chore(deps): update dependency jo-inc/camofox-browser to v1.11.2 #13

Merged

mehalter merged 1 commit from renovate/jo-inc-camofox-browser-1.x into main 2026-05-24 08:27:11 -04:00

Conversation 0 Commits 1 Files changed 1 +1 -1

renovate-bot commented 2026-05-24 02:01:06 -04:00

Collaborator

Copy link

This PR contains the following updates:

Package	Update	Change
jo-inc/camofox-browser	minor	1.10.1 → 1.11.2

---

Release Notes

jo-inc/camofox-browser (jo-inc/camofox-browser)

v1.11.2: — CLI Binary

Compare Source

CLI Binary

The npm package now installs a camofox-browser executable.

Run standalone from npm:

npx @​askjo/camofox-browser

Or install globally:

npm install -g @​askjo/camofox-browser
camofox-browser

Default port is still 9377; configure via the same environment variables as source installs.

v1.11.1

Compare Source

ClawHub Publish Fix

Restores the ClawHub runtime id to camofox-browser so the package can publish as an update to the existing @askjo/camofox-browser listing.

No runtime behavior changes from v1.11.0.

v1.11.0: — Windows Support, OpenClaw Compatibility, Production Reliability

Compare Source

Windows Support

Windows users can now build and run camofox-browser without WSL or make.

This release adds a PowerShell build.ps1 workflow, enforces LF line endings for shell scripts, and fixes Docker builds from Windows checkouts by invoking shell scripts through sh. Plugin loading also works correctly on Windows now: plugins are imported via file:// URLs instead of raw filesystem paths.

OpenClaw Compatibility

OpenClaw 2026.5.x requires packages to declare tool ownership in contracts.tools. camofox-browser now ships that manifest metadata, fixing tool registration failures in newer OpenClaw versions.

Fixes #​3141 and #​3392.

Cross-Origin Iframe Interaction

Accessibility snapshots now traverse supported iframes, and refs can resolve back into their owning frames. This makes embedded checkout/payment fields visible and clickable through the normal ref-based flow.

Tracking and analytics iframes are filtered out so snapshots stay focused on actionable page content.

Security Hardening

Several sensitive routes now require configured auth:

• POST /tabs/:tabId/evaluate
• DELETE /sessions/:userId
• POST /pressure/cleanup

Cookie import now uses the shared auth middleware too. If you expose camofox-browser beyond loopback, verify your CAMOFOX_API_KEY / CAMOFOX_ACCESS_KEY setup before upgrading.

Production Reliability

This release pulls in reliability fixes from jo production usage:

• Idle shutdown no longer leaks orphaned Camoufox processes
• Browser close now force-cleans escaped child processes
• Health checks stay green after idle browser shutdown
• Stale tab errors are clearer and more recoverable
• Active tab operations refresh session access time so live sessions are not expired
• Popups from target=_blank and window.open are tracked as managed tabs
• Tab operations are better serialized with per-tab locks
• Navigation timeout cleanup avoids poisoning proxy-backed sessions
• YouTube transcript session cleanup handles races more safely
• Crash/stall reporter no longer treats 429 relay responses as successful delivery

Fixes & Improvements

• Prometheus metrics are lazy-loaded and disabled by default unless explicitly enabled
• Snapshot size metrics added
• Navigate requests are aborted when their tab is deleted
• Retry-path const reassignment crashes fixed
• VNC plugin config is explicit and disabled by default
• Optional Sentry integration no longer prevents server startup when Sentry is not installed

Thank You

Thanks to:

• @​kgarg2468 — OpenClaw contracts and Windows/Electron feedback
• @​SirBrenton — reporter 429 handling
• @​sebastiondev — auth hardening
• @​Chen-538 — Windows plugin loading fix
• @​dawsman — VNC config cleanup
• @​pasmud — Windows build support

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [jo-inc/camofox-browser](https://github.com/jo-inc/camofox-browser) | minor | `1.10.1` → `1.11.2` | --- ### Release Notes <details> <summary>jo-inc/camofox-browser (jo-inc/camofox-browser)</summary> ### [`v1.11.2`](https://github.com/jo-inc/camofox-browser/releases/tag/v1.11.2): — CLI Binary [Compare Source](https://github.com/jo-inc/camofox-browser/compare/v1.11.1...v1.11.2) #### CLI Binary The npm package now installs a `camofox-browser` executable. Run standalone from npm: ```bash npx @&#8203;askjo/camofox-browser ``` Or install globally: ```bash npm install -g @&#8203;askjo/camofox-browser camofox-browser ``` Default port is still `9377`; configure via the same environment variables as source installs. ### [`v1.11.1`](https://github.com/jo-inc/camofox-browser/releases/tag/v1.11.1) [Compare Source](https://github.com/jo-inc/camofox-browser/compare/v1.11.0...v1.11.1) #### ClawHub Publish Fix Restores the ClawHub runtime id to `camofox-browser` so the package can publish as an update to the existing `@askjo/camofox-browser` listing. No runtime behavior changes from v1.11.0. ### [`v1.11.0`](https://github.com/jo-inc/camofox-browser/releases/tag/v1.11.0): — Windows Support, OpenClaw Compatibility, Production Reliability [Compare Source](https://github.com/jo-inc/camofox-browser/compare/v1.10.1...v1.11.0) #### Windows Support Windows users can now build and run camofox-browser without WSL or `make`. This release adds a PowerShell `build.ps1` workflow, enforces LF line endings for shell scripts, and fixes Docker builds from Windows checkouts by invoking shell scripts through `sh`. Plugin loading also works correctly on Windows now: plugins are imported via `file://` URLs instead of raw filesystem paths. #### OpenClaw Compatibility OpenClaw 2026.5.x requires packages to declare tool ownership in `contracts.tools`. camofox-browser now ships that manifest metadata, fixing tool registration failures in newer OpenClaw versions. Fixes [#&#8203;3141](https://github.com/jo-inc/camofox-browser/issues/3141) and [#&#8203;3392](https://github.com/jo-inc/camofox-browser/issues/3392). #### Cross-Origin Iframe Interaction Accessibility snapshots now traverse supported iframes, and refs can resolve back into their owning frames. This makes embedded checkout/payment fields visible and clickable through the normal ref-based flow. Tracking and analytics iframes are filtered out so snapshots stay focused on actionable page content. #### Security Hardening Several sensitive routes now require configured auth: - `POST /tabs/:tabId/evaluate` - `DELETE /sessions/:userId` - `POST /pressure/cleanup` Cookie import now uses the shared auth middleware too. If you expose camofox-browser beyond loopback, verify your `CAMOFOX_API_KEY` / `CAMOFOX_ACCESS_KEY` setup before upgrading. #### Production Reliability This release pulls in reliability fixes from jo production usage: - Idle shutdown no longer leaks orphaned Camoufox processes - Browser close now force-cleans escaped child processes - Health checks stay green after idle browser shutdown - Stale tab errors are clearer and more recoverable - Active tab operations refresh session access time so live sessions are not expired - Popups from `target=_blank` and `window.open` are tracked as managed tabs - Tab operations are better serialized with per-tab locks - Navigation timeout cleanup avoids poisoning proxy-backed sessions - YouTube transcript session cleanup handles races more safely - Crash/stall reporter no longer treats `429` relay responses as successful delivery #### Fixes & Improvements - Prometheus metrics are lazy-loaded and disabled by default unless explicitly enabled - Snapshot size metrics added - Navigate requests are aborted when their tab is deleted - Retry-path `const` reassignment crashes fixed - VNC plugin config is explicit and disabled by default - Optional Sentry integration no longer prevents server startup when Sentry is not installed #### Thank You Thanks to: - [@&#8203;kgarg2468](https://github.com/kgarg2468) — OpenClaw contracts and Windows/Electron feedback - [@&#8203;SirBrenton](https://github.com/SirBrenton) — reporter 429 handling - [@&#8203;sebastiondev](https://github.com/sebastiondev) — auth hardening - [@&#8203;Chen-538](https://github.com/Chen-538) — Windows plugin loading fix - [@&#8203;dawsman](https://github.com/dawsman) — VNC config cleanup - [@&#8203;pasmud](https://github.com/pasmud) — Windows build support </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDkuNSIsInVwZGF0ZWRJblZlciI6IjQzLjEwOS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZSJdfQ==-->

renovate-bot added 1 commit 2026-05-24 02:01:06 -04:00

chore(deps): update dependency jo-inc/camofox-browser to v1.11.0 e016e02924

mehalter was assigned by renovate-bot 2026-05-24 02:01:07 -04:00

renovate-bot force-pushed renovate/jo-inc-camofox-browser-1.x from e016e02924 to 2479903bdb 2026-05-24 05:01:06 -04:00 Compare

renovate-bot changed title from chore(deps): update dependency jo-inc/camofox-browser to v1.11.0 to chore(deps): update dependency jo-inc/camofox-browser to v1.11.2 2026-05-24 05:01:07 -04:00

mehalter merged commit 2479903bdb into main 2026-05-24 08:27:11 -04:00

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

mehalter

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

mehalter/camofox-browser!13

No description provided.