npm - @upx-us/shield - Versions diffs - 0.3.4 → 0.3.6 - Mend

@upx-us/shield 0.3.4 → 0.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md CHANGED Viewed

@@ -212,6 +212,8 @@ Shield captures agent activity locally, applies on-device redaction, and forward
 - After upgrade verify with: `openclaw shield status`
 - See CHANGELOG.md for version history
+> **"Integrity drift detected"** during upgrade is expected. OpenClaw stores the checksum of the installed version and warns when it changes — which it always does on a legitimate upgrade. Confirm with `y` to proceed. This prompt only indicates a real problem if you see it without having explicitly upgraded (e.g. the plugin files changed unexpectedly).
 ---
 ## Troubleshooting

package/dist/src/index.js CHANGED Viewed

@@ -45,8 +45,10 @@ const version_1 = require("./version");
 let running = true;
 let lastTelemetryAt = 0;
 let consecutiveFailures = 0;
+let registrationOk = false;
 const TELEMETRY_INTERVAL_MS = 5 * 60 * 1000;
 const MAX_BACKOFF_MS = 5 * 60 * 1000;
+const MAX_REGISTRATION_FAILURES = 10;
 function getBackoffInterval(baseMs) {
     if (consecutiveFailures === 0)
         return baseMs;
@@ -66,17 +68,20 @@ async function poll() {
             if (now - lastTelemetryAt >= TELEMETRY_INTERVAL_MS) {
                 const hostSnapshot = config.collectHostMetrics ? (0, transformer_1.generateHostTelemetry)() : null;
                 const hostMeta = hostSnapshot?.event?.tool_metadata;
+                const agentId = process.env.OPENCLAW_AGENT_ID || 'main';
                 const instancePayload = {
                     machine: {
                         hostname: config.hostname,
                         os: process.platform,
                         arch: process.arch,
                         node_version: process.version,
+                        public_ip: (0, transformer_1.getCachedPublicIp)() ?? undefined,
                     },
                     software: {
                         plugin_version: version_1.VERSION,
                         openclaw_version: (0, transformer_1.resolveOpenClawVersion)(),
-                        agent_label: (0, transformer_1.resolveAgentLabel)('main'),
+                        agent_label: (0, transformer_1.resolveAgentLabel)(agentId),
+                        instance_name: (0, transformer_1.resolveAgentLabel)(agentId) || config.hostname,
                         ...(hostMeta && {
                             gateway_bind: hostMeta['openclaw.gateway_bind'],
                             webhook_configured: hostMeta['openclaw.webhook_configured'],
@@ -86,16 +91,27 @@ async function poll() {
                 };
                 const result = await (0, sender_1.reportInstance)(instancePayload, config.credentials);
                 log.info('bridge', `Instance report → Platform: success=${result.ok}`);
-                if (result.ok && result.score) {
-                    log.info('bridge', `Protection score: ${result.score.badge} ${result.score.total}/100 (${result.score.grade})`);
-                    if (result.score.recommendations?.length) {
-                        for (const rec of result.score.recommendations) {
-                            log.warn('bridge', `⚠ ${rec}`);
+                if (result.ok) {
+                    registrationOk = true;
+                    lastTelemetryAt = now;
+                    if (result.score) {
+                        log.info('bridge', `Protection score: ${result.score.badge} ${result.score.total}/100 (${result.score.grade})`);
+                        if (result.score.recommendations?.length) {
+                            for (const rec of result.score.recommendations) {
+                                log.warn('bridge', `⚠ ${rec}`);
+                            }
                         }
                     }
                 }
-                if (result.ok)
-                    lastTelemetryAt = now;
+                else if (!registrationOk) {
+                    consecutiveFailures++;
+                    if (consecutiveFailures >= MAX_REGISTRATION_FAILURES) {
+                        log.error('bridge', `reportInstance failed ${consecutiveFailures} consecutive times — instance not recognized. Re-run setup wizard. Exiting.`);
+                        process.exit(1);
+                    }
+                    log.warn('bridge', `reportInstance failed (attempt ${consecutiveFailures}/${MAX_REGISTRATION_FAILURES}) — skipping events this cycle (platform may still be syncing)`);
+                    continue;
+                }
             }
             if (entries.length > 0) {
                 let envelopes = (0, transformer_1.transformEntries)(entries);
@@ -126,8 +142,15 @@ async function poll() {
                     }
                 }
                 if (results.some(r => r.needsRegistration)) {
-                    log.error('bridge', 'Instance not registered (needs_registration=true). Re-run the setup wizard. Exiting.');
-                    process.exit(1);
+                    consecutiveFailures++;
+                    registrationOk = false;
+                    lastTelemetryAt = 0;
+                    if (consecutiveFailures >= MAX_REGISTRATION_FAILURES) {
+                        log.error('bridge', `Instance not recognized by platform after ${consecutiveFailures} attempts. Re-run the setup wizard. Exiting.`);
+                        process.exit(1);
+                    }
+                    log.warn('bridge', `Instance not registered on platform (attempt ${consecutiveFailures}/${MAX_REGISTRATION_FAILURES}) — will re-register on next cycle`);
+                    continue;
                 }
                 const pendingResult = results.find(r => r.pendingNamespace);
                 if (pendingResult) {

package/dist/src/transformer.d.ts CHANGED Viewed

@@ -10,6 +10,7 @@ export interface IngestPayload {
 }
 export declare function resolveOpenClawVersion(): string;
 export declare function resolveAgentLabel(agentId: string): string;
+export declare function getCachedPublicIp(): string | null;
 export declare function resolveOutboundIp(): Promise<string | null>;
 export declare function transformEntries(entries: RawEntry[]): EnvelopeEvent[];
 export declare function generateHostTelemetry(): EnvelopeEvent | null;

package/dist/src/transformer.js CHANGED Viewed

@@ -35,6 +35,7 @@ var __importStar = (this && this.__importStar) || (function () {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.resolveOpenClawVersion = resolveOpenClawVersion;
 exports.resolveAgentLabel = resolveAgentLabel;
+exports.getCachedPublicIp = getCachedPublicIp;
 exports.resolveOutboundIp = resolveOutboundIp;
 exports.transformEntries = transformEntries;
 exports.generateHostTelemetry = generateHostTelemetry;
@@ -116,6 +117,9 @@ function writeIpCache(ip) {
     }
     catch { }
 }
+function getCachedPublicIp() {
+    return readIpCache()?.ip ?? (_source?.ip_addresses[0] ?? null);
+}
 function resolveOutboundIp() {
     return new Promise((resolve) => {
         try {

package/openclaw.plugin.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "id": "shield",
   "name": "OpenClaw Shield",
   "description": "Real-time security monitoring \u2014 streams enriched, redacted security events to the Shield detection platform.",
-  "version": "0.3.4",
+  "version": "0.3.6",
   "skills": [
     "./skills"
   ],
@@ -57,4 +57,4 @@
       "label": "Collect host telemetry metrics"
     }
   }
-}
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@upx-us/shield",
-  "version": "0.3.4",
+  "version": "0.3.6",
   "description": "Security monitoring plugin for OpenClaw agents — streams enriched security events to the Shield detection platform",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",