Skip to content

Commit c438b0e

Browse files
authored
docs: prepare v0.0.74 release notes (NVIDIA#6274)
<!-- markdownlint-disable MD041 --> ## Summary This PR prepares the user-facing documentation for v0.0.74 before the release plan is frozen. It expands the release notes across the 56-commit train and closes durable documentation gaps found during the pre-tag commit scan. ## Changes - Expand the `v0.0.74` release notes to cover OpenShell 0.0.72, managed MCP, progressive tool disclosure, LangChain Deep Agents Code, onboarding, local inference, messaging, recovery, and contributor workflows. - Correct the `destroy` contract for retained per-name volumes, gateway-unreachable `--force` cleanup, managed MCP ownership, and same-name recovery. - Document separate remediation for an unreachable container DNS resolver versus one that answers with `NXDOMAIN` or `REFUSED`. - Document the Windows on Arm N1X automatic Ollama safeguard and its remaining large-model limitations. - State that messaging conflicts abort rebuild before backup or deletion, leaving the original sandbox intact. - Link the agent-runnable value benchmark from the contributor task index. - Synchronize generated agent command variants. - Validate with `npm run docs:sync-agent-variants` and `npm run docs`; Fern completed with 0 errors and 2 existing warnings. - Source summary: - [NVIDIA#6020](NVIDIA#6020) and [NVIDIA#5876](NVIDIA#5876) -> `docs/about/release-notes.mdx`: Consolidate the OpenShell 0.0.72 policy boundary and managed MCP lifecycle. - [NVIDIA#6251](NVIDIA#6251) and [NVIDIA#5989](NVIDIA#5989) -> `docs/about/release-notes.mdx`: Summarize progressive tool disclosure and sandbox-first inference controls. - [NVIDIA#6232](NVIDIA#6232), [NVIDIA#6082](NVIDIA#6082), [NVIDIA#6219](NVIDIA#6219), [NVIDIA#6214](NVIDIA#6214), [NVIDIA#6215](NVIDIA#6215), [NVIDIA#6230](NVIDIA#6230), and [NVIDIA#6260](NVIDIA#6260) -> `docs/about/release-notes.mdx`: Summarize the experimental LangChain Deep Agents Code status, secret, version, rebuild, snapshot, and MCP boundaries. - [NVIDIA#6166](NVIDIA#6166), [NVIDIA#6254](NVIDIA#6254), [NVIDIA#6265](NVIDIA#6265), [NVIDIA#6164](NVIDIA#6164), and [NVIDIA#6017](NVIDIA#6017) -> `docs/about/release-notes.mdx`: Summarize BuildKit prebuild, validated image reuse, bounded readiness, and preflight improvements. - [NVIDIA#6150](NVIDIA#6150) -> `docs/about/release-notes.mdx` and `docs/reference/troubleshooting.mdx`: Separate unreachable-resolver remediation from reachable-but-rejected DNS responses. - [NVIDIA#6234](NVIDIA#6234) -> `docs/about/release-notes.mdx`, `docs/inference/use-local-inference.mdx`, and `docs/get-started/windows-preparation.mdx`: Document N1X automatic 9B selection and the remaining explicit-large-model boundary. - [NVIDIA#6129](NVIDIA#6129), [NVIDIA#5987](NVIDIA#5987), [NVIDIA#5955](NVIDIA#5955), and [NVIDIA#6220](NVIDIA#6220) -> `docs/about/release-notes.mdx`, `docs/manage-sandboxes/messaging-channels.mdx`, `docs/reference/commands.mdx`, and `docs/reference/commands-nemohermes.mdx`: Document messaging policy persistence, status, and the pre-destructive conflict check. - [NVIDIA#5963](NVIDIA#5963), [NVIDIA#6050](NVIDIA#6050), [NVIDIA#6094](NVIDIA#6094), [NVIDIA#6238](NVIDIA#6238), [NVIDIA#5988](NVIDIA#5988), [NVIDIA#6235](NVIDIA#6235), [NVIDIA#6181](NVIDIA#6181), and [NVIDIA#5986](NVIDIA#5986) -> `docs/about/release-notes.mdx`, `docs/reference/commands.mdx`, and `docs/reference/commands-nemohermes.mdx`: Summarize day-two recovery and clarify retained-volume and local-only destroy semantics. - [NVIDIA#6200](NVIDIA#6200), [NVIDIA#6248](NVIDIA#6248), [NVIDIA#6168](NVIDIA#6168), [NVIDIA#6270](NVIDIA#6270), and [NVIDIA#5649](NVIDIA#5649) -> `docs/about/release-notes.mdx` and `CONTRIBUTING.md`: Summarize contributor setup and verification improvements and expose the advisory value benchmark. ## Type of Change - [ ] Code change (feature, bug fix, or refactor) - [ ] Code change with doc updates - [ ] Doc only (prose changes, no code sample modifications) - [x] Doc only (includes code sample changes) ## Quality Gates <!-- Check exactly one tests line and one docs line. Check other lines when applicable. Add every requested justification or approval reference. --> - [ ] Tests added or updated for changed behavior - [ ] Existing tests cover changed behavior — justification: - [x] Tests not applicable — justification: documentation-only release preparation; generated-variant synchronization and the Fern docs build validate the changed pages and routes. - [x] Docs updated for user-facing behavior changes - [ ] Docs not applicable — justification: - [ ] Sensitive paths changed (security, policy, credentials, preflight, onboarding, inference, runner, sandbox, or messaging) - [ ] Sensitive-path review completed or maintainer-approved waiver recorded — reviewer/approval link/justification: - [ ] Non-success, skipped, or missing CI check accepted by maintainer — check name, approval link, and follow-up issue: ## Verification <!-- Check each applicable item only when supported by the requested evidence. Run targeted tests once per relevant change set and rerun after later edits or hook autofixes that can affect the tested behavior. Do not rerun hook-covered checks. --> - [x] PR description includes the DCO sign-off declaration and every commit appears as `Verified` in GitHub - [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or `npm run check:diff` passed when hooks were skipped or unavailable - [x] Targeted behavior tests pass for the current change set, or tests are marked not applicable above — command/result or justification: tests are not applicable to this documentation-only change; `npm run docs` validates the source and generated routes. - [ ] Applicable broad gate passed — `npm test` for broad runtime/test-harness changes; `npm run check` for repo-wide validation/coverage changes — command/result: - [x] Quality Gates section completed with required justifications or waivers - [x] No secrets, API keys, or credentials committed - [ ] `npm run docs` builds without warnings (doc changes only) - [x] Doc pages follow the [style guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md) (doc changes only) - [ ] New doc pages include SPDX header and frontmatter (new pages only) --- <!-- DCO sign-off is required in this PR description, and every commit must appear as Verified in GitHub. Run: git config user.name && git config user.email --> Signed-off-by: Aaron Erickson <aerickson@nvidia.com> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Expanded setup guidance for Windows on Arm devices with safer default local model selection. * Clarified local inference and sandbox messaging behavior, including conflict checks before rebuilds and safer recovery steps. * Updated destroy/rebuild/reference docs with more detailed warnings, failure handling, and volume-retention guidance. * Improved troubleshooting instructions for Docker DNS issues with clearer paths for unreachable vs. blocked resolvers. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Signed-off-by: Aaron Erickson <aerickson@nvidia.com>
1 parent f1466a2 commit c438b0e

8 files changed

Lines changed: 71 additions & 11 deletions

File tree

CONTRIBUTING.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -178,6 +178,7 @@ These are the primary npm scripts for day-to-day development:
178178
| `npm run test:integration` | Clean-build the CLI and run root integration and installer tests |
179179
| `npm run test:package` | Clean-build CLI/plugin artifacts and run compiled-package contracts |
180180
| `npm run test:live-e2e` | Opt into live E2E scenarios (mutates real external state) |
181+
| [`npm run bench`](scripts/bench/README.md) | Run the advisory inference and trace-backed value benchmark |
181182
| `cd nemoclaw && npm test` | Run plugin unit tests (Vitest) |
182183
| `npm run docs` | Validate Fern documentation with the pinned Fern CLI version |
183184
| `npm run docs:live` | Serve Fern docs locally with auto-rebuild |

docs/about/release-notes.mdx

Lines changed: 26 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -18,13 +18,34 @@ For more detailed release notes, refer to the [NemoClaw GitHub announcements](ht
1818

1919
## v0.0.74
2020

21-
NemoClaw v0.0.74 advances to OpenShell `0.0.72` and adopts its safe policy round-trip boundary:
21+
NemoClaw v0.0.74 upgrades the OpenShell policy boundary, adds managed MCP and progressive tool disclosure, strengthens the experimental LangChain Deep Agents Code integration, and improves onboarding, local inference, messaging, recovery, and contributor workflows.
2222

23-
- Stable installs pin OpenShell `0.0.72` release artifacts and supervisor image, adding MCP Streamable HTTP and JSON-RPC request-policy enforcement.
24-
- Policy mutations now read the round-trippable base policy instead of the effective policy, preventing provider-composed `_provider_*` entries from being sent back through `policy set` while preserving existing MCP rules.
23+
- Stable installs pin OpenShell `0.0.72` release artifacts and the supervisor image, adding MCP Streamable HTTP and JSON-RPC request-policy enforcement.
24+
Policy mutations read the round-trippable base policy instead of the effective policy, which preserves existing MCP rules without sending provider-composed `_provider_*` entries back through `policy set`.
2525
For more information, refer to [OpenShell 0.0.72 Compatibility Review](../security/openshell-0.0.72-compatibility-review) and [Customize the Network Policy](../network-policy/customize-network-policy).
26-
- Managed MCP commands now add, list, inspect, rotate, restart, and remove authenticated HTTPS Streamable HTTP servers for OpenClaw, Hermes, and LangChain Deep Agents Code through native OpenShell policy enforcement and provider-backed credential replacement.
27-
For more information, refer to [Set Up MCP Servers](../manage-sandboxes/set-up-mcp-servers) and the [accepted architecture decision](https://github.com/NVIDIA/NemoClaw/issues/566#issuecomment-4847534784).
26+
- Managed MCP commands use `add`, `list`, `status`, `restart`, and `remove` to manage authenticated HTTPS Streamable HTTP servers for OpenClaw, Hermes, and experimental LangChain Deep Agents Code through native OpenShell policy enforcement and provider-backed credential replacement.
27+
The LangChain Deep Agents Code rebuild path validates the recorded gateway, route, image, staged build context, and prepared replacement inputs before deleting the previous sandbox, then restores managed MCP state after the recreated runtime is ready.
28+
For more information, refer to [Set Up MCP Servers](../manage-sandboxes/set-up-mcp-servers), [Quickstart with LangChain Deep Agents Code](../../openclaw/get-started/quickstart-langchain-deepagents-code), and the [accepted architecture decision](https://github.com/NVIDIA/NemoClaw/issues/566#issuecomment-4847534784).
29+
- New sandboxes default to progressive tool disclosure across OpenClaw, Hermes, and LangChain Deep Agents Code, while `--tool-disclosure direct` restores the full visible catalog.
30+
The selected mode persists through resume and transactional rebuilds, and model-specific compatibility safeguards can keep an incompatible model on direct disclosure.
31+
Sandbox-first `inference get` and `inference set` commands now provide the same route controls as their global forms.
32+
For more information, refer to [Tool Calling Reliability](../inference/tool-calling-reliability), [Model Capability Audit](../inference/model-capability-audit), and [NemoClaw CLI Commands Reference](../reference/commands).
33+
- LangChain Deep Agents Code now provides managed `status`, `whoami`, and `identity` commands without launching the interactive UI, validates the installed agent version during onboarding, and keeps credential-shaped or tracing configuration out of persisted runtime metadata.
34+
Its rebuild path validates recreation before destructive handoff and preserves the managed proxy, tool-disclosure, and MCP boundaries.
35+
For more information, refer to [Quickstart with LangChain Deep Agents Code](../../openclaw/get-started/quickstart-langchain-deepagents-code), [NemoClaw CLI Commands Reference](../reference/commands), and [Security Best Practices](../security/best-practices).
36+
- Onboarding uses BuildKit prebuilds with bounded progress heartbeats, reuses validated release and source-commit sandbox images, and rejects stale or incompatible image contracts before sandbox creation.
37+
Readiness handling tolerates a bounded run of transient OpenShell `Error` phases, while preflight output distinguishes an unreachable container DNS resolver from one that answers but rejects the query.
38+
On Windows on Arm N1X systems, automatic Local Ollama setup treats the integrated GPU as compute-constrained and selects `qwen3.5:9b` instead of the 30B and 35B starter models.
39+
For more information, refer to [NemoClaw CLI Commands Reference](../reference/commands), [Install OpenClaw Plugins](../deployment/install-openclaw-plugins), [Use a Local Inference Server](../inference/use-local-inference), [Prepare Windows for NemoClaw](../get-started/windows-preparation), and [Troubleshooting](../reference/troubleshooting).
40+
- Messaging configuration now keeps channel policy ownership with the enabled channel, persists selected policy presets through onboarding and rebuilds, reports Telegram mention mode in channel status, and detects credential conflicts before a destructive rebuild starts.
41+
For more information, refer to [Messaging Channels](../manage-sandboxes/messaging-channels), [Customize the Network Policy](../network-policy/customize-network-policy), and [NemoClaw CLI Commands Reference](../reference/commands).
42+
- Day-two commands provide safer recovery and clearer automation behavior.
43+
`update --fresh` can reinstall the current version, and `destroy --force` can remove a local record when the OpenShell gateway is unavailable while warning that the sandbox and retained volume may still exist.
44+
Failed `exec` commands can surface recent policy-denial context, tunnel stop releases its gateway port, WSL keeps a usable loopback dashboard URL, and affected CLI user-error surfaces preserve a nonzero exit status.
45+
For more information, refer to [NemoClaw CLI Commands Reference](../reference/commands), [Troubleshooting](../reference/troubleshooting), and [NemoClaw Inference Options](../inference/inference-options).
46+
- Contributor workflows now provide idempotent one-command setup, read-only readiness checks, diff-scoped local verification, and validated Git signing configuration while preserving development dependencies during installation.
47+
The new agent-runnable value benchmark emits machine-readable and Markdown reports for inference latency and trace-backed sandbox startup without turning advisory timings into a release gate.
48+
For more information, refer to the [NemoClaw Contributor Guide](https://github.com/NVIDIA/NemoClaw/blob/main/CONTRIBUTING.md) and [NemoClaw Value Benchmark](https://github.com/NVIDIA/NemoClaw/blob/main/scripts/bench/README.md).
2849

2950
## v0.0.73
3051

docs/get-started/windows-preparation.mdx

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -166,6 +166,9 @@ If the installer offers express install on WSL, accepting it selects this Window
166166
When Ollama runs on the Windows host, NemoClaw detects it from WSL through `host.docker.internal` and pulls missing models through the Ollama HTTP API.
167167
Do not run both the Windows and WSL Ollama instances on port `11434` at the same time.
168168
Use one instance, or move one of them to a different port before running `$$nemoclaw onboard`.
169+
On Windows on Arm N1X systems with a Snapdragon X processor, let NemoClaw choose the Ollama starter model automatically.
170+
It selects the compute-constrained `qwen3.5:9b` path instead of recommending the 30B and 35B starter models.
171+
For the selection boundary and remaining N1X limitations, refer to [Use a Local Inference Server](../inference/use-local-inference).
169172

170173
## Next Step
171174

docs/inference/use-local-inference.mdx

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -191,6 +191,10 @@ The Ollama runner validates the choice itself.
191191
In interactive onboarding, registry-known installed tags that do not fit current GPU memory are filtered out of the installed-model menu.
192192
If none of the installed registry-known tags fit, NemoClaw shows the starter-model choices and warns when even the smallest bootstrap tag may not fit.
193193
After a selected model fails validation, NemoClaw excludes that tag from the next installed-model menu so pressing Enter cannot select the same failing model repeatedly.
194+
On Windows on Arm N1X systems with a Snapdragon X processor, NemoClaw treats the integrated GPU as compute-constrained even when its shared-memory total appears large enough for a bigger model.
195+
Automatic Ollama bootstrap selection omits `qwen3.6:35b` and `nemotron-3-nano:30b` and selects `qwen3.5:9b` instead.
196+
This is a model-selection safeguard only.
197+
It does not make 30B or 35B models usable on N1X, add a general refusal for an explicitly selected large model, or resolve the OpenClaw `1006` disconnect, embedded fallback, and model-timeout behavior tracked in [issue #3707](https://github.com/NVIDIA/NemoClaw/issues/3707).
194198
When Ollama reports a loaded-model context length below `16384` and `NEMOCLAW_CONTEXT_WINDOW` is unset, NemoClaw raises the baked `contextWindow` to `16384` so the agent prompt and tool definitions fit better than the stock daemon default.
195199
If the initial Ollama validation probe times out during a cold load, NemoClaw retries once with a 300-second probe budget.
196200
This applies beyond DGX Spark, including tight-VRAM dGPU hosts where warm-up can spill from GPU to CPU.

docs/manage-sandboxes/messaging-channels.mdx

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -369,6 +369,9 @@ For Slack, NemoClaw checks both the bot token and the Socket Mode app token so d
369369
For Microsoft Teams, NemoClaw also checks the local webhook port because active Teams sandboxes cannot share the same forwarded port.
370370
If NemoClaw only has legacy channel metadata and cannot compare credential hashes, it keeps the conservative warning.
371371
Re-run `channels add <channel>` with the intended token to refresh the stored non-secret hash.
372+
Before any rebuild, including one started by `channels add` or `channels start`, NemoClaw rechecks the staged messaging plan against other registered sandboxes.
373+
A credential or channel-resource conflict aborts before backup or deletion and leaves the original sandbox registered and intact.
374+
Resolve the conflict, then rerun the operation.
372375
`$$nemoclaw status` reports cross-sandbox overlaps so you can resolve duplicates before messages start dropping.
373376

374377
## Stop Messaging Delivery

docs/reference/commands-nemohermes.mdx

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -880,8 +880,10 @@ This removes the sandbox from the registry.
880880
For Ollama-backed sandboxes, `destroy` also asks Ollama to unload currently loaded models and clears stale auth proxy state on a best-effort basis.
881881

882882
<Warning>
883-
This command permanently deletes the sandbox **and its persistent volume**.
884-
All [workspace files](../manage-sandboxes/workspace-files) (SOUL.md, USER.md, IDENTITY.md, AGENTS.md, MEMORY.md, and daily memory notes) are lost.
883+
This command attempts to wipe the manifest-defined agent state while its persistent volume is mounted, then removes the sandbox.
884+
OpenShell can retain the per-name persistent volume after sandbox deletion.
885+
If the wipe cannot complete, onboarding with the same name can resurface old files.
886+
Do not rely on a retained volume as a backup.
885887
Back up your workspace first with `nemohermes <name> snapshot create` or refer to [Backup and Restore](../manage-sandboxes/backup-restore).
886888
If you want to upgrade the sandbox while preserving state, use `nemohermes <name> rebuild` instead.
887889
</Warning>
@@ -900,6 +902,12 @@ If hardening fails, the command refuses deletion and leaves the timer authority
900902
If deletion fails after hardening, the command keeps the surviving sandbox's locked shields state instead of cleaning it up as though deletion succeeded.
901903
By default, `destroy` preserves the shared NemoClaw gateway.
902904
Pass `--cleanup-gateway` to remove the shared gateway when destroying the last sandbox, or `--no-cleanup-gateway` to force preservation when environment defaults request cleanup.
905+
If the pre-delete workspace wipe cannot run, use a different sandbox name for a clean start.
906+
When this is the last sandbox, pass `--cleanup-gateway` to purge the shared cluster volume that retains the per-name persistent volume.
907+
If the OpenShell gateway is unreachable and the sandbox has no managed MCP ownership state, `--force` removes only NemoClaw's local registry entry and local artifacts.
908+
Gateway-side deletion remains unconfirmed, shared host-service and gateway teardown are skipped, and the sandbox and retained volume may still exist if the gateway returns.
909+
Start the gateway with `nemohermes <name> status` and retry destroy when you need a confirmed deletion.
910+
Managed MCP ownership disables the local-only fallback because exact provider cleanup requires the retained ownership state, and other delete failures remain fatal.
903911

904912
```bash
905913
nemohermes my-assistant destroy [--yes|-y|--force] [--cleanup-gateway|--no-cleanup-gateway]
@@ -1529,6 +1537,8 @@ Pass `--yes`, `-y`, or `--force` to skip the prompt in scripted workflows.
15291537
The sandbox must be running for the backup step to succeed.
15301538
If an archive command reports partial output while still producing usable data, `rebuild` keeps the captured backup entries and reports only the manifest-defined paths that could not be archived.
15311539
If any required state path still cannot be backed up, `rebuild` exits before destroying the original sandbox.
1540+
Before backup or deletion, rebuild checks the staged messaging configuration for credentials or channel resources already used by another registered sandbox.
1541+
A conflict aborts with the original sandbox registered and intact so you can resolve the conflict before retrying.
15321542
When rebuild starts with shields up, NemoClaw opens a 30-minute shields-down window for backup and recreation.
15331543
A detached auto-lock timer remains active until NemoClaw commits a successful shields-up state, so it can attempt to restore lockdown if the host rebuild process exits unexpectedly.
15341544

docs/reference/commands.mdx

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1194,8 +1194,10 @@ This removes the sandbox from the registry.
11941194
For Ollama-backed sandboxes, `destroy` also asks Ollama to unload currently loaded models and clears stale auth proxy state on a best-effort basis.
11951195

11961196
<Warning>
1197-
This command permanently deletes the sandbox **and its persistent volume**.
1198-
All [workspace files](../manage-sandboxes/workspace-files) (SOUL.md, USER.md, IDENTITY.md, AGENTS.md, MEMORY.md, and daily memory notes) are lost.
1197+
This command attempts to wipe the manifest-defined agent state while its persistent volume is mounted, then removes the sandbox.
1198+
OpenShell can retain the per-name persistent volume after sandbox deletion.
1199+
If the wipe cannot complete, onboarding with the same name can resurface old files.
1200+
Do not rely on a retained volume as a backup.
11991201
Back up your workspace first with `$$nemoclaw <name> snapshot create` or refer to [Backup and Restore](../manage-sandboxes/backup-restore).
12001202
If you want to upgrade the sandbox while preserving state, use `$$nemoclaw <name> rebuild` instead.
12011203
</Warning>
@@ -1218,6 +1220,12 @@ If hardening fails, the command refuses deletion and leaves the timer authority
12181220
If deletion fails after hardening, the command keeps the surviving sandbox's locked shields state instead of cleaning it up as though deletion succeeded.
12191221
By default, `destroy` preserves the shared NemoClaw gateway.
12201222
Pass `--cleanup-gateway` to remove the shared gateway when destroying the last sandbox, or `--no-cleanup-gateway` to force preservation when environment defaults request cleanup.
1223+
If the pre-delete workspace wipe cannot run, use a different sandbox name for a clean start.
1224+
When this is the last sandbox, pass `--cleanup-gateway` to purge the shared cluster volume that retains the per-name persistent volume.
1225+
If the OpenShell gateway is unreachable and the sandbox has no managed MCP ownership state, `--force` removes only NemoClaw's local registry entry and local artifacts.
1226+
Gateway-side deletion remains unconfirmed, shared host-service and gateway teardown are skipped, and the sandbox and retained volume may still exist if the gateway returns.
1227+
Start the gateway with `$$nemoclaw <name> status` and retry destroy when you need a confirmed deletion.
1228+
Managed MCP ownership disables the local-only fallback because exact provider cleanup requires the retained ownership state, and other delete failures remain fatal.
12211229

12221230
```bash
12231231
$$nemoclaw my-assistant destroy [--yes|-y|--force] [--cleanup-gateway|--no-cleanup-gateway]
@@ -1915,6 +1923,8 @@ Pass `--yes`, `-y`, or `--force` to skip the prompt in scripted workflows.
19151923
The sandbox must be running for the backup step to succeed.
19161924
If an archive command reports partial output while still producing usable data, `rebuild` keeps the captured backup entries and reports only the manifest-defined paths that could not be archived.
19171925
If any required state path still cannot be backed up, `rebuild` exits before destroying the original sandbox.
1926+
Before backup or deletion, rebuild checks the staged messaging configuration for credentials or channel resources already used by another registered sandbox.
1927+
A conflict aborts with the original sandbox registered and intact so you can resolve the conflict before retrying.
19181928
When rebuild starts with shields up, NemoClaw opens a 30-minute shields-down window for backup and recreation.
19191929
A detached auto-lock timer remains active until NemoClaw commits a successful shields-up state, so it can attempt to restore lockdown if the host rebuild process exits unexpectedly.
19201930

docs/reference/troubleshooting.mdx

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -185,7 +185,15 @@ Some corporate networks block outbound UDP port 53 to public DNS servers and for
185185

186186
NemoClaw's preflight runs a short `docker run --rm busybox nslookup nemoclaw-dns-probe-<random>.invalid` probe before starting the sandbox build. The fresh `.invalid` name should return NXDOMAIN through a working resolver, so cached answers cannot hide blocked DNS egress. When the probe confirms a DNS failure, onboarding stops with platform-specific remediation instead of hanging for ~15 minutes and printing a cryptic `Exit handler never called`.
187187

188-
The fix depends on your platform and runtime. Pick the matching path from the preflight output, apply it, then re-run `$$nemoclaw onboard`.
188+
Use the preflight headline to choose the recovery path:
189+
190+
- If no DNS servers could be reached, Docker could not reach its configured resolver.
191+
Follow the platform-specific UDP port 53 and Docker DNS steps below.
192+
- If the DNS server was reachable but rejected the query with `NXDOMAIN` or `REFUSED`, the resolver answered, so the UDP port 53 fix is not relevant.
193+
Check the resolver used by Docker, such as dnsmasq, Pi-hole, unbound, or systemd-resolved, and remove any forwarding rule, blocklist entry, or ACL that rejects `registry.npmjs.org`.
194+
If needed, configure Docker to use an organization-approved resolver that can resolve public names, restart Docker, and retry onboarding.
195+
196+
For an unreachable resolver, pick the matching platform path below, apply it, then re-run `$$nemoclaw onboard`.
189197

190198
- **Linux with systemd-resolved.** Add a `DNSStubListenerExtra` drop-in pointing at the docker bridge gateway IP (the preflight prints the detected IP), then add the same IP to `/etc/docker/daemon.json` under `dns`. Restart `systemd-resolved` and `docker`.
191199
- **macOS with Colima.** Restart Colima with the corporate DNS address, for example `colima stop && colima start --dns <corp-dns-ip>`.
@@ -195,7 +203,7 @@ The fix depends on your platform and runtime. Pick the matching path from the pr
195203
Verify the fix worked:
196204

197205
```bash
198-
docker run --rm busybox nslookup example.com
206+
docker run --rm busybox nslookup registry.npmjs.org
199207
```
200208

201209
When the lookup returns an answer, retry onboarding.

0 commit comments

Comments
 (0)