github/openclaw
1
1
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-03 03:03:24 -04:00
Code Issues Packages Projects Releases Wiki Activity

refactor: rename to openclaw

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-30 03:15:10 +01:00
parent 4583f88626
commit 9a7160786a
2357 changed files with 16688 additions and 16788 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
docs/platforms/mac/bundled-gateway.md
View File

@@ -1,24 +1,24 @@
---
summary: "Gateway runtime on macOS (external launchd service)"
read_when:
- Packaging Moltbot.app
- Packaging OpenClaw.app
- Debugging the macOS gateway launchd service
- Installing the gateway CLI for macOS
---
# Gateway on macOS (external launchd)
Moltbot.app no longer bundles Node/Bun or the Gateway runtime. The macOS app
expects an **external** `moltbot` CLI install, does not spawn the Gateway as a
OpenClaw.app no longer bundles Node/Bun or the Gateway runtime. The macOS app
expects an **external** `openclaw` CLI install, does not spawn the Gateway as a
child process, and manages a peruser launchd service to keep the Gateway
running (or attaches to an existing local Gateway if one is already running).
## Install the CLI (required for local mode)
You need Node 22+ on the Mac, then install `moltbot` globally:
You need Node 22+ on the Mac, then install `openclaw` globally:
```bash
npm install -g moltbot@<version>
npm install -g openclaw@<version>
```
The macOS apps **Install CLI** button runs the same flow via npm/pnpm (bun not recommended for Gateway runtime).
@@ -26,7 +26,7 @@ The macOS apps **Install CLI** button runs the same flow via npm/pnpm (bun no
## Launchd (Gateway as LaunchAgent)
Label:
- `bot.molt.gateway` (or `bot.molt.<profile>`; legacy `com.clawdbot.*` may remain)
- `bot.molt.gateway` (or `bot.molt.<profile>`; legacy `com.openclaw.*` may remain)
Plist location (peruser):
- `~/Library/LaunchAgents/bot.molt.gateway.plist`
@@ -34,16 +34,16 @@ Plist location (peruser):
Manager:
- The macOS app owns LaunchAgent install/update in Local mode.
- The CLI can also install it: `moltbot gateway install`.
- The CLI can also install it: `openclaw gateway install`.
Behavior:
-Moltbot Active” enables/disables the LaunchAgent.
-OpenClaw Active” enables/disables the LaunchAgent.
- App quit does **not** stop the gateway (launchd keeps it alive).
- If a Gateway is already running on the configured port, the app attaches to
it instead of starting a new one.
Logging:
- launchd stdout/err: `/tmp/moltbot/moltbot-gateway.log`
- launchd stdout/err: `/tmp/openclaw/openclaw-gateway.log`
## Version compatibility
@@ -53,15 +53,15 @@ incompatible, update the global CLI to match the app version.
## Smoke check
```bash
moltbot --version
openclaw --version
CLAWDBOT_SKIP_CHANNELS=1 \
CLAWDBOT_SKIP_CANVAS_HOST=1 \
moltbot gateway --port 18999 --bind loopback
OPENCLAW_SKIP_CHANNELS=1 \
OPENCLAW_SKIP_CANVAS_HOST=1 \
openclaw gateway --port 18999 --bind loopback
```
Then:
```bash
moltbot gateway call health --url ws://127.0.0.1:18999 --timeout 3000
openclaw gateway call health --url ws://127.0.0.1:18999 --timeout 3000
```

28
docs/platforms/mac/canvas.md
View File

@@ -15,16 +15,16 @@ UI surfaces.
Canvas state is stored under Application Support:
- `~/Library/Application Support/Moltbot/canvas/<session>/...`
- `~/Library/Application Support/OpenClaw/canvas/<session>/...`
The Canvas panel serves those files via a **custom URL scheme**:
- `moltbot-canvas://<session>/<path>`
- `openclaw-canvas://<session>/<path>`
Examples:
- `moltbot-canvas://main/``<canvasRoot>/main/index.html`
- `moltbot-canvas://main/assets/app.css``<canvasRoot>/main/assets/app.css`
- `moltbot-canvas://main/widgets/todo/``<canvasRoot>/main/widgets/todo/index.html`
- `openclaw-canvas://main/``<canvasRoot>/main/index.html`
- `openclaw-canvas://main/assets/app.css``<canvasRoot>/main/assets/app.css`
- `openclaw-canvas://main/widgets/todo/``<canvasRoot>/main/widgets/todo/index.html`
If no `index.html` exists at the root, the app shows a **builtin scaffold page**.
@@ -50,10 +50,10 @@ Canvas is exposed via the **Gateway WebSocket**, so the agent can:
CLI examples:
```bash
moltbot nodes canvas present --node <id>
moltbot nodes canvas navigate --node <id> --url "/"
moltbot nodes canvas eval --node <id> --js "document.title"
moltbot nodes canvas snapshot --node <id>
openclaw nodes canvas present --node <id>
openclaw nodes canvas navigate --node <id> --url "/"
openclaw nodes canvas eval --node <id> --js "document.title"
openclaw nodes canvas snapshot --node <id>
```
Notes:
@@ -69,7 +69,7 @@ A2UI host page on first open.
Default A2UI host URL:
```
http://<gateway-host>:18793/__moltbot__/a2ui/
http://<gateway-host>:18793/__openclaw__/a2ui/
```
### A2UI commands (v0.8)
@@ -91,25 +91,25 @@ cat > /tmp/a2ui-v0.8.jsonl <<'EOFA2'
{"beginRendering":{"surfaceId":"main","root":"root"}}
EOFA2
moltbot nodes canvas a2ui push --jsonl /tmp/a2ui-v0.8.jsonl --node <id>
openclaw nodes canvas a2ui push --jsonl /tmp/a2ui-v0.8.jsonl --node <id>
```
Quick smoke:
```bash
moltbot nodes canvas a2ui push --node <id> --text "Hello from A2UI"
openclaw nodes canvas a2ui push --node <id> --text "Hello from A2UI"
```
## Triggering agent runs from Canvas
Canvas can trigger new agent runs via deep links:
- `moltbot://agent?...`
- `openclaw://agent?...`
Example (in JS):
```js
window.location.href = "moltbot://agent?message=Review%20this%20design";
window.location.href = "openclaw://agent?message=Review%20this%20design";
```
The app prompts for confirmation unless a valid key is provided.

10
docs/platforms/mac/child-process.md
View File

@@ -8,7 +8,7 @@ read_when:
The macOS app **manages the Gateway via launchd** by default and does not spawn
the Gateway as a child process. It first tries to attach to an alreadyrunning
Gateway on the configured port; if none is reachable, it enables the launchd
service via the external `moltbot` CLI (no embedded runtime). This gives you
service via the external `openclaw` CLI (no embedded runtime). This gives you
reliable autostart at login and restart on crashes.
Childprocess mode (Gateway spawned directly by the app) is **not in use** today.
@@ -17,7 +17,7 @@ If you need tighter coupling to the UI, run the Gateway manually in a terminal.
## Default behavior (launchd)
- The app installs a peruser LaunchAgent labeled `bot.molt.gateway`
(or `bot.molt.<profile>` when using `--profile`/`CLAWDBOT_PROFILE`; legacy `com.clawdbot.*` is supported).
(or `bot.molt.<profile>` when using `--profile`/`OPENCLAW_PROFILE`; legacy `com.openclaw.*` is supported).
- When Local mode is enabled, the app ensures the LaunchAgent is loaded and
starts the Gateway if needed.
- Logs are written to the launchd gateway log path (visible in Debug Settings).
@@ -36,19 +36,19 @@ Replace the label with `bot.molt.<profile>` when running a named profile.
`scripts/restart-mac.sh --no-sign` is for fast local builds when you dont have
signing keys. To prevent launchd from pointing at an unsigned relay binary, it:
- Writes `~/.clawdbot/disable-launchagent`.
- Writes `~/.openclaw/disable-launchagent`.
Signed runs of `scripts/restart-mac.sh` clear this override if the marker is
present. To reset manually:
```bash
rm ~/.clawdbot/disable-launchagent
rm ~/.openclaw/disable-launchagent
```
## Attach-only mode
To force the macOS app to **never install or manage launchd**, launch it with
`--attach-only` (or `--no-launchd`). This sets `~/.clawdbot/disable-launchagent`,
`--attach-only` (or `--no-launchd`). This sets `~/.openclaw/disable-launchagent`,
so the app only attaches to an already running Gateway. You can toggle the same
behavior in Debug Settings.

20
docs/platforms/mac/dev-setup.md
View File

@@ -1,11 +1,11 @@
---
summary: "Setup guide for developers working on the Moltbot macOS app"
summary: "Setup guide for developers working on the OpenClaw macOS app"
read_when:
- Setting up the macOS development environment
---
# macOS Developer Setup
This guide covers the necessary steps to build and run the Moltbot macOS application from source.
This guide covers the necessary steps to build and run the OpenClaw macOS application from source.
## Prerequisites
@@ -24,7 +24,7 @@ pnpm install
## 2. Build and Package the App
To build the macOS app and package it into `dist/Moltbot.app`, run:
To build the macOS app and package it into `dist/OpenClaw.app`, run:
```bash
./scripts/package-mac-app.sh
@@ -33,22 +33,22 @@ To build the macOS app and package it into `dist/Moltbot.app`, run:
If you don't have an Apple Developer ID certificate, the script will automatically use **ad-hoc signing** (`-`).
For dev run modes, signing flags, and Team ID troubleshooting, see the macOS app README:
https://github.com/moltbot/moltbot/blob/main/apps/macos/README.md
https://github.com/openclaw/openclaw/blob/main/apps/macos/README.md
> **Note**: Ad-hoc signed apps may trigger security prompts. If the app crashes immediately with "Abort trap 6", see the [Troubleshooting](#troubleshooting) section.
## 3. Install the CLI
The macOS app expects a global `moltbot` CLI install to manage background tasks.
The macOS app expects a global `openclaw` CLI install to manage background tasks.
**To install it (recommended):**
1. Open the Moltbot app.
1. Open the OpenClaw app.
2. Go to the **General** settings tab.
3. Click **"Install CLI"**.
Alternatively, install it manually:
```bash
npm install -g moltbot@<version>
npm install -g openclaw@<version>
```
## Troubleshooting
@@ -76,14 +76,14 @@ If the app crashes when you try to allow **Speech Recognition** or **Microphone*
```bash
tccutil reset All bot.molt.mac.debug
```
2. If that fails, change the `BUNDLE_ID` temporarily in [`scripts/package-mac-app.sh`](https://github.com/moltbot/moltbot/blob/main/scripts/package-mac-app.sh) to force a "clean slate" from macOS.
2. If that fails, change the `BUNDLE_ID` temporarily in [`scripts/package-mac-app.sh`](https://github.com/openclaw/openclaw/blob/main/scripts/package-mac-app.sh) to force a "clean slate" from macOS.
### Gateway "Starting..." indefinitely
If the gateway status stays on "Starting...", check if a zombie process is holding the port:
```bash
moltbot gateway status
moltbot gateway stop
openclaw gateway status
openclaw gateway stop
# If youre not using a LaunchAgent (dev mode / manual runs), find the listener:
lsof -nP -iTCP:18789 -sTCP:LISTEN

4
docs/platforms/mac/health.md
View File

@@ -21,8 +21,8 @@ How to see whether the linked channel is healthy from the menu bar app.
- **Channels tab** surfaces channel status + controls for WhatsApp/Telegram (login QR, logout, probe, last disconnect/error).
## How the probe works
- App runs `moltbot health --json` via `ShellExecutor` every ~60s and on demand. The probe loads creds and reports status without sending messages.
- App runs `openclaw health --json` via `ShellExecutor` every ~60s and on demand. The probe loads creds and reports status without sending messages.
- Cache the last good snapshot and the last error separately to avoid flicker; show the timestamp of each.
## When in doubt
- You can still use the CLI flow in [Gateway health](/gateway/health) (`moltbot status`, `moltbot status --deep`, `moltbot health --json`) and tail `/tmp/moltbot/moltbot-*.log` for `web-heartbeat` / `web-reconnect`.
- You can still use the CLI flow in [Gateway health](/gateway/health) (`openclaw status`, `openclaw status --deep`, `openclaw health --json`) and tail `/tmp/openclaw/openclaw-*.log` for `web-heartbeat` / `web-reconnect`.

2
docs/platforms/mac/icon.md
View File

@@ -1,5 +1,5 @@
---
summary: "Menu bar icon states and animations for Moltbot on macOS"
summary: "Menu bar icon states and animations for OpenClaw on macOS"
read_when:
- Changing menu bar icon behavior
---

8
docs/platforms/mac/logging.md
View File

@@ -1,5 +1,5 @@
---
summary: "Moltbot logging: rolling diagnostics file log + unified log privacy flags"
summary: "OpenClaw logging: rolling diagnostics file log + unified log privacy flags"
read_when:
- Capturing macOS logs or investigating private data logging
- Debugging voice wake/session lifecycle issues
@@ -7,11 +7,11 @@ read_when:
# Logging (macOS)
## Rolling diagnostics file log (Debug pane)
Moltbot routes macOS app logs through swift-log (unified logging by default) and can write a local, rotating file log to disk when you need a durable capture.
OpenClaw routes macOS app logs through swift-log (unified logging by default) and can write a local, rotating file log to disk when you need a durable capture.
- Verbosity: **Debug pane → Logs → App logging → Verbosity**
- Enable: **Debug pane → Logs → App logging → “Write rolling diagnostics log (JSONL)”**
- Location: `~/Library/Logs/Moltbot/diagnostics.jsonl` (rotates automatically; old files are suffixed with `.1`, `.2`, …)
- Location: `~/Library/Logs/OpenClaw/diagnostics.jsonl` (rotates automatically; old files are suffixed with `.1`, `.2`, …)
- Clear: **Debug pane → Logs → App logging → “Clear”**
Notes:
@@ -22,7 +22,7 @@ Notes:
Unified logging redacts most payloads unless a subsystem opts into `privacy -off`. Per Peter's write-up on macOS [logging privacy shenanigans](https://steipete.me/posts/2025/logging-privacy-shenanigans) (2025) this is controlled by a plist in `/Library/Preferences/Logging/Subsystems/` keyed by the subsystem name. Only new log entries pick up the flag, so enable it before reproducing an issue.
## Enable for Moltbot (`bot.molt`)
## Enable for OpenClaw (`bot.molt`)
- Write the plist to a temp file first, then install it atomically as root:
```bash

2
docs/platforms/mac/menu-bar.md
View File

@@ -40,7 +40,7 @@ read_when:
## Status row text (menu)
- While work is active: `<Session role> · <activity label>`
- Examples: `Main · exec: pnpm test`, `Other · read: apps/macos/Sources/Moltbot/AppState.swift`.
- Examples: `Main · exec: pnpm test`, `Other · read: apps/macos/Sources/OpenClaw/AppState.swift`.
- When idle: falls back to the health summary.
## Event ingestion

18
docs/platforms/mac/peekaboo.md
View File

@@ -1,28 +1,28 @@
---
summary: "PeekabooBridge integration for macOS UI automation"
read_when:
- Hosting PeekabooBridge in Moltbot.app
- Hosting PeekabooBridge in OpenClaw.app
- Integrating Peekaboo via Swift Package Manager
- Changing PeekabooBridge protocol/paths
---
# Peekaboo Bridge (macOS UI automation)
Moltbot can host **PeekabooBridge** as a local, permissionaware UI automation
OpenClaw can host **PeekabooBridge** as a local, permissionaware UI automation
broker. This lets the `peekaboo` CLI drive UI automation while reusing the
macOS apps TCC permissions.
## What this is (and isnt)
- **Host**: Moltbot.app can act as a PeekabooBridge host.
- **Client**: use the `peekaboo` CLI (no separate `moltbot ui ...` surface).
- **UI**: visual overlays stay in Peekaboo.app; Moltbot is a thin broker host.
- **Host**: OpenClaw.app can act as a PeekabooBridge host.
- **Client**: use the `peekaboo` CLI (no separate `openclaw ui ...` surface).
- **UI**: visual overlays stay in Peekaboo.app; OpenClaw is a thin broker host.
## Enable the bridge
In the macOS app:
- Settings → **Enable Peekaboo Bridge**
When enabled, Moltbot starts a local UNIX socket server. If disabled, the host
When enabled, OpenClaw starts a local UNIX socket server. If disabled, the host
is stopped and `peekaboo` will fall back to other available hosts.
## Client discovery order
@@ -31,7 +31,7 @@ Peekaboo clients typically try hosts in this order:
1. Peekaboo.app (full UX)
2. Claude.app (if installed)
3. Moltbot.app (thin broker)
3. OpenClaw.app (thin broker)
Use `peekaboo bridge status --verbose` to see which host is active and which
socket path is in use. You can override with:
@@ -43,7 +43,7 @@ export PEEKABOO_BRIDGE_SOCKET=/path/to/bridge.sock
## Security & permissions
- The bridge validates **caller code signatures**; an allowlist of TeamIDs is
enforced (Peekaboo host TeamID + Moltbot app TeamID).
enforced (Peekaboo host TeamID + OpenClaw app TeamID).
- Requests time out after ~10 seconds.
- If required permissions are missing, the bridge returns a clear error message
rather than launching System Settings.
@@ -58,5 +58,5 @@ If you need longer retention, recapture from the client.
- If `peekaboo` reports “bridge client is not authorized”, ensure the client is
properly signed or run the host with `PEEKABOO_ALLOW_UNSIGNED_SOCKET_CLIENTS=1`
in **debug** mode only.
- If no hosts are found, open one of the host apps (Peekaboo.app or Moltbot.app)
- If no hosts are found, open one of the host apps (Peekaboo.app or OpenClaw.app)
and confirm permissions are granted.

2
docs/platforms/mac/permissions.md
View File

@@ -12,7 +12,7 @@ app's code signature, bundle identifier, and on-disk path. If any of those chang
macOS treats the app as new and may drop or hide prompts.
## Requirements for stable permissions
- Same path: run the app from a fixed location (for Moltbot, `dist/Moltbot.app`).
- Same path: run the app from a fixed location (for OpenClaw, `dist/OpenClaw.app`).
- Same bundle identifier: changing the bundle ID creates a new permission identity.
- Signed app: unsigned or ad-hoc signed builds do not persist permissions.
- Consistent signature: use a real Apple Development or Developer ID certificate

36
docs/platforms/mac/release.md
View File

@@ -1,11 +1,11 @@
---
summary: "Moltbot macOS release checklist (Sparkle feed, packaging, signing)"
summary: "OpenClaw macOS release checklist (Sparkle feed, packaging, signing)"
read_when:
- Cutting or validating a Moltbot macOS release
- Cutting or validating a OpenClaw macOS release
- Updating the Sparkle appcast or feed assets
---
# Moltbot macOS release (Sparkle)
# OpenClaw macOS release (Sparkle)
This app now ships Sparkle auto-updates. Release builds must be Developer IDsigned, zipped, and published with a signed appcast entry.
@@ -13,10 +13,10 @@ This app now ships Sparkle auto-updates. Release builds must be Developer IDs
- Developer ID Application cert installed (example: `Developer ID Application: <Developer Name> (<TEAMID>)`).
- Sparkle private key path set in the environment as `SPARKLE_PRIVATE_KEY_FILE` (path to your Sparkle ed25519 private key; public key baked into Info.plist). If it is missing, check `~/.profile`.
- Notary credentials (keychain profile or API key) for `xcrun notarytool` if you want Gatekeeper-safe DMG/zip distribution.
- We use a Keychain profile named `moltbot-notary`, created from App Store Connect API key env vars in your shell profile:
- We use a Keychain profile named `openclaw-notary`, created from App Store Connect API key env vars in your shell profile:
- `APP_STORE_CONNECT_API_KEY_P8`, `APP_STORE_CONNECT_KEY_ID`, `APP_STORE_CONNECT_ISSUER_ID`
- `echo "$APP_STORE_CONNECT_API_KEY_P8" | sed 's/\\n/\n/g' > /tmp/moltbot-notary.p8`
- `xcrun notarytool store-credentials "moltbot-notary" --key /tmp/moltbot-notary.p8 --key-id "$APP_STORE_CONNECT_KEY_ID" --issuer "$APP_STORE_CONNECT_ISSUER_ID"`
- `echo "$APP_STORE_CONNECT_API_KEY_P8" | sed 's/\\n/\n/g' > /tmp/openclaw-notary.p8`
- `xcrun notarytool store-credentials "openclaw-notary" --key /tmp/openclaw-notary.p8 --key-id "$APP_STORE_CONNECT_KEY_ID" --issuer "$APP_STORE_CONNECT_ISSUER_ID"`
- `pnpm` deps installed (`pnpm install --config.node-linker=hoisted`).
- Sparkle tools are fetched automatically via SwiftPM at `apps/macos/.build/artifacts/sparkle/Sparkle/bin/` (`sign_update`, `generate_appcast`, etc.).
@@ -30,47 +30,47 @@ Notes:
# From repo root; set release IDs so Sparkle feed is enabled.
# APP_BUILD must be numeric + monotonic for Sparkle compare.
BUNDLE_ID=bot.molt.mac \
APP_VERSION=2026.1.29 \
APP_VERSION=2026.1.27-beta.1 \
APP_BUILD="$(git rev-list --count HEAD)" \
BUILD_CONFIG=release \
SIGN_IDENTITY="Developer ID Application: <Developer Name> (<TEAMID>)" \
scripts/package-mac-app.sh
# Zip for distribution (includes resource forks for Sparkle delta support)
ditto -c -k --sequesterRsrc --keepParent dist/Moltbot.app dist/Moltbot-2026.1.29.zip
ditto -c -k --sequesterRsrc --keepParent dist/OpenClaw.app dist/OpenClaw-2026.1.27-beta.1.zip
# Optional: also build a styled DMG for humans (drag to /Applications)
scripts/create-dmg.sh dist/Moltbot.app dist/Moltbot-2026.1.29.dmg
scripts/create-dmg.sh dist/OpenClaw.app dist/OpenClaw-2026.1.27-beta.1.dmg
# Recommended: build + notarize/staple zip + DMG
# First, create a keychain profile once:
# xcrun notarytool store-credentials "moltbot-notary" \
# xcrun notarytool store-credentials "openclaw-notary" \
# --apple-id "<apple-id>" --team-id "<team-id>" --password "<app-specific-password>"
NOTARIZE=1 NOTARYTOOL_PROFILE=moltbot-notary \
NOTARIZE=1 NOTARYTOOL_PROFILE=openclaw-notary \
BUNDLE_ID=bot.molt.mac \
APP_VERSION=2026.1.29 \
APP_VERSION=2026.1.27-beta.1 \
APP_BUILD="$(git rev-list --count HEAD)" \
BUILD_CONFIG=release \
SIGN_IDENTITY="Developer ID Application: <Developer Name> (<TEAMID>)" \
scripts/package-mac-dist.sh
# Optional: ship dSYM alongside the release
ditto -c -k --keepParent apps/macos/.build/release/Moltbot.app.dSYM dist/Moltbot-2026.1.29.dSYM.zip
ditto -c -k --keepParent apps/macos/.build/release/OpenClaw.app.dSYM dist/OpenClaw-2026.1.27-beta.1.dSYM.zip
```
## Appcast entry
Use the release note generator so Sparkle renders formatted HTML notes:
```bash
SPARKLE_PRIVATE_KEY_FILE=/path/to/ed25519-private-key scripts/make_appcast.sh dist/Moltbot-2026.1.29.zip https://raw.githubusercontent.com/moltbot/moltbot/main/appcast.xml
SPARKLE_PRIVATE_KEY_FILE=/path/to/ed25519-private-key scripts/make_appcast.sh dist/OpenClaw-2026.1.27-beta.1.zip https://raw.githubusercontent.com/openclaw/openclaw/main/appcast.xml
```
Generates HTML release notes from `CHANGELOG.md` (via [`scripts/changelog-to-html.sh`](https://github.com/moltbot/moltbot/blob/main/scripts/changelog-to-html.sh)) and embeds them in the appcast entry.
Generates HTML release notes from `CHANGELOG.md` (via [`scripts/changelog-to-html.sh`](https://github.com/openclaw/openclaw/blob/main/scripts/changelog-to-html.sh)) and embeds them in the appcast entry.
Commit the updated `appcast.xml` alongside the release assets (zip + dSYM) when publishing.
## Publish & verify
- Upload `Moltbot-2026.1.29.zip` (and `Moltbot-2026.1.29.dSYM.zip`) to the GitHub release for tag `v2026.1.29`.
- Ensure the raw appcast URL matches the baked feed: `https://raw.githubusercontent.com/moltbot/moltbot/main/appcast.xml`.
- Upload `OpenClaw-2026.1.27-beta.1.zip` (and `OpenClaw-2026.1.27-beta.1.dSYM.zip`) to the GitHub release for tag `v2026.1.27-beta.1`.
- Ensure the raw appcast URL matches the baked feed: `https://raw.githubusercontent.com/openclaw/openclaw/main/appcast.xml`.
- Sanity checks:
- `curl -I https://raw.githubusercontent.com/moltbot/moltbot/main/appcast.xml` returns 200.
- `curl -I https://raw.githubusercontent.com/openclaw/openclaw/main/appcast.xml` returns 200.
- `curl -I <enclosure url>` returns 200 after assets upload.
- On a previous public build, run “Check for Updates…” from the About tab and verify Sparkle installs the new build cleanly.

28
docs/platforms/mac/remote.md
View File

@@ -1,16 +1,16 @@
---
summary: "macOS app flow for controlling a remote Moltbot gateway over SSH"
summary: "macOS app flow for controlling a remote OpenClaw gateway over SSH"
read_when:
- Setting up or debugging remote mac control
---
# Remote Moltbot (macOS ⇄ remote host)
# Remote OpenClaw (macOS ⇄ remote host)
This flow lets the macOS app act as a full remote control for a Moltbot gateway running on another host (desktop/server). Its the apps **Remote over SSH** (remote run) feature. All features—health checks, Voice Wake forwarding, and Web Chat—reuse the same remote SSH configuration from *Settings → General*.
This flow lets the macOS app act as a full remote control for a OpenClaw gateway running on another host (desktop/server). Its the apps **Remote over SSH** (remote run) feature. All features—health checks, Voice Wake forwarding, and Web Chat—reuse the same remote SSH configuration from *Settings → General*.
## Modes
- **Local (this Mac)**: Everything runs on the laptop. No SSH involved.
- **Remote over SSH (default)**: Moltbot commands are executed on the remote host. The mac app opens an SSH connection with `-o BatchMode` plus your chosen identity/key and a local port-forward.
- **Remote over SSH (default)**: OpenClaw commands are executed on the remote host. The mac app opens an SSH connection with `-o BatchMode` plus your chosen identity/key and a local port-forward.
- **Remote direct (ws/wss)**: No SSH tunnel. The mac app connects to the gateway URL directly (for example, via Tailscale Serve or a public HTTPS reverse proxy).
## Remote transports
@@ -19,21 +19,21 @@ Remote mode supports two transports:
- **Direct (ws/wss)**: Connects straight to the gateway URL. The gateway sees the real client IP.
## Prereqs on the remote host
1) Install Node + pnpm and build/install the Moltbot CLI (`pnpm install && pnpm build && pnpm link --global`).
2) Ensure `moltbot` is on PATH for non-interactive shells (symlink into `/usr/local/bin` or `/opt/homebrew/bin` if needed).
1) Install Node + pnpm and build/install the OpenClaw CLI (`pnpm install && pnpm build && pnpm link --global`).
2) Ensure `openclaw` is on PATH for non-interactive shells (symlink into `/usr/local/bin` or `/opt/homebrew/bin` if needed).
3) Open SSH with key auth. We recommend **Tailscale** IPs for stable reachability off-LAN.
## macOS app setup
1) Open *Settings → General*.
2) Under **Moltbot runs**, pick **Remote over SSH** and set:
2) Under **OpenClaw runs**, pick **Remote over SSH** and set:
- **Transport**: **SSH tunnel** or **Direct (ws/wss)**.
- **SSH target**: `user@host` (optional `:port`).
- If the gateway is on the same LAN and advertises Bonjour, pick it from the discovered list to auto-fill this field.
- **Gateway URL** (Direct only): `wss://gateway.example.ts.net` (or `ws://...` for local/LAN).
- **Identity file** (advanced): path to your key.
- **Project root** (advanced): remote checkout path used for commands.
- **CLI path** (advanced): optional path to a runnable `moltbot` entrypoint/binary (auto-filled when advertised).
3) Hit **Test remote**. Success indicates the remote `moltbot status --json` runs correctly. Failures usually mean PATH/CLI issues; exit 127 means the CLI isnt found remotely.
- **CLI path** (advanced): optional path to a runnable `openclaw` entrypoint/binary (auto-filled when advertised).
3) Hit **Test remote**. Success indicates the remote `openclaw status --json` runs correctly. Failures usually mean PATH/CLI issues; exit 127 means the CLI isnt found remotely.
4) Health checks and Web Chat will now run through this SSH tunnel automatically.
## Web Chat
@@ -51,21 +51,21 @@ Remote mode supports two transports:
- See [Security](/gateway/security) and [Tailscale](/gateway/tailscale).
## WhatsApp login flow (remote)
- Run `moltbot channels login --verbose` **on the remote host**. Scan the QR with WhatsApp on your phone.
- Run `openclaw channels login --verbose` **on the remote host**. Scan the QR with WhatsApp on your phone.
- Re-run login on that host if auth expires. Health check will surface link problems.
## Troubleshooting
- **exit 127 / not found**: `moltbot` isnt on PATH for non-login shells. Add it to `/etc/paths`, your shell rc, or symlink into `/usr/local/bin`/`/opt/homebrew/bin`.
- **Health probe failed**: check SSH reachability, PATH, and that Baileys is logged in (`moltbot status --json`).
- **exit 127 / not found**: `openclaw` isnt on PATH for non-login shells. Add it to `/etc/paths`, your shell rc, or symlink into `/usr/local/bin`/`/opt/homebrew/bin`.
- **Health probe failed**: check SSH reachability, PATH, and that Baileys is logged in (`openclaw status --json`).
- **Web Chat stuck**: confirm the gateway is running on the remote host and the forwarded port matches the gateway WS port; the UI requires a healthy WS connection.
- **Node IP shows 127.0.0.1**: expected with the SSH tunnel. Switch **Transport** to **Direct (ws/wss)** if you want the gateway to see the real client IP.
- **Voice Wake**: trigger phrases are forwarded automatically in remote mode; no separate forwarder is needed.
## Notification sounds
Pick sounds per notification from scripts with `moltbot` and `node.invoke`, e.g.:
Pick sounds per notification from scripts with `openclaw` and `node.invoke`, e.g.:
```bash
moltbot nodes notify --node <id> --title "Ping" --body "Remote gateway ready" --sound Glass
openclaw nodes notify --node <id> --title "Ping" --body "Remote gateway ready" --sound Glass
```
There is no global “default sound” toggle in the app anymore; callers choose a sound (or none) per request.

14
docs/platforms/mac/signing.md
View File

@@ -5,13 +5,13 @@ read_when:
---
# mac signing (debug builds)
This app is usually built from [`scripts/package-mac-app.sh`](https://github.com/moltbot/moltbot/blob/main/scripts/package-mac-app.sh), which now:
This app is usually built from [`scripts/package-mac-app.sh`](https://github.com/openclaw/openclaw/blob/main/scripts/package-mac-app.sh), which now:
- sets a stable debug bundle identifier: `bot.molt.mac.debug`
- sets a stable debug bundle identifier: `ai.openclaw.mac.debug`
- writes the Info.plist with that bundle id (override via `BUNDLE_ID=...`)
- calls [`scripts/codesign-mac-app.sh`](https://github.com/moltbot/moltbot/blob/main/scripts/codesign-mac-app.sh) to sign the main binary and app bundle so macOS treats each rebuild as the same signed bundle and keeps TCC permissions (notifications, accessibility, screen recording, mic, speech). For stable permissions, use a real signing identity; ad-hoc is opt-in and fragile (see [macOS permissions](/platforms/mac/permissions)).
- calls [`scripts/codesign-mac-app.sh`](https://github.com/openclaw/openclaw/blob/main/scripts/codesign-mac-app.sh) to sign the main binary and app bundle so macOS treats each rebuild as the same signed bundle and keeps TCC permissions (notifications, accessibility, screen recording, mic, speech). For stable permissions, use a real signing identity; ad-hoc is opt-in and fragile (see [macOS permissions](/platforms/mac/permissions)).
- uses `CODESIGN_TIMESTAMP=auto` by default; it enables trusted timestamps for Developer ID signatures. Set `CODESIGN_TIMESTAMP=off` to skip timestamping (offline debug builds).
- inject build metadata into Info.plist: `MoltbotBuildTimestamp` (UTC) and `MoltbotGitCommit` (short hash) so the About pane can show build, git, and debug/release channel.
- inject build metadata into Info.plist: `OpenClawBuildTimestamp` (UTC) and `OpenClawGitCommit` (short hash) so the About pane can show build, git, and debug/release channel.
- **Packaging requires Node 22+**: the script runs TS builds and the Control UI build.
- reads `SIGN_IDENTITY` from the environment. Add `export SIGN_IDENTITY="Apple Development: Your Name (TEAMID)"` (or your Developer ID Application cert) to your shell rc to always sign with your cert. Ad-hoc signing requires explicit opt-in via `ALLOW_ADHOC_SIGNING=1` or `SIGN_IDENTITY="-"` (not recommended for permission testing).
- runs a Team ID audit after signing and fails if any Mach-O inside the app bundle is signed by a different Team ID. Set `SKIP_TEAM_ID_CHECK=1` to bypass.
@@ -33,11 +33,11 @@ When signing with `SIGN_IDENTITY="-"` (ad-hoc), the script automatically disable
## Build metadata for About
`package-mac-app.sh` stamps the bundle with:
- `MoltbotBuildTimestamp`: ISO8601 UTC at package time
- `MoltbotGitCommit`: short git hash (or `unknown` if unavailable)
- `OpenClawBuildTimestamp`: ISO8601 UTC at package time
- `OpenClawGitCommit`: short git hash (or `unknown` if unavailable)
The About tab reads these keys to show version, build date, git commit, and whether its a debug build (via `#if DEBUG`). Run the packager to refresh these values after code changes.
## Why
TCC permissions are tied to the bundle identifier *and* code signature. Unsigned debug builds with changing UUIDs were causing macOS to forget grants after each rebuild. Signing the binaries (adhoc by default) and keeping a fixed bundle id/path (`dist/Moltbot.app`) preserves the grants between builds, matching the VibeTunnel approach.
TCC permissions are tied to the bundle identifier *and* code signature. Unsigned debug builds with changing UUIDs were causing macOS to forget grants after each rebuild. Signing the binaries (adhoc by default) and keeping a fixed bundle id/path (`dist/OpenClaw.app`) preserves the grants between builds, matching the VibeTunnel approach.

8
docs/platforms/mac/skills.md
View File

@@ -6,21 +6,21 @@ read_when:
---
# Skills (macOS)
The macOS app surfaces Moltbot skills via the gateway; it does not parse skills locally.
The macOS app surfaces OpenClaw skills via the gateway; it does not parse skills locally.
## Data source
- `skills.status` (gateway) returns all skills plus eligibility and missing requirements
(including allowlist blocks for bundled skills).
- Requirements are derived from `metadata.moltbot.requires` in each `SKILL.md`.
- Requirements are derived from `metadata.openclaw.requires` in each `SKILL.md`.
## Install actions
- `metadata.moltbot.install` defines install options (brew/node/go/uv).
- `metadata.openclaw.install` defines install options (brew/node/go/uv).
- The app calls `skills.install` to run installers on the gateway host.
- The gateway surfaces only one preferred installer when multiple are provided
(brew when available, otherwise node manager from `skills.install`, default npm).
## Env/API keys
- The app stores keys in `~/.clawdbot/moltbot.json` under `skills.entries.<skillKey>`.
- The app stores keys in `~/.openclaw/openclaw.json` under `skills.entries.<skillKey>`.
- `skills.update` patches `enabled`, `apiKey`, and `env`.
## Remote mode

2
docs/platforms/mac/webchat.md
View File

@@ -18,7 +18,7 @@ agent (with a session switcher for other sessions).
- Manual: Lobster menu → “Open Chat”.
- Autoopen for testing:
```bash
dist/Moltbot.app/Contents/MacOS/Moltbot --webchat
dist/OpenClaw.app/Contents/MacOS/OpenClaw --webchat
```
- Logs: `./scripts/clawlog.sh` (subsystem `bot.molt`, category `WebChatSwiftUI`).

8
docs/platforms/mac/xpc.md
View File

@@ -1,11 +1,11 @@
---
summary: "macOS IPC architecture for Moltbot app, gateway node transport, and PeekabooBridge"
summary: "macOS IPC architecture for OpenClaw app, gateway node transport, and PeekabooBridge"
read_when:
- Editing IPC contracts or menu bar app IPC
---
# Moltbot macOS IPC architecture
# OpenClaw macOS IPC architecture
**Current model:** a local Unix socket connects the **node host service** to the **macOS app** for exec approvals + `system.run`. A `moltbot-mac` debug CLI exists for discovery/connect checks; agent actions still flow through the Gateway WebSocket and `node.invoke`. UI automation uses PeekabooBridge.
**Current model:** a local Unix socket connects the **node host service** to the **macOS app** for exec approvals + `system.run`. A `openclaw-mac` debug CLI exists for discovery/connect checks; agent actions still flow through the Gateway WebSocket and `node.invoke`. UI automation uses PeekabooBridge.
## Goals
- Single GUI app instance that owns all TCC-facing work (notifications, screen recording, mic, speech, AppleScript).
@@ -32,7 +32,7 @@ Agent -> Gateway -> Node Service (WS)
### PeekabooBridge (UI automation)
- UI automation uses a separate UNIX socket named `bridge.sock` and the PeekabooBridge JSON protocol.
- Host preference order (client-side): Peekaboo.app → Claude.app → Moltbot.app → local execution.
- Host preference order (client-side): Peekaboo.app → Claude.app → OpenClaw.app → local execution.
- Security: bridge hosts require an allowed TeamID; DEBUG-only same-UID escape hatch is guarded by `PEEKABOO_ALLOW_UNSIGNED_SOCKET_CLIENTS=1` (Peekaboo convention).
- See: [PeekabooBridge usage](/platforms/mac/peekaboo) for details.