Delivery-mode lookup was silently falling back to push on context errors,
causing poll-mode workspaces to never receive a2a_receive inbox rows.
lookupDeliveryMode now propagates context errors explicitly; the proxy
fails the delegation HTTP 503 (retryable) instead of silently misrouting.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Settings → Workspace Tokens crashed with HTTP 500 when no canvas node
was selected. The canvas passed "global" as a UUID column value → Postgres
invalid input syntax → 500. Token handlers now handle the sentinel.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Closes the gap between hermes#24 (uid-1000 fix) and hermes#26 which
adds the T4 host-root escalation leg AND a real boot-path assertion
in the CI t4-conformance gate (previously a tautology).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds the self-delegation-echo fix to the 2026-05-17 section.
_is_self_echo_row() predicate now skips a2a_receive rows where
source_id == workspace_id, breaking the infinite inbox self-echo loop.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds the poll-mode canvas user-message data-loss fix to the 2026-05-17
section. logA2AReceiveQueued only wrote to the in-memory queue, not
durable storage — the persist call now runs before the poll-mode
short-circuit.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
docs#51 (which should merge first) adds the 2026-05-16 section.
docs#52 now contains only the 2026-05-17 OpenClaw template fixes
to avoid merge conflicts.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Covers openclaw#18 (unroutable model default coercion),
openclaw#14+#17 (Minimax + Kimi-For-Coding key routing),
and openclaw#16 (molecule A2A MCP server registration with OpenClaw).
Cross-links to the 2026-05-16 section for the Hermes + bearer-token
fixes documented in docs#51.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The hermes#23 bearer-token 401 was a two-part issue: workspace-side
CONFIGS_DIR fix (already documented) and platform-side token-injection
ownership fix (molecule-core#1327). Adds the platform-side fix to the
same 2026-05-16 entry.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Removes 2026-05-15 section (docs#49 is canonical) and
all 2026-05-14 entries that duplicate docs#49 (OFFSEC-006,
CWE-78, OFFSEC-003) and docs#45 (Canvas WCAG, OpenClaw,
CI improvements, handler coverage). Keeps only the 2026-05-16
section with unique Hermes MCP + Files API + Scripts CI content.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds CWE-78 (expandWithEnv POSIX-identifier guard regression),
OFFSEC-003 workspace-side A2A boundary marker escaping,
OpenClaw template models config fix, CI infrastructure improvements,
and handler test coverage additions from docs#45 — consolidating
all 2026-05-14 content into docs#51 so docs#45 can be closed.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The set -f clause was not part of the actual fix (validate_slug()
RFC-1123 regex only). Technical-writer review identified the
inaccuracy. Removes the clause per docs#51 REQUEST_CHANGES.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
molecule-ai-workspace-template-hermes#23: CONFIGS_DIR fix so molecule
MCP server finds the bearer token at /configs/.auth_token.
🤖 Generated by Documentation Specialist cross-repo PR watch.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
documentation-specialist
Molecule AI App & Docs Lead