Issue Station
Sign In
Tools hereToolbox

openclaw - ✅(Solved) Fix Docs: clarify app SDK vs plugin SDK boundary [2 pull requests, 1 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#74709Fetched 2026-04-30 06:20:50
View on GitHub
Comments
1
Participants
2
Timeline
5
Reactions
2
Author
BunsDevBunsDev
Participants
BunsDevBunsDevclawsweeper[bot]clawsweeper[bot]
Timeline (top)
cross-referenced ×3commented ×1labeled ×1

PR fix notes

PR #74825: docs(sdk): clarify app and plugin sdk boundary

Description (problem / solution / changelog)

Summary

  • Problem: the App SDK and Plugin SDK docs already mention the split, but the boundary is easy to miss when writing quickstarts or OpenMeow/OpenCoven-style examples.
  • Why it matters: external apps should talk to Gateway through @openclaw/sdk, while trusted in-process plugins should use openclaw/plugin-sdk/*; mixing these contracts leaks internals into public examples.
  • What changed: added an App SDK boundary checklist, a Plugin SDK runtime/boundary table, and API-design guidance that keeps OpenMeow/OpenCoven examples on the external client side.
  • What did NOT change (scope boundary): no SDK code, Gateway behavior, plugin contracts, or generated API surfaces changed.

Change Type (select all)

  • Bug fix
  • Feature
  • Refactor required for the fix
  • Docs
  • Security hardening
  • Chore/infra

Scope (select all touched areas)

  • Gateway / orchestration
  • Skills / tool execution
  • Auth / tokens
  • Memory / storage
  • Integrations
  • API / contracts
  • UI / DX
  • CI/CD / infra

Linked Issue/PR

  • Closes #74709
  • Related #
  • This PR fixes a bug or regression

Root Cause (if applicable)

N/A

  • Root cause: N/A
  • Missing detection / guardrail: N/A
  • Contributing context (if known): N/A

Regression Test Plan (if applicable)

N/A

  • Coverage level that should have caught this:
    • Unit test
    • Seam / integration test
    • End-to-end test
    • Existing coverage already sufficient
  • Target test or file: docs checks only.
  • Scenario the test should lock in: docs formatting, linting, MDX validity, i18n glossary coverage, and internal links remain valid.
  • Why this is the smallest reliable guardrail: the change is documentation-only.
  • Existing test that already covers this (if any): pnpm check:docs.
  • If no new test is added, why not: docs-only clarification.

User-visible / Behavior Changes

Docs now explicitly state that external apps, dashboards, scripts, IDE extensions, and OpenMeow/OpenCoven-style examples use @openclaw/sdk over Gateway, while provider/channel/tool/hook/runtime extensions use openclaw/plugin-sdk/* inside OpenClaw.

Diagram (if applicable)

External app/docs example -> @openclaw/sdk -> Gateway RPC/events -> OpenClaw runtime
Trusted plugin code       -> openclaw/plugin-sdk/* -> host registration APIs

Security Impact (required)

  • New permissions/capabilities? (Yes/No) No
  • Secrets/tokens handling changed? (Yes/No) No
  • New/changed network calls? (Yes/No) No
  • Command/tool execution surface changed? (Yes/No) No
  • Data access scope changed? (Yes/No) No
  • If any Yes, explain risk + mitigation: N/A

Repro + Verification

Environment

  • OS: Linux
  • Runtime/container: Node 22 / pnpm repo scripts
  • Model/provider: N/A
  • Integration/channel (if any): docs
  • Relevant config (redacted): N/A

Steps

  1. Read docs/concepts/openclaw-sdk.md.
  2. Read docs/plugins/sdk-overview.md.
  3. Read docs/reference/openclaw-sdk-api-design.md.

Expected

  • App SDK docs clearly say @openclaw/sdk is for outside-process clients.
  • Plugin SDK docs clearly say openclaw/plugin-sdk/* is for trusted in-process plugin runtime code.
  • Cross-links and OpenMeow/OpenCoven guidance keep future examples on the correct side of the boundary.

Actual

  • Before this PR, the boundary existed but was less explicit in quickstart/example guidance.

Evidence

  • Failing test/log before + passing after
  • Trace/log snippets
  • Screenshot/recording
  • Perf numbers (if relevant)

Human Verification (required)

What you personally verified (not just CI), and how:

  • Verified scenarios: pnpm check:docs; git diff --check upstream/main..HEAD.
  • Edge cases checked: docs formatter, markdown lint, MDX validation, zh-CN glossary entries required by the docs gate, and internal link audit.
  • What you did not verify: rendered Mintlify preview.

Review Conversations

  • I replied to or resolved every bot review conversation I addressed in this PR.
  • I left unresolved only the conversations that still need reviewer or maintainer judgment.

Compatibility / Migration

  • Backward compatible? (Yes/No) Yes
  • Config/env changes? (Yes/No) No
  • Migration needed? (Yes/No) No
  • If yes, exact upgrade steps: N/A

Risks and Mitigations

None.

Changed files

  • docs/.i18n/glossary.zh-CN.json (modified, +40/-0)
  • docs/concepts/openclaw-sdk.md (modified, +24/-1)
  • docs/plugins/sdk-overview.md (modified, +21/-0)
  • docs/reference/openclaw-sdk-api-design.md (modified, +6/-0)

PR #74847: feat(gateway): add SDK task ledger RPCs

Description (problem / solution / changelog)

Summary

  • Problem: @openclaw/sdk exposed oc.tasks.*, but list, get, and cancel still threw unsupported errors because Gateway had no SDK-facing task ledger RPCs.
  • Why it matters: OpenMeow and other app clients need stable task visibility for detached/background work without reading internal logs or CLI-only surfaces.
  • What changed: Added tasks.list, tasks.get, and tasks.cancel Gateway RPCs, SDK methods/types, protocol schemas, scopes, docs, and regression coverage.
  • What did NOT change (scope boundary): This does not add tool invocation, artifact APIs, environment provisioning, or new task runtime semantics.

Change Type (select all)

  • Bug fix
  • Feature
  • Refactor required for the fix
  • Docs
  • Security hardening
  • Chore/infra

Scope (select all touched areas)

  • Gateway / orchestration
  • Skills / tool execution
  • Auth / tokens
  • Memory / storage
  • Integrations
  • API / contracts
  • UI / DX
  • CI/CD / infra

Linked Issue/PR

Root Cause (if applicable)

  • Root cause: Gateway already had a durable task registry, but no public RPC contract or SDK bridge exposed it to external app clients.
  • Missing detection / guardrail: SDK coverage only locked in unsupported task errors instead of the app-client task ledger contract.
  • Contributing context (if known): The OpenMeow gap map calls out tasks.list, tasks.get, and tasks.cancel as missing basics.

Regression Test Plan (if applicable)

  • Coverage level that should have caught this: Unit test and seam / integration test.
  • Target test or file: src/gateway/server-methods/tasks.test.ts, src/gateway/protocol/index.test.ts, packages/sdk/src/index.test.ts, packages/sdk/src/index.e2e.test.ts.
  • Scenario the test should lock in: SDK task methods route to Gateway RPCs, task statuses are app-facing and stable, filters work, scopes are classified, and cancel returns a clear result contract.
  • Why this is the smallest reliable guardrail: It exercises the protocol and SDK seams without requiring a live detached task runtime.
  • Existing test that already covers this (if any): Existing task registry tests cover the underlying task lifecycle.
  • If no new test is added, why not: N/A.

User-visible / Behavior Changes

oc.tasks.list(), oc.tasks.get(taskId), and oc.tasks.cancel(taskId) now call Gateway task ledger RPCs instead of throwing unsupported errors.

Diagram (if applicable)

Before:
[external app] -> [@openclaw/sdk oc.tasks.*] -> [unsupported error]

After:
[external app] -> [@openclaw/sdk oc.tasks.*] -> [Gateway tasks.* RPC] -> [durable task registry]

Security Impact (required)

  • New permissions/capabilities? (Yes/No) Yes
  • Secrets/tokens handling changed? (Yes/No) No
  • New/changed network calls? (Yes/No) No
  • Command/tool execution surface changed? (Yes/No) No
  • Data access scope changed? (Yes/No) Yes
  • If any Yes, explain risk + mitigation: tasks.list and tasks.get require operator.read; tasks.cancel requires operator.write. The RPCs expose task metadata from the existing durable task registry and do not expose secrets.

Repro + Verification

Environment

  • OS: Ubuntu/Linux local workspace
  • Runtime/container: Node 22.22.0 via nvm, pnpm 10.33.2
  • Model/provider: N/A
  • Integration/channel (if any): Gateway WebSocket RPC / @openclaw/sdk
  • Relevant config (redacted): N/A

Steps

  1. On current main, call oc.tasks.list(), oc.tasks.get("task-id"), or oc.tasks.cancel("task-id").
  2. Observe the SDK unsupported error.
  3. Apply this PR.
  4. Call the same SDK methods against a Gateway with task records.

Expected

  • SDK task methods route to Gateway task ledger RPCs and return stable task summaries or cancel results.

Actual

  • Before this PR, SDK task methods throw unsupported errors.

Evidence

  • Failing test/log before + passing after
  • Trace/log snippets
  • Screenshot/recording
  • Perf numbers (if relevant)

Lint evidence:

  • git diff --check HEAD~1 HEAD
  • targeted oxlint on changed TS files
  • markdownlint-cli2 docs/concepts/openclaw-sdk.md

Review Conversations

  • I replied to or resolved every bot review conversation I addressed in this PR.
  • I left unresolved only the conversations that still need reviewer or maintainer judgment.

Compatibility / Migration

  • Backward compatible? (Yes/No) Yes
  • Config/env changes? (Yes/No) No
  • Migration needed? (Yes/No) No
  • If yes, exact upgrade steps: N/A

Risks and Mitigations

  • Risk: SDK-facing task statuses intentionally differ from internal registry statuses.
  • Mitigation: Tests lock in the public mapping, including succeeded to completed and lost to failed.

Changed files

  • apps/macos/Sources/OpenClawProtocol/GatewayModels.swift (modified, +214/-0)
  • apps/shared/OpenClawKit/Sources/OpenClawProtocol/GatewayModels.swift (modified, +214/-0)
  • docs/concepts/openclaw-sdk.md (modified, +12/-5)
  • packages/sdk/src/client.ts (modified, +13/-9)
  • packages/sdk/src/index.e2e.test.ts (modified, +54/-0)
  • packages/sdk/src/index.test.ts (modified, +64/-9)
  • packages/sdk/src/index.ts (modified, +6/-0)
  • packages/sdk/src/types.ts (modified, +50/-0)
  • src/gateway/method-scopes.test.ts (modified, +3/-0)
  • src/gateway/method-scopes.ts (modified, +3/-0)
  • src/gateway/protocol/index.test.ts (modified, +21/-0)
  • src/gateway/protocol/index.ts (modified, +31/-0)
  • src/gateway/protocol/schema.ts (modified, +1/-0)
  • src/gateway/protocol/schema/protocol-schemas.ts (modified, +16/-0)
  • src/gateway/protocol/schema/tasks.ts (added, +91/-0)
  • src/gateway/protocol/schema/types.ts (modified, +7/-0)
  • src/gateway/server-methods-list.ts (modified, +3/-0)
  • src/gateway/server-methods.ts (modified, +2/-0)
  • src/gateway/server-methods/tasks.test.ts (added, +167/-0)
  • src/gateway/server-methods/tasks.ts (added, +205/-0)
  • src/tasks/detached-task-runtime-contract.ts (modified, +1/-0)
  • src/tasks/task-registry.ts (modified, +5/-2)
RAW_BUFFERClick to expand / collapse

Goal

Make the app SDK vs plugin SDK distinction unmistakable in docs and examples.

The new @openclaw/sdk package is for external applications and automations talking to Gateway. The existing plugin SDK is for trusted code running inside OpenClaw to register tools, channels, providers, hooks, and runtimes.

Acceptance criteria

  • SDK docs clearly say app SDK runs outside OpenClaw.
  • Plugin SDK docs clearly say plugin SDK runs inside OpenClaw.
  • Cross-links explain when to use each.
  • Quickstart examples do not blur the boundary.
  • Future OpenMeow/OpenCoven examples use app SDK/Gateway, not plugin SDK internals.

References

extent analysis

TL;DR

Update documentation and examples to clearly distinguish between app SDK and plugin SDK usage.

Guidance

  • Review the acceptance criteria to ensure all points are addressed, particularly focusing on clear documentation and examples that do not blur the lines between app SDK and plugin SDK.
  • Use the provided architecture diagrams as a reference to understand the intended distinction and usage of each SDK.
  • Ensure cross-links are added to explain when to use each SDK, providing clarity for developers on the appropriate use cases.
  • Verify that future examples, such as those for OpenMeow/OpenCoven, correctly utilize the app SDK and Gateway, avoiding plugin SDK internals.

Notes

The provided references, including the review brief and architecture diagrams, should be consulted to ensure a thorough understanding of the required changes.

Recommendation

Apply workaround by thoroughly reviewing and updating the documentation and examples according to the acceptance criteria, ensuring a clear distinction between the app SDK and plugin SDK.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#pipeline error#runtime error#dependency conflict#environment setup#docker error

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

openclaw - ✅(Solved) Fix Docs: clarify app SDK vs plugin SDK boundary [2 pull requests, 1 comments, 2 participants]