OpenClaw port improvements, contributed by @danikdanik (PRs #62–#67) and hardened via the torture-room QA pass.
Fixes
- #62 Clamp negative / non-finite token counts at the parse boundary (cost-accuracy fix)
- #64 Bound in-memory per-session tracking against unclean session ends (memory-leak fix)
Security
- #65 Refuse to follow symlinks on checkpoint writes (
O_NOFOLLOW, TOCTOU narrowing) - Follow-up: completed
O_NOFOLLOWcoverage acrosscheckpoint-policy.ts(persistState,appendCheckpointEvent) and consolidated the write helper into a sharedfs-utils.ts
Performance
- #63 Stream the first user prompt instead of parsing the whole transcript
- #66 Read each session file once in
extractCostlyPrompts - #67 Memoize
normalizeModelName
All changes verified: tsc clean, build artifacts reproducible, runtime smoke-tested.