@swarmclawai/swarmclaw 1.5.50 → 1.5.51

package/README.md

@@ -81,8 +81,11 @@ Extension tutorial: https://swarmclaw.ai/docs/extension-tutorial
 Download the one-click installer from [swarmclaw.ai/downloads](https://swarmclaw.ai/downloads).
 Available for macOS (Apple Silicon & Intel), Windows, and Linux (AppImage + .deb).
 
-Current builds are unsigned, so on first launch:
-- **macOS:** right-click the app in Finder → **Open** → **Open** to bypass Gatekeeper.
+Current builds are ad-hoc signed but not notarized, so on first launch:
+- **macOS:** right-click the app in Finder → **Open** → **Open** to bypass Gatekeeper. If macOS instead reports *"SwarmClaw is damaged and can't be opened"* (common on Apple Silicon when the dmg was quarantined by Safari), strip the quarantine attribute and relaunch:
+  ```bash
+  xattr -dr com.apple.quarantine /Applications/SwarmClaw.app
+  ```
 - **Windows:** if SmartScreen appears, click **More info** → **Run anyway**.
 - **Linux (AppImage):** `chmod +x` the downloaded file, then run it.
 
@@ -396,6 +399,18 @@ Operational docs: https://swarmclaw.ai/docs/observability
 
 ## Releases
 
+### v1.5.51 Highlights
+
+- **Desktop app now actually opens and renders on macOS**: packaged builds were broken in v1.5.50 by a stack of independent issues that each masked the next. This release unblocks the cold-boot path end to end. Measured cold-boot time on a populated install: ~1 second to first `/api/healthz` response, down from a hard 60-second timeout.
+  - Ad-hoc code signing (`identity: '-'`) via a new `scripts/electron-after-pack.cjs` hook that runs `codesign --sign - --force --deep` after electron-builder packages the bundle. The bundle identifier is now sealed as `ai.swarmclaw.desktop` with all 74k resources sealed, so quarantined dmgs surface as "unidentified developer" (right-click → Open) instead of the more confusing "damaged" error.
+  - Per-architecture native module sync: the afterPack hook copies `better-sqlite3`, `@mongodb-js/zstd`, `node-liblzma`, and `utf-8-validate` `.node` binaries from the electron-builder-rebuilt root `node_modules` into the packaged `.next/standalone/node_modules`. Without this, the standalone server hit `ERR_DLOPEN_FAILED: NODE_MODULE_VERSION 137` on launch because Next.js's output-tracing copied the Node-ABI build of better-sqlite3 into standalone while electron-builder only rebuilt the root tree for Electron's ABI.
+  - `scripts/run-next-build.mjs` now copies `mdn-data` (used by `css-tree` via `jsdom`) into standalone alongside the existing `css-tree/data` patch, so pages that depend on it don't 500 with `Cannot find module 'mdn-data/css/at-rules.json'`.
+  - `isomorphic-dompurify` replaced by the browser-only `dompurify` in `agent-avatar.tsx`. The isomorphic wrapper was pulling `jsdom`'s ESM-only `@exodus/bytes` dep into every server bundle the avatar was referenced from, which blew up SSR under Electron 33 (Node 20.18) with `ERR_REQUIRE_ESM` on every page.
+  - Session-consolidation migrations, `initWsServer`, and `ensureDaemonStarted` moved into a `setImmediate` deferred block in `src/instrumentation.ts` so Next.js can bind the HTTP listener before per-install work runs.
+- **App icon fixed**: the Dock no longer shows Electron's default `exec` placeholder. `scripts/gen-icons.mjs` generates `resources/icon.icns`, `resources/icon.ico`, and `resources/icon.png` from `public/branding/swarmclaw-org-avatar.png`; the main process sets the Dock icon at launch and passes it to every `BrowserWindow`.
+- **Embedded server log file + improved failure dialog**: the Electron wrapper now tees the child Next.js server's stdout/stderr into `<userData>/logs/server.log` (`~/Library/Application Support/@swarmclawai/swarmclaw/logs/server.log` on macOS, 1 MB rotation). If startup fails or the server exits, the error dialog shows the tail of the log inline and exposes an **Open Logs Folder** button that jumps Finder straight to the file. This is what made root-cause debugging possible in the first place — if you hit any kind of regression here, grab that log and open an issue.
+- **Embedded server timeout raised from 60s to 5 minutes**: a safety net. On a healthy install the server is up in about a second; 300 seconds is there for pathological cold boots (very large data dirs, contested Apple Silicon Gatekeeper verification on unsigned binaries, etc.) and should never be hit in normal use.
+
 ### v1.5.50 Highlights
 
 - **Fix: opencode-web remote instances no longer fail with `EACCES`**: SwarmClaw used to send the local workspace path (e.g. `/root/.swarmclaw/workspace`) as a `directory=` query parameter on every opencode-web request. Remote opencode-web instances tried to `lstat` that path and rejected the call. The provider now auto-detects local vs. remote from the endpoint hostname (`localhost`, `127.0.0.1`, `::1`, `0.0.0.0`) and only sends `directory=` when the endpoint is local. Thanks to [@SteamedFish](https://github.com/SteamedFish) for the detailed root-cause writeup in [#45](https://github.com/swarmclawai/swarmclaw/issues/45).

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@swarmclawai/swarmclaw",
-  "version": "1.5.50",
+  "version": "1.5.51",
   "description": "Build and run autonomous AI agents with OpenClaw, Hermes, multiple model providers, orchestration, delegation, memory, skills, schedules, and chat connectors.",
   "main": "electron-dist/main.js",
   "license": "MIT",
@@ -101,10 +101,10 @@
     "@langchain/langgraph": "^1.2.2",
     "@langchain/openai": "^1.2.8",
     "@modelcontextprotocol/sdk": "^1.27.1",
+    "@multiavatar/multiavatar": "^1.0.7",
     "@opentelemetry/api": "^1.9.1",
     "@opentelemetry/exporter-trace-otlp-http": "^0.214.0",
     "@opentelemetry/sdk-node": "^0.214.0",
-    "@multiavatar/multiavatar": "^1.0.7",
     "@playwright/mcp": "^0.0.68",
     "@slack/bolt": "^4.6.0",
     "@swarmdock/sdk": "^0.5.3",
@@ -127,17 +127,17 @@
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
     "commander": "^13.1.0",
-    "electron-updater": "^6.3.9",
     "cron-parser": "^5.5.0",
     "cronstrue": "^3.12.0",
     "dagre": "^0.8.5",
     "discord.js": "^14.25.1",
+    "electron-updater": "^6.3.9",
     "ethers": "^6.16.0",
     "exceljs": "^4.4.0",
     "grammy": "^1.40.0",
     "highlight.js": "^11.11.1",
+    "dompurify": "^3.3.3",
     "imapflow": "^1.2.11",
-    "isomorphic-dompurify": "^3.7.1",
     "just-bash": "^2.14.0",
     "langchain": "^1.2.30",
     "lucide-react": "^0.574.0",
@@ -175,7 +175,8 @@
     "electron": "^33.3.0",
     "electron-builder": "^25.1.8",
     "eslint": "^9",
-    "eslint-config-next": "16.1.7"
+    "eslint-config-next": "16.1.7",
+    "png-to-ico": "^3.0.1"
   },
   "optionalDependencies": {
     "botbuilder": "^4.23.3",

package/scripts/run-next-build.mjs

@@ -164,14 +164,27 @@ export function repairStandaloneCssTreeData(cwd = process.cwd()) {
   const standaloneDir = path.join(cwd, '.next', 'standalone')
   if (!fs.existsSync(standaloneDir)) return false
 
-  const dataDst = path.join(standaloneDir, 'node_modules', 'css-tree', 'data')
-  if (fs.existsSync(dataDst)) return false
+  let repaired = false
 
-  const dataSrc = path.join(cwd, 'node_modules', 'css-tree', 'data')
-  if (!fs.existsSync(dataSrc)) return false
+  const cssTreeDst = path.join(standaloneDir, 'node_modules', 'css-tree', 'data')
+  const cssTreeSrc = path.join(cwd, 'node_modules', 'css-tree', 'data')
+  if (!fs.existsSync(cssTreeDst) && fs.existsSync(cssTreeSrc)) {
+    fs.cpSync(cssTreeSrc, cssTreeDst, { recursive: true, force: true })
+    repaired = true
+  }
 
-  fs.cpSync(dataSrc, dataDst, { recursive: true, force: true })
-  return true
+  // css-tree's CJS entry calls require('mdn-data/css/*.json') at load time,
+  // and Next's output-tracing does not pull the raw JSON data files into the
+  // standalone tree. Copy them in so jsdom (via css-tree) loads correctly
+  // under the packaged app.
+  const mdnDataDst = path.join(standaloneDir, 'node_modules', 'mdn-data')
+  const mdnDataSrc = path.join(cwd, 'node_modules', 'mdn-data')
+  if (!fs.existsSync(mdnDataDst) && fs.existsSync(mdnDataSrc)) {
+    fs.cpSync(mdnDataSrc, mdnDataDst, { recursive: true, force: true })
+    repaired = true
+  }
+
+  return repaired
 }
 
 export function repairStandaloneNextMetadata(cwd = process.cwd()) {

package/src/components/agents/agent-avatar.tsx

@@ -2,9 +2,15 @@
 
 import { useMemo } from 'react'
 import multiavatar from '@multiavatar/multiavatar'
-import DOMPurify from 'isomorphic-dompurify'
+import DOMPurify from 'dompurify'
 
+// The browser DOMPurify package runs client-side only; this component is a
+// 'use client' boundary so sanitizeSvg only executes after hydration where
+// `window` is available. We previously used isomorphic-dompurify, but that
+// pulls jsdom (and its @exodus/bytes ESM deps) into every server bundle the
+// component is referenced from, which breaks SSR under Electron 33's Node 20.
 function sanitizeSvg(svg: string): string {
+  if (typeof window === 'undefined') return svg
   return DOMPurify.sanitize(svg, { USE_PROFILES: { svg: true, svgFilters: true } })
 }
 

package/src/instrumentation.ts

@@ -10,25 +10,29 @@ export async function register() {
     const { initWsServer, closeWsServer } = await import('./lib/server/ws-hub')
     const { ensureDaemonStarted } = await import('@/lib/server/runtime/daemon-state')
     await ensureOpenTelemetryStarted()
-    
-    // One-time migration: backfill allKnownPeerIds on existing connector sessions
-    try {
-      const { backfillAllKnownPeerIds, pruneThreadConnectorMirrors } = await import('@/lib/server/connectors/session-consolidation')
-      backfillAllKnownPeerIds()
-      pruneThreadConnectorMirrors()
-    } catch (err) {
-      log.error(TAG, 'connector session consolidation failed:', err)
-    }
 
-    // In worker-only mode, we FORCE the daemon to start, but skip the WebSocket listener
-    if (isWorkerOnly) {
-      log.info(TAG, 'Booting in WORKER ONLY mode')
-      ensureDaemonStarted('worker-boot')
-    } else {
-      // In normal mode, we start the WS server, and conditionally start the daemon if autostart allows
-      initWsServer()
-      ensureDaemonStarted('instrumentation')
-    }
+    // Defer migrations, WS init, and daemon startup so the HTTP listener can bind
+    // and /api/healthz can respond immediately. Heavy per-install work (session
+    // migrations on large data dirs, daemon recovery) no longer gates first boot.
+    setImmediate(() => {
+      void (async () => {
+        try {
+          const { backfillAllKnownPeerIds, pruneThreadConnectorMirrors } = await import('@/lib/server/connectors/session-consolidation')
+          backfillAllKnownPeerIds()
+          pruneThreadConnectorMirrors()
+        } catch (err) {
+          log.error(TAG, 'connector session consolidation failed:', err)
+        }
+
+        if (isWorkerOnly) {
+          log.info(TAG, 'Booting in WORKER ONLY mode')
+          ensureDaemonStarted('worker-boot')
+        } else {
+          initWsServer()
+          ensureDaemonStarted('instrumentation')
+        }
+      })()
+    })
 
     // Graceful shutdown: stop background services and close WS connections
     const shutdownState = hmrSingleton('__swarmclaw_shutdown_state__', () => ({