zeroclaw-labs/zeroclaw

audit: track 153 commits lost in bulk revert c3ff635 for recovery

Open

#6074 opened on Apr 24, 2026

View on GitHub
 (2 comments) (0 reactions) (1 assignee)Rust (31,341 stars) (4,614 forks)batch import
cienhancementhelp wantedpriority:p2risk: highstatus:in-progressstatus:no-stale

Description

Summary

Commit c3ff635300c03132441cbf9ae9ad0477a6e11ddb (2026-03-28) reverted 153 commits in a single bulk rollback, restoring master to 1362d69f. This revert was necessary at the time, but it also removed bug fixes, features, and improvements that had been reviewed, approved, and merged.

This issue tracks which commits have already been independently re-applied during the microkernel refactor and which are still missing and worth recovering.

Known recovery issues: #5259 (WeChat iLink channel), #2503 (NapCat/OneBot channel)

Note on deleted PRs: Some PR numbers referenced in commit messages return 404 on GitHub. A co-author on several of these commits (SimianAstronaut7, who also authored the revert) had their account blocked, which removed associated PRs and issues. Some external contributor PRs that list SimianAstronaut7 as co-author are also missing — likely opened from that account's fork. Where the PR record is missing, the entry links to the commit instead.

Status key

  • Re-applied — verified present in the current codebase
  • 🔲 Missing — verified absent, candidate for recovery
  • 🔀 Superseded — the underlying code was refactored or the bug no longer applies in the new architecture
  • ⏭️ Skip — merge commit, dep bump, or whitespace-only

Verified re-applied (39)

These fixes have been independently re-implemented in the current crate structure:

  • 2ddf7dcb #4544 — web_search_tool in default_param_for_tool mapping (tool-call-parser/lib.rs:807) ✅
  • 49e994a3 #4702 — Lark list message type handling (lark.rs:986, test at :2766) ✅
  • ffb015b3 #4552 — case-insensitive command allowlist matching (policy.rs:824) ✅
  • 143b34ea (commit) — SearXNG search provider config (schema.rs:2977) ✅
  • a4e6d772 #4314 — Slack audio file transcription (slack.rs:39) ✅
  • a3da42b1 — mention_only arg + voice_wake feature-gated errors (telegram.rs:367) ✅
  • 2a5866ec #4297 — extract binary from .tar.gz release assets (update.rs:212) ✅
  • 490c54e8 #4750 — allow high risk command execution (whitespace-only, no functional change) ✅
  • 8416af7d (commit) — local time for runtime_trace timestamps (production path at line 216 uses Local::now(); remaining Utc calls are temp file naming and tests only) ✅
  • 1e477f52 (commit) — respect max_history_messages in channel mode (orchestrator/mod.rs:1211) ✅
  • a993c96f #4690 — use stream_chat in turn_streamed for WS/webhook streaming (loop_.rs:547, ws.rs:467) ✅
  • 3b9c184e #4317 — Z.AI no_responses_fallback + Bailian alias (provider_aliases.rs:89, lib.rs:1293) ✅
  • e9c99f92 #4805 — preserve matrix thread context on first follow-up (matrix.rs:256-292) ✅
  • 3ce90480 (commit) — respect path_prefix in get-paircode command (gateway routes nested under prefix at lib.rs:1100) ✅
  • 516a9cfb #4529 — resolve temp dir canonicalization on macOS (schema.rs:9418, seatbelt.rs:151) ✅
  • a279f5da #4438 — improve dashboard unavailable message for Homebrew (service/mod.rs:582-620) ✅
  • 9ce1b67a (commit) — prevent duplicate tool call notifications (superseded by #6093; dedup_exempt infra in schema.rs:1487) ✅
  • 15a630e4 #4763 — clarify public bind error message (gateway/lib.rs:413-422) ✅
  • 6044fa23 #4557 — resolve agent-browser npm shim on Windows (browser.rs:247-250) ✅
  • 59c9a2d1 #4181 — resolve claude-code test flakiness (superseded by #6093; agent.rs:2400-2410) ✅
  • ac355d40 #4897 — add GitHub Copilot to onboarding (re-merged as #5321, 9f245539f) ✅
  • 20593311 (commit) — enable MCP tools in webhook endpoint (re-applied by #6080, be106b681) ✅
  • 59ad6da0 #4687 — add closing tag to memory context injection (re-applied by #6082, 3b24f817) ✅
  • 3e0a08c1 (commit) — add missing bind paths for bubblewrap sandbox (re-applied by #6169, 62728c1ceb) ✅
  • df43e516 #4555 — respect path_prefix in paircode + shutdown commands (re-applied by #6169, 62728c1ceb) ✅
  • 8c3c890c (commit) — add timeout to Mattermost HTTP client (re-applied by #6169, 62728c1ceb) ✅
  • babe7f1e #4554 — inject current datetime into scheduler decision prompt (re-applied by #6169, 62728c1ceb) ✅
  • 74a94a1c #4499 — skip tools summary for native tools (re-applied by #6544, 3821550c) ✅
  • 4995c184 #4337 — exact arch triple matching for update downloads (re-applied by #6585, ed9bd52) ✅
  • 4f872cca #4310 — restrict reasoning_effort to known openai models (re-applied by #6631, d2dd45a) ✅
  • 7882897e #4573 — propagate Gemini token usage to cost tracker (re-applied by #6575, f8221ce) ✅
  • e7467e0a #4538 — fallback to non-streaming when Codex streaming fails (re-applied by #6668, ea825ce) ✅
  • d4ab8a47 #4213 — add --log-llm flag to dump LLM provider payloads (re-applied by #6709, 3e27b58) ✅
  • da742938 #4316 — gracefully skip unresolvable images instead of failing (re-applied by #6743, f6b90124) ✅
  • 46ca9364 #4410 — restore --interactive CLI compatibility; current bare onboarding is already interactive (re-applied by #6673, f1ced29e) ✅
  • ef9e52f3 #4803 — respect wildcard opt-out for subshell/redirect guards (re-applied by #5773, 247e2e18) ✅
  • 5b6d0585 #4108 — enable vision support for kimi-code provider (re-applied by #6809, 7f9271cb) ✅
  • ce6dd7ca #4688 — mask Groq API key + transcription keys in web UI (web config masking is already covered by current schema-derived secret masking; remaining Groq leak-detector pattern re-applied by #6812, 84413ff7) ✅
  • aabf2327 #4173 — preserve :cloud model tag for private remote Ollama servers (re-applied by #6863, 9c2522c4) ✅

Confirmed missing — candidates for recovery (0)

No currently verified-missing recovery candidate remains in this section after the latest recovery merges. Continue by auditing the unchecked small/medium/large/features/tests sections or by watching the open recovery PR below.

Open recovery PRs (1)

  • ecd68feb #3526 — detect Homebrew install, use correct config path (covered by ready PR #6896; not marked re-applied until merged) 🔲

Needs investigation (14 small fixes) — COMPLETED

All 14 items checked (2026-04-28): 11 moved to re-applied, 2 to confirmed missing, 1 to skipped.

Checked / superseded medium fixes (9)

  • 80a91856 #4148 — prevent panic on UTF-8 multi-byte boundary in slug truncation (behavior present in crates/zeroclaw-runtime/src/skills/creator.rs; original CJK regression test not present) ✅
  • e2022f9e #4436 — consolidate multiple messages into single response (superseded by current AgentContext/AgentChat tool-activity toggle; tool activity is hidden from the conversation by default) 🔀
  • f17c6dce (commit) — disable responses API fallback for custom OpenAI providers (superseded by the current provider split: custom: uses chat completions through OpenAiCompatibleProvider; /v1/responses is handled by OpenAiCodexProvider / wire_api = "responses" profiles, not a 404 fallback path) 🔀
  • c74824a3 #4334 — make shell timeout configurable via config.toml (covered by later #4468 / ea9eccfe8; current master exposes [shell_tool].timeout_secs, wires it through the tool registry, and applies it in ShellTool execution) ✅
  • 735a1336 #3518 — configurable Ollama context size (superseded by #6178 / e6cbb33d; current master exposes config-backed ollama_num_ctx, ollama_num_predict, and temperature override) 🔀
  • f78a6d32 #4349 — separate draft tool narration lines (covered by #4394 / 0d2b57ee; current master still appends a missing newline before native tool-call narration is sent to draft-capable channels, with runtime regression coverage) 🔀
  • 6aab1288 #4444 — add channel-lark to default features (covered by current workspace feature graph: root default enables agent-runtime, agent-runtime enables channel-lark, and channel-lark forwards to zeroclaw-channels/channel-lark; Docker builds do not use --no-default-features, so the same default applies there) 🔀
  • 41c0abbf (commit) — whitelist safe shell redirects (covered by #6236 / ad34fa3f; current policy allows safe /dev redirects and fd redirects while still blocking file redirects and /dev path-boundary bypasses, with focused redirect-policy tests) ✅
  • 88d77ce3 #4359 — prevent draft streaming hang after tool loop completion (covered by #4393 / b85a44595; #4359’s commit carries no file diff, and current orchestrator drops delta_tx before awaiting draft_updater so the draft update task can observe channel close and exit) 🔀

Not yet checked — small fixes (4)

  • 44eb057f #4696 — replay session history on WebSocket reconnect
  • 39891105 #4895 — fix: issue 4855
  • 9fda248c (commit) — preserve web chat history across page reloads
  • 933f7a25 #4858 — fix: sessions

Not yet checked — medium fixes (12)

  • 31737b16 #3271 — timestamp channel turns, use date-only prompts
  • f12c1761 #4533 — add streaming support to RouterProvider
  • 371c59d1 (commit) — unify path resolution for file tools (closes #3774)
  • b58d18d5 #4675 — fallback to non-streaming when stream errors
  • a68f2dd3 #4301 — close draft sender after tool loop
  • c96bd63e #4434 — verify download checksum against SHA256SUMS
  • 6469a262 #4149 — unify OpenAI-compatible native tool response parsing
  • 03d345b5 #4501 — skip responses fallback on transport errors
  • 6335a0d4 #4871 — download discord image/video attachments for agent processing
  • a51620b4 (commit) — expose autonomy constraints to the model
  • b69e5ff5 #4320 — improve file_read robustness for large/binary files
  • 3c592593 (commit) — bound conversation history with LRU sender cap

Not yet checked — large fixes (4)

  • dc05efa9 #4811 — reversible percent-encoding for session file keys
  • 87698ad1 #4825 — treat tool_use/tool_result as atomic groups in history pruning
  • 9528678e (commit) — trim oldest images instead of hard-failing when limit exceeded
  • 61c32424 (commit) — preserve existing channel config when re-configuring

Not yet checked — features (48)

  • b67be417 #4332 — thinking/reasoning level control per message
  • da0b083e #4322 — provider_env for injecting API keys from config
  • 6ab4d03b #4378 — Feishu/Lark cron delivery channel
  • 21e23bd2 #4371 — interrupt_on_new_message for WhatsApp
  • a54e9257 #4796 — 1Password secret resolution via op://
  • 51fd8ba5 #4315 — QQ audio attachment transcription
  • b7f3d0c9 #4680 — Matrix mention_only for group room filtering
  • 959057ab #4852 — wire session tools to composite backend
  • be5e3e9d #4422 — message chunker with per-platform char limits
  • d07f4208 #4254 — support forwarded messages in Telegram
  • ad48c1de #4114 — configurable global max_audio_bytes
  • 58353504 (commit) — persist per-chat model switch to routes.json
  • aa419d57 #4531 — path-validation fallback sandbox
  • 753d4fc6 #3637 — SecretStore integration in http_request tool
  • 49620636 #4427 — unified VoicePipeline facade for STT+TTS
  • 4022879b #4504 — room creation + user invite API in Channel trait
  • 798aa936 (commit) — harden sandbox with seccomp + fail-closed
  • d00d5c28 #4502 — observe_group flag + per-chat session keys
  • 2252c3bb #4530 — per-channel DM pairing manager
  • ac680041 #4421 — shared SsrfValidator with CIDR blocking
  • 64043d64 #4403 — parse media markers in WhatsApp Web send
  • e5e4d27f #3682 — native_tool_calls_only config
  • 99f0b528 #4325 — /thinking command for per-sender reasoning toggle
  • 002fe4c3 (commit) — upgrade claude-code provider to full agent mode
  • 96643394 #4850 — precheck reply intent before typing/draft
  • 2d73133d (commit) — feishu transport media
  • ffea087c (commit) — ToolCallCard component for tool call display
  • 58ad2092 #4507 — client relationship node types
  • 7f08d4b0 #4285 — detect missing loginctl linger + prompt
  • df129fea #4336 — detect missing loginctl enable-linger
  • 1ff39882 #4435 — detect enable-linger on install
  • 20238a26 (commit) — Rust version check for build failures
  • 4fe1f1fd #4865 — Matrix media attachments + outgoing media
  • 78833057 #4845 — Mattermost WebSocket-based listener
  • 5d8d9aa2 #4822 — LINE Messaging API channel
  • c373d6c9 #4815 — movie extension with Douban + TMDB
  • 961d13ad (commit) — rate-limit cooldown + model compatibility
  • 56c7d605 #4685 — Tavily web search provider
  • 4eb9cbe4 #4428 — mDNS local peer discovery
  • 3f229c85 #4527 — calendar-driven no-show detection
  • 2dba7fe0 #4493 — fire message_sent hook after delivery
  • 070a0c20 #4290 — adopt AGENTS.md as primary instruction format
  • f657bba4 #4221 — WeChat iLink channel (tracked in #5259)
  • 936a7212 (commit) — generic transport stall watchdog
  • dd147dd0 #3571 — zeroclaw config reload (hot-reload)
  • 3e02e68e (commit) — ZhipuJwt auth for Z.AI and GLM
  • 6a8ff4c4 (commit) — email attachment download + multipart MIME
  • 3f6e7c5c (commit) — WhatsApp Web mention_only for groups
  • f3d8aa1f (commit) — MQTT channel configuration schema
  • bde81df1 (commit) — memory namespace isolation for delegate agents
  • 9a3453e6 (commit) — per-sender rate limiting
  • ac355d40 #4897 — add GitHub Copilot to onboarding (→ moved to re-applied)

Not yet checked — tests, infra, CI (15)

  • f685de05 #4883 — serialize Bedrock env-var tests (parallel race)
  • 74a211a5 #3830 — pushover unit tests + docs
  • bedbbdcb (commit) — unify env-var test sync across providers
  • f0ffb2b5 (commit) — WhatsApp config regression test (no [cli])
  • 1a1a27e1 #4432 — WhatsApp config regression test (no [cli])
  • d781fb5b #4734 — wrap LocalWhisperConfig.bearer_token in Some(...)
  • 359c8006 — consolidate Dockerfiles from 4 to 2
  • a57145cc #3934 — Homebrew release source archive with dashboard
  • 20c589ee #4839 — deployment environments in release workflows
  • fbc654da (commit) — extract rate-limiting + path-guard wrappers
  • 93ea780a #4719 — aspect-oriented refactoring examples
  • 7a5d6837 (commit) — chat history persistence
  • d4773099 (commit) — web chat history with optimized scroll
  • 248e13eb #4258 — WhatsApp Web cron delivery channel
  • 65ae6cb7 #4548 — live channel registry for WhatsApp Web cron

Skipped (16)

Merge commits, dependency bumps, docs-only, chore commits, and items whose target files no longer exist — not worth recovering individually.

  • a50e2304 (commit) — update blob/main→blob/master link in movie extension docs (file extensions/movie/CONTRIBUTING_GUIDE.md no longer exists in tree) ⏭️

17b9d93c docs, 95344a44 refactor READMEs, 8dd4c4b1 remove .coderabbit.yaml, 884747b8 merge commit, 1de30948 dep bump distroless, 0813c771 dep bump libloading, d4045117 merge artifact, 773a72ec merge commit, 01da1b4d remove RedNote badge, 40805d30 merge commit, a18fb885 dep bump cpal, 50425247 merge collision fix, be747242 web merge collision fix, 92440b2a docs only, e91806c1 trivial lint

How to help

  1. Pick an unchecked item, verify whether the fix exists in the current crate structure
  2. If missing: open a recovery PR porting the fix to the new architecture
  3. Update the checkbox and note the PR number

Original commits can be viewed with git show <sha>. All were against the old monolithic src/ structure and need porting to crates/.

Attribution: Recovery PRs supersede the original author's merged work. Follow the superseded-PR attribution rules in docs/contributing/pr-discipline.md — include Co-authored-by trailers for the original author and list the original PR in the body.

Contributor guide

Tech stack
rust
Domain
releasetooling
Issue type
research
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
5
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
over 1 week
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
active
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
Understanding of git commit historyFamiliarity with zeroclaw codebaseAbility to read Rust code
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
15
Research direction
Review the list of 'Not yet checked' commits in the issue. Determine if each commit has been re applied by searching the codebase for the specific changes. For commits with linked PRs, verify if the PR has been re merged. Some PRs are missing due to a blocked account; for those, examine the commit diff directly. The goal is to update the issue's status tracking.