npm - velaclaw-dev - Versions diffs - 0.2.0 - Mend

velaclaw-dev 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (63) hide show

package/.gitignore +14 -0
package/ARCHITECTURE.md +143 -0
package/README.dev.md +208 -0
package/README.local-before-remote-sync.md +224 -0
package/README.md +211 -0
package/README.public.md +115 -0
package/RELEASING.md +162 -0
package/TESTING.md +195 -0
package/dist/cli.js +213 -0
package/dist/data.js +2988 -0
package/dist/server.js +1020 -0
package/dist/ui.js +1486 -0
package/members/LAUNCH_CHECKLIST.md +13 -0
package/members/README.md +17 -0
package/members/member-template/README.md +9 -0
package/members/member-template/private-docs/README.md +3 -0
package/members/member-template/private-memory/README.md +3 -0
package/members/member-template/private-skills/README.md +4 -0
package/members/member-template/private-tools/README.md +4 -0
package/members/member-template/runtime/config/README.md +3 -0
package/members/member-template/runtime/config/local-plugins/member-quota-guard/index.js +123 -0
package/members/member-template/runtime/config/local-plugins/member-quota-guard/openclaw.plugin.json +19 -0
package/members/member-template/runtime/config/local-plugins/member-quota-guard/package.json +10 -0
package/members/member-template/runtime/config/local-plugins/member-runtime-upgrader/index.js +97 -0
package/members/member-template/runtime/config/local-plugins/member-runtime-upgrader/openclaw.plugin.json +21 -0
package/members/member-template/runtime/config/local-plugins/member-runtime-upgrader/package.json +10 -0
package/members/member-template/runtime/config/local-plugins/shared-asset-injector/index.js +548 -0
package/members/member-template/runtime/config/local-plugins/shared-asset-injector/openclaw.plugin.json +33 -0
package/members/member-template/runtime/config/local-plugins/shared-asset-injector/package.json +10 -0
package/members/member-template/runtime/config/openclaw.json +104 -0
package/members/member-template/runtime/docker-compose.yml +53 -0
package/members/member-template/runtime/logs/README.md +3 -0
package/members/member-template/runtime/secrets/.gitkeep +1 -0
package/members/member-template/runtime/secrets/README.md +3 -0
package/members/member-template/runtime/workspace/.gitkeep +1 -0
package/members/member-template/runtime/workspace/README.md +3 -0
package/package.json +57 -0
package/pic/banner.jpg +0 -0
package/provision-member.md +87 -0
package/scripts/shared-asset-stack-test.mjs +369 -0
package/scripts/shared-skill-combo-test.mjs +282 -0
package/scripts/team-load-test.mjs +358 -0
package/scripts/verify-install.mjs +44 -0
package/services/litellm/config.yaml +35 -0
package/services/litellm/docker-compose.yml +36 -0
package/services/litellm/litellm.env.example +13 -0
package/shared-snapshots/README.md +16 -0
package/shared-snapshots/docs/README.md +3 -0
package/shared-snapshots/memory/README.md +3 -0
package/shared-snapshots/skills/README.md +3 -0
package/shared-snapshots/tools/README.md +4 -0
package/shared-snapshots/workflows/README.md +3 -0
package/team-assets/README.md +11 -0
package/team-assets/policies/README.md +7 -0
package/team-assets/policies/asset-visibility.md +24 -0
package/team-assets/policies/high-risk-action-approval.md +18 -0
package/team-assets/policies/promotion-rules.md +25 -0
package/team-assets/policies/tool-binding-rules.md +26 -0
package/team-assets/shared-docs/README.md +3 -0
package/team-assets/shared-memory/README.md +8 -0
package/team-assets/shared-skills/README.md +8 -0
package/team-assets/shared-tools/README.md +8 -0
package/team-assets/shared-workflows/README.md +9 -0

package/services/litellm/config.yaml ADDED Viewed

@@ -0,0 +1,35 @@
+model_list:
+  - model_name: gpt-4.1-mini
+    litellm_params:
+      model: openai/gpt-4.1-mini
+      api_base: https://saymycode.xyz/v1
+      api_key: os.environ/OPENAI_API_KEY
+      extra_headers:
+        User-Agent: curl/8.5.0
+        Accept: "*/*"
+  - model_name: gpt-5.1-codex-mini
+    litellm_params:
+      model: openai/gpt-5.1-codex-mini
+      api_base: https://saymycode.xyz/v1
+      api_key: os.environ/OPENAI_API_KEY
+      extra_headers:
+        User-Agent: curl/8.5.0
+        Accept: "*/*"
+  - model_name: gpt-5.4
+    litellm_params:
+      model: openai/gpt-5.4
+      api_base: https://saymycode.xyz/v1
+      api_key: os.environ/OPENAI_API_KEY
+      extra_headers:
+        User-Agent: curl/8.5.0
+        Accept: "*/*"
+general_settings:
+  master_key: os.environ/LITELLM_MASTER_KEY
+  database_url: os.environ/DATABASE_URL
+  set_verbose: false
+litellm_settings:
+  drop_params: true

package/services/litellm/docker-compose.yml ADDED Viewed

@@ -0,0 +1,36 @@
+services:
+  postgres:
+    image: postgres:16-alpine
+    container_name: velaclaw-litellm-postgres
+    restart: unless-stopped
+    env_file:
+      - ${HOME}/.config/velaclaw/litellm.env
+    environment:
+      POSTGRES_DB: litellm
+      POSTGRES_USER: litellm
+    volumes:
+      - ./postgres-data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U litellm -d litellm"]
+      interval: 10s
+      timeout: 5s
+      retries: 10
+  litellm:
+    image: ghcr.io/berriai/litellm:main-latest
+    container_name: velaclaw-litellm
+    restart: unless-stopped
+    depends_on:
+      postgres:
+        condition: service_healthy
+    env_file:
+      - ${HOME}/.config/velaclaw/litellm.env
+    ports:
+      - "127.0.0.1:4000:4000"
+    volumes:
+      - ./config.yaml:/app/config.yaml:ro
+    command:
+      - "--config"
+      - "/app/config.yaml"
+      - "--port"
+      - "4000"

package/services/litellm/litellm.env.example ADDED Viewed

@@ -0,0 +1,13 @@
+# Copy this file to:
+#   ~/.config/velaclaw/litellm.env
+#
+# Keep POSTGRES_PASSWORD and DATABASE_URL in sync.
+POSTGRES_PASSWORD=change-me
+DATABASE_URL=postgresql://litellm:change-me@postgres:5432/litellm
+# Upstream key used by the model gateway backing LiteLLM.
+OPENAI_API_KEY=replace-with-your-upstream-key
+# Shared key used by Velaclaw to call LiteLLM locally.
+LITELLM_MASTER_KEY=replace-with-a-long-random-secret

package/shared-snapshots/README.md ADDED Viewed

@@ -0,0 +1,16 @@
+# Shared asset snapshots
+This directory is for read-only snapshots of approved team assets that may be distributed into member runtimes.
+Recommended subdirectories:
+- `skills/`
+- `tools/`
+- `workflows/`
+- `docs/`
+- `memory/`
+Guidelines:
+- snapshots should be generated from approved team assets only
+- snapshots should be mounted read-only into member runtimes if used
+- never place raw secrets here
+- prefer summary/approved memory, not raw private conversation logs

package/shared-snapshots/docs/README.md ADDED Viewed

@@ -0,0 +1,3 @@
+# Shared docs snapshots
+Approved non-sensitive docs for read-only distribution.

package/shared-snapshots/memory/README.md ADDED Viewed

@@ -0,0 +1,3 @@
+# Shared memory snapshots
+Only approved, sanitized, team-safe memory summaries should be exported here.

package/shared-snapshots/skills/README.md ADDED Viewed

@@ -0,0 +1,3 @@
+# Shared skill snapshots
+Approved team skills can be exported here for read-only distribution into member runtimes.

package/shared-snapshots/tools/README.md ADDED Viewed

@@ -0,0 +1,4 @@
+# Shared tool snapshots
+Export only shared tool definitions here.
+Do not export personal bindings or raw credentials.

package/shared-snapshots/workflows/README.md ADDED Viewed

@@ -0,0 +1,3 @@
+# Shared workflow snapshots
+Approved team workflows and SOPs for read-only distribution.

package/team-assets/README.md ADDED Viewed

@@ -0,0 +1,11 @@
+# Team asset registry
+This directory is for assets shared across the whole team.
+Subdirectories:
+- `shared-memory/` — approved team memory and shared facts
+- `shared-skills/` — team-approved reusable skills
+- `shared-tools/` — tool definitions and shared non-secret bindings metadata
+- `shared-workflows/` — SOPs and workflows
+- `shared-docs/` — common documents and references
+- `policies/` — access, approval, and sync policies

package/team-assets/policies/README.md ADDED Viewed

@@ -0,0 +1,7 @@
+# Team policies
+Suggested policy files to add later:
+- asset-visibility.md
+- promotion-rules.md
+- tool-binding-rules.md
+- high-risk-action-approval.md

package/team-assets/policies/asset-visibility.md ADDED Viewed

@@ -0,0 +1,24 @@
+# Asset visibility policy
+## Default rules
+1. Team assets are readable only when explicitly marked shared.
+2. Member-private assets are readable only by that member runtime and the control plane.
+3. Task/session assets are temporary and should not be promoted automatically.
+4. Secrets are private by default, even if the related tool definition is shared.
+## Allowed visibility levels
+- `system`
+- `team`
+- `member`
+- `task`
+## Promotion rule
+Information should move upward only after review:
+- task -> member
+- task -> team
+- member -> team
+Never auto-promote raw private chat content into team assets.

package/team-assets/policies/high-risk-action-approval.md ADDED Viewed

@@ -0,0 +1,18 @@
+# High-risk action approval
+## High-risk actions include
+- sending external email
+- posting to public channels
+- using financial accounts or trading actions
+- modifying production systems
+- accessing another member's private assets
+- changing runtime security or container settings
+## Recommended rule
+Member runtimes should not perform high-risk external actions directly.
+Instead:
+1. prepare draft/action request
+2. send to control plane for approval
+3. execute only after approval

package/team-assets/policies/promotion-rules.md ADDED Viewed

@@ -0,0 +1,25 @@
+# Promotion rules
+## Purpose
+Define how private or temporary assets become team-shared assets.
+## Recommended flow
+1. Create privately first.
+2. Stabilize through actual use.
+3. Review for privacy and sensitivity.
+4. Publish a cleaned version into the team asset registry.
+## Applies to
+- skills
+- workflows
+- documents
+- memory summaries
+## Avoid
+- publishing raw conversations
+- publishing secrets or private credentials
+- publishing personal preferences unless intentionally generalized

package/team-assets/policies/tool-binding-rules.md ADDED Viewed

@@ -0,0 +1,26 @@
+# Tool binding rules
+## Core split
+Separate:
+1. tool capability definitions
+2. credential / binding instances
+## Examples
+Capability definitions:
+- gmail.send
+- github.issue.create
+- market.search
+Binding instances:
+- gmail:zane
+- github:alice
+- smtp:team-support
+## Rules
+- capabilities may be team-shared
+- bindings are private by default
+- team-shared bindings must be created intentionally as team assets
+- member runtimes should not receive other members' bindings

package/team-assets/shared-docs/README.md ADDED Viewed

@@ -0,0 +1,3 @@
+# Shared team docs
+Put non-sensitive shared documentation here.

package/team-assets/shared-memory/README.md ADDED Viewed

@@ -0,0 +1,8 @@
+# Shared team memory
+Store only approved, team-safe memory here.
+Guidelines:
+- keep facts and decisions, not raw private chats
+- remove private details before promoting content here
+- record dates, owners, and affected projects when useful

package/team-assets/shared-skills/README.md ADDED Viewed

@@ -0,0 +1,8 @@
+# Shared team skills
+Store team-level reusable skills here.
+Recommended workflow:
+- prototype privately in a member-private skill
+- once stable, publish or copy here
+- version important shared skills

package/team-assets/shared-tools/README.md ADDED Viewed

@@ -0,0 +1,8 @@
+# Shared team tools
+This directory is for shared tool definitions, not personal credentials.
+Recommended split:
+- share tool capability definitions here
+- keep personal bindings/credentials in member-private directories
+- create separate team bindings for truly shared team accounts

package/team-assets/shared-workflows/README.md ADDED Viewed

@@ -0,0 +1,9 @@
+# Shared team workflows
+Store common workflows and SOPs here.
+Examples:
+- release checklist
+- onboarding flow
+- incident handling
+- daily market brief template