PR #78624: Fix cron default model inheritance

• Repository: openclaw/openclaw
• Author: kevinslin
• State: closed | merged: False
• Link: https://github.com/openclaw/openclaw/pull/78624

Description (problem / solution / changelog)

Summary

• Treat cron payload model values that mean "inherit" (default, null, blank, or omitted) as unset before isolated cron model resolution.
• Keep fallback-policy strictness aligned so only a real cron payload model override suppresses fallback inheritance.
• Document the unset payload model contract in the cron guide and CLI reference, and add a changelog entry for #78549.
• Update the root basic-ftp override to 5.3.1 so the production dependency audit no longer includes the vulnerable 5.3.0 build.

Fixes #78549.

Real behavior proof

• Behavior or issue addressed: Cron jobs with payload.model set to default should inherit the configured agent/default model instead of being resolved as provider minimax-portal/default and rejected by the cron model allowlist.
• Real environment tested: Fresh OpenClaw integration Gateway workspace cron-default-fixed-local-78549, Gateway port 59337, with an isolated cron job using payload.model=default and an intentionally unreachable local Ollama-compatible default model endpoint.
• Exact steps or command run after this patch: Ran the fixed integration proof script node .mem/main/proofs/78549_fixed_summary.mjs after applying the patch. The script summarizes a real Gateway cron run created and executed in the integration workspace.
• Evidence after fix: Copied terminal output from the fixed Showboat proof:

workspace=cron-default-fixed-local-78549
port=59337
payload.model=default
status=skipped
diagnostic.source=model-preflight
provider=ollama
model=no-server
old_rejection_present=false

• Observed result after fix: The cron run no longer fails in cron-preflight with cron payload.model 'default' rejected by agents.defaults.models allowlist: minimax-portal/default. It inherits the configured default model and reaches model-preflight for provider ollama model no-server, where the deliberately unreachable local endpoint produces the expected skipped result.
• What was not tested: No known gaps for this bug. The broad docs gate still reports unrelated pre-existing markdownlint issues outside the touched docs.

Verification

• pnpm test src/cron/isolated-agent.model-formatting.test.ts src/cron/isolated-agent/run-fallback-policy.test.ts
• pnpm test src/cron/isolated-agent/run.skill-filter.test.ts
• pnpm exec oxfmt --check --threads=1 CHANGELOG.md docs/automation/cron-jobs.md docs/cli/cron.md src/cron/model-override.ts src/cron/isolated-agent/model-selection.ts src/cron/isolated-agent/run-fallback-policy.ts src/cron/isolated-agent.model-formatting.test.ts src/cron/isolated-agent/run-fallback-policy.test.ts
• git diff --check
• pnpm changed:lanes --json
• node scripts/pre-commit/pnpm-audit-prod.mjs --audit-level=high
• pnpm why basic-ftp --prod --recursive shows [email protected]
• Showboat repro: .mem/main/proofs/78549-cron-default-model-repro.md
• Showboat fixed proof: .mem/main/proofs/78549-cron-default-model-fixed.md

pnpm check:docs currently fails on existing markdownlint issues outside this change (docs/research/2026-03-29-research-app-server-app-invocation-migration.md and docs/specs/codex-v2.md) plus longstanding CHANGELOG.md lint debt; the touched docs were formatted cleanly by format:docs:check before lint reached the unrelated failures.

Changed files

• CHANGELOG.md (modified, +2/-0)
• docs/automation/cron-jobs.md (modified, +2/-0)
• docs/cli/cron.md (modified, +2/-0)
• package.json (modified, +1/-1)
• pnpm-lock.yaml (modified, +6/-6)
• src/cron/isolated-agent.model-formatting.test.ts (modified, +22/-1)
• src/cron/isolated-agent/model-selection.ts (modified, +2/-1)
• src/cron/isolated-agent/run-fallback-policy.test.ts (modified, +26/-0)
• src/cron/isolated-agent/run-fallback-policy.ts (modified, +2/-2)
• src/cron/model-override.ts (added, +16/-0)

PR #78641: fix(cron): repair bad persisted model sentinels

• Repository: openclaw/openclaw
• Author: kevinslin
• State: closed | merged: True
• Link: https://github.com/openclaw/openclaw/pull/78641

Description (problem / solution / changelog)

Summary

• Repair persisted cron jobs whose payload.model is stored as "default", "null", blank, or JSON null by deleting the bad model override in openclaw doctor --fix.
• Keep cron runtime model validation strict: non-empty payload.model strings still resolve as explicit model refs and must pass agents.defaults.models.
• Add regression coverage plus cron/doctor docs and changelog entry.

Fixes #78549

Verification

• pnpm changed:lanes --json -> lanes: core, coreTests, docs
• pnpm check:docs -> passed
• pnpm exec oxfmt --check --threads=1 src/commands/doctor-cron-store-migration.ts src/commands/doctor-cron.ts src/commands/doctor-cron-store-migration.test.ts src/commands/doctor-cron.test.ts docs/cli/cron.md docs/automation/cron-jobs.md docs/gateway/doctor.md CHANGELOG.md -> passed
• git diff --check -> passed
• uvx showboat verify /Users/kevinlin/code/openclaw/.mem/main/proofs/78549-cron-model-doctor-fixed.md -> passed
• pnpm check:changed -> blocked in local worktree by incomplete dependency install: git-hosted @openclaw/[email protected] failed normal pnpm install prepack twice, and the fallback --ignore-scripts install leaves @openclaw/fs-safe/* exports without built dist files.
• pnpm test:changed -> blocked before test collection by the same missing @openclaw/fs-safe/config export.

Real behavior proof

• Behavior or issue addressed: Cron jobs with persisted payload.model sentinels such as "default", "null", blank strings, or JSON null can fail cron preflight as explicit model overrides. This patch gives openclaw doctor --fix a repair path for those bad stored cron configs without supporting default/null runtime fallback aliases.
• Real environment tested: Local OpenClaw dev checkout with an isolated dev workspace rooted at /Users/kevinlin/code/openclaw/.mem/integ/tmp/doctor-cron-model-sentinel-78549, running the patched CLI from a detached worktree at commit c6a5e2526b86a18ab2233dbb4c9cc8b009a6d8a6.
• Exact steps or command run after this patch: Seeded state/cron/jobs.json with two bad persisted cron job payload models ("default" and "null") plus one valid real model ("minimax-portal/MiniMax-M2.7"), then ran openclaw doctor --fix --yes --non-interactive through node --import tsx src/entry.ts doctor --fix --yes --non-interactive with OPENCLAW_STATE_DIR pointed at that isolated dev workspace.
• Evidence after fix: Copied terminal output from the real doctor command and the before/after cron job state:

BEFORE
bad-default payload.model=default
bad-string-null payload.model=null
valid-real-model payload.model=minimax-portal/MiniMax-M2.7

$ env HOME=... OPENCLAW_STATE_DIR=... OPENCLAW_SKIP_CRON=1 OPENCLAW_SKIP_CHANNELS=1 node --import tsx src/entry.ts doctor --fix --yes --non-interactive
Legacy cron job storage detected at /Users/kevinlin/code/openclaw/.mem/integ/tmp/doctor-cron-model-sentinel-78549/state/cron/jobs.json
- 2 jobs store an invalid cron payload model inheritance sentinel
Cron store normalized at /Users/kevinlin/code/openclaw/.mem/integ/tmp/doctor-cron-model-sentinel-78549/state/cron/jobs.json.

AFTER
bad-default payload.model=<missing>
bad-string-null payload.model=<missing>
valid-real-model payload.model=minimax-portal/MiniMax-M2.7

• Observed result after fix: openclaw doctor --fix removed the bad payload.model overrides for the persisted sentinel values and preserved the valid real model override. Runtime support for "default" or "null" fallback aliases was not added.
• What was not tested: Targeted Vitest and check:changed could not complete in this worktree because normal pnpm install fails while preparing git-hosted @openclaw/[email protected]; the ignored-scripts fallback leaves @openclaw/fs-safe/config missing its built dist/config.js, so tests fail before collection.

Changed files

• CHANGELOG.md (modified, +1/-0)
• docs/automation/cron-jobs.md (modified, +2/-0)
• docs/cli/cron.md (modified, +2/-0)
• docs/gateway/doctor.md (modified, +1/-0)
• src/commands/doctor-cron-store-migration.test.ts (modified, +43/-0)
• src/commands/doctor-cron-store-migration.ts (modified, +21/-0)
• src/commands/doctor-cron.test.ts (modified, +61/-0)
• src/commands/doctor-cron.ts (modified, +6/-0)