@upx-us/shield - npm Package Compare versions

Comparing version 0.9.3 to 0.9.4

CHANGELOG.md

@@ -7,2 +7,10 @@ # Changelog
 
+## [0.9.4] — 2026-04-06
+
+### Fixed
+- Update checker: fix HTTP 406 on npm registry by switching to full packument URL (`/@upx-us/shield` instead of `/@upx-us/shield/latest`) — the abbreviated packument Accept header is only supported on the main package endpoint, not `/latest`
+- Update checker: add recovery log when consecutive failures reset after a successful check
+
+---
+
 ## [0.9.3] — 2026-04-06
@@ -9,0 +17,0 @@

dist/src/updater.js

@@ -170,3 +170,3 @@ "use strict";
     try {
-        const res = await fetch(`https://registry.npmjs.org/${PACKAGE_NAME}/latest`, {
+        const res = await fetch(`https://registry.npmjs.org/${PACKAGE_NAME}`, {
             signal: controller.signal,
@@ -182,3 +182,3 @@ headers: { 'Accept': 'application/vnd.npm.install-v1+json' },
         const data = await res.json();
-        const version = data?.version;
+        const version = data?.['dist-tags']?.latest;
         if (!version || !parseSemVer(version)) {
@@ -269,2 +269,5 @@ _lastNpmCheckError = `npm registry returned invalid/missing version: ${JSON.stringify(version)}`;
         state.lastError = null;
+        if (state.consecutiveFailures > 0) {
+            log.info('updater', `Update check recovered after ${state.consecutiveFailures} consecutive failure(s)`);
+        }
         state.consecutiveFailures = 0;
@@ -285,2 +288,5 @@ state.lastFailureStage = null;
     state.lastError = null;
+    if (state.consecutiveFailures > 0) {
+        log.info('updater', `Update check recovered after ${state.consecutiveFailures} consecutive failure(s)`);
+    }
     state.consecutiveFailures = 0;
@@ -287,0 +293,0 @@ state.lastFailureStage = null;

openclaw.plugin.json

@@ -5,3 +5,3 @@ {
   "description": "Real-time security monitoring \u2014 streams enriched, redacted security events to the Shield detection platform.",
-  "version": "0.9.3",
+  "version": "0.9.4",
   "skills": [
@@ -8,0 +8,0 @@ "./skills"

package.json

 {
   "name": "@upx-us/shield",
-  "version": "0.9.3",
+  "version": "0.9.4",
   "description": "Security monitoring and SIEM integration for OpenClaw agents — behavioral detection, case generation, and forensic audit trail via Google SecOps (Chronicle).",
@@ -5,0 +5,0 @@ "main": "dist/index.js",

New alerts

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

454393

0.16%

Lines of code

9205

0.07%

No dependency changes