c29b098744
refactor(models): split models.json planning from writes
2026-03-09 00:26:20 +00:00
24b53fcf47
refactor(agents): extract provider model normalization
2026-03-09 00:26:20 +00:00
dfc18b7a2b
refactor(models): extract list row builders
2026-03-09 00:26:20 +00:00
3e70109cb2
docs: add refactor cluster backlog
2026-03-08 23:38:24 +00:00
a3dc4b5a57
fix(tui): improve color contrast for light-background terminals ( #40345 )
...
* fix(tui): improve colour contrast for light-background terminals (#38636 )
Detect light terminal backgrounds via COLORFGBG and apply a WCAG
AA-compliant light palette. Adds OPENCLAW_THEME=light|dark env var
override for terminals without auto-detection.
Uses proper sRGB linearisation and WCAG 2.1 contrast ratios to pick
whichever text palette (dark or light) has higher contrast against
the detected background colour.
Co-authored-by: ademczuk <ademczuk@users.noreply.github.com>
* Update CHANGELOG.md
---------
Co-authored-by: ademczuk <andrew.demczuk@gmail.com>
Co-authored-by: ademczuk <ademczuk@users.noreply.github.com>
2026-03-08 16:17:28 -07:00
38543d8196
fix(cron): consolidate announce delivery, fire-and-forget trigger, and minimal prompt mode ( #40204 )
...
* fix(cron): consolidate announce delivery and detach manual runs
* fix: queue detached cron runs (#40204 )
2026-03-08 14:46:33 -07:00
0ecfd37b44
feat: add local backup CLI ( #40163 )
...
Merged via squash.
Prepared head SHA: ed46625ae2
2026-03-08 16:21:20 -04:00
9d467d1620
docs: add WSL2 + Windows remote Chrome CDP troubleshooting ( #39407 ) (thanks @Owlock)
2026-03-08 19:21:42 +00:00
d3111fbbcb
fix: make browser relay bind address configurable ( #39364 ) (thanks @mvanhorn)
2026-03-08 19:15:21 +00:00
f9c220e261
test+docs: comprehensive coverage and generic framing
...
- Add 12 new tests covering: isWebSocketUrl detection, parseHttpUrl WSS
acceptance/rejection, direct WS target creation with query params,
SSRF enforcement on WS URLs, WS reachability probing bypasses HTTP
- Reframe docs section as generic "Direct WebSocket CDP providers" with
Browserbase as one example — any WSS-based provider works
- Update security tips to mention WSS alongside HTTPS
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
75602014db
feat(browser): support direct WebSocket CDP URLs for Browserbase
...
Browserbase uses direct WebSocket connections (wss://) rather than the
standard HTTP-based /json/version CDP discovery flow used by Browserless.
This change teaches the browser tool to accept ws:// and wss:// URLs as
cdpUrl values: when a WebSocket URL is detected, OpenClaw connects
directly instead of attempting HTTP discovery.
Changes:
- config.ts: accept ws:// and wss:// in cdpUrl validation
- cdp.helpers.ts: add isWebSocketUrl() helper
- cdp.ts: skip /json/version when cdpUrl is already a WebSocket URL
- chrome.ts: probe WSS endpoints via WebSocket handshake instead of HTTP
- cdp.test.ts: add test for direct WebSocket target creation
- docs/tools/browser.md: update Browserbase section with correct URL
format and notes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
3cf75f760c
docs: simplify Browserbase section, drop pricing details
...
Restore platform-level feature description (CAPTCHA solving, stealth
mode, proxies) without plan-specific pricing gating. Keep free tier
note brief.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
ae39a152d8
docs: fact-check Browserbase section against official docs
...
- Fix CAPTCHA/stealth/proxy claims: these are Developer plan+ only,
not available on free tier
- Fix free tier limits: 1 browser hour, 15-min session duration
(not "60 minutes of monthly usage")
- Add link to pricing page for paid plan details
- Simplify structure to match Browserless section format
- Remove sub-headings to match Browserless section style
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
efa1204183
docs: restore direct wss://connect.browserbase.com URL
...
Browserbase exposes a direct WebSocket connect endpoint that
auto-creates a session, similar to how Browserless works. Simplified
the section to use this static URL pattern instead of requiring
manual session creation via the API.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
9a4610c641
docs: fix Browserbase section to match official docs
...
Browserbase requires creating a session via their API to get a CDP
connect URL, unlike Browserless which uses a static endpoint. Updated
to show the correct curl-based session creation flow, removed
unverified static WebSocket URL, and added the 5-minute connect
timeout note from official docs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
c0a988f692
docs: fix duplicate heading lint error
...
Rename "Configuration" sub-heading to "Profile setup" to avoid
MD024/no-duplicate-heading conflict with the existing top-level
"Configuration" heading.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
641e1bacb4
docs: add Browserbase as hosted remote CDP option
...
Add Browserbase documentation section alongside the existing Browserless
section in the browser docs. Includes signup instructions, CDP connection
configuration, and environment variable setup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
0252bdc837
Revert "docs: add Browserbase as hosted remote CDP option"
...
This reverts commit c469657c97848c7a3e1e5135bf4ce735d07d6614.
2026-03-08 18:48:10 +00:00
885199dcaa
docs: add Browserbase as hosted remote CDP option
...
Add Browserbase documentation section alongside the existing Browserless
section in the browser docs. Includes signup instructions, CDP connection
configuration, and environment variable setup for both English and Chinese
(zh-CN) translations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
55465d86d9
Docs: use placeholder OpenRouter key in web tool docs
2026-03-08 11:16:03 -07:00
615466bdf4
Docs: use placeholder OpenRouter key in Perplexity guide
2026-03-08 11:16:03 -07:00
2970d72554
docs: update Brave Search API docs for Feb 2026 plan restructuring ( #40111 )
...
Merged via squash.
Prepared head SHA: c651f07855
2026-03-08 14:06:21 -04:00
caf1b84822
feat: allow compaction model override via config ( #38753 )
...
Merged via squash.
Prepared head SHA: a3d6d6c845
2026-03-08 10:47:34 -07:00
d4ab731746
fix(telegram): use message previews in DMs
2026-03-08 21:59:43 +05:30
fa83010b17
fix(plugins): ship Feishu bundled runtime dependency ( #39990 )
...
* fix: ship feishu bundled runtime dependency
* test: align feishu bundled dependency specs
2026-03-08 10:36:41 -05:00
28e46d04e5
fix(web-search): restore OpenRouter compatibility for Perplexity ( #39937 ) ( #39937 )
2026-03-08 20:37:54 +05:30
b4c8950417
refactor: centralize talk silence timeout defaults
2026-03-08 14:58:29 +00:00
6ff7e8f42e
talk: add configurable silence timeout
2026-03-08 14:30:25 +00:00
1a364cd066
Docs: clarify notarization handoff in mac release flow
2026-03-08 14:14:36 +00:00
9ce79bba34
Docs: mark basic mac dist example as non-notarized
2026-03-08 14:14:36 +00:00
047f4acacf
Docs: clarify release build arch defaults for mac packaging
2026-03-08 14:14:36 +00:00
64760614aa
macOS: default release app builds to universal binaries
2026-03-08 14:14:36 +00:00
6dadfaa18c
docs: use alphabetical provider ordering
2026-03-08 14:10:36 +00:00
acac7e3132
fix: land Brave llm-context gaps ( #33383 ) (thanks @thirumaleshp)
2026-03-08 13:57:12 +00:00
eebee84093
fix(models): discover Vercel AI Gateway catalog
2026-03-08 13:44:10 +00:00
46145fde19
fix(android): remove mic and screen foreground services
2026-03-08 16:25:49 +05:30
1230cefe25
fix(android): remove background location mode
2026-03-08 16:25:49 +05:30
0f9566b0b5
fix(android): remove self-update install flow
2026-03-08 16:25:49 +05:30
492fe679a7
feat(tui): infer workspace agent when launching TUI ( #39591 )
...
Merged via squash.
Prepared head SHA: 23533e24c4
2026-03-08 13:31:11 +03:00
05217845a7
build: bump version to 2026.3.8
2026-03-08 05:59:04 +00:00
59102a1ff7
fix: add gemini 3.1 flash-lite support
2026-03-08 05:12:48 +00:00
fcdc1a13e1
fix: land #33992 from @darkamenosa
...
Co-authored-by: Tom <hxtxmu@gmail.com>
2026-03-08 04:49:04 +00:00
a035a3ce48
fix: drop removed minimax lightning model
2026-03-08 04:06:26 +00:00
21df014d56
fix: stage docker live tests from mounted source
2026-03-08 04:06:26 +00:00
5759b93dda
fix(ci): pin multi-arch docker base digests
2026-03-08 02:55:15 +00:00
a8c67affd8
test: cover gemini flash compat normalization
2026-03-08 02:34:49 +00:00
100da9f45c
fix: correct gemini flash model id
2026-03-08 02:32:58 +00:00
4062aa5e5d
Gateway: add safer password-file input for gateway run ( #39067 )
...
* CLI: add gateway password-file option
* Docs: document safer gateway password input
* Update src/cli/gateway-cli/run.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Tests: clean up gateway password temp dirs
* CLI: restore gateway password warning flow
* Security: harden secret file reads
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-07 18:20:17 -08:00
25252ab5ab
gateway: harden shared auth resolution across systemd, discord, and node host
2026-03-07 18:28:32 -06:00
61000b8e4d
fix(acp): block sandboxed slash spawns
2026-03-08 00:23:07 +00:00
c76d29208b
fix(node-host): bind approved script operands
2026-03-07 23:04:00 +00:00
be9ea991de
fix(discord): avoid native plugin command collisions
2026-03-07 21:59:44 +00:00
ac86deccee
fix(gateway): harden plugin HTTP route auth
2026-03-07 19:55:06 +00:00
5f8f58ae25
fix(gateway): require admin for chat config writes
2026-03-07 19:38:49 +00:00
499c1ee6e3
reduce image size, offer slim image ( #38479 )
...
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 14:26:29 -05:00
253e159700
fix: harden workspace skill path containment
2026-03-07 18:56:15 +00:00
729ee165ed
docs(gateway): clarify trusted operator HTTP endpoints
2026-03-07 18:48:17 +00:00
10d0e3f3ca
fix(dashboard): keep gateway tokens out of URL storage
2026-03-07 18:33:30 +00:00
f966dde476
tests: fix detect-secrets false positives ( #39084 )
...
* Tests: rename gateway status env token fixture
* Tests: allowlist feishu onboarding fixtures
* Tests: allowlist Google Chat private key fixture
* Docs: allowlist Brave API key example
* Tests: allowlist pairing password env fixtures
* Chore: refresh detect-secrets baseline
2026-03-07 13:21:29 -05:00
5290d97574
Docs: fix web tools MDX links
2026-03-07 10:15:22 -08:00
61273c072c
Docs: remove MDX-breaking secret markers
2026-03-07 10:09:00 -08:00
e4d80ed556
CI: restore main detect-secrets scan ( #38438 )
...
* Tests: stabilize detect-secrets fixtures
* Tests: fix rebased detect-secrets false positives
* Docs: keep snippets valid under detect-secrets
* Tests: finalize detect-secrets false-positive fixes
* Tests: reduce detect-secrets false positives
* Tests: keep detect-secrets pragmas inline
* Tests: remediate next detect-secrets batch
* Tests: tighten detect-secrets allowlists
* Tests: stabilize detect-secrets formatter drift
2026-03-07 10:06:35 -08:00
8e20dd22d8
Secrets: harden SecretRef-safe models.json persistence ( #38955 )
2026-03-07 11:28:39 -06:00
1dd4f92ea2
fix: default local onboarding tools profile to coding
2026-03-07 16:41:27 +00:00
33e7394861
fix(providers): make all models available in kilocode provider ( #32352 )
...
* kilocode: dynamic model discovery, kilo/auto default, cooldown exemption
- Replace 9-model hardcoded catalog with dynamic discovery from
GET /api/gateway/models (Venice-like pattern with static fallback)
- Default model changed from anthropic/claude-opus-4.6 to kilo/auto
(smart routing model)
- Add createKilocodeWrapper for X-KILOCODE-FEATURE header injection
and reasoning.effort handling (skip for kilo/auto)
- Add kilocode to cooldown-exempt providers (proxy like OpenRouter)
- Keep sync buildKilocodeProvider for onboarding, add async
buildKilocodeProviderWithDiscovery for implicit provider resolution
- Per-token gateway pricing converted to per-1M-token for cost fields
* kilocode: skip reasoning injection for x-ai models, harden discovery loop
* fix(kilocode): keep valid discovered duplicates (openclaw#32352, thanks @pandemicsyn)
* refactor(proxy): normalize reasoning payload guards (openclaw#32352, thanks @pandemicsyn)
* chore(changelog): note kilocode hardening (openclaw#32352, thanks @pandemicsyn and @vincentkoc)
* chore(changelog): fix kilocode note format (openclaw#32352, thanks @pandemicsyn and @vincentkoc)
* test(kilocode): support auto-model override cases (openclaw#32352, thanks @pandemicsyn)
* Update CHANGELOG.md
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-07 08:14:06 -08:00
786ec21b5a
docs(cli): improve memory command examples ( #31803 )
...
Merged via squash.
Prepared head SHA: 15dcda3027
2026-03-07 19:03:23 +03:00
997a9f5b9e
chore: bump version to 2026.3.7
2026-03-07 10:09:02 +00:00
6017b738b1
Web: add HEIC media regression and doc fix ( #38294 )
...
* Web: add HEIC media normalization regression
* Docs: list HEIC input_image MIME types
* Update src/web/media.test.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-06 22:49:38 -05:00
2d52c88dad
fix(podman): stop assuming /tmp is disk-backed ( #38296 )
...
* Podman: avoid hardcoding /tmp for image staging
* Docs: clarify container storage paths
* Podman: secure staged image import
* Podman: clarify streamed image handoff
2026-03-06 19:55:26 -05:00
42e3d8d693
Secrets: add inline allowlist review set ( #38314 )
...
* Secrets: add inline allowlist review set
* Secrets: narrow detect-secrets file exclusions
* Secrets: exclude Docker fingerprint false positive
* Secrets: allowlist test and docs false positives
* Secrets: refresh baseline after allowlist updates
* Secrets: fix gateway chat fixture pragma
* Secrets: format pre-commit config
* Android: keep talk mode fixture JSON valid
* Feishu: rely on client timeout injection
* Secrets: allowlist provider auth test fixtures
* Secrets: allowlist onboard search fixtures
* Secrets: allowlist onboard mode fixture
* Secrets: allowlist gateway auth mode fixture
* Secrets: allowlist APNS wake test key
* Secrets: allowlist gateway reload fixtures
* Secrets: allowlist moonshot video fixture
* Secrets: allowlist auto audio fixture
* Secrets: allowlist tiny audio fixture
* Secrets: allowlist embeddings fixtures
* Secrets: allowlist resolve fixtures
* Secrets: allowlist target registry pattern fixtures
* Secrets: allowlist gateway chat env fixture
* Secrets: refresh baseline after fixture allowlists
* Secrets: reapply gateway chat env allowlist
* Secrets: reapply gateway chat env allowlist
* Secrets: stabilize gateway chat env allowlist
* Secrets: allowlist runtime snapshot save fixture
* Secrets: allowlist oauth profile fixtures
* Secrets: allowlist compaction identifier fixture
* Secrets: allowlist model auth fixture
* Secrets: allowlist model status fixtures
* Secrets: allowlist custom onboarding fixture
* Secrets: allowlist mattermost token summary fixtures
* Secrets: allowlist gateway auth suite fixtures
* Secrets: allowlist channel summary fixture
* Secrets: allowlist provider usage auth fixtures
* Secrets: allowlist media proxy fixture
* Secrets: allowlist secrets audit fixtures
* Secrets: refresh baseline after final fixture allowlists
* Feishu: prefer explicit client timeout
* Feishu: test direct timeout precedence
2026-03-06 19:35:26 -05:00
3070fafec1
fix(venice): switch default model to kimi-k2-5 ( #38423 )
...
* Docs: refresh Venice default model guidance
* Venice: switch default model to Kimi K2.5
* Changelog: credit Venice default refresh
2026-03-06 19:31:07 -05:00
03b9abab84
feat(compaction): make post-compaction context sections configurable ( #34556 )
...
Merged via squash.
Prepared head SHA: 491bb28544
2026-03-06 14:57:15 -08:00
6e962d8b9e
fix(agents): handle overloaded failover separately ( #38301 )
...
* fix(agents): skip auth-profile failure on overload
* fix(agents): note overload auth-profile fallback fix
* fix(agents): classify overloaded failures separately
* fix(agents): back off before overload failover
* fix(agents): tighten overload probe and backoff state
* fix(agents): persist overloaded cooldown across runs
* fix(agents): tighten overloaded status handling
* test(agents): add overload regression coverage
* fix(agents): restore runner imports after rebase
* test(agents): add overload fallback integration coverage
* fix(agents): harden overloaded failover abort handling
* test(agents): tighten overload classifier coverage
* test(agents): cover all-overloaded fallback exhaustion
* fix(cron): retry overloaded fallback summaries
* fix(cron): treat HTTP 529 as overloaded retry
2026-03-07 01:42:11 +03:00
7ce79c8972
docs: fix broken dashboard image on i18n pages ( #38031 )
...
The dashboard screenshot uses a relative path `src="whatsapp-openclaw.jpg"`
which resolves correctly on the English root page but produces 404 on
zh-CN and ja-JP pages because Mintlify prepends the language subdirectory
to the CDN path.
Change to absolute path `/whatsapp-openclaw.jpg` in all three index files,
consistent with other images on the same page that already use absolute
paths (e.g. `/assets/openclaw-logo-text-dark.png`).
2026-03-07 00:22:19 +03:00
ab5fcfcc01
feat(gateway): add channel-backed readiness probes ( #38285 )
...
* Changelog: add channel-backed readiness probe entry
* Gateway: add channel-backed readiness probes
* Docs: describe readiness probe behavior
* Gateway: add readiness probe regression tests
* Changelog: dedupe gateway probe entries
* Docs: fix readiness startup grace description
* Changelog: remove stale readiness entry
* Gateway: cover readiness hardening
* Gateway: harden readiness probes
2026-03-06 15:15:23 -05:00
042b2c867d
Docs: clarify main secret scan behavior
2026-03-06 14:41:23 -05:00
b529b7c6b7
Docs: update secret scan reproduction steps
2026-03-06 14:34:46 -05:00
3d7bc5958d
feat(onboarding): add web search to onboarding flow ( #34009 )
...
* add web search to onboarding flow
* remove post onboarding step (now redundant)
* post-onboarding nudge if no web search set up
* address comments
* fix test mocking
* add enabled: false assertion to the no-key test
* --skip-search cli flag
* use provider that a user has a key for
* add assertions, replace the duplicated switch blocks
* test for quickstart fast-path with existing config key
* address comments
* cover quickstart falls through to key test
* bring back key source
* normalize secret inputs instead of direct string trimming
* preserve enabled: false if it's already set
* handle missing API keys in flow
* doc updates
* hasExistingKey to detect both plaintext strings and SecretRef objects
* preserve enabled state only on the "keep current" paths
* add test for preserving
* better gate flows
* guard against invalid provider values in config
* Update src/commands/configure.wizard.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* format fix
* only mentions env var when it's actually available
* search apiKey fields now typed as SecretInput
* if no provider check if any search provider key is detectable
* handle both kimi keys
* remove .filter(Boolean)
* do not disable web_search after user enables it
* update resolveSearchProvider
* fix(onboarding): skip search key prompt in ref mode
* fix: add onboarding web search step (#34009 ) (thanks @kesku)
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Shadow <hi@shadowing.dev>
2026-03-06 13:09:00 -06:00
57f19f0d5c
container builds: opt-in extension deps via OPENCLAW_EXTENSIONS build arg ( #32223 )
...
* Docker: opt-in extension deps via OPENCLAW_EXTENSIONS build arg
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: sallyom <somalley@redhat.com>
* CI: clarify extension smoke scope
* Tests: allow digest-pinned multi-stage FROM lines
* Changelog: note container extension preinstall option
---------
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 12:18:42 -05:00
9aceb51379
Gateway: normalize HEIC input_image sources ( #38122 )
...
* Media: normalize HEIC input images
* Gateway: accept HEIC image input schema
* Media: add HEIC input normalization tests
* Gateway: cover HEIC input schema parity
* Docs: document HEIC input image support
* Changelog: note HEIC input image fix
2026-03-06 11:19:36 -05:00
f392b81e95
Infra: require explicit opt-in for prerelease npm installs ( #38117 )
...
* Infra: tighten npm registry spec parsing
* Infra: block implicit prerelease npm installs
* Plugins: cover prerelease install policy
* Infra: add npm registry spec tests
* Hooks: cover prerelease install policy
* Docs: clarify plugin guide version policy
* Docs: clarify plugin install version policy
* Docs: clarify hooks install version policy
* Docs: clarify hook pack version policy
2026-03-06 11:13:30 -05:00
222d635aee
WhatsApp: honor outbound mediaMaxMb ( #38097 )
...
* WhatsApp: add media cap helper
* WhatsApp: cap outbound media loads
* WhatsApp: align auto-reply media caps
* WhatsApp: add outbound media cap test
* WhatsApp: update auto-reply cap tests
* Docs: update WhatsApp media caps
* Changelog: note WhatsApp media cap fix
2026-03-06 11:08:15 -05:00
7c45d918bf
Docs: align BlueBubbles media cap wording
2026-03-06 10:59:05 -05:00
9c1786bdd6
Telegram/Discord: honor outbound mediaMaxMb uploads ( #38065 )
...
* Telegram: default media cap to 100MB
* Telegram: honor outbound mediaMaxMb
* Discord: add shared media upload cap
* Discord: pass mediaMaxMb to outbound sends
* Telegram: cover outbound media cap sends
* Discord: cover media upload cap config
* Docs: update Telegram media cap guide
* Docs: update Telegram config reference
* Changelog: note media upload cap fix
* Docs: note Discord upload cap behavior
2026-03-06 10:53:06 -05:00
151f26070b
docs: context engine
2026-03-06 08:55:58 -05:00
5470337b1c
docs(config): list the context engine plugin slot
2026-03-06 08:53:30 -05:00
7cc3376f07
docs(plugins): add context-engine manifest kind example
2026-03-06 08:53:30 -05:00
eb2eebae22
docs(plugins): document context engine slots and registration
2026-03-06 08:53:30 -05:00
f788ba142a
docs(protocol): document slash-delimited schema lookup plugin ids
2026-03-06 08:53:29 -05:00
e88f6605ec
docs(tools): document slash-delimited config schema lookup paths
2026-03-06 08:53:29 -05:00
4a80d48ea9
fix(mattermost): allow reachable interaction callback URLs ( #37543 )
...
Merged via squash.
Prepared head SHA: 4d593731be
2026-03-06 15:27:47 +05:30
ff97195500
Gateway: add path-scoped config schema lookup ( #37266 )
...
Merged via squash.
Prepared head SHA: 0c4d187f6f
2026-03-06 02:50:48 -05:00
0e4245063f
CLI: make read-only SecretRef status flows degrade safely ( #37023 )
...
* CLI: add read-only SecretRef inspection
* CLI: fix read-only SecretRef status regressions
* CLI: preserve read-only SecretRef status fallbacks
* Docs: document read-only channel inspection hook
* CLI: preserve audit coverage for read-only SecretRefs
* CLI: fix read-only status account selection
* CLI: fix targeted gateway fallback analysis
* CLI: fix Slack HTTP read-only inspection
* CLI: align audit credential status checks
* CLI: restore Telegram read-only fallback semantics
2026-03-05 23:07:13 -06:00
5d4b04040d
feat(openai): add gpt-5.4 support for API and Codex OAuth ( #36590 )
...
* feat(openai): add gpt-5.4 support and priority processing
* feat(openai-codex): add gpt-5.4 oauth support
* fix(openai): preserve provider overrides in gpt-5.4 fallback
* fix(openai-codex): keep xhigh for gpt-5.4 default
* fix(models): preserve configured overrides in list output
* fix(models): close gpt-5.4 integration gaps
* fix(openai): scope service tier to public api
* fix(openai): complete prep followups for gpt-5.4 support (#36590 ) (thanks @dorukardahan)
---------
Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
2026-03-05 21:01:37 -08:00
8c85ad540a
fix: remove config.schema from agent gateway tool ( #7382 )
...
Merged via squash.
Prepared head SHA: f34a778069
2026-03-05 23:53:08 -05:00
81b93b9ce0
fix(subagents): announce delivery with descendant gating, frozen result refresh, and cron retry ( #35080 )
...
Thanks @tyler6204
2026-03-05 19:20:24 -08:00
71ec42127d
feat(hooks): emit compaction lifecycle hooks ( #16788 )
2026-03-05 19:08:26 -08:00
d58dafae88
feat(telegram/acp): Topic Binding, Pin Binding Message, Fix Spawn Param Parsing ( #36683 )
...
* fix(acp): normalize unicode flags and Telegram topic binding
* feat(telegram/acp): restore topic-bound ACP and session bindings
* fix(acpx): clarify permission-denied guidance
* feat(telegram/acp): pin spawn bind notice in topics
* docs(telegram): document ACP topic thread binding behavior
* refactor(reply): share Telegram conversation-id resolver
* fix(telegram/acp): preserve bound session routing semantics
* fix(telegram): respect binding persistence and expiry reporting
* refactor(telegram): simplify binding lifecycle persistence
* fix(telegram): bind acp spawns in direct messages
* fix: document telegram ACP topic binding changelog (#36683 ) (thanks @huntharo)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
2026-03-06 02:17:50 +01:00
1a67cf57e3
Diffs: restore system prompt guidance ( #36904 )
...
Merged via squash.
Prepared head SHA: 1b3be3c879
2026-03-05 19:46:39 -05:00
6dfd39c32f
Harden Telegram poll gating and schema consistency ( #36547 )
...
Merged via squash.
Prepared head SHA: f77824419e
2026-03-05 19:24:43 -05:00
688b72e158
plugins: enforce prompt hook policy with runtime validation ( #36567 )
...
Merged via squash.
Prepared head SHA: 6b9d883b6a
2026-03-05 18:15:54 -05:00
063e493d3d
fix: decouple Discord inbound worker timeout from listener timeout ( #36602 ) (thanks @dutifulbob) ( #36602 )
...
Co-authored-by: Onur Solmaz <2453968+osolmaz@users.noreply.github.com>
2026-03-06 00:09:14 +01:00
98aecab7bd
Docs: cover heartbeat, cron, and plugin route updates
2026-03-05 17:05:21 -05:00
2b45eb0e52
Docs: document Control UI locale support
2026-03-05 16:57:59 -05:00
6b2c115167
Docs: clarify OpenAI-compatible TTS endpoints
2026-03-05 16:57:51 -05:00
1d3962a000
Docs: update gateway config reference for Slack and TTS
2026-03-05 16:57:40 -05:00
837b7b4b94
Docs: add Slack typing reaction fallback
2026-03-05 16:57:31 -05:00
72cf9253fc
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails ( #35094 )
2026-03-05 12:53:56 -06:00
09c68f8f0e
add prependSystemContext and appendSystemContext to before_prompt_build ( fixes #35131 ) ( #35177 )
...
Merged via squash.
Prepared head SHA: d9a2869ad6
2026-03-05 13:06:59 -05:00
136ca87f7b
feat(mattermost): add interactive buttons support ( #19957 )
...
Merged via squash.
Prepared head SHA: 8a25e60872
2026-03-05 20:14:57 +05:30
c522154771
docs(telegram): recommend allowlist for single-user DM policy ( #34841 )
...
* docs(telegram): recommend allowlist for single-user bots
* docs(telegram): condense single-user allowlist note
---------
Co-authored-by: echoVic <echovic@163.com>
2026-03-05 11:39:19 +03:00
6a705a37f2
ACP: add persistent Discord channel and Telegram topic bindings ( #34873 )
...
* docs: add ACP persistent binding experiment plan
* docs: align ACP persistent binding spec to channel-local config
* docs: scope Telegram ACP bindings to forum topics only
* docs: lock bound /new and /reset behavior to in-place ACP reset
* ACP: add persistent discord/telegram conversation bindings
* ACP: fix persistent binding reuse and discord thread parent context
* docs: document channel-specific persistent ACP bindings
* ACP: split persistent bindings and share conversation id helpers
* ACP: defer configured binding init until preflight passes
* ACP: fix discord thread parent fallback and explicit disable inheritance
* ACP: keep bound /new and /reset in-place
* ACP: honor configured bindings in native command flows
* ACP: avoid configured fallback after runtime bind failure
* docs: refine ACP bindings experiment config examples
* acp: cut over to typed top-level persistent bindings
* ACP bindings: harden reset recovery and native command auth
* Docs: add ACP bound command auth proposal
* Tests: normalize i18n registry zh-CN assertion encoding
* ACP bindings: address review findings for reset and fallback routing
* ACP reset: gate hooks on success and preserve /new arguments
* ACP bindings: fix auth and binding-priority review findings
* Telegram ACP: gate ensure on auth and accepted messages
* ACP bindings: fix session-key precedence and unavailable handling
* ACP reset/native commands: honor fallback targets and abort on bootstrap failure
* Config schema: validate ACP binding channel and Telegram topic IDs
* Discord ACP: apply configured DM bindings to native commands
* ACP reset tails: dispatch through ACP after command handling
* ACP tails/native reset auth: fix target dispatch and restore full auth
* ACP reset detection: fallback to active ACP keys for DM contexts
* Tests: type runTurn mock input in ACP dispatch test
* ACP: dedup binding route bootstrap and reset target resolution
* reply: align ACP reset hooks with bound session key
* docs: replace personal discord ids with placeholders
* fix: add changelog entry for ACP persistent bindings (#34873 ) (thanks @dutifulbob)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
2026-03-05 09:38:12 +01:00
96021a2b17
fix: align AGENTS.md template section names with post-compaction extraction ( #25029 ) ( #25098 )
...
Merged via squash.
Prepared head SHA: 8cd6cc8049
2026-03-04 12:16:00 -08:00
257e2f5338
fix: relay ACP sessions_spawn parent streaming ( #34310 ) (thanks @vincentkoc) ( #34310 )
...
Co-authored-by: Onur Solmaz <2453968+osolmaz@users.noreply.github.com>
2026-03-04 11:44:20 +01:00
7a2f5a0098
Plugin SDK: add full bundled subpath wiring
2026-03-04 02:35:12 -05:00
802b9f6b19
Plugins: add root-alias shim and cache/docs updates
2026-03-04 01:20:48 -05:00
4d183af0cf
fix: code/cli acpx reliability 20260304 ( #34020 )
...
* agents: switch claude-cli defaults to bypassPermissions
* agents: add claude-cli default args coverage
* agents: emit watchdog stall system event for cli runs
* agents: test cli watchdog stall system event
* acpx: fallback to sessions new when ensure returns no ids
* acpx tests: mock sessions new fallback path
* acpx tests: cover ensure-empty fallback flow
* skills: clarify claude print mode without pty
* docs: update cli-backends claude default args
* docs: refresh cli live test default args
* gateway tests: align live claude args defaults
* changelog: credit claude/acpx reliability fixes
* Agents: normalize legacy Claude permission flag overrides
* Tests: cover legacy Claude permission override normalization
* Changelog: note legacy Claude permission flag auto-normalization
* ACPX: fail fast when ensure/new return no session IDs
* ACPX tests: support empty sessions new fixture output
* ACPX tests: assert ensureSession failure when IDs missing
* CLI runner: scope watchdog heartbeat wake to session
* CLI runner tests: assert session-scoped watchdog wake
* Update CHANGELOG.md
2026-03-04 01:15:28 -05:00
230fea1ca6
feat(web-search): switch Perplexity to native Search API ( #33822 )
...
* feat: Add Perplexity Search API as web_search provider
* docs fixes
* domain_filter validation
* address comments
* provider-specific options in cache key
* add validation for unsupported date filters
* legacy fields
* unsupported_language guard
* cache key matches the request's precedence order
* conflicting_time_filters guard
* unsupported_country guard
* invalid_date_range guard
* pplx validate for ISO 639-1 format
* docs: add Perplexity Search API changelog entry
* unsupported_domain_filter guard
---------
Co-authored-by: Shadow <hi@shadowing.dev>
2026-03-03 22:57:19 -06:00
f74a04e4ba
fix: tighten telegram topic-agent docs + fallback tests ( #33647 ) (thanks @kesor)
2026-03-04 09:35:53 +05:30
8eeb049683
fix(telegram): address PR review comments
...
- Export pickFirstExistingAgentId and use it to validate topic agentId
- Properly update mainSessionKey when overriding route agent
- Fix docs example showing incorrect session key for topic 3
Fixes issue where non-existent agentId would create orphaned sessions.
Fixes issue where DM topic replies would route to wrong agent.
2026-03-04 09:35:53 +05:30
58bc9a241b
feat(telegram): add per-topic agent routing for forum groups [AI-assisted]
...
This feature allows different topics within a Telegram forum supergroup to route
to different agents, each with isolated workspace, memory, and sessions.
Key changes:
- Add agentId field to TelegramTopicConfig type for per-topic routing
- Add zod validation for agentId in topic config schema
- Implement routing logic to re-derive session key with topic's agent
- Add debug logging for topic agent overrides
- Add unit tests for routing behavior (forum topics + DM topics)
- Add config validation tests
- Document feature in docs/channels/telegram.md
This builds on the approach from PR #31513 by @Sid-Qin with additional fixes
for security (preserved account fail-closed guard) and test coverage.
Closes #31473
2026-03-04 09:35:53 +05:30
1278ee9248
plugin-sdk: add channel subpaths and migrate bundled plugins
2026-03-03 22:07:03 -05:00
1c200ca7ae
follow-up: align ingress, atomic paths, and channel tests with credential semantics ( #33733 )
...
Merged via squash.
Prepared head SHA: c290c2ab6a
2026-03-03 20:29:46 -06:00
b1a735829d
docs: fix Mintlify-incompatible links in security docs ( #27698 )
...
Merged via squash.
Prepared head SHA: 6078cd94ba
2026-03-03 14:51:28 -08:00
e4b4486a96
Agent: unify bootstrap truncation warning handling ( #32769 )
...
Merged via squash.
Prepared head SHA: 5d6d4ddfa6
2026-03-03 16:28:38 -05:00
a9969e641a
docs: fix secretref marker rendering in credential surface
2026-03-03 15:08:41 -06:00
ff96e41c38
fix(discord): align DiscordAccountConfig.token type with SecretInput ( #32490 )
...
Merged via squash.
Prepared head SHA: 233aa032f1
2026-03-03 14:59:57 -06:00
2cd3be896d
docs(security): document Docker UFW hardening via DOCKER-USER ( #27613 )
...
Merged via squash.
Prepared head SHA: 31ddd43326
2026-03-03 12:28:35 -08:00
490670128b
fix(docs): avoid MDX regex markers in secretref page
2026-03-03 14:00:09 -06:00
70c6bc8581
fix(docs): use MDX-safe secretref markers
2026-03-03 13:54:03 -06:00
65816657c2
feat(discord): add allowBots mention gating
2026-03-03 12:47:25 -06:00
05446d6b6b
docs: document discord ignoreOtherMentions
2026-03-03 11:26:20 -06:00
e28ff1215c
fix: discord auto presence health signal ( #33277 ) (thanks @thewilloftheshadow) ( #33277 )
2026-03-03 11:20:59 -06:00
d89e1e40f9
docs(loop-detection): fix config keys to match schema ( #33182 )
...
Merged via squash.
Prepared head SHA: 612ecc00d3
2026-03-03 11:02:30 -05:00
4ffe15c6b2
fix(telegram): warn when accounts.default is missing in multi-account setup ( #32544 )
...
Merged via squash.
Prepared head SHA: 7ebc3f65b2
2026-03-03 03:27:19 -05:00
b1b41eb443
feat(mattermost): add native slash command support (refresh) ( #32467 )
...
Merged via squash.
Prepared head SHA: 989126574e
2026-03-03 12:39:18 +05:30
5341b5c71c
Diffs: Migrate tool usage guidance from before_prompt_build to a plugin skill ( #32630 )
...
Merged via squash.
Prepared head SHA: 585697a4e1
2026-03-03 01:50:59 -05:00
75775f2fe6
chore: Updated Brave documentation ( #26860 )
...
Merged via squash.
Prepared head SHA: f8fc4bf01e
2026-03-03 01:34:15 -05:00
d9d604c6ad
docs: add dedicated pdf tool docs page
2026-03-03 04:07:04 +00:00
02d26ced98
docs(feishu): Feishu docs – add verificationToken and align zh-CN with EN (openclaw#31555) thanks @xbsheng
...
Verified:
- pnpm build
- pnpm test:macmini
- pnpm check (blocked locally by pre-existing mainline lint issue in src/scripts/ci-changed-scope.test.ts unrelated to this PR)
Co-authored-by: xbsheng <56357338+xbsheng@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-02 21:33:41 -06:00
2c6616b830
CI: gate Windows checks by windows-relevant scope ( #32456 )
...
* CI: add windows scope output for changed-scope
* Test: cover windows scope gating in changed-scope
* CI: gate checks-windows by windows scope
* Docs: update CI windows scope and runner label
* CI: move checks-windows to 32 vCPU runner
* Docs: align CI windows runner with workflow
2026-03-02 19:10:58 -08:00
806803b7ef
feat(secrets): expand SecretRef coverage across user-supplied credentials ( #29580 )
...
* feat(secrets): expand secret target coverage and gateway tooling
* docs(secrets): align gateway and CLI secret docs
* chore(protocol): regenerate swift gateway models for secrets methods
* fix(config): restore talk apiKey fallback and stabilize runner test
* ci(windows): reduce test worker count for shard stability
* ci(windows): raise node heap for test shard stability
* test(feishu): make proxy env precedence assertion windows-safe
* fix(gateway): resolve auth password SecretInput refs for clients
* fix(gateway): resolve remote SecretInput credentials for clients
* fix(secrets): skip inactive refs in command snapshot assignments
* fix(secrets): scope gateway.remote refs to effective auth surfaces
* fix(secrets): ignore memory defaults when enabled agents disable search
* fix(secrets): honor Google Chat serviceAccountRef inheritance
* fix(secrets): address tsgo errors in command and gateway collectors
* fix(secrets): avoid auth-store load in providers-only configure
* fix(gateway): defer local password ref resolution by precedence
* fix(secrets): gate telegram webhook secret refs by webhook mode
* fix(secrets): gate slack signing secret refs to http mode
* fix(secrets): skip telegram botToken refs when tokenFile is set
* fix(secrets): gate discord pluralkit refs by enabled flag
* fix(secrets): gate discord voice tts refs by voice enabled
* test(secrets): make runtime fixture modes explicit
* fix(cli): resolve local qr password secret refs
* fix(cli): fail when gateway leaves command refs unresolved
* fix(gateway): fail when local password SecretRef is unresolved
* fix(gateway): fail when required remote SecretRefs are unresolved
* fix(gateway): resolve local password refs only when password can win
* fix(cli): skip local password SecretRef resolution on qr token override
* test(gateway): cast SecretRef fixtures to OpenClawConfig
* test(secrets): activate mode-gated targets in runtime coverage fixture
* fix(cron): support SecretInput webhook tokens safely
* fix(bluebubbles): support SecretInput passwords across config paths
* fix(msteams): make appPassword SecretInput-safe in onboarding/token paths
* fix(bluebubbles): align SecretInput schema helper typing
* fix(cli): clarify secrets.resolve version-skew errors
* refactor(secrets): return structured inactive paths from secrets.resolve
* refactor(gateway): type onboarding secret writes as SecretInput
* chore(protocol): regenerate swift models for secrets.resolve
* feat(secrets): expand extension credential secretref support
* fix(secrets): gate web-search refs by active provider
* fix(onboarding): detect SecretRef credentials in extension status
* fix(onboarding): allow keeping existing ref in secret prompt
* fix(onboarding): resolve gateway password SecretRefs for probe and tui
* fix(onboarding): honor secret-input-mode for local gateway auth
* fix(acp): resolve gateway SecretInput credentials
* fix(secrets): gate gateway.remote refs to remote surfaces
* test(secrets): cover pattern matching and inactive array refs
* docs(secrets): clarify secrets.resolve and remote active surfaces
* fix(bluebubbles): keep existing SecretRef during onboarding
* fix(tests): resolve CI type errors in new SecretRef coverage
* fix(extensions): replace raw fetch with SSRF-guarded fetch
* test(secrets): mark gateway remote targets active in runtime coverage
* test(infra): normalize home-prefix expectation across platforms
* fix(cli): only resolve local qr password refs in password mode
* test(cli): cover local qr token mode with unresolved password ref
* docs(cli): clarify local qr password ref resolution behavior
* refactor(extensions): reuse sdk SecretInput helpers
* fix(wizard): resolve onboarding env-template secrets before plaintext
* fix(cli): surface secrets.resolve diagnostics in memory and qr
* test(secrets): repair post-rebase runtime and fixtures
* fix(gateway): skip remote password ref resolution when token wins
* fix(secrets): treat tailscale remote gateway refs as active
* fix(gateway): allow remote password fallback when token ref is unresolved
* fix(gateway): ignore stale local password refs for none and trusted-proxy
* fix(gateway): skip remote secret ref resolution on local call paths
* test(cli): cover qr remote tailscale secret ref resolution
* fix(secrets): align gateway password active-surface with auth inference
* fix(cli): resolve inferred local gateway password refs in qr
* fix(gateway): prefer resolvable remote password over token ref pre-resolution
* test(gateway): cover none and trusted-proxy stale password refs
* docs(secrets): sync qr and gateway active-surface behavior
* fix: restore stability blockers from pre-release audit
* Secrets: fix collector/runtime precedence contradictions
* docs: align secrets and web credential docs
* fix(rebase): resolve integration regressions after main rebase
* fix(node-host): resolve gateway secret refs for auth
* fix(secrets): harden secretinput runtime readers
* gateway: skip inactive auth secretref resolution
* cli: avoid gateway preflight for inactive secret refs
* extensions: allow unresolved refs in onboarding status
* tests: fix qr-cli module mock hoist ordering
* Security: align audit checks with SecretInput resolution
* Gateway: resolve local-mode remote fallback secret refs
* Node host: avoid resolving inactive password secret refs
* Secrets runtime: mark Slack appToken inactive for HTTP mode
* secrets: keep inactive gateway remote refs non-blocking
* cli: include agent memory secret targets in runtime resolution
* docs(secrets): sync docs with active-surface and web search behavior
* fix(secrets): keep telegram top-level token refs active for blank account tokens
* fix(daemon): resolve gateway password secret refs for probe auth
* fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled
* fix(secrets): align token inheritance and exec timeout defaults
* docs(secrets): clarify active-surface notes in cli docs
* cli: require secrets.resolve gateway capability
* gateway: log auth secret surface diagnostics
* secrets: remove dead provider resolver module
* fix(secrets): restore gateway auth precedence and fallback resolution
* fix(tests): align plugin runtime mock typings
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-03-03 02:58:20 +00:00
fa4ff5f3d2
refactor(acp): extract install hint resolver
2026-03-03 02:51:24 +00:00
40f2e2b8a6
ci: scale Windows CI runner and test workers
2026-03-03 02:42:32 +00:00
59567a8c5d
ci: move changed-scope logic into tested script
2026-03-03 02:37:23 +00:00
04ac688dff
fix(acp): use publishable acpx install hint
2026-03-03 02:34:07 +00:00
0fd77c9856
refactor: modularize plugin runtime and test hooks
2026-03-03 02:06:58 +00:00
3eec79bd6c
feat(memory): add Ollama embedding provider ( #26349 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: ac41386543
2026-03-02 20:56:40 -05:00
bd8c3230e8
fix: force supportsDeveloperRole=false for non-native OpenAI endpoints ( #29479 )
...
Merged via squash.
Prepared head SHA: 1416c584ac
2026-03-02 20:43:49 -05:00
42626648d7
docs(models): clarify moonshot thinking and failover stop-reason errors
2026-03-03 01:11:29 +00:00
ced267c5cb
fix(moonshot): apply native thinking payload compatibility
2026-03-03 01:05:24 +00:00
287606e445
feat(acp): add kimi harness support surfaces
2026-03-03 01:05:24 +00:00
e930517154
fix(ci): resolve docs lint and test typing regressions
2026-03-03 00:55:01 +00:00
7de4204e57
docs(acp): document sandbox limitation
2026-03-03 00:52:09 +00:00
36dfd462a8
feat(acp): enable dispatch by default
2026-03-03 00:47:35 +00:00
86090b0ff2
docs(models): refresh minimax kimi glm provider docs
2026-03-03 00:40:15 +00:00
1b5ac8b0b1
feat(cli): add configurable banner tagline mode
2026-03-03 00:31:51 +00:00
f4682742d9
feat: update tlon channel/plugin to be more fully featured ( #21208 )
...
* feat(tlon): sync with openclaw-tlon master
- Add tlon CLI tool registration with binary lookup
- Add approval, media, settings, foreigns, story, upload modules
- Add http-api wrapper for Urbit connection patching
- Update types for defaultAuthorizedShips support
- Fix type compatibility with core plugin SDK
- Stub uploadFile (API not yet available in @tloncorp/api-beta)
- Remove incompatible test files (security, sse-client, upload)
* chore(tlon): remove dead code
Remove unused Urbit channel client files:
- channel-client.ts
- channel-ops.ts
- context.ts
These were not imported anywhere in the extension.
* feat(tlon): add image upload support via @tloncorp/api
- Import configureClient and uploadFile from @tloncorp/api
- Implement uploadImageFromUrl using uploadFile
- Configure API client before media uploads
- Update dependency to github:tloncorp/api-beta#main
* fix(tlon): restore SSRF protection with event ack tracking
- Restore context.ts and channel-ops.ts for SSRF support
- Restore sse-client.ts with urbitFetch for SSRF-protected requests
- Add event ack tracking from openclaw-tlon (acks every 20 events)
- Pass ssrfPolicy through authenticate() and UrbitSSEClient
- Fixes security regression from sync with openclaw-tlon
* fix(tlon): restore buildTlonAccountFields for allowPrivateNetwork
The inlined payload building was missing allowPrivateNetwork field,
which would prevent the setting from being persisted to config.
* fix(tlon): restore SSRF protection in probeAccount
- Restore channel-client.ts for UrbitChannelClient
- Use UrbitChannelClient with ssrfPolicy in probeAccount
- Ensures account probe respects allowPrivateNetwork setting
* feat(tlon): add ownerShip to setup flow
ownerShip should always be set as it controls who receives
approval requests and can approve/deny actions.
* chore(tlon): remove unused http-api.ts
After restoring SSRF protection, probeAccount uses UrbitChannelClient
instead of @urbit/http-api. The http-api.ts wrapper is no longer needed.
* refactor(tlon): simplify probeAccount to direct /~/name request
No channel needed - just authenticate and GET /~/name.
Removes UrbitChannelClient, keeping only UrbitSSEClient for monitor.
* chore(tlon): add logging for event acks
* chore(tlon): lower ack threshold to 5 for testing
* fix(tlon): address security review issues
- Fix SSRF in upload.ts: use urbitFetch with SSRF protection
- Fix SSRF in media.ts: use urbitFetch with SSRF protection
- Add command whitelist to tlon tool to prevent command injection
- Add getDefaultSsrFPolicy() helper for uploads/downloads
* fix(tlon): restore auth retry and add reauth on SSE reconnect
- Add authenticateWithRetry() helper with exponential backoff (restores lost logic from #39 )
- Add onReconnect callback to re-authenticate when SSE stream reconnects
- Add UrbitSSEClient.updateCookie() method for proper cookie normalization on reauth
* fix(tlon): add infinite reconnect with reset after max attempts
Instead of giving up after maxReconnectAttempts, wait 10 seconds then
reset the counter and keep trying. This ensures the monitor never
permanently disconnects due to temporary network issues.
* test(tlon): restore security, sse-client, and upload tests
- security.test.ts: DM allowlist, group invite, bot mention detection, ship normalization
- sse-client.test.ts: subscription handling, cookie updates, reconnection params
- upload.test.ts: image upload with SSRF protection, error handling
* fix(tlon): restore DM partner ship extraction for proper routing
- Add extractDmPartnerShip() to extract partner from 'whom' field
- Use partner ship for routing (more reliable than essay.author)
- Explicitly ignore bot's own outbound DM events
- Log mismatch between author and partner for debugging
* chore(tlon): restore ack threshold to 20
* chore(tlon): sync slash commands support from upstream
- Add stripBotMention for proper CommandBody parsing
- Add command authorization logic for owner-only slash commands
- Add CommandAuthorized and CommandSource to context payload
* fix(tlon): resolve TypeScript errors in tests and monitor
- Store validated account url/code before closure to fix type narrowing
- Fix test type annotations for mode rules
- Add proper Response type cast in sse-client mock
- Use optional chaining for init properties
* docs(tlon): update docs for new config options and capabilities
- Document ownerShip for approval system
- Document autoAcceptDmInvites and autoAcceptGroupInvites
- Update status to reflect rich text and image support
- Add bundled skill section
- Update notes with formatting and image details
- Fix pnpm-lock.yaml conflict
* docs(tlon): fix dmAllowlist description and improve allowPrivateNetwork docs
- Correct dmAllowlist: empty means no DMs allowed (not allow all)
- Promote allowPrivateNetwork to its own section with examples
- Add warning about SSRF protection implications
* docs(tlon): clarify ownerShip is auto-authorized everywhere
- Add ownerShip to minimal config example (recommended)
- Document that owner is automatically allowed for DMs and channels
- No need to add owner to dmAllowlist or defaultAuthorizedShips
* docs(tlon): add capabilities table, troubleshooting, and config reference
Align with Matrix docs format:
- Capabilities table for quick feature reference
- Troubleshooting section with common failures
- Configuration reference with all options
* docs(tlon): fix reactions status and expand bundled skill section
- Reactions ARE supported via bundled skill (not missing)
- Add link to skill GitHub repo
- List skill capabilities: contacts, channels, groups, DMs, reactions, settings
* fix(tlon): use crypto.randomUUID instead of Math.random for channel ID
Fixes security test failure - Math.random is flagged as weak randomness.
* docs: fix markdown lint - add blank line before </Step>
* fix: address PR review issues for tlon plugin
- upload.ts: Use fetchWithSsrFGuard directly instead of urbitFetch to
preserve full URL path when fetching external images; add release() call
- media.ts: Same fix - use fetchWithSsrFGuard for external media downloads;
add release() call to clean up resources
- channel.ts: Use urbitFetch for poke API to maintain consistent SSRF
protection (DNS pinning + redirect handling)
- upload.test.ts: Update mocks to use fetchWithSsrFGuard instead of urbitFetch
Addresses blocking issues from jalehman's review:
1. Fixed incorrect URL being fetched (validateUrbitBaseUrl was stripping path)
2. Fixed missing release() calls that could leak resources
3. Restored guarded fetch semantics for poke operations
* docs: add tlon changelog fragment
* style: format tlon monitor
* fix: align tlon lockfile and sse id generation
* docs: fix onboarding markdown list spacing
---------
Co-authored-by: Josh Lehman <josh@martian.engineering>
2026-03-02 16:23:42 -08:00
051b380d38
fix(hooks): return 200 instead of 202 for webhook responses ( #28204 )
...
* fix(hooks): return 200 instead of 202 for webhook responses (#22036 )
* docs(webhook): document 200 status for hooks agent
* chore(changelog): add webhook ack note openclaw#28204 thanks @Glucksberg
---------
Co-authored-by: Shakker <shakkerdroid@gmail.com>
2026-03-03 00:19:31 +00:00
11c397ef46
docs: strengthen prompt injection warning for weaker models
2026-03-03 00:06:39 +00:00
6b85ec3022
docs: tighten subscription guidance and update MiniMax M2.5 refs
2026-03-03 00:02:37 +00:00
b8b8a5f314
fix(security): enforce explicit ingress owner context
2026-03-02 23:50:36 +00:00
132794fe74
feat(security): audit workspace skill symlink escapes
2026-03-02 23:28:54 +00:00
fc1787fd4b
feat(telegram): default streaming preview to partial
2026-03-02 23:04:12 +00:00
29dde80c3e
fix: harden message hook session/group context and add integration coverage ( #9859 ) (thanks @Drickon)
2026-03-02 22:34:43 +00:00
e0b8b80067
feat(hooks): add message:transcribed and message:preprocessed internal hooks
...
Adds two new internal hook events that fire after media/link processing:
- message:transcribed: fires when audio has been transcribed, providing
the transcript text alongside the original body and media metadata.
Useful for logging, analytics, or routing based on spoken content.
- message:preprocessed: fires for every message after all media + link
understanding completes. Gives hooks access to the fully enriched body
(transcripts, image descriptions, link summaries) before the agent sees it.
Both hooks are added in get-reply.ts, after applyMediaUnderstanding and
applyLinkUnderstanding. message:received and message:sent are already
in upstream (f07bb8e8
2026-03-02 22:34:43 +00:00
1fa2488db1
fix: wire telegram disableAudioPreflight config validation and precedence tests ( #23067 ) (thanks @yangnim21029)
2026-03-02 22:26:52 +00:00
d89c25d69e
fix: support parakeet-mlx output-dir transcript parsing ( #9177 ) (thanks @mac-110)
2026-03-02 22:22:17 +00:00
f9025c3f55
feat(zalouser): add reactions, group context, and receipt acks
2026-03-02 22:08:11 +00:00
cc18e43832
docs(media): clarify audio echo defaults and proxy env
2026-03-02 22:01:24 +00:00
8e259b8310
fix: keep audio transcript echo off-by-default and tiny-audio-safe ( #32150 )
2026-03-02 21:48:08 +00:00
a183656f8f
fix: apply missed media/runtime follow-ups from merged PRs
2026-03-02 21:45:39 +00:00
b782ecb7eb
refactor: harden plugin install flow and main DM route pinning
2026-03-02 21:22:38 +00:00
ad12d1fbce
fix(plugins): prefer bundled plugin ids over bare npm specs
2026-03-02 20:49:50 +00:00
fbd1210ec2
fix(plugins): support legacy install entry fallback ( #32055 )
...
* fix(plugins): fallback install entrypoints for legacy manifests
* Voice Call: enforce exact webhook path match
* Tests: isolate webhook path suite and reset cron auth state
* chore: keep #31930 scoped to voice webhook path fix
* fix: add changelog for exact voice webhook path match (#31930 ) (thanks @afurm)
* fix: handle HTTP 529 (Anthropic overloaded) in failover error classification
Classify Anthropic's 529 status code as "rate_limit" so model fallback
triggers reliably without depending on fragile message-based detection.
Closes #28502
* fix: add changelog for HTTP 529 failover classification (#31854 ) (thanks @bugkill3r)
* fix(slack): guard against undefined text in includes calls during mention handling
* fix: add changelog for mentions/slack null-safe guards (#31865 ) (thanks @stone-jin)
* fix(memory-lancedb): pass dimensions to embedding API call
- Add dimensions parameter to Embeddings constructor
- Pass dimensions to OpenAI embeddings.create() API call
- Fixes dimension mismatch when using custom embedding models like DashScope text-embedding-v4
* fix: add regression for memory-lancedb dimensions pass-through (#32036 ) (thanks @scotthuang)
* fix(telegram): guard malformed native menu specs
* fix: harden plugin command registration + telegram menu guard (#31997 ) (thanks @liuxiaopai-ai)
* fix(gateway): restart heartbeat on model config changes
* fix: add changelog credit for heartbeat model reload (#32046 ) (thanks @stakeswky)
* test(process): replace no-output timer subprocess with spawn mock
* test(perf): trim repeated setup in cron memory and config suites
* test(perf): reduce per-case setup in script and git-hook tests
* fix(slack): scope debounce key by message timestamp to prevent cross-thread collisions
Top-level channel messages from the same sender shared a bare channel
debounce key, causing concurrent messages in different threads to merge
into a single reply on the wrong thread. Now the debounce key includes
the message timestamp for top-level messages, matching how the downstream
session layer already scopes by canonicalThreadId.
Extracted buildSlackDebounceKey() for testability.
Closes #31935
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: harden slack debounce key routing and ordering (#31951 ) (thanks @scoootscooob)
* fix(openrouter): skip reasoning.effort injection for x-ai/grok models
x-ai/grok models on OpenRouter do not support the reasoning.effort
parameter and reject payloads containing it with "Invalid arguments
passed to the model." Skip reasoning injection for these models, the
same way we already skip it for the dynamic "auto" routing model.
Closes #32039
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add changelog credit for openrouter x-ai reasoning guard (#32054 ) (thanks @scoootscooob)
* fix(agents): scope volcengine-plan/byteplus-plan auth lookup to profile resolution
The configure flow stores auth credentials under `provider: "volcengine"`,
but the coding model uses `volcengine-plan` as its provider. Add a scoped
`normalizeProviderIdForAuth` function used only by `listProfilesForProvider`
so coding-plan variants resolve to their base provider for auth credential
lookup without affecting global provider routing.
Closes #31731
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(tools): honor fsPolicy.workspaceOnly in image/pdf tool localRoots
PR #28822 fixed the Write/Edit tools to respect `tools.fs.workspaceOnly`,
but the image and PDF tools still unconditionally include default local
roots (`~/.openclaw/media`, `~/.openclaw/agents`, etc.) when computing
the `localRoots` allowlist for non-sandbox mode.
When `fsPolicy.workspaceOnly` is true, restrict `localRoots` to only the
workspace directory so that files outside the workspace are rejected by
`assertLocalMediaAllowed()`.
Relates to #31716
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add changelog credit for fsPolicy image/pdf propagation (#31882 ) (thanks @justinhuangcode)
* fix: skip Telegram command sync when menu is unchanged (#32017 )
Hash the command list and cache it to disk per account. On restart,
compare the current hash against the cached one and skip the
deleteMyCommands + setMyCommands round-trip when nothing changed.
This prevents 429 rate-limit errors when the gateway restarts
several times in quick succession.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(telegram): scope command-sync hash cache by bot identity (#32059 )
* fix: normalize coding-plan providers in auth order validation
* feat(security): Harden Docker browser container chromium flags (#23889 ) (#31504 )
* Gateway: honor OPENCLAW_GATEWAY_URL override for remote/local calls
* Agents: fix sandbox sessionKey usage for PI embedded subagent calls
* Sandbox: tighten browser container Chromium runtime flags
* fix: add sandbox browser defaults for container hardening
* docs: expand sandbox browser default flags list
* fix: make sandbox browser flags optional and preserve gateway env auth overrides
* docs: scope PR 31504 changelog entry
* style: format gateway call override handling
* fix: dedupe sandbox browser chrome args
* fix: preserve remote tls fingerprint for env gateway override
* fix: enforce auth for env gateway URL override
* chore: document gateway override auth security expectations
* fix(delivery): strip HTML tags for plain-text messaging surfaces
Models occasionally produce HTML tags in their output. While these render
fine on web surfaces, they appear as literal text on WhatsApp, Signal,
SMS, IRC, and Telegram.
Add sanitizeForPlainText() utility that converts common inline HTML to
lightweight-markup equivalents and strips remaining tags. Applied in the
outbound delivery pipeline for non-HTML surfaces only.
Closes #31884
See also: #18558
* fix(outbound): harden plain-text HTML sanitization paths (#32034 )
* fix(security): harden file installs and race-path tests
* matrix: bootstrap crypto runtime when npm scripts are skipped
* fix(matrix): keep plugin register sync while bootstrapping crypto runtime (#31989 )
* perf(runtime): reduce cron persistence and logger overhead
* test(perf): use prebuilt plugin install archive fixtures
* test(perf): increase guardrail scan read concurrency
* fix(queue): restart drain when message enqueued after idle window
After a drain loop empties the queue it deletes the key from
FOLLOWUP_QUEUES. If a new message arrives at that moment
enqueueFollowupRun creates a fresh queue object with draining:false
but never starts a drain, leaving the message stranded until the
next run completes and calls finalizeWithFollowup.
Fix: persist the most recent runFollowup callback per queue key in
FOLLOWUP_RUN_CALLBACKS (drain.ts). enqueueFollowupRun now calls
kickFollowupDrainIfIdle after a successful push; if a cached
callback exists and no drain is running it calls scheduleFollowupDrain
to restart immediately. clearSessionQueues cleans up the callback
cache alongside the queue state.
* fix: avoid stale followup drain callbacks (#31902 ) (thanks @Lanfei)
* fix(synology-chat): read cfg from outbound context so incomingUrl resolves
* fix: require openclaw.extensions for plugin installs (#32055 ) (thanks @liuxiaopai-ai)
---------
Co-authored-by: Andrii Furmanets <furmanets.andriy@gmail.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Saurabh <skmishra1991@gmail.com>
Co-authored-by: stone-jin <1520006273@qq.com>
Co-authored-by: scotthuang <scotthuang@tencent.com>
Co-authored-by: User <user@example.com>
Co-authored-by: scoootscooob <zhentongfan@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: justinhuangcode <justinhuangcode@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
Co-authored-by: AytuncYildizli <cryptosquanch@gmail.com>
Co-authored-by: bmendonca3 <bmendonca3@users.noreply.github.com>
Co-authored-by: Jealous <CooLanfei@163.com>
Co-authored-by: white-rm <zhang.xujin@xydigit.com>
2026-03-02 19:41:05 +00:00
a19a7f5e6e
feat(security): Harden Docker browser container chromium flags ( #23889 ) ( #31504 )
...
* Gateway: honor OPENCLAW_GATEWAY_URL override for remote/local calls
* Agents: fix sandbox sessionKey usage for PI embedded subagent calls
* Sandbox: tighten browser container Chromium runtime flags
* fix: add sandbox browser defaults for container hardening
* docs: expand sandbox browser default flags list
* fix: make sandbox browser flags optional and preserve gateway env auth overrides
* docs: scope PR 31504 changelog entry
* style: format gateway call override handling
* fix: dedupe sandbox browser chrome args
* fix: preserve remote tls fingerprint for env gateway override
* fix: enforce auth for env gateway URL override
* chore: document gateway override auth security expectations
2026-03-02 11:28:27 -08:00
1727279598
fix(browser): default to openclaw profile when unspecified ( #32031 )
2026-03-02 18:34:37 +00:00
cf5702233c
docs(security)!: document messaging-only onboarding default and hook/model risk
2026-03-02 18:15:49 +00:00
e339c75d5d
style(docs): format faq markdown spacing
2026-03-02 17:38:11 +00:00
eb35fb745d
docs: remove provider recommendation language
2026-03-02 17:33:38 +00:00
d3e8b17aa6
fix: harden webhook auth-before-body handling
2026-03-02 17:21:09 +00:00
a0e11e63fe
docs(faq): add Windows exec encoding troubleshooting ( #30736 )
...
Co-authored-by: dalomeve <dalomeve@users.noreply.github.com>
2026-03-02 11:08:26 -06:00
07b16d5ad0
fix(security): harden workspace bootstrap boundary reads
2026-03-02 17:07:36 +00:00
67b2dde7c5
Docs: add WSL2 boot auto-start guide ( #31616 )
2026-03-02 11:07:15 -06:00
7a55a3ca07
fix(install): correct Windows PATH troubleshooting docs ( #28102 )
...
* fix(install): correct Windows PATH troubleshooting — no \bin suffix needed (closes #19921 )
* fix(docs): apply same PATH fix to FAQ
2026-03-02 11:07:07 -06:00
be65dc8acc
docs(diffs): clarify file size limitations
2026-03-02 11:34:12 -05:00
208a9b1ad1
docs(zalouser): document js-native migration and breaking change
2026-03-02 15:44:07 +00:00
5f49a5da3c
Diffs: extend image quality configs and add PDF as a format option ( #31342 )
...
Merged via squash.
Prepared head SHA: cc12097851
2026-03-02 04:38:50 -05:00
c6e5026edf
Docs: sort provider lists A-Z
2026-03-01 23:42:55 -08:00
7e8118a93e
Docs: sort built-in tools links A-Z
2026-03-01 23:41:39 -08:00
c977ac8d26
Docs: sort supported channels A-Z
2026-03-01 23:40:51 -08:00
ee22a01ec9
Docs: remove dead concepts/sessions alias
2026-03-01 23:40:09 -08:00
abe0edaba7
Docs: sort channels list by name across locales
2026-03-01 23:38:55 -08:00
a969df4c00
Docs: remove quickstart from first steps nav
2026-03-01 23:36:38 -08:00
f4785c1a7b
Docs: expand sandbox guide for common image and Docker bootstrap
2026-03-01 23:16:00 -08:00
cb491dfde5
feat(docker): add opt-in sandbox support for Docker deployments ( #29974 )
...
* feat(docker): add opt-in sandbox support for Docker deployments
Enable Docker-based sandbox isolation via OPENCLAW_SANDBOX=1 env var
in docker-setup.sh. This is a prerequisite for agents.defaults.sandbox
to function in any Docker deployment (self-hosted, Hostinger, DigitalOcean).
Changes:
- Dockerfile: add OPENCLAW_INSTALL_DOCKER_CLI build arg (~50MB, opt-in)
- docker-compose.yml: add commented-out docker.sock mount with docs
- docker-setup.sh: auto-detect Docker socket, inject mount, detect GID,
build sandbox image, configure sandbox defaults, add group_add
All changes are opt-in. Zero impact on existing deployments.
Usage: OPENCLAW_SANDBOX=1 ./docker-setup.sh
Closes #29933
Related: #7575 , #7827 , #28401 , #10361 , #12505 , #28326
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address code review feedback on sandbox support
- Persist OPENCLAW_SANDBOX, DOCKER_GID, OPENCLAW_INSTALL_DOCKER_CLI
to .env via upsert_env so group_add survives re-runs
- Show config set errors instead of swallowing them silently;
report partial failure when sandbox config is incomplete
- Warn when Dockerfile.sandbox is missing but sandbox config
is still applied (sandbox image won't exist)
- Fix non-canonical whitespace in apt sources.list entry
by using printf instead of echo with line continuation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: remove `local` outside function and guard sandbox behind Docker CLI check
- Remove `local` keyword from top-level `sandbox_config_ok` assignment
which caused script exit under `set -euo pipefail` (bash `local`
outside a function is an error)
- Add Docker CLI prerequisite check for pre-built (non-local) images:
runs `docker --version` inside the container and skips sandbox setup
with a clear warning if the CLI is missing
- Split sandbox block so config is only applied after prerequisites pass
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: defer docker.sock mount until sandbox prerequisites pass
Move Docker socket mounting from the early setup phase (before image
build/pull) to a dedicated compose overlay created only after:
1. Docker CLI is verified inside the container image
2. /var/run/docker.sock exists on the host
Previously the socket was mounted optimistically at startup, leaving
the host Docker daemon exposed even when sandbox setup was later
skipped due to missing Docker CLI. Now the gateway starts without
the socket, and a docker-compose.sandbox.yml overlay is generated
only when all prerequisites pass. The gateway restart at the end of
sandbox setup picks up both the socket mount and sandbox config.
Also moves group_add from write_extra_compose() into the sandbox
overlay, keeping all sandbox-specific compose configuration together.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs(docker): fix sandbox docs URL in setup output
* Docker: harden sandbox setup fallback behavior
* Tests: cover docker-setup sandbox edge paths
* Docker: roll back sandbox mode on partial config failure
* Tests: assert sandbox mode rollback on partial setup
* Docs: document Docker sandbox bootstrap env controls
* Changelog: credit Docker sandbox bootstrap hardening
* Update CHANGELOG.md
* Docker: verify Docker apt signing key fingerprint
* Docker: avoid sandbox overlay deps during policy writes
* Tests: assert no-deps sandbox rollback gateway recreate
* Docs: mention OPENCLAW_INSTALL_DOCKER_CLI in Docker env vars
---------
Co-authored-by: Jakub Karwowski <jakubkarwowski@Mac.lan>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-01 23:06:10 -08:00
d0ac1b0195
feat: add PDF analysis tool with native provider support ( #31319 )
...
* feat: add PDF analysis tool with native provider support
New `pdf` tool for analyzing PDF documents with model-powered analysis.
Architecture:
- Native PDF path: sends raw PDF bytes directly to providers that support
inline document input (Anthropic via DocumentBlockParam, Google Gemini
via inlineData with application/pdf MIME type)
- Extraction fallback: for providers without native PDF support, extracts
text via pdfjs-dist and rasterizes pages to images via @napi-rs/canvas,
then sends through the standard vision/text completion path
Key features:
- Single PDF (`pdf` param) or multiple PDFs (`pdfs` array, up to 10)
- Page range selection (`pages` param, e.g. "1-5", "1,3,7-9")
- Model override (`model` param) and file size limits (`maxBytesMb`)
- Auto-detects provider capability and falls back gracefully
- Same security patterns as image tool (SSRF guards, sandbox support,
local path roots, workspace-only policy)
Config (agents.defaults):
- pdfModel: primary/fallbacks (defaults to imageModel, then session model)
- pdfMaxBytesMb: max PDF file size (default: 10)
- pdfMaxPages: max pages to process (default: 20)
Model catalog:
- Extended ModelInputType to include "document" alongside "text"/"image"
- Added modelSupportsDocument() capability check
Files:
- src/agents/tools/pdf-tool.ts - main tool factory
- src/agents/tools/pdf-tool.helpers.ts - helpers (page range, config, etc.)
- src/agents/tools/pdf-native-providers.ts - direct API calls for Anthropic/Google
- src/agents/tools/pdf-tool.test.ts - 43 tests covering all paths
- Modified: model-catalog.ts, openclaw-tools.ts, config schema/types/labels/help
* fix: prepare pdf tool for merge (#31319 ) (thanks @tyler6204)
2026-03-01 22:39:12 -08:00
f2dbaf70fa
docs: add Vercel sponsorship ( #29270 )
...
* docs: add Vercel sponsorship
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs: fix README formatting
* docs: resize Vercel sponsor logo to match other logos
* docs: scale down Vercel SVG viewBox to match other sponsor logos
* Fixed ordering.
* md error fix
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 06:25:46 +00:00
3049ca840f
docs: replace bare provider URLs with markdown links
2026-03-02 06:01:29 +00:00
bc0288bcfb
docs: clarify adaptive thinking and openai websocket docs
2026-03-02 05:46:57 +00:00
3002f13ca7
feat(config): add `openclaw config validate` and improve startup error messages ( #31220 )
...
Merged via squash.
Prepared head SHA: 4598f2a541
2026-03-02 00:45:51 -05:00
548a502c69
docs: sync android node docs with current pairing and capabilities
2026-03-02 11:08:51 +05:30
a9f1188785
sessions_spawn: inline attachments with redaction, lifecycle cleanup, and docs ( #16761 )
...
Add inline file attachment support for sessions_spawn (subagent runtime only):
- Schema: attachments[] (name, content, encoding, mimeType) and attachAs.mountPath hint
- Materialization: files written to .openclaw/attachments/<uuid>/ with manifest.json
- Validation: strict base64 decode, filename checks, size limits, duplicate detection
- Transcript redaction: sanitizeToolCallInputs redacts attachment content from persisted transcripts
- Lifecycle cleanup: safeRemoveAttachmentsDir with symlink-safe path containment check
- Config: tools.sessions_spawn.attachments (enabled, maxFiles, maxFileBytes, maxTotalBytes, retainOnSessionKeep)
- Registry: attachmentsDir/attachmentsRootDir/retainAttachmentsOnKeep on SubagentRunRecord
- ACP rejection: attachments rejected for runtime=acp with clear error message
- Docs: updated tools/index.md, concepts/session-tool.md, configuration-reference.md
- Tests: 85 new/updated tests across 5 test files
Fixes:
- Guard fs.rm in materialization catch block with try/catch (review concern #1 )
- Remove unreachable fallback in safeRemoveAttachmentsDir (review concern #7 )
- Move attachment cleanup out of retry path to avoid timing issues with announce loop
Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
Co-authored-by: napetrov <napetrov@users.noreply.github.com>
2026-03-01 21:33:51 -08:00
842deefe5d
test: split fast lane from channel and gateway suites
2026-03-02 05:33:07 +00:00
4a1be98254
fix(diffs): harden viewer security and docs
2026-03-02 05:07:09 +00:00
6ba7238ac6
build: bump versions to 2026.3.2
2026-03-02 04:55:53 +00:00
d2472af724
Chore: add Dockerfile HEALTHCHECK and debug-log silent catch blocks ( #11478 )
...
* Docker: add /healthz-based container HEALTHCHECK
* Docs/Docker: document built-in image HEALTHCHECK
* Changelog: note Dockerfile healthcheck probe
* Docs/Docker: explain HEALTHCHECK behavior in plain language
* Docker: relax HEALTHCHECK interval to 3m
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-01 20:52:14 -08:00
449511484d
fix(gateway): allow ws:// to private network addresses ( #28670 )
...
* fix(gateway): allow ws:// to RFC 1918 private network addresses
resolve ws-private-network conflicts
* gateway: keep ws security strict-by-default with private opt-in
* gateway: apply private ws opt-in in connection detail guard
* gateway: apply private ws opt-in in websocket client
* onboarding: gate private ws urls behind explicit opt-in
* gateway tests: enforce strict ws defaults with private opt-in
* onboarding tests: validate private ws opt-in behavior
* gateway client tests: cover private ws env override
* gateway call tests: cover private ws env override
* changelog: add ws strict-default security entry for pr 28670
* docs(onboard): document private ws break-glass env
* docs(gateway): add private ws env to remote guide
* docs(docker): add private ws break-glass env var
* docs(security): add private ws break-glass guidance
* docs(config): document OPENCLAW_ALLOW_PRIVATE_WS
* Update CHANGELOG.md
* gateway: normalize private-ws host classification
* test(gateway): cover non-unicast ipv6 private-ws edges
* changelog: rename insecure private ws break-glass env
* docs(onboard): rename insecure private ws env
* docs(gateway): rename insecure private ws env in config reference
* docs(gateway): rename insecure private ws env in remote guide
* docs(security): rename insecure private ws env
* docs(docker): rename insecure private ws env
* test(onboard): rename insecure private ws env
* onboard: rename insecure private ws env
* test(gateway): rename insecure private ws env in call tests
* gateway: rename insecure private ws env in call flow
* test(gateway): rename insecure private ws env in client tests
* gateway: rename insecure private ws env in client
* docker: pass insecure private ws env to services
* docker-setup: persist insecure private ws env
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-01 20:49:45 -08:00
eeb72097ba
Gateway: add healthz/readyz probe endpoints for container checks ( #31272 )
...
* Gateway: add HTTP liveness/readiness probe routes
* Gateway tests: cover probe route auth bypass and methods
* Docker Compose: add gateway /healthz healthcheck
* Docs: document Docker probe endpoints
* Dockerfile: note built-in probe endpoints
* Gateway: make probe routes fallback-only to avoid shadowing
* Gateway tests: verify probe paths do not shadow plugin routes
* Changelog: note gateway container probe endpoints
2026-03-01 20:36:58 -08:00
96ffbb5aaf
CLI: add config path subcommand to print active config file path ( #26256 )
...
Merged via squash.
Prepared head SHA: b11c593a34
2026-03-01 23:33:20 -05:00
b7615e0ce3
Exec/ACP: inject OPENCLAW_SHELL into child shell env ( #31271 )
...
* exec: mark runtime shell context in exec env
* tests(exec): cover OPENCLAW_SHELL in gateway exec
* tests(exec): cover OPENCLAW_SHELL in pty mode
* acpx: mark runtime shell context for spawned process
* tests(acpx): log OPENCLAW_SHELL in runtime fixture
* tests(acpx): assert OPENCLAW_SHELL in runtime prompt
* docs(env): document OPENCLAW_SHELL runtime markers
* docs(exec): describe OPENCLAW_SHELL exec marker
* docs(acp): document OPENCLAW_SHELL acp marker
* docs(gateway): note OPENCLAW_SHELL for background exec
* tui: tag local shell runs with OPENCLAW_SHELL
* tests(tui): assert OPENCLAW_SHELL in local shell runner
* acp client: tag spawned bridge env with OPENCLAW_SHELL
* tests(acp): cover acp client OPENCLAW_SHELL env helper
* docs(env): include acp-client and tui-local shell markers
* docs(acp): document acp-client OPENCLAW_SHELL marker
* docs(tui): document tui-local OPENCLAW_SHELL marker
* exec: keep shell runtime env string-only for docker args
* changelog: note OPENCLAW_SHELL runtime markers
2026-03-01 20:31:06 -08:00
41537e9303
fix(channels): add optional defaultAccount routing
2026-03-02 04:03:46 +00:00
61ef76edb5
docs(gateway): document Docker bridge networking and loopback bind caveat ( #28001 )
...
* docs(gateway): document Docker bridge networking and loopback bind caveat
The default loopback bind makes the gateway unreachable with Docker
bridge networking because port-forwarded traffic arrives on eth0, not
lo. Add a note in both the Dockerfile and the configuration reference
explaining the workarounds (--network host or bind: lan).
Fixes #27950
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs(docker): note legacy gateway.bind alias migration
* docs(gateway): clarify legacy bind alias auto-migration
* docs(docker): require bind mode values in gateway.bind
* docs(gateway): avoid bind alias auto-migration claim
* changelog: add #28001 docker bind docs credit
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-01 19:45:27 -08:00
6532757cdf
Diffs: add viewer payload validation and presentation defaults
2026-03-01 22:38:14 -05:00
030565b18c
Docker: add OCI base-image labels and document base-image metadata ( #31196 )
...
* Docker: add OCI base image labels
* Docs(Docker): document base image metadata context
* Changelog: note Docker base annotation docs update
* Changelog: add author credit for Docker base annotations
* Update docker.md
* Docker: add OCI source and docs labels
* CI(Docker): publish OCI revision/version labels
* Docs(Docker): list OCI image annotations
* Changelog: expand OCI annotation coverage note
* Docker: set OCI license annotation to MIT
* Docs(Docker): align OCI license annotation to MIT
* Docker: note docs sync path for OCI annotations
* Docker: normalize OCI label block indentation
2026-03-01 19:22:44 -08:00
6ea3a47dae
fix(feishu): harden routing, parsing, and media delivery
2026-03-02 03:22:07 +00:00
b0c7f1ebe2
fix: harden sessions_spawn delivery params and telegram account routing ( #31000 , #31110 )
2026-03-02 02:35:48 +00:00
601d1ccd24
Docs(Docker): clarify official GHCR image usage and setup flow ( #31180 )
...
* Add pre built images to docker docs
* Docs(Docker): clarify official GHCR image guidance
* Changelog: document Docker docs image clarification
* Update CHANGELOG.md
---------
Co-authored-by: Ken <ken@ipl31.net>
2026-03-01 18:31:20 -08:00
cc0806dfab
docs(discord): standardize eventQueue timeout guidance
2026-03-02 02:22:59 +00:00
f8459ef46c
docs(security): document sessions_spawn sandbox=require hardening
2026-03-02 01:29:19 +00:00
feefedfb83
fix: allow docker cli container to connect to gateway ( #12504 )
...
* Docker: route CLI through gateway network namespace
* Tests: assert Docker Compose CLI namespace wiring
* Changelog: add Docker Compose CLI connectivity fix
* Docker: pin docker setup gateway mode and bind
* Tests: cover docker setup mode and bind sync
* Docs: clarify Docker LAN vs loopback gateway targeting
* Changelog: expand Docker #12504 targeting note
* Docker: default optional CLAUDE compose vars to empty
* Docs(Docker): document non-interactive compose runs
* Changelog: note docker compose env-noise reduction
* Docker: restore onboarding Tailscale guidance
* Docker: simplify onboarding output and clarify Tailscale
* Docker: harden shared-namespace CLI container
* Docs(Docker): document shared-namespace trust boundary
* Changelog: note docker shared-namespace hardening
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-01 17:28:35 -08:00
bfeadb80b6
feat(agents): add sessions_spawn sandbox require mode
2026-03-02 01:27:34 +00:00
155118751f
refactor!: remove versioned system-run approval contract
2026-03-02 01:12:53 +00:00
b9aa2d436b
fix(security): enforce sandbox inheritance for sessions_spawn
2026-03-02 01:11:13 +00:00
085c23ce5a
fix(security): block private-network web_search citation redirects
2026-03-02 01:05:20 +00:00
f696b64b51
Doctor: warn when Linux state dir is on SD/eMMC mounts ( #31033 )
...
* Doctor state: warn on Linux SD or eMMC state mounts
* Doctor tests: cover Linux SD or eMMC state mount detection
* Docs doctor: document Linux SD or eMMC state warning
* Changelog: add Linux SD or eMMC doctor warning
* Update CHANGELOG.md
* Doctor: escape mountinfo control chars in SD warning
* Doctor tests: cover escaped mountinfo control chars
2026-03-01 16:36:01 -08:00
58659b931b
fix(gateway): enforce owner boundary for agent runs
2026-03-02 00:27:44 +00:00
0eac494db7
fix(gateway): harden node metadata policy classification
2026-03-02 00:15:34 +00:00
ccb415b69a
fix: align ACP permission docs defaults ( #31044 ) (thanks @barronlroth)
2026-03-01 23:30:39 +00:00
bed1cb9600
docs(acp): add permission configuration section and troubleshooting entries
...
Document permissionMode and nonInteractivePermissions plugin config
keys for the acpx backend. Add troubleshooting entries for:
- Permission prompt errors in non-interactive ACP sessions
- Silent session failures from swallowed permission errors
- Stalled ACP sessions that never report completion
Relates to #29195
AI-assisted (lightly tested)
2026-03-01 23:30:39 +00:00
4c43fccb3e
feat(agents): use structured internal completion events
2026-03-01 23:11:48 +00:00
eb20793550
Docs: add all unlisted docs routes to navigation ( #31027 )
...
* Docs: add missing platform pages to nav
* Docs: include all unlisted docs routes in nav
* Docs nav: classify routes by area and remove catch-all groups
* Docs nav: remove ja-JP AGENTS page entry
* Docs ja-JP: remove AGENTS translation workspace page
* Docs nav: remove refactor plans group
* Docs nav: remove .dev template pages
* Docs nav: remove operations hubs group
2026-03-01 15:09:35 -08:00
d1615eb35f
feat(openai): add websocket warm-up with configurable toggle
2026-03-01 22:45:03 +00:00
002539c01e
fix(security): harden sandbox novnc observer flow
2026-03-01 22:44:28 +00:00
eee870576d
doctor: warn on macOS cloud-synced state directories ( #31004 )
...
* Doctor: detect macOS cloud-synced state directories
* Doctor tests: cover cloud-synced macOS state detection
* Docs: note cloud-synced state warning in doctor guide
* Docs: recommend local macOS state dir placement
* Changelog: add macOS cloud-synced state dir warning
* Changelog: credit macOS cloud state warning PR
* Doctor state: anchor cloud-sync roots to macOS home
* Doctor tests: cover OPENCLAW_HOME cloud-sync override
* Doctor state: prefer resolved target for cloud detection
* Doctor tests: cover local-target cloud symlink case
2026-03-01 14:35:46 -08:00
063c4f00ea
docs: clarify Anthropic context1m long-context requirements
2026-03-01 22:35:26 +00:00
7ced38b5ef
feat(agents): make openai responses websocket-first with fallback
2026-03-01 22:32:37 +00:00
38da2d076c
CLI: add root --help fast path and lazy channel option resolution ( #30975 )
...
* CLI argv: add strict root help invocation guard
* Entry: add root help fast-path bootstrap bypass
* CLI context: lazily resolve channel options
* CLI context tests: cover lazy channel option resolution
* CLI argv tests: cover root help invocation detection
* Changelog: note additional startup path optimizations
* Changelog: split startup follow-up into #30975 entry
* CLI channel options: load precomputed startup metadata
* CLI channel options tests: cover precomputed metadata path
* Build: generate CLI startup metadata during build
* Build script: invoke CLI startup metadata generator
* CLI routes: preload plugins for routed health
* CLI routes tests: assert health plugin preload
* CLI: add experimental bundled entry and snapshot helper
* Tools: compare CLI startup entries in benchmark script
* Docs: add startup tuning notes for Pi and VM hosts
* CLI: drop bundled entry runtime toggle
* Build: remove bundled and snapshot scripts
* Tools: remove bundled-entry benchmark shortcut
* Docs: remove bundled startup bench examples
* Docs: remove Pi bundled entry mention
* Docs: remove VM bundled entry mention
* Changelog: remove bundled startup follow-up claims
* Build: remove snapshot helper script
* Build: remove CLI bundle tsdown config
* Doctor: add low-power startup optimization hints
* Doctor: run startup optimization hint checks
* Doctor tests: cover startup optimization host targeting
* Doctor tests: mock startup optimization note export
* CLI argv: require strict root-only help fast path
* CLI argv tests: cover mixed root-help invocations
* CLI channel options: merge metadata with runtime catalog
* CLI channel options tests: assert dynamic catalog merge
* Changelog: align #30975 startup follow-up scope
* Docs tests: remove secondary-entry startup bench note
* Docs Pi: add systemd recovery reference link
* Docs VPS: add systemd recovery reference link
2026-03-01 14:23:46 -08:00
e7cafed424
chore(release): bump version to 2026.3.1
2026-03-01 21:14:17 +00:00
c161e141f3
Docs tests: add CLI startup benchmark usage
2026-03-01 12:56:56 -08:00
08ea7f0cf6
Docs VPS: add startup tuning for small hosts
2026-03-01 12:56:56 -08:00
86e4f3e7e2
Docs Pi: add startup tuning for compile cache
2026-03-01 12:56:56 -08:00
921ebfb25e
ACPX plugin: allow configurable command and expected version
2026-03-01 20:39:24 +01:00
b9e07ad7b4
docs(slack): add missing DM scopes to manifest (openclaw#29999) thanks @JcMinarro
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: JcMinarro <4047514+JcMinarro@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-01 11:25:52 -06:00
ea3955cd78
fix(cron): add retry policy for one-shot jobs on transient errors ( #24355 ) (openclaw#24435) thanks @hugenshen
...
Verified:
- pnpm install --frozen-lockfile
- pnpm check
- pnpm test -- --run src/cron/service.issue-regressions.test.ts src/config/config-misc.test.ts
Co-authored-by: hugenshen <16300669+hugenshen@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-01 06:58:03 -06:00
39e09273ca
docs(diffs): update docs for diffs plugin
2026-02-28 20:40:30 -05:00
27882dc73e
feat(feishu): add quota optimization flags (openclaw#10513) thanks @BigUncle
...
Verified:
- pnpm build
- pnpm check
- pnpm vitest run --config vitest.extensions.config.ts extensions/feishu/src/config-schema.test.ts extensions/feishu/src/reply-dispatcher.test.ts extensions/feishu/src/bot.test.ts
Co-authored-by: BigUncle <9360607+BigUncle@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-27 23:05:54 -06:00
af9edc98e4
fix(release): unify sparkle build policy and defaults
2026-02-28 10:04:25 +05:30
08fd579412
macos: make derived Sparkle build unique for same-day releases
2026-02-28 10:04:25 +05:30
266f10d47d
docs: clarify Sparkle build version policy
2026-02-28 10:04:25 +05:30
6e645300a8
docs(feishu): clarify oc_ group allowlist vs ou_ command allowFrom for /reset ( #26835 )
...
* docs(feishu): clarify oc_* group allowlist vs ou_* command allowFrom
* docs(feishu): avoid direct edits to generated zh-CN docs
---------
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-27 22:30:05 -06:00
4f8a54eeaa
docs: add cardkit permissions to Feishu channel setup ( #9410 )
...
- Add cardkit:card:read and cardkit:card:write to tenant scopes
- Format user scopes array for better readability
- Update both English and Chinese documentation
Co-authored-by: hezhizhou.606 <hezhizhou.606@bytedance.com>
2026-02-27 22:29:54 -06:00
f16ecd1dac
fix(ollama): unify context window handling across discovery, merge, and OpenAI-compat transport ( #29205 )
...
* fix(ollama): inject num_ctx for OpenAI-compatible transport
* fix(ollama): discover per-model context and preserve higher limits
* fix(agents): prefer matching provider model for fallback limits
* fix(types): require numeric token limits in provider model merge
* fix(types): accept unknown payload in ollama num_ctx wrapper
* fix(types): simplify ollama settled-result extraction
* config(models): add provider flag for Ollama OpenAI num_ctx injection
* config(schema): allow provider num_ctx injection flag
* config(labels): label provider num_ctx injection flag
* config(help): document provider num_ctx injection flag
* agents(ollama): gate OpenAI num_ctx injection with provider config
* tests(ollama): cover provider num_ctx injection flag behavior
* docs(config): list provider num_ctx injection option
* docs(ollama): document OpenAI num_ctx injection toggle
* docs(config): clarify merge token-limit precedence
* config(help): note merge uses higher model token limits
* fix(ollama): cap /api/show discovery concurrency
* fix(ollama): restrict num_ctx injection to OpenAI compat
* tests(ollama): cover ipv6 and compat num_ctx gating
* fix(ollama): detect remote compat endpoints for ollama-labeled providers
* fix(ollama): cap per-model /api/show lookups to bound discovery load
2026-02-27 17:20:47 -08:00
d17c083803
docs(ollama): clarify /v1 tool-calling guidance ( #29204 )
2026-02-27 15:21:13 -08:00
de77497ea8
chore: add convex to sponsors table
2026-02-27 23:27:27 +01:00
8bc80fad47
fix(slack): land #29032 /agentstatus alias from @maloqab
...
Land contributor PR #29032 by @maloqab with Slack native alias docs, integration tests, and changelog entry.
Co-authored-by: maloqab <mitebaloqab@gmail.com>
2026-02-27 19:09:38 +00:00
dede4089a6
docs(openai): add clear server compaction toggle examples
2026-02-27 16:21:08 +00:00
8da3a9a92d
fix(agents): auto-enable OpenAI Responses server-side compaction ( #16930 , #22441 , #25088 )
...
Landed from contributor PRs #16930 , #22441 , and #25088 .
Co-authored-by: liweiguang <codingpunk@gmail.com>
Co-authored-by: EdwardWu7 <wuzhiyuan7@gmail.com>
Co-authored-by: MoerAI <friendnt@g.skku.edu>
2026-02-27 16:15:50 +00:00
fe807e4bed
chore(release): bump 2026.2.27 and split changelog
2026-02-27 16:09:28 +01:00
0fe6cf06b2
Compaction: preserve opaque identifiers in summaries (openclaw#25553) thanks @rodrigouroz
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-27 08:14:05 -06:00
a7929abad8
Discord: thread bindings idle + max-age lifecycle ( #27845 ) (thanks @osolmaz)
...
* refactor discord thread bindings to idle and max-age lifecycle
* fix: migrate legacy thread binding expiry and reduce hot-path disk writes
* refactor: remove remaining thread-binding ttl legacy paths
* fix: harden thread-binding lifecycle persistence
* Discord: fix thread binding types in message/reply paths
* Infra: handle win32 unknown inode in file identity checks
* Infra: relax win32 guarded-open identity checks
* Config: migrate threadBindings ttlHours to idleHours
* Revert "Infra: relax win32 guarded-open identity checks"
This reverts commit de9412677196fc5ddfb3#27845 ) (thanks @osolmaz)
---------
Co-authored-by: Onur Solmaz <onur@textcortex.com>
2026-02-27 10:02:39 +01:00
6ed00abc1e
docs: document android capability sweep in testing guide
2026-02-27 12:16:36 +05:30
cb9374a2a1
Gateway: improve device-auth v2 migration diagnostics ( #28305 )
...
* Gateway: add device-auth detail code resolver
* Gateway: emit specific device-auth detail codes
* Gateway tests: cover nonce and signature detail codes
* Docs: add gateway device-auth migration diagnostics
* Docs: add device-auth v2 troubleshooting signatures
2026-02-26 21:05:43 -08:00
29f5da5b2a
feat(nodes): expose device diagnostics and notification actions
2026-02-27 10:15:21 +05:30
c1e0f8cfb1
docs(nodes): document android camera list and device actions
2026-02-27 10:15:21 +05:30
88a0d87490
Docs: align gateway config key paths with metadata ( #28196 )
...
* Docs: align gateway config key paths in reference
* Docs: expand config reference coverage for channels plugins and providers
2026-02-26 22:35:43 -05:00
418111adb9
docs(telegram): align channel docs with runtime behavior
2026-02-27 08:00:29 +05:30
7149ba5574
docs: remove legacy grammy page
2026-02-27 08:00:29 +05:30
035a2dbb40
docs: consolidate grammy links to telegram
2026-02-27 08:00:29 +05:30
1f68010bd6
docs(telegram): clarify group auth boundary
2026-02-27 08:00:29 +05:30
d320b30b9b
Docs: expand ACP first-use naming and link protocol site
2026-02-27 00:33:58 +01:00
297cca0565
docs(cli): improve secrets command guide
2026-02-27 00:20:02 +01:00
1d43202930
fix: repair Telegram allowlist DM migrations ( #27936 ) (thanks @widingmarcus-cyber)
2026-02-26 22:53:13 +00:00
5a453eacbd
chore(onboarding): add explicit account-risk warning for Gemini CLI OAuth and docs ( #16683 )
...
* docs: add account-risk caution to Google OAuth provider docs
* docs(plugin): add Gemini CLI account safety caution
* CLI: add risk hint for Gemini CLI auth choice
* Onboarding: require confirmation for Gemini CLI OAuth
* Tests: cover Gemini CLI OAuth risk confirmation flow
2026-02-26 15:25:42 -05:00
9f154efa8d
docs(acp): expand /acp operator playbook
2026-02-26 16:49:20 +00:00
0ec7711bc2
fix(agents): harden compaction and reset safety
...
Co-authored-by: jaden-clovervnd <91520439+jaden-clovervnd@users.noreply.github.com>
Co-authored-by: Sid <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: Marcus Widing <245375637+widingmarcus-cyber@users.noreply.github.com>
2026-02-26 17:41:24 +01:00
c81e9866ff
fix(pi): stop history image reinjection token blowup
2026-02-26 16:38:20 +01:00
03d7641b0e
feat(agents): default codex transport to websocket-first
2026-02-26 16:22:53 +01:00
cc1eaf130b
docs(gateway): clarify remote token local fallback semantics
2026-02-26 15:59:44 +01:00
4380d74d49
docs(secrets): add dedicated apply plan contract page
2026-02-26 14:47:22 +00:00
14897e8de7
docs(secrets): clarify partial migration guidance
2026-02-26 14:47:22 +00:00
ea1ccf4896
docs(secrets): add direct 1password exec example
2026-02-26 14:47:22 +00:00
f46b9c996f
feat(secrets): allow opt-in symlink exec command paths
2026-02-26 14:47:22 +00:00
06290b49b2
feat(secrets): finalize mode rename and validated exec docs
2026-02-26 14:47:22 +00:00
f413e314b9
feat(secrets): replace migrate flow with audit/configure/apply
2026-02-26 14:47:22 +00:00
bde9cbb058
docs(secrets): align provider model and add exec resolver coverage
2026-02-26 14:47:22 +00:00
5e3a86fd2f
feat(secrets): expand onboarding secret-ref flows and custom-provider parity
2026-02-26 14:47:22 +00:00
e8637c79b3
fix(secrets): harden sops migration sops rule matching
2026-02-26 14:47:22 +00:00
0e69660c41
feat(secrets): finalize external secrets runtime and migration hardening
2026-02-26 14:47:22 +00:00
c5b89fbaea
Docs: address review feedback on secrets docs
2026-02-26 14:47:22 +00:00
9203d583f9
Docs: add secrets and CLI secrets reference pages
2026-02-26 14:47:22 +00:00
c0a3801086
Docs: document secrets refs runtime and migration
2026-02-26 14:47:22 +00:00
7d8aeaaf06
fix(gateway): pin paired reconnect metadata for node policy
2026-02-26 14:11:04 +01:00
5df9aacf68
fix(podman): default run-openclaw-podman bind to loopback (land #27491 , thanks @robbyczgw-cla)
...
Co-authored-by: robbyczgw-cla <robbyczgw@gmail.com>
2026-02-26 12:13:20 +00:00
8bdda7a651
fix(security): keep DM pairing allowlists out of group auth
2026-02-26 12:58:18 +01:00
caace61ba1
chore: bump versions to 2026.2.26
2026-02-26 12:11:02 +01:00
1ffc319831
Doctor: keep allowFrom account-scoped in multi-account configs
2026-02-26 05:34:58 -05:00
a7d56e3554
feat: ACP thread-bound agents ( #23580 )
...
* docs: add ACP thread-bound agents plan doc
* docs: expand ACP implementation specification
* feat(acp): route ACP sessions through core dispatch and lifecycle cleanup
* feat(acp): add /acp commands and Discord spawn gate
* ACP: add acpx runtime plugin backend
* fix(subagents): defer transient lifecycle errors before announce
* Agents: harden ACP sessions_spawn and tighten spawn guidance
* Agents: require explicit ACP target for runtime spawns
* docs: expand ACP control-plane implementation plan
* ACP: harden metadata seeding and spawn guidance
* ACP: centralize runtime control-plane manager and fail-closed dispatch
* ACP: harden runtime manager and unify spawn helpers
* Commands: route ACP sessions through ACP runtime in agent command
* ACP: require persisted metadata for runtime spawns
* Sessions: preserve ACP metadata when updating entries
* Plugins: harden ACP backend registry across loaders
* ACPX: make availability probe compatible with adapters
* E2E: add manual Discord ACP plain-language smoke script
* ACPX: preserve streamed spacing across Discord delivery
* Docs: add ACP Discord streaming strategy
* ACP: harden Discord stream buffering for thread replies
* ACP: reuse shared block reply pipeline for projector
* ACP: unify streaming config and adopt coalesceIdleMs
* Docs: add temporary ACP production hardening plan
* Docs: trim temporary ACP hardening plan goals
* Docs: gate ACP thread controls by backend capabilities
* ACP: add capability-gated runtime controls and /acp operator commands
* Docs: remove temporary ACP hardening plan
* ACP: fix spawn target validation and close cache cleanup
* ACP: harden runtime dispatch and recovery paths
* ACP: split ACP command/runtime internals and centralize policy
* ACP: harden runtime lifecycle, validation, and observability
* ACP: surface runtime and backend session IDs in thread bindings
* docs: add temp plan for binding-service migration
* ACP: migrate thread binding flows to SessionBindingService
* ACP: address review feedback and preserve prompt wording
* ACPX plugin: pin runtime dependency and prefer bundled CLI
* Discord: complete binding-service migration cleanup and restore ACP plan
* Docs: add standalone ACP agents guide
* ACP: route harness intents to thread-bound ACP sessions
* ACP: fix spawn thread routing and queue-owner stall
* ACP: harden startup reconciliation and command bypass handling
* ACP: fix dispatch bypass type narrowing
* ACP: align runtime metadata to agentSessionId
* ACP: normalize session identifier handling and labels
* ACP: mark thread banner session ids provisional until first reply
* ACP: stabilize session identity mapping and startup reconciliation
* ACP: add resolved session-id notices and cwd in thread intros
* Discord: prefix thread meta notices consistently
* Discord: unify ACP/thread meta notices with gear prefix
* Discord: split thread persona naming from meta formatting
* Extensions: bump acpx plugin dependency to 0.1.9
* Agents: gate ACP prompt guidance behind acp.enabled
* Docs: remove temp experiment plan docs
* Docs: scope streaming plan to holy grail refactor
* Docs: refactor ACP agents guide for human-first flow
* Docs/Skill: add ACP feature-flag guidance and direct acpx telephone-game flow
* Docs/Skill: add OpenCode and Pi to ACP harness lists
* Docs/Skill: align ACP harness list with current acpx registry
* Dev/Test: move ACP plain-language smoke script and mark as keep
* Docs/Skill: reorder ACP harness lists with Pi first
* ACP: split control-plane manager into core/types/utils modules
* Docs: refresh ACP thread-bound agents plan
* ACP: extract dispatch lane and split manager domains
* ACP: centralize binding context and remove reverse deps
* Infra: unify system message formatting
* ACP: centralize error boundaries and session id rendering
* ACP: enforce init concurrency cap and strict meta clear
* Tests: fix ACP dispatch binding mock typing
* Tests: fix Discord thread-binding mock drift and ACP request id
* ACP: gate slash bypass and persist cleared overrides
* ACPX: await pre-abort cancel before runTurn return
* Extension: pin acpx runtime dependency to 0.1.11
* Docs: add pinned acpx install strategy for ACP extension
* Extensions/acpx: enforce strict local pinned startup
* Extensions/acpx: tighten acp-router install guidance
* ACPX: retry runtime test temp-dir cleanup
* Extensions/acpx: require proactive ACPX repair for thread spawns
* Extensions/acpx: require restart offer after acpx reinstall
* extensions/acpx: remove workspace protocol devDependency
* extensions/acpx: bump pinned acpx to 0.1.13
* extensions/acpx: sync lockfile after dependency bump
* ACPX: make runtime spawn Windows-safe
* fix: align doctor-config-flow repair tests with default-account migration (#23580 ) (thanks @osolmaz)
2026-02-26 11:00:09 +01:00
dfa0b5b4fc
Channels: move single-account config into accounts.default ( #27334 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 50b5771808
2026-02-26 04:06:03 -05:00
c289b5ff9f
fix(config): preserve agent-level apiKey/baseUrl during models.json merge ( #27293 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 6b4b37b03d
2026-02-26 03:46:36 -05:00
92c309f2e1
docs: fix wrong Providers link in configuration examples
2026-02-26 02:41:07 -06:00
96c7702526
Agents: add account-scoped bind and routing commands ( #27195 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: ad35a458a5
2026-02-26 02:36:56 -05:00
f08fe02a1b
Onboarding: support plugin-owned interactive channel flows ( #27191 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 53872cf8e7
2026-02-26 01:14:57 -05:00
91a3f0a3fe
pairing: enforce strict account-scoped state
2026-02-26 00:31:24 -05:00
35976da7a0
fix: harden Docker/GCP onboarding flow ( #26253 ) (thanks @pandego)
2026-02-26 04:46:18 +00:00
e8197404d0
Docker/docs: reduce docker build OOM risk on small GCP hosts
2026-02-26 04:46:18 +00:00
cb3e5c35b0
docs: fix onboarding markdown list spacing
2026-02-26 05:23:30 +01:00
4ada143794
docs(heartbeat): add directPolicy to config examples
2026-02-26 03:59:38 +01:00
8a006a3260
feat(heartbeat): add directPolicy and restore default direct delivery
2026-02-26 03:57:03 +01:00
b8bb8ab3ca
docs: clarify personal-by-default onboarding security notice
2026-02-26 02:59:34 +01:00
c736f11a16
fix(gateway): harden browser websocket auth chain
2026-02-26 01:22:49 +01:00
e56b0cf1a0
fix: enforce telegram reaction authorization
2026-02-26 01:03:03 +01:00
42f455739f
fix(security): clarify denyCommands exact-match guidance
2026-02-26 00:55:35 +01:00
eb73e87f18
fix(session): prevent silent overflow on parent thread forks ( #26912 )
...
Lands #26912 from @markshields-tl with configurable session.parentForkMaxTokens and docs/tests/changelog updates.
Co-authored-by: Mark Shields <239231357+markshields-tl@users.noreply.github.com>
2026-02-25 23:54:02 +00:00
8f3310000a
refactor(macos): remove anthropic oauth onboarding flow
2026-02-26 00:17:03 +01:00
8f5f599a34
docs(security): note narrow filesystem roots for tool access
2026-02-25 05:10:10 +00:00
52d933b3a9
refactor: replace bot.molt identifiers with ai.openclaw
2026-02-25 05:03:24 +00:00
480cc4b85c
chore: roll to 2026.2.25 unreleased
2026-02-25 03:35:33 +00:00
069c495df6
docs: clarify pairing commands in faq and troubleshooting
2026-02-25 02:50:17 +00:00
c2a837565c
docs: fix configure section example
2026-02-25 02:44:49 +00:00
bfafec2271
docs: expand doctor and devices CLI references
2026-02-25 02:41:13 +00:00
a12cbf8994
docs: refresh CLI and trusted-proxy docs
2026-02-25 02:40:12 +00:00
24d7612ddf
refactor(heartbeat): harden dm delivery classification
2026-02-25 02:13:07 +00:00
a805d6b439
fix(heartbeat): block dm targets and internalize blocked prompts
2026-02-25 02:05:45 +00:00
eb4a93a8db
refactor(sandbox): share container-path utils and tighten fs bridge tests
2026-02-25 01:59:53 +00:00
e2362d352d
fix(heartbeat): default target none and internalize relay prompts
2026-02-25 01:28:47 +00:00
ee6fec36eb
docs(discord): document DAVE defaults and decrypt recovery
2026-02-25 00:28:06 +00:00
9cd50c51b0
fix(discord): harden voice DAVE receive reliability ( #25861 )
...
Reimplements and consolidates related work:
- #24339 stale disconnect/destroyed session guards
- #25312 voice listener cleanup on stop
- #23036 restore @snazzah/davey runtime dependency
Adds Discord voice DAVE config passthrough, repeated decrypt failure
rejoin recovery, regression tests, docs, and changelog updates.
Co-authored-by: Frank Yang <frank.ekn@gmail.com>
Co-authored-by: Do Cao Hieu <admin@docaohieu.com>
2026-02-25 00:19:50 +00:00
b4010a0b62
fix(zalo): enforce group sender policy in groups
2026-02-24 23:30:43 +00:00
9fccf60733
refactor(synology-chat): centralize DM auth and fail fast startup
2026-02-24 23:28:40 +00:00
14b6eea6e3
feat(sandbox): block container namespace joins by default
2026-02-24 23:20:34 +00:00
0ee30361b8
fix(synology-chat): fail closed empty allowlist
2026-02-24 23:18:17 +00:00
b67e600bff
fix(security): restrict default safe-bin trusted dirs
2026-02-24 23:13:37 +00:00
e806b34779
chore: remove changelog add helper script
2026-02-24 15:33:09 +00:00
d18ae2256f
refactor: unify channel plugin resolution, family ordering, and changelog entry tooling
2026-02-24 15:15:22 +00:00
370d115549
fix: enforce workspaceOnly for native prompt image autoload
2026-02-24 14:47:59 +00:00
31b1b20b3c
docs: add WeChat community plugin listing
...
Add @icesword760/openclaw-wechat to the community plugins page.
This plugin connects OpenClaw to WeChat personal accounts via
WeChatPadPro (iPad protocol) with support for text, image, and
file exchange.
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-24 08:41:28 -06:00
8cc841766c
docs(security): enumerate dangerous config parameters
2026-02-24 14:25:43 +00:00
4d124e4a9b
feat(security): warn on likely multi-user trust-model mismatch
2026-02-24 14:03:19 +00:00
2bad30b4d3
chore(release): bump version to 2026.2.24
2026-02-24 13:42:43 +00:00
8ea936cdda
docs: clarify prompt caching intro
2026-02-24 05:22:00 +00:00
8c5cf2d5b2
docs(subagents): document default runTimeoutSeconds config ( #24594 ) (thanks @mitchmcalister)
2026-02-24 04:22:43 +00:00
1fdaaaedd3
Docs: clarify Chrome extension relay port derivation (gateway + 3)
2026-02-24 04:16:08 +00:00
aea28e26fb
fix(auto-reply): expand standalone stop phrases
2026-02-24 04:02:43 +00:00
a67689a7e3
fix: harden allow-always shell multiplexer wrapper handling
2026-02-24 03:06:51 +00:00
1d28da55a5
fix(voice-call): block Twilio webhook replay and stale transitions
2026-02-24 02:37:24 +00:00
5239b55c0a
Config: expand Kilo catalog and persist selected Kilo models ( #24921 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: f5a7e1a385
2026-02-23 21:17:37 -05:00
6c441ea797
fix: support legacy and beta prerelease version formats
2026-02-24 02:05:37 +00:00
223d7dc23d
feat(gateway)!: require explicit non-loopback control-ui origins
2026-02-24 01:57:11 +00:00
5eb72ab769
fix(security): harden browser SSRF defaults and migrate legacy key
2026-02-24 01:52:01 +00:00
f0f886ecc4
docs(security): clarify gateway-node trust boundary in docs
2026-02-24 01:35:44 +00:00
12cc754332
fix(acp): harden permission auto-approval policy
2026-02-24 01:03:30 +00:00
ddf93d9845
docs(security): add vps trust-boundary guidance
2026-02-24 01:02:11 +00:00
cfa44ea6b4
fix(security): make allowFrom id-only by default with dangerous name opt-in ( #24907 )
...
* fix(channels): default allowFrom to id-only; add dangerous name opt-in
* docs(security): align channel allowFrom docs with id-only default
2026-02-24 01:01:51 +00:00
41b0568b35
docs(security): clarify shared-agent trust boundaries
2026-02-24 01:00:05 +00:00
400220275c
docs: clarify multi-instance recommendations for user isolation
2026-02-24 00:40:08 +00:00
7d55277d72
docs: clarify operator trust boundary for shared gateways
2026-02-24 00:25:01 +00:00
3b8e33037a
fix(security): harden safeBins long-option validation
2026-02-23 23:58:58 +00:00
13f32e2f7d
feat: Add Kilo Gateway provider ( #20212 )
...
* feat: Add Kilo Gateway provider
Add support for Kilo Gateway as a model provider, similar to OpenRouter.
Kilo Gateway provides a unified API that routes requests to many models
behind a single endpoint and API key.
Changes:
- Add kilocode provider option to auth-choice and onboarding flows
- Add KILOCODE_API_KEY environment variable support
- Add kilocode/ model prefix handling in model-auth and extra-params
- Add provider documentation in docs/providers/kilocode.md
- Update model-providers.md with Kilo Gateway section
- Add design doc for the integration
* kilocode: add provider tests and normalize onboard auth-choice registration
* kilocode: register in resolveImplicitProviders so models appear in provider filter
* kilocode: update base URL from /api/openrouter/ to /api/gateway/
* docs: fix formatting in kilocode docs
* fix: address PR review — remove kilocode from cacheRetention, fix stale model refs and CLI name in docs, fix TS2742
* docs: fix stale refs in design doc — Moltbot to OpenClaw, MoltbotConfig to OpenClawConfig, remove extra-params section, fix doc path
* fix: use resolveAgentModelPrimaryValue for AgentModelConfig union type
---------
Co-authored-by: Mark IJbema <mark@kilocode.ai>
2026-02-23 23:29:27 +00:00
eff3c5c707
Session/Cron maintenance hardening and cleanup UX ( #24753 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 7533b85156
2026-02-23 22:39:48 +00:00
9af3ec92a5
fix(gateway): add HSTS header hardening and docs
2026-02-23 19:47:29 +00:00
69b17a37e8
docs(reference): add cache trace diagnostics knobs to prompt-caching guide
2026-02-23 19:39:35 +00:00
46dee26600
docs(reference): add prompt-caching guide and knobs
...
Co-authored-by: Axel Svensson <svenssonaxel@users.noreply.github.com>
2026-02-23 19:19:45 +00:00
78e7f41d28
docs: detail per-agent prompt caching configuration
2026-02-23 18:46:40 +00:00
f03ff39754
Providers: skip context1m beta for Anthropic OAuth tokens ( #24620 )
...
* Providers: skip context1m beta for Anthropic OAuth tokens
* Tests: cover OAuth context1m beta skip behavior
* Docs: note context1m OAuth incompatibility
* Agents: add context1m-aware context token resolver
* Agents: cover context1m context-token resolver
* Commands: apply context1m-aware context tokens in session store
* Commands: apply context1m-aware context tokens in status summary
* Status: resolve context tokens with context1m model params
* Status: test context1m status context display
2026-02-23 12:29:09 -05:00
eb4ff6df81
Allow Claude model requests to route through Google Vertex AI ( #23985 )
...
* feat: add anthropic-vertex provider for Claude via GCP Vertex AI
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: sallyom <somalley@redhat.com>
* docs: add anthropic-vertex provider guide
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: sallyom <somalley@redhat.com>
* Agents: validate Anthropic Vertex project env
* Changelog: format update for Vertex entry
* Providers: rename Anthropic Vertex to Google Vertex Claude
* Providers: remove Vertex Claude provider path
* Models: normalize Vercel Claude shorthand refs
* Onboarding: default Vercel model to Claude shorthand
* Changelog: add @vincentkoc credit for #23985
* Onboarding: keep canonical Vercel default model ref
* Tests: expand Vercel model normalization coverage
---------
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-02-23 11:04:31 -05:00
3a3c2da916
[Feature]: Add Gemini (Google Search grounding) as web_search provider ( #13075 )
...
* feat: add Gemini (Google Search grounding) as web_search provider
Add Gemini as a fourth web search provider alongside Brave, Perplexity,
and Grok. Uses Gemini's built-in Google Search grounding tool to return
search results with citations.
- Add runGeminiSearch() with Google Search grounding via tools API
- Resolve Gemini's grounding redirect URLs to direct URLs via parallel
HEAD requests (5s timeout, graceful fallback)
- Add Gemini config block (apiKey, model) with env var fallback
- Default model: gemini-2.5-flash (fast, cheap, grounding-capable)
- Strip API key from error messages for security
- Add config validation tests for Gemini provider
- Update docs/tools/web.md with Gemini provider documentation
Closes #13074
* feat: auto-detect search provider from available API keys
When no explicit provider is configured, resolveSearchProvider now
checks for available API keys in priority order (Brave → Gemini →
Perplexity → Grok) and selects the first provider with a valid key.
- Add auto-detection logic using existing resolve*ApiKey functions
- Export resolveSearchProvider via __testing_provider for tests
- Add 8 tests covering auto-detection, priority order, and explicit override
- Update docs/tools/web.md with auto-detection documentation
* fix: merge __testing exports, downgrade auto-detect log to debug
* fix: use defaultRuntime.log instead of .debug (not in RuntimeEnv type)
* fix: mark gemini apiKey as sensitive in zod schema
* fix: address Greptile review — add externalContent to Gemini payload, add Gemini/Grok entries to schema labels/help, remove dead schema-fields.ts
* fix(web-search): add JSON parse guard for Gemini API responses
Addresses Greptile review comment: add try/catch to handle non-JSON
responses from Gemini API gracefully, preventing runtime errors on
malformed responses.
Note: FIELD_HELP entries for gemini.apiKey and gemini.model were
already present in schema.help.ts, and gemini.apiKey was already
marked as sensitive in zod-schema.agent-runtime.ts (both fixed in
earlier commits).
* fix: use structured readResponseText result in Gemini error path
readResponseText returns { text, truncated, bytesRead }, not a string.
The Gemini error handler was using the result object directly, which
would always be truthy and never fall through to res.statusText.
Align with Perplexity/xAI/Brave error patterns.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* style: fix import order and formatting after rebase onto main
* Web search: send Gemini API key via header
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-02-23 09:30:51 -05:00
c92c3ad224
Tests: isolate quick_validate stub and remove DS_Store
2026-02-23 03:25:37 -05:00
a4c373935f
fix(agents): fall back to agents.defaults.model when agent has no model config ( #24210 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 0f272b1027
2026-02-23 03:18:55 -05:00
9e1a13bf4c
Gateway/UI: data-driven agents tools catalog with provenance (openclaw#24199) thanks @Takhoffman
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- gh pr checks 24199 --watch --fail-fast
Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-22 23:55:59 -06:00
77c3b142a9
Web UI: add full cron edit parity, all-jobs run history, and compact filters (openclaw#24155) thanks @Takhoffman
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-22 23:05:42 -06:00
558a0137bb
chore(release): bump versions to 2026.2.23
2026-02-23 05:13:46 +01:00
278331c49c
fix(exec): restore sandbox as implicit host default
2026-02-23 01:48:24 +01:00
1c2c7843a8
docs: add synology channel docs and fix unreleased changelog
2026-02-23 01:16:05 +01:00
d92ba4f8aa
feat: Provider/Mistral full support for Mistral on OpenClaw 🇫🇷 ( #23845 )
...
* Onboard: add Mistral auth choice and CLI flags
* Onboard/Auth: add Mistral provider config defaults
* Auth choice: wire Mistral API-key flow
* Onboard non-interactive: support --mistral-api-key
* Media understanding: add Mistral Voxtral audio provider
* Changelog: note Mistral onboarding and media support
* Docs: add Mistral provider and onboarding/media references
* Tests: cover Mistral media registry/defaults and auth mapping
* Memory: add Mistral embeddings provider support
* Onboarding: refresh Mistral model metadata
* Docs: document Mistral embeddings and endpoints
* Memory: persist Mistral embedding client state in managers
* Memory: add regressions for mistral provider wiring
* Gateway: add live tool probe retry helper
* Gateway: cover live tool probe retry helper
* Gateway: retry malformed live tool-read probe responses
* Memory: support plain-text batch error bodies
* Tests: add Mistral Voxtral live transcription smoke
* Docs: add Mistral live audio test command
* Revert: remove Mistral live voice test and docs entry
* Onboard: re-export Mistral default model ref from models
* Changelog: credit joeVenner for Mistral work
* fix: include Mistral in auto audio key fallback
* Update CHANGELOG.md
* Update CHANGELOG.md
---------
Co-authored-by: Shakker <shakkerdroid@gmail.com>
2026-02-23 00:03:56 +00:00
1d8968c8a8
fix(voice-call): harden media stream pre-start websocket handling
2026-02-22 23:25:32 +01:00
24c954d972
fix(security): harden allow-always wrapper persistence
2026-02-22 22:55:33 +01:00
64b273a71c
fix(exec): harden safe-bin trust and add explicit trusted dirs
2026-02-22 22:43:18 +01:00
e4d67137db
fix(node): default mac headless system.run to local host
...
Co-authored-by: aethnova <262512133+aethnova@users.noreply.github.com>
2026-02-22 22:24:28 +01:00
6817c0ec7b
fix(security): tighten elevated allowFrom sender matching
2026-02-22 22:00:08 +01:00
3a088c9f4f
docs: prune completed experiment plan notes
2026-02-22 21:56:01 +01:00
b0252ab90c
docs: fix canonical session doc path hint
2026-02-22 21:35:14 +01:00
acfbe158c6
docs: point pi extension paths to real source files
2026-02-22 21:32:28 +01:00
820d765553
docs: update outbound refactor test path
2026-02-22 21:28:08 +01:00
6ed08ddc24
docs: fix stale test file paths in experiment plans
2026-02-22 21:24:48 +01:00
c73837d269
docs: replace stale pi test file list with maintained patterns
2026-02-22 21:21:08 +01:00
dff9ead59a
docs: refresh gateway test references in testing guide
2026-02-22 21:16:53 +01:00
30e8f41cfc
docs: fix stale release checklist source paths
2026-02-22 21:15:09 +01:00
06b4baf67f
docs: remove internal hook import paths from examples
2026-02-22 21:12:49 +01:00
5dba7501c9
docs: update stale tsgo reference in pty plan
2026-02-22 21:10:14 +01:00
9c480d4dea
docs: replace removed pi test script with current commands
2026-02-22 21:07:34 +01:00
5547a2275c
fix(security): harden toolsBySender sender-key matching
2026-02-22 21:04:37 +01:00
3461dda880
docs: fix voicecall expose disable example
2026-02-22 20:58:28 +01:00
0d4c806406
docs: fix devices approve command in exe.dev guide
2026-02-22 20:52:46 +01:00
e0d4194869
docs: add missing summary/read_when metadata
2026-02-22 20:45:09 +01:00
371a7da9c8
docs: add missing summaries and read_when hints
2026-02-22 20:37:02 +01:00
f5814cc002
docs: add extension channels to Channels nav
2026-02-22 20:28:05 +01:00
290f375aa1
docs: fix Together provider env path
2026-02-22 20:23:40 +01:00
6fef318fda
docs: replace legacy chat examples in Venice provider guide
2026-02-22 20:15:07 +01:00
72446f419f
docs: align CLI docs and help surface
2026-02-22 20:05:01 +01:00
0c1f491a02
fix(gateway): clarify pairing and node auth guidance
2026-02-22 19:50:29 +01:00
89a1e99815
fix(slack): finalize replyToMode off threading behavior ( #23799 )
...
* fix: make replyToMode 'off' actually prevent threading in Slack
Three independent bugs caused Slack replies to always create threads
even when replyToMode was set to 'off':
1. Typing indicator created threads via statusThreadTs fallback (#16868 )
- resolveSlackThreadTargets fell back to messageTs for statusThreadTs
- 'is typing...' was posted as thread reply, creating a thread
- Fix: remove messageTs fallback, let statusThreadTs be undefined
2. [[reply_to_current]] tags bypassed replyToMode entirely (#16080 )
- Slack dock had allowExplicitReplyTagsWhenOff: true
- Reply tags from system prompt always threaded regardless of config
- Fix: set allowExplicitReplyTagsWhenOff to false for Slack
3. Contradictory replyToMode defaults in codebase (#20827 )
- monitor/provider.ts defaulted to 'all'
- accounts.ts defaulted to 'off' (matching docs)
- Fix: align provider.ts default to 'off' per documentation
Fixes : openclaw/openclaw#16868 , openclaw/openclaw#16080 , openclaw/openclaw#20827
* fix(slack): respect replyToMode in DMs even with typing indicator thread
When replyToMode is 'off' in DMs, replies should stay in the main
conversation even when the typing indicator creates a thread context.
Previously, when incomingThreadTs was set (from the typing indicator's
thread), replyToMode was forced to 'all', causing all replies to go
into the thread.
Now, for direct messages, the user's configured replyToMode is always
respected. For channels/groups, the existing behavior is preserved
(stay in thread if already in one).
This fix:
- Keeps the typing indicator working (statusThreadTs fallback preserved)
- Prevents DM replies from being forced into threads
- Maintains channel thread continuity
Fixes #16868
* refactor(slack): eliminate redundant resolveSlackThreadContext call
- Add isThreadReply to resolveSlackThreadTargets return value
- Remove duplicate call in dispatch.ts
- Addresses greptile review feedback with cleaner DRY approach
* docs(slack): add JSDoc to resolveSlackThreadTargets
Document return values including isThreadReply distinction between
genuine user thread replies vs bot status message thread context.
* docs(changelog): record Slack replyToMode off threading fixes
---------
Co-authored-by: James <jamesrp13@gmail.com>
Co-authored-by: theoseo <suhong.seo@gmail.com>
2026-02-22 13:27:50 -05:00
08431da5d5
refactor(gateway): unify credential precedence across entrypoints
2026-02-22 18:55:44 +01:00
e58054b85c
docs(telegram): align Node22 network defaults and setup guidance
2026-02-22 17:54:16 +01:00
f442a3539f
feat(update): add core auto-updater and dry-run preview
2026-02-22 17:11:36 +01:00
a5e2bd4eaa
docs: document verbose-gated tool error details
2026-02-22 15:26:48 +01:00
adfbbcf1f6
chore: merge origin/main into main
2026-02-22 13:42:52 +00:00
3308c86002
docs: keep channel names only in thread-support list
2026-02-22 14:39:40 +01:00
418e4e32c9
docs: clarify thread-bound subagents are Discord-only
2026-02-22 14:39:40 +01:00
c952334808
docs: list thread supporting channels in subagents guide
2026-02-22 14:39:40 +01:00
0b9b9d4301
docs: make subagents thread guidance channel-first
2026-02-22 14:39:40 +01:00
0d0f4c6992
refactor(exec): centralize safe-bin policy checks
2026-02-22 13:18:25 +01:00
47c3f742b6
fix(exec): require explicit safe-bin profiles
2026-02-22 12:58:55 +01:00
e80c803fa8
fix(security): block shell env allowlist bypass in system.run
2026-02-22 12:47:05 +01:00
6fda04e938
refactor: tighten onboarding dmScope typing and docs links
2026-02-22 12:46:09 +01:00
65dccbdb4b
fix: document onboarding dmScope default as breaking change ( #23468 ) (thanks @bmendonca3)
2026-02-22 12:36:49 +01:00
85e5ed3f78
refactor(channels): centralize runtime group policy handling
2026-02-22 12:35:41 +01:00
777817392d
fix: fail closed missing provider group policy across message channels ( #23367 ) (thanks @bmendonca3)
2026-02-22 12:21:04 +01:00
3700151ec0
Channels: fail closed when Slack/Discord config is missing
2026-02-22 12:18:43 +01:00
b98d3330f6
docs: update pty supervision test command paths
2026-02-22 10:48:37 +00:00
2739328508
fix(telegram): classify undici fetch errors as recoverable for retry ( #16699 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 67b5bce44f
2026-02-22 16:16:11 +05:30
c995f9be07
test: reclassify mocked announce and sandbox suites as unit tests
2026-02-22 10:28:43 +00:00
bc78b343ba
Security: expand audit checks for mDNS and real-IP fallback
2026-02-22 11:26:17 +01:00
98a03c490b
Feat/logger support log level validation0222 ( #23436 )
...
* 1、环境变量**:新增 `OPENCLAW_LOG_LEVEL`,可取值 `silent|fatal|error|warn|info|debug|trace`。设置后同时覆盖**文件日志**与**控制台**的级别,优先级高于配置文件。
2、启动参数**:在 `openclaw gateway run` 上新增 `--log-level <level>`,对该次进程同时生效于文件与控制台;未传时仍使用环境变量或配置文件。
* fix(logging): make log-level override global and precedence-safe
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-02-22 11:15:13 +01:00
1b327da6e3
fix: harden exec sandbox fallback semantics ( #23398 ) (thanks @bmendonca3)
2026-02-22 11:12:01 +01:00
c76a47cce2
Exec: fail closed when sandbox host is unavailable
2026-02-22 11:12:01 +01:00
8887f41d7d
refactor(gateway)!: remove legacy v1 device-auth handshake
2026-02-22 09:27:03 +01:00
008a8c9dc6
chore(docs): normalize security finding table formatting
2026-02-22 08:03:29 +00:00
265da4dd2a
fix(security): harden gateway command/audit guardrails
2026-02-22 08:45:48 +01:00
121d027229
chore: remove dead plugin hook loader
2026-02-22 08:45:24 +01:00
049b8b14bc
fix(security): flag open-group runtime/fs exposure in audit
2026-02-22 08:22:51 +01:00
817905f3a0
docs: document thread-bound subagent sessions and remove plan
2026-02-21 19:59:55 +01:00
2c14b0cf4c
refactor(config): unify streaming config across channels
2026-02-21 19:53:42 +01:00
f97c45c5b5
fix(security): warn on Discord name-based allowlists in audit
2026-02-21 19:45:17 +01:00
89aad7b922
refactor: tighten safe-bin policy model and docs parity
2026-02-21 19:24:23 +01:00
4c1dd9d068
fix(security): harden macos rawCommand allowlist resolution
2026-02-21 19:17:56 +01:00
57fbbaebca
fix: block safeBins sort --compress-program bypass
2026-02-21 19:13:53 +01:00
59c78c105a
docs: revert automated heading consistency edits ( #22743 )
2026-02-21 11:18:29 -05:00
8178ea472d
feat: thread-bound subagents on Discord ( #21805 )
...
* docs: thread-bound subagents plan
* docs: add exact thread-bound subagent implementation touchpoints
* Docs: prioritize auto thread-bound subagent flow
* Docs: add ACP harness thread-binding extensions
* Discord: add thread-bound session routing and auto-bind spawn flow
* Subagents: add focus commands and ACP/session binding lifecycle hooks
* Tests: cover thread bindings, focus commands, and ACP unbind hooks
* Docs: add plugin-hook appendix for thread-bound subagents
* Plugins: add subagent lifecycle hook events
* Core: emit subagent lifecycle hooks and decouple Discord bindings
* Discord: handle subagent bind lifecycle via plugin hooks
* Subagents: unify completion finalizer and split registry modules
* Add subagent lifecycle events module
* Hooks: fix subagent ended context key
* Discord: share thread bindings across ESM and Jiti
* Subagents: add persistent sessions_spawn mode for thread-bound sessions
* Subagents: clarify thread intro and persistent completion copy
* test(subagents): stabilize sessions_spawn lifecycle cleanup assertions
* Discord: add thread-bound session TTL with auto-unfocus
* Subagents: fail session spawns when thread bind fails
* Subagents: cover thread session failure cleanup paths
* Session: add thread binding TTL config and /session ttl controls
* Tests: align discord reaction expectations
* Agent: persist sessionFile for keyed subagent sessions
* Discord: normalize imports after conflict resolution
* Sessions: centralize sessionFile resolve/persist helper
* Discord: harden thread-bound subagent session routing
* Rebase: resolve upstream/main conflicts
* Subagents: move thread binding into hooks and split bindings modules
* Docs: add channel-agnostic subagent routing hook plan
* Agents: decouple subagent routing from Discord
* Discord: refactor thread-bound subagent flows
* Subagents: prevent duplicate end hooks and orphaned failed sessions
* Refactor: split subagent command and provider phases
* Subagents: honor hook delivery target overrides
* Discord: add thread binding kill switches and refresh plan doc
* Discord: fix thread bind channel resolution
* Routing: centralize account id normalization
* Discord: clean up thread bindings on startup failures
* Discord: add startup cleanup regression tests
* Docs: add long-term thread-bound subagent architecture
* Docs: split session binding plan and dedupe thread-bound doc
* Subagents: add channel-agnostic session binding routing
* Subagents: stabilize announce completion routing tests
* Subagents: cover multi-bound completion routing
* Subagents: suppress lifecycle hooks on failed thread bind
* tests: fix discord provider mock typing regressions
* docs/protocol: sync slash command aliases and delete param models
* fix: add changelog entry for Discord thread-bound subagents (#21805 ) (thanks @onutc)
---------
Co-authored-by: Shadow <hi@shadowing.dev>
2026-02-21 16:14:55 +01:00
166068dfbe
test: add byteplus coding-plan live test
2026-02-21 15:42:44 +01:00
581868365d
fix: finish volcengine/byteplus landing polish ( #7967 ) (thanks @funmore123)
2026-02-21 15:05:09 +01:00
559736a5a0
feat(volcengine): integrate Volcengine & Byteplus Provider
2026-02-21 15:05:09 +01:00
f48698a50b
fix(security): harden sandbox browser network defaults
2026-02-21 14:02:53 +01:00
8c1518f0f3
fix(sandbox): use one-time noVNC observer tokens
2026-02-21 13:56:58 +01:00
621d8e1312
fix(sandbox): require noVNC observer password auth
2026-02-21 13:44:24 +01:00
be7f825006
refactor(gateway): harden proxy client ip resolution
2026-02-21 13:36:23 +01:00
1835dec200
fix(security): force sandbox browser hash migration and audit stale labels
2026-02-21 13:25:41 +01:00
14b0d2b816
refactor: harden control-ui auth flow and add insecure-flag audit summary
2026-02-21 13:18:23 +01:00
f265d45840
fix(tts): make model provider overrides opt-in
2026-02-21 13:16:07 +01:00
356d61aacf
fix(gateway): scope tailscale tokenless auth to websocket
2026-02-21 13:03:13 +01:00
073651fb57
docs: add sponsors section to README
2026-02-21 13:00:02 +01:00
99048dbec2
fix(gateway): align insecure-auth toggle messaging
2026-02-21 12:57:22 +01:00
810218756d
docs(security): clarify trusted-host deployment assumptions
2026-02-21 12:53:12 +01:00
ede496fa1a
docs: clarify trusted-host assumption for tokenless tailscale
2026-02-21 12:52:49 +01:00
6b2f2811dc
fix(security): require BlueBubbles webhook auth
2026-02-21 11:41:50 +01:00
c6ee14d60e
fix(security): block grep safe-bin file-read bypass
2026-02-21 11:18:29 +01:00
9231d7d30f
chore: bump version to 2026.2.21
2026-02-21 11:02:30 +01:00
677384c519
refactor: simplify Telegram preview streaming to single boolean ( #22012 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: a4017d3b94
2026-02-21 15:19:13 +05:30
e1cb73cdeb
fix: unblock Docker build by aligning commands schema default ( #22558 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 1ad610176d
2026-02-21 14:47:28 +05:30
dcf2c6d7f1
docs: normalize Amazon Bedrock setup section labels ( #22549 )
...
* docs(channels): promote Signal option setups to onboarding sections
* docs(channels): rename Microsoft Teams minimal setup section
* docs(channels): standardize onboarding option headings for Zalo and Twitch
* docs(providers): normalize Amazon Bedrock onboarding section labels
2026-02-21 03:40:54 -05:00
e36245bd37
docs: finalize onboarding option heading normalization ( #22547 )
...
* docs(channels): promote Signal option setups to onboarding sections
* docs(channels): rename Microsoft Teams minimal setup section
* docs(channels): standardize onboarding option headings for Zalo and Twitch
2026-02-21 03:38:37 -05:00
ef42fe0094
docs: rename Tlon setup heading ( #22544 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
* docs(channels): rename iMessage onboarding and configuration sections
* docs(channels): rename Slack onboarding and configuration sections
* docs(channels): rename Signal onboarding heading
* docs(channels): standardize Nostr onboarding and configuration headings
* docs(channels): standardize Zalo onboarding and configuration headings
* docs(channels): standardize Twitch onboarding heading
* docs(channels): standardize Google Chat onboarding heading
* docs(channels): standardize Mattermost onboarding heading
* docs(channels): standardize Zalo Personal onboarding heading
* docs(channels): normalize Discord configuration heading
* docs(channels): standardize Microsoft Teams onboarding heading
* docs(channels): rename Signal configuration reference heading
* docs(channels): rename Matrix configuration reference heading
* docs(channels): normalize WhatsApp configuration heading
* docs(thinking): link reasoning section heading to in-page anchor
* docs(channels): normalize BlueBubbles configuration heading
* docs(channels): normalize Feishu configuration heading
* docs(channels): standardize Signal setup option headings
* docs(channels): refine Twitch setup heading clarity
* docs(channels): simplify Zalo setup heading phrasing
* docs(channels): trim Microsoft Teams minimal setup heading
* docs(channels): rename Tlon setup to onboarding
2026-02-21 03:37:27 -05:00
b5a77b9cb2
docs: finalize remaining setup heading phrasing ( #22543 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
* docs(channels): rename iMessage onboarding and configuration sections
* docs(channels): rename Slack onboarding and configuration sections
* docs(channels): rename Signal onboarding heading
* docs(channels): standardize Nostr onboarding and configuration headings
* docs(channels): standardize Zalo onboarding and configuration headings
* docs(channels): standardize Twitch onboarding heading
* docs(channels): standardize Google Chat onboarding heading
* docs(channels): standardize Mattermost onboarding heading
* docs(channels): standardize Zalo Personal onboarding heading
* docs(channels): normalize Discord configuration heading
* docs(channels): standardize Microsoft Teams onboarding heading
* docs(channels): rename Signal configuration reference heading
* docs(channels): rename Matrix configuration reference heading
* docs(channels): normalize WhatsApp configuration heading
* docs(thinking): link reasoning section heading to in-page anchor
* docs(channels): normalize BlueBubbles configuration heading
* docs(channels): normalize Feishu configuration heading
* docs(channels): standardize Signal setup option headings
* docs(channels): refine Twitch setup heading clarity
* docs(channels): simplify Zalo setup heading phrasing
* docs(channels): trim Microsoft Teams minimal setup heading
2026-02-21 03:36:39 -05:00
d7891badda
docs: more channel heading consistency updates ( #22541 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
* docs(channels): rename iMessage onboarding and configuration sections
* docs(channels): rename Slack onboarding and configuration sections
* docs(channels): rename Signal onboarding heading
* docs(channels): standardize Nostr onboarding and configuration headings
* docs(channels): standardize Zalo onboarding and configuration headings
* docs(channels): standardize Twitch onboarding heading
* docs(channels): standardize Google Chat onboarding heading
* docs(channels): standardize Mattermost onboarding heading
* docs(channels): standardize Zalo Personal onboarding heading
* docs(channels): normalize Discord configuration heading
* docs(channels): standardize Microsoft Teams onboarding heading
* docs(channels): rename Signal configuration reference heading
* docs(channels): rename Matrix configuration reference heading
* docs(channels): normalize WhatsApp configuration heading
* docs(thinking): link reasoning section heading to in-page anchor
* docs(channels): normalize BlueBubbles configuration heading
* docs(channels): normalize Feishu configuration heading
* docs(channels): standardize Signal setup option headings
2026-02-21 03:36:03 -05:00
e93e67bc8e
docs: fix thinking section heading link target ( #22539 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
* docs(channels): rename iMessage onboarding and configuration sections
* docs(channels): rename Slack onboarding and configuration sections
* docs(channels): rename Signal onboarding heading
* docs(channels): standardize Nostr onboarding and configuration headings
* docs(channels): standardize Zalo onboarding and configuration headings
* docs(channels): standardize Twitch onboarding heading
* docs(channels): standardize Google Chat onboarding heading
* docs(channels): standardize Mattermost onboarding heading
* docs(channels): standardize Zalo Personal onboarding heading
* docs(channels): normalize Discord configuration heading
* docs(channels): standardize Microsoft Teams onboarding heading
* docs(channels): rename Signal configuration reference heading
* docs(channels): rename Matrix configuration reference heading
* docs(channels): normalize WhatsApp configuration heading
* docs(thinking): link reasoning section heading to in-page anchor
2026-02-21 03:33:06 -05:00
7c593cd333
docs: finish onboarding/config heading consistency ( #22537 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
* docs(channels): rename iMessage onboarding and configuration sections
* docs(channels): rename Slack onboarding and configuration sections
* docs(channels): rename Signal onboarding heading
* docs(channels): standardize Nostr onboarding and configuration headings
* docs(channels): standardize Zalo onboarding and configuration headings
* docs(channels): standardize Twitch onboarding heading
* docs(channels): standardize Google Chat onboarding heading
* docs(channels): standardize Mattermost onboarding heading
* docs(channels): standardize Zalo Personal onboarding heading
* docs(channels): normalize Discord configuration heading
* docs(channels): standardize Microsoft Teams onboarding heading
* docs(channels): rename Signal configuration reference heading
* docs(channels): rename Matrix configuration reference heading
* docs(channels): normalize WhatsApp configuration heading
2026-02-21 03:32:37 -05:00
79183852f9
docs: more channel onboarding naming cleanup ( #22536 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
* docs(channels): rename iMessage onboarding and configuration sections
* docs(channels): rename Slack onboarding and configuration sections
* docs(channels): rename Signal onboarding heading
* docs(channels): standardize Nostr onboarding and configuration headings
* docs(channels): standardize Zalo onboarding and configuration headings
* docs(channels): standardize Twitch onboarding heading
* docs(channels): standardize Google Chat onboarding heading
* docs(channels): standardize Mattermost onboarding heading
* docs(channels): standardize Zalo Personal onboarding heading
2026-02-21 03:31:55 -05:00
4c4147fb0a
docs: continue onboarding terminology cleanup ( #22535 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
* docs(channels): rename iMessage onboarding and configuration sections
* docs(channels): rename Slack onboarding and configuration sections
* docs(channels): rename Signal onboarding heading
* docs(channels): standardize Nostr onboarding and configuration headings
* docs(channels): standardize Zalo onboarding and configuration headings
* docs(channels): standardize Twitch onboarding heading
2026-02-21 03:31:22 -05:00
12d75ff7f5
docs: continue channel onboarding/config naming cleanup ( #22533 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
* docs(channels): rename iMessage onboarding and configuration sections
* docs(channels): rename Slack onboarding and configuration sections
* docs(channels): rename Signal onboarding heading
2026-02-21 03:30:35 -05:00
436f79839b
docs: more channel onboarding heading consistency ( #22532 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
* docs(channels): standardize Discord onboarding heading
* docs(channels): standardize Telegram onboarding heading
* docs(channels): standardize WhatsApp onboarding heading
2026-02-21 03:29:42 -05:00
325992b777
docs: small docs sweep consistency updates ( #22531 )
...
* docs: fix thinking link and add reasoning anchor reference
* docs(channels): rename LINE setup heading to onboarding
* docs(channels): normalize Nextcloud Talk onboarding headings
* docs(channels): use onboarding heading for Matrix setup
2026-02-21 03:29:17 -05:00
3002be76e4
docs: add custom spellcheck dictionary and fix docs typos ( #22457 )
...
* docs: fix typos and add docs spellcheck workflow
* docs: add changelog entry for docs spellcheck updates
* docs: fix FAQ TOC fragment links for markdownlint
* docs: fix TOC nesting and spellcheck dictionary flags
2026-02-21 01:35:35 -05:00
122bdfa4e1
feat(discord): add configurable ephemeral option for slash commands
2026-02-20 21:19:21 -06:00
b7644d61a2
fix: restore Discord model picker UX ( #21458 ) (thanks @pejmanjohn)
2026-02-20 21:04:04 -06:00
f555835b09
Channels: add thread-aware model overrides
2026-02-20 19:26:25 -06:00
eedea6cf34
Discord: add trusted channel topics on new sessions
2026-02-20 18:22:13 -06:00
fe57bea088
Subagents: restore announce chain + fix nested retry/drop regressions ( #22223 )
...
* Subagents: restore announce flow and fix nested delivery retries
* fix: prep subagent announce + docs alignment (#22223 ) (thanks @tyler6204)
2026-02-20 15:39:09 -08:00
3e1ed0032d
Docs: add Discord forum thread docs
2026-02-20 17:20:24 -06:00
4ab946eebf
Discord VC: voice channels, transcription, and TTS ( #18774 )
2026-02-20 16:06:07 -06:00
09e6970386
Discord: implement stream preview mode ( #22111 )
...
* Discord: implement stream preview mode
* Changelog: note Discord stream preview mode
* Tests: type discord draft stream mocks
* Docs: document Discord stream preview
2026-02-20 12:37:15 -06:00
094dbdaf2b
fix(gateway): require loopback proxy IP for trusted-proxy + bind=loopback ( #22082 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 6ff3ca9b5d
2026-02-20 18:03:53 +00:00
8fa46d709a
fix(ios): force tls for non-loopback manual gateway hosts ( #21969 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 9fb39f566e
2026-02-20 16:28:47 +00:00
1b886e7378
docs(ui): add animated underline for nav tabs ( #21912 )
...
Add a responsive, animated underline indicator for navigation tabs to
improve visual focus and active-state feedback.
- Introduce CSS for .nav-tabs, .nav-tabs-item and a .nav-tabs-underline
element, including transitions, positioning, and dark mode color.
- Hide default first h1 in #content to keep header layout consistent.
- Add docs/nav-tabs-underline.js to create and manage the underline
element, observe DOM mutations, and update underline position/width on
changes, resize, and when fonts load.
- Preserve last known underline position/width across re-initializations
to avoid visual jumps.
This change makes active tab state visible with smooth movement and
ensures the underline stays synchronized with dynamic content.
2026-02-20 09:33:46 -05:00
5542a43623
Memory: share ENOENT helpers
2026-02-19 23:33:28 -08:00
d871ee91d0
fix(config-cli): correct misleading --json flag description ( #21332 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: b6c8d1edfa
2026-02-19 20:09:17 -05:00
ae4907ce6e
fix(heartbeat): return false for zero-width active-hours window ( #21408 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 993860bd03
2026-02-19 20:03:57 -05:00
cf4ffff3e1
fix(heartbeat): run when HEARTBEAT.md is missing
2026-02-19 19:32:18 -05:00
7ce357ff8b
docs: add Vincent Koc to contributor credits
2026-02-19 15:13:38 -08:00
f66b23de75
chore(release): bump versions to 2026.2.20
2026-02-20 00:02:53 +01:00
ce1f0c0a10
ci: move workflows to blacksmith 16vcpu runners
2026-02-19 17:25:15 +01:00
2435499862
ci: move blacksmith runners to 8 vcpu
2026-02-19 16:50:22 +01:00
b0e55283d5
chore: bump release metadata to 2026.2.19
2026-02-19 16:17:34 +01:00
c45f3c5b00
fix(gateway): harden canvas auth with session capabilities
2026-02-19 15:51:22 +01:00
81b19aaa1a
fix(security): enforce plugin and hook path containment
2026-02-19 15:37:29 +01:00
b40821b068
fix: harden ACP secret handling and exec preflight boundaries
2026-02-19 15:34:20 +01:00
3561442a9f
fix(plugins): harden discovery trust checks
2026-02-19 15:14:12 +01:00
5dc50b8a3f
fix(security): harden npm plugin and hook install integrity flow
2026-02-19 15:11:25 +01:00
29118995ad
refactor(lobster): remove lobsterPath overrides
2026-02-19 14:58:13 +01:00
a40c10d3e2
fix: harden agent gateway authorization scopes
2026-02-19 14:37:56 +01:00
ff74d89e86
fix: harden gateway control-plane restart protections
2026-02-19 14:30:15 +01:00
e3e0ffd801
feat(security): audit gateway HTTP no-auth exposure
2026-02-19 14:25:56 +01:00
bafdbb6f11
fix(security): eliminate safeBins file-existence oracle
2026-02-19 14:18:11 +01:00
1316e57403
fix: enforce inbound attachment root policy across pipelines
2026-02-19 14:15:51 +01:00
cfe8457a0f
fix(security): harden safeBins stdin-only enforcement
2026-02-19 14:10:45 +01:00
3c419b7bd3
docs(security): document webhook hardening and changelog
2026-02-19 13:31:44 +01:00
49d0def6d1
fix(security): harden imessage remote scp/ssh handling
2026-02-19 11:08:23 +01:00
7255c20ddc
fix(docker): harden docker-setup mount validation
2026-02-19 10:44:46 +01:00
b4dbe03298
refactor: unify restart gating and update availability sync
2026-02-19 10:00:41 +01:00
9c2640a810
docs: clarify WhatsApp group allowlist and reply mention behavior
2026-02-19 09:19:34 +01:00
7e54b6c96f
fix(browser): unify extension relay auth on gateway token
2026-02-19 08:40:40 +01:00
c5698caca3
Security: default gateway auth bootstrap and explicit mode none ( #20686 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: be1b73182c
2026-02-19 02:35:50 -05:00
87d8331150
docs: warn against third-party 1-click marketplace images
2026-02-19 08:30:29 +01:00
f855d0be4f
fix: skip heartbeat when HEARTBEAT.md does not exist ( #20461 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: f6e5f8172a
2026-02-19 01:09:33 -05:00
a0d904dc23
docs(discord): replace quick setup and add recommended guild setup ( #20088 )
...
Co-authored-by: Shadow <shadow@openclaw.ai>
2026-02-18 09:39:09 -06:00
d833dcd731
fix(telegram): cron and heartbeat messages land in wrong chat instead of target topic ( #19367 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: bf02bbf9ce
2026-02-18 15:31:01 +05:30
ac0db68235
refactor(security): extract safeBins trust resolver
2026-02-18 05:01:31 +01:00
28bac46c92
fix(security): harden safeBins path trust
2026-02-18 04:55:31 +01:00
4bf3338834
chore: bump version to 2026.2.18 unreleased
2026-02-18 04:40:06 +01:00
c90b09cb02
feat(agents): support Anthropic 1M context beta header
2026-02-18 03:29:48 +01:00
d1c00dbb7c
fix: harden include confinement edge cases ( #18652 ) (thanks @aether-ai-agent)
2026-02-18 03:27:16 +01:00
edf7d6af61
fix: harden subagent completion announce retries
2026-02-18 03:19:50 +01:00
985ec71c55
CLI: resolve parent/subcommand option collisions ( #18725 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: b7e51cf909
2026-02-17 20:57:09 -05:00
fa4f66255c
fix(subagents): return completion message for manual session spawns
2026-02-18 02:52:35 +01:00
01672a8f25
Revert "Add mesh auto-planning with chat command UX and hardened auth/session behavior"
...
This reverts commit 16e59b26a6
2026-02-18 02:18:02 +01:00
2e91552f09
feat(agents): add generic provider api key rotation ( #19587 )
2026-02-18 01:31:11 +01:00
4c569ce246
docs(tokens): document image dimension token tradeoffs
2026-02-18 00:56:57 +01:00
b05e89e5e6
fix(agents): make image sanitization dimension configurable
2026-02-18 00:54:20 +01:00
bb9a539d1d
Merge remote-tracking branch 'prhead/feat/slack-text-streaming'
...
# Conflicts:
# docs/channels/slack.md
# src/config/types.slack.ts
# src/slack/monitor/message-handler/dispatch.ts
2026-02-18 00:49:30 +01:00
f07bb8e8fc
fix(hooks): backport internal message hook bridge with safe delivery semantics
2026-02-18 00:35:41 +01:00
ae2c8f2cf0
feat(models): support anthropic sonnet 4.6
2026-02-18 00:00:31 +01:00
a333d92013
docs(security): harden gateway security guidance
2026-02-17 23:48:49 +01:00
c26cf6aa83
feat(cron): add default stagger controls for scheduled jobs
2026-02-17 23:48:14 +01:00
9a2c39419e
chore(release): bump version to 2026.2.17
2026-02-17 23:08:55 +01:00
2cf82c357e
Docs: expand multi-agent routing
2026-02-17 14:28:08 -06:00
ab94295541
docs(slack): add assistant:write requirement for typing status
2026-02-18 02:22:54 +08:00
0978d63edd
docs: add community plugins guide
2026-02-17 17:42:37 +01:00
19a8f8bbf6
test(cron): add model fallback regression coverage
2026-02-17 10:40:25 -05:00
c0072be6a6
docs(cli): add components send example
2026-02-17 09:58:47 -05:00
dd0b789669
fix(mattermost): surface reactions support
2026-02-17 09:30:50 -05:00
5d1bcc76cc
docs(zai): document tool_stream defaults
2026-02-17 09:22:55 -05:00
b114c82701
CLI: approve latest pending device request
2026-02-17 14:08:04 +00:00
0e023e300e
Revert: fully roll back #17986 templates
2026-02-17 13:57:50 +00:00
ddee6291eb
Docs: add screenshot showing model picker usability issue
2026-02-17 09:15:55 +01:00
b2fef5ebc4
Revert "Default Telegram polls to public"
...
This reverts commit c43e95e011
2026-02-17 09:38:15 +02:00
df8f7ff1ab
docs(voice-call): document stale call reaper config
2026-02-16 22:26:31 -05:00
81fd771cb9
fix(gateway): preserve chat.history context under hard caps
2026-02-16 21:50:01 -05:00
f6e68b917b
docs(cron): clarify webhook posting summary condition
2026-02-16 21:48:57 -05:00
6070116382
revert(exec): undo accidental merge of PR #18521
2026-02-16 21:47:18 -05:00
ae82371d8a
revert(docs): undo accidental merge of #18516
2026-02-16 21:46:45 -05:00
0c1c34c950
refactor(plugins): split before-agent hooks by model and prompt phases
2026-02-17 03:28:20 +01:00
Peter Steinberger
Vincent Koc
Tyler Yust
shichangs
shrey150
Rémi
GitBuck
Ayaan Zaidi
Tak Hoffman
Ayaan Zaidi
dano does design
Charles Dusek
arceus77-7
Josh Avant
Sally O'Malley
Florian Hines
Jason
Efe Büken
Altay
AngryBird
Kesku
Muhammed Mukhthar CM
Gustavo Madeira Santana
dorukardahan
Hinata Kaga (samon)
Harold Hunt
Bob
maweibin
Tony Dehnke
青雲
Evgeny Zislis
Clawdoo
scoootscooob
Shadow
Shadow
Mylszd
Sid
Eugene
Henry Loenwind
xbsheng
john
nico-hoff
Sk Akram
Hunter Miller
Glucksberg
Eric Lytle
Mark L
Dalomeve
jamtujest
Timothy Jordan
Nikolay Petrov
Umut CAN
Alberto Leal
cyb1278588254
Anandesh Sharma
Beer van der Drift
Barron Roth
Agent
Onur
Jc Miñarro
NIO
BigUncle
Logan Pritchett
longfros
Cassius0924
Rodrigo Uroz
Philipp Spiess
yinghaosang
pandego
zzzz
Kriz Poon
Peter Steinberger
John Fawcett
Gustavo Madeira Santana
AkosCz
边黎安
Brian Mendonca
Onur
fanziqing
Wei He
Mariano
Seb Slight
Vignesh Natarajan
adhitShet
vikpos
Pejman Pour-Moezzi
Taras Lukavyi
Mariano Belinky
Muhammed Mukhthar CM
Benjamin Jesuiter
Nimrod Gutman