fd4dbad38c
docs: cover cron --tools allowlist and agents.defaults.params config reference
2026-04-01 22:29:53 +09:00
4fa11632b4
fix: escalate to model fallback after rate-limit profile rotation cap ( #58707 )
...
* fix: escalate to model fallback after rate-limit profile rotation cap
Per-model rate limits (e.g. Anthropic Sonnet-only quotas) are not
relieved by rotating auth profiles — if all profiles share the same
model quota, cycling between them loops forever without falling back
to the next model in the configured fallbacks chain.
Apply the same rotation-cap pattern introduced for overloaded_error
(#58348 ) to rate_limit errors:
- Add `rateLimitedProfileRotations` to auth.cooldowns config (default: 1)
- After N profile rotations on a rate_limit error, throw FailoverError
to trigger cross-provider model fallback
- Add `resolveRateLimitProfileRotationLimit` helper following the same
pattern as `resolveOverloadProfileRotationLimit`
Fixes #58572
* fix: cap prompt-side rate-limit failover (#58707 ) (thanks @Forgely3D)
* fix: restore latest-main gates for #58707
---------
Co-authored-by: Ember (Forgely3D) <ember@forgely.co>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-04-01 17:54:10 +09:00
418fa12dfa
fix: make overload failover configurable
2026-03-31 21:34:35 +01:00
788f56f30f
Secrets: hard-fail unsupported SecretRef policy and fix gateway restart token drift ( #58141 )
...
* Secrets: enforce C2 SecretRef policy and drift resolution
* Tests: add gateway auth startup/reload SecretRef runtime coverage
* Docs: sync C2 SecretRef policy and coverage matrix
* Config: hard-fail parent SecretRef policy writes
* Secrets: centralize unsupported SecretRef policy metadata
* Daemon: test service-env precedence for token drift refs
* Config: keep per-ref dry-run resolvability errors
* Docs: clarify config-set parent-object policy checks
* Gateway: fix drift fallback and schema-key filtering
* Gateway: align drift fallback with credential planner
* changelog
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
---------
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-03-31 02:37:31 -05:00
d4cccda570
fix: add requireAgentId to block sessions_spawn without explicit agen… ( #29380 )
...
* fix: add requireAgentId to block sessions_spawn without explicit agentId (#29368 )
* Config: regenerate base schema for requireAgentId
Signed-off-by: sallyom <somalley@redhat.com>
---------
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: 周鹤0668001310 <zhou.he3@xydigit.com>
Co-authored-by: sallyom <somalley@redhat.com>
2026-03-30 23:06:59 -04:00
ae0e1ecf5c
docs: add background tasks cross-references across 6 doc pages
...
Link to /automation/tasks from all pages that mention subagent runs,
ACP runs, or detached background work:
- tools/subagents.md: note that each sub-agent run is tracked as a background task
- tools/acp-agents.md: note that ACP session spawns are tracked as background tasks
- cli/index.md: link tasks section to doc page, add tasks audit subcommand
- concepts/queue.md: note that detached lane runs are tracked as background tasks
- gateway/configuration-reference.md: cron section cross-ref to tasks
- help/faq.md: add tasks link to sub-agent offloading FAQ answer
2026-03-30 16:42:47 +09:00
1ad88b58d1
feat(matrix): add explicit channels.matrix.proxy config ( #56930 ) ( #56931 )
...
Merged via squash.
Prepared head SHA: facdf94b65
2026-03-30 02:51:33 -04:00
d19ccde297
docs: fix P2s in configuration-reference -- built-in model catalog, PI_CODING_AGENT_DIR legacy note, deduplicate Identity section
2026-03-30 10:19:51 +09:00
cb428aca1c
docs: add 11 missing config sections to configuration-reference
...
Add documentation for config schema sections that existed in source but had
zero coverage in the reference doc:
- diagnostics (otel, cacheTrace, flags, stuckSessionWarnMs)
- update (channel, checkOnStart, auto.*)
- acp (enabled, dispatch, backend, stream.*, runtime.*)
- gateway.tls (enabled, autoGenerate, certPath, keyPath, caPath)
- gateway.reload (mode, debounceMs, deferralTimeoutMs)
- cron.retry (maxAttempts, backoffMs, retryOn)
- cron.failureAlert (enabled, after, cooldownMs, mode)
- auth.cooldowns (billingBackoffHours, billingMaxHours, failureWindowHours)
- logging.maxFileBytes
- session.scope (per-sender vs global)
- session.agentToAgent.maxPingPongTurns (range 0-5)
2026-03-30 10:19:51 +09:00
445fed9dc5
docs: add missing field docs and fix config-reference P1s
...
- Document verboseDefault (off|on|full) and elevatedDefault (off|on|ask|full)
- Heartbeat every: note OAuth default (1h) and disable value (0m)
- Replace internal 'Nano Banana' code name with 'native Gemini image generation'
2026-03-30 09:45:48 +09:00
12c92b5fb2
docs: fix wrong defaults and heading in configuration-reference
...
- maxConcurrent default: 1 -> 4 (matches DEFAULT_AGENT_MAX_CONCURRENT)
- subagents.maxConcurrent example: 1 -> 8 (matches DEFAULT_SUBAGENT_MAX_CONCURRENT)
- Fix section heading: tools.subagents -> agents.defaults.subagents (matches actual config path)
2026-03-30 09:41:09 +09:00
4680335b2a
docs: fix English link audits ( #57039 )
...
Merged via squash.
Prepared head SHA: d20a3b620f
2026-03-30 01:21:00 +02:00
3aac43e30b
docs: remove stale MiniMax M2.5 refs and add image generation docs
...
After the M2.7-only catalog trim (#54487 ), update 10 docs files:
- Replace removed M2.5/VL-01 model references across FAQ, wizard,
config reference, local-models, and provider pages
- Make local-models guide model-agnostic (generic LM Studio placeholder)
- Add image-01 generation section to minimax.md
- Leave third-party catalogs (Synthetic, Venice) unchanged
2026-03-29 17:26:02 +09:00
c42ec81e37
feat(acp): add conversation binds for message channels
2026-03-28 01:54:25 +00:00
94f36bf373
docs(image): remove duplicate typical values bullet
2026-03-22 18:42:18 -07:00
654089320b
fix(image): deprecate legacy skill and clarify auth
2026-03-22 18:42:18 -07:00
5f723ecd7f
fix(doctor): explain discord streaming opt-in ( #52450 )
2026-03-22 12:37:03 -07:00
c96a12aeb9
Agents: add per-agent defaults and safe model fallback ( #51974 )
...
* Agents: add per-agent defaults and safe model fallback
* Docs: add per-agent thinking/reasoning/fast defaults to config reference and thinking docs
* Format get-reply directives
* Auto-reply: guard agent reasoning defaults
* Docs: update config baseline
2026-03-21 22:27:24 -07:00
1ba70c3707
Docs: switch MiniMax defaults to M2.7
2026-03-20 00:05:04 -04:00
c3b05fc4d9
docs: add missing title, remove stale description fields from frontmatter
2026-03-19 15:26:26 -07:00
9f2a01d972
docs: replace stale claude-sonnet-4-5 with 4-6, normalize Node version, remove stale dates
2026-03-19 10:33:03 -07:00
21c2ba480a
Image generation: native provider migration and explicit capabilities ( #49551 )
...
* Docs: retire nano-banana skill wrapper
* Doctor: migrate nano-banana to native image generation
* Image generation: align fal aspect ratio behavior
* Image generation: make provider capabilities explicit
2026-03-18 00:04:03 -07:00
c94beb03b2
docs(image-generation): document implicit tool enablement
2026-03-17 09:23:35 -07:00
1399ca5fcb
fix(plugins): forward plugin subagent overrides ( #48277 )
...
Merged via squash.
Prepared head SHA: ffa45893e0
2026-03-17 07:20:27 -07:00
990d0d7261
docs(image-generation): remove nano banana stock docs
2026-03-17 01:09:58 -07:00
e5919bc524
docs(gateway): clarify URL allowlist semantics
2026-03-17 00:03:27 -07:00
c601dda389
docs(image-generation): document google provider
2026-03-16 23:21:16 -07:00
c79ade10e6
docs(plugins): add capability cookbook
2026-03-16 22:58:55 -07:00
4863b651c6
docs: rename onboarding user-facing wizard copy
...
Co-authored-by: Tak <contact-redacted@example.com>
2026-03-16 19:50:31 -05:00
7deb543624
Browser: support non-Chrome existing-session profiles via userDataDir ( #48170 )
...
Merged via squash.
Prepared head SHA: e490035a24
2026-03-16 14:21:22 +01:00
476d948732
!refactor(browser): remove Chrome extension path and add MCP doctor migration ( #47893 )
...
* Browser: replace extension path with Chrome MCP
* Browser: clarify relay stub and doctor checks
* Docs: mark browser MCP migration as breaking
* Browser: reject unsupported profile drivers
* Browser: accept clawd alias on profile create
* Doctor: narrow legacy browser driver migration
2026-03-15 23:56:08 -07:00
f9e185887f
docs: restore onboard docs references
2026-03-16 05:50:57 +00:00
823039c000
docs: prefer setup wizard command
2026-03-15 22:01:04 -07:00
0a2f95916b
test: expand ssh sandbox coverage and docs
2026-03-15 21:38:22 -07:00
b8bb8510a2
feat: move ssh sandboxing into core
2026-03-15 21:35:30 -07:00
be8fef3840
docs: expand openshell sandbox docs
2026-03-15 20:35:56 -07:00
ae7f18e503
feat: add remote openshell sandbox mode
2026-03-15 20:28:19 -07:00
dd40741e18
feat(plugins): add compatible bundle support
2026-03-15 16:08:50 -07:00
132e459009
fix(ci): config drift found and documented
2026-03-15 10:43:03 -07:00
ff61343d76
fix: harden mention pattern regex compilation
2026-03-15 08:44:12 -07:00
a472f988d8
fix: harden remote cdp probes
2026-03-15 08:23:01 -07:00
2806f2b878
Heartbeat: add isolatedSession option for fresh session per heartbeat run ( #46634 )
...
Reuses the cron isolated session pattern (resolveCronSession with forceNew)
to give each heartbeat a fresh session with no prior conversation history.
Reduces per-heartbeat token cost from ~100K to ~2-5K tokens.
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-14 16:28:01 -07:00
b6d1d0d72d
fix(browser): prefer user profile over chrome relay
2026-03-14 04:15:34 +00:00
55f47e5ce6
onboard(minimax): flatten auth to 4 direct choices, unify CN/Global under single provider ( #44284 )
...
Replace the multi-step MiniMax onboarding wizard with 4 flat options:
- MiniMax Global — OAuth (minimax.io)
- MiniMax Global — API Key (minimax.io)
- MiniMax CN — OAuth (minimaxi.com)
- MiniMax CN — API Key (minimaxi.com)
Storage changes:
- Unify CN and Global under provider "minimax" (baseUrl distinguishes region)
- Profiles: minimax:global / minimax:cn (both regions can coexist)
- Model ref: minimax/MiniMax-M2.5 (no more minimax-cn/ prefix)
- Remove LM Studio local mode and Lightning/Highspeed choice
Backward compatibility:
- Keep minimax-cn in provider-env-vars for existing configs
- Accept minimax-cn as legacy tokenProvider in CI pipelines
- Error with migration hint for removed auth choices in non-interactive mode
- Warn when dual-profile overwrites shared provider baseUrl
Made-with: Cursor
2026-03-12 11:23:42 -07:00
b77b7485e0
feat(push): add iOS APNs relay gateway ( #43369 )
...
* feat(push): add ios apns relay gateway
* fix(shared): avoid oslog string concatenation
# Conflicts:
# apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift
* fix(push): harden relay validation and invalidation
* fix(push): persist app attest state before relay registration
* fix(push): harden relay invalidation and url handling
* feat(push): use scoped relay send grants
* feat(push): configure ios relay through gateway config
* feat(push): bind relay registration to gateway identity
* fix(push): tighten ios relay trust flow
* fix(push): bound APNs registration fields (#43369 ) (thanks @ngutman)
2026-03-12 18:15:35 +02:00
0bcb95e8fa
Models: enforce source-managed SecretRef markers in models.json ( #43759 )
...
Merged via squash.
Prepared head SHA: 4a065ef5d8
2026-03-12 02:22:52 -05:00
7761e7626f
Providers: add Opencode Go support ( #42313 )
...
* feat(providers): add opencode-go provider support and onboarding
* Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF
* Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF
* Update CHANGELOG.md
---------
Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-11 01:31:06 -04:00
0125ce1f44
Gateway: fail closed unresolved local auth SecretRefs ( #42672 )
...
* Gateway: fail closed unresolved local auth SecretRefs
* Docs: align node-host gateway auth precedence
* CI: resolve rebase breakages in checks lanes
* Tests: isolate LOCAL_REMOTE_FALLBACK_TOKEN env state
* Gateway: remove stale remote.enabled auth-surface semantics
* Changelog: note gateway SecretRef fail-closed fix
2026-03-10 21:41:56 -05:00
8eac939417
fix(security): enforce target account configWrites
2026-03-11 01:24:36 +00:00
201420a7ee
fix: harden secret-file readers
2026-03-10 23:40:10 +00:00
Vincent Koc
Forgely3D
Peter Steinberger
Josh Avant
BUGKillerKing
Patrick Yingxi Pan
Radek Sienkiewicz
Gustavo Madeira Santana
Josh Lehman
Tak Hoffman
George Zhang
liyuan97
Nimrod Gutman
Luke