fix(inference): route local compatible endpoints through gateway#6649
Conversation
Signed-off-by: San Dang <sdang@nvidia.com>
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (7)
✅ Files skipped from review due to trivial changes (1)
🚧 Files skipped from review as they are similar to previous changes (2)
📝 WalkthroughWalkthroughThe change adds gateway-aware routing for compatible loopback inference endpoints, updates provider onboarding and recovery, adds onboarding and E2E coverage, expands documentation assertions, and enforces Docker authentication handling for the inference-routing workflow. ChangesInference gateway routing
Estimated code review effort: 4 (Complex) | ~45 minutes Sequence Diagram(s)sequenceDiagram
participant HostEndpoint
participant NemoClawOnboarding
participant OpenShellGateway
participant Sandbox
HostEndpoint->>NemoClawOnboarding: provide loopback compatible endpoint
NemoClawOnboarding->>NemoClawOnboarding: rewrite eligible URL to host.openshell.internal
NemoClawOnboarding->>OpenShellGateway: register or reuse provider with gateway URL
Sandbox->>OpenShellGateway: send inference request through inference.local
OpenShellGateway->>HostEndpoint: proxy request to host.openshell.internal
HostEndpoint-->>OpenShellGateway: return model response
OpenShellGateway-->>Sandbox: return inference response
Suggested labels: Suggested reviewers: 🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
Code Coverage OverviewLanguages: TypeScript TypeScript / code-coverage/pluginThe overall coverage remains at 96%, unchanged from the branch. TypeScript / code-coverage/cliThe overall coverage in the branch is 77%. The coverage in the branch is 78%. Show a code coverage summary of the most impacted files.
Updated |
|
🌿 Preview your docs: https://nvidia-preview-pr-6649.docs.buildwithfern.com/nemoclaw |
E2E Advisor RecommendationRequired E2E: Dispatch hint: Full advisor summaryE2E Recommendation AdvisorBase: Required E2E
Optional E2E
New E2E recommendations
Dispatch hint
|
E2E Target RecommendationRequired E2E targets: Dispatch required E2E targets:
Full E2E target advisor summaryE2E Target AdvisorBase: Required E2E targets
Optional E2E targets
Relevant changed files
|
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/lib/onboard/inference-providers/remote.ts`:
- Around line 53-56: Update the loopback endpoint rewriting logic to preserve
query strings and fragments. In the URL reconstruction after assigning
parsed.hostname and normalizing parsed.pathname, include parsed.search and
parsed.hash in both the root-path and non-root return values so parameters and
fragments are retained.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: e04c2002-9807-4a51-a12a-56139f42bfb3
📒 Files selected for processing (4)
docs/inference/local-compatible-inference-setup.mdxsrc/lib/onboard/inference-providers/remote.tstest/inference-options-docs.test.tstest/onboard-inference-gateway-scope.test.ts
PR Review Advisor — No blocking findingsMerge posture: No blocking advisor findings Action checklist
Test follow-ups to resolve or justifyIf these cover changed behavior, prefer adding them in this PR; otherwise state why existing coverage is enough or link the follow-up.
This is an automated, non-binding review; it still expects maintainers and agents to respond to each required or warning item. Treat suggestions as current-PR improvements when they touch changed code; defer only with maintainer rationale or a linked follow-up. A human maintainer must make the final merge decision. |
Signed-off-by: San Dang <sdang@nvidia.com>
E2E Target Results — ✅ All selected jobs passedRun: 29112366528
|
PR Review Advisor (Nemotron Ultra) — Changes requestedMerge posture: Do not merge yet Action checklist
Findings index
🚨 Required before mergeAddress these before merging unless a maintainer explicitly overrides the advisor with rationale.
|
cjagwani
left a comment
There was a problem hiding this comment.
Blocking findings on exact head a5e56373aa3662c46a91d5c74f582c75c2434e3a:
-
The rewrite accepts a missing/default port. For HTTP URLs,
URL.portis empty both when the port is omitted and when:80is explicit, so the currentport=nullbranch rewrites both tohost.openshell.internal:80. Existing authoritative containment permits only HTTP + exact loopback host + an explicit numeric port>=1024. Please require that explicit unprivileged port and add negative regressions forhttp://localhost/v1andhttp://localhost:80/v1plus adjacent no-rewrite shapes. Remove the docs claim that the default HTTP port is supported. -
The rewrite accepts arbitrary ports
>=1024, but the bundledlocal-inferencepolicy permits only11434,11435, and8000. A URL such as port 9000 can be rewritten with--no-verifyand then fail inside the sandbox. Restrict the rewrite to policy-supported ports, inspect the active policy, or fail/warn with clear policy configuration guidance before provider registration. -
Add recovery-path coverage proving an existing provider is updated to the bridge alias without replacing/exporting its credential, followed by
inference set --no-verify. Current coverage exercises only fresh creation. -
Extract the pure URL transform from
remote.ts; the file grows from 372 to 419 lines and the focused transform is directly testable. Both exact-head advisors flag this growth, and Nemotron marks it required.
The old five-target live run used ancestor ab676171, not this exact head, and its compatible-endpoint case was skipped. After fixing and syncing current main, run exact-head inference-routing, network-policy, onboard-repair, onboard-resume, and cloud-onboard, including a real supported-port localhost service that is registered as host.openshell.internal and reached through sandbox inference.local. Re-run both advisors and obtain human approval afterward.
The advisor’s general topology concern cites unsupported OpenShell 0.0.44 behavior; current 0.0.72 A/B evidence supports the bridge hypothesis. Exact-head implementation proof is still required before that warning can be explicitly dispositioned.
Signed-off-by: Carlos Villela <cvillela@nvidia.com>
Signed-off-by: Carlos Villela <cvillela@nvidia.com>
E2E Target Results — ❌ Some jobs failedRun: 29129222547
|
E2E Target Results — ✅ All requested jobs passedRun: 29129492764
|
|
@cjagwani, the requested follow-ups are ready for re-review on Implemented:
Verification:
Automated-advisor dispositions:
GPT reports no blocking findings. Nemotron's remaining topology item is dispositioned above using the supported-version boundary, existing gateway probe, and the requested live implementation proof. Please re-review when convenient. |
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
E2E Target Results — ✅ All requested jobs passedRun: 29130555308
|
|
Maintainer disposition on exact head
The exact-head standard CI suite is green, CodeRabbit has no unresolved major/critical finding, all six commits are GitHub Verified, and DCO passes. No code change is warranted for these warning-level findings; they are either already implemented and tested or based on an incomplete reading of the live job/probe path. |
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
|
Follow-up disposition for the remaining Nemotron warnings on exact head
The second main sync was mechanical only: it combined this PR’s inference-routing mock-parity entry with #6663’s separate full-E2E entry. |
E2E Target Results — ✅ All requested jobs passedRun: 29131552351
|
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
E2E Target Results — ✅ All requested jobs passedRun: 29132091441
|
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
E2E Target Results — ✅ All requested jobs passedRun: 29132484397
|
|
Maintainer disposition on exact head
The seven “required” entries reduce to two documented residual constraints plus duplicate/incorrect restatements; I judge them non-blocking for this PR. The Nemotron job produced a partial review after timing out at turn 10/13. The canonical primary advisor completed on this exact head with Verification: all five required live targets passed in run 29132484397; standard CI and aggregates passed after rerunning one unrelated |
cjagwani
left a comment
There was a problem hiding this comment.
Approved at exact head 71bca2a11fffbab269c365081591fa57313eef17.
The canonical primary advisor is merge_as_is; DCO and all nine commit signatures are clean; CodeRabbit has no unresolved major/critical finding; standard CI and aggregates pass; and exact-head live run 29132484397 passes cloud-onboard, inference-routing, network-policy, onboard-repair, and onboard-resume. TC-INF-09 exercises the reported public nemoclaw <sandbox> exec -- dcode -n ... path and verifies authenticated traffic reaches host.openshell.internal:8000.
I manually triaged the incomplete secondary Nemotron findings and explicitly judged them non-blocking here: #6649 (comment)
Disclosure: I authored the mechanical main-sync and maintainer follow-up docs/test commits on this branch; contributor/approver overlap is advisory under current maintainer policy.
Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
|
@coderabbitai review |
✅ Action performedReview finished.
|
E2E Target Results — ✅ All requested jobs passedRun: 29135327499
|
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docs/inference/set-up-openai-compatible-endpoint.mdx`:
- Around line 14-17: Rewrite the referenced documentation passages in
second-person, active, present-tense voice, replacing third-person subjects such
as “The agent,” “OpenShell,” and “NemoClaw” with direct instructions or “you”
statements while preserving the technical meaning. Review all mentioned
sections, including the endpoint connection, validation, and setup guidance.
In `@docs/security/openclaw-2026.6.10-dependency-review.md`:
- Around line 194-207: Rewrite the recovery section in direct second-person
voice, replacing third-person subjects such as “NemoClaw,” “OpenShell,” and
“Recovery” with imperative guidance using “you.” Preserve all security
constraints and technical details, including credential handling, provider
updates, endpoint validation, route provenance, and cleanup behavior.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 0e8d1588-1153-479b-862a-98c92ea47c72
📒 Files selected for processing (7)
docs/inference/how-inference-routing-works.mdxdocs/inference/set-up-openai-compatible-endpoint.mdxdocs/security/openclaw-2026.6.10-dependency-review.mdtest/e2e/lib/fake-openai-compatible-api.mtstest/e2e/live/inference-routing.test.tstest/e2e/mock-parity.jsontest/inference-options-docs.test.ts
✅ Files skipped from review due to trivial changes (1)
- docs/inference/how-inference-routing-works.mdx
🚧 Files skipped from review as they are similar to previous changes (2)
- test/e2e/mock-parity.json
- test/e2e/live/inference-routing.test.ts
There was a problem hiding this comment.
Caution
Inline review comments failed to post. This is likely due to GitHub's internal server error or limits when posting large numbers of comments. If you are seeing this consistently it is likely a permissions issue. Please check "Moderation" -> "Code review limits" under your organization settings.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docs/inference/set-up-openai-compatible-endpoint.mdx`:
- Around line 14-17: Rewrite the referenced documentation passages in
second-person, active, present-tense voice, replacing third-person subjects such
as “The agent,” “OpenShell,” and “NemoClaw” with direct instructions or “you”
statements while preserving the technical meaning. Review all mentioned
sections, including the endpoint connection, validation, and setup guidance.
In `@docs/security/openclaw-2026.6.10-dependency-review.md`:
- Around line 194-207: Rewrite the recovery section in direct second-person
voice, replacing third-person subjects such as “NemoClaw,” “OpenShell,” and
“Recovery” with imperative guidance using “you.” Preserve all security
constraints and technical details, including credential handling, provider
updates, endpoint validation, route provenance, and cleanup behavior.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 0e8d1588-1153-479b-862a-98c92ea47c72
📒 Files selected for processing (7)
docs/inference/how-inference-routing-works.mdxdocs/inference/set-up-openai-compatible-endpoint.mdxdocs/security/openclaw-2026.6.10-dependency-review.mdtest/e2e/lib/fake-openai-compatible-api.mtstest/e2e/live/inference-routing.test.tstest/e2e/mock-parity.jsontest/inference-options-docs.test.ts
✅ Files skipped from review due to trivial changes (1)
- docs/inference/how-inference-routing-works.mdx
🚧 Files skipped from review as they are similar to previous changes (2)
- test/e2e/mock-parity.json
- test/e2e/live/inference-routing.test.ts
🛑 Comments failed to post (2)
docs/inference/set-up-openai-compatible-endpoint.mdx (1)
14-17: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win
Use second-person voice throughout the new documentation.
The
docs/**/*.{md,mdx}guideline requires active voice, second person, and present tense. Several passages use third-person narration such as “The agent connects,” “OpenShell forwards,” and “NemoClaw validates.” Rewrite these as direct instructions or second-person statements while preserving the technical meaning.Suggested wording
-The agent connects to `inference.local` inside the sandbox. -OpenShell forwards that traffic to the endpoint configured during onboarding. +Your agent connects to `inference.local` inside the sandbox. +You route that traffic through OpenShell to the endpoint you configure during onboarding.Also applies to: 51-56, 62-63, 69-70, 85-89, 93-99, 129-131
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@docs/inference/set-up-openai-compatible-endpoint.mdx` around lines 14 - 17, Rewrite the referenced documentation passages in second-person, active, present-tense voice, replacing third-person subjects such as “The agent,” “OpenShell,” and “NemoClaw” with direct instructions or “you” statements while preserving the technical meaning. Review all mentioned sections, including the endpoint connection, validation, and setup guidance.Source: Coding guidelines
docs/security/openclaw-2026.6.10-dependency-review.md (1)
194-207: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win
Rewrite the recovery section in second-person voice.
The
docs/**/*.{md,mdx}guideline requires direct second-person documentation. The new text repeatedly uses third-person narration (NemoClaw does...,OpenShell deliberately reports...,Recovery does...). Rewrite it as direct guidance such as “Do not read or replace...” and “Keep the recovery path...”.Also applies to: 208-211
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@docs/security/openclaw-2026.6.10-dependency-review.md` around lines 194 - 207, Rewrite the recovery section in direct second-person voice, replacing third-person subjects such as “NemoClaw,” “OpenShell,” and “Recovery” with imperative guidance using “you.” Preserve all security constraints and technical details, including credential handling, provider updates, endpoint validation, route provenance, and cleanup behavior.Source: Coding guidelines
|
Maintainer disposition on exact head
I explicitly judge the secondary advisor's required/warning items non-blocking on this head. All required checks are green, all ten commits are GitHub Verified, DCO passes, the PR is mechanically mergeable, and no code change is warranted from the exact-head automated feedback. |
cjagwani
left a comment
There was a problem hiding this comment.
Approved at exact head 619e0a869642dbd40fff00653f89e1fc1d162d6a.
All five required checks and the complete check rollup are green; DCO passes and all ten commits are GitHub Verified. Exact-head live run 29135327499 passes cloud-onboard, inference-routing, network-policy, onboard-repair, and onboard-resume, including TC-INF-09's host-validation, sandbox inference.local, and literal dcode -n route through host.openshell.internal:8000.
The canonical primary advisor is exact-head merge_as_is with no required/warning/suggestion findings. I independently triaged every inconsistent secondary-advisor item and CodeRabbit's two minor documentation-style suggestions here: #6649 (comment). None identifies an unaddressed correctness, security, acceptance, or test-depth blocker. CodeRabbit has no unresolved major/critical finding, and all review threads are resolved.
Disclosure: I authored the mechanical main-sync and follow-up docs/test resolution on this branch; contributor/approver overlap is advisory under current maintainer policy.
<!-- markdownlint-disable MD041 --> ## Summary Release-prep documentation for v0.0.81 now summarizes user-facing changes merged since v0.0.80. It also closes the Hermes dashboard-profile backup gap and distinguishes direct blueprint-runner actions from public host CLI commands. ## Changes - Add the `v0.0.81` section to `docs/about/release-notes.mdx` with links to the detailed user guides. - Document that Hermes rebuilds preserve `.hermes/dashboard-home/`, including Dashboard `MEMORY.md` and `USER.md`. - Update Hermes manual backup and restore examples to transfer those two profile files without copying generated configuration or the secret-bearing dashboard `.env`. - Explain the new per-item backup failure causes. - Clarify that migration snapshot retention fragments are direct-runner arguments and are not exposed by the host `nemoclaw` CLI. ### Source summary - #6445 -> `docs/about/release-notes.mdx`, `docs/manage-sandboxes/backup-restore.mdx`, and `docs/manage-sandboxes/workspace-files.mdx`: Summarize manifest-owned key-level restore and current-config authority. - #6617 -> `docs/about/release-notes.mdx` and `docs/manage-sandboxes/backup-restore.mdx`: Record the fail-closed `/proc` fallback used to verify an idle Deep Agents runtime before snapshot creation. - #6685 -> `docs/about/release-notes.mdx`, `docs/manage-sandboxes/backup-restore.mdx`, and `docs/manage-sandboxes/workspace-files.mdx`: Document Hermes Web Dashboard profile persistence and safe manual transfer. - #6649 -> `docs/about/release-notes.mdx`: Summarize host-validated loopback compatible-endpoint routing through the sandbox gateway. - #6643 -> `docs/about/release-notes.mdx`: Summarize automatic `max_completion_tokens` handling for GPT-5 and o-series models. - #6661 -> `docs/about/release-notes.mdx`: Summarize bounded connection reuse for eligible provider-validation probes. - #6704 -> `docs/about/release-notes.mdx`: Record that direct blueprint apply stops instead of persisting incomplete state after provider or inference setup fails. - #6677 -> `docs/about/release-notes.mdx`: Summarize transactional recovery for legacy Docker containers whose managed supervisor disappeared after restart. - #6625 -> `docs/about/release-notes.mdx`: Record Hermes managed-startup persistence across direct Docker restarts. - #6597 -> `docs/about/release-notes.mdx`: Record final-sandbox gateway cleanup on macOS. - #6680 -> `docs/about/release-notes.mdx`: Summarize managed Deep Agents first-run and process-tree cleanup improvements. - #6647 -> `docs/about/release-notes.mdx`: Record fail-closed validation for the managed Deep Agents fetch CA bundle. - #6645 -> `docs/about/release-notes.mdx`: Summarize WhatsApp loopback pairing and trusted npm plugin provenance. - #6673 -> `docs/about/release-notes.mdx` and `docs/manage-sandboxes/backup-restore.mdx`: Document stopped-sandbox backup remediation. - #6631 -> `docs/about/release-notes.mdx` and `docs/manage-sandboxes/backup-restore.mdx`: Document per-item backup failure causes. - #6620 -> `docs/about/release-notes.mdx`: Record the created-but-not-ready sandbox lifecycle receipt. - #6664 -> `docs/about/release-notes.mdx`: Record prompt-aware onboarding progress output. - #6598 -> `docs/about/release-notes.mdx`: Summarize stale replay-result invalidation during resumed onboarding. - #6593 -> `docs/about/release-notes.mdx`: Summarize contextual OpenClaw audit findings for managed dashboard compatibility settings. - #6650 -> `docs/about/release-notes.mdx`: Record redaction of token-shaped URL query values. - #6638 -> `docs/about/release-notes.mdx`: Record the exact-path MCP `DELETE` policy recipe for session termination. - #5453 -> `docs/reference/host-files-and-state.mdx`: Clarify that snapshot retention actions belong to direct runner integrations and are not standalone host CLI commands. ### Skipped from docs-skip - #6633 matched the `openclaw-sandbox-permissive.yaml` path in `docs/.docs-skip` and produced no documentation in this update. ## Type of Change - [ ] Code change (feature, bug fix, or refactor) - [ ] Code change with doc updates - [ ] Doc only (prose changes, no code sample modifications) - [x] Doc only (includes code sample changes) ## Quality Gates - [ ] Tests added or updated for changed behavior - [ ] Existing tests cover changed behavior — justification: - [x] Tests not applicable — justification: This is a documentation-only release-prep update; behavior is protected by the merged source PRs, and the documentation build validates the changed examples and routes. - [x] Docs updated for user-facing behavior changes - [ ] Docs not applicable — justification: - [ ] Sensitive paths changed (security, policy, credentials, preflight, onboarding, inference, runner, sandbox, or messaging) - [ ] Sensitive-path review completed or maintainer-approved waiver recorded — reviewer/approval link/justification: - [ ] Non-success, skipped, or missing CI check accepted by maintainer — check name, approval link, and follow-up issue: ## Verification - [x] PR description includes the DCO sign-off declaration and every commit appears as `Verified` in GitHub - [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or `npm run check:diff` passed when hooks were skipped or unavailable - [x] Targeted behavior tests pass for the current change set, or tests are marked not applicable above — tests are not applicable for this documentation-only change; `npm run docs` completed successfully. - [ ] Applicable broad gate passed — `npm test` for broad runtime/test-harness changes; `npm run check` for repo-wide validation/coverage changes — command/result: not run for this documentation-only change. - [x] Quality Gates section completed with required justifications or waivers - [x] No secrets, API keys, or credentials committed - [ ] `npm run docs` builds without warnings (doc changes only) — 0 errors; two existing Fern warnings remain. - [x] Doc pages follow the [style guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md) (doc changes only) - [ ] New doc pages include SPDX header and frontmatter (new pages only) — no new pages. --- Signed-off-by: Carlos Villela <cvillela@nvidia.com> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Documentation** - Added release notes for v0.0.81 covering state preservation, inference setup, sandbox recovery, session setup, pairing, diagnostics, and security policy updates. - Expanded backup and restore guidance to include dashboard profile files and clarify files that must not be copied. - Added dashboard profile persistence details to workspace and rebuild documentation. - Clarified snapshot retention guidance and the distinction between host CLI capabilities and direct runner actions. - Added more detailed backup failure reporting information. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Signed-off-by: Carlos Villela <cvillela@nvidia.com>
…DIA#6649) <!-- markdownlint-disable MD041 --> ## Summary Replaces PR NVIDIA#6331 with a clean, GitHub-verified branch for the local compatible-endpoint gateway fix. The change keeps host-side validation on the user-entered loopback URL, registers eligible sandbox routes through `host.openshell.internal`, and documents the exposure risk of `0.0.0.0` binds. ## Related Issue Fixes NVIDIA#5744. Replaces NVIDIA#6331. ## Changes - Rewrite only `compatible-endpoint` HTTP URLs with exact loopback hosts and explicit bundled policy ports (`11434`, `11435`, or `8000`) when registering the OpenShell provider route. - Keep host validation on the user-entered URL; on credential reuse, update an existing provider to the gateway alias without exporting or replacing its credential, then configure inference with `--no-verify`. - Extract the focused transformation and recovery logic from `remote.ts`, and document the exact supported URL shapes, bundled ports, bridge reachability, and `0.0.0.0` exposure mitigations. - Add unit, recovery-integration, docs, fast E2E-support, and hermetic live inference-routing coverage for the gateway registration contract. ## Type of Change - [ ] Code change (feature, bug fix, or refactor) - [x] Code change with doc updates - [ ] Doc only (prose changes, no code sample modifications) - [ ] Doc only (includes code sample changes) ## Quality Gates <!-- Check exactly one tests line and one docs line. Check other lines when applicable. Add every requested justification or approval reference. --> - [x] Tests added or updated for changed behavior - [ ] Existing tests cover changed behavior — justification: - [ ] Tests not applicable — justification: - [x] Docs updated for user-facing behavior changes - [ ] Docs not applicable — justification: - [x] Sensitive paths changed (security, policy, credentials, preflight, onboarding, inference, runner, sandbox, or messaging) - [x] Sensitive-path review completed or maintainer-approved waiver recorded — reviewer/approval link/justification: This is the clean-history replacement for NVIDIA#6331 after the maintainer sweep at NVIDIA#6331 (review). The replacement preserves the reviewed gateway-routing change and adds the requested adjacent `0.0.0.0` exposure warning instead of accepting the risk silently. - [ ] Non-success, skipped, or missing CI check accepted by maintainer — check name, approval link, and follow-up issue: ## Verification <!-- Check each applicable item only when supported by the requested evidence. Run targeted tests once per relevant change set and rerun after later edits or hook autofixes that can affect the tested behavior. Do not rerun hook-covered checks. --> - [x] PR description includes the DCO sign-off declaration and every commit appears as `Verified` in GitHub - [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or `npm run check:diff` passed when hooks were skipped or unavailable - [x] Targeted behavior tests pass for the current change set, or tests are marked not applicable above — command/result or justification: focused CLI, integration, docs, E2E-support, mock-parity, project-membership, title, size, and build checks passed; `npm run docs` reported 0 errors and 2 existing warnings; live run [29129492764](https://github.com/NVIDIA/NemoClaw/actions/runs/29129492764) passed `inference-routing`, `network-policy`, `onboard-repair`, `onboard-resume`, and `cloud-onboard`. - [x] Applicable broad gate passed — `npm test` for broad runtime/test-harness changes; `npm run check` for repo-wide validation/coverage changes — command/result: `env -u SSH_CONNECTION -u SSH_CLIENT -u SSH_TTY npm test` passed 1,383 test files and 15,864 tests (39 skipped, 1 todo). - [x] Quality Gates section completed with required justifications or waivers - [x] No secrets, API keys, or credentials committed - [ ] `npm run docs` builds without warnings (doc changes only) - [x] Doc pages follow the [style guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md) (doc changes only) - [ ] New doc pages include SPDX header and frontmatter (new pages only) --- <!-- DCO sign-off is required in this PR description, and every commit must appear as Verified in GitHub. Run: git config user.name && git config user.email --> Signed-off-by: San Dang <sdang@nvidia.com> Signed-off-by: Carlos Villela <cvillela@nvidia.com> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Compatible inference endpoints using supported loopback addresses and ports can now be automatically routed through the sandbox gateway. - Rebuilds can restore compatible endpoint routing without requiring stored host credentials. - Endpoint paths, query strings, and fragments are preserved during automatic routing. - **Documentation** - Expanded guidance explains supported endpoints, routing behavior, validation limits, and runtime status checks. - Clarified credential handling during gateway recovery. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Signed-off-by: San Dang <sdang@nvidia.com> Signed-off-by: Carlos Villela <cvillela@nvidia.com> Signed-off-by: Charan Jagwani <cjagwani@nvidia.com> Co-authored-by: Carlos Villela <cvillela@nvidia.com> Co-authored-by: Charan Jagwani <cjagwani@nvidia.com>
<!-- markdownlint-disable MD041 --> ## Summary Release-prep documentation for v0.0.81 now summarizes user-facing changes merged since v0.0.80. It also closes the Hermes dashboard-profile backup gap and distinguishes direct blueprint-runner actions from public host CLI commands. ## Changes - Add the `v0.0.81` section to `docs/about/release-notes.mdx` with links to the detailed user guides. - Document that Hermes rebuilds preserve `.hermes/dashboard-home/`, including Dashboard `MEMORY.md` and `USER.md`. - Update Hermes manual backup and restore examples to transfer those two profile files without copying generated configuration or the secret-bearing dashboard `.env`. - Explain the new per-item backup failure causes. - Clarify that migration snapshot retention fragments are direct-runner arguments and are not exposed by the host `nemoclaw` CLI. ### Source summary - NVIDIA#6445 -> `docs/about/release-notes.mdx`, `docs/manage-sandboxes/backup-restore.mdx`, and `docs/manage-sandboxes/workspace-files.mdx`: Summarize manifest-owned key-level restore and current-config authority. - NVIDIA#6617 -> `docs/about/release-notes.mdx` and `docs/manage-sandboxes/backup-restore.mdx`: Record the fail-closed `/proc` fallback used to verify an idle Deep Agents runtime before snapshot creation. - NVIDIA#6685 -> `docs/about/release-notes.mdx`, `docs/manage-sandboxes/backup-restore.mdx`, and `docs/manage-sandboxes/workspace-files.mdx`: Document Hermes Web Dashboard profile persistence and safe manual transfer. - NVIDIA#6649 -> `docs/about/release-notes.mdx`: Summarize host-validated loopback compatible-endpoint routing through the sandbox gateway. - NVIDIA#6643 -> `docs/about/release-notes.mdx`: Summarize automatic `max_completion_tokens` handling for GPT-5 and o-series models. - NVIDIA#6661 -> `docs/about/release-notes.mdx`: Summarize bounded connection reuse for eligible provider-validation probes. - NVIDIA#6704 -> `docs/about/release-notes.mdx`: Record that direct blueprint apply stops instead of persisting incomplete state after provider or inference setup fails. - NVIDIA#6677 -> `docs/about/release-notes.mdx`: Summarize transactional recovery for legacy Docker containers whose managed supervisor disappeared after restart. - NVIDIA#6625 -> `docs/about/release-notes.mdx`: Record Hermes managed-startup persistence across direct Docker restarts. - NVIDIA#6597 -> `docs/about/release-notes.mdx`: Record final-sandbox gateway cleanup on macOS. - NVIDIA#6680 -> `docs/about/release-notes.mdx`: Summarize managed Deep Agents first-run and process-tree cleanup improvements. - NVIDIA#6647 -> `docs/about/release-notes.mdx`: Record fail-closed validation for the managed Deep Agents fetch CA bundle. - NVIDIA#6645 -> `docs/about/release-notes.mdx`: Summarize WhatsApp loopback pairing and trusted npm plugin provenance. - NVIDIA#6673 -> `docs/about/release-notes.mdx` and `docs/manage-sandboxes/backup-restore.mdx`: Document stopped-sandbox backup remediation. - NVIDIA#6631 -> `docs/about/release-notes.mdx` and `docs/manage-sandboxes/backup-restore.mdx`: Document per-item backup failure causes. - NVIDIA#6620 -> `docs/about/release-notes.mdx`: Record the created-but-not-ready sandbox lifecycle receipt. - NVIDIA#6664 -> `docs/about/release-notes.mdx`: Record prompt-aware onboarding progress output. - NVIDIA#6598 -> `docs/about/release-notes.mdx`: Summarize stale replay-result invalidation during resumed onboarding. - NVIDIA#6593 -> `docs/about/release-notes.mdx`: Summarize contextual OpenClaw audit findings for managed dashboard compatibility settings. - NVIDIA#6650 -> `docs/about/release-notes.mdx`: Record redaction of token-shaped URL query values. - NVIDIA#6638 -> `docs/about/release-notes.mdx`: Record the exact-path MCP `DELETE` policy recipe for session termination. - NVIDIA#5453 -> `docs/reference/host-files-and-state.mdx`: Clarify that snapshot retention actions belong to direct runner integrations and are not standalone host CLI commands. ### Skipped from docs-skip - NVIDIA#6633 matched the `openclaw-sandbox-permissive.yaml` path in `docs/.docs-skip` and produced no documentation in this update. ## Type of Change - [ ] Code change (feature, bug fix, or refactor) - [ ] Code change with doc updates - [ ] Doc only (prose changes, no code sample modifications) - [x] Doc only (includes code sample changes) ## Quality Gates - [ ] Tests added or updated for changed behavior - [ ] Existing tests cover changed behavior — justification: - [x] Tests not applicable — justification: This is a documentation-only release-prep update; behavior is protected by the merged source PRs, and the documentation build validates the changed examples and routes. - [x] Docs updated for user-facing behavior changes - [ ] Docs not applicable — justification: - [ ] Sensitive paths changed (security, policy, credentials, preflight, onboarding, inference, runner, sandbox, or messaging) - [ ] Sensitive-path review completed or maintainer-approved waiver recorded — reviewer/approval link/justification: - [ ] Non-success, skipped, or missing CI check accepted by maintainer — check name, approval link, and follow-up issue: ## Verification - [x] PR description includes the DCO sign-off declaration and every commit appears as `Verified` in GitHub - [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or `npm run check:diff` passed when hooks were skipped or unavailable - [x] Targeted behavior tests pass for the current change set, or tests are marked not applicable above — tests are not applicable for this documentation-only change; `npm run docs` completed successfully. - [ ] Applicable broad gate passed — `npm test` for broad runtime/test-harness changes; `npm run check` for repo-wide validation/coverage changes — command/result: not run for this documentation-only change. - [x] Quality Gates section completed with required justifications or waivers - [x] No secrets, API keys, or credentials committed - [ ] `npm run docs` builds without warnings (doc changes only) — 0 errors; two existing Fern warnings remain. - [x] Doc pages follow the [style guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md) (doc changes only) - [ ] New doc pages include SPDX header and frontmatter (new pages only) — no new pages. --- Signed-off-by: Carlos Villela <cvillela@nvidia.com> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Documentation** - Added release notes for v0.0.81 covering state preservation, inference setup, sandbox recovery, session setup, pairing, diagnostics, and security policy updates. - Expanded backup and restore guidance to include dashboard profile files and clarify files that must not be copied. - Added dashboard profile persistence details to workspace and rebuild documentation. - Clarified snapshot retention guidance and the distinction between host CLI capabilities and direct runner actions. - Added more detailed backup failure reporting information. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Signed-off-by: Carlos Villela <cvillela@nvidia.com>
Summary
Replaces PR #6331 with a clean, GitHub-verified branch for the local compatible-endpoint gateway fix.
The change keeps host-side validation on the user-entered loopback URL, registers eligible sandbox routes through
host.openshell.internal, and documents the exposure risk of0.0.0.0binds.Related Issue
Fixes #5744.
Replaces #6331.
Changes
compatible-endpointHTTP URLs with exact loopback hosts and explicit bundled policy ports (11434,11435, or8000) when registering the OpenShell provider route.--no-verify.remote.ts, and document the exact supported URL shapes, bundled ports, bridge reachability, and0.0.0.0exposure mitigations.Type of Change
Quality Gates
0.0.0.0exposure warning instead of accepting the risk silently.Verification
Verifiedin GitHubpre-commit,commit-msg, andpre-pushhooks passed, ornpm run check:diffpassed when hooks were skipped or unavailablenpm run docsreported 0 errors and 2 existing warnings; live run 29129492764 passedinference-routing,network-policy,onboard-repair,onboard-resume, andcloud-onboard.npm testfor broad runtime/test-harness changes;npm run checkfor repo-wide validation/coverage changes — command/result:env -u SSH_CONNECTION -u SSH_CLIENT -u SSH_TTY npm testpassed 1,383 test files and 15,864 tests (39 skipped, 1 todo).npm run docsbuilds without warnings (doc changes only)Signed-off-by: San Dang sdang@nvidia.com
Signed-off-by: Carlos Villela cvillela@nvidia.com
Summary by CodeRabbit
New Features
Documentation