The Flutter verification lane runs on Ubuntu 22.04 without ripgrep
installed, so the FFI integration guard silently fell through and
printed 'No app-side Codex FFI integration artifacts found' on every
run. Replace rg with the POSIX grep -RInE that ships with the runner,
keep the same excludes (check-no-app-ffi.sh, Pods, ephemeral, build,
.dart_tool) and emit the actual offending matches so the gate fails
loudly when a forbidden reference reappears.
- Remove the unexpected property at the root of gateway task metadata.
Keep the value nested in xworkmateTaskArtifactContract where the
OpenClaw chat.send schema allows it (-32002: invalid chat.send params).
- Drop dead local vars and the unused asInt helper in OpenClaw task
association parsing.
- Remove the obsolete 'sendChatMessage restarts before handling
OpenClaw artifact guard results' test superseded by the new terminal
artifact failure test.
The release preflight used to set should_build_platform=false whenever any
Apple signing secret was unset, which silently skipped the entire macos dmg
and ios ipa lanes (build + upload gated on that flag). Result: releases only
shipped linux, windows and android artifacts even when the iOS/macOS lanes
were otherwise healthy.
Make the preflight always release the lane, but emit a :⚠️: and
annotate the skip_reason when a secret is missing. The iOS branch in
build_matrix_artifacts.sh now picks the signed vs unsigned build path based
on actual secret availability instead of should_release alone, so it falls
back to flutter build ios --no-codesign + zip Runner.app whenever a secret
is absent. package-flutter-mac-app.sh already handled the no-secret case
locally (ad-hoc codesign --sign -) and needs no change.
Behavior matrix:
macos: secret present -> signed DMG; secret missing -> unsigned DMG
ios: secret present + release -> signed IPA
secret present + non-release -> unsigned zip
secret missing (any) -> unsigned zip
