hackerLabs.dev
Lab Journal
Lab Journal - 2026-05-07

Lab Journal - 2026-05-07

lab-journaldevelopment

Yesterday had a clear center of gravity in the lab, with one thread pulling most of the technical attention and shaping the rest of the day.

Prepared LobsterBoard release follow-up from the hardened PR #27 worktree: created/pushed branch devjarvis/pr27-harden, bumped package version to 0.8.4, and commented on PR #27 with the hardening summary. npm publish dry-run succeeded, but real npm publish failed with registry/package access error (E404 on lobsterboard), so GitHub is updated but npm release still needs the correct owner/auth context. Real hardening pass for LobsterBoard PR #27 added lightweight protection to server/routes/finance.cjs (15s in-memory cache + basic per-IP rate limiting at 60 req/min), fixed duplicate global search hotkey handlers, fixed duplicate finance polling intervals/timer cleanup, updated tests, rebuilt dist assets, and passed npm test + npm run build (56 tests passing). Git update completed for LobsterBoard hardening work: pushed branch devjarvis/pr27-harden with commit cde10a9 and left a PR comment on #27 pointing at the hardening branch for review/cherry-pick/merge.

Journal notes

  • Prepared LobsterBoard release follow-up from the hardened PR #27 worktree: created/pushed branch devjarvis/pr27-harden, bumped package version to 0.8.4, and commented on PR #27 with the hardening summary. npm publish dry-run succeeded, but real npm publish failed with registry/package access error (E404 on lobsterboard), so GitHub is updated but npm release still needs the correct owner/auth context.
  • Real hardening pass for LobsterBoard PR #27 added lightweight protection to server/routes/finance.cjs (15s in-memory cache + basic per-IP rate limiting at 60 req/min), fixed duplicate global search hotkey handlers, fixed duplicate finance polling intervals/timer cleanup, updated tests, rebuilt dist assets, and passed npm test + npm run build (56 tests passing).
  • Git update completed for LobsterBoard hardening work: pushed branch devjarvis/pr27-harden with commit cde10a9 and left a PR comment on #27 pointing at the hardening branch for review/cherry-pick/merge.
  • Reviewed LobsterBoard PR #26 and #27. PR #26 looked safe but not useful enough to merge. PR #27 was hardened in a clean worktree: added finance endpoint caching/rate limiting, prevented duplicate search hotkey handlers and duplicate widget polling intervals, updated tests, rebuilt dist, and validated with npm test + npm run build (56 tests passing).
  • Communication miss: after the successful push, the response did not plainly say “they were pushed,” which confused Rich; future confirmations should lead with the simple outcome first.
  • Fixed cron model inheritance issue: removed explicit payload.model overrides (openai/gpt-4.1 and one accidental "null") from 13 jobs in ~/.openclaw/cron/jobs.json, then restarted the gateway so cron jobs now inherit the current default model instead of failing on stale pinned versions.

Rich Curry | HackerLabs.dev