a6711afdc2
feat(zalouser): add markdown-to-Zalo text style parsing ( #43324 )
...
* feat(zalouser): add markdown-to-Zalo text style parsing
Parse markdown formatting (bold, italic, strikethrough, headings, lists,
code blocks, blockquotes, custom color/style tags) into Zalo native
TextStyle ranges so outbound messages render with rich formatting.
- Add text-styles.ts with parseZalouserTextStyles() converter
- Wire markdown mode into send pipeline (sendMessageZalouser)
- Export TextStyle enum and Style type from zca-client
- Add textMode/textStyles to ZaloSendOptions
- Pass textStyles through sendZaloTextMessage to zca-js API
- Enable textMode:"markdown" in outbound sendText/sendMedia and monitor
- Add comprehensive tests for parsing, send, and channel integration
* fix(zalouser): harden markdown text parsing
* fix(zalouser): mirror zca-js text style types
* fix(zalouser): support tilde fenced code blocks
* fix(zalouser): handle quoted fenced code blocks
* fix(zalouser): preserve literal quote lines in code fences
* fix(zalouser): support indented quoted fences
* fix(zalouser): preserve quoted markdown blocks
* fix(zalouser): rechunk formatted messages
* fix(zalouser): preserve markdown structure across chunks
* fix(zalouser): honor chunk limits and CRLF fences
2026-03-12 16:24:15 +07:00
7c889e7113
Refactor: trim duplicate gateway/onboarding helpers and dead utils ( #43871 )
...
* Gateway: share input provenance schema
* Onboarding: dedupe top-level channel patching
* Utils: remove unused path helpers
* Protocol: refresh generated gateway models
2026-03-12 05:04:31 -04:00
cb7b38105f
Merge remote-tracking branch 'origin/vincentkoc-code/fix-terminal-table-width'
...
* origin/vincentkoc-code/fix-terminal-table-width:
Terminal: consume unsupported escape bytes in tables
Skills: normalize emoji presentation across outputs
Changelog: note terminal skills table fixes
Skills: use Terminal-safe emoji in list output
Terminal: stop shrinking CLI tables by one column
Terminal: refine table wrapping and width handling
Update CHANGELOG.md
Deps: patch file-type and hono
Tests: cover emoji table alignment
Terminal: wrap table cells by grapheme width
Terminal: measure grapheme display width
Tests: cover grapheme terminal width
Changelog: add unreleased March 9 entries
# Conflicts:
# CHANGELOG.md
# package.json
# pnpm-lock.yaml
# src/cli/skills-cli.format.ts
# src/terminal/table.test.ts
2026-03-12 04:56:21 -04:00
1dfc35fc28
Merge branch 'vincentkoc-code/fix-terminal-table-width' of https://github.com/openclaw/openclaw into vincentkoc-code/fix-terminal-table-width
...
* 'vincentkoc-code/fix-terminal-table-width' of https://github.com/openclaw/openclaw :
Update CHANGELOG.md
2026-03-12 04:51:56 -04:00
62a71361a9
Docs: clarify llm-task thinking presets
2026-03-12 19:27:07 +11:00
46cb73da37
feat(ui): utilities, theming, and i18n updates (slice 2/3 of dashboard-v2) ( #41500 )
...
* feat(ui): add utilities, theming, and i18n updates (slice 2 of dashboard-v2)
UI utilities and theming improvements extracted from dashboard-v2-structure:
Icons & formatting:
- icons.ts: expanded icon set for new dashboard views
- format.ts: date/number formatting helpers
- tool-labels.ts: human-readable tool name mappings
Theming:
- theme.ts: enhanced theme resolution and system theme support
- theme-transition.ts: simplified transition logic
- storage.ts: theme parsing improvements for settings persistence
Navigation & types:
- navigation.ts: extended tab definitions for dashboard-v2
- app-view-state.ts: expanded view state management
- types.ts: new type definitions (HealthSummary, ModelCatalogEntry, etc.)
Components:
- components/dashboard-header.ts: reusable header component
i18n:
- Updated en, pt-BR, zh-CN, zh-TW locales with new dashboard strings
All changes are additive or backwards-compatible. Build passes.
Part of #36853 .
* ui: fix theme and locale review regressions
* ui: fix review follow-ups for dashboard tabs
* ui: allowlist locale password placeholder false positives
* ui: fix theme mode and locale regressions
* Vincentkoc code/pr 41500 route fix (#43829 )
* UI: keep unfinished settings routes hidden
* UI: normalize light theme data token
* UI: restore cron type compatibility
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-12 04:26:39 -04:00
658bd54ecf
feat(llm-task): add thinking override
...
Co-authored-by: Xaden Ryan <165437834+xadenryan@users.noreply.github.com>
2026-03-12 19:21:35 +11:00
f37815b323
Gateway: block profile mutations via browser.request ( #43800 )
...
* Gateway: block profile mutations via browser.request
* Changelog: note GHSA-vmhq browser request fix
* Gateway: normalize browser.request profile guard paths
2026-03-12 04:21:03 -04:00
46a332385d
Gateway: keep spawned workspace overrides internal ( #43801 )
...
* Gateway: keep spawned workspace overrides internal
* Changelog: note GHSA-2rqg agent boundary fix
* Gateway: persist spawned workspace inheritance in sessions
* Agents: clean failed lineage spawn state
* Tests: cover lineage attachment cleanup
* Tests: cover lineage thread cleanup
2026-03-12 04:20:00 -04:00
97683071b5
Tests: extend exec allowlist glob coverage
2026-03-12 04:01:49 -04:00
9aeaa19e9e
Agents: clear invalidated Kimi tool arg repair ( #43824 )
2026-03-12 03:53:06 -04:00
c5ea6134d0
feat(ui): add chat infrastructure modules (slice 1/3 of dashboard-v2) ( #41497 )
...
* feat(ui): add chat infrastructure modules (slice 1 of dashboard-v2)
New self-contained chat modules extracted from dashboard-v2-structure:
- chat/slash-commands.ts: slash command definitions and completions
- chat/slash-command-executor.ts: execute slash commands via gateway RPC
- chat/slash-command-executor.node.test.ts: test coverage
- chat/speech.ts: speech-to-text (STT) support
- chat/input-history.ts: per-session input history navigation
- chat/pinned-messages.ts: pinned message management
- chat/deleted-messages.ts: deleted message tracking
- chat/export.ts: shared exportChatMarkdown helper
- chat-export.ts: re-export shim for backwards compat
Gateway fix:
- Restore usage/cost stripping in chat.history sanitization
- Add test coverage for sanitization behavior
These modules are additive and tree-shaken — no existing code
imports them yet. They will be wired in subsequent slices.
* Update ui/src/ui/chat/export.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* fix(ui): address review feedback on chat infra slice
- export.ts: handle array content blocks (Claude API format) instead
of silently exporting empty strings
- slash-command-executor.ts: restrict /kill all to current session's
subagent subtree instead of all sessions globally
- slash-command-executor.ts: only count truly aborted runs (check
aborted !== false) in /kill summary
* fix: scope /kill <id> to current session subtree and preserve usage.cost in chat.history
- Restrict /kill <id> matching to only subagents belonging to the current
session's agent subtree (P1 review feedback)
- Preserve nested usage.cost in chat.history sanitization so cost badges
remain available (P2 review feedback)
* fix(ui): tighten slash kill scoping
* fix(ui): support legacy slash kill scopes
* fix(ci): repair pr branch checks
* Gateway: harden chat abort and export
* UI: align slash commands with session tree scope
* UI: resolve session aliases for slash command lookups
* Update .gitignore
* Cron: use shared nested lane resolver
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-12 03:48:58 -04:00
ed0ec57a7b
fix: scope telegram polling restart to telegram errors ( #43799 )
...
* fix: scope telegram polling restart to telegram errors
* fix: make telegram error tagging best-effort
* fix: scope telegram polling restart to telegram errors (#43799 )
2026-03-12 13:14:17 +05:30
82e3ac21ee
Infra: tighten exec allowlist glob matching ( #43798 )
...
* Infra: tighten exec allowlist glob matching
* Changelog: note GHSA-f8r2 exec allowlist fix
2026-03-12 03:33:50 -04:00
d8ee97c466
Agents: recover malformed Anthropic-compatible tool call args ( #42835 )
...
* Agents: recover malformed anthropic tool call args
* Agents: add malformed tool call regression test
* Changelog: note Kimi tool call arg recovery
* Agents: repair toolcall end message snapshots
* Agents: narrow Kimi tool call arg repair
2026-03-12 03:28:22 -04:00
4dfd8eea90
BlueBubbles: require confirmed outbound for self-chat cache
2026-03-12 03:22:57 -04:00
0bcb95e8fa
Models: enforce source-managed SecretRef markers in models.json ( #43759 )
...
Merged via squash.
Prepared head SHA: 4a065ef5d8
2026-03-12 02:22:52 -05:00
e8a162d3d8
fix(mattermost): prevent duplicate messages when block streaming + threading are active ( #41362 )
...
* fix(mattermost): prevent duplicate messages when block streaming + threading are active
Remove replyToId from createBlockReplyPayloadKey so identical content is
deduplicated regardless of threading target. Add explicit threading dock
to the Mattermost plugin with resolveReplyToMode reading from config
(default "all"), and add replyToMode to the Mattermost config schema.
Fixes #41219
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(mattermost): address PR review — per-account replyToMode and test clarity
Read replyToMode from the merged per-account config via
resolveMattermostAccount so account-level overrides are honored in
multi-account setups. Add replyToMode to MattermostAccountConfig type.
Rename misleading test to clarify it exercises shouldDropFinalPayloads
short-circuit, not payload key dedup.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Replies: keep block-pipeline reply targets distinct
* Tests: cover block reply target-aware dedupe
* Update CHANGELOG.md
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-12 03:15:17 -04:00
241e8cc553
fix(bluebubbles): dedupe reflected self-chat duplicates ( #38442 )
...
* BlueBubbles: drop reflected self-chat duplicates
* Changelog: add BlueBubbles self-chat echo dedupe entry
* BlueBubbles: gate self-chat cache and expand coverage
* BlueBubbles: require explicit sender ids for self-chat dedupe
* BlueBubbles: harden self-chat cache
* BlueBubbles: move self-chat cache identity into cache
* BlueBubbles: gate self-chat cache to confirmed outbound sends
* Update CHANGELOG.md
* BlueBubbles: bound self-chat cache input work
* Tests: cover BlueBubbles cache cap under cleanup throttle
* BlueBubbles: canonicalize self-chat DM scope
* Tests: cover BlueBubbles mixed self-chat scope aliases
2026-03-12 03:11:43 -04:00
6c196c913f
fix(cron): prevent duplicate proactive delivery on transient retry ( #40646 )
...
* fix(cron): prevent duplicate proactive delivery on transient retry
* refactor: scope skipQueue to retryTransient path only
Non-retrying direct delivery (structured content / thread) keeps the
write-ahead queue so recoverPendingDeliveries can replay after a crash.
Addresses review feedback from codex-connector.
* fix: preserve write-ahead queue on initial delivery attempt
The first call through retryTransientDirectCronDelivery now keeps the
write-ahead queue entry so recoverPendingDeliveries can replay after a
crash. Only subsequent retry attempts set skipQueue to prevent
duplicate sends.
Addresses second codex-connector review on ea5ae5c.
* ci: retrigger checks
* Cron: bypass write-ahead queue for direct isolated delivery
* Tests: assert isolated cron skipQueue invariants
* Changelog: add cron duplicate-delivery fix entry
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-12 03:01:19 -04:00
f3c00fce15
fix: prevent duplicate assistant messages in TUI ( fixes #35278 ) ( #35364 )
...
* fix: prevent duplicate assistant messages in TUI (fixes #35278 )
When startAssistant() is called multiple times with the same runId,
it was creating duplicate AssistantMessageComponent instances instead
of reusing the existing one. This caused messages to appear twice in
the terminal UI.
The fix checks if a component already exists for the runId before
creating a new one. If it exists, we update its text instead of
appending a duplicate component.
Test coverage includes verification that:
- Only one component is created when startAssistant is called twice
- The second text replaces the first
- Component count remains 1 (prevents regression)
Generated with [Claude Code](https://claude.ai/code )
via [Happy](https://happy.engineering )
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
* Changelog: add TUI duplicate-render fix entry
---------
Co-authored-by: 沐沐 <mumu@example.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Happy <yesreply@happy.engineering>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-12 02:59:42 -04:00
99ec687d7a
fix(agents): enforce sandboxed session_status visibility ( #43754 )
...
* agents: guard sandboxed session_status access
* test(agents): cover sandboxed session_status scope
* docs(changelog): credit session_status hardening
* agents: preflight sandboxed session_status checks
* test(agents): cover session_status existence oracle
* agents: preserve legacy session_status tree keys
* test(agents): cover legacy session_status tree keys
* Update CHANGELOG.md
2026-03-12 02:54:25 -04:00
12dc299cde
fix(imessage): dedupe reflected self-chat duplicates ( #38440 )
...
* iMessage: drop reflected self-chat duplicates
* Changelog: add iMessage self-chat echo dedupe entry
* iMessage: keep self-chat dedupe scoped to final group identity
* iMessage: harden self-chat cache
* iMessage: sanitize self-chat duplicate logs
* iMessage: scope group self-chat dedupe by sender
* iMessage: move self-chat cache identity into cache
* iMessage: hash full self-chat text
* Update CHANGELOG.md
2026-03-12 02:27:35 -04:00
8baf55d8ed
Changelog: note Reminders permission fix
2026-03-12 17:01:42 +11:00
cee8717020
fix(macos): add NSRemindersUsageDescription for apple-reminders skill
...
Fixes #5090
Without this plist key, macOS silently denies Reminders access when
running through OpenClaw.app, preventing the apple-reminders skill
from requesting permission.
(cherry picked from commit e5774471c8
2026-03-12 17:01:38 +11:00
f7416da905
style: format changelog
2026-03-12 11:28:27 +05:30
d8d8dc7421
Infra: fail closed without device scope baseline
2026-03-12 01:42:12 -04:00
276ee259ca
Tests: clean up temp git helper directory
2026-03-12 01:42:12 -04:00
99a5a3c16a
Update CHANGELOG.md
2026-03-12 01:37:33 -04:00
672924b01e
Update CHANGELOG.md
2026-03-12 01:36:16 -04:00
4f462facda
Infra: cap device tokens to approved scopes ( #43686 )
...
* Infra: cap device tokens to approved scopes
* Changelog: note device token hardening
2026-03-12 01:25:52 -04:00
2504cb6a1e
Security: escape invisible exec approval format chars ( #43687 )
...
* Infra: escape invisible exec approval chars
* Gateway: sanitize exec approval display text
* Tests: cover sanitized exec approval payloads
* Tests: cover sanitized exec approval forwarding
* Changelog: note exec approval prompt hardening
2026-03-12 01:20:04 -04:00
1dcef7b644
Infra: block GIT_EXEC_PATH in host env sanitizer ( #43685 )
...
* Infra: block GIT_EXEC_PATH in host env sanitizer
* Changelog: note host env hardening
2026-03-12 01:16:03 -04:00
18f15850e6
fix(browser): restore proxy attachment media size cap ( #43684 )
...
* browser: honor shared proxy file size cap
* test(browser): cover proxy file size cap
* docs(changelog): note browser proxy size cap fix
2026-03-12 01:04:31 -04:00
29dc65403f
build: prepare 2026.3.11 release
2026-03-12 05:01:07 +00:00
c65390cbde
docs: update Raspberry Pi dashboard access instructions ( #43584 )
...
* docs(pi): update dashboard access instructions
* docs(i18n): refresh raspberry pi source hash
* docs: clarify Raspberry Pi dashboard access
* fix: clarify Raspberry Pi dashboard access (#43584 ) (thanks @neeravmakwana)
---------
Co-authored-by: Neerav Makwana <261249544+neeravmakwana@users.noreply.github.com>
Co-authored-by: Ayaan Zaidi <zaidi@uplause.io>
2026-03-12 10:04:44 +05:30
b125c3ba06
build: bump openclaw to 2026.3.11-beta.1
2026-03-12 04:08:19 +00:00
fbc1bd6f8e
fix: clear telegram polling cleanup timers
2026-03-12 09:36:04 +05:30
70abee69e9
fix(telegram): avoid polling restart hang after stall detection
2026-03-12 09:36:04 +05:30
ce5dd742f8
build: sync versions to 2026.3.11
2026-03-12 04:01:57 +00:00
96485701a7
docs: update 2026.3.11 release examples
2026-03-12 04:01:56 +00:00
ade748176f
OpenRouter: surface free Hunter and Healer stealth models for the next week ( #43642 )
...
* Models: add temporary Hunter and Healer alpha to OpenRouter catalog
* Add temporary OpenRouter stealth catalog entries
---------
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-11 22:58:48 -05:00
1fcee52a5c
docs: reorder unreleased changelog by user impact
2026-03-12 03:42:39 +00:00
f01c41b27a
fix(context-engine): guard compact() throw + fire hooks for ownsCompaction engines ( #41361 )
...
Merged via squash.
Prepared head SHA: 0957b32dc6
2026-03-11 20:19:20 -07:00
5231277163
fix(acp): rehydrate restarted main ACP sessions ( #43285 )
...
Merged via squash.
Prepared head SHA: f06318e58f
2026-03-12 11:05:09 +08:00
5ca780fa78
feat: expose runtime version in gateway status
2026-03-12 02:55:31 +00:00
e95f2dcd6e
fix(sandbox): anchor fs-bridge writeFile commit to canonical parent path
...
Refs: GHSA-xvx8-77m6-gwg6
2026-03-12 03:52:24 +01:00
43a10677ed
fix: isolate plugin discovery env from global state
2026-03-12 02:46:29 +00:00
17fd46ab66
test: fix websocket tool shape coverage
2026-03-12 02:16:56 +00:00
487a3ba8ce
fix(discord): enforce users/roles allowlist in reaction ingress
...
References GHSA-9vvh-2768-c8vp.
2026-03-12 03:13:46 +01:00
darkamenosa
Vincent Koc
Luke
Val Alexander
Xaden Ryan
Ayaan Zaidi
Josh Avant
Mathias Nagler
wangchunyue(王春跃)
lisitan
Luke
Dinakar Sarbada
Peter Steinberger
Neerav Makwana
Ayaan Zaidi
Huang X
Toven
David Rudduck
Frank Yang
Robin Waslander