[Repo Assist] fix(config): render JSON object editor for object-typed schema fields

[github-actions]

🤖 This PR was created by Repo Assist, an automated AI assistant.

Summary

Closes #655

Object-typed schema fields without fixed properties (such as the headers field on embedding providers like Azure Foundry) previously fell through to the string editor in SchemaConfigEditor. This caused the UI to stage and save a string value instead of a JSON object, silently corrupting the provider configuration.

Root Cause

RenderField in SchemaConfigEditor.xaml.cs handles enum, boolean, number, integer, and array types explicitly, then falls through to the string editor for everything else — including object type fields. When a user entered {"api-key": "value"} into the string editor, the value was staged as the literal string "{\"api-key\": \"value\"}" rather than as a JSON object, which would be rejected or misinterpreted by the gateway.

Fix

Add a RenderJsonObjectField method (modelled on the existing RenderJsonArrayField) and dispatch object-typed fields to it in RenderField:

• Renders a multi-line Consolas TextBox pre-populated with the current JSON object value (or {} as the empty placeholder).
• Parses and validates JSON on each keystroke; only stages a value when the input is a valid JSON object.
• Shows an inline validation error when the input is not a valid JSON object.
• Keeps the Save button disabled until the value is corrected.

Trade-offs

• The editor shows raw JSON rather than a key-value grid UI. This is consistent with the existing RenderJsonArrayField approach for complex array items, and avoids the complexity of a dynamic row editor with unknown key types.
• Object fields with fixed properties continue to render as expandable sections (unchanged RenderObjectSection path).

Test Status

• Tray tests: ✅ Passed — 932/934 (0 failures, 2 skipped/Windows-only)
• Shared tests: ✅ 2037/2074 passed; 8 pre-existing failures (infrastructure/Windows-specific tests unrelated to this change)
• WinUI build: ⚠️ Cannot build on Linux (NETSDK1100: Windows-targeting project); change adds a RenderJsonObjectField method using the same API surface already present in RenderJsonArrayField, so no new Windows-only issues are introduced.

Generated by 🌈 Repo Assist, see workflow run. Learn more.

To install this agentic workflow, run

gh aw add githubnext/agentics/workflows/repo-assist.md@97143ac59cb3a13ef2a77581f929f06719c7402a

Generated by 🌈 Repo Assist, see workflow run. Learn more.

To install this agentic workflow, run

gh aw add githubnext/agentics/workflows/repo-assist.md@97143ac59cb3a13ef2a77581f929f06719c7402a

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed June 3, 2026, 9:56 PM ET / 01:56 UTC.

Summary
Adds a JSON object text editor branch in SchemaConfigEditor.xaml.cs for object-typed schema fields, modeled on the existing JSON array editor.

Reproducibility: yes. Source inspection shows object-typed schema fields without fixed properties currently reach the scalar fallback and can stage text instead of an object; I did not run the WinUI app in a live gateway setup.

Review metrics: none identified.

Merge readiness
Overall: 🦪 silver shellfish
Proof: 🧂 unranked krab
Patch quality: 🐚 platinum hermit
Result: blocked until real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P1] Add redacted real behavior proof showing an object-typed provider headers field being edited and saved as a JSON object.
• Run and report ./build.ps1 plus the shared and tray test commands from AGENTS.md in a suitable environment.

Proof guidance:

• [P1] Needs real behavior proof before merge: The PR body reports tests but no redacted screenshot, recording, terminal/live output, or log showing the after-fix WinUI config edit/save path; private values such as API keys and endpoints should be redacted, and updating the PR body should trigger a fresh review or a maintainer can comment @clawsweeper re-review. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Mantis proof suggestion
A short visible desktop proof would materially help confirm the WinUI config editor renders and saves object-typed headers correctly. A maintainer can ask Mantis to capture proof by posting a new PR comment that starts with the OpenClaw Mantis account mention, followed by:

visual task: verify the WinUI config editor renders an object-typed provider headers field as a JSON object editor and saves it as an object, not a string.

Risk before merge

• [P1] No redacted after-fix WinUI proof currently shows that editing a provider headers object stages and saves JSON as an object rather than a string.
• [P1] The repository-required ./build.ps1 validation is not demonstrated; the PR body says the Windows-targeting build could not run on Linux, and the shared test run reported unrelated failures.

Maintainer options:

1. Decide the mitigation before merge
   Land the narrow object-field editor after adding real WinUI proof for the headers edit/save path and completing the required Windows build and test validation.
2. Pause or close
   Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

• [P2] There is no narrow code defect for automation to repair; a contributor or maintainer needs to add real behavior proof and complete the repository-required validation.

Security
Cleared: The diff only adds local WinUI JSON-object parsing/rendering and does not change dependencies, workflows, credential storage, network permissions, or code execution surfaces.

Review details

Best possible solution:

Land the narrow object-field editor after adding real WinUI proof for the headers edit/save path and completing the required Windows build and test validation.

Do we have a high-confidence way to reproduce the issue?

Yes. Source inspection shows object-typed schema fields without fixed properties currently reach the scalar fallback and can stage text instead of an object; I did not run the WinUI app in a live gateway setup.

Is this the best way to solve the issue?

Yes, with evidence still pending. A generic JSON object editor in SchemaConfigEditor is the narrow maintainable fix, but merge should wait for real behavior proof and required validation.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 85445c78066b.

Label changes

Label justifications:

• P2: The PR addresses a real provider configuration bug with limited blast radius and an existing CLI workaround, but it still needs merge-readiness evidence.
• rating: 🦪 silver shellfish: Overall readiness is 🦪 silver shellfish; proof is 🧂 unranked krab and patch quality is 🐚 platinum hermit.
• status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: The PR body reports tests but no redacted screenshot, recording, terminal/live output, or log showing the after-fix WinUI config edit/save path; private values such as API keys and endpoints should be redacted, and updating the PR body should trigger a fresh review or a maintainer can comment @clawsweeper re-review. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Evidence reviewed

What I checked:

• Repository policy read: The full AGENTS.md was read; it requires ./build.ps1, shared tests, and tray tests after changes, which matters because the PR body says the Windows build was not run. (AGENTS.md:1, 85445c78066b)
• Current main bug path: Current master renders object properties with fixed child properties as sections, but object-typed fields without properties go through RenderField; RenderField currently falls through non-array object fields to the string editor path. (src/OpenClaw.Tray.WinUI/Controls/SchemaConfigEditor.xaml.cs:121, 85445c78066b)
• PR implementation: The PR patch adds an else if (type == "object") dispatch and a RenderJsonObjectField method that parses text as a JSON object, stages a cloned JsonElement, and reports validation errors for invalid JSON or non-object JSON. (src/OpenClaw.Tray.WinUI/Controls/SchemaConfigEditor.xaml.cs:228, 68a6d37acf78)
• Existing precedent: Current main already has RenderJsonArrayField, which uses the same raw JSON text-box pattern for complex arrays and stages a cloned JsonElement after parsing. (src/OpenClaw.Tray.WinUI/Controls/SchemaConfigEditor.xaml.cs:432, 7d9152f427a3)
• Save and validation wiring: ApplyEditorChanges stores editor values in _pendingChanges, OnSaveAsync refuses to save while _validationErrors is non-empty, and the Save button is disabled when validation errors exist. (src/OpenClaw.Tray.WinUI/Pages/ConfigPage.xaml.cs:436, 85445c78066b)
• Serialization path: ConfigEditorModel.ApplyChanges serializes pending values to JsonNode; a staged JsonElement object should be applied as JSON rather than as a string. (src/OpenClaw.Tray.WinUI/Services/ConfigEditorModel.cs:56, 85445c78066b)

Likely related people:

• RBrid: Blame and follow history attribute SchemaConfigEditor, ConfigPage, and ConfigEditorModel config-editing behavior to commit 7d9152f427a3007cbe663513ef34c89719473a41. (role: introduced current config editor behavior; confidence: medium; commits: 7d9152f427a3; files: src/OpenClaw.Tray.WinUI/Controls/SchemaConfigEditor.xaml.cs, src/OpenClaw.Tray.WinUI/Pages/ConfigPage.xaml.cs, src/OpenClaw.Tray.WinUI/Services/ConfigEditorModel.cs)
• christineyan4: The current main tip 85445c78066b2c4b5927e1e72a9a376f443ae8f4 recently touched SchemaConfigEditor.xaml.cs during localization, so this person is relevant for nearby UI string/localization context but not the object-editor behavior itself. (role: recent adjacent contributor; confidence: low; commits: 85445c78066b; files: src/OpenClaw.Tray.WinUI/Controls/SchemaConfigEditor.xaml.cs)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.