chore(deps-dev): bump openclaw from 2026.3.24 to 2026.6.11#53
chore(deps-dev): bump openclaw from 2026.3.24 to 2026.6.11#53dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [openclaw](https://github.com/openclaw/openclaw) from 2026.3.24 to 2026.6.11. - [Release notes](https://github.com/openclaw/openclaw/releases) - [Commits](openclaw/openclaw@v2026.3.24...v2026.6.11) --- updated-dependencies: - dependency-name: openclaw dependency-version: 2026.6.11 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
evaOS review status: completedPR: #53 - chore(deps-dev): bump openclaw from 2026.3.24 to 2026.6.11 evaOS review completed for this PR head. Automation note: agents should wait for this comment to reach PR URL: #53 Review URL: #53 (review) |
There was a problem hiding this comment.
Walkthrough
PR: #53 - chore(deps-dev): bump openclaw from 2026.3.24 to 2026.6.11
Head: 1c1b86f16f8feaf852ac58d445d104e50829b614 into main. Review event: COMMENT.
Estimated review effort: 5/5 (~52 min)
Changed Files
| File | Status | Churn | Purpose | Risk |
|---|---|---|---|---|
package-lock.json |
modified | +1249/-4747 | Configuration | Elevated: large change |
Review Signal
No validated inline findings.
Dropped findings before posting: 0. High-severity findings: 0.
Risk Taxonomy
No finding categories.
Validation and Proof
1 required validation/proof recommendation(s) selected from changed files.
- required: TypeScript/web build or CI proof - Runtime TypeScript/web files or package/config files changed. Proof: npm run build; typecheck; focused Vitest; green GitHub check.
Proof status: missing - 1 required validation/proof recommendation(s) missing from PR metadata.
Profile validation hints: Call out tool permission widening, prompt injection, and stale context risks.
Profile proof expectations: Look for focused plugin contract or tool-call evidence.
Related Context
Related issues/PRs: #58993, #89172, #53798, #89911, #89949, #86034, #90475, #92154.
Suggested labels: none.
Suggested reviewers: none from current metadata.
Pre-merge checklist
- Inline comments target current RIGHT-side diff lines.
- No secret-like content survived into posted inline comments.
- REQUEST_CHANGES is only used when eligible P0/P1 findings survive validation.
- Required behavior proof is present or not applicable.
- Labels and reviewers are suggestions only; the bot did not auto-apply them.
Bumps openclaw from 2026.3.24 to 2026.6.11.
Release notes
Sourced from openclaw's releases.
... (truncated)
Commits
e085fa1ci(release): stabilize anthropic live smoke selectioncf64cf7test(qa): make memory channel scenario wait for final answer848c4e6test(qa): accept crabline multi-channel capabilitiesd377c0ffix(release): use workspace host deps in release lockfile9b703d0test(qa): accept async image fixture coverage5f4fa97test(codex): harden run-attempt temp cleanup65e4b0achore(release): prepare 2026.6.114e8ddf7ci: bump ClawHub package publish workflow (#97909)9c154ffci(release): restore plugin npm token env866fc34ci(release): restore trusted plugin npm publishingInstall script changes
This version adds
preinstall,postinstallscripts and modifiespreparescript that run during installation. Review the package contents before updating.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)