diff --git a/.openclaw-sync/source.json b/.openclaw-sync/source.json index 8acb228dc..9550422d1 100644 --- a/.openclaw-sync/source.json +++ b/.openclaw-sync/source.json @@ -1,5 +1,5 @@ { "repository": "openclaw/openclaw", - "sha": "b85cf280c7ac797fcf48fcd81af8fb66e7695a01", - "syncedAt": "2026-04-29T08:08:30.961Z" + "sha": "72cf700fbf74dd56d4c5e6b94dd80104841b2148", + "syncedAt": "2026-04-29T08:12:01.512Z" } diff --git a/docs/ci.md b/docs/ci.md index 28d46dc3e..b74cfe205 100644 --- a/docs/ci.md +++ b/docs/ci.md @@ -8,6 +8,8 @@ read_when: The CI runs on every push to `main` and every pull request. It uses smart scoping to skip expensive jobs when only unrelated areas changed. Manual `workflow_dispatch` runs intentionally bypass smart scoping and fan out the full normal CI graph for release candidates or broad validation, with Android lanes opt-in through `include_android` for standalone manual runs. Release-only plugin prerelease lanes live in the separate `Plugin Prerelease` workflow and run only from `Full Release Validation` or an explicit manual dispatch. +The `check-dependencies` shard runs `pnpm deadcode:dependencies`, a production Knip dependency-only pass pinned to the latest Knip version used by that script, with pnpm's minimum release age disabled for the `dlx` install. It gates newly unused, unlisted, unresolved, binary, or catalog dependencies without enabling Knip's full unused-file mode, which remains a manual audit because OpenClaw intentionally loads many plugin and runtime surfaces through manifests and string specifiers. + `Full Release Validation` is the manual umbrella workflow for "run everything before release." It accepts a branch, tag, or full commit SHA, dispatches the manual `CI` workflow with that target, dispatches `Plugin Prerelease` for