ade748176f
OpenRouter: surface free Hunter and Healer stealth models for the next week ( #43642 )
...
* Models: add temporary Hunter and Healer alpha to OpenRouter catalog
* Add temporary OpenRouter stealth catalog entries
---------
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-11 22:58:48 -05:00
1fcee52a5c
docs: reorder unreleased changelog by user impact
2026-03-12 03:42:39 +00:00
f01c41b27a
fix(context-engine): guard compact() throw + fire hooks for ownsCompaction engines ( #41361 )
...
Merged via squash.
Prepared head SHA: 0957b32dc6
2026-03-11 20:19:20 -07:00
5231277163
fix(acp): rehydrate restarted main ACP sessions ( #43285 )
...
Merged via squash.
Prepared head SHA: f06318e58f
2026-03-12 11:05:09 +08:00
ebed3bbde1
fix(gateway): enforce browser origin check regardless of proxy headers
...
In trusted-proxy mode, enforceOriginCheckForAnyClient was set to false
whenever proxy headers were present. This allowed browser-originated
WebSocket connections from untrusted origins to bypass origin validation
entirely, as the check only ran for control-ui and webchat client types.
An attacker serving a page from an untrusted origin could connect through
a trusted reverse proxy, inherit proxy-injected identity, and obtain
operator.admin access via the sharedAuthOk / roleCanSkipDeviceIdentity
path without any origin restriction.
Remove the hasProxyHeaders exemption so origin validation runs for all
browser-originated connections regardless of how the request arrived.
Fixes GHSA-5wcw-8jjv-m286
2026-03-12 01:16:52 +01:00
3c0fd3dffe
fix(daemon): replace bootout with kickstart -k for launchd restarts on macOS
...
On macOS, launchctl bootout permanently unloads the LaunchAgent plist.
Even with KeepAlive: true, launchd cannot respawn a service whose plist
has been removed from its registry. This left users with a dead gateway
requiring manual 'openclaw gateway install' to recover.
Affected trigger paths:
- openclaw gateway restart from an agent session (#43311 )
- SIGTERM on config reload (#43406 )
- Gateway self-restart via SIGTERM (#43035 )
- Hot reload on channel config change (#43049 )
Switch restartLaunchAgent() to launchctl kickstart -k, which force-kills
and restarts the service without unloading the plist. When the restart
originates from inside the launchd-managed process tree, delegate to a
new detached handoff helper (launchd-restart-handoff.ts) to avoid the
caller being killed mid-command. Self-restart paths in process-respawn.ts
now schedule the detached start-after-exit handoff before exiting instead
of relying on exit/KeepAlive timing.
Fixes #43311 , #43406 , #43035 , #43049
2026-03-12 01:16:49 +01:00
b6d83749c8
fix(terminal): sanitize skills JSON and fallback on legacy Windows ( #43520 )
...
* Terminal: use ASCII borders on legacy Windows consoles
* Skills: sanitize JSON output for control bytes
* Changelog: credit terminal follow-up fixes
* Update CHANGELOG.md
* Update CHANGELOG.md
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Skills: strip remaining escape sequences from JSON output
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-11 19:53:07 -04:00
453c8d7c1b
fix(hooks): add missing trigger and channelId to agent_end, llm_input, and llm_output hook contexts ( #42362 )
...
Merged via squash.
Prepared head SHA: e6d7b7e31a
2026-03-11 23:40:13 +01:00
d79ca52960
Memory: add multimodal image and audio indexing ( #43460 )
...
Merged via squash.
Prepared head SHA: a994c07190
2026-03-11 22:28:34 +00:00
20d097ac2f
Gateway/Dashboard: surface config validation issues ( #42664 )
...
Merged via squash.
Prepared head SHA: 43f66cdcf0
2026-03-11 17:32:41 -04:00
9c81c31232
chore: refresh dependencies except carbon
2026-03-11 20:10:33 +00:00
128e5bc317
fix: recognize Venice 402 billing errors for model fallback ( #43205 )
...
Merged via squash.
Prepared head SHA: 1f6b10b9d9
2026-03-11 22:15:32 +03:00
01ffc5db24
memory: normalize Gemini embeddings ( #43409 )
...
Merged via squash.
Prepared head SHA: 70613e0225
2026-03-11 15:06:21 -04:00
2a18cbb110
fix(agents): prevent false billing error replacing valid response text ( #40616 )
...
Merged via squash.
Prepared head SHA: 05179362b4
2026-03-11 22:00:11 +03:00
78b9384aa7
fix(discord): add missing autoThread to DiscordGuildChannelConfig type ( #35608 )
...
Merged via squash.
Prepared head SHA: e62b88bb01
2026-03-11 21:54:49 +03:00
4473242b4f
fix: use unknown instead of rate_limit as default cooldown reason ( #42911 )
...
Merged via squash.
Prepared head SHA: bebf6704d7
2026-03-11 21:34:14 +03:00
60aed95346
feat(memory): add gemini-embedding-2-preview support ( #42501 )
...
Merged via squash.
Prepared head SHA: c57b1f8ba2
2026-03-11 14:28:53 -04:00
58634c9c65
fix(agents): check billing errors before context overflow heuristics ( #40409 )
...
Merged via squash.
Prepared head SHA: c88f89c462
2026-03-11 21:08:55 +03:00
f417d78eef
fix(config): add missing editMessage and createForumTopic to Telegram actions schema ( #35498 )
...
Merged via squash.
Prepared head SHA: 631fc14832
2026-03-11 20:59:27 +03:00
a84bcf734c
fix(signal): add missing accountUuid to Zod config schema ( #35578 )
...
Merged via squash.
Prepared head SHA: 39e8e9ad62
2026-03-11 20:57:07 +03:00
8618a711ff
fix(voice-call): add speed and instructions to OpenAI TTS config schema ( #39226 )
...
Merged via squash.
Prepared head SHA: 775e3063b5
2026-03-11 23:15:48 +05:30
daf8afc954
fix(telegram): clear stale retain before transient final fallback ( #41763 )
...
Merged via squash.
Prepared head SHA: c0940838bc
2026-03-11 21:36:43 +05:30
1435fce2de
fix: tighten Ollama onboarding cloud handling ( #41529 ) (thanks @BruceMacD)
2026-03-11 14:52:55 +00:00
62d5df28dc
fix(agents): add nodes to owner-only tool policy fallbacks
...
The nodes tool was missing from OWNER_ONLY_TOOL_NAME_FALLBACKS in
tool-policy.ts. applyOwnerOnlyToolPolicy() correctly removed gateway
and cron for non-owners but kept nodes, which internally issues
privileged gateway calls: node.pair.approve (operator.pairing) and
node.invoke (operator.write).
A non-owner sender could approve pending node pairings and invoke
arbitrary node commands, extending to system.run on paired nodes.
Add nodes to the fallback owner-only set. Non-owners no longer receive
the nodes tool after policy application; owners retain it.
Fixes GHSA-r26r-9hxr-r792
2026-03-11 14:17:03 +01:00
a1520d70ff
fix(gateway): propagate real gateway client into plugin subagent runtime
...
Plugin subagent dispatch used a hardcoded synthetic client carrying
operator.admin, operator.approvals, and operator.pairing for all
runtime.subagent.* calls. Plugin HTTP routes with auth:"plugin" require
no gateway auth by design, so an unauthenticated external request could
drive admin-only gateway methods (sessions.delete, agent.run) through
the subagent runtime.
Propagate the real gateway client into the plugin runtime request scope
when one is available. Plugin HTTP routes now run inside a scoped
runtime client: auth:"plugin" routes receive a non-admin synthetic
operator.write client; gateway-authenticated routes retain admin-capable
scopes. The security boundary is enforced at the HTTP handler level.
Fixes GHSA-xw77-45gv-p728
2026-03-11 14:17:01 +01:00
dafd61b5c1
fix(gateway): enforce caller-scope subsetting in device.token.rotate
...
device.token.rotate accepted attacker-controlled scopes and forwarded
them to rotateDeviceToken without verifying the caller held those
scopes. A pairing-scoped token could rotate up to operator.admin on
any already-paired device whose approvedScopes included admin.
Add a caller-scope subsetting check before rotateDeviceToken: the
requested scopes must be a subset of client.connect.scopes via the
existing roleScopesAllow helper. Reject with missing scope: <scope>
if not.
Also add server.device-token-rotate-authz.test.ts covering both the
priv-esc path and the admin-to-node-invoke chain.
Fixes GHSA-4jpw-hj22-2xmc
2026-03-11 14:16:59 +01:00
04e103d10e
fix(terminal): stabilize skills table width across Terminal.app and iTerm ( #42849 )
...
* Terminal: measure grapheme display width
* Tests: cover grapheme terminal width
* Terminal: wrap table cells by grapheme width
* Tests: cover emoji table alignment
* Terminal: refine table wrapping and width handling
* Terminal: stop shrinking CLI tables by one column
* Skills: use Terminal-safe emoji in list output
* Changelog: note terminal skills table fixes
* Skills: normalize emoji presentation across outputs
* Terminal: consume unsupported escape bytes in tables
2026-03-11 09:13:10 -04:00
10e6e27451
fix(models): guard optional model input capabilities ( #42096 )
...
Merged via squash.
Prepared head SHA: d398fa0222
2026-03-11 13:43:59 +01:00
144c1b802b
macOS/onboarding: prompt for remote gateway auth tokens ( #43100 )
...
Merged via squash.
Prepared head SHA: 00e2ad847b
2026-03-11 13:53:19 +02:00
f063e57d4b
fix(macos): use foundationValue when serializing browser proxy POST body ( #43069 )
...
Merged via squash.
Prepared head SHA: 04c33fa061
2026-03-11 19:14:01 +08:00
2d91284fdb
feat(ios): add local beta release flow ( #42991 )
...
Merged via squash.
Prepared head SHA: 82b38fe93b
2026-03-11 12:32:28 +02:00
665f677265
docs(changelog): update context pruning PR reference
2026-03-11 18:07:37 +08:00
d68d4362ee
fix(context-pruning): cover image-only tool-result pruning
2026-03-11 18:07:37 +08:00
dc4441322f
fix(agents): include azure-openai in Responses API store override ( #42934 )
...
Merged via squash.
Prepared head SHA: d3285fef41
2026-03-11 16:16:10 +08:00
a2e30824e6
fix(telegram): fall back on ambiguous first preview sends
2026-03-11 11:23:10 +05:30
e37e1ed24e
fix(telegram): prevent duplicate messages with slow LLM providers ( #41932 )
...
Merged via squash.
Prepared head SHA: 2f50c51d5a
2026-03-11 11:19:55 +05:30
7761e7626f
Providers: add Opencode Go support ( #42313 )
...
* feat(providers): add opencode-go provider support and onboarding
* Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF
* Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF
* Update CHANGELOG.md
---------
Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-11 01:31:06 -04:00
061b8258bc
macOS: add chat model selector and persist thinking ( #42314 )
...
* feat(macos): add chat model selector and thinking persistence UX
* Chat UI: carry session model providers
* Docs: add macOS model selector changelog
* macOS: persist extended thinking levels
* Chat UI: keep model picker state in sync
* Chat UI tests: cover model selection races
---------
Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-11 00:43:04 -04:00
c91d1622d5
fix(gateway): split conversation reset from admin reset
2026-03-11 02:50:44 +00:00
0ab8d20917
docs(changelog): note interpreter approval hardening
2026-03-11 02:45:10 +00:00
0125ce1f44
Gateway: fail closed unresolved local auth SecretRefs ( #42672 )
...
* Gateway: fail closed unresolved local auth SecretRefs
* Docs: align node-host gateway auth precedence
* CI: resolve rebase breakages in checks lanes
* Tests: isolate LOCAL_REMOTE_FALLBACK_TOKEN env state
* Gateway: remove stale remote.enabled auth-surface semantics
* Changelog: note gateway SecretRef fail-closed fix
2026-03-10 21:41:56 -05:00
aad014c7c1
fix: harden subagent control boundaries
2026-03-11 01:44:38 +00:00
7289c19f1a
fix(security): bind system.run approvals to exact argv text
2026-03-11 01:25:31 +00:00
8eac939417
fix(security): enforce target account configWrites
2026-03-11 01:24:36 +00:00
11924a7026
fix(sandbox): pin fs-bridge staged writes
2026-03-11 01:15:47 +00:00
702f6f3305
fix: fail closed for unresolved local gateway auth refs
2026-03-11 01:14:06 +00:00
ecdbd8aa52
fix(security): restrict leaf subagent control scope
2026-03-11 01:12:22 +00:00
f604cbedf3
fix: remove stale allowlist matcher cache
2026-03-11 00:00:04 +00:00
36d2ae2a22
SecretRef: harden custom/provider secret persistence and reuse ( #42554 )
...
* Models: gate custom provider keys by usable secret semantics
* Config: project runtime writes onto source snapshot
* Models: prevent stale apiKey preservation for marker-managed providers
* Runner: strip SecretRef marker headers from resolved models
* Secrets: scan active agent models.json path in audit
* Config: guard runtime-source projection for unrelated configs
* Extensions: fix onboarding type errors in CI
* Tests: align setup helper account-enabled expectation
* Secrets audit: harden models.json file reads
* fix: harden SecretRef custom/provider secret persistence (#42554 ) (thanks @joshavant)
2026-03-10 23:55:10 +00:00
658cf4bd94
fix: harden archive extraction destinations
2026-03-10 23:49:35 +00:00
201420a7ee
fix: harden secret-file readers
2026-03-10 23:40:10 +00:00
b517dc089a
feat(discord): add autoArchiveDuration config option ( #35065 )
...
* feat(discord): add autoArchiveDuration config option
Add config option to control auto-archive duration for auto-created threads:
- autoArchiveDuration: 60 (default), 1440, 4320, or 10080
- Sets archive duration in minutes (1hr/1day/3days/1week)
- Accepts both string and numeric values
- Discord's default was 60 minutes (hardcoded)
Example config:
```yaml
channels:
discord:
guilds:
GUILD_ID:
channels:
CHANNEL_ID:
autoThread: true
autoArchiveDuration: 10080 # 1 week
```
* feat(discord): add autoArchiveDuration changelog entry (#35065 ) (thanks @davidguttman)
---------
Co-authored-by: Onur <onur@textcortex.com>
2026-03-10 23:13:24 +01:00
a76e810193
fix(gateway): harden token fallback/reconnect behavior and docs ( #42507 )
...
* fix(gateway): harden token fallback and auth reconnect handling
* docs(gateway): clarify auth retry and token-drift recovery
* fix(gateway): tighten auth reconnect gating across clients
* fix: harden gateway token retry (#42507 ) (thanks @joshavant)
2026-03-10 17:05:57 -05:00
5ed96da990
fix(browser): surface 429 rate limit errors with actionable hints ( #40491 )
...
Merged via squash.
Prepared head SHA: 13839c2dbd
2026-03-11 00:49:31 +03:00
7c76acafd6
fix(acp): scope cancellation and event routing by runId ( #41331 )
2026-03-10 22:37:21 +01:00
53374394fb
Fix stale runtime model reuse on session reset ( #41173 )
...
Merged via squash.
Prepared head SHA: d8a04a466a
2026-03-10 14:02:43 -07:00
9f5dee32f6
fix(acp): implicit streamToParent for mode=run without thread ( #42404 )
...
* fix(acp): implicit streamToParent for mode=run without thread
When spawning ACP sessions with mode=run and no thread binding,
automatically route output to parent session instead of Discord.
This enables agent-to-agent supervision patterns where the spawning
agent wants results returned programmatically, not posted as chat.
The change makes sessions_spawn with runtime=acp and thread=false
behave like direct acpx invocation - output goes to the spawning
session, not to Discord.
Fixes the issue where mode=run without thread still posted to Discord
because hasDeliveryTarget was true when called from a Discord context.
* fix: use resolved spawnMode instead of params.mode
Move implicit streamToParent check to after resolveSpawnMode so that
both explicit mode="run" and omitted mode (which defaults to "run"
when thread is false) correctly trigger parent routing.
This fixes the issue where callers that rely on default mode selection
would not get the intended parent streaming behavior.
* fix: tighten implicit ACP parent relay gating (#42404 ) (thanks @davidguttman)
---------
Co-authored-by: Onur Solmaz <2453968+osolmaz@users.noreply.github.com>
2026-03-10 21:42:15 +01:00
6d4241cbd9
fix: wire modelstudio env discovery ( #40634 ) (thanks @pomelo-nwu)
2026-03-10 19:58:43 +00:00
67746a12de
iOS: add welcome home canvas
2026-03-10 21:44:00 +02:00
0ff184397d
docs(telegram): clarify group and sender allowlists ( #42451 )
...
Merged via squash.
Prepared head SHA: f30cacafb3
2026-03-10 21:56:30 +03:00
b205de6154
Docs: add changelog entry for SecretRef traversal ( #42455 )
2026-03-10 13:52:50 -05:00
0687e04760
fix: thread runtime config through Discord/Telegram sends ( #42352 ) (thanks @joshavant) ( #42352 )
2026-03-10 13:30:57 -05:00
c2d9386796
fix: log auth profile resolution failures instead of swallowing silently ( #41271 )
...
Merged via squash.
Prepared head SHA: 049d1e119a
2026-03-10 20:38:49 +03:00
e9e8b81939
fix(failover): classify Gemini MALFORMED_RESPONSE as retryable timeout ( #42292 )
...
Merged via squash.
Prepared head SHA: 68f106ff49
2026-03-10 20:34:32 +03:00
bc9b35d6ce
fix(logging): include model and provider in overload/error log ( #41236 )
...
Merged via squash.
Prepared head SHA: bb16fecbf7
2026-03-10 20:32:14 +03:00
3b582f1d54
fix(telegram): chunk long html outbound messages ( #42240 )
...
Merged via squash.
Prepared head SHA: 4d79c41ddf
2026-03-10 22:53:04 +05:30
8bf64f219a
fix: recognize Poe 402 'used up your points' as billing for fallback ( #42278 )
...
Merged via squash.
Prepared head SHA: f3cdfa76dd
2026-03-10 20:17:36 +03:00
f50fc2966b
docs: add #42173 to CHANGELOG — strip leaked model control tokens ( #42216 )
...
Thanks @imwyvern.
2026-03-10 07:19:13 -07:00
208b636414
Changelog: add unreleased March 9 entries
2026-03-10 08:51:12 -04:00
d340ea92d1
chore: add .dev-state to .gitignore ( #41848 )
...
Merged via squash.
Prepared head SHA: 85c4eb7d26
2026-03-10 13:35:04 +01:00
048e25c2b2
fix(agents): avoid duplicate same-provider cooldown probes in fallback runs ( #41711 )
...
Merged via squash.
Prepared head SHA: 8be8967bcb
2026-03-10 15:26:47 +03:00
bda63c3c7f
fix(mattermost): preserve markdown formatting and native tables ( #18655 )
...
Merged via squash.
Prepared head SHA: d30fff1776
2026-03-10 17:40:01 +05:30
aca216bfcf
feat(acp): add resumeSessionId to sessions_spawn for ACP session resume ( #41847 )
...
* feat(acp): add resumeSessionId to sessions_spawn for ACP session resume
Thread resumeSessionId through the ACP session spawn pipeline so agents
can resume existing sessions (e.g. a prior Codex conversation) instead
of starting fresh.
Flow: sessions_spawn tool → spawnAcpDirect → initializeSession →
ensureSession → acpx --resume-session flag → agent session/load
- Add resumeSessionId param to sessions-spawn-tool schema with
description so agents can discover and use it
- Thread through SpawnAcpParams → AcpInitializeSessionInput →
AcpRuntimeEnsureInput → acpx extension runtime
- Pass as --resume-session flag to acpx CLI
- Error hard (exit 4) on non-existent session, no silent fallback
- All new fields optional for backward compatibility
Depends on acpx >= 0.1.16 (openclaw/acpx#85, merged, pending release).
Tests: 26/26 pass (runtime + tool schema)
Verified e2e: Discord → sessions_spawn(resumeSessionId) → Codex
resumed session and recalled stored secret.
🤖 AI-assisted
* fix: guard resumeSessionId against non-ACP runtime
Add early-return error when resumeSessionId is passed without
runtime="acp" (mirrors existing streamTo guard). Without this,
the parameter is silently ignored and the agent gets a fresh
session instead of resuming.
Also update schema description to note the runtime=acp requirement.
Addresses Greptile review feedback.
* ACP: add changelog entry for session resume (#41847 ) (thanks @pejmanjohn)
---------
Co-authored-by: Pejman Pour-Moezzi <481729+pejmanjohn@users.noreply.github.com>
Co-authored-by: Onur <onur@textcortex.com>
2026-03-10 10:36:13 +01:00
c2eb12bbc5
ACPX: bump bundled acpx to 0.1.16 ( #41975 )
...
* ACPX: bump bundled acpx to 0.1.16
* fix: bump acpx pin to 0.1.16 (#41975 ) (thanks @dutifulbob)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
2026-03-10 10:18:09 +01:00
6d0547dc2e
mattermost: fix DM media upload for unprefixed user IDs ( #29925 )
...
Merged via squash.
Prepared head SHA: 5cffcb072c
2026-03-10 14:22:24 +05:30
568b0a22bb
fix(msteams): use General channel conversation ID as team key for Bot Framework compatibility ( #41838 )
...
* fix(msteams): use General channel conversation ID as team key for Bot Framework compatibility
Bot Framework sends `activity.channelData.team.id` as the General channel's
conversation ID (e.g. `19:abc@thread.tacv2`), not the Graph API group GUID
(e.g. `fa101332-cf00-431b-b0ea-f701a85fde81`). The startup resolver was
storing the Graph GUID as the team config key, so runtime matching always
failed and every channel message was silently dropped.
Fix: always call `listChannelsForTeam` during resolution to find the General
channel, then use its conversation ID as the stored `teamId`. When a specific
channel is also configured, reuse the same channel list rather than issuing a
second API call. Falls back to the Graph GUID if the General channel cannot
be found (renamed/deleted edge case).
Fixes #41390
* fix(msteams): handle listChannelsForTeam failure gracefully
* fix(msteams): trim General channel ID and guard against empty string
* fix: document MS Teams allowlist team-key fix (#41838 ) (thanks @BradGroux)
---------
Co-authored-by: bradgroux <bradgroux@users.noreply.github.com>
Co-authored-by: Onur <onur@textcortex.com>
2026-03-10 09:13:41 +01:00
450d49ea52
fix(mattermost): read replyTo param in plugin handleAction send ( #41176 )
...
Merged via squash.
Prepared head SHA: 33cac4c33f
2026-03-10 13:19:54 +05:30
3495563cfe
fix(sandbox): pass real workspace to sessions_spawn when workspaceAccess is ro ( #40757 )
...
Merged via squash.
Prepared head SHA: 0e8b27bf80
2026-03-10 04:12:50 -03:00
9d403fd415
fix(ui): replace Manual RPC text input with sorted method dropdown ( #14967 )
...
Merged via squash.
Prepared head SHA: 1bb49b2e64
2026-03-10 01:30:31 -05:00
5296147c20
CI: select Swift 6.2 toolchain for CodeQL ( #41787 )
...
Merged via squash.
Prepared head SHA: 8abc6c1657
2026-03-10 01:22:41 -05:00
8306eabf85
fix(agents): forward memory flush write path ( #41761 )
...
Merged via squash.
Prepared head SHA: 0a8ebf8e5b
2026-03-10 14:18:41 +08:00
45b74fb56c
fix(telegram): move network fallback to resolver-scoped dispatchers ( #40740 )
...
Merged via squash.
Prepared head SHA: a4456d48b4
2026-03-10 11:28:51 +05:30
d1a59557b5
fix(security): harden replaceMarkers() to catch space/underscore boundary marker variants ( #35983 )
...
Merged via squash.
Prepared head SHA: ff07dc45a9
2026-03-10 13:54:23 +08:00
cf9db91b61
fix(web-search): recover OpenRouter Perplexity citations from message annotations ( #40881 )
...
Merged via squash.
Prepared head SHA: 66c8bb2c6a
2026-03-10 10:37:44 +05:30
382287026b
cron: record lastErrorReason in job state ( #14382 )
...
Merged via squash.
Prepared head SHA: baa6b5d566
2026-03-10 00:01:45 -05:00
da4fec6641
fix(telegram): prevent duplicate messages when preview edit times out ( #41662 )
...
Merged via squash.
Prepared head SHA: 2780e62d07
2026-03-10 10:17:39 +05:30
96e4975922
fix: protect bootstrap files during memory flush ( #38574 )
...
Merged via squash.
Prepared head SHA: a0b9a02e2e
2026-03-10 12:44:33 +08:00
989ee21b24
ui: fix sessions table collapse on narrow widths ( #12175 )
...
Merged via squash.
Prepared head SHA: b1fcfba868
2026-03-09 23:14:07 -05:00
f0eb67923c
fix(secrets): resolve web tool SecretRefs atomically at runtime
2026-03-09 22:57:03 -05:00
391f9430ca
fix(feishu): pass mediaLocalRoots in sendText local-image auto-convert shim (openclaw#40623)
...
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: ayanesakura <40628300+ayanesakura@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-09 22:26:06 -05:00
de49a8b72c
Telegram: exec approvals for OpenCode/Codex ( #37233 )
...
Merged via squash.
Prepared head SHA: f243379094
2026-03-09 23:04:35 -04:00
25c2facc2b
fix(agents): fix Brave llm-context empty snippets ( #41387 )
...
Merged via squash.
Prepared head SHA: 1e6f1d9d51
2026-03-10 08:09:57 +05:30
c0cba7fb72
Fix one-shot exit hangs by tearing down cached memory managers ( #40389 )
...
Merged via squash.
Prepared head SHA: 0e600e89cf
2026-03-10 07:34:46 +08:00
4790e40ac6
fix(plugins): expose model auth API to context-engine plugins ( #41090 )
...
Merged via squash.
Prepared head SHA: ee96e96bb9
2026-03-09 16:07:26 -07:00
c9a6c542ef
Add HTTP 499 to transient error codes for model fallback ( #41468 )
...
Merged via squash.
Prepared head SHA: 0053bae140
2026-03-10 01:55:10 +03:00
de4c3db3e3
Logging: harden probe suppression for observations ( #41338 )
...
Merged via squash.
Prepared head SHA: d18356cb80
2026-03-10 01:40:15 +03:00
64746c150c
fix(discord): apply effective maxLinesPerMessage in live replies ( #40133 )
...
Merged via squash.
Prepared head SHA: 031d032534
2026-03-10 01:30:24 +03:00
56f787e3c0
build(protocol): regenerate Swift models after pending node work schemas ( #41477 )
...
Merged via squash.
Prepared head SHA: cae0aaf1c2
2026-03-09 23:22:09 +01:00
531e8362b1
Agents: add fallback error observations ( #41337 )
...
Merged via squash.
Prepared head SHA: 852469c82f
2026-03-10 01:12:10 +03:00
3c3474360b
acp: harden follow-up reliability and attachments ( #41464 )
...
Merged via squash.
Prepared head SHA: 7d167dff54
2026-03-09 23:03:50 +01:00
0669b0ddc2
fix(agents): probe single-provider billing cooldowns ( #41422 )
...
Merged via squash.
Prepared head SHA: bbc4254b94
2026-03-10 00:58:51 +03:00
0c7f07818f
acp: add regression coverage and smoke-test docs ( #41456 )
...
Merged via squash.
Prepared head SHA: 514d587352
2026-03-09 22:40:14 +01:00
4aebff78bc
acp: forward attachments into ACP runtime sessions ( #41427 )
...
Merged via squash.
Prepared head SHA: f2ac51df2c
2026-03-09 22:32:32 +01:00
8e3f3bc3cf
acp: enrich streaming updates for ide clients ( #41442 )
...
Merged via squash.
Prepared head SHA: 0764368e80
2026-03-09 22:26:46 +01:00
d346f2d9ce
acp: restore session context and controls ( #41425 )
...
Merged via squash.
Prepared head SHA: fcabdf7c31
2026-03-09 22:17:19 +01:00
e6e4169e82
acp: fail honestly in bridge mode ( #41424 )
...
Merged via squash.
Prepared head SHA: b5e6e13afe
2026-03-09 22:01:30 +01:00
1bc59cc09d
Gateway: tighten node pending drain semantics ( #41429 )
...
Merged via squash.
Prepared head SHA: 361c2eb5c8
2026-03-09 21:56:00 +01:00
ef95975411
Gateway: add pending node work primitives ( #41409 )
...
Merged via squash.
Prepared head SHA: a6d7ca90d7
2026-03-09 21:42:57 +01:00
5f90883ad3
fix(auth): reset cooldown error counters on expiry to prevent infinite escalation ( #41028 )
...
Merged via squash.
Prepared head SHA: 89bd83f09a
2026-03-09 23:40:11 +03:00
2b2e5e2038
fix(cron): do not misclassify empty/NO_REPLY as interim acknowledgement ( #41401 )
...
* fix(cron): do not misclassify empty/NO_REPLY as interim acknowledgement
When a cron task's agent returns NO_REPLY, the payload filter strips the
silent token, leaving an empty text string. isLikelyInterimCronMessage()
previously returned true for empty input, causing the cron runner to
inject a forced rerun prompt ('Your previous response was only an
acknowledgement...').
Change the empty-string branch to return false: empty text after payload
filtering means the agent deliberately chose silent completion, not that
it sent an interim 'on it' message.
Fixes #41246
* fix(cron): do not misclassify empty/NO_REPLY as interim acknowledgement
Fixes #41246 . (#41383 ) thanks @jackal092927.
---------
Co-authored-by: xaeon2026 <xaeon2026@gmail.com>
2026-03-09 21:16:28 +01:00
0bcddb3d4f
iOS: reconnect gateway on foreground return ( #41384 )
...
Merged via squash.
Prepared head SHA: 0e2e0dcc36
2026-03-09 21:12:23 +01:00
87d939be79
Agents: add embedded error observations ( #41336 )
...
Merged via squash.
Prepared head SHA: 4900042298
2026-03-09 22:27:05 +03:00
d4e59a3666
Cron: enforce cron-owned delivery contract ( #40998 )
...
Merged via squash.
Prepared head SHA: 5877389e33
2026-03-09 20:12:37 +01:00
14bbcad169
fix(acp): propagate setSessionMode gateway errors to client ( #41185 )
...
* fix(acp): propagate setSessionMode gateway errors to client
* fix: add changelog entry for ACP setSessionMode propagation (#41185 ) (thanks @pejmanjohn)
---------
Co-authored-by: Pejman Pour-Moezzi <481729+pejmanjohn@users.noreply.github.com>
Co-authored-by: Onur <onur@textcortex.com>
2026-03-09 17:50:38 +01:00
eab39c721b
fix(acp): map error states to end_turn instead of unconditional refusal ( #41187 )
...
* fix(acp): map error states to end_turn instead of unconditional refusal
* fix: map ACP error stop reason to end_turn (#41187 ) (thanks @pejmanjohn)
---------
Co-authored-by: Pejman Pour-Moezzi <481729+pejmanjohn@users.noreply.github.com>
Co-authored-by: Onur <onur@textcortex.com>
2026-03-09 17:37:33 +01:00
425bd89b48
Allow ACP sessions.patch lineage fields on ACP session keys ( #40995 )
...
Merged via squash.
Prepared head SHA: c1191edc08
2026-03-09 17:08:11 +01:00
54be30ef89
fix(agents): bound compaction retry wait and drain embedded runs on restart ( #40324 )
...
Merged via squash.
Prepared head SHA: cfd99562d6
2026-03-09 08:27:29 -07:00
fbf5d56366
test(context-engine): add bundle chunk isolation tests for registry ( #40460 )
...
Merged via squash.
Prepared head SHA: 44622abfbc
2026-03-09 08:15:35 -07:00
51bae75120
fix(kimi-coding): fix kimi tool format: use native Anthropic tool schema instead of OpenAI … (openclaw#40008)
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: opriz <51957849+opriz@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-09 08:28:47 -05:00
f2f561fab1
fix(ui): preserve control-ui auth across refresh ( #40892 )
...
Merged via squash.
Prepared head SHA: f9b2375892
2026-03-09 12:50:47 +01:00
ce9e91fdfc
fix(launchd): harden macOS launchagent install permissions
2026-03-09 08:14:46 +00:00
d0847ee322
chore: prepare 2026.3.8 npm release
2026-03-09 07:37:50 +00:00
5fca4c0de0
chore: prepare 2026.3.8-beta.1 release
2026-03-09 07:09:37 +00:00
2d55ad05f3
docs: move 2026.3.8 entries back to unreleased
2026-03-09 06:34:53 +00:00
f82931ba8b
docs: reorder 2026.3.8 changelog by impact
2026-03-09 06:24:29 +00:00
96d17f3cb1
fix: stagger missed cron jobs on restart ( #18925 ) (thanks @rexlunae)
2026-03-09 06:07:43 +00:00
2d5e70f3e7
fix: abort telegram getupdates on shutdown ( #23950 ) (thanks @Gkinthecodeland)
2026-03-09 06:03:46 +00:00
9abf014f35
fix(skills): pin validated download roots
2026-03-09 06:00:50 +00:00
cf3a479bd1
fix(node-host): bind bun and deno approval scripts
2026-03-09 05:59:32 +00:00
fd902b0651
fix: detect launchd supervision via xpc service name ( #20555 ) (thanks @dimat)
2026-03-09 05:57:35 +00:00
88aee9161e
fix(msteams): enforce sender allowlists with route allowlists
2026-03-09 05:52:19 +00:00
41e023a80b
fix(cron): restore owner-only tools for isolated runs
2026-03-09 05:49:20 +00:00
93775ef6a4
fix(browser): enforce redirect-hop SSRF checks
2026-03-09 05:41:36 +00:00
31402b8542
fix: add changelog for restart timeout recovery ( #40380 ) (thanks @dsantoreis)
2026-03-09 05:38:54 +00:00
41450187dd
fix: clear plugin discovery cache after plugin installation (openclaw#39752)
...
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: GazeKingNuWu <264914544+GazeKingNuWu@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-09 00:16:25 -05:00
a40c29b11a
Fix cron text announce delivery for Telegram targets ( #40575 )
...
Merged via squash.
Prepared head SHA: 54b1513c78
2026-03-09 10:26:17 +05:30
d4a960fcca
fix(matrix): restore robust DM routing without the memberCount heuristic ( #19736 )
...
* fix(matrix): remove memberCount heuristic from DM detection
The memberCount === 2 check in isDirectMessage() misclassifies 2-person
group rooms (admin channels, monitoring rooms) as DMs, routing them to
the main session instead of their room-specific session.
Matrix already distinguishes DMs from groups at the protocol level via
m.direct account data and is_direct member state flags. Both are already
checked by client.dms.isDm() and hasDirectFlag(). The memberCount
heuristic only adds false positives for 2-person groups.
Move resolveMemberCount() below the protocol-level checks so it is only
reached for rooms not matched by m.direct or is_direct. This narrows its
role to diagnostic logging for confirmed group rooms.
Refs: #19739
* fix(matrix): add conservative fallback for broken DM flags
Some homeservers (notably Continuwuity) have broken m.direct account
data or never set is_direct on invite events. With the memberCount
heuristic removed, these DMs are no longer detected.
Add a conservative fallback that requires two signals before classifying
as DM: memberCount === 2 AND no explicit m.room.name. Group rooms almost
always have explicit names; DMs almost never do.
Error handling distinguishes M_NOT_FOUND (missing state event, expected
for unnamed rooms) from network/auth errors. Non-404 errors fall through
to group classification rather than guessing.
This is independently revertable — removing this commit restores pure
protocol-based detection without any heuristic fallback.
* fix(matrix): add parentPeer for DM room binding support
Add parentPeer to DM routes so conversations are bindable by room ID
while preserving DM trust semantics (secure 1:1, no group restrictions).
Suggested by @KirillShchetinin.
* fix(matrix): override DM detection for explicitly configured rooms
Builds on @robertcorreiro's config-driven approach from #9106 .
Move resolveMatrixRoomConfig() before the DM check. If a room matches
a non-wildcard config entry (matchSource === "direct") and was
classified as DM, override the classification to group. This gives users
a deterministic escape hatch for misclassified rooms.
Wildcards are excluded from the override to avoid breaking DM routing
when a "*" catch-all exists. roomConfig is gated behind isRoom so DMs
never inherit group settings (skills, systemPrompt, autoReply).
This commit is independently droppable if the scope is too broad.
* test(matrix): add DM detection and config override tests
- 15 unit tests for direct.ts: all detection paths, priority order,
M_NOT_FOUND vs network error handling, edge cases (whitespace names,
API failures)
- 8 unit tests for rooms.ts: matchSource classification, wildcard
safety for DM override, direct match priority over wildcard
* Changelog: note matrix DM routing follow-up
* fix(matrix): preserve DM fallback and room bindings
---------
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-08 23:26:48 -05:00
26e76f9a61
fix: dedupe inbound Telegram DM replies per agent ( #40519 )
...
Merged via squash.
Prepared head SHA: 6e235e7d1f
2026-03-09 09:31:05 +05:30
ef36cb8cbc
chore(acpx): move runtime test fixtures to test-utils (openclaw#40548)
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini
2026-03-08 22:47:04 -05:00
a438ff4397
fix(plugin-sdk): remove remaining bundled plugin src imports (openclaw#39638)
...
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: Kyle <3477429+kyledh@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-08 22:32:45 -05:00
adec8b28bb
alphabetize web search providers ( #40259 )
...
Merged via squash.
Prepared head SHA: be6350e5ae
2026-03-09 08:54:54 +05:30
e3df94365b
ACP: add optional ingress provenance receipts ( #40473 )
...
Merged via squash.
Prepared head SHA: b63e46dd94
2026-03-09 04:19:03 +01:00
4d501e4ccf
fix(telegram): add download timeout to prevent polling loop hang ( #40098 )
...
Merged via squash.
Prepared head SHA: abdfa1a35f
2026-03-09 08:29:21 +05:30
f6243916b5
fix(models): use 1M context for openai-codex gpt-5.4 ( #37876 )
...
Merged via squash.
Prepared head SHA: c41020779e
2026-03-08 18:23:49 -07:00
b34158086a
docs(changelog): correct Control UI contributor credit ( #40420 )
...
Merged via squash.
Prepared head SHA: e4295fe18b
2026-03-09 02:18:30 +01:00
4f42c03a49
gateway: fix global Control UI 404s for symlinked wrappers and bundled package roots ( #40385 )
...
Merged via squash.
Prepared head SHA: 567b3ed684
2026-03-09 01:50:42 +01:00
4ff4ed7ec9
fix(config): refresh runtime snapshot from disk after write. Fixes #37175 ( #37313 )
...
Merged via squash.
Prepared head SHA: 69e1861abf
2026-03-08 19:49:15 -04:00
d47aa6bae8
docs(changelog): remove rebase marker
2026-03-08 23:39:03 +00:00
661af2acd3
fix(agents): bootstrap runtime plugins before context-engine resolution
2026-03-08 23:38:38 +00:00
024857050a
fix: normalize openai-codex gpt-5.4 transport overrides
2026-03-08 23:35:21 +00:00
a3dc4b5a57
fix(tui): improve color contrast for light-background terminals ( #40345 )
...
* fix(tui): improve colour contrast for light-background terminals (#38636 )
Detect light terminal backgrounds via COLORFGBG and apply a WCAG
AA-compliant light palette. Adds OPENCLAW_THEME=light|dark env var
override for terminals without auto-detection.
Uses proper sRGB linearisation and WCAG 2.1 contrast ratios to pick
whichever text palette (dark or light) has higher contrast against
the detected background colour.
Co-authored-by: ademczuk <ademczuk@users.noreply.github.com>
* Update CHANGELOG.md
---------
Co-authored-by: ademczuk <andrew.demczuk@gmail.com>
Co-authored-by: ademczuk <ademczuk@users.noreply.github.com>
2026-03-08 16:17:28 -07:00
211f68f8ad
docs(changelog): move post-2026.3.8 entries to unreleased ( #40342 )
...
* docs(changelog): move post-2026.3.8 entries to unreleased
* Update CHANGELOG.md
2026-03-08 16:11:53 -07:00
3f3f66a5f7
Docker: trim runtime image payload ( #40307 )
...
* Docker: shrink runtime image payload
* Docker: add runtime pnpm opt-in
* Docker: collapse helper entrypoint chmod layers
* Docker: restore bundled pnpm runtime
* Update CHANGELOG.md
2026-03-08 16:07:04 -07:00
bd1fe4d8b4
fix(run-openclaw-podman): add SELinux :Z mount option on enforcing/permissive hosts ( #39449 )
...
* fix(run-openclaw-podman): add SELinux :Z mount option on Linux with enforcing/permissive SELinux
* fix(quadlet): add SELinux :Z label to openclaw.container.in volume mount
* fix(podman): add SELinux :Z mount option for Fedora/RHEL hosts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: sallyom <somalley@redhat.com>
---------
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 18:53:09 -04:00
3ea3a1c0ca
Update CHANGELOG.md
2026-03-08 15:35:13 -07:00
da6592b681
Update CHANGELOG.md
2026-03-08 15:34:56 -07:00
38543d8196
fix(cron): consolidate announce delivery, fire-and-forget trigger, and minimal prompt mode ( #40204 )
...
* fix(cron): consolidate announce delivery and detach manual runs
* fix: queue detached cron runs (#40204 )
2026-03-08 14:46:33 -07:00
7dfd77abeb
fix(setup-podman): cd to TMPDIR before podman load to avoid cwd permission error ( #39435 )
...
* fix(setup-podman): cd to TMPDIR before podman load to avoid inherited cwd permission error
* fix(podman): safe cwd in run_as_user to prevent chdir errors
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: sallyom <somalley@redhat.com>
---------
Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-08 17:32:08 -04:00
0ecfd37b44
feat: add local backup CLI ( #40163 )
...
Merged via squash.
Prepared head SHA: ed46625ae2
2026-03-08 16:21:20 -04:00
a6131438ea
fix(macos): improve tailscale gateway discovery ( #40167 )
...
Sanitized test tailnet hostnames and re-ran the targeted macOS gateway discovery test suite before merge.
2026-03-08 21:49:42 +02:00
92726d9863
docs(changelog): credit macos remote token author
2026-03-08 21:28:17 +02:00
3d3e8fe78c
fix(macos): preserve unsupported remote gateway tokens
2026-03-08 21:28:17 +02:00
9d467d1620
docs: add WSL2 + Windows remote Chrome CDP troubleshooting ( #39407 ) (thanks @Owlock)
2026-03-08 19:21:42 +00:00
d3111fbbcb
fix: make browser relay bind address configurable ( #39364 ) (thanks @mvanhorn)
2026-03-08 19:15:21 +00:00
0692f71c6f
fix: wait for extension relay tab reconnects ( #32461 ) (thanks @AaronWander)
2026-03-08 19:11:58 +00:00
dcdce83da7
fix: normalize wildcard remote CDP websocket URLs ( #17760 ) (thanks @joeharouni)
2026-03-08 19:07:23 +00:00
4bfa800cc7
fix: share context engine registry across bundled chunks ( #40115 )
...
Merged via squash.
Prepared head SHA: 6af4820b7d
2026-03-08 11:56:01 -07:00
9914b48c57
fix: preserve loopback ws cdp tab ops ( #31085 ) (thanks @shrey150)
2026-03-08 18:48:51 +00:00
404b1527e6
fix(acp): persist spawned child session history ( #40137 )
...
Merged via squash.
Prepared head SHA: 62de5d5669
2026-03-08 19:37:00 +01:00
2970d72554
docs: update Brave Search API docs for Feb 2026 plan restructuring ( #40111 )
...
Merged via squash.
Prepared head SHA: c651f07855
2026-03-08 14:06:21 -04:00
74624e619d
fix: prefer bundled channel plugins over npm duplicates ( #40094 )
...
* fix: prefer bundled channel plugins over npm duplicates
* fix: tighten bundled plugin review follow-ups
* fix: address check gate follow-ups
* docs: add changelog for bundled plugin install fix
* fix: align lifecycle test formatting with CI oxfmt
2026-03-08 13:00:24 -05:00
6c9b49a10b
fix(sessions): clear stale contextTokens on model switch ( #38044 )
...
Merged via squash.
Prepared head SHA: bac2df4b7f
2026-03-08 10:59:16 -07:00
caf1b84822
feat: allow compaction model override via config ( #38753 )
...
Merged via squash.
Prepared head SHA: a3d6d6c845
2026-03-08 10:47:34 -07:00
d4ab731746
fix(telegram): use message previews in DMs
2026-03-08 21:59:43 +05:30
ca5e352c53
CLI: include commit hash in --version output ( #39712 )
...
* CLI: include commit hash in --version output
* fix(version): harden commit SHA resolution and keep output consistent
* CLI: keep install checks compatible with commit-tagged version output
* fix(cli): include commit hash in root version fast path
* test(cli): allow null commit-hash mocks
* Installer: share version parser across install scripts
* Installer: avoid sourcing helpers from stdin cwd
* CLI: note commit-tagged version output
* CLI: anchor commit hash resolution to module root
* CLI: harden commit hash resolution
* CLI: fix commit hash lookup edge cases
* CLI: prefer live git metadata in dev builds
* CLI: keep git lookup inside package root
* Infra: tolerate invalid moduleUrl hints
* CLI: cache baked commit metadata fallbacks
* CLI: align changelog attribution with prep gate
* CLI: restore changelog contributor credit
---------
Co-authored-by: echoVic <echovic@163.com>
Co-authored-by: echoVic <echoVic@users.noreply.github.com>
2026-03-08 19:10:48 +03:00
c942655451
fix(hooks): use resolveAgentIdFromSessionKey in runBeforeReset ( #39875 )
...
Merged via squash.
Prepared head SHA: 00a2b241df
2026-03-08 19:07:28 +03:00
28e46d04e5
fix(web-search): restore OpenRouter compatibility for Perplexity ( #39937 ) ( #39937 )
2026-03-08 20:37:54 +05:30
6ff7e8f42e
talk: add configurable silence timeout
2026-03-08 14:30:25 +00:00
e2c07f8a47
fix: land mac universal release defaults ( #33891 ) (thanks @cgdusek)
2026-03-08 14:14:36 +00:00
d5b305b250
fix: follow up #39321 and #38445 landings
2026-03-08 13:58:13 +00:00
acac7e3132
fix: land Brave llm-context gaps ( #33383 ) (thanks @thirumaleshp)
2026-03-08 13:57:12 +00:00
eebee84093
fix(models): discover Vercel AI Gateway catalog
2026-03-08 13:44:10 +00:00
f930fcbd3f
Add regression test and CHANGELOG entry
...
- Add test ensuring launchd path never returns "failed" status
- Add CHANGELOG.md entry documenting the fix with issue/PR references
- Reference ThrottleInterval evolution (#27650 → #29078 → current 1s)
2026-03-08 13:42:50 +00:00
eb0758e172
docs(changelog): note Android Play policy cutovers
2026-03-08 16:25:49 +05:30
492fe679a7
feat(tui): infer workspace agent when launching TUI ( #39591 )
...
Merged via squash.
Prepared head SHA: 23533e24c4
2026-03-08 13:31:11 +03:00
f4c4856254
docs(changelog): add #39377 failover note ( #39704 )
2026-03-08 13:09:26 +03:00
e5fdfec9dc
fix(config): accept "openclaw" as browser profile driver in Zod schema ( #39374 )
...
Merged via squash.
Prepared head SHA: 0eba5ab939
2026-03-08 12:04:49 +03:00
9425209602
fix(mattermost): pass payload.replyToId as root_id for threaded replies ( #27744 )
...
Merged via squash.
Prepared head SHA: e029079872
2026-03-08 14:13:13 +05:30
92648f9ba9
fix(agents): broaden 402 temporary-limit detection and allow billing cooldown probe ( #38533 )
...
Merged via squash.
Prepared head SHA: 282b9186c6
2026-03-08 10:27:01 +03:00
d15b6af77b
fix: land contributor PR #39516 from @Imhermes1
...
macOS app/chat/browser/cron/permissions fixes.
Co-authored-by: ImHermes1 <lukeforn@gmail.com>
2026-03-08 06:11:20 +00:00
05217845a7
build: bump version to 2026.3.8
2026-03-08 05:59:04 +00:00
42a1394c5c
build: prepare 2026.3.7 release
2026-03-08 05:42:26 +00:00
59102a1ff7
fix: add gemini 3.1 flash-lite support
2026-03-08 05:12:48 +00:00
fcdc1a13e1
fix: land #33992 from @darkamenosa
...
Co-authored-by: Tom <hxtxmu@gmail.com>
2026-03-08 04:49:04 +00:00
3596a46868
build: prepare 2026.3.7-beta.1 release
2026-03-08 04:44:08 +00:00
a035a3ce48
fix: drop removed minimax lightning model
2026-03-08 04:06:26 +00:00
5214859c52
chore: add changelog and format fix for #39414
2026-03-08 09:17:02 +05:30
c743fd9c4c
docs: clean up latest changelog sections
2026-03-08 03:34:53 +00:00
75a44dee8f
docs: dedupe changelog contributor attribution
2026-03-08 03:34:53 +00:00
5659d7f985
fix: land #39337 by @goodspeed-apps for acpx MCP bootstrap
...
Co-authored-by: Goodspeed App Studio <goodspeed-apps@users.noreply.github.com>
2026-03-08 03:16:26 +00:00
9c8e34da9d
fix: document discord agentComponents schema parity ( #39378 ) (thanks @gambletan) ( #39378 )
...
Co-authored-by: Shadow <hi@shadowing.dev>
2026-03-07 21:11:12 -06:00
722c5e5d33
docs: add changelog for Telegram DM draft restore ( #39398 )
2026-03-08 08:23:25 +05:30
7f44bc5e94
fix: reject launchd pid sentinel values
...
Landed from contributor PR #39281 by @mvanhorn.
Co-authored-by: Matt Van Horn <mvanhorn@gmail.com>
2026-03-08 02:44:02 +00:00
442f2c36b3
fix: honor explicit OpenAI TTS speed values
...
Landed from contributor PR #39318 by @ql-wade.
Co-authored-by: ql-wade <wade@openclaw.ai>
2026-03-08 02:38:44 +00:00
28b72e5cb0
fix: honor zero-valued voice-call STT settings
...
Landed from contributor PR #39196 by @scoootscooob.
Co-authored-by: scoootscooob <zhentongfan@gmail.com>
2026-03-08 02:36:41 +00:00
af9d76b79a
fix: honor explicit Synology Chat rate-limit env values
...
Landed from contributor PR #39197 by @scoootscooob.
Co-authored-by: scoootscooob <zhentongfan@gmail.com>
2026-03-08 02:34:19 +00:00
100da9f45c
fix: correct gemini flash model id
2026-03-08 02:32:58 +00:00
46008178d1
fix: isolate TUI /new sessions per client
...
Landed from contributor PR #39238 by @widingmarcus-cyber.
Co-authored-by: Marcus Widing <widing.marcus@gmail.com>
2026-03-08 02:31:15 +00:00
9d7d961db8
fix: restore Telegram webhook-mode health after restarts
...
Landed from contributor PR #39313 by @fellanH.
Co-authored-by: Felix Hellström <30758862+fellanH@users.noreply.github.com>
2026-03-08 02:27:18 +00:00
c0a7c302f3
fix: preserve agents-page selection after config save
...
Landed from contributor PR #39301 by @MumuTW.
Co-authored-by: MumuTW <clothl47364@gmail.com>
2026-03-08 02:20:48 +00:00
bf9c362129
Gateway: stop and restart unmanaged listeners ( #39355 )
...
* Daemon: allow unmanaged gateway lifecycle fallback
* Status: fix service summary formatting
* Changelog: note unmanaged gateway lifecycle fallback
* Tests: cover unmanaged gateway lifecycle fallback
* Daemon: split unmanaged restart health checks
* Daemon: harden unmanaged gateway signaling
* Daemon: reject unmanaged restarts when disabled
2026-03-07 18:20:29 -08:00
4062aa5e5d
Gateway: add safer password-file input for gateway run ( #39067 )
...
* CLI: add gateway password-file option
* Docs: document safer gateway password input
* Update src/cli/gateway-cli/run.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Tests: clean up gateway password temp dirs
* CLI: restore gateway password warning flow
* Security: harden secret file reads
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-07 18:20:17 -08:00
49261b0d82
fix: auto-create inherited agent override entries
...
Landed from contributor PR #39326 by @dunamismax.
Co-authored-by: dunamismax <dunamismax@tutamail.com>
2026-03-08 02:12:33 +00:00
1e05f14f3a
fix: land health-monitor disconnected reason label ( #36436 ) (thanks @Sid-Qin)
2026-03-08 02:02:19 +00:00
5b257c65d5
fix: default codex-cli sandbox to workspace-write
...
Landed from contributor PR #39336 by @0xtangping.
Co-authored-by: john <john.j@min123.net>
2026-03-08 01:58:34 +00:00
daecd2d8c3
Pi Runner: gate parallel_tool_calls to compatible APIs ( #39356 )
...
* Pi Runner: gate parallel_tool_calls payload injection
* Pi Runner: cover parallel_tool_calls alias precedence
* Changelog: note parallel_tool_calls compatibility fix
* Update CHANGELOG.md
* Pi Runner: clarify null parallel_tool_calls override logging
2026-03-07 17:57:53 -08:00
2c7fb54956
Config: fail closed invalid config loads ( #39071 )
...
* Config: fail closed invalid config loads
* CLI: keep diagnostics on explicit best-effort config
* Tests: cover invalid config best-effort diagnostics
* Changelog: note invalid config fail-closed fix
* Status: pass best-effort config through status-all gateway RPCs
* CLI: pass config through gateway secret RPC
* CLI: skip plugin loading from invalid config
* Tests: align daemon token drift env precedence
2026-03-07 17:48:13 -08:00
7e946b3c6c
fix(ollama): register custom api for compaction and summarization ( #39332 )
...
* fix(agents): add custom api registry helper
* fix(ollama): register native api for embedded runs
* fix(ollama): register custom api before compaction
* fix(tts): register custom api before summarization
* changelog: note ollama compaction registration fix
* fix(ollama): honor resolved base urls in custom api paths
2026-03-07 17:40:34 -08:00
01833c5111
fix(acp): avoid inline delivery for oneshot run spawns ( #39014 )
...
* fix(acp): scope inline delivery to session spawns
* test(acp): cover run and session delivery behavior
* Changelog: add ACP run delivery bootstrap fix
---------
Co-authored-by: 徐善 <samxu633@gmail.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-07 17:37:22 -08:00
5b30c9d3d7
Changelog: move #39328 credit to section end
2026-03-07 17:36:11 -08:00
2ec478cf68
Changelog: credit #39328 to @vincentkoc
2026-03-07 17:35:29 -08:00
556a74d259
Daemon: handle degraded systemd status checks ( #39325 )
...
* Daemon: handle degraded systemd status checks
* Changelog: note systemd status handling
* Update src/commands/status.service-summary.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-07 17:30:48 -08:00
c22a4450ee
fix(telegram): honor commands.allowFrom in native command auth ( #39310 )
...
* telegram: honor commands.allowFrom in native auth
* test(telegram): cover native commands.allowFrom precedence
* changelog: note telegram native commands allowFrom fix
* Update CHANGELOG.md
* telegram: preserve group policy in native command auth
* test(telegram): keep commands.allowFrom under group gating
2026-03-07 17:28:47 -08:00
ad052d661b
docs: note gateway auth follow-up hardening
2026-03-08 01:13:28 +00:00
99cfd271d0
fix(sandbox): pin fs bridge readfile handles
2026-03-08 01:09:05 +00:00
bc91ae9ca0
fix(discord): preserve native command session keys
2026-03-08 01:06:09 +00:00
cf1c2cc208
fix(discord): normalize DM session keys
2026-03-08 01:06:09 +00:00
6337666ac0
fix(telegram): restore named-account DM fallback routing (from #32426 )
...
Rebased and landed contributor work from @chengzhichao-xydt for the
Telegram multi-account DM regression in #32351 .
Co-authored-by: Zhichao Cheng <cheng.zhichao@xydigit.com>
2026-03-08 01:05:08 +00:00
eb09d8dd71
fix(telegram): land #34238 from @hal-crackbot
...
Landed from contributor PR #34238 by @hal-crackbot.
Co-authored-by: Hal Crackbot <hal@crackbot.dev>
2026-03-08 00:56:58 +00:00
09cfcf9dd5
fix(sandbox): anchor fs-bridge mkdirp
2026-03-08 00:55:34 +00:00
a505be78ab
fix(telegram): land #38906 from @gambletan
...
Landed from contributor PR #38906 by @gambletan.
Co-authored-by: gambletan <ethanchang32@gmail.com>
2026-03-08 00:54:49 +00:00
4869e24915
fix(telegram): land #34983 from @HOYALIM
...
Landed from contributor PR #34983 by @HOYALIM.
Co-authored-by: Ho Lim <subhoya@gmail.com>
2026-03-08 00:53:19 +00:00
d6d04f361e
fix(ollama): preserve local limits and native thinking fallback ( #39292 )
...
* fix(ollama): support thinking field fallback in native stream
* fix(models): honor explicit lower token limits in merge mode
* fix(ollama): prefer streamed content over fallback thinking
* changelog: note Ollama local model fixes
2026-03-07 16:53:02 -08:00
5edcab2eee
fix(queue): land #33168 from @rylena
...
Landed from contributor PR #33168 by @rylena.
Co-authored-by: Rylen Anil <rylen.anil@gmail.com>
2026-03-08 00:51:11 +00:00
02eef1d45a
fix(telegram): use group allowlist for native command auth in groups ( #39267 )
...
* fix(telegram): use group allowlist for native command auth in groups
Native slash commands (/status, /model, etc.) in Telegram supergroups
and forum topics reject authorized senders with "not authorized" even
when the sender is in groupAllowFrom.
The bug is in resolveTelegramCommandAuth — the final commandAuthorized
check only passes DM allowFrom as an authorizer, so senders who are
authorized via groupAllowFrom get rejected. Regular messages don't have
this problem because they go through evaluateTelegramGroupPolicyAccess
which correctly uses effectiveGroupAllow.
Add effectiveGroupAllow as a second authorizer when the message comes
from a group. resolveCommandAuthorizedFromAuthorizers uses .some(), so
either DM or group allowlist matching is sufficient.
Fixes #28216
Fixes #29135
Fixes #30234
* fix(test): resolve TS2769 type errors in group-auth test
Remove explicit tuple type annotations on mock.calls.filter() callbacks
that conflicted with vitest's mock call types.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* test(telegram): cover topic auth rejection routing
* changelog: note telegram native group command auth fix
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-03-07 16:47:57 -08:00
a56841b98c
Daemon: harden WSL2 systemctl install checks ( #39294 )
...
* Daemon: harden WSL2 systemctl install checks
* Changelog: note WSL2 daemon install hardening
* Daemon: tighten systemctl failure classification
2026-03-07 16:43:19 -08:00
f195af0b22
fix(sandbox): anchor fs-bridge destructive ops
2026-03-08 00:41:12 +00:00
9d2b292998
fix(exec-approvals): honor allow-always for bash script invocations
...
Landed from contributor PR #35137 by @yuweuii.
Co-authored-by: yuweuii <82372187+yuweuii@users.noreply.github.com>
2026-03-08 00:39:54 +00:00
ca37a4e82e
changelog: note telegram groupAllowFrom sender validation fix
2026-03-07 16:36:16 -08:00
c6575891c7
fix(exec): inherit ask from exec-approvals.json when tools.exec.ask unset
...
Landed from contributor PR #29187 by @Bartok9.
Co-authored-by: Bartok9 <259807879+Bartok9@users.noreply.github.com>
2026-03-08 00:35:50 +00:00
173132165d
fix(exec): honor exec-approvals ask=off for gateway/node runs
...
Landed from contributor PR #26789 by @pandego.
Co-authored-by: Miguel Miranda Dias <7780875+pandego@users.noreply.github.com>
2026-03-08 00:29:34 +00:00
25252ab5ab
gateway: harden shared auth resolution across systemd, discord, and node host
2026-03-07 18:28:32 -06:00
61000b8e4d
fix(acp): block sandboxed slash spawns
2026-03-08 00:23:07 +00:00
ab54532c8f
fix(agents): land #39247 from @jasonQin6 (subagent workspace inheritance)
...
Propagate parent workspace directories into spawned subagent runs, keep workspace override internal-only, and add regression tests for forwarding boundaries.
Co-authored-by: jasonQin6 <991262382@qq.com>
2026-03-07 23:56:37 +00:00
eeba93d63d
fix(discord): pass gateway auth to exec approvals
...
Pass resolved gateway token/password into the Discord exec approvals GatewayClient startup path so token-auth installs stop failing approvals with gateway token mismatch.
Fixes #38179
Adjacent investigation: #35147 by @0riginal-claw
Co-authored-by: 0riginal-claw <0rginal_claw@0rginal-claws-Mac-mini.local>
2026-03-07 23:47:48 +00:00
f304ca09b1
fix(agents): sanitize strict openai-compatible turn ordering from #39252 (thanks @scoootscooob)
...
Co-authored-by: scoootscooob <zhentongfan@gmail.com>
2026-03-07 23:42:19 +00:00
ada4ee08d9
fix(docker): land #33097 from @chengzhichao-xydt
...
Landed from contributor PR #33097 by @chengzhichao-xydt.
Co-authored-by: Zhichao Cheng <cheng.zhichao@xydigit.com>
2026-03-07 23:41:57 +00:00
2fc95a7cfc
fix(exec): close dispatch-wrapper boundary drift
2026-03-07 23:40:38 +00:00
adf4eb487b
fix(signal): forward all inbound attachments from #39212 (thanks @joeykrug)
...
Co-authored-by: Joey Krug <joeykrug@gmail.com>
2026-03-07 23:35:55 +00:00
939b18475d
fix(exec): honor shell comments in allow-always analysis
2026-03-07 23:31:25 +00:00
Toven
Peter Steinberger
David Rudduck
Frank Yang
Robin Waslander
Vincent Koc
zhoulf1006
Gustavo Madeira Santana
Harold Hunt
Squabble9
ingyukoh
VibhorGautam
Bill Chirico
ademczuk
Ayaan Zaidi
Andyliu
Nimrod Gutman
Luke
Ayaan Zaidi
Wayne
Josh Avant
David Guttman
Matt Van Horn
Pejman Pour-Moezzi
PonyX-lab
Mariano Belinky
Altay
Yufeng He
JiangNan
jiarung
CryUshio
George Zhang
smysle
Charles Dusek
Echo
Bob
Teconomix
Brad Groux
Daniel Hnyk
Daniel Reis
Austin
Val Alexander
Eugene
Urian Paul Danut
Laurie Luo
futuremind2026
Benji Peng
Ayane
Zhe Liu
Julia Barth
Xinhua Gu
alan blount
Hermione
Mariano
zerone0x
xaeon2026
opriz
Radek Sienkiewicz
GazeKingNuWu
Bronko
Tak Hoffman
Kyle
Kesku
Tyson Cung
yuweuii
bbblending
0xsline
langdon
Tyler Yust
langdon
shichangs
Josh Lehman
Rémi
GitBuck
dano does design
daymade
arceus77-7
gambletan
Peter Lee
lidamao633
Edward