Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/openclaw/releases

Release automation and evidence ledger for OpenClaw.
https://github.com/openclaw/releases

Last synced: 15 days ago
JSON representation

Release automation and evidence ledger for OpenClaw.

Awesome Lists containing this project

README 

          
# OpenClaw Releases



![OpenClaw Releases banner](docs/assets/readme-banner.jpg)



Release automation and evidence ledger for OpenClaw.



The source of truth stays in `openclaw/openclaw`:



- source code

- git tags

- GitHub releases

- npm publish workflow

- `appcast.xml` on `main`



This repo keeps release packaging, macOS publication support, npm dist-tag

maintenance, and durable release evidence separate from the product source repo.



## Workflows



- `.github/workflows/openclaw-macos-validate.yml` runs the release-blocking macOS

  Swift test lane for an existing OpenClaw tag.

- `.github/workflows/openclaw-macos-publish.yml` prepares and promotes signed

  macOS release artifacts for an existing OpenClaw tag.

- `.github/workflows/openclaw-npm-dist-tags.yml` reconciles npm dist-tags after

  package publication.

- `.github/workflows/openclaw-release-evidence.yml` records manually supplied

  release proof runs.

- `.github/workflows/openclaw-release-evidence-from-full-validation.yml` ingests

  child runs from the public `Full Release Validation` workflow.



The macOS publish workflow builds from public `openclaw/openclaw` tags and uses

the public repo's packaging scripts. Real publish runs promote previously

prepared artifacts rather than rebuilding during the final upload step.



## Release Evidence



The evidence workflows write release summaries under `evidence//`.

Each evidence directory contains:



- `release-evidence.md`

- `release-evidence.json`

- `index.json`

- `runs/.json`



Evidence records include release ref provenance, npm package metadata, run URLs,

workflow names, refs, SHAs, pass/fail state, timing summaries, artifact names,

artifact sizes, and selected release performance summaries.



Evidence records do not store raw logs, provider payloads, live-channel

transcripts, signing material, credentials, environment dumps, or downloaded

release artifacts.



### Manual Evidence



Manual evidence input format:



```text

   

```



Example:



```text

full-release-validation openclaw/openclaw 24972498713 advisory

normal-ci openclaw/openclaw 24972500000 blocking

release-checks openclaw/openclaw 24972511111 blocking

```



Recommended labels:



```text

full-release-validation

normal-ci

release-checks

plugin-prerelease

product-performance

macos-validate

macos-preflight

macos-publish

npm-dist-tags

```



Mark a run as `blocking` when a release should not proceed without it passing.

Mark a run as `advisory` when it informed the release decision but should not

fail the release by itself.



### Full Validation Ingest



`OpenClaw Release Evidence From Full Validation` takes a completed

`openclaw/openclaw` full-validation run id, reads that parent run's logs,

extracts child run ids, and writes the same evidence directory shape.



Manual ingest example:



```bash

gh workflow run openclaw-release-evidence-from-full-validation.yml \

  --repo openclaw/releases \

  --ref main \

  -f full_validation_run_id=24977011361 \

  -f release_id=2026.4.24 \

  -f release_ref=v2026.4.24 \

  -f package_spec=openclaw@2026.4.24

```



## Storage Policy



Store only release summaries, normalized run metadata, artifact metadata, timing

summaries, package specs, and short release-manager notes here.



Do not commit:



- raw logs

- provider prompts or responses

- Matrix, Telegram, Discord, or other live-channel transcripts

- signing material, certificates, notarization credentials, or Sparkle keys

- token-bearing npm, GitHub, Apple, channel, or provider config

- downloaded release artifacts, `.zip`, `.dmg`, `.tgz`, or dSYM payloads

- secret-bearing environment dumps



Raw logs and bulky proof artifacts belong in GitHub Actions retention, external

artifact storage, or the public GitHub release when they are intended for users.