npm - @axonflow/openclaw - Versions diffs - 2.0.4 → 2.0.5 - Mend

@axonflow/openclaw 2.0.4 → 2.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,24 @@
 # Changelog
+## [2.0.5] - 2026-05-02 — Publish as ClawPack + transitive security bump
+ClawHub's install page on prior versions surfaced a "Legacy ZIP — may have compatibility issues" badge because the publish flow uploaded a folder rather than the npm-pack tarball. The plugin already declared the `openclaw.compat.pluginApi` and `openclaw.build.openclawVersion` metadata that ClawPack requires, so the only change needed was the publish artifact format itself.
+### Changed
+- **Publish as ClawPack tarball.** The `publish-clawhub` job now runs `npm pack` and uploads the resulting `.tgz` to ClawHub's package registry. ClawPack downloads are verified against npm integrity/shasum **and** ClawHub SHA-256, giving stronger artifact provenance than the legacy ZIP path. No change to install command — `openclaw plugins install clawhub:@axonflow/openclaw` resolves the same way.
+### Security
+- **Bump transitive `@anthropic-ai/sdk` to `>=0.91.1`** via `package.json` `overrides` (closes a moderate-severity GHSA on insecure default file permissions in the local-filesystem memory tool). The SDK is a transitive dev-only dependency through the `openclaw` peerDep — not bundled in the published `dist/` — so plugin users were never exposed at runtime; this closes the lockfile alert and ensures CI runs against a patched copy.
+- **Add explicit `permissions: contents: read` to the `Heartbeat Real-Stack E2E` workflow** to match every other workflow in the repo and satisfy the CodeQL `missing-workflow-permissions` rule. Job already only needed read access for checkout.
+### Upgrade
+`openclaw plugins install @axonflow/openclaw@latest`. No code or configuration changes on your side.
+---
 ## [2.0.4] - 2026-05-01 — Restore `userEmail` configuration + reframe Community SaaS as exploration-only
 `openclaw.plugin.json` declared `configSchema.additionalProperties: false` but did not list `userEmail` in `properties`, even though the plugin's runtime config resolver (`src/config.ts`) reads `userEmail` from `pluginConfig` and forwards it as the `X-User-Email` header on every request. OpenClaw's plugin loader runs the published configSchema against the user's `pluginConfig`; when validation fails (because of the unknown property), the loader emits a single `[plugins] axonflow-governance invalid config: ...` log line and skips the plugin entirely — it never registers, no hooks fire, and tool calls execute completely ungoverned.

package/README.md CHANGED Viewed

@@ -29,9 +29,9 @@ OpenClaw handles agent runtime, MCP connectivity, channels, and tool execution.
 ## Where your data goes
-The plugin governs tool calls and outbound messages by sending each one to an AxonFlow endpoint for policy evaluation and audit. Pick the deployment mode that fits your workload:
+The plugin governs tool calls and outbound messages by sending each one to an AxonFlow endpoint for policy enforcement and audit. Pick the deployment mode that fits your workload:
-> **Privacy notice — read before installing.** AxonFlow [Community SaaS](https://docs.getaxonflow.com/docs/deployment/community-saas/) at `try.getaxonflow.com` is the zero-config endpoint the plugin uses if no other endpoint is configured. In that mode, governed tool inputs (tool name + arguments) and outbound message bodies are sent off-host to AxonFlow's shared evaluation endpoint for policy evaluation and audit. **Community SaaS is for early exploration only** — not for production workloads, regulated environments, real user data, personal data, or any other sensitive information. It is offered "as is" on a best-effort basis with no SLA, no warranties, and no commitment to retention, deletion, or incident-response timelines.
+> **Privacy notice — read before installing.** AxonFlow [Community SaaS](https://docs.getaxonflow.com/docs/deployment/community-saas/) at `try.getaxonflow.com` is the zero-config endpoint the plugin uses if no other endpoint is configured. In that mode, governed tool inputs (tool name + arguments) and outbound message bodies are checked by AxonFlow's policy enforcement endpoint. **Community SaaS is for early exploration only** — not for production workloads, regulated environments, real user data, personal data, or any other sensitive information. It is offered "as is" on a best-effort basis with no SLA, no warranties, and no commitment to retention, deletion, or incident-response timelines.
 >
 > For any serious use, choose one of the following instead:
 >
@@ -279,7 +279,7 @@ See [Configure](#configure) below for the full pluginConfig schema (`highRiskToo
 | Option | Required | Default | Description |
 |--------|----------|---------|-------------|
 | `endpoint` | No | `https://try.getaxonflow.com` (Community SaaS) when unset; `http://localhost:8080` when self-hosted with no endpoint specified | AxonFlow agent gateway URL |
-| `clientId` | No | `"community"` (self-hosted) or auto-bootstrapped `cs_<uuid>` (Community SaaS) | Tenant identity for data isolation. Override for evaluation/enterprise. |
+| `clientId` | No | `"community"` (self-hosted) or auto-bootstrapped `cs_<uuid>` (Community SaaS) | Tenant identity for data isolation. Override for Evaluation License or Enterprise tenants. |
 | `clientSecret` | No | `""` (self-hosted) or auto-bootstrapped (Community SaaS) | Basic-auth secret paired with `clientId`. Required for self-hosted Community Edition with an Evaluation License or AxonFlow Enterprise; auto-populated for Community SaaS; can be left unset for self-hosted Community Edition without a license. |
 | `userEmail` | No | — | Per-user identity forwarded on explain/override calls. Shared agents should set this from session context. |
 | `highRiskTools` | No | `[]` | Tools that require human approval even when policy allows |

package/dist/index.d.ts CHANGED Viewed

@@ -25,7 +25,7 @@
  * for async hook support.
  */
 /** Plugin version — update before each release. */
-export declare const VERSION = "2.0.4";
+export declare const VERSION = "2.0.5";
 export { AxonFlowClient } from "./axonflow-client.js";
 export type { AxonFlowPluginConfig } from "./config.js";
 export { resolveConfig, shouldGovernTool } from "./config.js";

package/dist/index.js CHANGED Viewed

@@ -35,7 +35,7 @@ import { bootstrapCommunitySaas } from "./community-saas-bootstrap.js";
 import { resetMetrics } from "./metrics.js";
 import { runPluginVersionCheck } from "./plugin-version-check.js";
 /** Plugin version — update before each release. */
-export const VERSION = "2.0.4";
+export const VERSION = "2.0.5";
 // Re-export for external consumers
 export { AxonFlowClient } from "./axonflow-client.js";
 export { resolveConfig, shouldGovernTool } from "./config.js";

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@axonflow/openclaw",
-  "version": "2.0.4",
+  "version": "2.0.5",
   "description": "Policy enforcement, approval gates, and audit trails for OpenClaw — govern tool inputs before execution, scan outbound messages for PII/secrets, and record agent activity for review and compliance",
   "type": "module",
   "main": "dist/index.js",
@@ -67,7 +67,8 @@
     "openclaw": ">=2026.4.15"
   },
   "overrides": {
-    "openclaw": ">=2026.4.15"
+    "openclaw": ">=2026.4.15",
+    "@anthropic-ai/sdk": ">=0.91.1"
   },
   "devDependencies": {
     "@types/jest": "^29.5.0",