JRB Remote Site API for OpenClaw

6.5.0

• REBRAND: Internal references changed from OpenClaw to JRB
  • Header: X-OpenClaw-Token → X-JRBRemoteSite-Token (backward compat maintained for v6.5.x)
  • Classes: OpenClaw_* → JRB_*
  • Functions: openclaw_* → jrb_*
  • Route namespace: openclaw/v1 → jrb/v1 (both supported during transition)
• SECURITY:
  • All 57 endpoints audited, 44 capabilities verified
  • /ping endpoint now requires authentication (was publicly accessible)
  • Legacy plaintext token storage removed (security hardening)
  • Debug endpoint removed (was exposing module code samples)
  • Pre-release security audit passed (Azazel)
• PERFORMANCE: Conditional module loading (only loads if dependency active) – 44-67% reduction
• RELIABILITY: Media module auto-recovery mechanism, health checks, diagnostics endpoint
• DOCUMENTATION: New PERMISSIONS.md, MODULES.md, CODE_QUALITY_AUDIT.md, SECURITY_AUDIT.md
• CODE QUALITY: Desloppify audit passed (Leviathan) – zero TODO/FIXME/XXX comments
• BACKWARD COMPAT: Legacy X-OpenClaw-Token still supported (deprecated, removed in v7.0.0)

6.4.1

• Fixed media module not loading issue – module-media.php now properly registers all media REST endpoints
• Removed placeholder functions and dangling route registrations that blocked media module
• All media security validations remain intact (CSRF, capability checks, file validation)
• WordPress coding standards compliant

6.3.2

• First official release on the WordPress Plugin Directory.
• Synchronized versioning across GitHub and SVN.
• Enhanced FluentCRM integration and Square POS bridge support.

2.7.6

• Update GitHub updater logic.