fix: Storage safety, gateway stability, auth UX, canvas, deps (#21, #54, #55, #56, #59, #60, #61, #63, #64, #65, #66, #67)

CHANGELOG.md

@@ -1,5 +1,29 @@
 # Changelog
 
+## v1.8.4 — Serial, Log Timestamps & ADB Backup
+
+### New Features
+
+- **Serial over Bluetooth & USB (#21)** — New `serial` node capability with 5 commands (`list`, `connect`, `disconnect`, `write`, `read`). Supports USB serial devices via `usb_serial` and BLE devices via Nordic UART Service (flutter_blue_plus). Device IDs prefixed with `usb:` or `ble:` for disambiguation
+- **Gateway Log Timestamps (#54)** — All gateway log messages (both Kotlin and Dart side) now include ISO 8601 UTC timestamps for easier debugging
+- **ADB Backup Support (#55)** — Added `android:allowBackup="true"` to AndroidManifest so users can back up app data via `adb backup`
+
+### Enhancements
+
+- **Check for Updates (#59)** — New "Check for Updates" option in Settings > About. Queries the GitHub Releases API, compares semver versions, and shows an update dialog with a download link if a newer release is available
+
+### Bug Fixes
+
+- **Node Capabilities Not Available to AI (#56)** — `_writeNodeAllowConfig()` silently failed when proot/node wasn't ready, causing the gateway to start with no `allowCommands`. Added direct file I/O fallback to write `openclaw.json` directly on the Android filesystem. Also fixed `node.capabilities` event to send both `commands` and `caps` fields matching the connect frame format
+
+### Node Command Reference Update
+
+| Capability | Commands |
+|------------|----------|
+| Serial | `serial.list`, `serial.connect`, `serial.disconnect`, `serial.write`, `serial.read` |
+
+---
+
 ## v1.8.3 — Multi-Instance Guard
 
 ### Bug Fixes

flutter_app/android/app/src/main/AndroidManifest.xml

@@ -19,14 +19,22 @@
     <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" android:maxSdkVersion="32" />
     <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" android:maxSdkVersion="29" tools:replace="android:maxSdkVersion" />
     <uses-permission android:name="android.permission.MANAGE_EXTERNAL_STORAGE" />
+    <uses-permission android:name="android.permission.BLUETOOTH" android:maxSdkVersion="30" />
+    <uses-permission android:name="android.permission.BLUETOOTH_ADMIN" android:maxSdkVersion="30" />
+    <uses-permission android:name="android.permission.BLUETOOTH_CONNECT" />
+    <uses-permission android:name="android.permission.BLUETOOTH_SCAN" />
+    <uses-feature android:name="android.hardware.usb.host" android:required="false" />
 
     <application
         android:label="OpenClaw"
         android:name="${applicationName}"
         android:icon="@mipmap/ic_launcher"
         android:usesCleartextTraffic="true"
         android:requestLegacyExternalStorage="true"
-        android:extractNativeLibs="true">
+        android:extractNativeLibs="true"
+        android:allowBackup="true"
+        android:fullBackupContent="@xml/backup_rules"
+        android:dataExtractionRules="@xml/data_extraction_rules">
 
         <activity
             android:name=".MainActivity"
@@ -44,6 +52,12 @@
                 <action android:name="android.intent.action.MAIN"/>
                 <category android:name="android.intent.category.LAUNCHER"/>
             </intent-filter>
+            <intent-filter>
+                <action android:name="android.hardware.usb.action.USB_DEVICE_ATTACHED" />
+            </intent-filter>
+            <meta-data
+                android:name="android.hardware.usb.action.USB_DEVICE_ATTACHED"
+                android:resource="@xml/usb_device_filter" />
         </activity>
 
         <service

flutter_app/android/app/src/main/kotlin/com/nxg/openclawproot/BootstrapManager.kt

@@ -1,6 +1,9 @@
 package com.nxg.openclawproot
 
 import android.content.Context
+import android.net.ConnectivityManager
+import android.net.LinkProperties
+import android.os.Build
 import android.system.Os
 import java.io.BufferedInputStream
 import java.io.File
@@ -1212,8 +1215,31 @@ require('/root/.openclaw/proot-compat.js');
         }
     }
 
+    /**
+     * Read DNS servers from Android's active network. Falls back to
+     * Google DNS (8.8.8.8, 8.8.4.4) if system DNS is unavailable (#60).
+     */
+    private fun getSystemDnsServers(): String {
+        try {
+            val cm = context.getSystemService(Context.CONNECTIVITY_SERVICE) as? ConnectivityManager
+            if (cm != null) {
+                val network = cm.activeNetwork
+                if (network != null) {
+                    val linkProps: LinkProperties? = cm.getLinkProperties(network)
+                    val dnsServers = linkProps?.dnsServers
+                    if (dnsServers != null && dnsServers.isNotEmpty()) {
+                        val lines = dnsServers.joinToString("\n") { "nameserver ${it.hostAddress}" }
+                        // Always append Google DNS as fallback
+                        return "$lines\nnameserver 8.8.8.8\n"
+                    }
+                }
+            }
+        } catch (_: Exception) {}
+        return "nameserver 8.8.8.8\nnameserver 8.8.4.4\n"
+    }
+
     fun writeResolvConf() {
-        val content = "nameserver 8.8.8.8\nnameserver 8.8.4.4\n"
+        val content = getSystemDnsServers()
         // Try context.filesDir first (Android-guaranteed), fall back to
         // string-based configDir. Always call mkdirs() unconditionally. (#40)
         try {
@@ -1230,10 +1256,8 @@ require('/root/.openclaw/proot-compat.js');
         // even if the bind-mount fails or hasn't been set up yet (#40).
         try {
             val rootfsResolv = File(rootfsDir, "etc/resolv.conf")
-            if (!rootfsResolv.exists() || rootfsResolv.length() == 0L) {
-                rootfsResolv.parentFile?.mkdirs()
-                rootfsResolv.writeText(content)
-            }
+            rootfsResolv.parentFile?.mkdirs()
+            rootfsResolv.writeText(content)
         } catch (_: Exception) {}
     }
 

flutter_app/android/app/src/main/kotlin/com/nxg/openclawproot/GatewayService.kt

@@ -219,7 +219,8 @@ class GatewayService : Service() {
 
     private fun emitLog(message: String) {
         try {
-            logSink?.success(message)
+            val ts = java.time.Instant.now().toString()
+            logSink?.success("$ts $message")
         } catch (_: Exception) {}
     }
 

flutter_app/android/app/src/main/kotlin/com/nxg/openclawproot/MainActivity.kt

@@ -461,6 +461,17 @@ class MainActivity : FlutterActivity() {
                         result.error("INVALID_ARGS", "path and content required", null)
                     }
                 }
+                "bringToForeground" -> {
+                    try {
+                        val intent = Intent(applicationContext, MainActivity::class.java).apply {
+                            flags = Intent.FLAG_ACTIVITY_NEW_TASK or Intent.FLAG_ACTIVITY_REORDER_TO_FRONT
+                        }
+                        applicationContext.startActivity(intent)
+                        result.success(true)
+                    } catch (e: Exception) {
+                        result.error("FOREGROUND_ERROR", e.message, null)
+                    }
+                }
                 "readSensor" -> {
                     val sensorType = call.argument<String>("sensor") ?: "accelerometer"
                     Thread {

flutter_app/android/app/src/main/kotlin/com/nxg/openclawproot/SshForegroundService.kt

@@ -10,6 +10,7 @@ import android.content.Intent
 import android.os.Build
 import android.os.IBinder
 import android.os.PowerManager
+import android.net.ConnectivityManager
 import java.io.BufferedReader
 import java.io.File
 import java.io.InputStreamReader
@@ -114,52 +115,71 @@ class SshForegroundService : Service() {
                 try { bootstrapManager.setupDirectories() } catch (_: Exception) {}
                 try { bootstrapManager.writeResolvConf() } catch (_: Exception) {}
 
-                // Last-resort: verify resolv.conf exists, create inline if not
-                val resolvContent = "nameserver 8.8.8.8\nnameserver 8.8.4.4\n"
+                // Last-resort: verify resolv.conf exists, create inline if not.
+                // Use system DNS servers when available (#60).
+                val resolvContent = getSystemDnsContent()
                 try {
                     val resolvFile = File(filesDir, "config/resolv.conf")
-                    if (!resolvFile.exists() || resolvFile.length() == 0L) {
-                        resolvFile.parentFile?.mkdirs()
-                        resolvFile.writeText(resolvContent)
-                    }
+                    resolvFile.parentFile?.mkdirs()
+                    resolvFile.writeText(resolvContent)
                 } catch (_: Exception) {}
                 // Also write into rootfs /etc/ so DNS works even if bind-mount fails
                 try {
                     val rootfsResolv = File(filesDir, "rootfs/ubuntu/etc/resolv.conf")
-                    if (!rootfsResolv.exists() || rootfsResolv.length() == 0L) {
-                        rootfsResolv.parentFile?.mkdirs()
-                        rootfsResolv.writeText(resolvContent)
-                    }
+                    rootfsResolv.parentFile?.mkdirs()
+                    rootfsResolv.writeText(resolvContent)
                 } catch (_: Exception) {}
 
                 // Generate host keys if missing, configure sshd, then run in
                 // foreground mode (-D) so the proot process stays alive.
                 // -e logs to stderr instead of syslog (easier debugging).
                 // PermitRootLogin yes is needed since proot fakes root.
+                // ListenAddress 0.0.0.0 ensures sshd binds to all IPv4
+                // interfaces and survives VPN network changes (#61).
                 val cmd = "mkdir -p /run/sshd /etc/ssh && " +
                     "test -f /etc/ssh/ssh_host_rsa_key || ssh-keygen -A && " +
                     "sed -i 's/^#\\?PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config 2>/dev/null; " +
                     "grep -q '^PermitRootLogin' /etc/ssh/sshd_config || echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config; " +
+                    "sed -i 's/^#\\?ListenAddress.*/ListenAddress 0.0.0.0/' /etc/ssh/sshd_config 2>/dev/null; " +
+                    "grep -q '^ListenAddress' /etc/ssh/sshd_config || echo 'ListenAddress 0.0.0.0' >> /etc/ssh/sshd_config; " +
                     "/usr/sbin/sshd -D -e -p $port"
 
-                sshdProcess = pm.startProotProcess(cmd)
-                updateNotification("SSH running on port $port")
-
-                // Read stderr for logs
-                val stderrReader = BufferedReader(InputStreamReader(sshdProcess!!.errorStream))
-                Thread {
-                    try {
-                        var line: String?
-                        while (stderrReader.readLine().also { line = it } != null) {
-                            // Could log these if needed
-                        }
-                    } catch (_: Exception) {}
-                }.start()
-
-                val exitCode = sshdProcess!!.waitFor()
-                isRunning = false
-                updateNotification("SSH stopped (exit $exitCode)")
-                stopSelf()
+                var restartCount = 0
+                val maxRestarts = 3
+
+                while (restartCount <= maxRestarts) {
+                    sshdProcess = pm.startProotProcess(cmd)
+                    if (restartCount == 0) {
+                        updateNotification("SSH running on port $port")
+                    } else {
+                        updateNotification("SSH restarted on port $port (attempt ${restartCount + 1})")
+                    }
+
+                    // Read stderr for logs
+                    val stderrReader = BufferedReader(InputStreamReader(sshdProcess!!.errorStream))
+                    Thread {
+                        try {
+                            var line: String?
+                            while (stderrReader.readLine().also { line = it } != null) {
+                                android.util.Log.w("SSHD", line ?: "")
+                            }
+                        } catch (_: Exception) {}
+                    }.start()
+
+                    val exitCode = sshdProcess!!.waitFor()
+
+                    if (!isRunning) break // Intentional stop
+
+                    restartCount++
+                    if (restartCount <= maxRestarts) {
+                        updateNotification("SSH exited ($exitCode), restarting...")
+                        Thread.sleep(2000L * restartCount)
+                    } else {
+                        isRunning = false
+                        updateNotification("SSH stopped (exit $exitCode)")
+                        stopSelf()
+                    }
+                }
             } catch (e: Exception) {
                 isRunning = false
                 updateNotification("SSH error: ${e.message?.take(50)}")
@@ -175,6 +195,24 @@ class SshForegroundService : Service() {
         }
     }
 
+    private fun getSystemDnsContent(): String {
+        try {
+            val cm = getSystemService(Context.CONNECTIVITY_SERVICE) as? ConnectivityManager
+            if (cm != null) {
+                val network = cm.activeNetwork
+                if (network != null) {
+                    val linkProps = cm.getLinkProperties(network)
+                    val dnsServers = linkProps?.dnsServers
+                    if (dnsServers != null && dnsServers.isNotEmpty()) {
+                        val lines = dnsServers.joinToString("\n") { "nameserver ${it.hostAddress}" }
+                        return "$lines\nnameserver 8.8.8.8\n"
+                    }
+                }
+            }
+        } catch (_: Exception) {}
+        return "nameserver 8.8.8.8\nnameserver 8.8.4.4\n"
+    }
+
     private fun acquireWakeLock() {
         releaseWakeLock()
         val powerManager = getSystemService(Context.POWER_SERVICE) as PowerManager

flutter_app/android/app/src/main/res/xml/backup_rules.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- fullBackupContent rules for Android ≤11 -->
+<full-backup-content>
+    <include domain="sharedpref" path="." />
+</full-backup-content>

flutter_app/android/app/src/main/res/xml/data_extraction_rules.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- dataExtractionRules for Android 12+ -->
+<data-extraction-rules>
+    <cloud-backup>
+        <include domain="sharedpref" path="." />
+    </cloud-backup>
+    <device-transfer>
+        <include domain="sharedpref" path="." />
+    </device-transfer>
+</data-extraction-rules>

flutter_app/android/app/src/main/res/xml/usb_device_filter.xml

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<resources>
+    <usb-device />
+</resources>

flutter_app/lib/constants.dart

@@ -1,6 +1,6 @@
 class AppConstants {
   static const String appName = 'OpenClaw';
-  static const String version = '1.8.2';
+  static const String version = '1.8.4';
   static const String packageName = 'com.nxg.openclawproot';
 
   /// Matches ANSI escape sequences (e.g. color codes in terminal output).
@@ -11,6 +11,9 @@ class AppConstants {
   static const String githubUrl = 'https://github.com/mithun50/openclaw-termux';
   static const String license = 'MIT';
 
+  static const String githubApiLatestRelease =
+      'https://api.github.com/repos/mithun50/openclaw-termux/releases/latest';
+
   // NextGenX
   static const String orgName = 'NextGenX';
   static const String orgEmail = 'nxgextra@gmail.com';

flutter_app/lib/providers/node_provider.dart

@@ -9,6 +9,7 @@ import '../services/capabilities/flash_capability.dart';
 import '../services/capabilities/location_capability.dart';
 import '../services/capabilities/screen_capability.dart';
 import '../services/capabilities/sensor_capability.dart';
+import '../services/capabilities/serial_capability.dart';
 import '../services/capabilities/vibration_capability.dart';
 import '../services/native_bridge.dart';
 import '../services/node_service.dart';
@@ -29,6 +30,7 @@ class NodeProvider extends ChangeNotifier with WidgetsBindingObserver {
   final _locationCapability = LocationCapability();
   final _screenCapability = ScreenCapability();
   final _sensorCapability = SensorCapability();
+  final _serialCapability = SerialCapability();
   final _vibrationCapability = VibrationCapability();
 
   NodeState get state => _state;
@@ -74,8 +76,10 @@ class NodeProvider extends ChangeNotifier with WidgetsBindingObserver {
   @override
   void didChangeAppLifecycleState(AppLifecycleState state) {
     if (state == AppLifecycleState.resumed) {
+      _nodeService.setAppInForeground(true);
       _onAppResumed();
     } else if (state == AppLifecycleState.paused) {
+      _nodeService.setAppInForeground(false);
       _onAppPaused();
     }
   }
@@ -156,6 +160,11 @@ class NodeProvider extends ChangeNotifier with WidgetsBindingObserver {
       _sensorCapability.commands.map((c) => '${_sensorCapability.name}.$c').toList(),
       (cmd, params) => _sensorCapability.handleWithPermission(cmd, params),
     );
+    _nodeService.registerCapability(
+      _serialCapability.name,
+      _serialCapability.commands.map((c) => '${_serialCapability.name}.$c').toList(),
+      (cmd, params) => _serialCapability.handleWithPermission(cmd, params),
+    );
   }
 
   Future<void> _init() async {
@@ -211,6 +220,8 @@ class NodeProvider extends ChangeNotifier with WidgetsBindingObserver {
       Permission.camera,
       Permission.location,
       Permission.sensors,
+      Permission.bluetoothConnect,
+      Permission.bluetoothScan,
     ].request();
   }
 
@@ -306,6 +317,7 @@ class NodeProvider extends ChangeNotifier with WidgetsBindingObserver {
     _nodeService.dispose();
     _cameraCapability.dispose();
     _flashCapability.dispose();
+    _serialCapability.dispose();
     NativeBridge.stopNodeService();
     super.dispose();
   }

flutter_app/lib/screens/node_screen.dart

@@ -216,6 +216,12 @@ class _NodeScreenState extends State<NodeScreen> {
                       'Read accelerometer, gyroscope, magnetometer, barometer',
                       Icons.sensors,
                     ),
+                    _capabilityTile(
+                      theme,
+                      'Serial',
+                      'Bluetooth and USB serial communication',
+                      Icons.usb,
+                    ),
                     const SizedBox(height: 16),
 
                     // Device Info