Clawdie AI
Docs Home Source
Home/ Docs/ NanoClaw Upstream

NanoClaw Upstream

Fetch-only tracking — operator decides what to apply, nothing auto-merges

Clawdie is built on NanoClaw — the open source personal AI assistant framework by Peter Steinberger, adapted for FreeBSD. The upstream toggle lets you see what new commits are available in the NanoClaw project and decide what to apply to your installation.

Read-only by design

This feature only fetches. It never merges, rebases, or modifies your working tree. You are always in control. The agent can report what's available; a human applies the changes.

Why this matters in Clawdie

NanoClaw gives us the Linux-origin upstream line. Clawdie gives operators a FreeBSD-native deployment path with jails, PF, ZFS, and lower-friction onboarding through preloaded skills memory. Upstream tracking is the maintainer side of that story; polished FreeBSD bootstrap is the operator side.

Setup

Enable upstream tracking

Run once during or after initial setup:

npx tsx setup/index.ts --step upstream --enable

This does three things atomically:

  1. Adds a nanoclaw git remote pointing to codeberg.org/NanoClaw/NanoClaw.git
  2. Runs git fetch nanoclaw --no-tags (read-only, no tag pollution)
  3. Writes NANOCLAW_UPSTREAM_ENABLED=true to your .env

Check status

npx tsx setup/index.ts --step upstream --status

Disable

npx tsx setup/index.ts --step upstream --disable

Sets NANOCLAW_UPSTREAM_ENABLED=false in .env. The remote stays configured — re-enable any time without re-fetching history.

Prerequisites

Clawdie must be initialised as a git repository (happens during install). Internet access required for the initial fetch. Subsequent fetches are incremental — only new commits are transferred.

Not the same as skills-memory bootstrap

Upstream tracking and preloaded skills memory solve different problems. The upstream toggle helps maintainers follow NanoClaw evolution. The skills-memory bootstrap helps operators get through install with fewer setup-time LLM calls by importing precomputed vectors into the database jail.

Agent tool: check_upstream_updates

Once upstream is enabled, the agent has a check_upstream_updates MCP tool available in every session. Ask from chat:

Example conversation

"What's new in NanoClaw upstream?"

→ Agent calls check_upstream_updates, reads commits in nanoclaw/main not yet in HEAD, and returns a readable list with a cherry-pick hint.

The tool returns one of three results:

Situation Response
Remote not configured Instruction to run --step upstream --enable
Up to date "Up to date with NanoClaw upstream" (+ local-ahead count if any)
Commits available Commit list with hashes, messages, cherry-pick hint

The tool runs against the host project directory (/workspace/project) from inside the agent jail — it does not need network access and never modifies any files.

Automatic fetch (optional cron)

The scripts/fetch-upstream.ts script is designed for cron. It fetches the remote, prints a divergence summary, and exits. Nothing is modified on the working tree.

Typical weekly cron (run as the agent user):

# crontab -e (as clawdie user)
0 3 * * 1  cd /home/clawdie/clawdie-ai && npx tsx scripts/fetch-upstream.ts >> logs/upstream.log 2>&1

Sample output:

[13.03.2026, 03:00:01] Fetching nanoclaw/main...
! 3 upstream commit(s) available:
a4f2c11 feat: add add-image-vision skill
9e3b881 fix: channel registry disconnect edge case
1d0a9c4 chore: bump @modelcontextprotocol/sdk to 1.9.0
  (7 local commit(s) ahead of upstream)

Set NANOCLAW_UPSTREAM_ENABLED=false in .env to skip the fetch silently — useful if you need to temporarily disable without removing the cron entry.

Applying upstream changes

Upstream commits are never applied automatically. The standard workflow after reviewing what's available: 

# Inspect a commit before touching your tree
git show a4f2c11

# Apply one commit
git cherry-pick a4f2c11

# Apply a range of commits
git cherry-pick 9e3b881^..a4f2c11

# Just read for ideas — the FreeBSD port often diverges intentionally
git diff HEAD...nanoclaw/main -- src/channels/registry.ts
FreeBSD divergence is intentional

NanoClaw targets Linux/Docker. Clawdie targets FreeBSD/Bastille jails. Not every upstream commit applies cleanly — and some shouldn't. Read before you cherry-pick. The agent can explain what a commit does.

Option A vs Option B

Two architectures for upstream tracking. Option A is implemented and running. Option B is documented in Phase 7 of the refactor plan — deferred until Option A proves insufficient.

Feature Option A — current live Option B — Gitea jail phase 7
Upstream remote codeberg.org (public) Self-hosted Gitea jail
Infrastructure None — just a git remote Gitea jail + zroot/git/nanoclaw ZFS dataset
Auto-fetch Optional cron script Gitea mirror (hourly, webhook-triggered)
Agent visibility check_upstream_updates tool Same + gitea_list_repos, gitea_create_branch
Applying changes Manual git cherry-pick Agent proposes branch → operator reviews PR in Gitea UI
Private fork support Not applicable Full: private repos, per-agent datasets
Internet required Yes (fetch) Only for initial mirror; air-gapped after
When to upgrade When you need GitOps, private forks, or air-gapped deployment

Switching from Option A to Option B: update NANOCLAW_REMOTE_URL in setup/upstream.ts to point to your Gitea instance, re-run --step upstream --enable. The NANOCLAW_UPSTREAM_ENABLED flag and all agent tools remain the same.

How it works

The upstream setup step lives in setup/upstream.ts and registers in the standard setup step registry in setup/index.ts. It uses the same emitStatus / logger pattern as every other setup step.

The check_upstream_updates MCP tool is registered directly in jail/agent-runner/src/ipc-mcp-stdio.ts — the same server used for task scheduling and messaging. It calls git log HEAD..nanoclaw/main --oneline --no-merges against /workspace/project (the host repo mounted read-only into the jail) and returns the result as text.

The cron script at scripts/fetch-upstream.ts runs on the host (not inside a jail) and is intentionally minimal — it has no dependencies beyond Node.js and git.

FilePurpose
setup/upstream.ts Setup step: enable/disable/fetch/status
setup/index.ts Registers upstream in STEPS registry
scripts/fetch-upstream.ts Cron-safe host-side fetch script
jail/agent-runner/src/ipc-mcp-stdio.ts Registers check_upstream_updates MCP tool
.env NANOCLAW_UPSTREAM_ENABLED toggle flag
Clawdie AI · Docs · NanoClaw Upstream
Last updated: 13.03.2026