[Repo Assist] refactor: consolidate WebLoginStartResult and WebLoginWaitResult into WebLoginResult

[github-actions]

🤖 This is an automated pull request from Repo Assist, an AI assistant for this repository.

Summary

WebLoginStartResult and WebLoginWaitResult in ChannelsSnapshot.cs were byte-for-byte identical — both sealed classes with the same five properties (Message, QrDataUrl, Connected, Error, RawResponse) and identical XML doc comments. Maintaining two types that carry the same data adds maintenance burden without any semantic benefit, since the method names (WebLoginStartAsync / WebLoginWaitAsync) already distinguish the two flows.

This PR replaces both classes with a single WebLoginResult class.

Changes

File	Change
src/OpenClaw.Shared/ChannelsSnapshot.cs	Replace WebLoginStartResult + WebLoginWaitResult with single WebLoginResult
src/OpenClaw.Shared/IOperatorGatewayClient.cs	Update both method return types to WebLoginResult?
src/OpenClaw.Shared/OpenClawGatewayClient.cs	Update both method implementations (new WebLoginResult {...})
tests/OpenClaw.Tray.Tests/OnboardingChatBootstrapperTests.cs	Update FakeOperatorGatewayClient stub

ChannelsPage.xaml.cs uses both methods via property access with inferred types and required no changes.

Rationale

• Fewer types to maintain when the schema changes (e.g., adding a new field)
• Single source of truth for what a web-login step result looks like
• Callers continue to use both WebLoginStartAsync / WebLoginWaitAsync by name — the type consolidation is transparent to them

Trade-offs

None significant. The two types were identical. If they diverge in future they can be split again, but that would be a deliberate design choice rather than an accidental duplication.

Test Status

• Shared tests: 2122 passed, 8 failed (pre-existing infrastructure failures unrelated to this change — same result on main before this PR)
• Tray tests: 974 passed, 0 failed ✅
• Note: ./build.ps1 requires Windows; build validated via dotnet test on Linux CI which exercises the compilation path

Generated by 🌈 Repo Assist, see workflow run. Learn more.

Add this agentic workflows to your repo

To install this agentic workflow, run

gh aw add githubnext/agentics/workflows/repo-assist.md@97143ac59cb3a13ef2a77581f929f06719c7402a

[clawsweeper]

Codex review: found issues before merge. Reviewed June 8, 2026, 9:44 PM ET / 01:44 UTC.

Summary
The PR replaces the two public web-login result classes with one WebLoginResult and updates the shared gateway client interface, implementation, and one tray test fake.

Reproducibility: yes. for the review blocker: source inspection shows current main exposes the old result types and the PR removes them from the shared API. A downstream consumer naming those types or implementing the current interface would fail to compile against the PR head.

Review metrics: 2 noteworthy metrics.

• Shared API surface changed: 2 public result classes removed; 1 replacement class added. This is the main compatibility risk because consumers may compile against the existing public names.
• Required validation incomplete: ./build.ps1 not run; shared tests reported 8 failures. AGENTS.md requires a clean build plus shared and tray tests before work is complete.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🧂 unranked krab
Result: blocked until real behavior proof from a real setup is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• Preserve WebLoginStartResult/WebLoginWaitResult and the existing IOperatorGatewayClient signatures.
• Provide a clean ./build.ps1, shared tests, and tray tests pass per AGENTS.md.
• [P1] Add redacted after-fix real behavior proof, then update the PR body to trigger re-review.

Proof guidance:

• [P1] Needs real behavior proof before merge: The PR body reports test results only, with shared failures and no real after-change tray/API behavior proof. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Risk before merge

• [P1] Existing downstream source code, tests, or fakes that reference WebLoginStartResult, WebLoginWaitResult, or the current IOperatorGatewayClient signatures can fail to compile after upgrade.
• [P1] The PR body reports incomplete required validation: ./build.ps1 was not run and the shared test project had 8 failures.
• [P1] No after-change real behavior proof is attached, so reviewers do not have a real tray/API upgrade or QR-linking check to pair with the API cleanup.

Maintainer options:

1. Preserve the public contract (recommended)
   Keep WebLoginStartResult, WebLoginWaitResult, and the current IOperatorGatewayClient return types, then share parsing internally if maintainers still want the cleanup.
2. Accept the breaking cleanup deliberately
   Maintainers can choose to land the new public API only with explicit upgrade acceptance, release-note context, and clean validation that covers fresh and upgrade scenarios.
3. Close and reopen a narrower cleanup
   If compatibility is preferred, close this branch and ask for a smaller PR that removes internal duplication without changing the shared public API.

Next step before merge

• [P2] Human follow-up is needed because the remaining blocker is a compatibility decision plus missing proof and clean validation, not only a mechanical edit.

Security
Cleared: The diff does not change dependencies, workflows, secrets handling, downloads, or security boundaries.

Review findings

• [P1] Preserve the existing web-login API types — src/OpenClaw.Shared/IOperatorGatewayClient.cs:110-112

Review details

Best possible solution:

Keep the existing public web-login result type names and interface signatures, and consolidate duplicate parsing behind a private or internal helper only after clean required validation.

Do we have a high-confidence way to reproduce the issue?

Yes for the review blocker: source inspection shows current main exposes the old result types and the PR removes them from the shared API. A downstream consumer naming those types or implementing the current interface would fail to compile against the PR head.

Is this the best way to solve the issue?

No. Public type removal is not the safest way to reduce duplication; a private helper or mapper can share the identical parsing while preserving the existing API.

Full review comments:

• [P1] Preserve the existing web-login API types — src/OpenClaw.Shared/IOperatorGatewayClient.cs:110-112
  Changing both methods to return WebLoginResult? removes the existing public WebLoginStartResult/WebLoginWaitResult contract from OpenClaw.Shared. Downstream callers or test fakes compiled against the current shared API can fail on upgrade even though the wire shape is unchanged; keep the public type names/signatures and consolidate parsing privately instead.
  Confidence: 0.92

Overall correctness: patch is incorrect
Overall confidence: 0.92

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 71d249711d63.

Label changes

Label changes:

• add rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🧂 unranked krab.
• add status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: The PR body reports test results only, with shared failures and no real after-change tray/API behavior proof. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.
• remove rating: 🦪 silver shellfish: Current PR rating is rating: 🧂 unranked krab, so this older rating label is no longer current.
• remove status: ⏳ waiting on author: Current PR status label is status: 📣 needs proof.

Label justifications:

• P2: This is a normal-priority cleanup PR with a clear but bounded shared API compatibility blocker.
• merge-risk: 🚨 compatibility: Merging the PR can break existing consumers compiled against the current WebLoginStartResult/WebLoginWaitResult public API.
• rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🧂 unranked krab.
• status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: The PR body reports test results only, with shared failures and no real after-change tray/API behavior proof. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Evidence reviewed

What I checked:

• Current public web-login types: Current main defines WebLoginStartResult and WebLoginWaitResult as public sealed classes with separate public names for the start and wait RPCs. (src/OpenClaw.Shared/ChannelsSnapshot.cs:237, 71d249711d63)
• Current shared interface signatures: Current main exposes IOperatorGatewayClient.WebLoginStartAsync as Task<WebLoginStartResult?> and WebLoginWaitAsync as Task<WebLoginWaitResult?>. (src/OpenClaw.Shared/IOperatorGatewayClient.cs:110, 71d249711d63)
• PR changes shared API surface: The PR head changes both interface methods to return WebLoginResult?, which is a source-breaking signature change for consumers compiled against the existing shared API. (src/OpenClaw.Shared/IOperatorGatewayClient.cs:110, f93bc66f8ba7)
• PR removes old result classes: The PR head replaces both public result classes with a single WebLoginResult class rather than preserving compatibility wrappers or old public names. (src/OpenClaw.Shared/ChannelsSnapshot.cs:242, f93bc66f8ba7)
• Shared library contract context: Repository docs describe OpenClaw.Shared as owning protocol models and the IOperatorGatewayClient interface, which makes this public API cleanup compatibility-sensitive. (docs/CONNECTION_ARCHITECTURE.md:17, 71d249711d63)
• Repository validation policy: AGENTS.md was read in full and requires ./build.ps1 plus both shared and tray test projects after changes; the PR body reports the Windows build was not run and shared tests had 8 failures. (AGENTS.md:1, 71d249711d63)

Likely related people:

• Christine Yan: git blame and -S history trace the current web-login result types, interface signatures, implementation, and tray call path to commit 85445c7. (role: introduced behavior; confidence: high; commits: 85445c78066b; files: src/OpenClaw.Shared/ChannelsSnapshot.cs, src/OpenClaw.Shared/IOperatorGatewayClient.cs, src/OpenClaw.Shared/OpenClawGatewayClient.cs)
• Scott Hanselman: Recent commits touched OpenClawGatewayClient, ChannelsPage, and adjacent Shared/gateway code after the web-login implementation, making this a useful routing signal for compatibility review. (role: recent area contributor; confidence: medium; commits: d23f8ca50013, d1b136347e95; files: src/OpenClaw.Shared/OpenClawGatewayClient.cs, src/OpenClaw.Tray.WinUI/Pages/ChannelsPage.xaml.cs)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.