npm openclaw 2026.5.10-beta.1
openclaw 2026.5.10-beta.1
on Node.js NPM

latest release: 2026.5.10-beta.2
7 hours ago

2026.5.10

Changes

  • QA/Mantis: add Telegram live PR evidence automation with Convex-leased credentials, Crabbox transcript capture, motion GIF previews, and inline PR comments.
  • QA/Mantis: add a Telegram desktop scenario builder that leases Crabbox, installs native Telegram Desktop, configures an OpenClaw Telegram gateway with leased bot credentials, and records VNC screenshot/video artifacts.
  • Discord/voice: add realtime voice diagnostics for speaker turns, playback resets, barge-in detection, and audio cutoff analysis.
  • Talk: add talk.realtime.instructions so operators can append realtime voice style instructions while preserving OpenClaw's built-in agent-consult guidance. (#79081) Thanks @VACInc.
  • Discord/voice: default test and source installs to the pure-JS opusscript decoder by ignoring optional native @discordjs/opus builds, avoiding slow native addon compiles outside dedicated voice-performance lanes.
  • Gateway/skills: add an opt-in private skill archive upload install path gated by skills.install.allowUploadedArchives, so trusted Gateway clients can stage and install zip-backed skills only when operators explicitly enable the code-install surface. (#74430) Thanks @samzong.
  • Dependencies: refresh workspace pins and patch targets, including ACPX @agentclientprotocol/claude-agent-acp 0.33.1, Codex ACP 0.14.0, Baileys 7.0.0-rc10, Google GenAI 2.0.1, OpenAI 6.37.0, AWS SDK 3.1045.0, Kysely 0.29.0, Tlon skill 0.3.6, Aimock 1.19.5, and tsdown 0.22.0.
  • Agents/compaction: preserve scoped background exec/process session references across embedded compaction and after-turn runtime contexts without exposing sessions from unrelated scopes. Fixes #79284. (#79307) Thanks @TurboTheTurtle.
  • CLI/onboarding: improve setup, onboarding, configure, and channel command wayfinding so terminal flows explain the next useful command instead of relying on terse setup labels.
  • Agents/Codex: remove the configurable Codex dynamic-tools profile so Codex app-server always owns workspace, edit, patch, exec, process, and plan tools while OpenClaw integration tools remain available.

Fixes

  • Agents: apply the LLM idle watchdog while provider stream setup is still pending, preventing silent pre-stream model hangs from waiting for the full agent timeout.
  • Cron: let isolated self-cleanup runs inspect their own job run history while keeping other cron jobs and mutation actions blocked. Fixes #80019. Thanks @hclsys.
  • CLI/config: persist explicit config set and config patch values that equal runtime defaults instead of reporting success while dropping them. Fixes #79856. (#80106) Thanks @abodanty and @hclsys.
  • OpenAI/realtime voice: accept Codex-compatible legacy audio and transcript event aliases so provider protocol drift does not drop assistant audio or captions.
  • Discord/voice: keep default agent-proxy realtime sessions from auto-speaking filler before the forced OpenClaw consult answer, finish Discord playback on realtime response completion, and queue later exact-speech answers until playback idles to avoid mid-sentence replacement.
  • Gateway: return deterministic 400 invalid_request_error responses for malformed encoded session-kill HTTP paths instead of letting route-shaped requests fall through to later Gateway handlers. (#72439) Thanks @rubencu.
  • Control UI: serve root PWA and favicon assets from /__openclaw__/ SPA routes so tab icons, install metadata, and the service worker do not 404 after internal navigation. Fixes #80072. Thanks @CodeNovice2017.
  • OpenAI/realtime voice: honor disabled input-audio interruption locally so server VAD speech-start events do not clear Discord playback after operators set interruptResponseOnInputAudio: false.
  • Telegram: keep no-response DM turns quiet instead of rewriting them into visible silent-reply chatter. Fixes #78188. (#78228) Thanks @Beandon13.
  • Telegram: handle managed select button callbacks before the raw callback fallback while preserving delimiter-containing option values such as env|prod. (#79816) Thanks @moeedahmed.
  • OpenAI-compatible models: handle JSON chat-completion bodies returned to streaming requests, preserving reasoning fields and visible text instead of completing an empty agent turn. Fixes #77870.
  • Discord/models: defer model picker component interactions before loading route, model, and preference data, preventing "This interaction failed" timeouts under gateway load. Fixes #77283. Thanks @colin-chang.
  • xAI: expose /think low|medium|high for reasoning-capable Grok models and keep reasoning.effort on native Responses payloads while preserving off-only behavior for non-reasoning routes. Fixes #79210. Thanks @colinmcintosh.
  • CLI/media: let explicit image description model refs use bundled static provider catalogs and generic model-backed image hooks, so openclaw infer image describe --model zai/glm-4.6v works like direct model runs and Anthropic auth probes avoid stale Claude 3 Haiku catalog entries.
  • Models/Anthropic: add anthropic/claude-haiku-4-5 to Anthropic API-key agent allowlist defaults when an Anthropic default model is configured, so cron model overrides can select the current Haiku alias. Fixes #78000.
  • Agents/Anthropic-compatible: strip replayed thinking blocks for custom Anthropic-compatible models that explicitly declare supportsReasoningEffort: false, preventing Kimi-compatible providers from resending unsupported thinking content. Fixes #47452.
  • Browser: wait longer for existing-session Chrome MCP status and non-deep doctor probes so slow first attaches do not falsely report offline while keeping raw CDP status probes short. (#77473) Thanks @rubencu.
  • Gateway/logging: install console capture before foreground Gateway fast-path parsing and suppress known libsignal session dumps even in verbose mode, preventing raw terminal logs from printing WhatsApp session key material. (#76306) Thanks @rubencu.
  • Exec approvals: keep exec.approval.list on the lightweight policy-summary path so listing pending approvals no longer loads the rich tree-sitter command explainer. (#76943) Thanks @rubencu.
  • Agents: surface concise default-visible warnings when exec/bash tool calls fail after the assistant claims success, while keeping raw stderr hidden unless verbose details are enabled. Fixes #60497. (#80003) Thanks @jbetala7.
  • Agents: stop blank model-emitted tool calls before dispatch while preserving id-based tool-name recovery, preventing Kimi/NVIDIA blank-name retry loops without creating a callable _blank sentinel. Fixes #34129. (#56391) Thanks @smartchainark.
  • Agents/Telegram: deliver the canonical final assistant answer instead of replaying accumulated pre-tool text blocks, preventing duplicate Telegram replies and raw-looking tool-output fragments from leaking into chat delivery. Fixes #79621 and #79986. Thanks @nonzeroclaw and @dudaefj.
  • Auto-reply/TUI: keep fallback timeout recovery deliverable after a primary model lifecycle error by emitting fallback progress and deferring terminal TUI errors until recovery has a chance to finish. Fixes #80000. (#80009) Thanks @TurboTheTurtle.
  • CLI/agent: let openclaw agent --model use the backend/admin Gateway scope without cached device-token scopes silently downscoping the request. (#78837) Thanks @VACInc.
  • CLI/help: keep help and version invocations configless while improving shared port, channel, plugin, task, session, message, pairing, and auth recovery text.
  • CLI/config: explain strict JSON parse failures with a valid example and the plain-string escape hatch.
  • CLI/secrets: turn offline Gateway reload failures into actionable recovery text.
  • CLI/channels: explain missing or ambiguous channel selections with next commands.
  • CLI/channels: defer guided channel status collection until a channel is selected, keeping openclaw channels add first screen quieter.
  • Plugins/CLI: route disabled Matrix and LanceDB memory command roots to plugin-enable guidance instead of generic unknown-command errors.
  • Browser/Docker: detect Playwright-managed Chromium from PLAYWRIGHT_BROWSERS_PATH and the default Playwright cache on Linux, so Docker installs that persist /home/node/.cache/ms-playwright no longer need browser.executablePath.
  • Ollama: keep DeepSeek V4 cloud models thinking-capable even when Ollama Cloud /api/show omits the thinking capability, so /think high no longer rejects ollama/deepseek-v4-*:cloud.
  • ACPX/Claude ACP: keep foreground prompts waiting for their own result when autonomous task-notification results arrive during the same session, and retarget the patch for Claude Agent ACP 0.33.1.
  • WhatsApp: keep Baileys media uploads from passing non-Dispatcher agents to undici in 7.0.0-rc10, and patch the bundled Baileys declaration so the latest tsdown build stays warning-clean.
  • Build: keep tsdown 0.22.0 warning-clean by externalizing known third-party declaration edges and replacing relative channel config module augmentations with explicit built-in channel fields.
  • ACP sessions: map canonical runtime options to backend-advertised ACP config keys like Claude's effort while keeping persisted OpenClaw state canonical. (#79926) Thanks @InTheCloudDan.
  • Models/Discord: support provider/* entries in agents.defaults.models so /model, /models, and model pickers can show dynamically discovered models for selected providers without exact model allowlists. Fixes #79485. Thanks @rendrag-git.
  • Gateway/watch: rebuild or restage missing bundled-plugin dist and runtime-postbuild outputs before launching the Gateway from a source checkout, preventing incomplete watch-mode runtime trees. (#70805) Thanks @rubencu.
  • CLI/update: allow restart health probes from the previous gateway protocol during self-update, and make plugin dry-runs report exact npm target versions instead of unknown while preserving unchanged status.
  • OpenAI/Codex: forward persisted openai-codex OAuth profile metadata into Codex plugin harness attempts after canonical openai/* migration, so OAuth-only installs keep using native Codex auth instead of falling through to direct OpenAI API-key auth. Fixes #79978.
  • OpenAI/Codex: point gateway missing-key recovery and wizard docs at the canonical openai/gpt-5.5 plus Codex OAuth route, and fix trajectory export errors so they suggest the valid openclaw sessions command.
  • Google/Gemini: normalize retired google/gemini-3-pro-preview primary, fallback, and model-map refs during config load and unrelated config writes so saved config keeps targeting Gemini 3.1 Pro Preview.
  • Google/Gemini: normalize retired Gemini 3 Pro Preview ids inside emitted Google provider model config, so regenerated models.json rows test google/gemini-3.1-pro-preview.
  • GitHub Copilot: mint short-lived Copilot API tokens with the same vscode-chat integration identity used by runtime requests, and refresh legacy cached tokens missing that identity so image-capable Copilot models no longer inherit the copilot-language-server scope. Fixes #79946, #80074. Thanks @TurboTheTurtle.
  • Plugins/doctor: drop stale managed npm install records when openclaw doctor --fix removes npm packages that shadow bundled plugins, so the rebuilt registry no longer resurrects the removed package metadata.
  • Discord/voice: reuse or suppress late realtime consult tool calls without stealing newer speaker context or speaking forced fallback answers twice.
  • Discord/voice: synthesize realtime playback timestamps from emitted Discord PCM so OpenAI realtime barge-in truncation no longer sees audioEndMs=0 and skips legitimate interruptions.
  • Plugin SDK: keep activated linked plugin runtime facades loadable when bundled plugin fallback is disabled. Thanks @shakkernerd.
  • Feishu: auto-thread message(action="send") replies inside the topic when the active session is group_topic or group_topic_sender, and propagate replyInThread through text, card, and media outbound adapters so topic-scoped sessions no longer post at the group root. Fixes #74903. (#77151) Thanks @ai-hpc.
  • WhatsApp: pass routing context into voice-note transcript echo preflight so echoed transcripts can deliver to the originating chat. Fixes #79778. (#79788) Thanks @hclsys.
  • Cron/failover: classify structured OpenAI-compatible server_error payloads as server_error, expose that reason in cron state, and let one-shot cron retry policy honor retryOn: ["server_error"] without requiring raw 5xx text. (#45594) Thanks @clovericbot.
  • Slack: wake the resolved thread session after interactive reply button/select clicks and carry Slack delivery context through the queued interaction event, so clicks continue the visible conversation. Fixes #79676 and #61502. (#79836) Thanks @velvet-shark, @tianxiaochannel-oss88, and @Saicheg.
  • WhatsApp/streaming: send only the new suffix when text-end block replies repeat prior preambles across tool-call cycles, preventing cumulative WhatsApp preamble messages. Fixes #78946. (#79120) Thanks @brokemac79 and @papawattu.
  • Tests/security audit: sandbox audit-exec-surface.test.ts under a per-case OpenClaw home tempdir, redirecting OPENCLAW_HOME (which wins over HOME/USERPROFILE in resolveRawHomeDir) alongside HOME and USERPROFILE, so its saveExecApprovals(...) calls never touch the live ~/.openclaw/exec-approvals.json on the host running the suite. Sibling exec-approvals tests already used the tempdir pattern; this file did not, so running pnpm test against a contributor's local checkout was silently truncating their real approvals to { "version": 1, "agents": {} }. (#79885) Thanks @omarshahine.
  • ACP/gateway: preserve AcpRuntimeError cause chain (code/method/JSON-RPC detail) through the lifecycle boundary so gateway logs, telegram replies, and tool-result text show the actual upstream failure instead of opaque Internal error/[object Object], with redaction applied before the chain reaches log or reply surfaces.
  • Channels/iMessage: wire action: "reply" attachments through imsg send-rich --file when the installed imsg build advertises that capability (probed once via imsg send-rich --help and cached on the private-API status). Reply now hydrates media/mediaUrl/fileUrl/mediaUrls[0]/filePath/path/base64 buffer+filename through the shared outbound resolver, stages buffers via the existing withTempFile helper, rejects http(s):// URL attachments with a targeted error pointing callers at send's full attachment-resolver pipeline, and falls back to the explicit imsg#114 not landed yet error on older imsg builds. Depends on the upstream openclaw/imsg#114 capability landing in an installable release; until then the new path stays gated and users see the same explicit fallback #79822 introduced. (#79864) Thanks @omarshahine.
  • Telegram: preserve the first-preview debounce while appending true partial-stream deltas, so edited draft previews no longer duplicate earlier text when providers emit incremental output. (#80045) Thanks @TurboTheTurtle.
  • Agents/Anthropic: report 1M session context for Claude Opus/Sonnet 4 models even when local model config still advertises 200k, matching model discovery and preventing premature status/UI overflow. Fixes #66766.
  • Models/OpenRouter: hide missing-auth direct provider rows in /model status when they are only duplicated by a nested OpenRouter model id such as openrouter/google/..., while preserving explicitly configured direct providers. Fixes #62317.
  • Models: preserve an explicitly selected provider/model such as opencode-go/deepseek-v4-pro when another provider owns the same bare model alias. Fixes #79325.
  • Models/config: explain missing models.providers.<provider>.models[] registration when a model exists only in agents.defaults.models, instead of returning a bare unknown-model error. Fixes #80089.
  • MCP/tools: prefix bundle MCP server/tool fragments that would start with digits, keeping generated tool names valid for Moonshot/Kimi and other strict providers. Fixes #79179.
  • Models/OpenRouter: treat 403 API key budget limit exceeded as billing so model fallback advances instead of retrying the exhausted primary. Fixes #60191. Thanks @omgitsgela.
  • Models/OpenRouter: repair stale session overrides that lost the outer openrouter/ provider wrapper, so sessions return to the configured OpenRouter model instead of failing as an unknown direct-provider model. Fixes #78161. Thanks @hjamal7-bit.
  • Google/Gemini: default API-key onboarding back to google/gemini-3.1-pro-preview so fresh Gemini test configs exercise Gemini 3.1 Pro Preview.
  • Telegram: show full provider/model labels for nested OpenRouter model ids in the model picker, so openrouter/openai/gpt-5.4-mini no longer displays as openai/gpt-5.4-mini. Fixes #67792. (#72752) Thanks @iot2edge.
  • Models/OpenRouter: preserve live supported_parameters tool support metadata so non-tool Perplexity Sonar models no longer receive agent tool payloads and fall back unnecessarily. Fixes #64175. Thanks @Catfish-75.
  • Models/OpenRouter: add MoonshotAI Kimi K2.5 to the bundled OpenRouter catalog so onboarding/model pickers can offer it without waiting for live discovery. Fixes #14601.
  • Models/OpenRouter: keep keyRef/tokenRef-backed auth profiles visible to read-only PI model discovery, so OpenRouter models stay available in model pickers without storing plaintext keys. Fixes #58106. Thanks @ThalynLabs.
  • Models/list: include explicit configured provider rows and read-only auth-backed catalog rows in the default configured view without loading PI's full registry, keeping Control UI pickers aligned with usable model auth. Refs #79381. Thanks @ismael-81.
  • Security/audit: honor tools.byProvider["provider/model"].deny when reporting small-model web/browser exposure, so per-model OpenRouter mitigations clear the models.small_params exposure signal. Fixes #80118.
  • Models/Moonshot: accept direct moonshotai/... and moonshot-ai/... refs as aliases for canonical moonshot/..., so copied OpenRouter Kimi ids no longer fail as unknown direct models. Fixes #73876. (#74946) Thanks @jeffrey701.
  • Kimi Code: use Kimi's stable kimi-for-coding API model id in bundled catalog, onboarding, and docs while normalizing legacy kimi-code and k2p5 refs. Fixes #79965.
  • Volcengine/Kimi: strip provider-unsupported tool schema length and item constraint keywords for direct and coding-plan models so hosted Kimi runs do not reject message tools with minLength. Fixes #38817.
  • DeepSeek: backfill V4 reasoning_content replay fields for unowned OpenAI-compatible proxy providers, preventing follow-up request failures outside the bundled DeepSeek and OpenRouter routes. Fixes #79608.
Check out latest releases or
releases around openclaw 2026.5.10-beta.1

Don't miss a new openclaw release

NewReleases is sending notifications on new releases.

Get notifications