@upx-us/shield 0.7.10 → 0.7.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/dist/index.js +45 -0
- package/openclaw.plugin.json +10 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
|
|
|
4
4
|
|
|
5
5
|
---
|
|
6
6
|
|
|
7
|
+
## [0.7.11] — 2026-03-16
|
|
8
|
+
|
|
9
|
+
### Added
|
|
10
|
+
|
|
11
|
+
- **Debug logging mode** (`debugLog: true`) — writes timestamped logs to `~/.openclaw/shield/logs/shield-debug.log`. Captures the full startup sequence with numbered checkpoints (1–11 + SIGTERM) so disconnection issues can be pinpointed exactly. Off by default — safe on all existing installs.
|
|
12
|
+
|
|
13
|
+
---
|
|
14
|
+
|
|
7
15
|
## [0.7.10] — 2026-03-16
|
|
8
16
|
|
|
9
17
|
### Added
|
package/dist/index.js
CHANGED
|
@@ -488,6 +488,38 @@ exports.default = {
|
|
|
488
488
|
(0, log_1.setAdapter)(gatewayAdapter);
|
|
489
489
|
const pluginConfig = (api.pluginConfig ?? {});
|
|
490
490
|
log.debug('shield', 'Plugin config received', maskPluginConfigForLogs(pluginConfig));
|
|
491
|
+
const debugLogEnabled = pluginConfig.debugLog === true;
|
|
492
|
+
if (debugLogEnabled) {
|
|
493
|
+
try {
|
|
494
|
+
const { appendFileSync, mkdirSync } = require('fs');
|
|
495
|
+
const { join: pathJoin } = require('path');
|
|
496
|
+
const debugLogDir = pathJoin((0, os_1.homedir)(), '.openclaw', 'shield', 'logs');
|
|
497
|
+
const debugLogPath = pathJoin(debugLogDir, 'shield-debug.log');
|
|
498
|
+
mkdirSync(debugLogDir, { recursive: true });
|
|
499
|
+
const ts = () => new Date().toISOString();
|
|
500
|
+
const writeLine = (level, tag, msg, extra) => {
|
|
501
|
+
try {
|
|
502
|
+
const line = `${ts()} [${level.padEnd(5)}] [${tag}] ${msg}${extra !== undefined ? ' ' + JSON.stringify(extra) : ''}\n`;
|
|
503
|
+
appendFileSync(debugLogPath, line);
|
|
504
|
+
}
|
|
505
|
+
catch { }
|
|
506
|
+
};
|
|
507
|
+
const teeAdapter = {
|
|
508
|
+
debug(tag, msg, data) { gatewayAdapter.debug(tag, msg, data); writeLine('DEBUG', tag, msg, data); },
|
|
509
|
+
info(tag, msg) { gatewayAdapter.info(tag, msg); writeLine('INFO', tag, msg); },
|
|
510
|
+
warn(tag, msg) { gatewayAdapter.warn(tag, msg); writeLine('WARN', tag, msg); },
|
|
511
|
+
error(tag, msg, err) { gatewayAdapter.error(tag, msg, err); writeLine('ERROR', tag, msg, err ? String(err) : undefined); },
|
|
512
|
+
};
|
|
513
|
+
(0, log_1.setAdapter)(teeAdapter);
|
|
514
|
+
appendFileSync(debugLogPath, `\n${'─'.repeat(80)}\n` +
|
|
515
|
+
`${ts()} [SHIELD DEBUG SESSION START] v${version_1.VERSION}\n` +
|
|
516
|
+
`${'─'.repeat(80)}\n`);
|
|
517
|
+
log.info('shield', `Debug logging active → ${debugLogPath}`);
|
|
518
|
+
}
|
|
519
|
+
catch (err) {
|
|
520
|
+
log.warn('shield', `Failed to init debug log file: ${err instanceof Error ? err.message : String(err)}`);
|
|
521
|
+
}
|
|
522
|
+
}
|
|
491
523
|
if (pluginConfig.enabled === false) {
|
|
492
524
|
log.info('shield', 'Monitoring disabled via config (enabled: false)');
|
|
493
525
|
return;
|
|
@@ -557,8 +589,10 @@ exports.default = {
|
|
|
557
589
|
try {
|
|
558
590
|
await cleanupRuntime({ markStopped: false, resetGuard: false, flushRedactor: false });
|
|
559
591
|
const activeGeneration = ++runtimeGeneration;
|
|
592
|
+
log.info('shield', `[checkpoint:1] Service start() entered — generation=${activeGeneration}`);
|
|
560
593
|
let credentials = (0, config_1.loadCredentials)();
|
|
561
594
|
let validCreds = hasValidCredentials(credentials);
|
|
595
|
+
log.info('shield', `[checkpoint:2] Credentials loaded — valid=${validCreds} instanceId=${credentials?.instanceId ? credentials.instanceId.slice(0, 8) + '…' : 'missing'}`);
|
|
562
596
|
if (!validCreds && installationKey) {
|
|
563
597
|
log.info('shield', 'Installation key found — activating Shield (first-time setup)...');
|
|
564
598
|
const autoCreds = await performAutoRegistration(installationKey);
|
|
@@ -594,9 +628,12 @@ exports.default = {
|
|
|
594
628
|
const persistedStats = readAllTimeStats();
|
|
595
629
|
if (persistedStats.lastSync)
|
|
596
630
|
state.lastSync = persistedStats.lastSync;
|
|
631
|
+
log.info('shield', `[checkpoint:3] Config loaded — sessionDirs=${config.sessionDirs.length} poll=${config.pollIntervalMs}ms dryRun=${config.dryRun}`);
|
|
597
632
|
log.info('shield', `Starting Shield v${version_1.VERSION} (poll: ${config.pollIntervalMs}ms, dryRun: ${config.dryRun})`);
|
|
598
633
|
(0, exclusions_1.initExclusions)((0, path_1.join)((0, os_1.homedir)(), '.openclaw', 'shield', 'data'));
|
|
634
|
+
log.info('shield', '[checkpoint:4] Exclusions initialized');
|
|
599
635
|
(0, case_monitor_1.initCaseMonitor)((0, path_1.join)((0, os_1.homedir)(), '.openclaw', 'shield', 'data'));
|
|
636
|
+
log.info('shield', '[checkpoint:5] Case monitor initialized');
|
|
600
637
|
if (config.localEventBuffer) {
|
|
601
638
|
(0, event_store_1.initEventStore)((0, path_1.join)((0, os_1.homedir)(), '.openclaw', 'shield', 'data'), { maxEvents: config.localEventLimit });
|
|
602
639
|
}
|
|
@@ -670,8 +707,10 @@ exports.default = {
|
|
|
670
707
|
catch { }
|
|
671
708
|
const autoUpdateMode = pluginConfig.autoUpdate ?? true;
|
|
672
709
|
const _bootState = (0, updater_1.loadUpdateState)();
|
|
710
|
+
log.info('shield', `[checkpoint:6] Pre-update-check — autoUpdate=${autoUpdateMode} pendingRestart=${_bootState.pendingRestart} updateAvailable=${_bootState.updateAvailable} latestVersion=${_bootState.latestVersion}`);
|
|
673
711
|
log.info('updater', `Startup update check (autoUpdate=${autoUpdateMode}, current=${version_1.VERSION}, pendingRestart=${_bootState.pendingRestart})`);
|
|
674
712
|
const startupUpdate = (0, updater_1.performAutoUpdate)(autoUpdateMode, _bootState.pendingRestart ? undefined : 0);
|
|
713
|
+
log.info('shield', `[checkpoint:7] Update check done — action=${startupUpdate.action}`);
|
|
675
714
|
if (startupUpdate.action === 'updated') {
|
|
676
715
|
log.info('updater', startupUpdate.message);
|
|
677
716
|
const restarted = (0, updater_1.requestGatewayRestart)();
|
|
@@ -703,10 +742,12 @@ exports.default = {
|
|
|
703
742
|
const { sendEvents, reportInstance } = await Promise.resolve().then(() => __importStar(require('./src/sender')));
|
|
704
743
|
const { init: initRedactor, flush: flushRedactor, redactEvent } = await Promise.resolve().then(() => __importStar(require('./src/redactor')));
|
|
705
744
|
const { validate } = await Promise.resolve().then(() => __importStar(require('./src/validator')));
|
|
745
|
+
log.info('shield', '[checkpoint:8] Dynamic imports loaded');
|
|
706
746
|
if (config.redactionEnabled)
|
|
707
747
|
initRedactor();
|
|
708
748
|
state.running = true;
|
|
709
749
|
persistState();
|
|
750
|
+
log.info('shield', '[checkpoint:9] state.running=true — entering poll loop');
|
|
710
751
|
const runTelemetry = async () => {
|
|
711
752
|
if (!state.running || activeGeneration !== runtimeGeneration)
|
|
712
753
|
return;
|
|
@@ -748,6 +789,7 @@ exports.default = {
|
|
|
748
789
|
}
|
|
749
790
|
};
|
|
750
791
|
const runTelemetrySingleflight = createSingleflightRunner(runTelemetry);
|
|
792
|
+
log.info('shield', '[checkpoint:9a] Firing initial telemetry');
|
|
751
793
|
runTelemetrySingleflight().catch((err) => log.error('shield', `Telemetry error: ${err instanceof Error ? err.message : String(err)}`));
|
|
752
794
|
telemetryHandle = setInterval(() => {
|
|
753
795
|
if (activeGeneration !== runtimeGeneration || !state.running)
|
|
@@ -904,15 +946,18 @@ exports.default = {
|
|
|
904
946
|
});
|
|
905
947
|
}, interval);
|
|
906
948
|
};
|
|
949
|
+
log.info('shield', '[checkpoint:10] First poll scheduled');
|
|
907
950
|
schedulePoll();
|
|
908
951
|
onSignalHandler = async () => {
|
|
909
952
|
if (!state.running)
|
|
910
953
|
return;
|
|
954
|
+
log.info('shield', '[checkpoint:SIGTERM] SIGTERM received — shutting down');
|
|
911
955
|
await cleanupRuntime({ markStopped: true, resetGuard: true, flushRedactor: true });
|
|
912
956
|
log.info('shield', 'Service stopped (signal)');
|
|
913
957
|
};
|
|
914
958
|
process.once('SIGTERM', onSignalHandler);
|
|
915
959
|
process.once('SIGINT', onSignalHandler);
|
|
960
|
+
log.info('shield', '[checkpoint:11] Startup complete — service running');
|
|
916
961
|
startGuard.endSuccess();
|
|
917
962
|
}
|
|
918
963
|
catch (err) {
|
package/openclaw.plugin.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"id": "shield",
|
|
3
3
|
"name": "OpenClaw Shield",
|
|
4
4
|
"description": "Real-time security monitoring — streams enriched, redacted security events to the Shield detection platform.",
|
|
5
|
-
"version": "0.7.
|
|
5
|
+
"version": "0.7.11",
|
|
6
6
|
"skills": [
|
|
7
7
|
"./skills"
|
|
8
8
|
],
|
|
@@ -48,6 +48,11 @@
|
|
|
48
48
|
],
|
|
49
49
|
"default": true,
|
|
50
50
|
"description": "Auto-update mode: true (auto-update patch versions), false (disabled), or 'notify-only' (log available updates without installing)."
|
|
51
|
+
},
|
|
52
|
+
"debugLog": {
|
|
53
|
+
"type": "boolean",
|
|
54
|
+
"default": false,
|
|
55
|
+
"description": "Enable verbose debug logging to ~/.openclaw/shield/logs/shield-debug.log. Use only when diagnosing connectivity issues."
|
|
51
56
|
}
|
|
52
57
|
}
|
|
53
58
|
},
|
|
@@ -74,6 +79,10 @@
|
|
|
74
79
|
"autoUpdate": {
|
|
75
80
|
"label": "Auto-update mode",
|
|
76
81
|
"description": "true = auto-install patch updates, 'notify-only' = log only, false = disabled"
|
|
82
|
+
},
|
|
83
|
+
"debugLog": {
|
|
84
|
+
"label": "Debug logging",
|
|
85
|
+
"description": "Writes detailed startup and lifecycle logs to a file for support diagnosis"
|
|
77
86
|
}
|
|
78
87
|
},
|
|
79
88
|
"clawhub": {
|
package/package.json
CHANGED