a2d73be3a4
Docs: switch README logo to SVG assets ( #47049 )
2026-03-15 08:58:45 +01:00
e3b7ff2f1f
Docs: fix MDX markers blocking page refreshes ( #46695 )
...
Merged via squash.
Prepared head SHA: 56b25a9fb3
2026-03-15 02:58:59 +01:00
f4dbd78afd
Add Feishu reactions and card action support ( #46692 )
...
* Add Feishu reactions and card action support
* Tighten Feishu action handling
2026-03-14 20:25:02 -05:00
4c6a7f84a4
docs: remove dead security README nav entry ( #46675 )
...
Merged via squash.
Prepared head SHA: 63331a54b8
2026-03-15 01:40:00 +01:00
2806f2b878
Heartbeat: add isolatedSession option for fresh session per heartbeat run ( #46634 )
...
Reuses the cron isolated session pattern (resolveCronSession with forceNew)
to give each heartbeat a fresh session with no prior conversation history.
Reduces per-heartbeat token cost from ~100K to ~2-5K tokens.
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-14 16:28:01 -07:00
3704293e6f
browser: drop headless/remote MCP attach modes, simplify existing-session to autoConnect-only ( #46628 )
2026-03-14 15:54:22 -07:00
2f7e548a57
chore: regenerate config baseline ( #46598 )
2026-03-14 15:44:13 -07:00
b1d8737017
browser: drop chrome-relay auto-creation, simplify to user profile only ( #46596 )
...
Merged via squash.
Prepared head SHA: 74becc8f7d
2026-03-14 15:40:02 -07:00
173fe3cb54
feat(browser): add headless existing-session MCP support esp for Linux/Docker/VPS ( #45769 )
...
* fix(browser): prefer managed default profile in headless mode
* test(browser): cover headless default profile fallback
* feat(browser): support headless MCP profile resolution
* feat(browser): add headless and target-url Chrome MCP modes
* feat(browser): allow MCP target URLs in profile creation
* docs(browser): document headless MCP existing-session flows
* fix(browser): restore playwright browser act helpers
* fix(browser): preserve strict selector actions
* docs(changelog): add existing-session MCP note
2026-03-14 14:59:30 -07:00
cbec476b6b
Docs: add config drift baseline statefile ( #45891 )
...
* Docs: add config drift statefile generator
* Docs: generate config drift baseline
* CI: move config docs drift runner into workflow sanity
* Docs: emit config drift baseline json
* Docs: commit config drift baseline json
* Docs: wire config baseline into release checks
* Config: fix baseline drift walker coverage
* Docs: regenerate config drift baselines
2026-03-14 14:23:30 -07:00
d33f3f843a
ci: allow fallback npm correction tags ( #46486 )
2026-03-14 19:38:14 +01:00
c30cabcca4
Docs: sweep recent user-facing updates ( #46424 )
...
* Docs: document Telegram force-document sends
* Docs: note Telegram document send behavior
* Docs: clarify memory file precedence
* Docs: align default AGENTS memory guidance
* Docs: update workspace FAQ memory note
* Docs: document gateway status require-rpc
* Docs: add require-rpc to gateway CLI index
2026-03-14 10:20:44 -07:00
0e893347f6
docs(nav): move btw to end of built-in tools ( #46416 )
2026-03-14 19:16:57 +02:00
133cce23ce
fix(btw): stop persisting side questions ( #46328 )
...
* fix(btw): stop persisting side questions
* docs(btw): document side-question behavior
2026-03-14 19:01:13 +02:00
9aac55d306
Add /btw side questions ( #45444 )
...
* feat(agent): add /btw side questions
* fix(agent): gate and log /btw reviews
* feat(btw): isolate side-question delivery
* test(reply): update route reply runtime mocks
* fix(btw): complete side-result delivery across clients
* fix(gateway): handle streamed btw side results
* fix(telegram): unblock btw side questions
* fix(reply): make external btw replies explicit
* fix(chat): keep btw side results ephemeral in internal history
* fix(btw): address remaining review feedback
* fix(chat): preserve btw history on mobile refresh
* fix(acp): keep btw replies out of prompt history
* refactor(btw): narrow side questions to live channels
* fix(btw): preserve channel typing indicators
* fix(btw): keep side questions isolated in chat
* fix(outbound): restore typed channel send deps
* fix(btw): avoid blocking replies on transcript persistence
* fix(btw): keep side questions fast
* docs(commands): document btw slash command
* docs(changelog): add btw side questions entry
* test(outbound): align session transcript mocks
2026-03-14 17:27:54 +02:00
c08317203d
ci: enforce calver freshness on npm publish
2026-03-14 13:45:40 +01:00
00891dee90
ci: switch npm release workflow to trusted publishing
2026-03-14 13:45:40 +01:00
61a7f2e7c3
docs: clarify npm release preview and publish flow
2026-03-14 13:45:40 +01:00
02a86da23a
ci: preserve manual npm release approval delays
2026-03-14 13:45:40 +01:00
c79c4ffbfb
fix(zai): align explicit coding endpoint setup with detected model defaults ( #45969 )
...
* fix: align Z.AI coding onboarding with endpoint docs
* fix: align Z.AI coding onboarding with endpoint docs (#45969 )
2026-03-14 16:20:37 +05:30
e7d9648fba
feat(cron): support custom session IDs and auto-bind to current session ( #16511 )
...
feat(cron): support persistent session targets for cron jobs (#9765 )
Add support for `sessionTarget: "current"` and `session:<id>` so cron jobs can
bind to the creating session or a persistent named session instead of only
`main` or ephemeral `isolated` sessions.
Also:
- preserve custom session targets across reloads and restarts
- update gateway validation and normalization for the new target forms
- add cron coverage for current/custom session targets and fallback behavior
- fix merged CI regressions in Discord and diffs tests
- add a changelog entry for the new cron session behavior
Co-authored-by: kkhomej33-netizen <kkhomej33-netizen@users.noreply.github.com>
Co-authored-by: ImLukeF <92253590+ImLukeF@users.noreply.github.com>
2026-03-14 16:48:46 +11:00
b6d1d0d72d
fix(browser): prefer user profile over chrome relay
2026-03-14 04:15:34 +00:00
f4fef64fc1
Gateway: treat scope-limited probe RPC as degraded reachability ( #45622 )
...
* Gateway: treat scope-limited probe RPC as degraded
* Docs: clarify gateway probe degraded scope output
* test: fix CI type regressions in gateway and outbound suites
* Tests: fix Node24 diffs theme loading and Windows assertions
* Tests: fix extension typing after main rebase
* Tests: fix Windows CI regressions after rebase
* Tests: normalize executable path assertions on Windows
* Tests: remove duplicate gateway daemon result alias
* Tests: stabilize Windows approval path assertions
* Tests: fix Discord rate-limit startup fixture typing
* Tests: use Windows-friendly relative exec fixtures
---------
Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain>
2026-03-13 23:13:33 -05:00
5c40c1c78a
fix(browser): add browser session selection
2026-03-14 03:46:44 +00:00
4357cf4e37
fix: harden browser existing-session flows
2026-03-13 23:56:48 +00:00
1ef0aa443b
docs(android): note that app is not publicly released yet ( #23051 )
...
Co-authored-by: Eyal <eyal.engad@gmail.com>
2026-03-13 15:14:53 -07:00
8c7bdbe4d1
Docs: describe Slack interactive replies ( #45463 )
2026-03-13 17:16:14 -04:00
75c7c169e1
test: re-enable Node 24 vmForks fast lane
2026-03-13 20:38:24 +00:00
5c07207dd1
ci: trim PR critical path
2026-03-13 20:38:24 +00:00
1ea97fddd7
docs: share docker vm runtime guidance
2026-03-13 20:19:39 +00:00
5225667e25
docs: trim duplicated wizard and gateway api examples
2026-03-13 20:19:39 +00:00
dbef3dfef0
docs(voice-call): clarify allowlist caller ID limits
2026-03-13 20:11:42 +00:00
593964560b
feat(browser): add chrome MCP existing-session support
2026-03-13 20:10:08 +00:00
d17490ff54
ci: speed up scoped workflow lanes
2026-03-13 19:53:40 +00:00
fc408bba37
Fix incorrect rendering of brave costs in docs ( #44989 )
...
Merged via squash.
Prepared head SHA: 8c69de8222
2026-03-13 21:37:39 +03:00
3cf06f7939
docs(plugins): clarify workspace shadowing
2026-03-13 13:15:46 +00:00
2f03de029c
fix(node-host): harden pnpm approval binding
2026-03-13 12:59:55 +00:00
61429230b2
fix(signal): add groups config to Signal channel schema ( #27199 )
...
Merged via squash.
Prepared head SHA: 4ba4a39ddf
2026-03-13 15:14:30 +03:00
a3eed2b70f
fix(agents): avoid injecting memory file twice on case-insensitive mounts ( #26054 )
...
* fix(agents): avoid injecting memory file twice on case-insensitive mounts
On case-insensitive file systems mounted into Docker from macOS, both
MEMORY.md and memory.md pass fs.access() even when they are the same
underlying file. The previous dedup via fs.realpath() failed in this
scenario because realpath does not normalise case through the Docker
mount layer, so both paths were treated as distinct entries and the
same content was injected into the bootstrap context twice, wasting
tokens.
Fix by replacing the collect-then-dedup approach with an early-exit:
try MEMORY.md first; fall back to memory.md only when MEMORY.md is
absent. This makes the function return at most one entry regardless
of filesystem case-sensitivity.
* docs: clarify singular memory bootstrap fallback
* fix: note memory bootstrap fallback docs and changelog (#26054 ) (thanks @Lanfei)
---------
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-03-13 14:39:51 +05:30
e986aa175f
docs: fix session key :dm: → :direct ( #26506 )
2026-03-13 14:28:33 +05:30
32d8ec9482
fix: harden windows gateway fallback launch
2026-03-13 04:58:35 +00:00
16ececf0a6
chore: bump version to 2026.3.13
2026-03-13 04:38:32 +00:00
433e65711f
fix: fall back to a startup entry for windows gateway install
2026-03-13 03:18:17 +00:00
b858d6c3a9
fix: clarify windows onboarding gateway health
2026-03-13 02:40:40 +00:00
d6d01f853f
fix: align Ollama onboarding docs before landing ( #43473 ) (thanks @BruceMacD)
...
(cherry picked from commit 19fa274343a102ca85c7679ec28c5a3503a99f55)
2026-03-13 02:03:54 +00:00
f906bf58db
docs(ollama): update onboarding flow
...
Co-Authored-By: Jeffrey Morgan <jmorganca@gmail.com>
(cherry picked from commit e8ca2ff4e522f2d971801a537b3c4fdfecde0711)
2026-03-13 02:03:54 +00:00
ddeb423944
fix: quiet Telegram command overflow retry logs
2026-03-13 01:45:56 +00:00
de3e6a8c5b
fix(routing): require ids for slack and msteams allowlists
2026-03-13 01:44:42 +00:00
c25e46a433
chore: prepare 2026.3.12 release
2026-03-13 01:38:20 +00:00
b14a5c6713
fix(zalouser): require ids for group allowlist auth
2026-03-13 01:31:17 +00:00
c80da4e72f
refactor: validate provider plugin metadata
2026-03-13 01:19:35 +00:00
d5b3f2ed71
fix(models): keep codex spark codex-only
2026-03-13 00:53:21 +00:00
35aafd7ca8
feat: add Anthropic fast mode support
2026-03-12 23:39:03 +00:00
d5bffcdeab
feat: add fast mode toggle for OpenAI models
2026-03-12 23:31:31 +00:00
319766639a
docs: explain plugin architecture
2026-03-12 22:24:35 +00:00
bf89947a8e
fix: switch pairing setup codes to bootstrap tokens
2026-03-12 22:23:07 +00:00
55f47e5ce6
onboard(minimax): flatten auth to 4 direct choices, unify CN/Global under single provider ( #44284 )
...
Replace the multi-step MiniMax onboarding wizard with 4 flat options:
- MiniMax Global — OAuth (minimax.io)
- MiniMax Global — API Key (minimax.io)
- MiniMax CN — OAuth (minimaxi.com)
- MiniMax CN — API Key (minimaxi.com)
Storage changes:
- Unify CN and Global under provider "minimax" (baseUrl distinguishes region)
- Profiles: minimax:global / minimax:cn (both regions can coexist)
- Model ref: minimax/MiniMax-M2.5 (no more minimax-cn/ prefix)
- Remove LM Studio local mode and Lightning/Highspeed choice
Backward compatibility:
- Keep minimax-cn in provider-env-vars for existing configs
- Accept minimax-cn as legacy tokenProvider in CI pipelines
- Error with migration hint for removed auth choices in non-interactive mode
- Warn when dual-profile overwrites shared provider baseUrl
Made-with: Cursor
2026-03-12 11:23:42 -07:00
9f08af1f06
fix(ci): harden docker builds and unblock config docs
2026-03-12 16:45:29 +00:00
46f0bfc55b
Gateway: harden custom session-store discovery ( #44176 )
...
Merged via squash.
Prepared head SHA: 52ebbf5188
2026-03-12 16:44:46 +00:00
b77b7485e0
feat(push): add iOS APNs relay gateway ( #43369 )
...
* feat(push): add ios apns relay gateway
* fix(shared): avoid oslog string concatenation
# Conflicts:
# apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift
* fix(push): harden relay validation and invalidation
* fix(push): persist app attest state before relay registration
* fix(push): harden relay invalidation and url handling
* feat(push): use scoped relay send grants
* feat(push): configure ios relay through gateway config
* feat(push): bind relay registration to gateway identity
* fix(push): tighten ios relay trust flow
* fix(push): bound APNs registration fields (#43369 ) (thanks @ngutman)
2026-03-12 18:15:35 +02:00
8525fd94ea
docs: sync Feishu secretref credential matrix
...
## Summary
- Problem: `src/secrets/target-registry.test.ts` fails on latest `main` because the runtime registry includes Feishu `encryptKey` paths that the docs matrix and surface reference omit.
- Why it matters: the docs/runtime sync guard currently blocks prep and merge work for unrelated PRs, including `#25558`.
- What changed: regenerated the secretref credential matrix and updated the surface reference to include both Feishu `encryptKey` paths.
- What did NOT change (scope boundary): no runtime registry behavior, config semantics, or channel handling changed.
## Change Type (select all)
- [x] Bug fix
- [ ] Feature
- [ ] Refactor
- [x] Docs
- [ ] Security hardening
- [ ] Chore/infra
## Scope (select all touched areas)
- [ ] Gateway / orchestration
- [ ] Skills / tool execution
- [ ] Auth / tokens
- [ ] Memory / storage
- [x] Integrations
- [ ] API / contracts
- [ ] UI / DX
- [ ] CI/CD / infra
## Linked Issue/PR
- Closes #
- Related #25558
## User-visible / Behavior Changes
None.
## Security Impact (required)
- New permissions/capabilities? `No`
- Secrets/tokens handling changed? `No`
- New/changed network calls? `No`
- Command/tool execution surface changed? `No`
- Data access scope changed? `No`
- If any `Yes`, explain risk + mitigation:
## Repro + Verification
### Environment
- OS: macOS
- Runtime/container: Node.js repo checkout
- Model/provider: N/A
- Integration/channel (if any): Feishu docs/runtime registry sync
- Relevant config (redacted): none
### Steps
1. Check out latest `main` before this change.
2. Run `./node_modules/.bin/vitest run --config vitest.unit.config.ts src/secrets/target-registry.test.ts`.
3. Apply this docs-only sync change and rerun the same command.
### Expected
- The target registry stays in sync with the generated docs matrix and the test passes.
### Actual
- Before this change, the test failed because `channels.feishu.encryptKey` and `channels.feishu.accounts.*.encryptKey` were missing from the docs artifacts.
## Evidence
Attach at least one:
- [x] Failing test/log before + passing after
- [ ] Trace/log snippets
- [ ] Screenshot/recording
- [ ] Perf numbers (if relevant)
## Human Verification (required)
What you personally verified (not just CI), and how:
- Verified scenarios: confirmed the failure on plain latest `main`, applied only these docs entries in a clean bootstrapped worktree, and reran `./node_modules/.bin/vitest run --config vitest.unit.config.ts src/secrets/target-registry.test.ts` to green.
- Edge cases checked: verified both top-level Feishu `encryptKey` and account-scoped `encryptKey` paths are present in the matrix and surface reference.
- What you did **not** verify: full repo test suite and CI beyond the targeted regression.
## Review Conversations
- [x] I replied to or resolved every bot review conversation I addressed in this PR.
- [x] I left unresolved only the conversations that still need reviewer or maintainer judgment.
If a bot review conversation is addressed by this PR, resolve that conversation yourself. Do not leave bot review conversation cleanup for maintainers.
## Compatibility / Migration
- Backward compatible? `Yes`
- Config/env changes? `No`
- Migration needed? `No`
- If yes, exact upgrade steps:
## Failure Recovery (if this breaks)
- How to disable/revert this change quickly: revert this commit.
- Files/config to restore: `docs/reference/secretref-user-supplied-credentials-matrix.json` and `docs/reference/secretref-credential-surface.md`
- Known bad symptoms reviewers should watch for: the target-registry docs sync test failing again for missing Feishu `encryptKey` entries.
## Risks and Mitigations
- Risk: the markdown surface reference could drift from the generated matrix again in a later credential-shape change.
- Mitigation: `src/secrets/target-registry.test.ts` continues to guard docs/runtime sync.
2026-03-12 08:18:13 -07:00
7844bc89a1
Security: require Feishu webhook encrypt key ( #44087 )
...
* Feishu: require webhook encrypt key in schema
* Feishu: cover encrypt key webhook validation
* Feishu: enforce encrypt key at startup
* Feishu: add webhook forgery regression test
* Feishu: collect encrypt key during onboarding
* Docs: require Feishu webhook encrypt key
* Changelog: note Feishu webhook hardening
* Docs: clarify Feishu encrypt key screenshot
* Feishu: treat webhook encrypt key as secret input
* Feishu: resolve encrypt key only in webhook mode
2026-03-12 11:01:00 -04:00
b0f717aa02
build: align Node 22 guidance with 22.16 minimum
2026-03-12 20:07:44 +05:30
0a8d2b6200
build: raise Node 22 compatibility floor to 22.16
2026-03-12 20:07:44 +05:30
deada7edd3
build: default to Node 24 and keep Node 22 compat
2026-03-12 20:07:44 +05:30
171d2df9e0
feat(mattermost): add replyToMode support (off | first | all) ( #29587 )
...
Merged via squash.
Prepared head SHA: 4a67791f53
2026-03-12 18:03:12 +05:30
8e0e4f736a
docs: add Kubernetes install guide, setup script, and manifests ( #34492 )
...
* add docs and manifests for k8s install
Signed-off-by: sallyom <somalley@redhat.com>
* changelog
Signed-off-by: sallyom <somalley@redhat.com>
---------
Signed-off-by: sallyom <somalley@redhat.com>
2026-03-12 07:28:21 -04:00
62a71361a9
Docs: clarify llm-task thinking presets
2026-03-12 19:27:07 +11:00
658bd54ecf
feat(llm-task): add thinking override
...
Co-authored-by: Xaden Ryan <165437834+xadenryan@users.noreply.github.com>
2026-03-12 19:21:35 +11:00
0bcb95e8fa
Models: enforce source-managed SecretRef markers in models.json ( #43759 )
...
Merged via squash.
Prepared head SHA: 4a065ef5d8
2026-03-12 02:22:52 -05:00
c65390cbde
docs: update Raspberry Pi dashboard access instructions ( #43584 )
...
* docs(pi): update dashboard access instructions
* docs(i18n): refresh raspberry pi source hash
* docs: clarify Raspberry Pi dashboard access
* fix: clarify Raspberry Pi dashboard access (#43584 ) (thanks @neeravmakwana)
---------
Co-authored-by: Neerav Makwana <261249544+neeravmakwana@users.noreply.github.com>
Co-authored-by: Ayaan Zaidi <zaidi@uplause.io>
2026-03-12 10:04:44 +05:30
96485701a7
docs: update 2026.3.11 release examples
2026-03-12 04:01:56 +00:00
0e397e62b7
chore: bump version to 2026.3.10
2026-03-11 23:29:53 +00:00
d79ca52960
Memory: add multimodal image and audio indexing ( #43460 )
...
Merged via squash.
Prepared head SHA: a994c07190
2026-03-11 22:28:34 +00:00
5e324cf785
docs(ollama): align onboarding guidance with code
2026-03-11 20:11:51 +00:00
60aed95346
feat(memory): add gemini-embedding-2-preview support ( #42501 )
...
Merged via squash.
Prepared head SHA: c57b1f8ba2
2026-03-11 14:28:53 -04:00
7761e7626f
Providers: add Opencode Go support ( #42313 )
...
* feat(providers): add opencode-go provider support and onboarding
* Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF
* Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF
* Update CHANGELOG.md
---------
Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-11 01:31:06 -04:00
0125ce1f44
Gateway: fail closed unresolved local auth SecretRefs ( #42672 )
...
* Gateway: fail closed unresolved local auth SecretRefs
* Docs: align node-host gateway auth precedence
* CI: resolve rebase breakages in checks lanes
* Tests: isolate LOCAL_REMOTE_FALLBACK_TOKEN env state
* Gateway: remove stale remote.enabled auth-surface semantics
* Changelog: note gateway SecretRef fail-closed fix
2026-03-10 21:41:56 -05:00
daaf211e20
fix(node-host): fail closed on unbound interpreter approvals
2026-03-11 02:36:38 +00:00
aad014c7c1
fix: harden subagent control boundaries
2026-03-11 01:44:38 +00:00
8eac939417
fix(security): enforce target account configWrites
2026-03-11 01:24:36 +00:00
201420a7ee
fix: harden secret-file readers
2026-03-10 23:40:10 +00:00
a76e810193
fix(gateway): harden token fallback/reconnect behavior and docs ( #42507 )
...
* fix(gateway): harden token fallback and auth reconnect handling
* docs(gateway): clarify auth retry and token-drift recovery
* fix(gateway): tighten auth reconnect gating across clients
* fix: harden gateway token retry (#42507 ) (thanks @joshavant)
2026-03-10 17:05:57 -05:00
8ba1b6eff1
ci: add npm release workflow and CalVer checks ( #42414 ) (thanks @onutc)
2026-03-10 20:09:25 +01:00
0ff184397d
docs(telegram): clarify group and sender allowlists ( #42451 )
...
Merged via squash.
Prepared head SHA: f30cacafb3
2026-03-10 21:56:30 +03:00
d30dc28b8c
Secrets: reject exec SecretRef traversal ids across schema/runtime/gateway ( #42370 )
...
* Secrets: harden exec SecretRef validation and reload LKG coverage
* Tests: harden exec fast-exit stdin regression case
* Tests: align lifecycle daemon test formatting with oxfmt 0.36
2026-03-10 13:45:37 -05:00
0687e04760
fix: thread runtime config through Discord/Telegram sends ( #42352 ) (thanks @joshavant) ( #42352 )
2026-03-10 13:30:57 -05:00
466cc816a8
docs(acp): document resumeSessionId for session resume ( #42280 )
...
* docs(acp): document resumeSessionId for session resume
* docs: clarify ACP resumeSessionId thread/mode behavior (#42280 ) (thanks @pejmanjohn)
---------
Co-authored-by: Onur <onur@textcortex.com>
2026-03-10 18:06:09 +01:00
6d0547dc2e
mattermost: fix DM media upload for unprefixed user IDs ( #29925 )
...
Merged via squash.
Prepared head SHA: 5cffcb072c
2026-03-10 14:22:24 +05:30
f0eb67923c
fix(secrets): resolve web tool SecretRefs atomically at runtime
2026-03-09 22:57:03 -05:00
de49a8b72c
Telegram: exec approvals for OpenCode/Codex ( #37233 )
...
Merged via squash.
Prepared head SHA: f243379094
2026-03-09 23:04:35 -04:00
0c7f07818f
acp: add regression coverage and smoke-test docs ( #41456 )
...
Merged via squash.
Prepared head SHA: 514d587352
2026-03-09 22:40:14 +01:00
8e3f3bc3cf
acp: enrich streaming updates for ide clients ( #41442 )
...
Merged via squash.
Prepared head SHA: 0764368e80
2026-03-09 22:26:46 +01:00
d346f2d9ce
acp: restore session context and controls ( #41425 )
...
Merged via squash.
Prepared head SHA: fcabdf7c31
2026-03-09 22:17:19 +01:00
e6e4169e82
acp: fail honestly in bridge mode ( #41424 )
...
Merged via squash.
Prepared head SHA: b5e6e13afe
2026-03-09 22:01:30 +01:00
d4e59a3666
Cron: enforce cron-owned delivery contract ( #40998 )
...
Merged via squash.
Prepared head SHA: 5877389e33
2026-03-09 20:12:37 +01:00
f2f561fab1
fix(ui): preserve control-ui auth across refresh ( #40892 )
...
Merged via squash.
Prepared head SHA: f9b2375892
2026-03-09 12:50:47 +01:00
f9706fde6a
build: bump unreleased version to 2026.3.9
2026-03-09 08:33:58 +00:00
adec8b28bb
alphabetize web search providers ( #40259 )
...
Merged via squash.
Prepared head SHA: be6350e5ae
2026-03-09 08:54:54 +05:30
e3df94365b
ACP: add optional ingress provenance receipts ( #40473 )
...
Merged via squash.
Prepared head SHA: b63e46dd94
2026-03-09 04:19:03 +01:00
13bd3db307
chore(docs): drop refactor cleanup tracker
2026-03-09 00:26:20 +00:00
ff4745fc3f
refactor(models): split provider discovery helpers
2026-03-09 00:26:20 +00:00
c29b098744
refactor(models): split models.json planning from writes
2026-03-09 00:26:20 +00:00
24b53fcf47
refactor(agents): extract provider model normalization
2026-03-09 00:26:20 +00:00
dfc18b7a2b
refactor(models): extract list row builders
2026-03-09 00:26:20 +00:00
3e70109cb2
docs: add refactor cluster backlog
2026-03-08 23:38:24 +00:00
a3dc4b5a57
fix(tui): improve color contrast for light-background terminals ( #40345 )
...
* fix(tui): improve colour contrast for light-background terminals (#38636 )
Detect light terminal backgrounds via COLORFGBG and apply a WCAG
AA-compliant light palette. Adds OPENCLAW_THEME=light|dark env var
override for terminals without auto-detection.
Uses proper sRGB linearisation and WCAG 2.1 contrast ratios to pick
whichever text palette (dark or light) has higher contrast against
the detected background colour.
Co-authored-by: ademczuk <ademczuk@users.noreply.github.com>
* Update CHANGELOG.md
---------
Co-authored-by: ademczuk <andrew.demczuk@gmail.com>
Co-authored-by: ademczuk <ademczuk@users.noreply.github.com>
2026-03-08 16:17:28 -07:00
38543d8196
fix(cron): consolidate announce delivery, fire-and-forget trigger, and minimal prompt mode ( #40204 )
...
* fix(cron): consolidate announce delivery and detach manual runs
* fix: queue detached cron runs (#40204 )
2026-03-08 14:46:33 -07:00
0ecfd37b44
feat: add local backup CLI ( #40163 )
...
Merged via squash.
Prepared head SHA: ed46625ae2
2026-03-08 16:21:20 -04:00
9d467d1620
docs: add WSL2 + Windows remote Chrome CDP troubleshooting ( #39407 ) (thanks @Owlock)
2026-03-08 19:21:42 +00:00
d3111fbbcb
fix: make browser relay bind address configurable ( #39364 ) (thanks @mvanhorn)
2026-03-08 19:15:21 +00:00
f9c220e261
test+docs: comprehensive coverage and generic framing
...
- Add 12 new tests covering: isWebSocketUrl detection, parseHttpUrl WSS
acceptance/rejection, direct WS target creation with query params,
SSRF enforcement on WS URLs, WS reachability probing bypasses HTTP
- Reframe docs section as generic "Direct WebSocket CDP providers" with
Browserbase as one example — any WSS-based provider works
- Update security tips to mention WSS alongside HTTPS
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
75602014db
feat(browser): support direct WebSocket CDP URLs for Browserbase
...
Browserbase uses direct WebSocket connections (wss://) rather than the
standard HTTP-based /json/version CDP discovery flow used by Browserless.
This change teaches the browser tool to accept ws:// and wss:// URLs as
cdpUrl values: when a WebSocket URL is detected, OpenClaw connects
directly instead of attempting HTTP discovery.
Changes:
- config.ts: accept ws:// and wss:// in cdpUrl validation
- cdp.helpers.ts: add isWebSocketUrl() helper
- cdp.ts: skip /json/version when cdpUrl is already a WebSocket URL
- chrome.ts: probe WSS endpoints via WebSocket handshake instead of HTTP
- cdp.test.ts: add test for direct WebSocket target creation
- docs/tools/browser.md: update Browserbase section with correct URL
format and notes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
3cf75f760c
docs: simplify Browserbase section, drop pricing details
...
Restore platform-level feature description (CAPTCHA solving, stealth
mode, proxies) without plan-specific pricing gating. Keep free tier
note brief.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
ae39a152d8
docs: fact-check Browserbase section against official docs
...
- Fix CAPTCHA/stealth/proxy claims: these are Developer plan+ only,
not available on free tier
- Fix free tier limits: 1 browser hour, 15-min session duration
(not "60 minutes of monthly usage")
- Add link to pricing page for paid plan details
- Simplify structure to match Browserless section format
- Remove sub-headings to match Browserless section style
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
efa1204183
docs: restore direct wss://connect.browserbase.com URL
...
Browserbase exposes a direct WebSocket connect endpoint that
auto-creates a session, similar to how Browserless works. Simplified
the section to use this static URL pattern instead of requiring
manual session creation via the API.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
9a4610c641
docs: fix Browserbase section to match official docs
...
Browserbase requires creating a session via their API to get a CDP
connect URL, unlike Browserless which uses a static endpoint. Updated
to show the correct curl-based session creation flow, removed
unverified static WebSocket URL, and added the 5-minute connect
timeout note from official docs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
c0a988f692
docs: fix duplicate heading lint error
...
Rename "Configuration" sub-heading to "Profile setup" to avoid
MD024/no-duplicate-heading conflict with the existing top-level
"Configuration" heading.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
641e1bacb4
docs: add Browserbase as hosted remote CDP option
...
Add Browserbase documentation section alongside the existing Browserless
section in the browser docs. Includes signup instructions, CDP connection
configuration, and environment variable setup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
0252bdc837
Revert "docs: add Browserbase as hosted remote CDP option"
...
This reverts commit c469657c97848c7a3e1e5135bf4ce735d07d6614.
2026-03-08 18:48:10 +00:00
885199dcaa
docs: add Browserbase as hosted remote CDP option
...
Add Browserbase documentation section alongside the existing Browserless
section in the browser docs. Includes signup instructions, CDP connection
configuration, and environment variable setup for both English and Chinese
(zh-CN) translations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
55465d86d9
Docs: use placeholder OpenRouter key in web tool docs
2026-03-08 11:16:03 -07:00
615466bdf4
Docs: use placeholder OpenRouter key in Perplexity guide
2026-03-08 11:16:03 -07:00
2970d72554
docs: update Brave Search API docs for Feb 2026 plan restructuring ( #40111 )
...
Merged via squash.
Prepared head SHA: c651f07855
2026-03-08 14:06:21 -04:00
caf1b84822
feat: allow compaction model override via config ( #38753 )
...
Merged via squash.
Prepared head SHA: a3d6d6c845
2026-03-08 10:47:34 -07:00
d4ab731746
fix(telegram): use message previews in DMs
2026-03-08 21:59:43 +05:30
fa83010b17
fix(plugins): ship Feishu bundled runtime dependency ( #39990 )
...
* fix: ship feishu bundled runtime dependency
* test: align feishu bundled dependency specs
2026-03-08 10:36:41 -05:00
28e46d04e5
fix(web-search): restore OpenRouter compatibility for Perplexity ( #39937 ) ( #39937 )
2026-03-08 20:37:54 +05:30
b4c8950417
refactor: centralize talk silence timeout defaults
2026-03-08 14:58:29 +00:00
6ff7e8f42e
talk: add configurable silence timeout
2026-03-08 14:30:25 +00:00
1a364cd066
Docs: clarify notarization handoff in mac release flow
2026-03-08 14:14:36 +00:00
9ce79bba34
Docs: mark basic mac dist example as non-notarized
2026-03-08 14:14:36 +00:00
047f4acacf
Docs: clarify release build arch defaults for mac packaging
2026-03-08 14:14:36 +00:00
64760614aa
macOS: default release app builds to universal binaries
2026-03-08 14:14:36 +00:00
6dadfaa18c
docs: use alphabetical provider ordering
2026-03-08 14:10:36 +00:00
acac7e3132
fix: land Brave llm-context gaps ( #33383 ) (thanks @thirumaleshp)
2026-03-08 13:57:12 +00:00
eebee84093
fix(models): discover Vercel AI Gateway catalog
2026-03-08 13:44:10 +00:00
46145fde19
fix(android): remove mic and screen foreground services
2026-03-08 16:25:49 +05:30
1230cefe25
fix(android): remove background location mode
2026-03-08 16:25:49 +05:30
0f9566b0b5
fix(android): remove self-update install flow
2026-03-08 16:25:49 +05:30
492fe679a7
feat(tui): infer workspace agent when launching TUI ( #39591 )
...
Merged via squash.
Prepared head SHA: 23533e24c4
2026-03-08 13:31:11 +03:00
05217845a7
build: bump version to 2026.3.8
2026-03-08 05:59:04 +00:00
59102a1ff7
fix: add gemini 3.1 flash-lite support
2026-03-08 05:12:48 +00:00
fcdc1a13e1
fix: land #33992 from @darkamenosa
...
Co-authored-by: Tom <hxtxmu@gmail.com>
2026-03-08 04:49:04 +00:00
a035a3ce48
fix: drop removed minimax lightning model
2026-03-08 04:06:26 +00:00
21df014d56
fix: stage docker live tests from mounted source
2026-03-08 04:06:26 +00:00
5759b93dda
fix(ci): pin multi-arch docker base digests
2026-03-08 02:55:15 +00:00
a8c67affd8
test: cover gemini flash compat normalization
2026-03-08 02:34:49 +00:00
100da9f45c
fix: correct gemini flash model id
2026-03-08 02:32:58 +00:00
4062aa5e5d
Gateway: add safer password-file input for gateway run ( #39067 )
...
* CLI: add gateway password-file option
* Docs: document safer gateway password input
* Update src/cli/gateway-cli/run.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Tests: clean up gateway password temp dirs
* CLI: restore gateway password warning flow
* Security: harden secret file reads
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-07 18:20:17 -08:00
25252ab5ab
gateway: harden shared auth resolution across systemd, discord, and node host
2026-03-07 18:28:32 -06:00
61000b8e4d
fix(acp): block sandboxed slash spawns
2026-03-08 00:23:07 +00:00
c76d29208b
fix(node-host): bind approved script operands
2026-03-07 23:04:00 +00:00
be9ea991de
fix(discord): avoid native plugin command collisions
2026-03-07 21:59:44 +00:00
ac86deccee
fix(gateway): harden plugin HTTP route auth
2026-03-07 19:55:06 +00:00
5f8f58ae25
fix(gateway): require admin for chat config writes
2026-03-07 19:38:49 +00:00
499c1ee6e3
reduce image size, offer slim image ( #38479 )
...
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 14:26:29 -05:00
253e159700
fix: harden workspace skill path containment
2026-03-07 18:56:15 +00:00
729ee165ed
docs(gateway): clarify trusted operator HTTP endpoints
2026-03-07 18:48:17 +00:00
10d0e3f3ca
fix(dashboard): keep gateway tokens out of URL storage
2026-03-07 18:33:30 +00:00
f966dde476
tests: fix detect-secrets false positives ( #39084 )
...
* Tests: rename gateway status env token fixture
* Tests: allowlist feishu onboarding fixtures
* Tests: allowlist Google Chat private key fixture
* Docs: allowlist Brave API key example
* Tests: allowlist pairing password env fixtures
* Chore: refresh detect-secrets baseline
2026-03-07 13:21:29 -05:00
5290d97574
Docs: fix web tools MDX links
2026-03-07 10:15:22 -08:00
61273c072c
Docs: remove MDX-breaking secret markers
2026-03-07 10:09:00 -08:00
e4d80ed556
CI: restore main detect-secrets scan ( #38438 )
...
* Tests: stabilize detect-secrets fixtures
* Tests: fix rebased detect-secrets false positives
* Docs: keep snippets valid under detect-secrets
* Tests: finalize detect-secrets false-positive fixes
* Tests: reduce detect-secrets false positives
* Tests: keep detect-secrets pragmas inline
* Tests: remediate next detect-secrets batch
* Tests: tighten detect-secrets allowlists
* Tests: stabilize detect-secrets formatter drift
2026-03-07 10:06:35 -08:00
8e20dd22d8
Secrets: harden SecretRef-safe models.json persistence ( #38955 )
2026-03-07 11:28:39 -06:00
1dd4f92ea2
fix: default local onboarding tools profile to coding
2026-03-07 16:41:27 +00:00
33e7394861
fix(providers): make all models available in kilocode provider ( #32352 )
...
* kilocode: dynamic model discovery, kilo/auto default, cooldown exemption
- Replace 9-model hardcoded catalog with dynamic discovery from
GET /api/gateway/models (Venice-like pattern with static fallback)
- Default model changed from anthropic/claude-opus-4.6 to kilo/auto
(smart routing model)
- Add createKilocodeWrapper for X-KILOCODE-FEATURE header injection
and reasoning.effort handling (skip for kilo/auto)
- Add kilocode to cooldown-exempt providers (proxy like OpenRouter)
- Keep sync buildKilocodeProvider for onboarding, add async
buildKilocodeProviderWithDiscovery for implicit provider resolution
- Per-token gateway pricing converted to per-1M-token for cost fields
* kilocode: skip reasoning injection for x-ai models, harden discovery loop
* fix(kilocode): keep valid discovered duplicates (openclaw#32352, thanks @pandemicsyn)
* refactor(proxy): normalize reasoning payload guards (openclaw#32352, thanks @pandemicsyn)
* chore(changelog): note kilocode hardening (openclaw#32352, thanks @pandemicsyn and @vincentkoc)
* chore(changelog): fix kilocode note format (openclaw#32352, thanks @pandemicsyn and @vincentkoc)
* test(kilocode): support auto-model override cases (openclaw#32352, thanks @pandemicsyn)
* Update CHANGELOG.md
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-07 08:14:06 -08:00
786ec21b5a
docs(cli): improve memory command examples ( #31803 )
...
Merged via squash.
Prepared head SHA: 15dcda3027
2026-03-07 19:03:23 +03:00
997a9f5b9e
chore: bump version to 2026.3.7
2026-03-07 10:09:02 +00:00
6017b738b1
Web: add HEIC media regression and doc fix ( #38294 )
...
* Web: add HEIC media normalization regression
* Docs: list HEIC input_image MIME types
* Update src/web/media.test.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-06 22:49:38 -05:00
2d52c88dad
fix(podman): stop assuming /tmp is disk-backed ( #38296 )
...
* Podman: avoid hardcoding /tmp for image staging
* Docs: clarify container storage paths
* Podman: secure staged image import
* Podman: clarify streamed image handoff
2026-03-06 19:55:26 -05:00
42e3d8d693
Secrets: add inline allowlist review set ( #38314 )
...
* Secrets: add inline allowlist review set
* Secrets: narrow detect-secrets file exclusions
* Secrets: exclude Docker fingerprint false positive
* Secrets: allowlist test and docs false positives
* Secrets: refresh baseline after allowlist updates
* Secrets: fix gateway chat fixture pragma
* Secrets: format pre-commit config
* Android: keep talk mode fixture JSON valid
* Feishu: rely on client timeout injection
* Secrets: allowlist provider auth test fixtures
* Secrets: allowlist onboard search fixtures
* Secrets: allowlist onboard mode fixture
* Secrets: allowlist gateway auth mode fixture
* Secrets: allowlist APNS wake test key
* Secrets: allowlist gateway reload fixtures
* Secrets: allowlist moonshot video fixture
* Secrets: allowlist auto audio fixture
* Secrets: allowlist tiny audio fixture
* Secrets: allowlist embeddings fixtures
* Secrets: allowlist resolve fixtures
* Secrets: allowlist target registry pattern fixtures
* Secrets: allowlist gateway chat env fixture
* Secrets: refresh baseline after fixture allowlists
* Secrets: reapply gateway chat env allowlist
* Secrets: reapply gateway chat env allowlist
* Secrets: stabilize gateway chat env allowlist
* Secrets: allowlist runtime snapshot save fixture
* Secrets: allowlist oauth profile fixtures
* Secrets: allowlist compaction identifier fixture
* Secrets: allowlist model auth fixture
* Secrets: allowlist model status fixtures
* Secrets: allowlist custom onboarding fixture
* Secrets: allowlist mattermost token summary fixtures
* Secrets: allowlist gateway auth suite fixtures
* Secrets: allowlist channel summary fixture
* Secrets: allowlist provider usage auth fixtures
* Secrets: allowlist media proxy fixture
* Secrets: allowlist secrets audit fixtures
* Secrets: refresh baseline after final fixture allowlists
* Feishu: prefer explicit client timeout
* Feishu: test direct timeout precedence
2026-03-06 19:35:26 -05:00
3070fafec1
fix(venice): switch default model to kimi-k2-5 ( #38423 )
...
* Docs: refresh Venice default model guidance
* Venice: switch default model to Kimi K2.5
* Changelog: credit Venice default refresh
2026-03-06 19:31:07 -05:00
03b9abab84
feat(compaction): make post-compaction context sections configurable ( #34556 )
...
Merged via squash.
Prepared head SHA: 491bb28544
2026-03-06 14:57:15 -08:00
6e962d8b9e
fix(agents): handle overloaded failover separately ( #38301 )
...
* fix(agents): skip auth-profile failure on overload
* fix(agents): note overload auth-profile fallback fix
* fix(agents): classify overloaded failures separately
* fix(agents): back off before overload failover
* fix(agents): tighten overload probe and backoff state
* fix(agents): persist overloaded cooldown across runs
* fix(agents): tighten overloaded status handling
* test(agents): add overload regression coverage
* fix(agents): restore runner imports after rebase
* test(agents): add overload fallback integration coverage
* fix(agents): harden overloaded failover abort handling
* test(agents): tighten overload classifier coverage
* test(agents): cover all-overloaded fallback exhaustion
* fix(cron): retry overloaded fallback summaries
* fix(cron): treat HTTP 529 as overloaded retry
2026-03-07 01:42:11 +03:00
7ce79c8972
docs: fix broken dashboard image on i18n pages ( #38031 )
...
The dashboard screenshot uses a relative path `src="whatsapp-openclaw.jpg"`
which resolves correctly on the English root page but produces 404 on
zh-CN and ja-JP pages because Mintlify prepends the language subdirectory
to the CDN path.
Change to absolute path `/whatsapp-openclaw.jpg` in all three index files,
consistent with other images on the same page that already use absolute
paths (e.g. `/assets/openclaw-logo-text-dark.png`).
2026-03-07 00:22:19 +03:00
ab5fcfcc01
feat(gateway): add channel-backed readiness probes ( #38285 )
...
* Changelog: add channel-backed readiness probe entry
* Gateway: add channel-backed readiness probes
* Docs: describe readiness probe behavior
* Gateway: add readiness probe regression tests
* Changelog: dedupe gateway probe entries
* Docs: fix readiness startup grace description
* Changelog: remove stale readiness entry
* Gateway: cover readiness hardening
* Gateway: harden readiness probes
2026-03-06 15:15:23 -05:00
042b2c867d
Docs: clarify main secret scan behavior
2026-03-06 14:41:23 -05:00
b529b7c6b7
Docs: update secret scan reproduction steps
2026-03-06 14:34:46 -05:00
3d7bc5958d
feat(onboarding): add web search to onboarding flow ( #34009 )
...
* add web search to onboarding flow
* remove post onboarding step (now redundant)
* post-onboarding nudge if no web search set up
* address comments
* fix test mocking
* add enabled: false assertion to the no-key test
* --skip-search cli flag
* use provider that a user has a key for
* add assertions, replace the duplicated switch blocks
* test for quickstart fast-path with existing config key
* address comments
* cover quickstart falls through to key test
* bring back key source
* normalize secret inputs instead of direct string trimming
* preserve enabled: false if it's already set
* handle missing API keys in flow
* doc updates
* hasExistingKey to detect both plaintext strings and SecretRef objects
* preserve enabled state only on the "keep current" paths
* add test for preserving
* better gate flows
* guard against invalid provider values in config
* Update src/commands/configure.wizard.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* format fix
* only mentions env var when it's actually available
* search apiKey fields now typed as SecretInput
* if no provider check if any search provider key is detectable
* handle both kimi keys
* remove .filter(Boolean)
* do not disable web_search after user enables it
* update resolveSearchProvider
* fix(onboarding): skip search key prompt in ref mode
* fix: add onboarding web search step (#34009 ) (thanks @kesku)
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Shadow <hi@shadowing.dev>
2026-03-06 13:09:00 -06:00
57f19f0d5c
container builds: opt-in extension deps via OPENCLAW_EXTENSIONS build arg ( #32223 )
...
* Docker: opt-in extension deps via OPENCLAW_EXTENSIONS build arg
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: sallyom <somalley@redhat.com>
* CI: clarify extension smoke scope
* Tests: allow digest-pinned multi-stage FROM lines
* Changelog: note container extension preinstall option
---------
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 12:18:42 -05:00
9aceb51379
Gateway: normalize HEIC input_image sources ( #38122 )
...
* Media: normalize HEIC input images
* Gateway: accept HEIC image input schema
* Media: add HEIC input normalization tests
* Gateway: cover HEIC input schema parity
* Docs: document HEIC input image support
* Changelog: note HEIC input image fix
2026-03-06 11:19:36 -05:00
f392b81e95
Infra: require explicit opt-in for prerelease npm installs ( #38117 )
...
* Infra: tighten npm registry spec parsing
* Infra: block implicit prerelease npm installs
* Plugins: cover prerelease install policy
* Infra: add npm registry spec tests
* Hooks: cover prerelease install policy
* Docs: clarify plugin guide version policy
* Docs: clarify plugin install version policy
* Docs: clarify hooks install version policy
* Docs: clarify hook pack version policy
2026-03-06 11:13:30 -05:00
222d635aee
WhatsApp: honor outbound mediaMaxMb ( #38097 )
...
* WhatsApp: add media cap helper
* WhatsApp: cap outbound media loads
* WhatsApp: align auto-reply media caps
* WhatsApp: add outbound media cap test
* WhatsApp: update auto-reply cap tests
* Docs: update WhatsApp media caps
* Changelog: note WhatsApp media cap fix
2026-03-06 11:08:15 -05:00
7c45d918bf
Docs: align BlueBubbles media cap wording
2026-03-06 10:59:05 -05:00
9c1786bdd6
Telegram/Discord: honor outbound mediaMaxMb uploads ( #38065 )
...
* Telegram: default media cap to 100MB
* Telegram: honor outbound mediaMaxMb
* Discord: add shared media upload cap
* Discord: pass mediaMaxMb to outbound sends
* Telegram: cover outbound media cap sends
* Discord: cover media upload cap config
* Docs: update Telegram media cap guide
* Docs: update Telegram config reference
* Changelog: note media upload cap fix
* Docs: note Discord upload cap behavior
2026-03-06 10:53:06 -05:00
151f26070b
docs: context engine
2026-03-06 08:55:58 -05:00
5470337b1c
docs(config): list the context engine plugin slot
2026-03-06 08:53:30 -05:00
7cc3376f07
docs(plugins): add context-engine manifest kind example
2026-03-06 08:53:30 -05:00
eb2eebae22
docs(plugins): document context engine slots and registration
2026-03-06 08:53:30 -05:00
f788ba142a
docs(protocol): document slash-delimited schema lookup plugin ids
2026-03-06 08:53:29 -05:00
e88f6605ec
docs(tools): document slash-delimited config schema lookup paths
2026-03-06 08:53:29 -05:00
4a80d48ea9
fix(mattermost): allow reachable interaction callback URLs ( #37543 )
...
Merged via squash.
Prepared head SHA: 4d593731be
2026-03-06 15:27:47 +05:30
ff97195500
Gateway: add path-scoped config schema lookup ( #37266 )
...
Merged via squash.
Prepared head SHA: 0c4d187f6f
2026-03-06 02:50:48 -05:00
0e4245063f
CLI: make read-only SecretRef status flows degrade safely ( #37023 )
...
* CLI: add read-only SecretRef inspection
* CLI: fix read-only SecretRef status regressions
* CLI: preserve read-only SecretRef status fallbacks
* Docs: document read-only channel inspection hook
* CLI: preserve audit coverage for read-only SecretRefs
* CLI: fix read-only status account selection
* CLI: fix targeted gateway fallback analysis
* CLI: fix Slack HTTP read-only inspection
* CLI: align audit credential status checks
* CLI: restore Telegram read-only fallback semantics
2026-03-05 23:07:13 -06:00
5d4b04040d
feat(openai): add gpt-5.4 support for API and Codex OAuth ( #36590 )
...
* feat(openai): add gpt-5.4 support and priority processing
* feat(openai-codex): add gpt-5.4 oauth support
* fix(openai): preserve provider overrides in gpt-5.4 fallback
* fix(openai-codex): keep xhigh for gpt-5.4 default
* fix(models): preserve configured overrides in list output
* fix(models): close gpt-5.4 integration gaps
* fix(openai): scope service tier to public api
* fix(openai): complete prep followups for gpt-5.4 support (#36590 ) (thanks @dorukardahan)
---------
Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
2026-03-05 21:01:37 -08:00
8c85ad540a
fix: remove config.schema from agent gateway tool ( #7382 )
...
Merged via squash.
Prepared head SHA: f34a778069
2026-03-05 23:53:08 -05:00
81b93b9ce0
fix(subagents): announce delivery with descendant gating, frozen result refresh, and cron retry ( #35080 )
...
Thanks @tyler6204
2026-03-05 19:20:24 -08:00
71ec42127d
feat(hooks): emit compaction lifecycle hooks ( #16788 )
2026-03-05 19:08:26 -08:00
d58dafae88
feat(telegram/acp): Topic Binding, Pin Binding Message, Fix Spawn Param Parsing ( #36683 )
...
* fix(acp): normalize unicode flags and Telegram topic binding
* feat(telegram/acp): restore topic-bound ACP and session bindings
* fix(acpx): clarify permission-denied guidance
* feat(telegram/acp): pin spawn bind notice in topics
* docs(telegram): document ACP topic thread binding behavior
* refactor(reply): share Telegram conversation-id resolver
* fix(telegram/acp): preserve bound session routing semantics
* fix(telegram): respect binding persistence and expiry reporting
* refactor(telegram): simplify binding lifecycle persistence
* fix(telegram): bind acp spawns in direct messages
* fix: document telegram ACP topic binding changelog (#36683 ) (thanks @huntharo)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
2026-03-06 02:17:50 +01:00
Onur Solmaz
Radek Sienkiewicz
Tak Hoffman
George Zhang
Josh Lehman
Vincent Koc
Onur
Nimrod Gutman
Ayaan Zaidi
kkhomej33-netizen
Peter Steinberger
Josh Avant
Eyal En Gad
Keelan Fadden-Hopper
Alex Zaytsev
Jealous
Bruce MacDonald
liyuan97
Gustavo Madeira Santana
Altay
Teconomix
Sally O'Malley
Luke
Xaden Ryan
Neerav Makwana
Bill Chirico
Pejman Pour-Moezzi
Harold Hunt
Mariano
Mariano
Kesku
Tyler Yust
shichangs
shrey150
Rémi
GitBuck
Ayaan Zaidi
dano does design
Charles Dusek
arceus77-7
Florian Hines
Jason
Efe Büken
AngryBird
Muhammed Mukhthar CM
dorukardahan
Hinata Kaga (samon)