npm openclaw 2026.4.24
openclaw 2026.4.24
on Node.js NPM

6 hours ago

2026.4.24

Highlights

  • Google Meet joins OpenClaw as a bundled participant plugin, with personal Google auth, Chrome/Twilio realtime sessions, paired-node Chrome support, artifact/attendance exports, and recovery tooling for already-open Meet tabs.
  • DeepSeek V4 Flash and V4 Pro are in the bundled catalog, V4 Flash is the onboarding default, and DeepSeek thinking/replay behavior is fixed for follow-up tool-call turns.
  • Talk, Voice Call, and Google Meet can use realtime voice loops that consult the full OpenClaw agent for deeper tool-backed answers.
  • Browser automation gets coordinate clicks, longer default action budgets, per-profile headless overrides, and steadier tab reuse/recovery.
  • Plugin and model infrastructure is lighter at startup: static model catalogs, manifest-backed model rows, lazy provider dependencies, and external runtime-dependency repair for packaged installs.

Breaking

  • Plugin SDK/tool-result transforms: remove the Pi-only api.registerEmbeddedExtensionFactory(...) compatibility path. Bundled tool-result rewrites must use api.registerAgentToolResultMiddleware(...) with contracts.agentToolResultMiddleware declaring the targeted harnesses, so transforms run consistently across Pi and Codex app-server dynamic tools. Thanks @vincentkoc.

Changes

  • CLI/Crestodian: add a configless setup and repair helper for bare openclaw, typed config operations, local Claude/Codex planner fallback, agent handoff, audit logging, docs/source discovery, and guarded message-channel rescue.
  • Gateway/nodes: add disabled-by-default gateway.nodes.pairing.autoApproveCidrs for first-time node pairing from explicit trusted CIDRs, while keeping operator/browser pairing and all upgrade flows manual. Fixes #60800. Thanks @sahilsatralkar.
  • Browser: add viewport coordinate clicks for managed and existing-session automation, plus openclaw browser click-coords for CLI use. (#54452) Thanks @dluttz.
  • Browser: add browser.actionTimeoutMs and use a 60s default action budget so healthy long browser waits do not fail at the client transport boundary. (#62589) Thanks @andyylin.
  • Browser: include policy-safe current page URLs in agent-facing browser action and debug responses, omitting blocked URLs instead of leaking private targets. Thanks @zeroaltitude.
  • Browser/config: support per-profile browser.profiles.<name>.headless overrides for locally launched browser profiles, so one profile can run headless without forcing all browser profiles headless. Thanks @nakamotoliu.
  • Plugins/PDF: move local PDF extraction into a bundled document-extract plugin so core no longer owns pdfjs-dist or PDF image-rendering dependencies. Thanks @vincentkoc.
  • Dependencies/memory: stop installing node-llama-cpp by default; local embeddings now load it only when operators install the optional runtime package. Thanks @vincentkoc.
  • Dependencies/media: replace the tiny core media host's Express server with node:http, so Express is no longer a root runtime dependency. Thanks @vincentkoc.
  • Dependencies/media: move Sharp-backed image attachment processing into the bundled media understanding runtime so core no longer owns the native image parser dependency. Thanks @vincentkoc.
  • Matrix: require full cross-signing identity trust for self-device verification and add openclaw matrix verify self so operators can establish that trust from the CLI. (#70401) Thanks @gumadeiras.
  • WebChat/sessions: keep runtime-only prompt context out of visible transcript history and scrub legacy wrappers from session history surfaces. Thanks @91wan.
  • Gradium: add a bundled text-to-speech provider with voice-note and telephony output support. (#64958) Thanks @LaurentMazare.
  • Plugins/setup: honor explicit setup.requiresRuntime: false as a descriptor-only setup contract while keeping omitted values on the legacy setup-api fallback path. Thanks @vincentkoc.
  • Plugins/setup: report descriptor/runtime drift when setup-api registrations disagree with setup.providers or setup.cliBackends, without rejecting legacy setup plugins. Thanks @vincentkoc.
  • Plugin hooks: expose first-class run, message, sender, session, and trace correlation fields on message hook contexts and run lifecycle events. Thanks @vincentkoc.
  • Plugins/setup: include setup.providers[].envVars in generic provider auth/env lookups and warn non-bundled plugins that still rely on deprecated providerAuthEnvVars compatibility metadata. Thanks @vincentkoc.
  • Plugins/setup: derive generic provider setup choices from descriptor-safe setup.providers[].authMethods before falling back to setup runtime. Thanks @vincentkoc.
  • Plugins/setup: surface manifest provider auth choices directly in provider setup flow before falling back to setup runtime or install-catalog choices. Thanks @vincentkoc.
  • Models/catalog: add a manifest catalog planner that produces stable manifest-sourced model rows and reports duplicate provider/model conflicts without loading provider runtime. (#71368) Thanks @shakkernerd.
  • Models/catalog: centralize manifest model catalog normalization behind a shared src/model-catalog contract so future provider index, cache, onboarding, and listing consumers reuse the same validation and row refs. (#71360) Thanks @shakkernerd.
  • Plugins/manifest: add a modelCatalog contract for provider-owned model rows, aliases, suppression rules, and discovery mode metadata without loading plugin runtime. (#71342) Thanks @shakkernerd.
  • Plugins/setup: warn when descriptor-only setup plugins still ship ignored setup runtime entries, keeping setup.requiresRuntime: false semantics explicit without breaking existing metadata. Thanks @vincentkoc.
  • Plugins/channels: use manifest channelConfigs for read-only external channel discovery when no setup entry is available or setup descriptors declare runtime unnecessary. Thanks @vincentkoc.
  • TUI/dependencies: remove direct cli-highlight usage from the OpenClaw TUI code-block renderer, keeping themed code coloring without the extra root dependency. Thanks @vincentkoc.
  • Diagnostics/OTEL: export run, model-call, and tool-execution diagnostic lifecycle events as OTEL spans without retaining live span state. Thanks @vincentkoc.
  • Diagnostics/OTEL: accept opt-in diagnostics.otel.captureContent controls for future model/tool content span attributes while keeping raw content export disabled by default. Thanks @vincentkoc.
  • Providers/Anthropic Vertex: move the Vertex SDK runtime behind the bundled provider plugin so core no longer owns that provider-specific dependency. Thanks @vincentkoc.
  • Plugins/activation: expose activation plan reasons and a richer plan API so callers can inspect why a plugin was selected while preserving existing id-list activation behavior. (#70943) Thanks @vincentkoc.
  • Plugins/source metadata: expose normalized install-source facts on provider and channel catalogs so onboarding can explain npm pinning, integrity state, and local availability before runtime loads. (#70951) Thanks @vincentkoc.
  • Plugins/catalog: pin the official external WeCom channel source to an exact npm release plus dist integrity, with a guard that official external sources stay integrity-pinned. (#70997) Thanks @vincentkoc.
  • Plugins/source metadata: warn when openclaw.install.defaultChoice is invalid or points at a missing source, keeping catalog diagnostics explicit without breaking existing plugins. Thanks @vincentkoc.
  • Plugins/source metadata: warn when openclaw.install.expectedIntegrity is present without a valid npm source, keeping orphaned integrity metadata visible without rejecting existing plugins. Thanks @vincentkoc.
  • Plugins/source metadata: warn when provider or channel catalog package identity drifts from openclaw.install.npmSpec, keeping diagnostics visible without rejecting compatible external catalogs. Thanks @vincentkoc.
  • Diagnostics/OTEL: add a lightweight diagnostic trace-context carrier for future span correlation without adding OTEL SDK state to core. Thanks @vincentkoc.
  • Dependencies/SBOM: add an ownership-backed dependency risk report for root closure size, native/build-risk packages, and missing owner records. Thanks @vincentkoc.
  • Diagnostics/OTEL: attach diagnostic trace context to exported OTEL logs so log records can correlate with future spans without adding retained process state. Thanks @vincentkoc.
  • Diagnostics/OTEL: pass immutable per-run diagnostic trace context through agent and tool hook contexts, and parent exported diagnostic spans from validated context without retaining global trace state. Thanks @vincentkoc.
  • Diagnostics/OTEL: make exporter startup restart-safe so config reloads do not retain stale SDKs, log transports, or diagnostic event listeners. Thanks @vincentkoc.
  • Diagnostics: emit structured tool execution diagnostic events with trace context, timing, and redacted error metadata. Thanks @vincentkoc.
  • Diagnostics: emit structured run and model-call diagnostic events with trace context, duration, and non-message error metadata. Thanks @vincentkoc.
  • Control UI/chat: add a Steer action on queued messages so a browser follow-up can be injected into the active run without retyping it.
  • Control UI/avatars: render authenticated assistant avatar routes through local blob URLs and allow those managed blobs in the dashboard CSP, restoring configured chat avatars. Fixes #71422. Thanks @blaspat.
  • Control UI/Talk: add browser WebRTC realtime voice sessions backed by OpenAI Realtime, with Gateway-minted ephemeral client secrets and openclaw_agent_consult handoff to the full OpenClaw agent.
  • Plugin SDK/Codex harness: add provider-owned transport/auth/follow-up seams and harness result classification so Codex-style runtimes can participate in fallback policy without core special-casing. (#70772) Thanks @100yenadmin.
  • Codex harness: bridge Codex-native tool hooks into OpenClaw plugin hooks and approvals, with bounded relay payloads and approval spam protection. (#71008) Thanks @pashpashpash.
  • Dependencies/Pi: update bundled Pi packages to 0.70.2, use Pi's upstream gpt-5.5 and DeepSeek V4 catalog metadata, and keep only local gpt-5.5-pro forward-compat handling. Thanks @lsdsjy.
  • Models/CLI: speed up openclaw models list --all --provider <id> for bundled providers with safe static catalogs while keeping live and third-party providers on registry discovery. (#70632) Thanks @shakkernerd.
  • Models/CLI: avoid broad registry enumeration for default openclaw models list, reducing default listing latency while preserving configured-row output. (#70883) Thanks @shakkernerd.
  • Models/CLI: split openclaw models list row-source orchestration and registry loading into narrower helpers without changing list output behavior. (#70867) Thanks @shakkernerd.
  • Models/commands: deprecate /models add so chat attempts now return a deprecation message instead of writing model configuration, and remove the add action from /models provider menus. (#71175) Thanks @Takhoffman.
  • Codex harness/context-engine: run context-engine bootstrap, assembly, post-turn maintenance, and engine-owned compaction in Codex app-server sessions while keeping native Codex thread state and compaction auditable. (#70809) Thanks @jalehman.
  • Codex runtime plan: consolidate contract-first Pi/Codex parity coverage and accept legacy Codex auth-provider aliases in app-server profile login and refresh paths. (#71096) Thanks @100yenadmin.
  • Plugins/Google Meet: add a bundled participant plugin with personal Google auth, explicit meeting URL joins, Chrome and Twilio transports, and realtime voice support. (#70765).
  • Plugins/Google Meet: default Chrome realtime sessions to OpenAI plus SoX rec/play audio bridge commands, so the usual setup only needs the plugin enabled and OPENAI_API_KEY.
  • Plugins/Google Meet: add a chrome-node transport so a paired macOS node, such as a Parallels VM, can own Chrome, BlackHole, and SoX while the Gateway machine keeps the agent and model key.
  • Plugins/Google Meet: add googlemeet artifacts and googlemeet attendance commands plus matching tool/gateway actions for conference records, recordings, transcripts and transcript entries, smart notes, and participant sessions.
  • Plugins/Google Meet: add markdown and file output for googlemeet artifacts and googlemeet attendance reports.
  • Plugins/Google Meet: add googlemeet latest plus matching tool/gateway actions to find the newest conference record for a meeting.
  • Plugins/Google Meet: make meeting-based artifact and attendance lookups use the latest conference record by default, with --all-conference-records for full history.
  • Plugins/Google Meet: add Calendar-aware Meet lookup, CSV attendance with timing flags, and googlemeet export bundles for artifacts, attendance, transcripts, and raw JSON.
  • Plugins/Google Meet: add googlemeet calendar-events, Drive-backed document body export, ZIP bundles, transcript speaker names, reauth hints, and a guarded live smoke.
  • Plugins/Google Meet: add manifest.json export metadata, warning summaries for partial artifact/body failures, and matching google_meet tool/gateway export support.
  • Plugins/Google Meet: add dry-run export manifests so CLI, tool, and gateway callers can validate selected records, counts, and warnings without writing bundle files.
  • Plugins/Google Meet: add googlemeet doctor --oauth so operators can verify OAuth token refresh, Meet space reads, and side-effecting space creation without printing secrets.
  • Plugins/Voice Call: expose the shared openclaw_agent_consult realtime tool so live phone calls can ask the full OpenClaw agent for deeper/tool-backed answers.
  • Plugins/Voice Call: add voicecall setup and a dry-run-by-default voicecall smoke command so Twilio/provider readiness can be checked before placing a live test call.
  • Plugins/Google Meet: add googlemeet doctor and a recover_current_tab/recover-tab flow so agents can inspect an already-open Meet tab and report the blocker without opening another window.
  • Plugins/Bonjour: move LAN Gateway discovery advertising into a default-enabled bundled plugin with its own @homebridge/ciao dependency, so users can disable Bonjour without cutting wide-area discovery. Thanks @vincentkoc.
  • Providers/Google: add a Gemini Live realtime voice provider for backend Voice Call and Google Meet audio bridges, with bidirectional audio and function-call support.
  • Providers/Google: let Gemini TTS prepend configured audioProfile and speakerName prompt text for reusable speech style control. Thanks @tdack.
  • Plugins/Google Meet: let realtime Meet sessions consult the full OpenClaw agent for deeper answers while staying in the live voice loop.
  • Gateway/VoiceClaw: add a realtime brain WebSocket endpoint backed by Gemini Live, with owner-auth gating and async OpenClaw tool handoff. (#70938) Thanks @yagudaev.
  • Providers/DeepSeek: add DeepSeek V4 Flash and V4 Pro to the bundled catalog and make V4 Flash the onboarding default. Thanks @lsdsjy.
  • CLI/Gateway: make gateway status start faster by skipping plugin loading on the read-only status path. (#71364) Thanks @andyylin.
  • Plugins/compatibility: add a central plugin compatibility registry and docs for SDK/config/setup/runtime deprecation records, including dated migration metadata for legacy harness naming and other plugin-facing aliases. Thanks @vincentkoc.
  • Agents/bootstrap: add agents.defaults.contextInjection: "never" to disable workspace bootstrap file injection for agents that fully own their prompt lifecycle. (#65006) Thanks @xDarkicex.

Fixes

  • Feishu: back off streaming-card creation after HTTP 400 startup failures, so unsupported card setups fall back without delaying every message. Fixes #56981. Thanks @JinnanDuan.
  • Feishu/topic groups: key native Feishu/Lark topic-group sessions by thread_id so starter messages and replies with different root_id formats stay in the same group_topic conversation. Fixes #71438. Thanks @1335848090.
  • Feishu: suppress duplicate final card delivery when idle closes a streaming card before the final payload arrives. (#68491) Thanks @MoerAI.
  • Signal: preserve sender attachment filenames and resolve missing MIME types from those filenames, so Linux signal-cli voice notes without contentType still enter audio transcription. Fixes #48614. Thanks @mindfury.
  • Telegram/agents: suppress the phantom "Agent couldn't generate a response" fallback after a reply was already committed through the messaging tool. (#70623) Thanks @chinar-amrutkar.
  • Models/CLI: show provider runtime contextTokens beside native contextWindow in openclaw models list, and align openai-codex/gpt-5.5 with Codex's 272K runtime cap plus 400K native window. Fixes #71403.
  • Dashboard/security: avoid writing tokenized Control UI URLs or SSH hints to runtime logs, keeping gateway bearer fragments out of console-captured logs readable through logs.tail. (#70029) Thanks @Ziy1-Tan.
  • Providers/OpenRouter: treat DeepSeek refs as cache-TTL eligible without injecting Anthropic cache-control markers, aligning context pruning with OpenRouter-managed prompt caching. (#51983) Thanks @QuinnH496.
  • Control UI/browser: defer temp-dir access-mode constants until Node-only temp-dir resolution runs, preventing browser bundles from crashing when node:fs constants are stubbed. (#48930) Thanks @Valentinws.
  • Discord/cron: deliver text-only isolated cron and heartbeat announce output from the canonical final assistant text once, avoiding duplicate Discord posts when streamed block payloads and the final answer contain the same content. Fixes #71406. Thanks @alexgross21.
  • macOS Gateway: wait for launchd to reload the exited Gateway LaunchAgent before bootstrapping repair fallback, preventing config-triggered restarts from leaving the service not loaded. Fixes #45178. Thanks @vincentkoc.
  • macOS Gateway: tolerate launchctl bootstrap's already-loaded exit during restart fallback and use non-killing kickstart after bootstrap, avoiding a second race that can unload the LaunchAgent. Fixes #41934. Thanks @zerone0x.
  • macOS Gateway: rewrite stale LaunchAgent plists before restart fallback bootstrap, matching install repair behavior when gateway restart has to re-register launchd. Thanks @maybegeeker.
  • Gateway/reload: wait indefinitely by default for active operations before restart-required reloads and preserve that drain path when service-manager restarts arrive as SIGTERM, preventing in-flight agent runs from being killed mid-turn. Fixes #65485. Thanks @rijhsinghani.
  • TTS/hooks: preserve audio-only TTS transcripts for message_sending and message_sent hooks without rendering the transcript as a media caption. Thanks @zqchris.
  • WhatsApp/TTS: preserve audioAsVoice through shared media payload sends and the WhatsApp outbound adapter, so [[audio_as_voice]] reply payloads keep their voice-note intent when routed through sendPayload. Fixes #66053. Thanks @masatohoshino.
  • Control UI/WebChat: hide heartbeat prompts, HEARTBEAT_OK acknowledgments, and internal-only runtime context turns from visible chat history while leaving the underlying transcript intact. Fixes #71381. Thanks @gerald1950ggg-ai.
  • Control UI/chat: keep optimistic user and assistant tail messages visible when a final history refresh briefly returns an older snapshot, preventing message cards from flash-disappearing until the next refresh. Fixes #71371. Thanks @WolvenRA.
  • Talk/TTS: resolve configured extension speech providers from the active runtime registry before provider-list discovery, so Talk mode no longer rejects valid plugin speech providers as unsupported.
  • Sessions/subagents: stop stale ended runs and old store-only child reverse links from reappearing in childSessions, while keeping live descendants and recently-ended children visible. Fixes #57920.
  • Subagents: recover child sessions after recoverable wait transport failures without exposing an extra wait state, and keep terminal lifecycle timer ordering deterministic. (#71423) Thanks @ZiPengWei.
  • Subagents: stop stale unended runs from counting as active or pending forever, while preserving restart-aborted recovery for recoverable child sessions. Fixes #71252. Thanks @hclsys.
  • Gateway/tools: allow POST /tools/invoke to reach plugin-backed catalog tools such as browser when no core implementation exists, while still preferring built-in tools for real core names. Thanks @chat2way.
  • Browser/security: require operator.admin for the browser.request gateway method, matching the host/browser-node control authority exposed by that route. Thanks @RichardCao.
  • Browser/profiles: allow local managed profiles to override browser.executablePath, so different profiles can launch different Chromium-based browsers. Thanks @nobrainer-tech.
  • Agents/replay: repair displaced or missing tool results before strict provider replay, use Codex-compatible aborted outputs for OpenAI Responses history, and drop partial aborted/error transport turns before retries.
  • Browser/startup: deduplicate concurrent lazy-start calls per profile so simultaneous browser tool requests no longer race into duplicate Chrome launches and PortInUseError. (#61772) Thanks @sukhdeepjohar.
  • Browser/profiles: recover from stale Chromium Singleton* profile locks after crashes or host moves by clearing dead/foreign locks and retrying launch once. Thanks @seanc-dev.
  • Browser/existing-session: keep Chrome MCP status probes transport-only and ephemeral, and retry stale cached Playwright attaches once so idle profile checks no longer poison the next real attach. (#57245) Thanks @josephbergvinson.
  • Cron/exec: suppress automatic background exec completion wakes only for silent cron jobs with delivery.mode="none" while keeping webhook and announce runs observable. (#71391) Thanks @goldmar.
  • Native commands: build dynamic /think argument menus from the target session model across Telegram, Discord fallback menus, and Slack so per-session /model overrides show the correct thinking choices. Fixes #69955. (#71394) Thanks @MonkeyLeeT.
  • Reply media: allow sandboxed replies to deliver OpenClaw-managed media/outbound and media/tool-* attachments without treating them as sandbox escapes, while keeping alias-escape checks on the managed media root. Fixes #71138. Thanks @mayor686, @truffle-dev, and @neeravmakwana.
  • CLI/agent: keep openclaw agent --json stdout reserved for the JSON response by routing gateway, plugin, and embedded-fallback diagnostics to stderr before execution starts. Fixes #71319.
  • Agents/Gemini: retry reasoning-only, empty, and planning-only Gemini turns instead of letting sessions silently stall. Fixes #71074. (#71362) Thanks @neeravmakwana.
  • Providers/DeepSeek: add missing reasoning_content placeholders for replayed assistant tool-call turns when DeepSeek V4 thinking is enabled, so switching an existing session to deepseek-v4-flash or deepseek-v4-pro no longer trips the provider's 400 replay check. Fixes #71372. Thanks @yangyang1719.
  • Exec approvals: allow bare command-name allowlist patterns to match PATH-resolved executable basenames without trusting ./tool or absolute path-selected binaries. Fixes #71315. Thanks @chen-zhang-cs-code and @dengluozhang.
  • Config/recovery: skip whole-file last-known-good rollback when invalidity is scoped to plugins.entries.*, preserving unrelated user settings during plugin schema or host-version skew. Fixes #71289. Thanks @jalehman.
  • Agents/tools: keep resolved reply-run configs from being overwritten by stale runtime snapshots, and let empty web runtime metadata fall back to configured provider auto-detection so standard and queued turns expose the same tool set. Fixes #71355. Thanks @c-g14.
  • Agents/TTS: pass the resolved shared config into the tts tool, so tool-triggered speech uses configured providers and voices instead of falling back to a fresh config load.
  • Reply media: strip MEDIA: attachments from final replies when the same media already went out through block streaming, preventing duplicate Telegram voice notes and files. Fixes #65468. Thanks @aurora-openclaw.
  • Agents/TTS: preserve voice media when a tool-generated reply is paired with an exact NO_REPLY sentinel, stripping the sentinel text instead of dropping the audio payload. Fixes #66092.
  • Compaction: honor explicit agents.defaults.compaction.keepRecentTokens for manual /compact, re-distill safeguard summaries instead of snowballing previous summaries, and enable safeguard summary quality checks by default. Fixes #71357. Thanks @WhiteGiverMa.
  • Sessions: honor configured session.maintenance settings during load-time maintenance instead of falling back to default entry caps. Fixes #71356. Thanks @comolago.
  • Browser/sandbox: pass the resolved browser.ssrfPolicy into sandbox browser bridges and refresh cached bridges when the effective policy changes, so sandboxed browser navigation honors private-network opt-ins. Fixes #45153 and #57055. Thanks @jzakirov, @zuoanCo, and @kybrcore.
  • Browser/proxy: keep Gateway/provider proxy environment variables from proxying the OpenClaw-managed browser, so HTTP_PROXY and HTTPS_PROXY no longer block ordinary browser navigation. Fixes #71358. Thanks @Sanjays2402.
  • Agents/MCP: validate draft-2020-12 MCP tool output schemas with a draft-aware bundle-MCP client validator, so external MCP servers no longer fail catalog/tool execution with missing schema refs. Fixes #68772 and #70196. Thanks @mwiesen.
  • Dashboard/Windows: open Control UI and OAuth URLs through the system URL handler without cmd.exe parsing or PATH-based rundll32 lookup, and reject non-HTTP browser-open inputs. Fixes #71098. Thanks @Sanjays2402.
  • Config/doctor: reject legacy secretref-env:<ENV_VAR> marker strings on SecretRef credential paths and migrate valid markers to structured env SecretRefs with openclaw doctor --fix. Fixes #51794. Thanks @halointellicore.
  • Plugin SDK/browser: export the resolved browser tab-cleanup config type through the browser profile facade, keeping SDK subpath contracts aligned.
  • Providers/OpenAI: separate API-key and Codex sign-in onboarding groups, and avoid replaying stale OpenAI Responses reasoning blocks after a model route switch.
  • Providers/OpenAI-compatible: forward prompt_cache_key on Completions requests only for providers that opt in with compat.supportsPromptCacheKey, keeping default proxy payloads unchanged. Fixes #69272.
  • Providers/OpenAI-compatible: skip null or non-object streaming chunks from custom providers instead of failing the turn after partial output. Fixes #51112.
  • Providers/OpenAI-compatible: treat singular MLX-style finish_reason: "tool_call" as tool use instead of a provider error. Fixes #61499.
  • Docs/TTS: clarify that legacy flat TTS provider config blocks are repaired by openclaw doctor --fix, not accepted by strict runtime schema on load. Fixes #56220.
  • Plugins/OpenCode: strip unsupported disabled Responses reasoning payloads for OpenCode image understanding. Fixes #70252.
  • Plugins/OpenCode/OpenCode Go: register image understanding metadata so the image tool is available for OpenCode catalog models with vision support. Fixes #70482 and #61789.
  • Plugins/OpenCode Go: update the default Go catalog model to opencode-go/kimi-k2.6. Thanks @masrlinu.
  • Providers/ElevenLabs: omit the MP3-only Accept header for PCM telephony synthesis, so Voice Call requests for pcm_22050 no longer receive MP3 audio. Fixes #67340. Thanks @marcchabot.
  • Providers/MiniMax TTS: truncate fractional pitch overrides before sending T2A requests, matching MiniMax's integer pitch contract while preserving fractional speed and volume. Fixes #62144.
  • Providers/MiniMax TTS: transcode voice-note targets to Opus so Feishu/Telegram receive native voice messages instead of MP3 file attachments. Fixes #63540, #64134, and #70445.
  • Providers/Microsoft TTS: keep allowlisted bundled speech providers discoverable even when another speech plugin has already registered, so Edge/Microsoft TTS is available alongside OpenAI. Fixes #62117 and #66850.
  • Providers/Microsoft TTS: honor legacy messages.tts.providers.edge voice settings after normalizing Edge TTS to the Microsoft provider. Fixes #64153.
  • Providers/OpenRouter: add an OpenRouter TTS provider using the OpenAI-compatible /audio/speech endpoint and OPENROUTER_API_KEY. Fixes #71268.
  • macOS Talk Mode: retry failed local ElevenLabs stream playback through gateway talk.speak before falling back to the system voice, so configured ElevenLabs voices still play when streaming playback fails. Fixes #65662.
  • Plugins/Voice Call: reap stale pre-answer calls by default, honor configured TTS timeouts for Twilio media-stream playback, and fail empty telephony audio instead of completing as silence. Fixes #42071; supersedes #60957. Thanks @Ryce and @sliekens.
  • Plugins/Voice Call: fail fast when Twilio, Telnyx, or Plivo would fall back to a loopback/private webhook URL, so calls do not start with an unreachable callback endpoint. Thanks @artemgetmann.
  • Plugins/Voice Call: resolve queued-but-not-yet-playing Twilio TTS entries when barge-in or stream teardown clears the playback queue, so callers awaiting queueTts() do not hang. Thanks @kevinWangSheng.
  • Plugins/Voice Call: terminate expired restored call sessions with the provider and restart restored max-duration timers with only the remaining duration, preventing stale outbound retry loops after Gateway restarts. Fixes #48739. Thanks @mira-solari.
  • Plugins/Voice Call: start provider STT after Telnyx outbound conversation greetings and pass configured Telnyx voice IDs through to the speak action. Fixes #56091. Thanks @Roshan.
  • Skills: honor legacy metadata.clawdbot requirements and installer hints when metadata.openclaw is absent, so older skills no longer appear ready when required binaries are missing. Fixes #71323. Thanks @chen-zhang-cs-code.
  • Browser/config: expand ~ in browser.executablePath before Chromium launch, so home-relative custom browser paths no longer fail with ENOENT. Fixes #67264. Thanks @Quratulain-bilal.
  • Channels/streaming: keep Telegram tool-progress preview updates enabled by default to match released behavior, document streaming.preview.toolProgress: false for disabling only those status lines, and prevent preview progress text from triggering Telegram Markdown links, Discord mentions, or Slack mrkdwn mentions. Fixes #71320. Thanks @neeravmakwana.
  • Gateway/sessions: copy the oversized sessions.json to a rotation backup before the atomic rewrite instead of renaming the live store away, so a crash during rotation keeps the existing session-to-transcript mapping authoritative. Fixes #68229. Thanks @jjjojoj.
  • Providers/OpenAI-compatible: strip OpenAI-only Completions store from proxy payloads and allow extra_body/extraBody passthrough params for provider-specific request fields. Fixes #61826 and #69717.
  • Discord/subagents: preserve thread-bound completion delivery by keeping the requester-agent announce path primary and falling back to direct thread sends only when the announce produces no visible output. (#71064) Thanks @DolencLuka.
  • Discord/proxy: serialize proxied multipart attachment uploads with undici FormData, so Discord media sends work through configured REST proxies. (#71383) Thanks @TC500.
  • Browser/tool: give Chrome MCP existing-session manage calls a longer default timeout, pass explicit tool timeouts through tab management, and recover stale selected-page MCP sessions instead of forcing a manual reset.
  • Browser/sandbox: clean up idle tracked tabs opened by primary-agent browser sessions, while preserving active tab reuse and lifecycle cleanup for subagents, cron, and ACP sessions. Fixes #71165. Thanks @dwbutler.
  • Plugins/Voice Call: reuse the webhook runtime across in-process plugin contexts, avoiding EADDRINUSE when agent tools or CLI commands run while the Gateway already owns the voice webhook port. Fixes #58115. Thanks @sfbrian.
  • Plugins/Voice Call: answer accepted Telnyx inbound Call Control legs on call.initiated, so webhooks that reach OpenClaw no longer leave the caller ringing until hangup. Fixes #58231 and #40131. Thanks @KonsultDigital.
  • Plugins/Voice Call: coalesce concurrent webhook server starts on the same runtime instance, avoiding a second listen() bind when overlapping startup paths race. Thanks @education-01.
  • Plugins/Voice Call: pin voice response sessions to responseModel before embedded agent runs, avoiding live-session model switch failures when the global default model differs. Fixes #60118. Thanks @xinbenlv.
  • Plugins/Voice Call: add agentId for voice response generation, so phone calls can use a dedicated agent workspace instead of always routing through main. Fixes #42155. Thanks @TheOpie.
  • Plugins/Voice Call: scope embedded voice response sandbox resolution to the selected voice agent, so implicit main voice sessions respect agents.defaults.sandbox.mode: "off" even when other agents define sandboxed Docker binds. Fixes #56367. Thanks @crpol.
  • Media tools: honor the configured web-fetch SSRF policy for media understanding, image/music/video generation references, and PDF inputs, so explicit RFC2544 opt-ins cover WebChat OSS uploads without weakening defaults. Fixes #71300. (#71321) Thanks @neeravmakwana.
  • Agents/TTS: suppress successful spoken transcripts from verbose chat tool output when structured voice media is already queued, while preserving text output for non-builtin tool-name collisions. Fixes #71282. Thanks @neeravmakwana.
  • Plugins/Google Meet: reuse existing Meet tabs and active sessions across harmless URL query differences, avoiding duplicate Chrome windows when agents retry a join.
  • Plugins/Google Meet: tell agents to recover already-open Meet tabs after browser timeouts, and make the dev CLI release its build lock if compiler spawning fails.
  • Plugins/Google Meet: return structured manual-action details when browser-based meeting creation needs login or permissions, so agents can guide the operator without opening duplicate Meet tabs.
  • Plugins/CLI: provide Gateway-backed node inspection to plugin commands, so googlemeet recover-tab can inspect paired browser nodes from the terminal.
  • Cron/isolated sessions: clear stale runtime, lifecycle, auth, model, exec, heartbeat, usage, privilege, routing, and delivery artifacts when creating a fresh isolated run, and persist per-run session rows as snapshots so old base-session state no longer leaks into new cron executions. Thanks @vincentkoc.
  • Gateway/sessions: recover main-agent turns interrupted by a gateway restart from stale transcript-lock evidence, avoiding stuck status: "running" sessions without broad post-boot transcript scans. Fixes #70555. Thanks @bitloi.
  • Codex approvals: sanitize MCP elicitation approval titles, descriptions, and display parameters before forwarding them to OpenClaw approval prompts. (#71343) Thanks @Lucenx9.
  • Codex approvals: keep command approval responses within Codex app-server availableDecisions, including deny/cancel fallbacks for prompts that do not offer decline. (#71338) Thanks @Lucenx9.
  • Codex harness: reject same-thread app-server notifications without turnId or turn.id after a bound turn starts, preventing unscoped events from mutating or completing the active reply. (#71317) Thanks @Lucenx9.
  • Plugins/Google Meet: include live Chrome-node readiness in googlemeet setup and document the Parallels recovery checks, so stale node tokens or disconnected VM browsers are visible before an agent opens a meeting.
  • Context engine: keep safeguard compaction checks active after context-engine windowing and for ownsCompaction engines, so large transcripts can compact before prompt submission instead of waiting for provider overflow. Fixes #71325.
  • Approvals: compact structured home-directory paths to ~ across Codex permission prompts and exec approval metadata without repeating them as a separate high-risk warning, while preserving filesystem root and wildcard host warnings.
  • Plugins/runtime deps: isolate the internal npm cache used for bundled plugin runtime-dependency repair and let package updates refresh/verify already-current installs, so failed update or sudo doctor runs can be repaired by rerunning openclaw update.
  • Agents/delete: keep --json output machine-readable and retain workspaces that overlap another agent's workspace instead of moving shared state to Trash. Fixes #70889 and #70890. (#70897) Thanks @kaseonedge.
  • Browser/screenshot: honor timeoutMs through host and node screenshot requests, bound raw CDP screenshot commands, and avoid beyond-viewport CDP capture for ordinary viewport screenshots, so Windows Chrome captures no longer hang past the requested deadline. Fixes #68330. Thanks @Woodylai24.
  • Telegram/model picker: show configured model display names when browsing models through provider buttons, matching typed /models <provider> output. Fixes #70560. (#71016) Thanks @iskim77.
  • Plugins/runtime deps: stage bundled plugin runtime dependencies for packaged/global installs in an external runtime root and retain already staged deps across repairs, avoiding package-tree update races and npm pruning after upgrades.
  • Plugins/runtime deps: log bundled plugin runtime-dependency staging before synchronous npm installs start and include elapsed timing afterward, so first boot after upgrades no longer looks hung while dependencies are being repaired.
  • Memory/Bedrock: skip Bedrock during automatic memory embedding selection when AWS credentials are unavailable, so memory_search can fall back to lexical search instead of failing on the first embed call. Fixes #71143 via #71245. Thanks @bitloi.
  • Agents/failover: forward embedded run abort signals into provider-owned model streams, cap implicit LLM idle watchdogs below long run timeouts, and mark 429 responses without usable retry timing as non-retryable so GitHub Copilot rate limits fail over or surface promptly instead of hanging until run timeout. Fixes #71120.
  • Plugins/Google Meet: make meeting creation join by default, with an explicit URL-only opt-out, so agents that create a Meet also enter it.
  • Telegram/polling: persist accepted update offsets before long-running handlers complete so poller restarts do not replay already-ingested updates, while keeping same-process retries for handler failures.
  • Telegram/config: include generated Telegram channel config schema metadata in packaged plugin manifests so forum-topic/group config is accepted before runtime loads.
  • CLI/Claude: include user-configured mcp.servers in the strict Claude CLI MCP bundle config, matching Pi runs while preserving the OpenClaw loopback override. Fixes #70909. Thanks @keishingu.
  • Browser/tool: keep explicit AI snapshots from inheriting the efficient role-snapshot default and preserve numeric Playwright AI refs, so --format ai remains a real AI snapshot path. Fixes #62550. Thanks @ly85206559.
  • Gateway/config: keep in-process config patch reload comparisons on the resolved source snapshot when ${VAR} env refs are restored on disk, avoiding false full gateway restarts for unchanged gateway/plugin secrets. Fixes #71208. Thanks @robbiethompson18.
  • Slack/messages: serialize write-client requests and whole outbound sends per target so rapid multi-message Slack replies preserve send order. Fixes #69101. (#69105) Thanks @nightq and @ztexydt-cqh.
  • Slack/messages: keep Slack bot tokens out of internal message-ordering and DM cache keys.
  • Slack/exec approvals: resolve native approval button clicks over the Gateway instead of delivering /approve ... as plain agent text, preserving retry buttons if Gateway resolution fails. Fixes #71023. (#71025) Thanks @marusan03.
  • Browser/tool: expose browser doctor diagnostics to agents and extend openclaw doctor browser readiness notes for managed Chromium launch prerequisites. (#62948, #62936) Thanks @seanc-dev.
  • Slack/files: return non-image download-file results as local file paths instead of image payloads, and include Slack file IDs in inbound file placeholders so agents can call download-file. Fixes #71212. Thanks @teamrazo.
  • Browser control: scope standalone loopback auth to the resolved active gateway credential and fail closed when password mode lacks a resolved password, so inactive tokens or passwords no longer authorize browser routes. Fixes #65626. (#65639) Thanks @coygeek.
  • Control UI/Codex harness: emit native Codex app-server assistant and lifecycle completion events so live webchat runs stop spinning without needing a transcript reload fallback. (#70815) Thanks @lesaai.
  • Agents/sessions: persist the runtime-resolved context budget from embedded agent runs, so Codex GPT-5.5 sessions keep the catalog/runtime context cap instead of falling back to the generic 200k status value. Fixes #71294. Thanks @tud0r.
  • Agents/tools: fail runs before model submission when explicit tool allowlists resolve to no callable tools, preventing text-only hallucinated tool results for missing tools such as plugin commands that were not registered. Fixes #71292.
  • Agents/embedded: skip provider submission when an embedded run has no prompt, replay history, or prompt-local images, preventing empty OpenAI Responses requests from surfacing provider errors into user channels. Fixes #71130.
  • Providers/Google: map /think adaptive to Gemini dynamic thinking instead of a fixed medium/high budget, using Gemini 3's provider default and Gemini 2.5's thinkingBudget: -1. Fixes #71316.
  • Providers/MiniMax: keep M2.7 chat model metadata text-only so image tool requests route through MiniMax-VL-01 instead of the Anthropic-compatible chat endpoint. Fixes #71296. Thanks @ilker-cevikkaya.
  • Discord/replies: run message_sending plugin hooks for Discord reply delivery, including DM targets, so plugins can transform or cancel outbound Discord replies consistently with other channels. Fixes #59350. (#71094) Thanks @wei840222.
  • Discord/replies: preserve single-use native reply semantics across shared payload fallback, component, voice, and queued delivery paths, so explicit reply tags no longer consume implicit reply slots and chunked fallback sends reply only once.
  • Control UI/commands: carry provider-owned thinking option ids/labels in session rows and defaults so fresh sessions show and accept dynamic modes such as adaptive, xhigh, and max. Fixes #71269. Thanks @Young-Khalil.
  • Image generation: make explicit model= overrides exact-only so failed openai/gpt-image-2 requests no longer fall through to Gemini or other configured providers, and update image_generate list to mention OpenAI Codex OAuth as valid auth for openai/gpt-image-2. Fixes #71290 and #71231. Thanks @Young-Khalil.
  • Providers/GitHub Copilot: keep the plugin stream wrapper from claiming transport selection before OpenClaw picks a boundary-aware stream path, avoiding Pi's stale fallback Copilot headers on normal model turns.
  • Discord/subagents: pass runtime config into thread-bound native subagent binding and require it at the helper boundary so Discord channel resolution keeps account-aware config. Fixes #71054. (#70945) Thanks @jai.
  • Slack/Assistant: accept Slack Assistant DM message_changed events when their metadata identifies the human sender, while continuing to drop self-authored bot edits. Fixes #55445. Thanks @AlfredPros.
  • Slack/native streaming: suppress reasoning-only payloads before chat.startStream/appendStream, so Claude extended-thinking blocks no longer appear as visible Slack messages. Fixes #59687. Thanks @vision-ifc.
  • Slack/block replies: keep multi-part block deliveries in the first Slack reply thread when replyToMode is first, matching text reply threading instead of leaking later blocks into the channel. Fixes #49341. Thanks @pholmstr and @xiwuqi.
  • Slack/thread broadcasts: process thread_broadcast events as user messages so replies sent with "Also send to channel" reach the agent instead of becoming metadata-only system events. Fixes #56605 and #4351. Thanks @clawSean and @jlowin.
  • Slack/threading: ignore internal reply ids when choosing Slack thread_ts values, so resumed replies keep the real Slack thread anchor instead of leaking to the channel root. Fixes #68790. Thanks @MonkeyLeeT and @martingarramon.
  • Agents/failover: stop body-less HTTP 400/422 proxy failures from defaulting to "format" classification, so embedded retries surface the opaque provider failure instead of falling into a compaction loop. Fixes #66462. (#67024) Thanks @altaywtf and @HongzhuLiu.
  • Plugins/loader: use cached discovery-mode snapshot loads for read-only plugin capability lookups, keep snapshot caches isolated from active Gateway registries, and make same-plugin channel/HTTP route re-registration idempotent so repeated snapshot or hot-reload paths no longer rerun full plugin side effects or accumulate duplicate surfaces. Fixes #51781, #52031, #54181, and #57514. Thanks @livingghost, @okuyam2y, @ShionEria, and @bbshih.
  • Plugins/loader: reuse the compatible active Gateway registry for broad runtime plugin ensure calls after a gateway-bindable boot load, so non-bundled plugins no longer re-run register() during the same boot path. Fixes #69250. Thanks @markthebest12.
  • Plugins/hooks: keep the gateway-bindable hook runner installed when later default-mode plugin loads activate a different registry, preserving Gateway subagent lifecycle hooks across runtime cache misses. Fixes #63166.
  • Plugins/hooks: refresh live Gateway runtime hooks before inbound channel dispatch, so externally installed plugins keep message_received, before_dispatch, and reply hooks active after scoped startup plugin loads. Fixes #71167.
  • Media/input: resolve canonical inbound media refs through the shared media loader so native prompt image replay and explicit image/PDF tools can read media://inbound/<id> and managed inbound replay paths under workspace-only file policy.
  • Media/tools: centralize media reference scheme classification for image, PDF, image-generation, video-generation, and music-generation inputs so managed inbound refs are accepted consistently.
  • Control UI/media: resolve canonical inbound media refs before serving assistant media previews, so media://inbound/<id> sources no longer pass access checks but fail file open.
  • Auth/Codex: bootstrap openai-codex:default from Codex CLI credentials on fresh installs without replacing a locally refreshed OpenClaw OAuth token later. Fixes #71305. Thanks @Gforce10-design.
  • Plugin SDK/tool-result transforms: bound middleware details, validate in-place result mutations, and mark fail-closed middleware fallbacks with canonical error status. Thanks @vincentkoc.
  • Discord/gateway: prevent startup from getting stuck at awaiting gateway readiness when Carbon gateway registration races with a lifecycle reconnect. Fixes #52372. (#68159) Thanks @IVY-AI-gif.
  • Discord/gateway: supervise Carbon's async gateway registration promise so fatal Discord metadata failures surface through startup instead of process-level unhandled rejections. (#62451) Thanks @safzanpirani.
  • Discord/gateway: record websocket frame activity as transport liveness, so idle but healthy Discord gateways no longer look stale between user messages. (#68213) Thanks @bmadwaves.
  • Slack/streaming: suppress block replies while native or draft preview streaming owns the turn, preventing duplicate Slack delivery when block streaming is also enabled. Addresses #56675. Thanks @hsiaoa.
  • Plugins/cache: restore plugin command and interactive handler registries on loader cache hits without resetting interactive callback dedupe, so cached external plugins keep slash commands and callback handlers available after reloads. Fixes #71100. Thanks @BomBastikDE.
  • Gateway/OpenAI-compatible: report non-zero token usage for /v1/chat/completions when the agent run has only last-call usage metadata available. Fixes #71118. (#71242) Thanks @RenzoMXD.
  • Plugin SDK/tool-result transforms: restrict harness tool-result middleware to bundled plugins, fail closed on middleware errors, validate rewritten result shapes, preserve Pi per-call ids, and keep Codex media trust checks anchored to raw tool provenance. Thanks @vincentkoc.
  • Gateway/MCP loopback: apply owner-only tool policy and run before-tool-call hooks on 127.0.0.1/mcp tools/list and tools/call, so non-owner bearer callers can no longer see or invoke owner-only tools such as cron, gateway, and nodes, matching the existing HTTP /tools/invoke and embedded-agent paths. (#71159) Thanks @mmaps.
  • Codex harness/security: wait for final app-server approval decisions and sanitize approval preview text, so native Codex permission prompts cannot be resolved by an early placeholder decision or render unsafe terminal/control content. (#70751, #70569) Thanks @Lucenx9.
  • Providers/voice security: route ElevenLabs TTS and OpenAI Realtime browser-session secret creation through guarded fetch paths, preserving provider calls while keeping SSRF protections on voice surfaces.
  • Agents/OpenAI WS: match Codex's Responses WebSocket continuation strategy, sending only strict incremental follow-up input with previous_response_id and falling back to full context when the replay chain or request shape differs. Fixes #44948. Thanks @hss-oss.
  • Plugins/Google Chat: log webhook auth rejection reasons only after all candidates fail, and warn when add-on appPrincipal values do not match configuration. Fixes #71078. (#71145) Thanks @luyao618.
  • Models/configure: preserve the existing default model when provider auth is re-run from configure while keeping explicit default-setting commands authoritative. Fixes #70696. (#70793) Thanks @Sathvik-1007.
  • Config/plugins: accept plugins.entries.*.hooks.allowConversationAccess in validation, generated schema metadata, and plugin policy inspection so trusted external plugins can enable conversation-access hooks such as agent_end without local schema patches. Fixes #71215. (#71221) Thanks @BillChirico.
  • Models/runtime: show one model provider choice per provider and move Codex, Claude CLI, and Gemini CLI execution into explicit runtime selection while keeping fallback-only legacy runtime refs unchanged. Thanks @vincentkoc.
  • Plugins/runtime deps: respect explicit plugin and channel disablement when repairing bundled runtime dependencies, so doctor and health checks no longer install deps for disabled configured channels. Thanks @vincentkoc.
  • Diagnostics/OTEL: export logs through bounded diagnostic log events instead of a direct logger transport hook. Thanks @vincentkoc.
  • WhatsApp/plugins: support an explicit opt-in for inbound message_received hooks with canonical channel, conversation, session, and sender fields. Thanks @vincentkoc.
  • Channels/setup: keep bundled setup entries dependency-light and stage WhatsApp runtime dependencies only when login actually needs them, so first-run setup and read-only channel discovery avoid unused SDK imports.
  • Slack/HTTP: keep webhook handlers in a process-global registry so HTTP mode survives plugin-loader/native-import splits and /slack/events/<account> no longer returns 404 after logging as active. Fixes #67955, #46245, and #46246. Thanks @chrisabad and @cesararevalo.
  • Diagnostics: harden tool and model diagnostic events against hostile errors, blocking listeners, and unsafe stability reason fields. Thanks @vincentkoc.
  • Plugins/onboarding: record local plugin install source metadata without duplicating raw absolute local paths in persisted plugins.installs, while preserving linked load-path cleanup. (#70970) Thanks @vincentkoc.
  • Group chats/silent replies: tighten NO_REPLY prompt guidance so groups stay quiet without narrating silence or emitting fallback chatter when silence is the intended outcome. (#70954, #71209) Thanks @Takhoffman.
  • WhatsApp/groups+direct: setting systemPrompt: "" on a specific groups.<id> or direct.<peerId> entry now suppresses the wildcard system prompt instead of falling through to it, so users can silence the global prompt for a specific group or peer. (#70381) Thanks @Bluetegu.
  • Browser/tool: tell agents not to pass per-call timeoutMs on existing-session type, evaluate, and other Chrome MCP actions that reject timeout overrides.
  • Browser/tool: use Playwright's current AI aria snapshot API for refs="aria" and fall back to role refs when a node browser cannot provide aria refs, so agents can still inspect and click controls such as Google Meet admission buttons.
  • Browser/tool: expose stable tabId handles such as t1 plus optional tab labels, and accept those handles anywhere a browser tab target is needed.
  • Browser/tool: return suggestedTargetId first in tab payloads so agents naturally reuse labels or stable tab handles instead of raw DevTools ids.
  • Browser/tool: bundle a browser-automation skill with the multi-step snapshot, stable-tab, stale-ref, and manual-blocker loop for agent-controlled pages.
  • Browser/tool: add openclaw browser doctor, URL-expanded snapshots, direct labeled screenshots, and clearer tab-target errors for agents that accidentally pass positional indexes.
  • Plugins/Google Meet: use browser automation to classify and clear Meet's microphone-choice interstitial during browser meeting creation, and reuse in-progress create tabs on retry instead of opening duplicates.
  • Codex/GPT-5.4: harden fallback, auth-profile, tool-schema, and replay edge cases across native and embedded runtime paths. (#70743) Thanks @100yenadmin.
  • Models/fallback: resolve bare fallback model provider ids before model switching, so configured fallback chains keep working when a fallback is named without an explicit provider prefix.
  • Voice-call/Telnyx: preserve inbound/outbound callback metadata and read transcription text from Telnyx's current transcription_data payload.
  • Providers/DeepSeek: wire V4 thinking controls and OpenAI-compatible replay policy so follow-up turns preserve DeepSeek reasoning_content, while the None/off thinking path strips replayed reasoning fields. Fixes #70931. Thanks @lsdsjy.
  • Providers/GitHub Copilot: align Copilot request headers across Anthropic, Responses, and built-in compaction summarization paths, including tool-result and image follow-up turns, without enabling unverified Responses continuation.
  • Codex harness: send verbose tool progress to chat channels for native app-server runs, matching the Pi harness /verbose on and /verbose full behavior. (#70966) Thanks @jalehman.
  • Codex models: fetch paginated Codex app-server model catalogs, mark truncated /codex models output, and keep ChatGPT OAuth defaults on the openai-codex/gpt-5.5 route instead of the OpenAI API-key route.
  • Codex status: report Codex CLI OAuth as oauth (codex-cli) for native codex/* sessions instead of showing unknown auth. Fixes #70688. Thanks @jb510.
  • Channels/CLI: accept explicit shared-secret, base-URL, and auth-directory setup flags, and map legacy Nextcloud Talk --url/--token add commands to the bundled plugin setup input. Fixes #61759 and #61923.
  • Models/CLI: keep openclaw models list read-only while still showing eligible configured-provider rows, so listing models no longer rewrites per-agent models.json. (#70847) Thanks @shakkernerd.
  • Agents/transport: propagate configured attempt timeouts into guarded per-request dispatchers, so slow local LLM calls such as Ollama no longer fail at Undici's default 60-second body timeout. Fixes #70829. (#70831) Thanks @DranboFieldston.
  • Plugins/providers: mirror runtime auth choices in bundled provider manifests and detect KIMI_API_KEY for Moonshot/Kimi web search before plugin runtime loads. Thanks @vincentkoc.
  • Gateway/chat: register chat.send runs in the chat run registry so lifecycle error events reach the client instead of being silently dropped, fixing stuck 'waiting' state and /abort reporting no active run. (#69747) Thanks @wangshu94.
  • Plugins/QQ Bot: enable the bundled qqbot plugin by default so its runtime dependency @tencent-connect/qqbot-connector is installed on first launch, unblocking the QR-code binding flow that dynamically imports the connector before any account is configured. (#71051) Thanks @cxyhhhhh.
  • Gateway/agent RPC: register active agent runs into the chat abort controller map so chat.abort and sessions.abort can interrupt them, matching chat.send behavior and unblocking external runtimes that drive the Gateway through the public agent RPC. Fixes #71128. (#71214) Thanks @bitloi.
  • Matrix/CLI: pass resolved runtime config into verify commands, so openclaw matrix verify status and sibling verify subcommands no longer crash before acquiring the Matrix client. Fixes #70992. (#71102) Thanks @luyao618.
  • Gateway/startup: await startup sidecars before channel monitors report ready, reducing Discord and plugin startup races while still keeping gateway boot observability intact.
  • Plugins/Google Meet: report required manual actions for Chrome joins, use browser automation for Meet entry, and persist the private-WS node opt-in so paired-node realtime sessions keep their intended network policy.
  • Slack: route native stream fallback replies through the normal chunked sender so long buffered Slack Connect responses are not dropped or duplicated. (#71124) Thanks @martingarramon.
  • WhatsApp: transcribe accepted voice notes before agent dispatch while keeping spoken transcripts out of command authorization. (#64120) Thanks @rogerdigital.
  • Plugins/CLI: expose channel plugin CLI descriptors during discovery-mode plugin loads so snapshot registries keep channel commands visible without activating full runtimes. (#71309) Thanks @gumadeiras.
  • WhatsApp: deliver media generated by tool-result replies while still suppressing text-only tool chatter. (#60968) Thanks @adaclaw.
  • Config/agents: accept agents.list[].contextTokens in strict config validation so per-agent overrides survive hot reload, letting /status reflect the configured model window instead of the 200k fallback. Fixes #70692. (#71247) Thanks @statxc.
  • Heartbeat: include async exec completion details in heartbeat prompts so command-finished notifications relay the actual output. (#71213) Thanks @GodsBoy.
  • Memory search: apply session visibility and agent-to-agent policy to session transcript hits, and keep corpus=sessions ranking scoped to session collections before result limiting. (#70761) Thanks @nefainl.
  • Agents/sessions: stop session write-lock timeouts from entering model failover, so local lock contention surfaces directly instead of cascading across providers. (#68700) Thanks @MonkeyLeeT.
  • Auto-reply: run inbound reply delivery through message_sending hooks so plugins can transform or cancel generated replies before they are sent. (#70118) Thanks @jzakirov.
  • CI/release-checks: pass workflow inputs and matrix values through step environment variables instead of embedding them directly into run: shell commands, reducing template-injection surface in the cross-OS release-check workflow. (#66884) Thanks @alexlomt.
  • Agents/failover: classify the bare An unknown error occurred stream-wrapper message that pi-ai providers throw when streams end with stopReason: "aborted" | "error" as a transient timeout regardless of provider, so configured fallback chains rotate for non-Anthropic providers (Google, OpenRouter, Bedrock, etc.) instead of surfacing the literal string to users. Fixes #71620. Thanks @willamhou and @mattcproctor.
Check out latest releases or
releases around openclaw 2026.4.24

Don't miss a new openclaw release

NewReleases is sending notifications on new releases.

Get notifications