Skip to content

fix: preserve OpenClaw plugin allowlist on update#207

Merged
VickyXAI merged 2 commits into
BlockRunAI:mainfrom
0xCheetah1:fix/preserve-openclaw-plugin-allowlist
Jul 15, 2026
Merged

fix: preserve OpenClaw plugin allowlist on update#207
VickyXAI merged 2 commits into
BlockRunAI:mainfrom
0xCheetah1:fix/preserve-openclaw-plugin-allowlist

Conversation

@0xCheetah1

@0xCheetah1 0xCheetah1 commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Summary

  • preserve existing OpenClaw plugins when running the ClawRouter update/reinstall scripts
  • remove only ClawRouter entries from plugins.allow before re-adding ClawRouter after install
  • keep intentional lobster/crossmint conflict cleanup unchanged

Tests

  • bash -n scripts/update.sh && bash -n scripts/reinstall.sh
  • simulated plugins.allow cleanup preserves bare custom plugin IDs and npm-style plugin IDs
  • npm run format:check
  • npm run typecheck
  • npm run lint

Summary by CodeRabbit

  • Bug Fixes
    • Updated the reinstall and update processes so configuration cleanup removes only ClawRouter-related entries from the plugin allowlist.
    • Kept all other user-approved plugin entries unchanged during cleanup.
    • Adjusted the cleanup messaging to accurately describe what was removed.

@coderabbitai

coderabbitai Bot commented Jul 14, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 05d00aee-9f75-4eed-ab46-7e6e08d20a3d

📥 Commits

Reviewing files that changed from the base of the PR and between 5c63a9b and 0a244df.

📒 Files selected for processing (2)
  • scripts/reinstall.sh
  • scripts/update.sh
🚧 Files skipped from review as they are similar to previous changes (2)
  • scripts/reinstall.sh
  • scripts/update.sh

📝 Walkthrough

Walkthrough

The update and reinstall scripts now remove only ClawRouter-related entries from plugins.allow, preserving all other entries and reporting only those removals.

Changes

Plugin allow-list cleanup

Layer / File(s) Summary
ClawRouter-only filtering
scripts/reinstall.sh, scripts/update.sh
Cleanup logic preserves existing allow-list entries except ClawRouter-related IDs, with updated removal logging.

Estimated code review effort: 2 (Simple) | ~10 minutes

Possibly related PRs

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately reflects the main change: preserving the OpenClaw plugin allowlist during updates.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@scripts/reinstall.sh`:
- Line 217: Update the plugin filters in scripts/reinstall.sh (line 217) and
scripts/update.sh (line 230) to also exclude the capitalized 'ClawRouter'
identifier, alongside 'clawrouter' and '`@blockrun/clawrouter`'.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: e69d4196-3a67-4078-bcad-163941066ac5

📥 Commits

Reviewing files that changed from the base of the PR and between 36d26b3 and 5c63a9b.

📒 Files selected for processing (2)
  • scripts/reinstall.sh
  • scripts/update.sh

Comment thread scripts/reinstall.sh Outdated
@VickyXAI VickyXAI merged commit dffec7f into BlockRunAI:main Jul 15, 2026
4 checks passed
VickyXAI pushed a commit that referenced this pull request Jul 15, 2026
setup's OpenClaw detection was `command -v openclaw` and nothing else. npm runs
lifecycle scripts with a stripped PATH, so a working global install is invisible
there and setup exits telling the user to install what they already have.
Verified: under `env -i PATH=/usr/bin:/bin`, `command -v openclaw` finds nothing
while the binary is right there; the new fallback chain (npm_config_prefix,
npm root -g, ~/.npm-global/bin, ~/.local/bin, /usr/local/bin) finds it.

Added bare Gemini Pro shorthands: gemini-pro / gemini-3-pro / gemini-3.1-pro ->
google/gemini-3.1-pro. `gemini-3-pro` was never a real id (the 3-series Pro
shipped as -preview, then 3.1) but callers reach for it and got a 400. These are
bare alias keys, so they advertise as their own /v1/models rows while the
canonical google/gemini-3.1-pro catalog entry stays unshadowed -- a
slash-prefixed key would have shadowed it and misadvertised the pricing. Pinned
by a test. /v1/models 205 -> 208, no aliases lost.

Both cherry-picked from #206, which is now closed: its cache-sync landed in
v0.12.223, its allowlist fix as #207, its banner rename in v0.12.221, and its
root cause was fixed properly in v0.12.225.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants