@swarmclawai/swarmclaw 1.4.0 → 1.4.2

package/src/lib/app/report-client-error.ts

@@ -0,0 +1,52 @@
+'use client'
+
+type ReportClientErrorInput = {
+  source: string
+  error: Error | string | unknown
+  componentStack?: string | null
+  digest?: string | null
+}
+
+const reportedClientErrors = new Set<string>()
+
+function truncate(value: string | null | undefined, max: number): string | undefined {
+  if (!value) return undefined
+  return value.length > max ? value.slice(0, max) : value
+}
+
+export function reportClientError(input: ReportClientErrorInput) {
+  if (typeof window === 'undefined') return
+
+  const message = input.error instanceof Error
+    ? input.error.message
+    : typeof input.error === 'string'
+      ? input.error
+      : String(input.error)
+
+  const stack = input.error instanceof Error ? input.error.stack : undefined
+  const fingerprint = [
+    input.source,
+    message,
+    input.digest || '',
+    input.componentStack || '',
+  ].join('|')
+
+  if (reportedClientErrors.has(fingerprint)) return
+  reportedClientErrors.add(fingerprint)
+
+  void fetch('/api/logs', {
+    method: 'POST',
+    headers: { 'content-type': 'application/json' },
+    body: JSON.stringify({
+      source: input.source,
+      message: truncate(message, 1000),
+      stack: truncate(stack, 8000),
+      componentStack: truncate(input.componentStack, 8000),
+      digest: truncate(input.digest, 200),
+      url: truncate(window.location.href, 2000),
+      pathname: truncate(window.location.pathname, 1000),
+      userAgent: truncate(window.navigator.userAgent, 1000),
+    }),
+    keepalive: true,
+  }).catch(() => {})
+}

package/src/lib/providers/anthropic.ts

@@ -90,6 +90,7 @@ export function streamAnthropicChat({ session, message, imagePath, apiKey, syste
           }
 
           let buf = ''
+          let malformedChunkLogged = false
           apiRes.on('data', (chunk: Buffer) => {
             if (abortController.aborted) return
             buf += chunk.toString()
@@ -112,7 +113,14 @@ export function streamAnthropicChat({ session, message, imagePath, apiKey, syste
                 if (parsed.type === 'message_delta' && parsed.usage) {
                   usageOutput = parsed.usage.output_tokens || 0
                 }
-              } catch {}
+              } catch {
+                if (!malformedChunkLogged) {
+                  malformedChunkLogged = true
+                  log.warn(TAG, `[${session.id}] failed to parse Anthropic stream chunk`, {
+                    sample: data.slice(0, 200),
+                  })
+                }
+              }
             }
           })
 

package/src/lib/providers/ollama.ts

@@ -2,6 +2,7 @@ import fs from 'fs'
 import http from 'http'
 import https from 'https'
 import type { StreamChatOptions } from './index'
+import { streamOpenAiChat } from './openai'
 import { IMAGE_EXTS, TEXT_EXTS, MAX_HISTORY_MESSAGES, writeSSE } from './provider-defaults'
 import { log } from '@/lib/server/logger'
 import { resolveOllamaRuntimeConfig } from '@/lib/server/ollama-runtime'
@@ -9,23 +10,34 @@ import { resolveImagePath } from '@/lib/server/resolve-image'
 
 const TAG = 'provider-ollama'
 
-export function streamOllamaChat({ session, message, imagePath, apiKey, write, active, loadHistory, onUsage, signal }: StreamChatOptions): Promise<string> {
+/** Ollama Cloud uses the OpenAI-compatible /v1 endpoint, not the native /api/chat protocol. */
+const OLLAMA_CLOUD_OPENAI_ENDPOINT = 'https://ollama.com/v1'
+
+export function streamOllamaChat(opts: StreamChatOptions): Promise<string> {
+  const { session, apiKey, write, active } = opts
+  const runtime = resolveOllamaRuntimeConfig({
+    model: session.model,
+    ollamaMode: session.ollamaMode,
+    apiKey,
+    apiEndpoint: session.apiEndpoint,
+  })
+
+  if (runtime.useCloud) {
+    if (!runtime.apiKey) {
+      writeSSE(write, 'err', 'Ollama Cloud model requires an API key. Set OLLAMA_API_KEY or attach an Ollama credential.')
+      active.delete(session.id)
+      return Promise.resolve('')
+    }
+    // Delegate to OpenAI-compatible handler with the cloud endpoint
+    const cloudSession = { ...session, model: runtime.model || 'llama3', apiEndpoint: OLLAMA_CLOUD_OPENAI_ENDPOINT }
+    return streamOpenAiChat({ ...opts, session: cloudSession, apiKey: runtime.apiKey })
+  }
+
+  const { message, imagePath, loadHistory, onUsage, signal } = opts
   return new Promise((resolve, reject) => {
     const messages = buildMessages(session, message, imagePath, loadHistory)
-    const runtime = resolveOllamaRuntimeConfig({
-      model: session.model,
-      ollamaMode: session.ollamaMode,
-      apiKey,
-      apiEndpoint: session.apiEndpoint,
-    })
     const model = runtime.model || 'llama3'
     const endpoint = runtime.endpoint
-    if (runtime.useCloud && !runtime.apiKey) {
-      writeSSE(write, 'err', 'Ollama Cloud model requires an API key. Set OLLAMA_API_KEY or attach an Ollama credential.')
-      active.delete(session.id)
-      resolve('')
-      return
-    }
 
     const parsed = new URL(endpoint)
     const isHttps = parsed.protocol === 'https:'
@@ -81,6 +93,7 @@ export function streamOllamaChat({ session, message, imagePath, apiKey, write, a
       }
 
       let buf = ''
+      let malformedChunkLogged = false
       apiRes.on('data', (chunk: Buffer) => {
         if (abortController.aborted) return
         buf += chunk.toString()
@@ -103,7 +116,14 @@ export function streamOllamaChat({ session, message, imagePath, apiKey, write, a
                 onUsage({ inputTokens: input, outputTokens: output })
               }
             }
-          } catch {}
+          } catch {
+            if (!malformedChunkLogged) {
+              malformedChunkLogged = true
+              log.warn(TAG, `[${session.id}] failed to parse Ollama stream chunk`, {
+                sample: line.slice(0, 200),
+              })
+            }
+          }
         }
       })
 

package/src/lib/providers/openai.ts

@@ -147,6 +147,7 @@ export function streamOpenAiChat({ session, message, imagePath, imageUrl, apiKey
           const reader = res.body.getReader()
           const decoder = new TextDecoder()
           let buf = ''
+          let malformedChunkLogged = false
 
           while (true) {
             const { done, value } = await reader.read()
@@ -175,7 +176,14 @@ export function streamOpenAiChat({ session, message, imagePath, imageUrl, apiKey
                     outputTokens: parsed.usage.completion_tokens || 0,
                   })
                 }
-              } catch {}
+              } catch {
+                if (!malformedChunkLogged) {
+                  malformedChunkLogged = true
+                  log.warn(TAG, `[${session.id}] failed to parse OpenAI stream chunk`, {
+                    sample: data.slice(0, 200),
+                  })
+                }
+              }
             }
           }
 

package/src/lib/providers/openclaw.ts

@@ -9,6 +9,7 @@ import { deriveOpenClawWsUrl } from '@/lib/openclaw/openclaw-endpoint'
 import { normalizeOpenClawAgentId } from '@/lib/openclaw/openclaw-agent-id'
 import { loadAgents } from '../server/storage'
 import { getSharedDeviceToken } from '../server/openclaw/sync'
+import { DATA_DIR } from '../server/data-dir'
 import {
   resolveOpenClawGatewayAgentIdFromList,
   type OpenClawGatewayAgentSummary,
@@ -54,9 +55,8 @@ function resolveCliStateDir(): string {
 }
 
 function getSwarmClawIdentityPath(): string {
-  const dataDir = path.join(process.cwd(), 'data')
-  if (!fs.existsSync(dataDir)) fs.mkdirSync(dataDir, { recursive: true })
-  return path.join(dataDir, 'openclaw-device.json')
+  if (!fs.existsSync(DATA_DIR)) fs.mkdirSync(DATA_DIR, { recursive: true })
+  return path.join(DATA_DIR, 'openclaw-device.json')
 }
 
 function tryLoadIdentityFile(filePath: string): DeviceIdentity | null {

package/src/lib/server/chat-execution/chat-turn-preparation.ts

@@ -513,7 +513,7 @@ export async function prepareChatTurn(input: ExecuteChatTurnInput): Promise<Prep
   const session = getSession(sessionId)
   if (!session) throw new Error(`Session not found: ${sessionId}`)
   const runStartedAt = Date.now()
-  const runMessageStartIndex = getMessageCount(sessionId)
+  let runMessageStartIndex = getMessageCount(sessionId)
 
   const appSettings = loadSettings()
   const lifecycleRunId = runId || `${sessionId}:${runStartedAt}`
@@ -725,17 +725,10 @@ export async function prepareChatTurn(input: ExecuteChatTurnInput): Promise<Prep
     }
   }
 
-  const providerType = sessionForRun.provider || 'claude-cli'
-  const provider = getProvider(providerType)
-  if (!provider) throw new Error(`Unknown provider: ${providerType}`)
-
-  if (providerType === 'claude-cli' && !fs.existsSync(session.cwd)) {
-    throw new Error(`Directory not found: ${session.cwd}`)
-  }
-
-  const apiKey = resolveApiKeyForSession(sessionForRun, provider)
-  const hideAssistantTranscript = internal && source === 'main-loop-followup'
-
+  // Persist the user message BEFORE provider/credential resolution so that if
+  // provider resolution throws (unknown provider, missing credentials, etc.),
+  // the user message is already in the DB and won't disappear from the chat
+  // when the frontend's refreshMessages overwrites the optimistic local copy.
   const shouldPersistUserMessage = shouldPersistInboundUserMessage(internal, source)
   if (shouldPersistUserMessage) {
     const [linkAnalysis, semantics] = await Promise.all([
@@ -805,8 +798,22 @@ export async function prepareChatTurn(input: ExecuteChatTurnInput): Promise<Prep
         }
       }
     }
+    // Update runMessageStartIndex to account for newly appended user message(s)
+    // so that partial persistence and finalization don't overwrite them.
+    runMessageStartIndex = getMessageCount(sessionId)
   }
 
+  const providerType = sessionForRun.provider || 'claude-cli'
+  const provider = getProvider(providerType)
+  if (!provider) throw new Error(`Unknown provider: ${providerType}`)
+
+  if (providerType === 'claude-cli' && !fs.existsSync(session.cwd)) {
+    throw new Error(`Directory not found: ${session.cwd}`)
+  }
+
+  const apiKey = resolveApiKeyForSession(sessionForRun, provider)
+  const hideAssistantTranscript = internal && source === 'main-loop-followup'
+
   const useLocalOpenClawNativeRuntime = providerType === 'openclaw' && isLocalOpenClawEndpoint(sessionForRun.apiEndpoint)
   const enabledSessionExtensions = getEnabledCapabilityIds(sessionForRun)
   const hasExtensions = enabledSessionExtensions.length > 0

package/src/lib/server/connectors/swarmdock.ts

@@ -22,7 +22,7 @@ interface SwarmDockConfig {
 function parseConfig(connector: Connector): SwarmDockConfig {
   const c = connector.config || {}
   return {
-    apiUrl: c.apiUrl || 'https://api.swarmdock.ai',
+    apiUrl: c.apiUrl || 'https://swarmdock-api.onrender.com',
     walletAddress: c.walletAddress || '',
     agentDescription: c.agentDescription || connector.name || '',
     skills: c.skills || '',

package/src/lib/server/messages/message-repository.ts

@@ -286,6 +286,37 @@ export function clearMessages(sessionId: string): void {
 /** Replace the entire message list (used after in-memory prune operations). */
 export function replaceAllMessages(sessionId: string, messages: Message[]): void {
   perf.measureSync('message-repo', 'replaceAllMessages', () => {
+    // Safety guard: reload current user messages from DB and ensure none are
+    // dropped by the replacement. This prevents races where partial persistence
+    // or finalization load a stale snapshot that's missing recently-appended
+    // user messages.
+    const currentRows = stmts().selectAll.all(sessionId) as Array<{ data: string }>
+    const currentUserMessages: Message[] = []
+    for (const row of currentRows) {
+      const m = parseMsg(row.data)
+      if (m && m.role === 'user') currentUserMessages.push(m)
+    }
+    const replacementUserTimes = new Set(
+      messages.filter(m => m.role === 'user' && typeof m.time === 'number').map(m => m.time),
+    )
+    const missingUsers = currentUserMessages.filter(
+      m => typeof m.time === 'number' && !replacementUserTimes.has(m.time),
+    )
+    if (missingUsers.length > 0) {
+      // Re-insert missing user messages at their correct position (before the
+      // first assistant message that follows them chronologically).
+      for (const user of missingUsers) {
+        let insertIdx = messages.length
+        for (let i = 0; i < messages.length; i++) {
+          if (messages[i].role === 'assistant' && typeof messages[i].time === 'number'
+              && (messages[i].time as number) >= (user.time as number)) {
+            insertIdx = i
+            break
+          }
+        }
+        messages.splice(insertIdx, 0, user)
+      }
+    }
     withTransaction(() => {
       stmts().deleteAll.run(sessionId)
       const ins = stmts().insert

package/src/lib/server/provider-health.ts

@@ -1,6 +1,9 @@
 import { spawnSync } from 'child_process'
 import { errorMessage, hmrSingleton, jitteredBackoff } from '@/lib/shared-utils'
 import { upsertStoredItem, loadCollection } from './storage'
+import { log } from './logger'
+
+const TAG = 'provider-health'
 
 type DelegateTool = 'delegate_to_claude_code' | 'delegate_to_codex_cli' | 'delegate_to_opencode_cli' | 'delegate_to_gemini_cli'
 
@@ -72,7 +75,12 @@ export function markProviderFailure(providerId: string, error: string, credentia
   })
   try {
     upsertStoredItem('provider_health', key, states.get(key)!)
-  } catch {}
+  } catch (err) {
+    log.warn(TAG, 'Failed to persist provider failure state', {
+      providerKey: key,
+      error: errorMessage(err),
+    })
+  }
 }
 
 export function markProviderSuccess(providerId: string, credentialId?: string | null): void {
@@ -88,7 +96,12 @@ export function markProviderSuccess(providerId: string, credentialId?: string |
   })
   try {
     upsertStoredItem('provider_health', key, states.get(key)!)
-  } catch {}
+  } catch (err) {
+    log.warn(TAG, 'Failed to persist provider success state', {
+      providerKey: key,
+      error: errorMessage(err),
+    })
+  }
 }
 
 export function isProviderCoolingDown(providerId: string, credentialId?: string | null): boolean {
@@ -195,7 +208,10 @@ export function restoreProviderHealthState(): number {
       }
     }
     return restored
-  } catch { return 0 }
+  } catch (err) {
+    log.warn(TAG, 'Failed to restore persisted provider health state', { error: errorMessage(err) })
+    return 0
+  }
 }
 
 // ---------------------------------------------------------------------------

package/src/lib/server/safe-parse-body.test.ts

@@ -1,5 +1,6 @@
 import assert from 'node:assert/strict'
 import { describe, it, before, after } from 'node:test'
+import { z } from 'zod'
 
 let safeParseBody: typeof import('@/lib/server/safe-parse-body').safeParseBody
 before(async () => {
@@ -50,4 +51,35 @@ describe('safeParseBody', () => {
     assert.equal(result.data!.name, 'test')
     assert.equal(result.data!.count, 7)
   })
+
+  it('validates the parsed body against a provided zod schema', async () => {
+    const result = await safeParseBody(
+      jsonRequest(JSON.stringify({ name: 'ok', count: 3 })),
+      z.object({
+        name: z.string().min(1),
+        count: z.number().int().nonnegative(),
+      }),
+    )
+    assert.equal(result.error, undefined)
+    assert.deepEqual(result.data, { name: 'ok', count: 3 })
+  })
+
+  it('returns a 400 validation error when schema parsing fails', async () => {
+    const result = await safeParseBody(
+      jsonRequest(JSON.stringify({ name: '', count: -1 })),
+      z.object({
+        name: z.string().min(1, 'name is required'),
+        count: z.number().int().nonnegative('count must be non-negative'),
+      }),
+    )
+    assert.equal(result.data, undefined)
+    assert.ok(result.error)
+    assert.equal(result.error.status, 400)
+    const body = await result.error.json()
+    assert.equal(body.error, 'Validation failed')
+    assert.deepEqual(body.issues, [
+      { path: 'name', message: 'name is required' },
+      { path: 'count', message: 'count must be non-negative' },
+    ])
+  })
 })

package/src/lib/server/safe-parse-body.ts

@@ -1,4 +1,7 @@
 import { NextResponse } from 'next/server'
+import { z } from 'zod'
+
+import { formatZodError } from '@/lib/validation/schemas'
 
 type SafeResult<T> = { data: T; error?: never } | { data?: never; error: NextResponse }
 
@@ -6,11 +9,25 @@ type SafeResult<T> = { data: T; error?: never } | { data?: never; error: NextRes
  * Wraps `req.json()` so malformed/empty bodies return a 400
  * instead of throwing an unhandled error (500).
  */
-export async function safeParseBody<T = Record<string, unknown>>(req: Request): Promise<SafeResult<T>> {
+export async function safeParseBody<T = Record<string, unknown>>(
+  req: Request,
+  schema?: z.ZodType<T>,
+): Promise<SafeResult<T>> {
+  let raw: unknown
   try {
-    const data = (await req.json()) as T
-    return { data }
+    raw = await req.json()
   } catch {
     return { error: NextResponse.json({ error: 'Invalid or missing request body' }, { status: 400 }) }
   }
+
+  if (!schema) {
+    return { data: raw as T }
+  }
+
+  const parsed = schema.safeParse(raw)
+  if (!parsed.success) {
+    return { error: NextResponse.json(formatZodError(parsed.error), { status: 400 }) }
+  }
+
+  return { data: parsed.data }
 }

package/src/lib/server/storage.ts

@@ -6,12 +6,13 @@ import Database from 'better-sqlite3'
 import { perf } from '@/lib/server/runtime/perf'
 import { log } from '@/lib/server/logger'
 import { notify } from '@/lib/server/ws-hub'
-
-const TAG = 'storage'
 import { DATA_DIR, IS_BUILD_BOOTSTRAP, WORKSPACE_DIR } from './data-dir'
 import { normalizeHeartbeatSettingFields } from '@/lib/runtime/heartbeat-defaults'
 import { normalizeRuntimeSettingFields } from '@/lib/runtime/runtime-loop'
 import { normalizeCapabilitySelection } from '@/lib/capability-selection'
+
+const TAG = 'storage'
+const malformedRecordWarnings = new Set<string>()
 import type {
   Agent,
   AppNotification,
@@ -236,8 +237,16 @@ function loadCollectionWithNormalizationState(table: string): {
       if (!normalized || typeof normalized !== 'object' || Array.isArray(normalized)) continue
       result[id] = normalized as StoredObject
       if (changed) normalizedCount += 1
-    } catch {
-      // Ignore malformed records instead of crashing list endpoints.
+    } catch (err) {
+      const fingerprint = `${table}:${id}`
+      if (!malformedRecordWarnings.has(fingerprint)) {
+        malformedRecordWarnings.add(fingerprint)
+        log.warn(TAG, 'Ignoring malformed stored record during collection load', {
+          table,
+          id,
+          error: err instanceof Error ? err.message : String(err),
+        })
+      }
     }
   }
   endPerf({ count: raw.size, normalizedCount })

package/src/lib/swarmfeed-client.ts

@@ -6,7 +6,7 @@ interface SwarmFeedConfig {
 }
 
 const config = hmrSingleton<SwarmFeedConfig>('swarmfeed_config', () => ({
-  apiUrl: process.env.SWARMFEED_API_URL || 'http://localhost:3700',
+  apiUrl: process.env.SWARMFEED_API_URL || 'https://swarmfeed-api.onrender.com',
 }))
 
 /**

package/tsconfig.json

@@ -33,9 +33,8 @@
     "**/*.ts",
     "**/*.tsx",
     ".next/types/**/*.ts",
-    ".next/dev/types/**/*.ts",
     "**/*.mts",
-    ".next/dev/dev/types/**/*.ts"
+    ".next/dev/types/**/*.ts"
   ],
   "exclude": [
     "node_modules",

package/src/.env.local

@@ -1,4 +0,0 @@
-
-CREDENTIAL_SECRET=903abc19d0ffc461795f39d90f55b68cdc2c35e930f1115374f11a4ff7ddd293
-
-ACCESS_KEY=9cf202df60e837ff327ae4e16b257d1f