Issue Station
Sign In
Tools hereToolbox

openclaw - ✅(Solved) Fix Irreversibility warning bypassed when user confirms interactively in `secrets configure` [1 pull requests, 1 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#83883Fetched 2026-05-20 03:47:40
View on GitHub
Comments
1
Participants
2
Timeline
9
Reactions
1
Author
davinci282828davinci282828
Participants
clawsweeper[bot]clawsweeper[bot]davinci282828davinci282828
Timeline (top)
labeled ×7commented ×1cross-referenced ×1

Fix Action

Fix / Workaround

Severity: low / Confidence: high / Category: bug Triage: confirmed-bug Detected against: openclaw v2026.5.18 (latest stable at time of scan, 2026-05-18) Tooling: clawpatch 0.3.0 + acpx/claude-sonnet-4-5 via Brad Mills protocol

Standardized clawpatch finding. Persistent in v2026.5.18 (not resolved by upgrading from v2026.5.12). Finding ID: fnd_sig-feat-cli-command-0c37e1d71a-_b21358180d.

PR fix notes

PR #84225: fix(secrets): show irreversibility prompt for interactive confirm path (#83883)

Description (problem / solution / changelog)

Fixes #83883.

openclaw secrets configure has two paths that reach the same runSecretsApply call:

  1. Non-interactive: user passes --apply. shouldApply starts true. The one-way-migration confirmation runs if !--yes && !--json.
  2. Interactive: user omits --apply, gets a "Apply this plan now?" prompt, answers yes. shouldApply becomes true via that prompt.

Today's gate at src/cli/secrets-cli.ts:224 derives needsIrreversiblePrompt = Boolean(opts.apply). That's true for path (1) and false for path (2). The interactive yes-path silently skips the one-way-migration warning and proceeds to a destructive apply — exactly the inverse of what an irreversibility prompt is for. The model of the user knowingly opting in via --apply is the weaker case; the interactive user who just answered "yes" is the one most likely to benefit from the warning.

Changes

  • src/cli/secrets-cli.ts: re-derive needsIrreversiblePrompt from shouldApply && !opts.yes && !opts.json inside the if (shouldApply) block. The warning now appears whenever apply is proceeding and the user hasn't opted out via --yes or --json, regardless of how shouldApply became true.

Diff stat: 1 file, +8 / -2.

Real behavior proof

  • Behavior or issue addressed: Sanitized issue evidence — the if (shouldApply) { … } block at secrets-cli.ts:223-235 had a Boolean(opts.apply) gate that excluded the interactive-yes path from seeing the warning. The new gate keys off shouldApply itself.

  • Real environment tested: Local Node 22.x. Probe at /tmp/probe_83883.mjs does both halves of the proof. (a) Parses the patched secrets-cli.ts and verifies the new derivation shouldApply && !opts.yes && !opts.json is present and the old Boolean(opts.apply) derivation is gone. (b) Replays the gate logic against six (opts, interactiveYes) combinations — confirming the buggy shape skipped the irreversibility prompt on the interactive-yes path (the #83883 symptom), the patched shape shows it, and four no-regression cases for --apply --yes, --apply alone, --json, and interactive-no all behave the same as before.

  • Exact steps or command run after this patch: node /tmp/probe_83883.mjs

  • Evidence after fix:

PASS: needsIrreversiblePrompt is now derived from shouldApply (not opts.apply)
PASS: old `Boolean(opts.apply)` gating is removed
PASS: replay (buggy): interactive yes → irreversible prompt SKIPPED — confirms #83883
PASS: replay (patched): interactive yes → irreversible prompt now SHOWN before apply
PASS: replay (patched, --apply --yes): no prompts — non-interactive yes flow unchanged
PASS: replay (patched, --apply alone): irreversible prompt shown — legacy --apply behavior preserved
PASS: replay (patched, --json): no prompts — JSON mode preserved
PASS: replay (patched, interactive no): apply skipped, no irreversible prompt

ALL CASES PASS

  • Observed result after fix: An interactive openclaw secrets configure flow that ends with the user answering "yes" to "Apply this plan now?" now shows the one-way-migration confirmation immediately afterward, before any runSecretsApply invocation. The --apply / --apply --yes / --json paths are unchanged.

  • What was not tested: Live secret-manager backends (1Password, AWS, Vault) — the fix is purely in the CLI prompt sequencing and does not touch any provider logic. The probe replays the exact gate logic at the call site without coupling to the broader secrets pipeline.

Audit (per CLAUDE rules — all 5 steps)

  • Existing-helper check: No predicate helper introduced — this is a one-line gate-condition rewrite from Boolean(opts.apply) to shouldApply && !opts.yes && !opts.json. PASS
  • Shared-helper caller check: needsIrreversiblePrompt is a local within the secrets configure action handler; not exported or shared. PASS
  • Broader-fix rival scan: gh pr list --search '83883 in:title,body' and gh pr list --search 'irreversibility secrets configure' return no open PRs. Issue timeline shows zero cross-references. PASS
  • Recent-merge audit: git log --oneline -5 -- src/cli/secrets-cli.ts shows e1061a8b46 test(live): tolerate provider drift in release checks — unrelated to the configure-apply flow. PASS
  • Prototype-pollution scan: N/A — pure boolean rewrite on locally-bound variables.

Changed files

  • src/cli/secrets-cli.ts (modified, +8/-2)

Code Example

let shouldApply = Boolean(opts.apply);
if (!shouldApply && !opts.json) {
  const approved = await confirm({ message: "Apply this plan now?", initialValue: true });
  if (typeof approved === "boolean") { shouldApply = approved; }
}
if (shouldApply) {
  const needsIrreversiblePrompt = Boolean(opts.apply);
RAW_BUFFERClick to expand / collapse

Severity: low / Confidence: high / Category: bug Triage: confirmed-bug Detected against: openclaw v2026.5.18 (latest stable at time of scan, 2026-05-18) Tooling: clawpatch 0.3.0 + acpx/claude-sonnet-4-5 via Brad Mills protocol

Evidence

  • src/cli/secrets-cli.ts:None-None (None)
let shouldApply = Boolean(opts.apply);
if (!shouldApply && !opts.json) {
  const approved = await confirm({ message: "Apply this plan now?", initialValue: true });
  if (typeof approved === "boolean") { shouldApply = approved; }
}
if (shouldApply) {
  const needsIrreversiblePrompt = Boolean(opts.apply);

Reasoning

needsIrreversiblePrompt is derived from Boolean(opts.apply), which reflects whether the CLI flag --apply was provided, not whether the user just answered "yes" to the interactive prompt. A user who runs openclaw secrets configure (no --apply flag), is asked "Apply now?", answers yes, and proceeds—never sees the one-way-migration warning. The warning only appears for the non-interactive --apply flag path. Both code paths reach the same destructive runSecretsApply call, so the missing warning is a genuine consistency gap.

Reproduction

Run openclaw secrets configure, complete the interactive flow, answer "yes" to "Apply this plan now?"—the irreversibility confirmation is skipped.

Recommendation

Set needsIrreversiblePrompt based on shouldApply being true, regardless of how it became true: const needsIrreversiblePrompt = shouldApply && !opts.yes && !opts.json; and move it inside the if (shouldApply) block, removing its dependence on opts.apply.

Why existing tests miss this

No tests are listed for secrets-cli.ts and the interactive confirmation flow is typically excluded from unit tests.

Suggested regression test

Unit-test the action handler with opts.apply = false, mock confirm to return true first, then verify a second confirm call (irreversibility prompt) is made before runSecretsApply is invoked.

Minimum fix scope

One-line change in src/cli/secrets-cli.ts: derive needsIrreversiblePrompt from shouldApply instead of opts.apply.

Standardized clawpatch finding. Persistent in v2026.5.18 (not resolved by upgrading from v2026.5.12). Finding ID: fnd_sig-feat-cli-command-0c37e1d71a-_b21358180d.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#permission error#memory optimization#batch processing#GPU compatibility#latency issue

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING