PowerShell 7+ honors $ErrorActionPreference=Stop for native commands,
so git's normal progress line ("From https://...") on stderr during
`git pull --rebase` would turn into a terminating error and abort the
installer immediately after a fresh clone — before pnpm install/build
ever runs. The existing `2>$null` redirects the display but the error
record is still generated.
Wrap the git status / pull calls in try/catch so the pull stays
best-effort and the rest of the installer can proceed. Reproduced on
Windows 11 ARM under PowerShell 7.x with -InstallMethod git.
Fix bundled plugin metadata copying to follow the build-entry set, so build-excluded plugins like QQ Bot do not leave stale dist metadata advertising missing runtime files.
Verification:
- pnpm test src/plugins/copy-bundled-plugin-metadata.test.ts test/scripts/bundled-plugin-build-entries.test.ts
- git diff --check
- pnpm openclaw gateway status --deep
- CI run 25718250461
- CodeQL run 25718250402
- CodeQL Critical Quality run 25718250418
- Real behavior proof run 25718290985
Preserve canonical iMessage Full Disk Access probe failures through non-sensitive health snapshots and status output, promote imsg denial banners to the public remediation message, and add a narrow audit exception for the reviewed Mistral advisory false-positive.
Extend the existing Pi bundle-MCP Docker e2e harness so the live stdio MCP
probe also exercises `splitSdkTools` and asserts the configured server tool
reaches `customTools` for coding/messaging and is filtered out for minimal
and `tools.deny: ["bundle-mcp"]`. The harness already had real materialize
plus profile-filter coverage against a real stdio MCP child, but did not
assert the splitSdkTools().customTools boundary, which is the value the SDK
serializes to the outbound provider request body and the disputed boundary
on #76063.
Refs #76063.
Summary:
- Use Node's pathToFileURL for the base-config schema generator entrypoint guard so Windows backslash paths are recognized correctly.
- Keep the schema generation logic unchanged and preserve the current changelog attribution.
Verification:
- node --import tsx scripts/generate-base-config-schema.ts --check
- pnpm build
- pnpm check
- GitHub CI passed, including Real behavior proof, auto-response, ClawSweeper dispatch, and full repository checks.
Co-authored-by: Fusion future <23738961+easyteacher@users.noreply.github.com>
