1399ca5fcb
fix(plugins): forward plugin subagent overrides ( #48277 )
...
Merged via squash.
Prepared head SHA: ffa45893e0
2026-03-17 07:20:27 -07:00
6101c023bb
fix(ui): restore control-ui query token compatibility ( #43979 )
...
* fix(ui): restore control-ui query token imports
* chore(changelog): add entry for openclaw#43979 thanks @stim64045-spec
---------
Co-authored-by: 大禹 <dayu@dayudeMac-mini.local>
Co-authored-by: Val Alexander <bunsthedev@gmail.com>
Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com>
2026-03-17 04:03:35 -05:00
990d0d7261
docs(image-generation): remove nano banana stock docs
2026-03-17 01:09:58 -07:00
449127b474
fix: restore full gate
2026-03-17 07:47:28 +00:00
ff0481ad65
docs: fix context engine review notes
2026-03-17 00:14:51 -07:00
9887311de3
docs: address review feedback on context-engine page
...
- Rename 'Method' column to 'Member' with explicit Kind column since
info is a property, not a callable method
- Document AssembleResult fields (estimatedTokens, systemPromptAddition)
with types and optionality
- Add lifecycle timing notes for bootstrap, ingestBatch, and dispose
so plugin authors know when each is invoked
2026-03-17 00:14:51 -07:00
315cee96b9
docs: add plugin installation steps to context engine page
...
Show the full workflow: install via openclaw plugins install,
enable in plugins.entries, then select in plugins.slots.contextEngine.
Uses lossless-claw as the concrete example.
2026-03-17 00:14:51 -07:00
228448e6b3
docs: add context engine documentation
...
Add dedicated docs page for the pluggable context engine system:
- Full lifecycle explanation (ingest, assemble, compact, afterTurn)
- Legacy engine behavior documentation
- Plugin engine authoring guide with code examples
- ContextEngine interface reference table
- ownsCompaction semantics
- Subagent lifecycle hooks (prepareSubagentSpawn, onSubagentEnded)
- systemPromptAddition mechanism
- Relationship to compaction, memory plugins, and session pruning
- Configuration reference and tips
Also:
- Add context-engine to docs nav (Agents > Fundamentals, after Context)
- Add /context-engine redirect
- Cross-link from context.md and compaction.md
2026-03-17 00:14:51 -07:00
026d8ea534
fix: unblock full gate
2026-03-17 07:06:24 +00:00
e5919bc524
docs(gateway): clarify URL allowlist semantics
2026-03-17 00:03:27 -07:00
c601dda389
docs(image-generation): document google provider
2026-03-16 23:21:16 -07:00
c79ade10e6
docs(plugins): add capability cookbook
2026-03-16 22:58:55 -07:00
cc88b4a72d
Commands: add /plugins chat command ( #48765 )
...
* Tests: stabilize MCP config merge follow-ups
* Commands: add /plugins chat command
* Docs: add /plugins slash command guide
2026-03-16 22:57:44 -07:00
f2bd76cd1a
refactor: finalize plugin sdk legacy boundary cleanup
2026-03-16 22:51:46 -07:00
2bbf33a9ec
docs(plugins): add multi-capability ownership example
2026-03-16 22:21:18 -07:00
da34f81ce2
fix(secrets): scope message SecretRef resolution and harden doctor/status paths ( #48728 )
...
* fix(secrets): scope message runtime resolution and harden doctor/status
* docs: align message/doctor/status SecretRef behavior notes
* test(cli): accept scoped targetIds wiring in secret-resolution coverage
* fix(secrets): keep scoped allowedPaths isolation and tighten coverage gate
* fix(secrets): avoid default-account coercion in scoped target selection
* test(doctor): cover inactive telegram secretref inspect path
* docs
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
* changelog
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
---------
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-03-17 00:01:34 -05:00
06459ca0df
Agents: run bundle MCP tools in embedded Pi ( #48611 )
...
* Agents: run bundle MCP tools in embedded Pi
* Plugins: fix bundle MCP path resolution
* Plugins: warn on unsupported bundle MCP transports
* Commands: add embedded Pi MCP management
* Config: move MCP management to top-level config
2026-03-16 21:46:05 -07:00
4bba2888e7
feat(plugins): add web search runtime capability
2026-03-16 21:31:00 -07:00
afc0172cb1
docs(plugins): add capability checklist template
2026-03-16 21:13:52 -07:00
71a79bdf5c
docs(plugins): document media understanding runtime
2026-03-16 20:58:34 -07:00
3566e88c08
docs(plugins): document media capability ownership
2026-03-16 20:42:08 -07:00
14907d3de0
docs(plugins): note richer voice metadata
2026-03-16 20:27:34 -07:00
5602973b5d
docs(plugins): add capability contract example
2026-03-16 20:24:13 -07:00
1ffe8fde84
fix: stabilize docker test suite
2026-03-17 03:02:03 +00:00
ed248c76c7
docs(plugins): document speech runtime ownership
2026-03-16 20:01:24 -07:00
6da9ba3267
docs(plugins): document capability ownership model
2026-03-16 18:50:09 -07:00
4863b651c6
docs: rename onboarding user-facing wizard copy
...
Co-authored-by: Tak <contact-redacted@example.com>
2026-03-16 19:50:31 -05:00
1f1a93a1dc
Docs: document deferred channel startup opt-in
2026-03-16 14:03:25 +00:00
4337b1eba5
docs(config): refresh generated baseline
2026-03-16 18:58:32 +05:30
7deb543624
Browser: support non-Chrome existing-session profiles via userDataDir ( #48170 )
...
Merged via squash.
Prepared head SHA: e490035a24
2026-03-16 14:21:22 +01:00
1447e2e384
Release: trim generated docs from npm pack
2026-03-16 02:10:04 -07:00
3832f938fd
Docs: use placeholders for marketplace plugin examples
2026-03-16 02:09:20 -07:00
d896d8e0cd
Docs: add Claude marketplace plugin install guidance
2026-03-16 02:04:05 -07:00
c9423dce1e
Docs: refresh generated config baseline
2026-03-16 01:49:41 -07:00
7e74adef91
refactor: shrink public channel plugin sdk surfaces
2026-03-16 01:34:22 -07:00
0ed64f124d
fix: mount CLI auth dirs in docker live tests
2026-03-16 07:44:15 +00:00
b3025e6d8e
refactor(plugin-sdk): clean shared core imports
2026-03-16 00:25:32 -07:00
cec10703dc
fix: unblock ci gates
2026-03-16 07:19:54 +00:00
00ef214d59
docs: regenerate zh-CN onboarding references
2026-03-16 07:03:19 +00:00
3c6a49b27e
feishu: harden media support and align capability docs ( #47968 )
...
* feishu: harden media support and action surface
* feishu: format media action changes
* feishu: fix review follow-ups
* fix: scope Feishu target aliases to Feishu (#47968 ) (thanks @Takhoffman)
2026-03-16 02:02:48 -05:00
476d948732
!refactor(browser): remove Chrome extension path and add MCP doctor migration ( #47893 )
...
* Browser: replace extension path with Chrome MCP
* Browser: clarify relay stub and doctor checks
* Docs: mark browser MCP migration as breaking
* Browser: reject unsupported profile drivers
* Browser: accept clawd alias on profile create
* Doctor: narrow legacy browser driver migration
2026-03-15 23:56:08 -07:00
ae60094fb5
refactor(plugins): move onboarding auth metadata to manifests
2026-03-15 23:47:16 -07:00
f0f934556e
build: remove land gate script
2026-03-16 06:08:41 +00:00
aa97368f7d
test: add openshell sandbox e2e smoke
2026-03-15 23:02:36 -07:00
ddd34b6cc3
refactor(plugins): simplify provider auth choice metadata
2026-03-15 23:01:12 -07:00
0a6f22a694
docs: sync config baseline
2026-03-16 05:54:58 +00:00
2852eab323
build: add land gate parity script
2026-03-16 05:54:16 +00:00
2580b81bd2
refactor: move channel capability diagnostics into plugins
2026-03-15 22:53:03 -07:00
f9e185887f
docs: restore onboard docs references
2026-03-16 05:50:57 +00:00
ad97c581e2
refactor: move channel messaging hooks into plugins
2026-03-15 22:39:00 -07:00
e627a5069f
refactor(plugins): move auth profile hooks into providers
2026-03-15 22:23:55 -07:00
823039c000
docs: prefer setup wizard command
2026-03-15 22:01:04 -07:00
7a6be3d531
refactor(plugins): move auth and model policy to providers
2026-03-15 21:52:29 -07:00
3d8c29cc53
Build: unbundle LanceDB from published package
2026-03-15 21:51:42 -07:00
922ce15c65
Docs: refresh generated config baseline
2026-03-15 21:41:38 -07:00
5287ae3c06
docs: update setup wizard wording
2026-03-15 21:40:31 -07:00
0a2f95916b
test: expand ssh sandbox coverage and docs
2026-03-15 21:38:22 -07:00
b8bb8510a2
feat: move ssh sandboxing into core
2026-03-15 21:35:30 -07:00
c4a5fd8465
docs: update channel setup wording
2026-03-15 21:07:18 -07:00
522dda1971
Docs: refresh generated config baseline
2026-03-15 21:00:03 -07:00
a33caab280
refactor(plugins): move auth and model policy to providers
2026-03-15 20:59:06 -07:00
dfc237c319
docs: update channel setup docs
2026-03-15 20:44:26 -07:00
aa28d1c711
feat: add firecrawl onboarding search plugin
2026-03-16 03:38:58 +00:00
be8fef3840
docs: expand openshell sandbox docs
2026-03-15 20:35:56 -07:00
ae7f18e503
feat: add remote openshell sandbox mode
2026-03-15 20:28:19 -07:00
8ab01c5c93
refactor(core): land plugin auth and startup cleanup
2026-03-15 20:12:37 -07:00
46482a283a
feat: add nostr setup and unify channel setup discovery
2026-03-15 19:58:22 -07:00
a2cb81199e
secrets: harden read-only SecretRef command paths and diagnostics ( #47794 )
...
* secrets: harden read-only SecretRef resolution for status and audit
* CLI: add SecretRef degrade-safe regression coverage
* Docs: align SecretRef status and daemon probe semantics
* Security audit: close SecretRef review gaps
* Security audit: preserve source auth SecretRef configuredness
* changelog
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
---------
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-03-15 21:55:24 -05:00
acae0b60c2
perf(plugins): lazy-load channel setup entrypoints
2026-03-15 19:27:55 -07:00
bcdbd03579
docs: refresh zh-CN model providers
2026-03-16 02:26:45 +00:00
47a9c1a893
refactor: merge minimax bundled plugins
2026-03-16 02:26:45 +00:00
60bf58ddbc
refactor: trim onboarding sdk exports
2026-03-15 19:14:36 -07:00
10f4a03de8
docs(google): remove stale plugin references
2026-03-16 02:11:19 +00:00
6987a3c8b5
docs(i18n): sync zh-CN google plugin references
2026-03-16 02:11:18 +00:00
fb991e6f31
perf(plugins): lazy-load setup surfaces
2026-03-15 18:46:54 -07:00
26a8aee01c
refactor: drop channel onboarding fallback
2026-03-15 18:24:39 -07:00
b54e37c71f
feat(plugins): merge openai vendor seams into one plugin
2026-03-15 18:20:52 -07:00
bc5054ce68
refactor(google): merge gemini auth into google plugin
2026-03-16 01:19:32 +00:00
ee7ecb2dd4
feat(plugins): move anthropic and openai vendors to plugins
2026-03-15 17:07:28 -07:00
e42d86afa9
docs: document richer setup wizard prompts
2026-03-15 17:06:42 -07:00
1f68e6e89c
docs(plugins): unify bundle format explainer
2026-03-15 16:58:28 -07:00
c05cfccc17
docs(plugins): document provider runtime usage hooks
2026-03-15 16:57:32 -07:00
c3ed3ba310
docs: update setup wizard capabilities
2026-03-15 16:48:43 -07:00
d040d48af4
docs: describe channel setup wizard surface
2026-03-15 16:26:09 -07:00
4adcfa3256
feat(plugins): move provider runtimes into bundled plugins
2026-03-15 16:09:40 -07:00
dd40741e18
feat(plugins): add compatible bundle support
2026-03-15 16:08:50 -07:00
4a0f72866b
feat(plugins): move provider runtimes into bundled plugins
2026-03-15 15:18:32 -07:00
5a7aba94a2
CLI: support package-manager installs from GitHub main ( #47630 )
...
* CLI: resolve package-manager main install specs
* CLI: skip registry resolution for raw package specs
* CLI: support main package target updates
* CLI: document package update specs in help
* Tests: cover package install spec resolution
* Tests: cover npm main-package updates
* Tests: cover update --tag main
* Installer: support main package targets
* Installer: support main package targets on Windows
* Docs: document package-manager main updates
* Docs: document installer main targets
* Docs: document npm and pnpm main installs
* Docs: document update --tag main
* Changelog: note package-manager main installs
* Update src/infra/update-global.test.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-15 14:18:12 -07:00
3735156766
fix(ci): restore config baseline release-check output ( #47629 )
...
* Docs: regenerate config baseline
* Chore: ignore generated config baseline
* Update .prettierignore
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-15 14:14:30 -07:00
594920f8cc
Scripts: rebuild on extension and tsdown config changes ( #47571 )
...
Merged via squash.
Prepared head SHA: edd8ed8254
2026-03-15 16:19:27 -04:00
a2080421a1
Docs: move release runbook to maintainer repo ( #47532 )
...
* Docs: redact private release setup
* Docs: tighten release order
* Docs: move release runbook to maintainer repo
* Docs: delete public mac release page
* Docs: remove zh-CN mac release page
* Docs: turn release checklist into release policy
* Docs: point release policy to private docs
* Docs: regenerate zh-CN release policy pages
* Docs: preserve Doctor in zh-CN hubs
* Docs: fix zh-CN polls label
* Docs: tighten docs i18n term guardrails
* Docs: enforce zh-CN glossary coverage
2026-03-15 20:42:39 +01:00
4a7fbe090a
docs(zalo): document current Marketplace bot behavior (openclaw#47552)
...
Verified:
- pnpm check:docs
Co-authored-by: Tomáš Dinh <82420070+No898@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-15 14:40:35 -05:00
c9a8b6f82f
chore(fmt): format changes and broken types
2026-03-15 12:03:35 -07:00
132e459009
fix(ci): config drift found and documented
2026-03-15 10:43:03 -07:00
ff61343d76
fix: harden mention pattern regex compilation
2026-03-15 08:44:12 -07:00
89e3969d64
feat(feishu): add ACP and subagent session binding ( #46819 )
...
* feat(feishu): add ACP session support
* fix(feishu): preserve sender-scoped ACP rebinding
* fix(feishu): recover sender scope from bound ACP sessions
* fix(feishu): support DM ACP binding placement
* feat(feishu): add current-conversation session binding
* fix(feishu): avoid DM parent binding fallback
* fix(feishu): require canonical topic sender ids
* fix(feishu): honor sender-scoped ACP bindings
* fix(feishu): allow user-id ACP DM bindings
* fix(feishu): recover user-id ACP DM bindings
2026-03-15 10:33:49 -05:00
a472f988d8
fix: harden remote cdp probes
2026-03-15 08:23:01 -07:00
d7ac16788e
fix(android): support android node `calllog.search` ( #44073 )
...
* fix(android): support android node `calllog.search`
* fix(android): support android node calllog.search
* fix(android): wire callLog through shared surfaces
* fix: land Android callLog support (#44073 ) (thanks @lxk7280)
---------
Co-authored-by: lixuankai <lixuankai@oppo.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-03-15 14:54:32 +05:30
a2d73be3a4
Docs: switch README logo to SVG assets ( #47049 )
2026-03-15 08:58:45 +01:00
e3b7ff2f1f
Docs: fix MDX markers blocking page refreshes ( #46695 )
...
Merged via squash.
Prepared head SHA: 56b25a9fb3
2026-03-15 02:58:59 +01:00
f4dbd78afd
Add Feishu reactions and card action support ( #46692 )
...
* Add Feishu reactions and card action support
* Tighten Feishu action handling
2026-03-14 20:25:02 -05:00
4c6a7f84a4
docs: remove dead security README nav entry ( #46675 )
...
Merged via squash.
Prepared head SHA: 63331a54b8
2026-03-15 01:40:00 +01:00
2806f2b878
Heartbeat: add isolatedSession option for fresh session per heartbeat run ( #46634 )
...
Reuses the cron isolated session pattern (resolveCronSession with forceNew)
to give each heartbeat a fresh session with no prior conversation history.
Reduces per-heartbeat token cost from ~100K to ~2-5K tokens.
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-14 16:28:01 -07:00
3704293e6f
browser: drop headless/remote MCP attach modes, simplify existing-session to autoConnect-only ( #46628 )
2026-03-14 15:54:22 -07:00
2f7e548a57
chore: regenerate config baseline ( #46598 )
2026-03-14 15:44:13 -07:00
b1d8737017
browser: drop chrome-relay auto-creation, simplify to user profile only ( #46596 )
...
Merged via squash.
Prepared head SHA: 74becc8f7d
2026-03-14 15:40:02 -07:00
173fe3cb54
feat(browser): add headless existing-session MCP support esp for Linux/Docker/VPS ( #45769 )
...
* fix(browser): prefer managed default profile in headless mode
* test(browser): cover headless default profile fallback
* feat(browser): support headless MCP profile resolution
* feat(browser): add headless and target-url Chrome MCP modes
* feat(browser): allow MCP target URLs in profile creation
* docs(browser): document headless MCP existing-session flows
* fix(browser): restore playwright browser act helpers
* fix(browser): preserve strict selector actions
* docs(changelog): add existing-session MCP note
2026-03-14 14:59:30 -07:00
cbec476b6b
Docs: add config drift baseline statefile ( #45891 )
...
* Docs: add config drift statefile generator
* Docs: generate config drift baseline
* CI: move config docs drift runner into workflow sanity
* Docs: emit config drift baseline json
* Docs: commit config drift baseline json
* Docs: wire config baseline into release checks
* Config: fix baseline drift walker coverage
* Docs: regenerate config drift baselines
2026-03-14 14:23:30 -07:00
d33f3f843a
ci: allow fallback npm correction tags ( #46486 )
2026-03-14 19:38:14 +01:00
c30cabcca4
Docs: sweep recent user-facing updates ( #46424 )
...
* Docs: document Telegram force-document sends
* Docs: note Telegram document send behavior
* Docs: clarify memory file precedence
* Docs: align default AGENTS memory guidance
* Docs: update workspace FAQ memory note
* Docs: document gateway status require-rpc
* Docs: add require-rpc to gateway CLI index
2026-03-14 10:20:44 -07:00
0e893347f6
docs(nav): move btw to end of built-in tools ( #46416 )
2026-03-14 19:16:57 +02:00
133cce23ce
fix(btw): stop persisting side questions ( #46328 )
...
* fix(btw): stop persisting side questions
* docs(btw): document side-question behavior
2026-03-14 19:01:13 +02:00
9aac55d306
Add /btw side questions ( #45444 )
...
* feat(agent): add /btw side questions
* fix(agent): gate and log /btw reviews
* feat(btw): isolate side-question delivery
* test(reply): update route reply runtime mocks
* fix(btw): complete side-result delivery across clients
* fix(gateway): handle streamed btw side results
* fix(telegram): unblock btw side questions
* fix(reply): make external btw replies explicit
* fix(chat): keep btw side results ephemeral in internal history
* fix(btw): address remaining review feedback
* fix(chat): preserve btw history on mobile refresh
* fix(acp): keep btw replies out of prompt history
* refactor(btw): narrow side questions to live channels
* fix(btw): preserve channel typing indicators
* fix(btw): keep side questions isolated in chat
* fix(outbound): restore typed channel send deps
* fix(btw): avoid blocking replies on transcript persistence
* fix(btw): keep side questions fast
* docs(commands): document btw slash command
* docs(changelog): add btw side questions entry
* test(outbound): align session transcript mocks
2026-03-14 17:27:54 +02:00
c08317203d
ci: enforce calver freshness on npm publish
2026-03-14 13:45:40 +01:00
00891dee90
ci: switch npm release workflow to trusted publishing
2026-03-14 13:45:40 +01:00
61a7f2e7c3
docs: clarify npm release preview and publish flow
2026-03-14 13:45:40 +01:00
02a86da23a
ci: preserve manual npm release approval delays
2026-03-14 13:45:40 +01:00
c79c4ffbfb
fix(zai): align explicit coding endpoint setup with detected model defaults ( #45969 )
...
* fix: align Z.AI coding onboarding with endpoint docs
* fix: align Z.AI coding onboarding with endpoint docs (#45969 )
2026-03-14 16:20:37 +05:30
e7d9648fba
feat(cron): support custom session IDs and auto-bind to current session ( #16511 )
...
feat(cron): support persistent session targets for cron jobs (#9765 )
Add support for `sessionTarget: "current"` and `session:<id>` so cron jobs can
bind to the creating session or a persistent named session instead of only
`main` or ephemeral `isolated` sessions.
Also:
- preserve custom session targets across reloads and restarts
- update gateway validation and normalization for the new target forms
- add cron coverage for current/custom session targets and fallback behavior
- fix merged CI regressions in Discord and diffs tests
- add a changelog entry for the new cron session behavior
Co-authored-by: kkhomej33-netizen <kkhomej33-netizen@users.noreply.github.com>
Co-authored-by: ImLukeF <92253590+ImLukeF@users.noreply.github.com>
2026-03-14 16:48:46 +11:00
b6d1d0d72d
fix(browser): prefer user profile over chrome relay
2026-03-14 04:15:34 +00:00
f4fef64fc1
Gateway: treat scope-limited probe RPC as degraded reachability ( #45622 )
...
* Gateway: treat scope-limited probe RPC as degraded
* Docs: clarify gateway probe degraded scope output
* test: fix CI type regressions in gateway and outbound suites
* Tests: fix Node24 diffs theme loading and Windows assertions
* Tests: fix extension typing after main rebase
* Tests: fix Windows CI regressions after rebase
* Tests: normalize executable path assertions on Windows
* Tests: remove duplicate gateway daemon result alias
* Tests: stabilize Windows approval path assertions
* Tests: fix Discord rate-limit startup fixture typing
* Tests: use Windows-friendly relative exec fixtures
---------
Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain>
2026-03-13 23:13:33 -05:00
5c40c1c78a
fix(browser): add browser session selection
2026-03-14 03:46:44 +00:00
4357cf4e37
fix: harden browser existing-session flows
2026-03-13 23:56:48 +00:00
1ef0aa443b
docs(android): note that app is not publicly released yet ( #23051 )
...
Co-authored-by: Eyal <eyal.engad@gmail.com>
2026-03-13 15:14:53 -07:00
8c7bdbe4d1
Docs: describe Slack interactive replies ( #45463 )
2026-03-13 17:16:14 -04:00
75c7c169e1
test: re-enable Node 24 vmForks fast lane
2026-03-13 20:38:24 +00:00
5c07207dd1
ci: trim PR critical path
2026-03-13 20:38:24 +00:00
1ea97fddd7
docs: share docker vm runtime guidance
2026-03-13 20:19:39 +00:00
5225667e25
docs: trim duplicated wizard and gateway api examples
2026-03-13 20:19:39 +00:00
dbef3dfef0
docs(voice-call): clarify allowlist caller ID limits
2026-03-13 20:11:42 +00:00
593964560b
feat(browser): add chrome MCP existing-session support
2026-03-13 20:10:08 +00:00
d17490ff54
ci: speed up scoped workflow lanes
2026-03-13 19:53:40 +00:00
fc408bba37
Fix incorrect rendering of brave costs in docs ( #44989 )
...
Merged via squash.
Prepared head SHA: 8c69de8222
2026-03-13 21:37:39 +03:00
3cf06f7939
docs(plugins): clarify workspace shadowing
2026-03-13 13:15:46 +00:00
2f03de029c
fix(node-host): harden pnpm approval binding
2026-03-13 12:59:55 +00:00
61429230b2
fix(signal): add groups config to Signal channel schema ( #27199 )
...
Merged via squash.
Prepared head SHA: 4ba4a39ddf
2026-03-13 15:14:30 +03:00
a3eed2b70f
fix(agents): avoid injecting memory file twice on case-insensitive mounts ( #26054 )
...
* fix(agents): avoid injecting memory file twice on case-insensitive mounts
On case-insensitive file systems mounted into Docker from macOS, both
MEMORY.md and memory.md pass fs.access() even when they are the same
underlying file. The previous dedup via fs.realpath() failed in this
scenario because realpath does not normalise case through the Docker
mount layer, so both paths were treated as distinct entries and the
same content was injected into the bootstrap context twice, wasting
tokens.
Fix by replacing the collect-then-dedup approach with an early-exit:
try MEMORY.md first; fall back to memory.md only when MEMORY.md is
absent. This makes the function return at most one entry regardless
of filesystem case-sensitivity.
* docs: clarify singular memory bootstrap fallback
* fix: note memory bootstrap fallback docs and changelog (#26054 ) (thanks @Lanfei)
---------
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-03-13 14:39:51 +05:30
e986aa175f
docs: fix session key :dm: → :direct ( #26506 )
2026-03-13 14:28:33 +05:30
32d8ec9482
fix: harden windows gateway fallback launch
2026-03-13 04:58:35 +00:00
16ececf0a6
chore: bump version to 2026.3.13
2026-03-13 04:38:32 +00:00
433e65711f
fix: fall back to a startup entry for windows gateway install
2026-03-13 03:18:17 +00:00
b858d6c3a9
fix: clarify windows onboarding gateway health
2026-03-13 02:40:40 +00:00
d6d01f853f
fix: align Ollama onboarding docs before landing ( #43473 ) (thanks @BruceMacD)
...
(cherry picked from commit 19fa274343a102ca85c7679ec28c5a3503a99f55)
2026-03-13 02:03:54 +00:00
f906bf58db
docs(ollama): update onboarding flow
...
Co-Authored-By: Jeffrey Morgan <jmorganca@gmail.com>
(cherry picked from commit e8ca2ff4e522f2d971801a537b3c4fdfecde0711)
2026-03-13 02:03:54 +00:00
ddeb423944
fix: quiet Telegram command overflow retry logs
2026-03-13 01:45:56 +00:00
de3e6a8c5b
fix(routing): require ids for slack and msteams allowlists
2026-03-13 01:44:42 +00:00
c25e46a433
chore: prepare 2026.3.12 release
2026-03-13 01:38:20 +00:00
b14a5c6713
fix(zalouser): require ids for group allowlist auth
2026-03-13 01:31:17 +00:00
c80da4e72f
refactor: validate provider plugin metadata
2026-03-13 01:19:35 +00:00
d5b3f2ed71
fix(models): keep codex spark codex-only
2026-03-13 00:53:21 +00:00
35aafd7ca8
feat: add Anthropic fast mode support
2026-03-12 23:39:03 +00:00
d5bffcdeab
feat: add fast mode toggle for OpenAI models
2026-03-12 23:31:31 +00:00
319766639a
docs: explain plugin architecture
2026-03-12 22:24:35 +00:00
bf89947a8e
fix: switch pairing setup codes to bootstrap tokens
2026-03-12 22:23:07 +00:00
55f47e5ce6
onboard(minimax): flatten auth to 4 direct choices, unify CN/Global under single provider ( #44284 )
...
Replace the multi-step MiniMax onboarding wizard with 4 flat options:
- MiniMax Global — OAuth (minimax.io)
- MiniMax Global — API Key (minimax.io)
- MiniMax CN — OAuth (minimaxi.com)
- MiniMax CN — API Key (minimaxi.com)
Storage changes:
- Unify CN and Global under provider "minimax" (baseUrl distinguishes region)
- Profiles: minimax:global / minimax:cn (both regions can coexist)
- Model ref: minimax/MiniMax-M2.5 (no more minimax-cn/ prefix)
- Remove LM Studio local mode and Lightning/Highspeed choice
Backward compatibility:
- Keep minimax-cn in provider-env-vars for existing configs
- Accept minimax-cn as legacy tokenProvider in CI pipelines
- Error with migration hint for removed auth choices in non-interactive mode
- Warn when dual-profile overwrites shared provider baseUrl
Made-with: Cursor
2026-03-12 11:23:42 -07:00
9f08af1f06
fix(ci): harden docker builds and unblock config docs
2026-03-12 16:45:29 +00:00
46f0bfc55b
Gateway: harden custom session-store discovery ( #44176 )
...
Merged via squash.
Prepared head SHA: 52ebbf5188
2026-03-12 16:44:46 +00:00
b77b7485e0
feat(push): add iOS APNs relay gateway ( #43369 )
...
* feat(push): add ios apns relay gateway
* fix(shared): avoid oslog string concatenation
# Conflicts:
# apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift
* fix(push): harden relay validation and invalidation
* fix(push): persist app attest state before relay registration
* fix(push): harden relay invalidation and url handling
* feat(push): use scoped relay send grants
* feat(push): configure ios relay through gateway config
* feat(push): bind relay registration to gateway identity
* fix(push): tighten ios relay trust flow
* fix(push): bound APNs registration fields (#43369 ) (thanks @ngutman)
2026-03-12 18:15:35 +02:00
8525fd94ea
docs: sync Feishu secretref credential matrix
...
## Summary
- Problem: `src/secrets/target-registry.test.ts` fails on latest `main` because the runtime registry includes Feishu `encryptKey` paths that the docs matrix and surface reference omit.
- Why it matters: the docs/runtime sync guard currently blocks prep and merge work for unrelated PRs, including `#25558`.
- What changed: regenerated the secretref credential matrix and updated the surface reference to include both Feishu `encryptKey` paths.
- What did NOT change (scope boundary): no runtime registry behavior, config semantics, or channel handling changed.
## Change Type (select all)
- [x] Bug fix
- [ ] Feature
- [ ] Refactor
- [x] Docs
- [ ] Security hardening
- [ ] Chore/infra
## Scope (select all touched areas)
- [ ] Gateway / orchestration
- [ ] Skills / tool execution
- [ ] Auth / tokens
- [ ] Memory / storage
- [x] Integrations
- [ ] API / contracts
- [ ] UI / DX
- [ ] CI/CD / infra
## Linked Issue/PR
- Closes #
- Related #25558
## User-visible / Behavior Changes
None.
## Security Impact (required)
- New permissions/capabilities? `No`
- Secrets/tokens handling changed? `No`
- New/changed network calls? `No`
- Command/tool execution surface changed? `No`
- Data access scope changed? `No`
- If any `Yes`, explain risk + mitigation:
## Repro + Verification
### Environment
- OS: macOS
- Runtime/container: Node.js repo checkout
- Model/provider: N/A
- Integration/channel (if any): Feishu docs/runtime registry sync
- Relevant config (redacted): none
### Steps
1. Check out latest `main` before this change.
2. Run `./node_modules/.bin/vitest run --config vitest.unit.config.ts src/secrets/target-registry.test.ts`.
3. Apply this docs-only sync change and rerun the same command.
### Expected
- The target registry stays in sync with the generated docs matrix and the test passes.
### Actual
- Before this change, the test failed because `channels.feishu.encryptKey` and `channels.feishu.accounts.*.encryptKey` were missing from the docs artifacts.
## Evidence
Attach at least one:
- [x] Failing test/log before + passing after
- [ ] Trace/log snippets
- [ ] Screenshot/recording
- [ ] Perf numbers (if relevant)
## Human Verification (required)
What you personally verified (not just CI), and how:
- Verified scenarios: confirmed the failure on plain latest `main`, applied only these docs entries in a clean bootstrapped worktree, and reran `./node_modules/.bin/vitest run --config vitest.unit.config.ts src/secrets/target-registry.test.ts` to green.
- Edge cases checked: verified both top-level Feishu `encryptKey` and account-scoped `encryptKey` paths are present in the matrix and surface reference.
- What you did **not** verify: full repo test suite and CI beyond the targeted regression.
## Review Conversations
- [x] I replied to or resolved every bot review conversation I addressed in this PR.
- [x] I left unresolved only the conversations that still need reviewer or maintainer judgment.
If a bot review conversation is addressed by this PR, resolve that conversation yourself. Do not leave bot review conversation cleanup for maintainers.
## Compatibility / Migration
- Backward compatible? `Yes`
- Config/env changes? `No`
- Migration needed? `No`
- If yes, exact upgrade steps:
## Failure Recovery (if this breaks)
- How to disable/revert this change quickly: revert this commit.
- Files/config to restore: `docs/reference/secretref-user-supplied-credentials-matrix.json` and `docs/reference/secretref-credential-surface.md`
- Known bad symptoms reviewers should watch for: the target-registry docs sync test failing again for missing Feishu `encryptKey` entries.
## Risks and Mitigations
- Risk: the markdown surface reference could drift from the generated matrix again in a later credential-shape change.
- Mitigation: `src/secrets/target-registry.test.ts` continues to guard docs/runtime sync.
2026-03-12 08:18:13 -07:00
7844bc89a1
Security: require Feishu webhook encrypt key ( #44087 )
...
* Feishu: require webhook encrypt key in schema
* Feishu: cover encrypt key webhook validation
* Feishu: enforce encrypt key at startup
* Feishu: add webhook forgery regression test
* Feishu: collect encrypt key during onboarding
* Docs: require Feishu webhook encrypt key
* Changelog: note Feishu webhook hardening
* Docs: clarify Feishu encrypt key screenshot
* Feishu: treat webhook encrypt key as secret input
* Feishu: resolve encrypt key only in webhook mode
2026-03-12 11:01:00 -04:00
b0f717aa02
build: align Node 22 guidance with 22.16 minimum
2026-03-12 20:07:44 +05:30
0a8d2b6200
build: raise Node 22 compatibility floor to 22.16
2026-03-12 20:07:44 +05:30
deada7edd3
build: default to Node 24 and keep Node 22 compat
2026-03-12 20:07:44 +05:30
171d2df9e0
feat(mattermost): add replyToMode support (off | first | all) ( #29587 )
...
Merged via squash.
Prepared head SHA: 4a67791f53
2026-03-12 18:03:12 +05:30
8e0e4f736a
docs: add Kubernetes install guide, setup script, and manifests ( #34492 )
...
* add docs and manifests for k8s install
Signed-off-by: sallyom <somalley@redhat.com>
* changelog
Signed-off-by: sallyom <somalley@redhat.com>
---------
Signed-off-by: sallyom <somalley@redhat.com>
2026-03-12 07:28:21 -04:00
62a71361a9
Docs: clarify llm-task thinking presets
2026-03-12 19:27:07 +11:00
658bd54ecf
feat(llm-task): add thinking override
...
Co-authored-by: Xaden Ryan <165437834+xadenryan@users.noreply.github.com>
2026-03-12 19:21:35 +11:00
0bcb95e8fa
Models: enforce source-managed SecretRef markers in models.json ( #43759 )
...
Merged via squash.
Prepared head SHA: 4a065ef5d8
2026-03-12 02:22:52 -05:00
c65390cbde
docs: update Raspberry Pi dashboard access instructions ( #43584 )
...
* docs(pi): update dashboard access instructions
* docs(i18n): refresh raspberry pi source hash
* docs: clarify Raspberry Pi dashboard access
* fix: clarify Raspberry Pi dashboard access (#43584 ) (thanks @neeravmakwana)
---------
Co-authored-by: Neerav Makwana <261249544+neeravmakwana@users.noreply.github.com>
Co-authored-by: Ayaan Zaidi <zaidi@uplause.io>
2026-03-12 10:04:44 +05:30
96485701a7
docs: update 2026.3.11 release examples
2026-03-12 04:01:56 +00:00
0e397e62b7
chore: bump version to 2026.3.10
2026-03-11 23:29:53 +00:00
d79ca52960
Memory: add multimodal image and audio indexing ( #43460 )
...
Merged via squash.
Prepared head SHA: a994c07190
2026-03-11 22:28:34 +00:00
5e324cf785
docs(ollama): align onboarding guidance with code
2026-03-11 20:11:51 +00:00
60aed95346
feat(memory): add gemini-embedding-2-preview support ( #42501 )
...
Merged via squash.
Prepared head SHA: c57b1f8ba2
2026-03-11 14:28:53 -04:00
7761e7626f
Providers: add Opencode Go support ( #42313 )
...
* feat(providers): add opencode-go provider support and onboarding
* Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF
* Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF
* Update CHANGELOG.md
---------
Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-11 01:31:06 -04:00
0125ce1f44
Gateway: fail closed unresolved local auth SecretRefs ( #42672 )
...
* Gateway: fail closed unresolved local auth SecretRefs
* Docs: align node-host gateway auth precedence
* CI: resolve rebase breakages in checks lanes
* Tests: isolate LOCAL_REMOTE_FALLBACK_TOKEN env state
* Gateway: remove stale remote.enabled auth-surface semantics
* Changelog: note gateway SecretRef fail-closed fix
2026-03-10 21:41:56 -05:00
daaf211e20
fix(node-host): fail closed on unbound interpreter approvals
2026-03-11 02:36:38 +00:00
aad014c7c1
fix: harden subagent control boundaries
2026-03-11 01:44:38 +00:00
8eac939417
fix(security): enforce target account configWrites
2026-03-11 01:24:36 +00:00
201420a7ee
fix: harden secret-file readers
2026-03-10 23:40:10 +00:00
a76e810193
fix(gateway): harden token fallback/reconnect behavior and docs ( #42507 )
...
* fix(gateway): harden token fallback and auth reconnect handling
* docs(gateway): clarify auth retry and token-drift recovery
* fix(gateway): tighten auth reconnect gating across clients
* fix: harden gateway token retry (#42507 ) (thanks @joshavant)
2026-03-10 17:05:57 -05:00
8ba1b6eff1
ci: add npm release workflow and CalVer checks ( #42414 ) (thanks @onutc)
2026-03-10 20:09:25 +01:00
0ff184397d
docs(telegram): clarify group and sender allowlists ( #42451 )
...
Merged via squash.
Prepared head SHA: f30cacafb3
2026-03-10 21:56:30 +03:00
d30dc28b8c
Secrets: reject exec SecretRef traversal ids across schema/runtime/gateway ( #42370 )
...
* Secrets: harden exec SecretRef validation and reload LKG coverage
* Tests: harden exec fast-exit stdin regression case
* Tests: align lifecycle daemon test formatting with oxfmt 0.36
2026-03-10 13:45:37 -05:00
0687e04760
fix: thread runtime config through Discord/Telegram sends ( #42352 ) (thanks @joshavant) ( #42352 )
2026-03-10 13:30:57 -05:00
466cc816a8
docs(acp): document resumeSessionId for session resume ( #42280 )
...
* docs(acp): document resumeSessionId for session resume
* docs: clarify ACP resumeSessionId thread/mode behavior (#42280 ) (thanks @pejmanjohn)
---------
Co-authored-by: Onur <onur@textcortex.com>
2026-03-10 18:06:09 +01:00
6d0547dc2e
mattermost: fix DM media upload for unprefixed user IDs ( #29925 )
...
Merged via squash.
Prepared head SHA: 5cffcb072c
2026-03-10 14:22:24 +05:30
f0eb67923c
fix(secrets): resolve web tool SecretRefs atomically at runtime
2026-03-09 22:57:03 -05:00
de49a8b72c
Telegram: exec approvals for OpenCode/Codex ( #37233 )
...
Merged via squash.
Prepared head SHA: f243379094
2026-03-09 23:04:35 -04:00
0c7f07818f
acp: add regression coverage and smoke-test docs ( #41456 )
...
Merged via squash.
Prepared head SHA: 514d587352
2026-03-09 22:40:14 +01:00
8e3f3bc3cf
acp: enrich streaming updates for ide clients ( #41442 )
...
Merged via squash.
Prepared head SHA: 0764368e80
2026-03-09 22:26:46 +01:00
d346f2d9ce
acp: restore session context and controls ( #41425 )
...
Merged via squash.
Prepared head SHA: fcabdf7c31
2026-03-09 22:17:19 +01:00
e6e4169e82
acp: fail honestly in bridge mode ( #41424 )
...
Merged via squash.
Prepared head SHA: b5e6e13afe
2026-03-09 22:01:30 +01:00
d4e59a3666
Cron: enforce cron-owned delivery contract ( #40998 )
...
Merged via squash.
Prepared head SHA: 5877389e33
2026-03-09 20:12:37 +01:00
f2f561fab1
fix(ui): preserve control-ui auth across refresh ( #40892 )
...
Merged via squash.
Prepared head SHA: f9b2375892
2026-03-09 12:50:47 +01:00
f9706fde6a
build: bump unreleased version to 2026.3.9
2026-03-09 08:33:58 +00:00
adec8b28bb
alphabetize web search providers ( #40259 )
...
Merged via squash.
Prepared head SHA: be6350e5ae
2026-03-09 08:54:54 +05:30
e3df94365b
ACP: add optional ingress provenance receipts ( #40473 )
...
Merged via squash.
Prepared head SHA: b63e46dd94
2026-03-09 04:19:03 +01:00
13bd3db307
chore(docs): drop refactor cleanup tracker
2026-03-09 00:26:20 +00:00
ff4745fc3f
refactor(models): split provider discovery helpers
2026-03-09 00:26:20 +00:00
c29b098744
refactor(models): split models.json planning from writes
2026-03-09 00:26:20 +00:00
24b53fcf47
refactor(agents): extract provider model normalization
2026-03-09 00:26:20 +00:00
dfc18b7a2b
refactor(models): extract list row builders
2026-03-09 00:26:20 +00:00
3e70109cb2
docs: add refactor cluster backlog
2026-03-08 23:38:24 +00:00
a3dc4b5a57
fix(tui): improve color contrast for light-background terminals ( #40345 )
...
* fix(tui): improve colour contrast for light-background terminals (#38636 )
Detect light terminal backgrounds via COLORFGBG and apply a WCAG
AA-compliant light palette. Adds OPENCLAW_THEME=light|dark env var
override for terminals without auto-detection.
Uses proper sRGB linearisation and WCAG 2.1 contrast ratios to pick
whichever text palette (dark or light) has higher contrast against
the detected background colour.
Co-authored-by: ademczuk <ademczuk@users.noreply.github.com>
* Update CHANGELOG.md
---------
Co-authored-by: ademczuk <andrew.demczuk@gmail.com>
Co-authored-by: ademczuk <ademczuk@users.noreply.github.com>
2026-03-08 16:17:28 -07:00
38543d8196
fix(cron): consolidate announce delivery, fire-and-forget trigger, and minimal prompt mode ( #40204 )
...
* fix(cron): consolidate announce delivery and detach manual runs
* fix: queue detached cron runs (#40204 )
2026-03-08 14:46:33 -07:00
0ecfd37b44
feat: add local backup CLI ( #40163 )
...
Merged via squash.
Prepared head SHA: ed46625ae2
2026-03-08 16:21:20 -04:00
9d467d1620
docs: add WSL2 + Windows remote Chrome CDP troubleshooting ( #39407 ) (thanks @Owlock)
2026-03-08 19:21:42 +00:00
d3111fbbcb
fix: make browser relay bind address configurable ( #39364 ) (thanks @mvanhorn)
2026-03-08 19:15:21 +00:00
f9c220e261
test+docs: comprehensive coverage and generic framing
...
- Add 12 new tests covering: isWebSocketUrl detection, parseHttpUrl WSS
acceptance/rejection, direct WS target creation with query params,
SSRF enforcement on WS URLs, WS reachability probing bypasses HTTP
- Reframe docs section as generic "Direct WebSocket CDP providers" with
Browserbase as one example — any WSS-based provider works
- Update security tips to mention WSS alongside HTTPS
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
75602014db
feat(browser): support direct WebSocket CDP URLs for Browserbase
...
Browserbase uses direct WebSocket connections (wss://) rather than the
standard HTTP-based /json/version CDP discovery flow used by Browserless.
This change teaches the browser tool to accept ws:// and wss:// URLs as
cdpUrl values: when a WebSocket URL is detected, OpenClaw connects
directly instead of attempting HTTP discovery.
Changes:
- config.ts: accept ws:// and wss:// in cdpUrl validation
- cdp.helpers.ts: add isWebSocketUrl() helper
- cdp.ts: skip /json/version when cdpUrl is already a WebSocket URL
- chrome.ts: probe WSS endpoints via WebSocket handshake instead of HTTP
- cdp.test.ts: add test for direct WebSocket target creation
- docs/tools/browser.md: update Browserbase section with correct URL
format and notes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
3cf75f760c
docs: simplify Browserbase section, drop pricing details
...
Restore platform-level feature description (CAPTCHA solving, stealth
mode, proxies) without plan-specific pricing gating. Keep free tier
note brief.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
ae39a152d8
docs: fact-check Browserbase section against official docs
...
- Fix CAPTCHA/stealth/proxy claims: these are Developer plan+ only,
not available on free tier
- Fix free tier limits: 1 browser hour, 15-min session duration
(not "60 minutes of monthly usage")
- Add link to pricing page for paid plan details
- Simplify structure to match Browserless section format
- Remove sub-headings to match Browserless section style
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
efa1204183
docs: restore direct wss://connect.browserbase.com URL
...
Browserbase exposes a direct WebSocket connect endpoint that
auto-creates a session, similar to how Browserless works. Simplified
the section to use this static URL pattern instead of requiring
manual session creation via the API.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
9a4610c641
docs: fix Browserbase section to match official docs
...
Browserbase requires creating a session via their API to get a CDP
connect URL, unlike Browserless which uses a static endpoint. Updated
to show the correct curl-based session creation flow, removed
unverified static WebSocket URL, and added the 5-minute connect
timeout note from official docs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
c0a988f692
docs: fix duplicate heading lint error
...
Rename "Configuration" sub-heading to "Profile setup" to avoid
MD024/no-duplicate-heading conflict with the existing top-level
"Configuration" heading.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
641e1bacb4
docs: add Browserbase as hosted remote CDP option
...
Add Browserbase documentation section alongside the existing Browserless
section in the browser docs. Includes signup instructions, CDP connection
configuration, and environment variable setup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
0252bdc837
Revert "docs: add Browserbase as hosted remote CDP option"
...
This reverts commit c469657c97848c7a3e1e5135bf4ce735d07d6614.
2026-03-08 18:48:10 +00:00
885199dcaa
docs: add Browserbase as hosted remote CDP option
...
Add Browserbase documentation section alongside the existing Browserless
section in the browser docs. Includes signup instructions, CDP connection
configuration, and environment variable setup for both English and Chinese
(zh-CN) translations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 18:48:10 +00:00
55465d86d9
Docs: use placeholder OpenRouter key in web tool docs
2026-03-08 11:16:03 -07:00
615466bdf4
Docs: use placeholder OpenRouter key in Perplexity guide
2026-03-08 11:16:03 -07:00
2970d72554
docs: update Brave Search API docs for Feb 2026 plan restructuring ( #40111 )
...
Merged via squash.
Prepared head SHA: c651f07855
2026-03-08 14:06:21 -04:00
caf1b84822
feat: allow compaction model override via config ( #38753 )
...
Merged via squash.
Prepared head SHA: a3d6d6c845
2026-03-08 10:47:34 -07:00
d4ab731746
fix(telegram): use message previews in DMs
2026-03-08 21:59:43 +05:30
fa83010b17
fix(plugins): ship Feishu bundled runtime dependency ( #39990 )
...
* fix: ship feishu bundled runtime dependency
* test: align feishu bundled dependency specs
2026-03-08 10:36:41 -05:00
28e46d04e5
fix(web-search): restore OpenRouter compatibility for Perplexity ( #39937 ) ( #39937 )
2026-03-08 20:37:54 +05:30
b4c8950417
refactor: centralize talk silence timeout defaults
2026-03-08 14:58:29 +00:00
6ff7e8f42e
talk: add configurable silence timeout
2026-03-08 14:30:25 +00:00
1a364cd066
Docs: clarify notarization handoff in mac release flow
2026-03-08 14:14:36 +00:00
9ce79bba34
Docs: mark basic mac dist example as non-notarized
2026-03-08 14:14:36 +00:00
047f4acacf
Docs: clarify release build arch defaults for mac packaging
2026-03-08 14:14:36 +00:00
64760614aa
macOS: default release app builds to universal binaries
2026-03-08 14:14:36 +00:00
6dadfaa18c
docs: use alphabetical provider ordering
2026-03-08 14:10:36 +00:00
acac7e3132
fix: land Brave llm-context gaps ( #33383 ) (thanks @thirumaleshp)
2026-03-08 13:57:12 +00:00
eebee84093
fix(models): discover Vercel AI Gateway catalog
2026-03-08 13:44:10 +00:00
46145fde19
fix(android): remove mic and screen foreground services
2026-03-08 16:25:49 +05:30
1230cefe25
fix(android): remove background location mode
2026-03-08 16:25:49 +05:30
0f9566b0b5
fix(android): remove self-update install flow
2026-03-08 16:25:49 +05:30
492fe679a7
feat(tui): infer workspace agent when launching TUI ( #39591 )
...
Merged via squash.
Prepared head SHA: 23533e24c4
2026-03-08 13:31:11 +03:00
05217845a7
build: bump version to 2026.3.8
2026-03-08 05:59:04 +00:00
59102a1ff7
fix: add gemini 3.1 flash-lite support
2026-03-08 05:12:48 +00:00
fcdc1a13e1
fix: land #33992 from @darkamenosa
...
Co-authored-by: Tom <hxtxmu@gmail.com>
2026-03-08 04:49:04 +00:00
a035a3ce48
fix: drop removed minimax lightning model
2026-03-08 04:06:26 +00:00
21df014d56
fix: stage docker live tests from mounted source
2026-03-08 04:06:26 +00:00
5759b93dda
fix(ci): pin multi-arch docker base digests
2026-03-08 02:55:15 +00:00
a8c67affd8
test: cover gemini flash compat normalization
2026-03-08 02:34:49 +00:00
100da9f45c
fix: correct gemini flash model id
2026-03-08 02:32:58 +00:00
4062aa5e5d
Gateway: add safer password-file input for gateway run ( #39067 )
...
* CLI: add gateway password-file option
* Docs: document safer gateway password input
* Update src/cli/gateway-cli/run.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Tests: clean up gateway password temp dirs
* CLI: restore gateway password warning flow
* Security: harden secret file reads
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-07 18:20:17 -08:00
25252ab5ab
gateway: harden shared auth resolution across systemd, discord, and node host
2026-03-07 18:28:32 -06:00
61000b8e4d
fix(acp): block sandboxed slash spawns
2026-03-08 00:23:07 +00:00
c76d29208b
fix(node-host): bind approved script operands
2026-03-07 23:04:00 +00:00
be9ea991de
fix(discord): avoid native plugin command collisions
2026-03-07 21:59:44 +00:00
ac86deccee
fix(gateway): harden plugin HTTP route auth
2026-03-07 19:55:06 +00:00
5f8f58ae25
fix(gateway): require admin for chat config writes
2026-03-07 19:38:49 +00:00
499c1ee6e3
reduce image size, offer slim image ( #38479 )
...
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 14:26:29 -05:00
253e159700
fix: harden workspace skill path containment
2026-03-07 18:56:15 +00:00
729ee165ed
docs(gateway): clarify trusted operator HTTP endpoints
2026-03-07 18:48:17 +00:00
10d0e3f3ca
fix(dashboard): keep gateway tokens out of URL storage
2026-03-07 18:33:30 +00:00
f966dde476
tests: fix detect-secrets false positives ( #39084 )
...
* Tests: rename gateway status env token fixture
* Tests: allowlist feishu onboarding fixtures
* Tests: allowlist Google Chat private key fixture
* Docs: allowlist Brave API key example
* Tests: allowlist pairing password env fixtures
* Chore: refresh detect-secrets baseline
2026-03-07 13:21:29 -05:00
5290d97574
Docs: fix web tools MDX links
2026-03-07 10:15:22 -08:00
61273c072c
Docs: remove MDX-breaking secret markers
2026-03-07 10:09:00 -08:00
e4d80ed556
CI: restore main detect-secrets scan ( #38438 )
...
* Tests: stabilize detect-secrets fixtures
* Tests: fix rebased detect-secrets false positives
* Docs: keep snippets valid under detect-secrets
* Tests: finalize detect-secrets false-positive fixes
* Tests: reduce detect-secrets false positives
* Tests: keep detect-secrets pragmas inline
* Tests: remediate next detect-secrets batch
* Tests: tighten detect-secrets allowlists
* Tests: stabilize detect-secrets formatter drift
2026-03-07 10:06:35 -08:00
8e20dd22d8
Secrets: harden SecretRef-safe models.json persistence ( #38955 )
2026-03-07 11:28:39 -06:00
1dd4f92ea2
fix: default local onboarding tools profile to coding
2026-03-07 16:41:27 +00:00
33e7394861
fix(providers): make all models available in kilocode provider ( #32352 )
...
* kilocode: dynamic model discovery, kilo/auto default, cooldown exemption
- Replace 9-model hardcoded catalog with dynamic discovery from
GET /api/gateway/models (Venice-like pattern with static fallback)
- Default model changed from anthropic/claude-opus-4.6 to kilo/auto
(smart routing model)
- Add createKilocodeWrapper for X-KILOCODE-FEATURE header injection
and reasoning.effort handling (skip for kilo/auto)
- Add kilocode to cooldown-exempt providers (proxy like OpenRouter)
- Keep sync buildKilocodeProvider for onboarding, add async
buildKilocodeProviderWithDiscovery for implicit provider resolution
- Per-token gateway pricing converted to per-1M-token for cost fields
* kilocode: skip reasoning injection for x-ai models, harden discovery loop
* fix(kilocode): keep valid discovered duplicates (openclaw#32352, thanks @pandemicsyn)
* refactor(proxy): normalize reasoning payload guards (openclaw#32352, thanks @pandemicsyn)
* chore(changelog): note kilocode hardening (openclaw#32352, thanks @pandemicsyn and @vincentkoc)
* chore(changelog): fix kilocode note format (openclaw#32352, thanks @pandemicsyn and @vincentkoc)
* test(kilocode): support auto-model override cases (openclaw#32352, thanks @pandemicsyn)
* Update CHANGELOG.md
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-07 08:14:06 -08:00
786ec21b5a
docs(cli): improve memory command examples ( #31803 )
...
Merged via squash.
Prepared head SHA: 15dcda3027
2026-03-07 19:03:23 +03:00
997a9f5b9e
chore: bump version to 2026.3.7
2026-03-07 10:09:02 +00:00
6017b738b1
Web: add HEIC media regression and doc fix ( #38294 )
...
* Web: add HEIC media normalization regression
* Docs: list HEIC input_image MIME types
* Update src/web/media.test.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-06 22:49:38 -05:00
2d52c88dad
fix(podman): stop assuming /tmp is disk-backed ( #38296 )
...
* Podman: avoid hardcoding /tmp for image staging
* Docs: clarify container storage paths
* Podman: secure staged image import
* Podman: clarify streamed image handoff
2026-03-06 19:55:26 -05:00
42e3d8d693
Secrets: add inline allowlist review set ( #38314 )
...
* Secrets: add inline allowlist review set
* Secrets: narrow detect-secrets file exclusions
* Secrets: exclude Docker fingerprint false positive
* Secrets: allowlist test and docs false positives
* Secrets: refresh baseline after allowlist updates
* Secrets: fix gateway chat fixture pragma
* Secrets: format pre-commit config
* Android: keep talk mode fixture JSON valid
* Feishu: rely on client timeout injection
* Secrets: allowlist provider auth test fixtures
* Secrets: allowlist onboard search fixtures
* Secrets: allowlist onboard mode fixture
* Secrets: allowlist gateway auth mode fixture
* Secrets: allowlist APNS wake test key
* Secrets: allowlist gateway reload fixtures
* Secrets: allowlist moonshot video fixture
* Secrets: allowlist auto audio fixture
* Secrets: allowlist tiny audio fixture
* Secrets: allowlist embeddings fixtures
* Secrets: allowlist resolve fixtures
* Secrets: allowlist target registry pattern fixtures
* Secrets: allowlist gateway chat env fixture
* Secrets: refresh baseline after fixture allowlists
* Secrets: reapply gateway chat env allowlist
* Secrets: reapply gateway chat env allowlist
* Secrets: stabilize gateway chat env allowlist
* Secrets: allowlist runtime snapshot save fixture
* Secrets: allowlist oauth profile fixtures
* Secrets: allowlist compaction identifier fixture
* Secrets: allowlist model auth fixture
* Secrets: allowlist model status fixtures
* Secrets: allowlist custom onboarding fixture
* Secrets: allowlist mattermost token summary fixtures
* Secrets: allowlist gateway auth suite fixtures
* Secrets: allowlist channel summary fixture
* Secrets: allowlist provider usage auth fixtures
* Secrets: allowlist media proxy fixture
* Secrets: allowlist secrets audit fixtures
* Secrets: refresh baseline after final fixture allowlists
* Feishu: prefer explicit client timeout
* Feishu: test direct timeout precedence
2026-03-06 19:35:26 -05:00
3070fafec1
fix(venice): switch default model to kimi-k2-5 ( #38423 )
...
* Docs: refresh Venice default model guidance
* Venice: switch default model to Kimi K2.5
* Changelog: credit Venice default refresh
2026-03-06 19:31:07 -05:00
03b9abab84
feat(compaction): make post-compaction context sections configurable ( #34556 )
...
Merged via squash.
Prepared head SHA: 491bb28544
2026-03-06 14:57:15 -08:00
6e962d8b9e
fix(agents): handle overloaded failover separately ( #38301 )
...
* fix(agents): skip auth-profile failure on overload
* fix(agents): note overload auth-profile fallback fix
* fix(agents): classify overloaded failures separately
* fix(agents): back off before overload failover
* fix(agents): tighten overload probe and backoff state
* fix(agents): persist overloaded cooldown across runs
* fix(agents): tighten overloaded status handling
* test(agents): add overload regression coverage
* fix(agents): restore runner imports after rebase
* test(agents): add overload fallback integration coverage
* fix(agents): harden overloaded failover abort handling
* test(agents): tighten overload classifier coverage
* test(agents): cover all-overloaded fallback exhaustion
* fix(cron): retry overloaded fallback summaries
* fix(cron): treat HTTP 529 as overloaded retry
2026-03-07 01:42:11 +03:00
7ce79c8972
docs: fix broken dashboard image on i18n pages ( #38031 )
...
The dashboard screenshot uses a relative path `src="whatsapp-openclaw.jpg"`
which resolves correctly on the English root page but produces 404 on
zh-CN and ja-JP pages because Mintlify prepends the language subdirectory
to the CDN path.
Change to absolute path `/whatsapp-openclaw.jpg` in all three index files,
consistent with other images on the same page that already use absolute
paths (e.g. `/assets/openclaw-logo-text-dark.png`).
2026-03-07 00:22:19 +03:00
ab5fcfcc01
feat(gateway): add channel-backed readiness probes ( #38285 )
...
* Changelog: add channel-backed readiness probe entry
* Gateway: add channel-backed readiness probes
* Docs: describe readiness probe behavior
* Gateway: add readiness probe regression tests
* Changelog: dedupe gateway probe entries
* Docs: fix readiness startup grace description
* Changelog: remove stale readiness entry
* Gateway: cover readiness hardening
* Gateway: harden readiness probes
2026-03-06 15:15:23 -05:00
042b2c867d
Docs: clarify main secret scan behavior
2026-03-06 14:41:23 -05:00
b529b7c6b7
Docs: update secret scan reproduction steps
2026-03-06 14:34:46 -05:00
3d7bc5958d
feat(onboarding): add web search to onboarding flow ( #34009 )
...
* add web search to onboarding flow
* remove post onboarding step (now redundant)
* post-onboarding nudge if no web search set up
* address comments
* fix test mocking
* add enabled: false assertion to the no-key test
* --skip-search cli flag
* use provider that a user has a key for
* add assertions, replace the duplicated switch blocks
* test for quickstart fast-path with existing config key
* address comments
* cover quickstart falls through to key test
* bring back key source
* normalize secret inputs instead of direct string trimming
* preserve enabled: false if it's already set
* handle missing API keys in flow
* doc updates
* hasExistingKey to detect both plaintext strings and SecretRef objects
* preserve enabled state only on the "keep current" paths
* add test for preserving
* better gate flows
* guard against invalid provider values in config
* Update src/commands/configure.wizard.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* format fix
* only mentions env var when it's actually available
* search apiKey fields now typed as SecretInput
* if no provider check if any search provider key is detectable
* handle both kimi keys
* remove .filter(Boolean)
* do not disable web_search after user enables it
* update resolveSearchProvider
* fix(onboarding): skip search key prompt in ref mode
* fix: add onboarding web search step (#34009 ) (thanks @kesku)
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Shadow <hi@shadowing.dev>
2026-03-06 13:09:00 -06:00
57f19f0d5c
container builds: opt-in extension deps via OPENCLAW_EXTENSIONS build arg ( #32223 )
...
* Docker: opt-in extension deps via OPENCLAW_EXTENSIONS build arg
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: sallyom <somalley@redhat.com>
* CI: clarify extension smoke scope
* Tests: allow digest-pinned multi-stage FROM lines
* Changelog: note container extension preinstall option
---------
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-06 12:18:42 -05:00
9aceb51379
Gateway: normalize HEIC input_image sources ( #38122 )
...
* Media: normalize HEIC input images
* Gateway: accept HEIC image input schema
* Media: add HEIC input normalization tests
* Gateway: cover HEIC input schema parity
* Docs: document HEIC input image support
* Changelog: note HEIC input image fix
2026-03-06 11:19:36 -05:00
f392b81e95
Infra: require explicit opt-in for prerelease npm installs ( #38117 )
...
* Infra: tighten npm registry spec parsing
* Infra: block implicit prerelease npm installs
* Plugins: cover prerelease install policy
* Infra: add npm registry spec tests
* Hooks: cover prerelease install policy
* Docs: clarify plugin guide version policy
* Docs: clarify plugin install version policy
* Docs: clarify hooks install version policy
* Docs: clarify hook pack version policy
2026-03-06 11:13:30 -05:00
222d635aee
WhatsApp: honor outbound mediaMaxMb ( #38097 )
...
* WhatsApp: add media cap helper
* WhatsApp: cap outbound media loads
* WhatsApp: align auto-reply media caps
* WhatsApp: add outbound media cap test
* WhatsApp: update auto-reply cap tests
* Docs: update WhatsApp media caps
* Changelog: note WhatsApp media cap fix
2026-03-06 11:08:15 -05:00
7c45d918bf
Docs: align BlueBubbles media cap wording
2026-03-06 10:59:05 -05:00
9c1786bdd6
Telegram/Discord: honor outbound mediaMaxMb uploads ( #38065 )
...
* Telegram: default media cap to 100MB
* Telegram: honor outbound mediaMaxMb
* Discord: add shared media upload cap
* Discord: pass mediaMaxMb to outbound sends
* Telegram: cover outbound media cap sends
* Discord: cover media upload cap config
* Docs: update Telegram media cap guide
* Docs: update Telegram config reference
* Changelog: note media upload cap fix
* Docs: note Discord upload cap behavior
2026-03-06 10:53:06 -05:00
151f26070b
docs: context engine
2026-03-06 08:55:58 -05:00
5470337b1c
docs(config): list the context engine plugin slot
2026-03-06 08:53:30 -05:00
7cc3376f07
docs(plugins): add context-engine manifest kind example
2026-03-06 08:53:30 -05:00
eb2eebae22
docs(plugins): document context engine slots and registration
2026-03-06 08:53:30 -05:00
f788ba142a
docs(protocol): document slash-delimited schema lookup plugin ids
2026-03-06 08:53:29 -05:00
e88f6605ec
docs(tools): document slash-delimited config schema lookup paths
2026-03-06 08:53:29 -05:00
4a80d48ea9
fix(mattermost): allow reachable interaction callback URLs ( #37543 )
...
Merged via squash.
Prepared head SHA: 4d593731be
2026-03-06 15:27:47 +05:30
ff97195500
Gateway: add path-scoped config schema lookup ( #37266 )
...
Merged via squash.
Prepared head SHA: 0c4d187f6f
2026-03-06 02:50:48 -05:00
0e4245063f
CLI: make read-only SecretRef status flows degrade safely ( #37023 )
...
* CLI: add read-only SecretRef inspection
* CLI: fix read-only SecretRef status regressions
* CLI: preserve read-only SecretRef status fallbacks
* Docs: document read-only channel inspection hook
* CLI: preserve audit coverage for read-only SecretRefs
* CLI: fix read-only status account selection
* CLI: fix targeted gateway fallback analysis
* CLI: fix Slack HTTP read-only inspection
* CLI: align audit credential status checks
* CLI: restore Telegram read-only fallback semantics
2026-03-05 23:07:13 -06:00
5d4b04040d
feat(openai): add gpt-5.4 support for API and Codex OAuth ( #36590 )
...
* feat(openai): add gpt-5.4 support and priority processing
* feat(openai-codex): add gpt-5.4 oauth support
* fix(openai): preserve provider overrides in gpt-5.4 fallback
* fix(openai-codex): keep xhigh for gpt-5.4 default
* fix(models): preserve configured overrides in list output
* fix(models): close gpt-5.4 integration gaps
* fix(openai): scope service tier to public api
* fix(openai): complete prep followups for gpt-5.4 support (#36590 ) (thanks @dorukardahan)
---------
Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
2026-03-05 21:01:37 -08:00
8c85ad540a
fix: remove config.schema from agent gateway tool ( #7382 )
...
Merged via squash.
Prepared head SHA: f34a778069
2026-03-05 23:53:08 -05:00
81b93b9ce0
fix(subagents): announce delivery with descendant gating, frozen result refresh, and cron retry ( #35080 )
...
Thanks @tyler6204
2026-03-05 19:20:24 -08:00
71ec42127d
feat(hooks): emit compaction lifecycle hooks ( #16788 )
2026-03-05 19:08:26 -08:00
d58dafae88
feat(telegram/acp): Topic Binding, Pin Binding Message, Fix Spawn Param Parsing ( #36683 )
...
* fix(acp): normalize unicode flags and Telegram topic binding
* feat(telegram/acp): restore topic-bound ACP and session bindings
* fix(acpx): clarify permission-denied guidance
* feat(telegram/acp): pin spawn bind notice in topics
* docs(telegram): document ACP topic thread binding behavior
* refactor(reply): share Telegram conversation-id resolver
* fix(telegram/acp): preserve bound session routing semantics
* fix(telegram): respect binding persistence and expiry reporting
* refactor(telegram): simplify binding lifecycle persistence
* fix(telegram): bind acp spawns in direct messages
* fix: document telegram ACP topic binding changelog (#36683 ) (thanks @huntharo)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
2026-03-06 02:17:50 +01:00
1a67cf57e3
Diffs: restore system prompt guidance ( #36904 )
...
Merged via squash.
Prepared head SHA: 1b3be3c879
2026-03-05 19:46:39 -05:00
6dfd39c32f
Harden Telegram poll gating and schema consistency ( #36547 )
...
Merged via squash.
Prepared head SHA: f77824419e
2026-03-05 19:24:43 -05:00
688b72e158
plugins: enforce prompt hook policy with runtime validation ( #36567 )
...
Merged via squash.
Prepared head SHA: 6b9d883b6a
2026-03-05 18:15:54 -05:00
063e493d3d
fix: decouple Discord inbound worker timeout from listener timeout ( #36602 ) (thanks @dutifulbob) ( #36602 )
...
Co-authored-by: Onur Solmaz <2453968+osolmaz@users.noreply.github.com>
2026-03-06 00:09:14 +01:00
98aecab7bd
Docs: cover heartbeat, cron, and plugin route updates
2026-03-05 17:05:21 -05:00
2b45eb0e52
Docs: document Control UI locale support
2026-03-05 16:57:59 -05:00
6b2c115167
Docs: clarify OpenAI-compatible TTS endpoints
2026-03-05 16:57:51 -05:00
1d3962a000
Docs: update gateway config reference for Slack and TTS
2026-03-05 16:57:40 -05:00
837b7b4b94
Docs: add Slack typing reaction fallback
2026-03-05 16:57:31 -05:00
72cf9253fc
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails ( #35094 )
2026-03-05 12:53:56 -06:00
09c68f8f0e
add prependSystemContext and appendSystemContext to before_prompt_build ( fixes #35131 ) ( #35177 )
...
Merged via squash.
Prepared head SHA: d9a2869ad6
2026-03-05 13:06:59 -05:00
136ca87f7b
feat(mattermost): add interactive buttons support ( #19957 )
...
Merged via squash.
Prepared head SHA: 8a25e60872
2026-03-05 20:14:57 +05:30
c522154771
docs(telegram): recommend allowlist for single-user DM policy ( #34841 )
...
* docs(telegram): recommend allowlist for single-user bots
* docs(telegram): condense single-user allowlist note
---------
Co-authored-by: echoVic <echovic@163.com>
2026-03-05 11:39:19 +03:00
6a705a37f2
ACP: add persistent Discord channel and Telegram topic bindings ( #34873 )
...
* docs: add ACP persistent binding experiment plan
* docs: align ACP persistent binding spec to channel-local config
* docs: scope Telegram ACP bindings to forum topics only
* docs: lock bound /new and /reset behavior to in-place ACP reset
* ACP: add persistent discord/telegram conversation bindings
* ACP: fix persistent binding reuse and discord thread parent context
* docs: document channel-specific persistent ACP bindings
* ACP: split persistent bindings and share conversation id helpers
* ACP: defer configured binding init until preflight passes
* ACP: fix discord thread parent fallback and explicit disable inheritance
* ACP: keep bound /new and /reset in-place
* ACP: honor configured bindings in native command flows
* ACP: avoid configured fallback after runtime bind failure
* docs: refine ACP bindings experiment config examples
* acp: cut over to typed top-level persistent bindings
* ACP bindings: harden reset recovery and native command auth
* Docs: add ACP bound command auth proposal
* Tests: normalize i18n registry zh-CN assertion encoding
* ACP bindings: address review findings for reset and fallback routing
* ACP reset: gate hooks on success and preserve /new arguments
* ACP bindings: fix auth and binding-priority review findings
* Telegram ACP: gate ensure on auth and accepted messages
* ACP bindings: fix session-key precedence and unavailable handling
* ACP reset/native commands: honor fallback targets and abort on bootstrap failure
* Config schema: validate ACP binding channel and Telegram topic IDs
* Discord ACP: apply configured DM bindings to native commands
* ACP reset tails: dispatch through ACP after command handling
* ACP tails/native reset auth: fix target dispatch and restore full auth
* ACP reset detection: fallback to active ACP keys for DM contexts
* Tests: type runTurn mock input in ACP dispatch test
* ACP: dedup binding route bootstrap and reset target resolution
* reply: align ACP reset hooks with bound session key
* docs: replace personal discord ids with placeholders
* fix: add changelog entry for ACP persistent bindings (#34873 ) (thanks @dutifulbob)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
2026-03-05 09:38:12 +01:00
96021a2b17
fix: align AGENTS.md template section names with post-compaction extraction ( #25029 ) ( #25098 )
...
Merged via squash.
Prepared head SHA: 8cd6cc8049
2026-03-04 12:16:00 -08:00
257e2f5338
fix: relay ACP sessions_spawn parent streaming ( #34310 ) (thanks @vincentkoc) ( #34310 )
...
Co-authored-by: Onur Solmaz <2453968+osolmaz@users.noreply.github.com>
2026-03-04 11:44:20 +01:00
7a2f5a0098
Plugin SDK: add full bundled subpath wiring
2026-03-04 02:35:12 -05:00
802b9f6b19
Plugins: add root-alias shim and cache/docs updates
2026-03-04 01:20:48 -05:00
4d183af0cf
fix: code/cli acpx reliability 20260304 ( #34020 )
...
* agents: switch claude-cli defaults to bypassPermissions
* agents: add claude-cli default args coverage
* agents: emit watchdog stall system event for cli runs
* agents: test cli watchdog stall system event
* acpx: fallback to sessions new when ensure returns no ids
* acpx tests: mock sessions new fallback path
* acpx tests: cover ensure-empty fallback flow
* skills: clarify claude print mode without pty
* docs: update cli-backends claude default args
* docs: refresh cli live test default args
* gateway tests: align live claude args defaults
* changelog: credit claude/acpx reliability fixes
* Agents: normalize legacy Claude permission flag overrides
* Tests: cover legacy Claude permission override normalization
* Changelog: note legacy Claude permission flag auto-normalization
* ACPX: fail fast when ensure/new return no session IDs
* ACPX tests: support empty sessions new fixture output
* ACPX tests: assert ensureSession failure when IDs missing
* CLI runner: scope watchdog heartbeat wake to session
* CLI runner tests: assert session-scoped watchdog wake
* Update CHANGELOG.md
2026-03-04 01:15:28 -05:00
230fea1ca6
feat(web-search): switch Perplexity to native Search API ( #33822 )
...
* feat: Add Perplexity Search API as web_search provider
* docs fixes
* domain_filter validation
* address comments
* provider-specific options in cache key
* add validation for unsupported date filters
* legacy fields
* unsupported_language guard
* cache key matches the request's precedence order
* conflicting_time_filters guard
* unsupported_country guard
* invalid_date_range guard
* pplx validate for ISO 639-1 format
* docs: add Perplexity Search API changelog entry
* unsupported_domain_filter guard
---------
Co-authored-by: Shadow <hi@shadowing.dev>
2026-03-03 22:57:19 -06:00
f74a04e4ba
fix: tighten telegram topic-agent docs + fallback tests ( #33647 ) (thanks @kesor)
2026-03-04 09:35:53 +05:30
8eeb049683
fix(telegram): address PR review comments
...
- Export pickFirstExistingAgentId and use it to validate topic agentId
- Properly update mainSessionKey when overriding route agent
- Fix docs example showing incorrect session key for topic 3
Fixes issue where non-existent agentId would create orphaned sessions.
Fixes issue where DM topic replies would route to wrong agent.
2026-03-04 09:35:53 +05:30
58bc9a241b
feat(telegram): add per-topic agent routing for forum groups [AI-assisted]
...
This feature allows different topics within a Telegram forum supergroup to route
to different agents, each with isolated workspace, memory, and sessions.
Key changes:
- Add agentId field to TelegramTopicConfig type for per-topic routing
- Add zod validation for agentId in topic config schema
- Implement routing logic to re-derive session key with topic's agent
- Add debug logging for topic agent overrides
- Add unit tests for routing behavior (forum topics + DM topics)
- Add config validation tests
- Document feature in docs/channels/telegram.md
This builds on the approach from PR #31513 by @Sid-Qin with additional fixes
for security (preserved account fail-closed guard) and test coverage.
Closes #31473
2026-03-04 09:35:53 +05:30
1278ee9248
plugin-sdk: add channel subpaths and migrate bundled plugins
2026-03-03 22:07:03 -05:00
1c200ca7ae
follow-up: align ingress, atomic paths, and channel tests with credential semantics ( #33733 )
...
Merged via squash.
Prepared head SHA: c290c2ab6a
2026-03-03 20:29:46 -06:00
b1a735829d
docs: fix Mintlify-incompatible links in security docs ( #27698 )
...
Merged via squash.
Prepared head SHA: 6078cd94ba
2026-03-03 14:51:28 -08:00
e4b4486a96
Agent: unify bootstrap truncation warning handling ( #32769 )
...
Merged via squash.
Prepared head SHA: 5d6d4ddfa6
2026-03-03 16:28:38 -05:00
a9969e641a
docs: fix secretref marker rendering in credential surface
2026-03-03 15:08:41 -06:00
ff96e41c38
fix(discord): align DiscordAccountConfig.token type with SecretInput ( #32490 )
...
Merged via squash.
Prepared head SHA: 233aa032f1
2026-03-03 14:59:57 -06:00
2cd3be896d
docs(security): document Docker UFW hardening via DOCKER-USER ( #27613 )
...
Merged via squash.
Prepared head SHA: 31ddd43326
2026-03-03 12:28:35 -08:00
490670128b
fix(docs): avoid MDX regex markers in secretref page
2026-03-03 14:00:09 -06:00
70c6bc8581
fix(docs): use MDX-safe secretref markers
2026-03-03 13:54:03 -06:00
65816657c2
feat(discord): add allowBots mention gating
2026-03-03 12:47:25 -06:00
05446d6b6b
docs: document discord ignoreOtherMentions
2026-03-03 11:26:20 -06:00
e28ff1215c
fix: discord auto presence health signal ( #33277 ) (thanks @thewilloftheshadow) ( #33277 )
2026-03-03 11:20:59 -06:00
d89e1e40f9
docs(loop-detection): fix config keys to match schema ( #33182 )
...
Merged via squash.
Prepared head SHA: 612ecc00d3
2026-03-03 11:02:30 -05:00
4ffe15c6b2
fix(telegram): warn when accounts.default is missing in multi-account setup ( #32544 )
...
Merged via squash.
Prepared head SHA: 7ebc3f65b2
2026-03-03 03:27:19 -05:00
b1b41eb443
feat(mattermost): add native slash command support (refresh) ( #32467 )
...
Merged via squash.
Prepared head SHA: 989126574e
2026-03-03 12:39:18 +05:30
5341b5c71c
Diffs: Migrate tool usage guidance from before_prompt_build to a plugin skill ( #32630 )
...
Merged via squash.
Prepared head SHA: 585697a4e1
2026-03-03 01:50:59 -05:00
75775f2fe6
chore: Updated Brave documentation ( #26860 )
...
Merged via squash.
Prepared head SHA: f8fc4bf01e
2026-03-03 01:34:15 -05:00
d9d604c6ad
docs: add dedicated pdf tool docs page
2026-03-03 04:07:04 +00:00
02d26ced98
docs(feishu): Feishu docs – add verificationToken and align zh-CN with EN (openclaw#31555) thanks @xbsheng
...
Verified:
- pnpm build
- pnpm test:macmini
- pnpm check (blocked locally by pre-existing mainline lint issue in src/scripts/ci-changed-scope.test.ts unrelated to this PR)
Co-authored-by: xbsheng <56357338+xbsheng@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-02 21:33:41 -06:00
2c6616b830
CI: gate Windows checks by windows-relevant scope ( #32456 )
...
* CI: add windows scope output for changed-scope
* Test: cover windows scope gating in changed-scope
* CI: gate checks-windows by windows scope
* Docs: update CI windows scope and runner label
* CI: move checks-windows to 32 vCPU runner
* Docs: align CI windows runner with workflow
2026-03-02 19:10:58 -08:00
806803b7ef
feat(secrets): expand SecretRef coverage across user-supplied credentials ( #29580 )
...
* feat(secrets): expand secret target coverage and gateway tooling
* docs(secrets): align gateway and CLI secret docs
* chore(protocol): regenerate swift gateway models for secrets methods
* fix(config): restore talk apiKey fallback and stabilize runner test
* ci(windows): reduce test worker count for shard stability
* ci(windows): raise node heap for test shard stability
* test(feishu): make proxy env precedence assertion windows-safe
* fix(gateway): resolve auth password SecretInput refs for clients
* fix(gateway): resolve remote SecretInput credentials for clients
* fix(secrets): skip inactive refs in command snapshot assignments
* fix(secrets): scope gateway.remote refs to effective auth surfaces
* fix(secrets): ignore memory defaults when enabled agents disable search
* fix(secrets): honor Google Chat serviceAccountRef inheritance
* fix(secrets): address tsgo errors in command and gateway collectors
* fix(secrets): avoid auth-store load in providers-only configure
* fix(gateway): defer local password ref resolution by precedence
* fix(secrets): gate telegram webhook secret refs by webhook mode
* fix(secrets): gate slack signing secret refs to http mode
* fix(secrets): skip telegram botToken refs when tokenFile is set
* fix(secrets): gate discord pluralkit refs by enabled flag
* fix(secrets): gate discord voice tts refs by voice enabled
* test(secrets): make runtime fixture modes explicit
* fix(cli): resolve local qr password secret refs
* fix(cli): fail when gateway leaves command refs unresolved
* fix(gateway): fail when local password SecretRef is unresolved
* fix(gateway): fail when required remote SecretRefs are unresolved
* fix(gateway): resolve local password refs only when password can win
* fix(cli): skip local password SecretRef resolution on qr token override
* test(gateway): cast SecretRef fixtures to OpenClawConfig
* test(secrets): activate mode-gated targets in runtime coverage fixture
* fix(cron): support SecretInput webhook tokens safely
* fix(bluebubbles): support SecretInput passwords across config paths
* fix(msteams): make appPassword SecretInput-safe in onboarding/token paths
* fix(bluebubbles): align SecretInput schema helper typing
* fix(cli): clarify secrets.resolve version-skew errors
* refactor(secrets): return structured inactive paths from secrets.resolve
* refactor(gateway): type onboarding secret writes as SecretInput
* chore(protocol): regenerate swift models for secrets.resolve
* feat(secrets): expand extension credential secretref support
* fix(secrets): gate web-search refs by active provider
* fix(onboarding): detect SecretRef credentials in extension status
* fix(onboarding): allow keeping existing ref in secret prompt
* fix(onboarding): resolve gateway password SecretRefs for probe and tui
* fix(onboarding): honor secret-input-mode for local gateway auth
* fix(acp): resolve gateway SecretInput credentials
* fix(secrets): gate gateway.remote refs to remote surfaces
* test(secrets): cover pattern matching and inactive array refs
* docs(secrets): clarify secrets.resolve and remote active surfaces
* fix(bluebubbles): keep existing SecretRef during onboarding
* fix(tests): resolve CI type errors in new SecretRef coverage
* fix(extensions): replace raw fetch with SSRF-guarded fetch
* test(secrets): mark gateway remote targets active in runtime coverage
* test(infra): normalize home-prefix expectation across platforms
* fix(cli): only resolve local qr password refs in password mode
* test(cli): cover local qr token mode with unresolved password ref
* docs(cli): clarify local qr password ref resolution behavior
* refactor(extensions): reuse sdk SecretInput helpers
* fix(wizard): resolve onboarding env-template secrets before plaintext
* fix(cli): surface secrets.resolve diagnostics in memory and qr
* test(secrets): repair post-rebase runtime and fixtures
* fix(gateway): skip remote password ref resolution when token wins
* fix(secrets): treat tailscale remote gateway refs as active
* fix(gateway): allow remote password fallback when token ref is unresolved
* fix(gateway): ignore stale local password refs for none and trusted-proxy
* fix(gateway): skip remote secret ref resolution on local call paths
* test(cli): cover qr remote tailscale secret ref resolution
* fix(secrets): align gateway password active-surface with auth inference
* fix(cli): resolve inferred local gateway password refs in qr
* fix(gateway): prefer resolvable remote password over token ref pre-resolution
* test(gateway): cover none and trusted-proxy stale password refs
* docs(secrets): sync qr and gateway active-surface behavior
* fix: restore stability blockers from pre-release audit
* Secrets: fix collector/runtime precedence contradictions
* docs: align secrets and web credential docs
* fix(rebase): resolve integration regressions after main rebase
* fix(node-host): resolve gateway secret refs for auth
* fix(secrets): harden secretinput runtime readers
* gateway: skip inactive auth secretref resolution
* cli: avoid gateway preflight for inactive secret refs
* extensions: allow unresolved refs in onboarding status
* tests: fix qr-cli module mock hoist ordering
* Security: align audit checks with SecretInput resolution
* Gateway: resolve local-mode remote fallback secret refs
* Node host: avoid resolving inactive password secret refs
* Secrets runtime: mark Slack appToken inactive for HTTP mode
* secrets: keep inactive gateway remote refs non-blocking
* cli: include agent memory secret targets in runtime resolution
* docs(secrets): sync docs with active-surface and web search behavior
* fix(secrets): keep telegram top-level token refs active for blank account tokens
* fix(daemon): resolve gateway password secret refs for probe auth
* fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled
* fix(secrets): align token inheritance and exec timeout defaults
* docs(secrets): clarify active-surface notes in cli docs
* cli: require secrets.resolve gateway capability
* gateway: log auth secret surface diagnostics
* secrets: remove dead provider resolver module
* fix(secrets): restore gateway auth precedence and fallback resolution
* fix(tests): align plugin runtime mock typings
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-03-03 02:58:20 +00:00
fa4ff5f3d2
refactor(acp): extract install hint resolver
2026-03-03 02:51:24 +00:00
40f2e2b8a6
ci: scale Windows CI runner and test workers
2026-03-03 02:42:32 +00:00
59567a8c5d
ci: move changed-scope logic into tested script
2026-03-03 02:37:23 +00:00
04ac688dff
fix(acp): use publishable acpx install hint
2026-03-03 02:34:07 +00:00
0fd77c9856
refactor: modularize plugin runtime and test hooks
2026-03-03 02:06:58 +00:00
3eec79bd6c
feat(memory): add Ollama embedding provider ( #26349 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: ac41386543
2026-03-02 20:56:40 -05:00
bd8c3230e8
fix: force supportsDeveloperRole=false for non-native OpenAI endpoints ( #29479 )
...
Merged via squash.
Prepared head SHA: 1416c584ac
2026-03-02 20:43:49 -05:00
42626648d7
docs(models): clarify moonshot thinking and failover stop-reason errors
2026-03-03 01:11:29 +00:00
Josh Lehman
stim64045-spec
Peter Steinberger
Vincent Koc
Josh Avant
Tak Hoffman
Gustavo Madeira Santana
Ayaan Zaidi
Radek Sienkiewicz
Onur Solmaz
Tomáš Dinh
Ace Lee
George Zhang
Onur
Nimrod Gutman
kkhomej33-netizen
Eyal En Gad
Keelan Fadden-Hopper
Alex Zaytsev
Jealous
Bruce MacDonald
liyuan97
Altay
Teconomix
Sally O'Malley
Luke
Xaden Ryan
Neerav Makwana
Bill Chirico
Pejman Pour-Moezzi
Harold Hunt
Mariano
Mariano
Kesku
Tyler Yust
shichangs
shrey150
Rémi
GitBuck
Ayaan Zaidi
dano does design
Charles Dusek
arceus77-7
Florian Hines
Jason
Efe Büken
AngryBird
Muhammed Mukhthar CM
dorukardahan
Hinata Kaga (samon)
Bob
maweibin
Tony Dehnke
青雲
Evgeny Zislis
Clawdoo
scoootscooob
Shadow
Shadow
Mylszd
Sid
Eugene
Henry Loenwind
xbsheng
john
nico-hoff
Sk Akram