional E2E
New E2E recommendations
Dispatch hint
|
E2E Scenario Advisor RecommendationRequired scenario E2E: Dispatch required scenario E2E:
Full scenario advisor summaryE2E Scenario AdvisorBase: Required scenario E2E
Optional scenario E2E
Relevant changed files
|
PR Review AdvisorFindings: 2 needs attention, 6 worth checking, 0 nice ideas Review findings🛠️ Needs attention
🔎 Worth checking
🌱 Nice ideas
Since last review detailsCurrent findings:
This is an automated advisory review. A human maintainer must make the final merge decision. |
Selective E2E Results — ❌ Some jobs failedRun: 26579419772
|
Selective E2E Results — ❌ Some jobs failedRun: 26580021337
|
ericksoa
changed the title
Selective E2E Results — ❌ Some jobs failedRun: 26580885137
|
Selective E2E Results — ✅ All requested jobs passedRun: 26581483934
|
|
/nvskills-ci |
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
Selective E2E Results — ✅ All requested jobs passedRun: 26584199493
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/nightly-e2e.yaml:
- Around line 354-362: The checkout step currently leaves default git
credentials in the workspace; update the Checkout action configuration (the step
named "Checkout" that uses
actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd) to disable persisted
credentials by adding persist-credentials: false under its with: block so the
privileged job does not retain Git credentials in the workspace.
- Around line 345-350: The .coderabbit.yaml is missing a path_instructions entry
for the workflow job issue-4434-tui-unreachable-inference-e2e; add a mapping
under path_instructions that references the workflow/job key
(issue-4434-tui-unreachable-inference-e2e) and points to the relevant test
script paths (e.g., test-issue-4434-tui-unreachable-inference or the actual e2e
test directory/files), ensuring the key matches the job name used in the
workflow and the path glob patterns match where the test scripts live so
coderabbit can trigger correct instructions for that job.
In `@test/e2e/test-openclaw-tui-chat-correlation.sh`:
- Line 49: The version check uses regex-style grep which treats "." as any char;
change the command used in the conditional that references openclaw_version to
use fixed-string matching (e.g., replace grep -q "2026.5.27" with grep -Fq
"2026.5.27") so the literal string "2026.5.27" is matched exactly (update the if
condition around the grep invocation).
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: a2107b9a-8f01-4ffa-bfe2-206858d44df8
📒 Files selected for processing (15)
.github/workflows/nightly-e2e.yamlDockerfileDockerfile.baseagents/openclaw/manifest.yamlnemoclaw/package.jsonnemoclaw/src/package-metadata.test.tsscripts/patch-openclaw-chat-send.jssrc/lib/sandbox/version.test.tssrc/lib/verify-deployment.test.tstest/e2e/test-issue-4434-tui-unreachable-inference.shtest/e2e/test-openclaw-tui-chat-correlation.shtest/fetch-guard-patch-regression.test.tstest/issue-4434-tui-unreachable-inference.test.tstest/openclaw-chat-send-patch.test.tstest/validate-e2e-coverage.test.ts
Selective E2E Results — ✅ All requested jobs passedRun: 26584355281
|
|
🌿 Preview your docs: https://nvidia-preview-pr-4437.docs.buildwithfern.com/nemoclaw |
Selective E2E Results — ❌ Some jobs failedRun: 26585206489
|
Selective E2E Results — ✅ All requested jobs passedRun: 26652959641
|
jyaunches
left a comment
jyaunches
left a comment
There was a problem hiding this comment.
Approving on regression-risk grounds.
Regression-risk review
Surface area is small: only one product-code change (scripts/patch-openclaw-chat-send.js, +16/−3) plus version/integrity bumps and test fixture alignment. The rest of the behavior change comes from upstream OpenClaw 2026.5.22 → 2026.5.27.
Past OpenClaw bumps have rolled back in production (e.g. #3820 reverted by #4051 in <5h), so I wanted breadth of E2E rather than just count of green checks before approving.
E2E coverage on head 5f549f66
All 5 advisor-required jobs green via auto-dispatch + the live privileged job:
- ✅
cloud-e2e - ✅
openclaw-tui-chat-correlation-e2e(direct proof the chat-send shim still applies on the newadmitReplyTurnshape) - ✅
rebuild-openclaw-e2e - ✅
sandbox-survival-e2e - ✅
issue-4434-tui-unreachable-inference-e2e(live privileged repro on Linux w/NVIDIA_API_KEY)
The advisor also flagged three optional adjacent surfaces that weren't auto-dispatched. I dispatched them manually against this PR head (run 26652959641):
- ✅
openclaw-inference-switch-e2e - ✅
inference-routing-e2e - ✅
hermes-e2e
8/8 advisor-recommended E2Es now green on 5f549f66.
Non-blocking follow-ups (PR Review Advisor)
The PR Review Advisor only ran once on the initial commit (924c1d52) and never re-evaluated after the "harden review gates" / "address review feedback" commits. Verifying each finding directly against HEAD:
- 🛠 Privileged job lacks explicit trusted workflow-ref gate (
if: github.ref == 'refs/heads/main') — partially mitigated bypersist-credentials: falseand SHA-pinned + ancestor-checkedtarget_ref, but workflow YAML/script ref itself isn't gated. - 🛠 Live proof's
VISIBLE_ERROR_REand final-status assertion are still broad; the synthetic Vitest covers the structured-error shape, so regression-guard quality lives mostly there. - 🔎 Failure-artifact sanitizer is non-recursive into
CAPTURE_DIR/; tokens are still env-redacted. - 🔎 Adjacent items: pin
expect/iptableshost packages, record OSV/GHSA advisory review evidence foropenclaw@2026.5.27, refresh.agents/skills/nemoclaw-user-reference/references/commands.md(still showsv2026.5.22), and document tolerant-parser source-of-truth/removal contract.
CodeRabbit's three actionable items (path_instructions mapping, persist-credentials: false, fixed-string version match) are all addressed.
These are CI hygiene / assertion rigor, not product correctness, and reasonable to track as a follow-up issue.
Verdict
LGTM — approving. Recommend opening one tracking issue for the advisor follow-ups before merging.
|
Converting to draft so we don't merge a new OpenClaw without discussing first. |
wscurran
added
area: cli
|
Got the green light from Carlos. Did a pass on the upstream changelog. Channel SDK alias removal, node approvals now require admin, and tighter CLI numeric parsing all check out, none of it touches our surface. |
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
Dockerfile (1)
888-946: 💤 Low valueHealthcheck logic has grown significantly more complex.
The updated healthcheck now includes a three-tier probe with namespace-aware fallback logic to handle deployments where the dashboard port lives in a different network namespace (
#3975). While this addresses real operational issues, the conditional branching and marker-file dependency make this healthcheck harder to reason about and test.The logic is well-documented, but consider:
- Whether this complexity could be encapsulated in a dedicated script (e.g.,
/usr/local/bin/nemoclaw-healthcheck) for better testability- Adding unit/integration tests for the healthcheck logic variations
- Monitoring for false positives/negatives in E2E tests
As per coding guidelines, this Dockerfile change should be validated with the full E2E test suite:
gh workflow run nightly-e2e.yaml --ref <branch> -f jobs=cloud-e2e,sandbox-survival-e2e,hermes-e2e,rebuild-openclaw-e2e,openclaw-tui-chat-correlation-e2e🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@Dockerfile` around lines 888 - 946, Extract the complex HEALTHCHECK shell block into a standalone, testable script (e.g., /usr/local/bin/nemoclaw-healthcheck) and update the Dockerfile HEALTHCHECK to invoke that script; specifically move the probe logic that computes port (python3 urlparse snippet), curl checks, rc handling (0/7/other), marker check (/tmp/nemoclaw-gateway-local), process existence check (pgrep --ignore-ancestors -f 'openclaw[ -]gateway') and gateway log size test ([ -s /tmp/gateway.log ]) into the script, preserve the same exit codes/behavior, add unit/integration tests covering the three probe outcomes and the marker-present/absent branches, and ensure scripts/nemoclaw-start.sh remains the producer of /tmp/nemoclaw-gateway-local so the script’s marker check remains valid.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@Dockerfile`:
- Line 621: The explicit setting "'loopbackMode': 'gateway-only'" in the
Dockerfile should be clarified: either add a short inline comment in the
Dockerfile next to the "'loopbackMode': 'gateway-only'" entry explaining why we
must force gateway-only for issue `#4434` (describe the observed behavior change
vs prior runs and what breaks if omitted), or remove the line if OpenClaw
already defaults to gateway-only and update the PR description to state that
confirmation; locate the "'loopbackMode': 'gateway-only'" token in the
Dockerfile and implement one of these two actions so the intent and impact on
loopback/egress behavior are clear.
---
Nitpick comments:
In `@Dockerfile`:
- Around line 888-946: Extract the complex HEALTHCHECK shell block into a
standalone, testable script (e.g., /usr/local/bin/nemoclaw-healthcheck) and
update the Dockerfile HEALTHCHECK to invoke that script; specifically move the
probe logic that computes port (python3 urlparse snippet), curl checks, rc
handling (0/7/other), marker check (/tmp/nemoclaw-gateway-local), process
existence check (pgrep --ignore-ancestors -f 'openclaw[ -]gateway') and gateway
log size test ([ -s /tmp/gateway.log ]) into the script, preserve the same exit
codes/behavior, add unit/integration tests covering the three probe outcomes and
the marker-present/absent branches, and ensure scripts/nemoclaw-start.sh remains
the producer of /tmp/nemoclaw-gateway-local so the script’s marker check remains
valid.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 40bd164a-2b2e-4940-b1af-989155f9bc34
📒 Files selected for processing (5)
.coderabbit.yaml.github/workflows/nightly-e2e.yamlDockerfileDockerfile.basedocs/reference/commands.mdx
💤 Files with no reviewable changes (1)
- docs/reference/commands.mdx
🚧 Files skipped from review as they are similar to previous changes (3)
- .coderabbit.yaml
- Dockerfile.base
- .github/workflows/nightly-e2e.yaml
There was a problem hiding this comment.
Caution
Inline review comments failed to post. This is likely due to GitHub's internal server error or limits when posting large numbers of comments. If you are seeing this consistently it is likely a permissions issue. Please check "Moderation" -> "Code review limits" under your organization settings.
Actionable comments posted: 1
🧹 Nitpick comments (1)
Dockerfile (1)
888-946: 💤 Low valueHealthcheck logic has grown significantly more complex.
The updated healthcheck now includes a three-tier probe with namespace-aware fallback logic to handle deployments where the dashboard port lives in a different network namespace (
#3975). While this addresses real operational issues, the conditional branching and marker-file dependency make this healthcheck harder to reason about and test.The logic is well-documented, but consider:
- Whether this complexity could be encapsulated in a dedicated script (e.g.,
/usr/local/bin/nemoclaw-healthcheck) for better testability- Adding unit/integration tests for the healthcheck logic variations
- Monitoring for false positives/negatives in E2E tests
As per coding guidelines, this Dockerfile change should be validated with the full E2E test suite:
gh workflow run nightly-e2e.yaml --ref <branch> -f jobs=cloud-e2e,sandbox-survival-e2e,hermes-e2e,rebuild-openclaw-e2e,openclaw-tui-chat-correlation-e2e🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@Dockerfile` around lines 888 - 946, Extract the complex HEALTHCHECK shell block into a standalone, testable script (e.g., /usr/local/bin/nemoclaw-healthcheck) and update the Dockerfile HEALTHCHECK to invoke that script; specifically move the probe logic that computes port (python3 urlparse snippet), curl checks, rc handling (0/7/other), marker check (/tmp/nemoclaw-gateway-local), process existence check (pgrep --ignore-ancestors -f 'openclaw[ -]gateway') and gateway log size test ([ -s /tmp/gateway.log ]) into the script, preserve the same exit codes/behavior, add unit/integration tests covering the three probe outcomes and the marker-present/absent branches, and ensure scripts/nemoclaw-start.sh remains the producer of /tmp/nemoclaw-gateway-local so the script’s marker check remains valid.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@Dockerfile`:
- Line 621: The explicit setting "'loopbackMode': 'gateway-only'" in the
Dockerfile should be clarified: either add a short inline comment in the
Dockerfile next to the "'loopbackMode': 'gateway-only'" entry explaining why we
must force gateway-only for issue `#4434` (describe the observed behavior change
vs prior runs and what breaks if omitted), or remove the line if OpenClaw
already defaults to gateway-only and update the PR description to state that
confirmation; locate the "'loopbackMode': 'gateway-only'" token in the
Dockerfile and implement one of these two actions so the intent and impact on
loopback/egress behavior are clear.
---
Nitpick comments:
In `@Dockerfile`:
- Around line 888-946: Extract the complex HEALTHCHECK shell block into a
standalone, testable script (e.g., /usr/local/bin/nemoclaw-healthcheck) and
update the Dockerfile HEALTHCHECK to invoke that script; specifically move the
probe logic that computes port (python3 urlparse snippet), curl checks, rc
handling (0/7/other), marker check (/tmp/nemoclaw-gateway-local), process
existence check (pgrep --ignore-ancestors -f 'openclaw[ -]gateway') and gateway
log size test ([ -s /tmp/gateway.log ]) into the script, preserve the same exit
codes/behavior, add unit/integration tests covering the three probe outcomes and
the marker-present/absent branches, and ensure scripts/nemoclaw-start.sh remains
the producer of /tmp/nemoclaw-gateway-local so the script’s marker check remains
valid.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 40bd164a-2b2e-4940-b1af-989155f9bc34
📒 Files selected for processing (5)
.coderabbit.yaml.github/workflows/nightly-e2e.yamlDockerfileDockerfile.basedocs/reference/commands.mdx
💤 Files with no reviewable changes (1)
- docs/reference/commands.mdx
🚧 Files skipped from review as they are similar to previous changes (3)
- .coderabbit.yaml
- Dockerfile.base
- .github/workflows/nightly-e2e.yaml
🛑 Comments failed to post (1)
Dockerfile (1)
621-621:
⚠️ Potential issue | 🟡 Minor | ⚡ Quick win🧩 Analysis chain
🌐 Web query:
OpenClaw 2026.5.27 proxy configuration loopbackMode gateway-only💡 Result:
In OpenClaw, proxy.loopbackMode is a configuration setting used to define how loopback-based traffic (such as Gateway WebSocket connections on 127.0.0.1:18789) is handled when a managed outbound proxy is enabled [1][2]. The gateway-only setting is the default mode [1][2]. In this mode, OpenClaw registers the specific Gateway loopback authority in its managed bypass policy [1][2]. This allows local Gateway WebSocket traffic, as well as connections from bundled browser plugins and local embedding providers (e.g., Ollama), to connect directly to the service without being routed through the configured outbound proxy [1][2]. Other available modes include: proxy: Disables the automatic registration of Gateway and Ollama loopback bypasses, forcing this local traffic to be sent through the managed proxy [1][2]. This is generally only useful if the remote proxy is specifically configured to map or tunnel these loopback requests [1][2]. block: Explicitly denies any loopback Gateway connections [1][2]. This configuration is typically defined in your configuration file under the proxy object [1][2]: proxy: enabled: true proxyUrl: http://127.0.0.1:3128 loopbackMode: gateway-only # gateway-only, proxy, or block Note that for reverse proxy setups (e.g., using nginx in front of the gateway), you should bind the gateway to a loopback address and ensure your reverse proxy configuration includes proper WebSocket upgrade headers (Upgrade, Connection, proxy_http_version 1.1) and a sufficient proxy_read_timeout (e.g., 86400) [3]. If using gateway.auth.mode: "trusted-proxy" for a same-host reverse proxy, you must also set gateway.auth.trustedProxy.allowLoopback: true and explicitly include the loopback address in gateway.trustedProxies [4][5].
Citations:
- 1: https://documentation.openclaw.ai/security/network-proxy
- 2: https://docs.openclaw.ai/security/network-proxy
- 3: https://openclawvps.io/blog/openclaw-proxy-configuration
- 4: https://docs.openclaw.ai/gateway/trusted-proxy-auth
- 5: https://documentation.openclaw.ai/gateway/trusted-proxy-auth
Clarify intent of
proxy.loopbackMode: 'gateway-only'(loopback bypass behavior)This sets
proxy.loopbackModetogateway-only.OpenClaw’s proxy configuration docs list
gateway-onlyas the default mode and describe it as registering the Gateway loopback bypass so local Gateway WebSocket/loopback traffic connects directly instead of being routed through the managed outbound proxy. IfloopbackModepreviously defaulted togateway-onlywhen omitted, this change is likely just making the default explicit; otherwise, it could alter loopback egress behavior.Please either:
- document why this needs to be explicitly set for
#4434(and what behavior would differ), or- confirm that prior OpenClaw behavior (when
loopbackModewas absent) already defaulted togateway-only.'loopbackMode': 'gateway-only', \🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@Dockerfile` at line 621, The explicit setting "'loopbackMode': 'gateway-only'" in the Dockerfile should be clarified: either add a short inline comment in the Dockerfile next to the "'loopbackMode': 'gateway-only'" entry explaining why we must force gateway-only for issue `#4434` (describe the observed behavior change vs prior runs and what breaks if omitted), or remove the line if OpenClaw already defaults to gateway-only and update the PR description to state that confirmation; locate the "'loopbackMode': 'gateway-only'" token in the Dockerfile and implement one of these two actions so the intent and impact on loopback/egress behavior are clear.
Selective E2E Results — ✅ All requested jobs passedRun: 26973754311
|
## Summary
- Add the v0.0.59 release notes from the GitHub announcement discussion.
- Refresh local inference and credential-storage guidance for the
current release behavior.
- Regenerate the user skills from the updated Fern docs.
- Tighten release-prep and docs review guidance for generated skills, PR
labels, and shared `$$nemoclaw` command placeholders.
## Verification
- `python3 scripts/docs-to-skills.py docs/ .agents/skills/ --prefix
nemoclaw-user --doc-platform fern-mdx`
- `rg "permissive mode|shields down|shields up|shields status|config
rotate-token|rotate-token" --glob '*.{md,mdx}'`
- `git diff --check`
- `npm run docs` (rerun outside sandbox after sandbox-only `tsx` IPC
permission failure)
- `npm run typecheck:cli`
- Pre-commit hooks during commit passed, including markdownlint,
docs-to-skills verification, gitleaks, commitlint, and skills YAML
tests.
## Source Summary
- #3679, #4437, #4681, #4766, #4772, #4775, #4786 ->
`docs/about/release-notes.mdx`, `docs/reference/commands.mdx`,
`docs/reference/troubleshooting.mdx`: Summarize OpenClaw 2026.5.27
compatibility, runtime path pinning, plugin registry recovery, live
gateway reconciliation, and clearer host-alias/startup diagnostics.
- #4332, #4402, #4769, #4776, #4779 -> `docs/about/release-notes.mdx`,
`docs/inference/inference-options.mdx`,
`docs/inference/use-local-inference.mdx`,
`docs/inference/switch-inference-providers.mdx`: Document the release
inference changes covering Local NIM waits, Hermes Anthropic routing,
Nemotron 3 Ultra, the current Ollama starter fallback, and Spark
managed-vLLM context length.
- #4628, #4652, #4733, #4745 -> `docs/about/release-notes.mdx`,
`docs/security/credential-storage.mdx`,
`docs/manage-sandboxes/messaging-channels.mdx`,
`docs/reference/troubleshooting.mdx`: Capture permission healing,
gateway-stored credential reuse, cross-sandbox messaging credential
conflict checks, and CDI preflight diagnostics.
- #4728, #4737, #4743, #4744, #4782 -> `.agents/skills/nemoclaw-user-*`:
Regenerate the user skill references from the updated source docs.
- Follow-up maintenance ->
`.agents/skills/nemoclaw-contributor-update-docs/SKILL.md`,
`.coderabbit.yaml`: Add release-prep area labels for docs and skills
PRs, and teach docs review guidance that `$$nemoclaw` is the correct
shared command placeholder for examples that work across agent aliases.
Note: the `documentation` label was not present in the repository, so
this PR is labeled with `v0.0.59` only.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated default model for local Ollama inference setup to qwen3.5:9b
* Added Nemotron 3 Ultra 550B as an NVIDIA Endpoints model option
* Clarified credential storage and reuse behavior for post-deployment
(day-two) operations
* Added v0.0.59 release notes covering OpenClaw compatibility, inference
options, Hermes messaging sync, and troubleshooting
* Clarified CLI selection guidance and updated OpenClaw version example
in status output
* Revised release-prep instructions and docs review guidance for CLI
alias usage
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
5 participants
Release target
Refs #4434. This PR targets
v0.0.55; #4434 should remain open until this OpenClaw upgrade is merged, tagged, and verified in the shipped.55release.Why this resolves #4434
NemoClaw #4434 reports that
openclaw tuikeeps an active spinner andconnectedstatus with no visible terminal error when the NVIDIA inference endpoint is unreachable. This branch moves the sandbox OpenClaw pin from2026.5.22to2026.5.27with npm integrity:sha512-2N93zhdAo88KAbHt6T7KvYXf4s7XIkYXBgv1npYpn7e1Y9FvrtgtpsA38my9rtFW+70uXEojRPX5/OqnuDqJPw==Upstream proof:
broadcastChatError()call for synchronouschat.sendfailures.Changes
Dockerfile,Dockerfile.base,agents/openclaw/manifest.yaml, and package metadata to OpenClaw2026.5.27.scripts/patch-openclaw-chat-send.jsso NemoClaw's chat-send run-id preservation shim still recognizes the compiled OpenClaw2026.5.27followup-runner admission shape.test/e2e/test-issue-4434-tui-unreachable-inference.sh.nightly-e2e.yamlasissue-4434-tui-unreachable-inference-e2e, including selective dispatch, public-install target-ref handling, failure artifacts, aggregate reporting coverage, and trusted workflow-script checkout for the secret/sudo firewall job.Local validation
npm cinpm ci --include=devnpm run build:clinpm run typecheck:clinpm test -- test/fetch-guard-patch-regression.test.ts test/openclaw-chat-send-patch.test.ts test/openclaw-tui-chat-correlation.test.ts test/issue-4434-tui-unreachable-inference.test.tsnpm test -- src/lib/sandbox/version.test.ts src/lib/verify-deployment.test.tsnpm test -- test/validate-e2e-coverage.test.ts test/e2e-advisor-dispatch.test.ts test/e2e-script-workflow.test.ts test/issue-4434-tui-unreachable-inference.test.ts nemoclaw/src/package-metadata.test.tsshellcheck test/e2e/test-issue-4434-tui-unreachable-inference.shbash -n test/e2e/test-issue-4434-tui-unreachable-inference.shbash -n test/e2e/test-openclaw-tui-chat-correlation.shNEMOCLAW_ISSUE_4434_LIVE=0 bash test/e2e/test-issue-4434-tui-unreachable-inference.shgit diff --checknpm pack openclaw@2026.5.27dist smoke withnode scripts/patch-openclaw-chat-send.js "$tmp/package/dist"docker build -f Dockerfile --build-arg BASE_IMAGE=ghcr.io/nvidia/nemoclaw/sandbox-base:latest -t nemoclaw-issue4434-openclaw-runtime-smoke:2026-5-27 .docker run --rm --entrypoint openclaw nemoclaw-issue4434-openclaw-runtime-smoke:2026-5-27 --version->OpenClaw 2026.5.27 (27ae826)2026.5.27npm integrity and install path.98e0a763efe0925f26cf89129cd4ab63cb0b05f3: passed, including CLI/plugin coverage hooks.test/nemoclaw-start.test.tscase timed out during the full concurrent run, then passed directly withnpx vitest run --project cli test/nemoclaw-start.test.ts -t "captures baseline snapshot when openclaw.json is valid and no baseline exists".Nightly proof
Targeted nightly E2E passed on the final PR head:
5f549f661fe81b485f75903146512af4225d4698issue-4434-tui-unreachable-inference-e2eThe live job runs the requested end-to-end flow on Linux with the repository
NVIDIA_API_KEYsecret: public install from this PR ref, cloud onboard with NVIDIA Endpoints andnvidia/nemotron-3-super-120b-a12b, pre-blocknemoclaw <sandbox> status, pre-blocknemoclaw <sandbox> connect --probe-only, exactDOCKER-USERDROPrules for75.2.113.119and99.83.136.103, in-sandbox endpoint-block verification,openclaw tui,hello, and final TUI assertion.The passing assertion was:
PASS: openclaw tui surfaced a visible unreachable-inference error and stopped the spinnerThe dispatch command for reruns while this job only exists on the PR branch is:
Remaining release note
v0.0.53/ OpenClaw2026.5.22spinner/no-error behavior after the exact firewall block. I did not rerun the mutating baseline repro from this macOS host.Dockerfile.basebuild was blocked locally because this Docker install does not providedocker buildx, whileDockerfile.baseuses BuildKitRUN --mount. The runtime Docker path and a base-style OpenClaw install smoke both passed.Summary by CodeRabbit
Tests
Chores
Chores / CI