Skip to content

chore(deps): bump github.com/openclaw/crawlkit from 0.13.4 to 0.14.2#24

Merged
altaywtf merged 1 commit into
mainfrom
dependabot/go_modules/github.com/openclaw/crawlkit-0.14.2
Jul 14, 2026
Merged

chore(deps): bump github.com/openclaw/crawlkit from 0.13.4 to 0.14.2#24
altaywtf merged 1 commit into
mainfrom
dependabot/go_modules/github.com/openclaw/crawlkit-0.14.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/openclaw/crawlkit from 0.13.4 to 0.14.2.

Changelog

Sourced from github.com/openclaw/crawlkit's changelog.

Changelog

Unreleased

  • Add a publisher-authenticated archive status route and client helper so interrupted snapshot publication can resume without reader credentials.
  • Add a snapshot-scoped publisher status client helper so resumable publishers verify the exact immutable candidate instead of trusting an unrelated completed candidate from the unscoped status route, and reject successful responses that omit the snapshot or return a different snapshot, app, or archive.
  • Add a 64 MiB mutable SQLite bundle default and preserve exact request content lengths for bounded remote uploads. The shipped DefaultSQLiteBundleChunkSize constant and immutable snapshot default remain 256 MiB for caller and retry compatibility, including explicitly configured legacy mutable bundles. Mutable bundles retain their legacy part-count and aggregate-size, chunk-size, and object-size compatibility, while immutable snapshots enforce the negotiated 256 MiB part, 4 GiB object, 512 MiB compressed, and eight-part bounds. Bundle construction now rejects empty sources, removes partial temp artifacts on failure, and rejects source identity/content drift. Immutable uploads use private validated part snapshots and verify compressed and decompressed digests before any remote write. Every file-backed read is capped at its declared size plus one byte so concurrent same-inode growth is detected without consuming an unbounded tail. Mutable uploads retain bounded sequential file handling: Size: -1 uses the statted file size for local verification while preserving unknown-length transport, and part digests remain optional but are verified when supplied. Minimal legacy manifests, index-keyed part matching, and no duplicate temporary staging are also preserved; tiny chunk sizes avoid caller-sized part-slice preallocation. Manifests use crawl-remote's deterministic two-space persisted JSON representation and are size-preflighted before full encoding: snapshots are capped at 64 KiB while legacy mutable manifests retain the service-compatible 1 MiB ceiling.

v0.14.0 - 2026-07-12

  • Require notarized, single-architecture crawlctl release binaries bound to the repository-pinned signed tag and protected remote main commit, restore signing-keychain state before credential-free candidate probes, roll back partial artifact promotion, and keep naturally quarantined Gatekeeper execution plus Full Disk Access continuity as separate clean-VM gates because raw binaries and ZIP submission carriers cannot carry stapled tickets and raw-CLI spctl assessment is not an app-launch verdict.
  • Add immutable SQLite snapshot bundle manifests with deterministic source and representation digests, digest-scoped compressed objects and chunks, and explicit snapshot publishing helpers while preserving the legacy current.* bundle layout.
  • Expose immutable snapshot capabilities separately from the currently served archive capabilities so publishers can safely resume staged profiles before cutover.
Commits
  • 22294e9 fix(remote): keep mutable growth probes local
  • eff6870 fix(remote): preserve mutable file upload compatibility
  • 90dfd10 docs(changelog): document bounded bundle guarantees
  • 48b8ab6 fix(remote): close bounded bundle review gaps
  • 9287665 fix(remote): preserve legacy mutable bundle behavior
  • 74e0b2e fix(remote): harden snapshot publication preflight
  • d44cb1f fix(remote): preserve mutable bundle limits
  • b89ba83 test(remote): cover Windows retained handles
  • 41343db docs(changelog): note file-bound publication
  • 9bcf3c9 fix(remote): bind bundles to stable sources
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by cubic

Upgrade github.com/openclaw/crawlkit from 0.13.4 to 0.14.2 to add immutable SQLite snapshot bundles, safer bounded uploads, and resumable publisher status helpers. This improves snapshot publishing reliability while preserving legacy mutable bundle behavior.

Written for commit 6ea2f77. Summary will update on new commits.

Review in cubic

Bumps [github.com/openclaw/crawlkit](https://github.com/openclaw/crawlkit) from 0.13.4 to 0.14.2.
- [Release notes](https://github.com/openclaw/crawlkit/releases)
- [Changelog](https://github.com/openclaw/crawlkit/blob/main/CHANGELOG.md)
- [Commits](openclaw/crawlkit@v0.13.4...v0.14.2)

---
updated-dependencies:
- dependency-name: github.com/openclaw/crawlkit
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 14, 2026
@altaywtf
altaywtf merged commit 6be8323 into main Jul 14, 2026
3 checks passed
@altaywtf
altaywtf deleted the dependabot/go_modules/github.com/openclaw/crawlkit-0.14.2 branch July 14, 2026 10:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant