v0.0.73
NemoClaw v0.0.73 improves custom endpoint safety, Linux GPU onboarding, agent-aware policy validation, upgrade recovery, LangChain Deep Agents Code inference, and operator documentation.
- Custom endpoint handling now fails closed before downstream handoff when an HTTPS endpoint relies on DNS and NemoClaw cannot pin the validated peer across the OpenShell runtime boundary. Public HTTP endpoints continue to use DNS-pinned IP URLs, and HTTPS IP-literal endpoints remain accepted. For more information, refer to NemoClaw CLI Commands Reference, Choose an Inference Provider, and Troubleshooting.
- GPU sandbox onboarding now uses OpenShell native GPU injection by default on ordinary native Linux hosts with usable CDI. Docker Desktop WSL and Jetson/Tegra retain the compatibility path, which preserves the OpenShell supervisor boundary, captures bounded redacted diagnostics, and attempts rollback when a recreated container fails. For more information, refer to NemoClaw CLI Commands Reference, Troubleshooting, and Choose a Local Inference Server.
- Messaging policy presets now respect agent support before
policy-addchanges state. Terminal runtimes such as LangChain Deep Agents Code reject unsupported channel presets before endpoint disclosure or confirmation, matching the existingchannels addboundary. For more information, refer to NemoClaw CLI Commands Reference, Choose Messaging Channels, and Platform Support and Launch Claims. - Pre-upgrade backups can skip a running sandbox whose in-sandbox SSH endpoint is unreachable when
NEMOCLAW_SKIP_UNREACHABLE_SANDBOX_BACKUP=1is set. Installer-driven upgrades restore skipped sandboxes from the latest validated backup, while standalonebackup-allruns only skip the failure and do not schedule a restore. Any uncommitted state since the latest successful backup is not preserved. For more information, refer to NemoClaw CLI Commands Reference, Recover and Rebuild Sandboxes, and Host Files and State. - LangChain Deep Agents Code now reaches
inference.localthrough the managed OpenShell proxy across interactive, login-shell, direct-exec, and connect-probe paths. The runtime normalizes proxy environment state, clears inherited bypass settings, and keeps credential-shaped values out of persisted proxy configuration. Rebuild existing LangChain Deep Agents Code sandboxes after upgrading so they receive the corrected image scripts. For more information, refer to Quickstart with LangChain Deep Agents Code and Troubleshooting. - Setup and recovery guidance now covers the Docker CLI requirement for Homebrew Colima, Cursor terminal restrictions on Windows, stale Kubernetes namespace cleanup, OpenShell and OpenClaw gateway startup order, and stopped-container recovery.
The new Host Files and State reference explains files under
~/.nemoclaw/and which registry and backup state uninstall preserves. For more information, refer to Prerequisites, Prepare Windows for NemoClaw, Host Files and State, and Troubleshooting.