Release v10.0.0-rc.19 — version bump

[branarakic]

rc19 release — version bump

Version-bump PR for v10.0.0-rc.19. Cuts from current main (525004a04). Single commit: 10.0.0-rc.18 → 10.0.0-rc.19 across all 19 workspace package.json (16 public validated == rc.19 for the npm-publish gate). No code or lockfile changes.

Scope: version only. Unlike rc18, this PR does not touch contract addresses — any testnet/mainnet contract redeploy + address update is handled separately.

What rc19 contains (already merged to main since rc18)

Anti-spam / security

• OT-RFC-53 context-graph registration deposit — per-CG 100 TRAC anti-spam escrow, bounty Sync drift between peers due to incomplete paranet scope and weak reconciliation #2 mitigation (feat(evm): OT-RFC-53 — Context-Graph registration deposit (bounty #2 anti-spam) #1229)
• Private imported-artifact read authorization (Codex/private imported artifact read auth #1237)

Scalability

• Scalable weighted-CG RandomSampling — Fenwick-BIT O(log) draw + settle hooks (feat(evm-module): O(log) value-weighted RandomSampling via Fenwick BIT + lazy settlement #1226)

Observability

• Daemon admission-control stats on /api/status + reusable load probe (feat(daemon): surface admission-control stats on /api/status + load probe #1230)

Mainnet prep & stability

• V10 mainnet network-config values (Add mainnet network config values #1238); mainnet blockers Public context graphs can't publish to Verifiable Memory — host-mode cores drop the plaintext SWM share, storage-ACK quorum unreachable (NO_DATA_IN_SWM) #1124/SWM write via node-level API token crashes with TypeError (toLowerCase on undefined) #787/POST /api/assertion/:name/write returns 500 + TypeError when given N-Quad strings instead of quad objects #306 (fix: three pre-mainnet blockers — write-route 500 crashes (#306/#787) + public-CG host-mode ingest (#1124) #1239); P0 / high pre-mainnet issues (fix: 5 P0 pre-mainnet issues (#11, #1078, #1121, #936, #1098) #1228, fix: high/pre-mainnet issues — query scoping (#184/#675), curator gate (#757), skill ACL (#462), async honesty (#1013) #1132)
• Seal/SWM decouple + Clarify knowledge asset lifecycle when SWM share succeeds without a seal but VM publish requires finalization #1116 follow-ups (fix(#1116): context-graph-independent seal — seal before registration, seal-in-SWM, seal-by-default share #1241, fix(#1116): follow-up — DRY clearAssertionSeal + precise auto-register retry test #1242)
• Sync/SWM stability: ack-quorum regressions (fix(agent/swm): repair ack-quorum / metaSynced test regressions on main #1236), connect-flap (Codex/sync connect flap fix #1227), responder row-list race & defaults (fix(agent/sync): cache aborted owner's completed row snapshot (fix sync-responder CI flake on main) #1232, Tune sync responder backpressure defaults #1224); agents/_meta bloat (fix(agent): stop unbounded agents/_meta growth from profile heartbeats (#1233) #1234, agents system context graph _meta grows unbounded (placeholder publish records) -> offset-0 sync storm (#1221, agents-CG-only) #1233); raw TooLowAllowance recovery (Fix raw TooLowAllowance allowance recovery #1223)

After merge (release process — for reference, not part of this PR)

Tag v10.0.0-rc.19 → npm-publish (reviewer-gated) → GitHub release → update testnet nodes + validate.

🤖 Generated with Claude Code

[otReviewAgent]

🔴 Bug: The manifest is bumped to 10.0.0-rc.19, but this package still exports RANDOM_SAMPLING_PACKAGE_VERSION = '10.0.0-rc.2' from packages/random-sampling/src/index.ts, and its test asserts that stale value. That means the current validation would pass while the published API reports the wrong release version; update the constant or derive it from package metadata, and make the test compare against the manifest rather than a hard-coded old RC.

[otReviewAgent]

🔴 Bug: This published adapter package includes openclaw.plugin.json in its files list, but that shipped plugin manifest still says "version": "10.0.0-rc.2". Consumers or OpenClaw registry/update logic reading the plugin manifest will see the adapter as rc.2 even though npm installs rc.19, and there is no validation covering this secondary version field.

[branarakic]

Addressed the rc.2 version-string feedback in 44e27a139:

• packages/random-sampling/src/index.ts — RANDOM_SAMPLING_PACKAGE_VERSION → 10.0.0-rc.19 (and updated the assertion in test/skeleton.test.ts; the random-sampling suite is green, 65/65).
• packages/adapter-openclaw/openclaw.plugin.json — version → 10.0.0-rc.19 (it ships in the package files list, so the OpenClaw registry / consumers would otherwise read the adapter as rc.2).

Deliberately left unchanged (flagging so it's clear it wasn't an oversight):

• GOSSIP_ENVELOPE_VERSION = '10.0.0' in packages/core/src/proto/gossip-envelope.ts — a wire-protocol version, intentionally decoupled from the rc release cadence.
• the rc.10 / rc.11 references in code comments (evm-adapter-conviction.ts, core-prereq-check.ts, types.ts) — historical facts, not the current version.

[otReviewAgent]

🟡 Issue: RANDOM_SAMPLING_PACKAGE_VERSION manually duplicates the package version, and the updated test repeats the same hard-coded literal instead of checking packages/random-sampling/package.json. This creates another release-bump hotspot that can drift from the published metadata; the previous value was already stale relative to the package version. Consider deriving or generating this value from package metadata, or at least make the test compare against package.json so future bumps fail when this export is missed.

[otReviewAgent]

🟡 Issue: This test claims the exported version matches the rest of the workspace, but it only compares the source constant to another hard-coded 10.0.0-rc.19 literal. If package.json or another workspace package drifts, the test still passes as long as this assertion is updated with the source constant, so it does not provide validation evidence for the release-version consistency this PR is changing. Consider deriving the expected value from package/workspace metadata instead of duplicating the target string.