npm openclaw 2026.5.10-beta.3
openclaw 2026.5.10-beta.3
on Node.js NPM

3 hours ago

Changes

  • Build: enable stricter Vitest lint rules for focused, disabled, conditional, hook, matcher, and expectation hazards.
  • Build: pin explicit oxfmt defaults in the shared formatter config to keep formatting behavior stable across upgrades.
  • TypeScript: enable stricter compiler checks for implicit returns, side-effect imports, overrides, and unused production code.
  • Build: upgrade workspace package management to pnpm 11 and keep Docker, install, update, and release workflows on the pnpm 11 config surface. (#79414) Thanks @altaywtf.
  • Models: add provider-level localService startup for on-demand local model servers before OpenAI-compatible requests, including one-shot model probes.
  • Agents: trim default system prompt guidance and send-only message tool schemas to reduce prompt tokens while preserving GPT-5 personality guidance.
  • Context: add /context map to send a treemap image of the current session context contributors. (#79867)
  • Slack: add unfurlLinks and unfurlMedia config for bot chat.postMessage replies, including per-account overrides, so Slack link and media previews can be suppressed without workspace-wide settings. Fixes #48435. (#80145) Thanks @esegev1 and @HemantSudarshan.
  • Slack: add explicit replyBroadcast support for text and Block Kit thread replies so agents can opt into Slack's parent-channel reply_broadcast behavior. (#64365) Thanks @tony88331.
  • Slack: preserve mention target/source metadata in inbound prompt context so agents can distinguish direct bot mentions from implicit thread wakes that mention someone else. Fixes #79025. (#75356) Thanks @tmimmanuel.
  • Slack: canonicalize outbound delivery-mirror routes for native DM channel IDs to the peer user session so message.send calls to D... targets do not split the same Slack DM thread into a channel session. Fixes #80091. (#80111) Thanks @bek91.
  • Plugin SDK: deprecate public subpaths that existed for at least one month and have no bundled extension production imports, keep legacy barrel/test/zod subpath package exports for backwards compatibility, and track both sets in the SDK surface report.
  • Plugin SDK: deprecate public subpaths currently used by only one or two bundled plugin owners, keeping them importable while steering new plugin code to focused shared SDK seams or plugin-owned APIs.
  • Plugin SDK: remove the owner-specific provider-auth-login public subpath after moving Chutes, GitHub Copilot, and OpenAI Codex auth flows back to provider-owned modules.
  • Plugin SDK: remove provider-specific model, stream, and xAI compatibility helpers from public exports after moving bundled callers to provider-owned modules.
  • Plugin SDK: expose runtime-supplied active model metadata to native plugin tool factories for diagnostics and plugin-owned policy decisions. Fixes #77857. Thanks @jamiezigelbaum.
  • QA/Mantis: add Telegram live PR evidence automation with Convex-leased credentials, Crabbox transcript capture, motion GIF previews, and inline PR comments.
  • QA/Mantis: add a Telegram desktop scenario builder that leases Crabbox, installs native Telegram Desktop, configures an OpenClaw Telegram gateway with leased bot credentials, and records VNC screenshot/video artifacts.
  • Discord/voice: add realtime voice diagnostics for speaker turns, playback resets, barge-in detection, and audio cutoff analysis.
  • Talk: add talk.realtime.instructions so operators can append realtime voice style instructions while preserving OpenClaw's built-in agent-consult guidance. (#79081) Thanks @VACInc.
  • Discord/voice: default test and source installs to the pure-JS opusscript decoder by ignoring optional native @discordjs/opus builds, avoiding slow native addon compiles outside dedicated voice-performance lanes.
  • Discord/voice: add an opt-in native @discordjs/opus install script and decoder preference for live voice-performance lanes without charging unrelated Docker/tests for native addon builds.
  • Gateway/skills: add an opt-in private skill archive upload install path gated by skills.install.allowUploadedArchives, so trusted Gateway clients can stage and install zip-backed skills only when operators explicitly enable the code-install surface. (#74430) Thanks @samzong.
  • Codex app-server: enable Codex native code-mode-only for harness threads so deferred OpenClaw dynamic tools run through Codex's own searchable code execution surface instead of a PI-style wrapper.
  • Dependencies: refresh workspace pins and patch targets, including ACPX @agentclientprotocol/claude-agent-acp 0.33.1, Codex ACP 0.14.0, Baileys 7.0.0-rc10, Google GenAI 2.0.1, OpenAI 6.37.0, AWS SDK 3.1045.0, Kysely 0.29.0, Tlon skill 0.3.6, Aimock 1.19.5, and tsdown 0.22.0.
  • Agents/compaction: preserve scoped background exec/process session references across embedded compaction and after-turn runtime contexts without exposing sessions from unrelated scopes. Fixes #79284. (#79307) Thanks @TurboTheTurtle.
  • Agents/process: tell agents to inspect background sessions with process log before sending interactive input and to use waitingForInput/stdinWritable hints from log/poll.
  • CLI/onboarding: improve setup, onboarding, configure, and channel command wayfinding so terminal flows explain the next useful command instead of relying on terse setup labels.
  • Agents/Codex: remove the configurable Codex dynamic-tools profile so Codex app-server always owns workspace, edit, patch, exec, process, and plan tools while OpenClaw integration tools remain available.
  • macOS app: update the Peekaboo bridge dependency to Peekaboo 3.0.0.
  • Dependencies: refresh workspace pins and move the WhatsApp plugin from @whiskeysockets/baileys to baileys while keeping the 7.0.0-rc10 runtime.
  • Plugin SDK: add bundled-plugin session actions, sendSessionAttachment, and Cron-backed scheduleSessionTurn/tag cleanup under the grouped session namespace. Replaces #75578/#75581/#75588 and part of #73384/#74483. Thanks @100yenadmin.
  • Plugin SDK/media-understanding: add extractStructuredWithModel(...) plus the optional provider-side extractStructured(...) seam so trusted plugins can run bounded image-first structured extraction with optional supplemental text context through provider-owned runtimes such as Codex.

Fixes

  • Google/Gemini: normalize retired nested Gemini 3 Pro Preview ids while converting manifest catalog rows into emitted provider config, so google/gemini-3.1-pro-preview is used for testing instead of google/gemini-3-pro-preview.
  • Native apps: advertise the Gateway protocol compatibility range so chat and node sessions can connect to v3 gateways after additive v4 client updates.
  • Gateway/agents: keep stale sessions_send ACP manager and web_fetch runtime chunks importable after package updates, preventing live gateways from breaking before restart. Fixes #78804. Thanks @Gomesy72.
  • Gateway: avoid synchronous restart-sentinel state probes during post-attach startup, preventing slow Windows or redirected state directories from blocking channel turns. Fixes #79264. Thanks @liyi58.
  • Agents/auth: update successful model auth profile status with one locked store write, reducing post-model reply latency from duplicate auth-profiles.json saves. Thanks @mcaxtr.
  • Agents/image: honor explicit image tool model overrides even when agents.defaults.imageModel is unset, restoring one-off vision calls for configured multimodal providers. Fixes #79341. Thanks @haumanto.
  • Codex app-server: preserve prompt-local current-turn context through context-engine prompt projection, so replied-to Telegram messages stay visible to the Codex model input.
  • Telegram: pass agent-scoped media roots through gateway message actions so workspace-local media from the active agent is not rejected as cross-agent access. Thanks @frankekn.
  • CLI/gateway: keep gateway status --deep plugin-aware so configured plugin manifest warnings, including missing channel config metadata, stay visible during install and update smoke checks.
  • Feishu: fall back to a top-level group send when normal group quoted replies target a withdrawn or missing message, preventing replies from disappearing silently while preserving native topic safety. Fixes #79349. Thanks @arlen8411.
  • Doctor: stop flagging the live compatibility agent directory as orphaned when the configured default agent is not main. Fixes #74313. (#74438) Thanks @carlos4s.
  • Auth/Claude CLI: persist fresher managed external CLI OAuth credentials back to auth-profiles.json, preventing stale anthropic:claude-cli profiles from repeatedly bootstrapping and flooding debug logs. Fixes #80129. Thanks @Caulderein.
  • Context: render /context map only from actual run context and persist Codex app-server run reports without counting deferred tool-search schemas as prompt-loaded tool schemas.
  • Codex app-server: report Codex-native tool execution to diagnostics so long-running native bash, web, file, and MCP tools no longer look like stale embedded runs to the watchdog. (#80217)
  • Codex app-server: refresh Codex account rate limits after subscription usage-limit failures so Discord and other channel replies can show the next reset time instead of saying Codex returned none. Thanks @pashpashpash.
  • Tasks: route group and channel task completions through the requester session so the parent agent can send the visible summary instead of stopping at a generic task-status line. Fixes #77251. (#77365) Thanks @funmerlin.
  • Telegram: preserve blank lines between manually indented bullet blocks and following numbered sections in rendered replies. Fixes #76998. Thanks @evgyur.
  • Slack: pass configured agent identity through draft preview sends so partial streaming replies keep custom username/avatar on the initial Slack message. Fixes #38235. (#38237) Thanks @lacymorrow.
  • Slack: support allowBots: "mentions" for bot-authored messages that mention the receiving bot, matching the documented Discord-style mode without accepting every bot message. Fixes #43587. (#43588) Thanks @raw34.
  • Slack: refresh private file URLs with files.info when inbound DM file events omit or stale attachment URLs, preventing file attachments from being dropped before media hydration. Fixes #50129. (#50200) Thanks @smartchainark.
  • Slack: add scoped message-tool formatting hints so agents use Markdown for plain sends and direct mrkdwn for Block Kit fields. Fixes #34609. (#50979) Thanks @carrotRakko.
  • Slack: describe download-file file ids separately from message timestamps and return a targeted recovery error when agents pass messageId instead of fileId. (#74155) Thanks @jarvis-ai-gregmoser.
  • Slack: retain processed room messages for requireMention=false channels so always-on Slack rooms keep recent conversation context between turns. (#38658) Thanks @syedamaann.
  • Slack: compile interactive reply directives for direct outbound sends without bypassing the interactiveReplies capability gate, preserving Block Kit for Slack CLI and cron deliveries. (#78220) Thanks @kazamak.
  • Slack: keep DM last-route updates scoped to the active non-main DM session, including threaded DM turns, so isolated Slack DM sessions do not overwrite the shared main route. (#73085) Thanks @clawSean.
  • Slack/ACP: route Slack channel and DM messages through configured ACP bindings when no runtime binding exists, keeping bound thread replies pinned to the persistent ACP session and dropping unavailable configured targets instead of falling back to main. (#73101) Thanks @Raasl.
  • Slack: mark unresolved thread replies as ambiguous and skip them instead of treating them as root channel messages, keeping thread continuation on the SDK-backed participation store. (#75630) Thanks @soichiyo.
  • Slack: let same-channel message tool sends opt out of inherited thread context with topLevel: true or threadId: null, allowing agents to post a new parent-channel message from inside a Slack thread. Fixes #79807. Thanks @vexclawx31.
  • Slack: prefer full rich-text block content over truncated socket-mode message previews so long inbound Slack messages reach agents intact. Fixes #79027. Thanks @BobAccentWebDev.
  • Slack: include structured Slack API error details in setup, probe, streaming, and reply logs while preserving token redaction. (#53966) Thanks @deucemask.
  • Gateway/agents: keep structured reasons when active-run queueing fails and deprecate the legacy boolean queue helper, so steering and subagent wake diagnostics distinguish completed, non-streaming, and compacting runs. Fixes #80156. Thanks @markus-lassfolk.
  • Agents/UI: compact exec and tool progress rows by hiding redundant shell tool names, replacing known workspace paths with short context markers, and preserving Discord trace scrubbing for compact command lines.
  • ACPX: run and await the embedded ACP backend startup probe by default so the gateway ready signal no longer fires before the acpx runtime has either become usable or reported a probe failure; set OPENCLAW_ACPX_RUNTIME_STARTUP_PROBE=0 to restore lazy startup. Fixes #79596. Thanks @bzelones.
  • Gateway/status: surface model-pricing bootstrap and refresh failures as degraded health/status warnings while keeping Gateway liveness healthy. Fixes #79599. Thanks @bzelones.
  • OpenAI-compatible models: strip prior assistant reasoning fields from replayed Chat Completions history by default, preventing oMLX/vLLM Qwen follow-up turns from rejecting or stalling on stale reasoning payloads. Fixes #46637. Thanks @zipzagster and @lexhoefsloot.
  • CLI/onboarding: give non-Azure custom providers a safe generated context window and heal legacy 4k wizard entries without overwriting explicit valid small model limits, preventing first-turn compaction loops. Fixes #79428. (#79911) Thanks @Jefsky.
  • OpenAI-compatible models: add compat.strictMessageKeys to strip Chat Completions replay messages to role and content for strict providers that reject OpenAI-style tool and metadata keys. Fixes #50374. Thanks @choutos.
  • Bedrock Mantle: add plugins.entries.amazon-bedrock-mantle.config.discovery.enabled=false to suppress automatic Mantle discovery and IAM bearer-token generation while keeping the plugin enabled. Fixes #67288. Thanks @kanekoh.
  • Ollama: stop native /api/chat requests from copying catalog contextWindow or maxTokens into options.num_ctx unless params.num_ctx is explicitly configured, avoiding pathological prompt-ingestion latency on local large-context models. Fixes #62267. Thanks @BenSHPD.
  • Ollama: keep the model idle watchdog enabled for *:cloud models routed through a local Ollama host, so cloud-backed tool-loop stalls fail over visibly instead of inheriting local-model no-idle behavior. Fixes #79350. Thanks @geek111.
  • Voice/Ollama: honor routed voice agent tools.allow for classic embedded voice responses, including empty allowlists, so no-tool Ollama agents do not receive tool schemas. Fixes #79506. Thanks @donkeykong91.
  • Gateway: reread config from disk after the first in-process restart loop startup, preventing SIGUSR1 restarts from reusing a stale startup snapshot and dropping config written after boot. Fixes #79947. Thanks @TheLevti.
  • Codex app-server: deliver native image-generation outputs from Codex savedPath events as reply media, so blank-text image generation turns still attach the generated file. Thanks @keshavbotagent.
  • Network/SSRF: keep pinned automatic DNS lookups on IPv4 when dual-stack hosts also publish AAAA records, and treat EADDRNOTAVAIL as a transient gateway network failure instead of a fatal crash. Fixes #80078. Thanks @takamasa-aiso.
  • Control UI: show compact one-line live/idle/terminal run status badges in the Sessions table and rename the active-minute filter to its updated-within meaning. Fixes #78307. Thanks @BunsDev.
  • Control UI: scope chat session-list refreshes by agent and skip disk-only agent store discovery for configured-only lists, preventing post-first-message session switching stalls on large Windows stores. Fixes #79675. Thanks @lovelefeng-glitch, @BunsDev.
  • Control UI: allow Appearance tweakcn theme imports through the served CSP so browser-local custom theme links no longer fail with a connect-src violation. Fixes #78504. Thanks @BunsDev.
  • Media/host-read: allow buffer-verified gzip, tar, and 7z archives in the shared host-local media validator alongside ZIP and document attachments.
  • Plugins/doctor: invalidate persisted plugin registry snapshots when plugin diagnostics point at deleted source paths, so openclaw doctor stops repeating stale warnings after a local extension is replaced by a managed npm plugin. Fixes #80087. (#80134) Thanks @hclsys.
  • Doctor/OpenAI Codex: preserve Codex auth intent when auto-repairing legacy openai-codex/* model refs to canonical openai/* by adding provider/model-scoped Codex runtime policy, preventing repaired configs from falling through to direct OpenAI API-key auth. Fixes #78533 and #78570. Thanks @superck110 and @Azmodump.
  • CLI/agents: surface durable message delivery status from sendDurableMessageBatch in deliverAgentCommandResult and openclaw agent --json --deliver, preserving suppressed hook outcomes as terminal no-retry results while exposing partial and failed sends for automation. Supersedes #53961 and #57755. Thanks @Kaspre.
  • Agents: apply the LLM idle watchdog while provider stream setup is still pending, preventing silent pre-stream model hangs from waiting for the full agent timeout.
  • Cron: let isolated self-cleanup runs inspect their own job run history while keeping other cron jobs and mutation actions blocked. Fixes #80019. Thanks @hclsys.
  • Cron: report isolated agent-turn setup and pre-model stalls with phase-specific timeout errors instead of waiting for the full job budget when no model call starts. Fixes #74803. Thanks @jeffsteinbok-openclaw and @dgkim311.
  • CLI/plugins: treat arbitrary unknown subcommands outside plugin CLI metadata as normal unknown commands instead of suggesting plugins.allow, while preserving allowlist guidance for real plugin command roots. Fixes #80109. (#80123) Thanks @kagura-agent.
  • CLI/config: persist explicit config set and config patch values that equal runtime defaults instead of reporting success while dropping them. Fixes #79856. (#80106) Thanks @abodanty and @hclsys.
  • OpenAI/realtime voice: accept Codex-compatible legacy audio and transcript event aliases so provider protocol drift does not drop assistant audio or captions.
  • Discord/voice: keep default agent-proxy realtime sessions from auto-speaking filler before the forced OpenClaw consult answer, finish Discord playback on realtime response completion, and queue later exact-speech answers until playback idles to avoid mid-sentence replacement.
  • Gateway: return deterministic 400 invalid_request_error responses for malformed encoded session-kill HTTP paths instead of letting route-shaped requests fall through to later Gateway handlers. (#72439) Thanks @rubencu.
  • Control UI: serve root PWA and favicon assets from /__openclaw__/ SPA routes so tab icons, install metadata, and the service worker do not 404 after internal navigation. Fixes #80072. Thanks @CodeNovice2017.
  • OpenAI/realtime voice: honor disabled input-audio interruption locally so server VAD speech-start events do not clear Discord playback after operators set interruptResponseOnInputAudio: false.
  • Telegram: keep no-response DM turns quiet instead of rewriting them into visible silent-reply chatter. Fixes #78188. (#78228) Thanks @Beandon13.
  • Telegram: handle managed select button callbacks before the raw callback fallback while preserving delimiter-containing option values such as env|prod. (#79816) Thanks @moeedahmed.
  • OpenAI-compatible models: handle JSON chat-completion bodies returned to streaming requests, preserving reasoning fields and visible text instead of completing an empty agent turn. Fixes #77870.
  • Discord/models: defer model picker component interactions before loading route, model, and preference data, preventing "This interaction failed" timeouts under gateway load. Fixes #77283. Thanks @colin-chang.
  • xAI: expose /think low|medium|high for reasoning-capable Grok models and keep reasoning.effort on native Responses payloads while preserving off-only behavior for non-reasoning routes. Fixes #79210. Thanks @colinmcintosh.
  • CLI/media: let explicit image description model refs use bundled static provider catalogs and generic model-backed image hooks, so openclaw infer image describe --model zai/glm-4.6v works like direct model runs and Anthropic auth probes avoid stale Claude 3 Haiku catalog entries.
  • Models/Anthropic: add anthropic/claude-haiku-4-5 to Anthropic API-key agent allowlist defaults when an Anthropic default model is configured, so cron model overrides can select the current Haiku alias. Fixes #78000.
  • Agents/compaction: initialize built-in context engines before CLI transcript compaction resolves the default engine, preventing clean-process legacy engine registration failures during CLI session persistence. Fixes #79446. Thanks @TurboTheTurtle.
  • Agents/Anthropic-compatible: strip replayed thinking blocks for custom Anthropic-compatible models that explicitly declare supportsReasoningEffort: false, preventing Kimi-compatible providers from resending unsupported thinking content. Fixes #47452.
  • Browser: wait longer for existing-session Chrome MCP status and non-deep doctor probes so slow first attaches do not falsely report offline while keeping raw CDP status probes short. (#77473) Thanks @rubencu.
  • Gateway/logging: install console capture before foreground Gateway fast-path parsing and suppress known libsignal session dumps even in verbose mode, preventing raw terminal logs from printing WhatsApp session key material. (#76306) Thanks @rubencu.
  • Exec approvals: keep exec.approval.list on the lightweight policy-summary path so listing pending approvals no longer loads the rich tree-sitter command explainer. (#76943) Thanks @rubencu.
  • Agents: surface concise default-visible warnings when exec/bash tool calls fail after the assistant claims success, while keeping raw stderr hidden unless verbose details are enabled. Fixes #60497. (#80003) Thanks @jbetala7.
  • Agents: stop blank model-emitted tool calls before dispatch while preserving id-based tool-name recovery, preventing Kimi/NVIDIA blank-name retry loops without creating a callable _blank sentinel. Fixes #34129. (#56391) Thanks @smartchainark.
  • Agents/Telegram: deliver the canonical final assistant answer instead of replaying accumulated pre-tool text blocks, preventing duplicate Telegram replies and raw-looking tool-output fragments from leaking into chat delivery. Fixes #79621 and #79986. Thanks @nonzeroclaw and @dudaefj.
  • Auto-reply/TUI: keep fallback timeout recovery deliverable after a primary model lifecycle error by emitting fallback progress and deferring terminal TUI errors until recovery has a chance to finish. Fixes #80000. (#80009) Thanks @TurboTheTurtle.
  • Heartbeat: clear stale auto fallback model overrides when the configured default model changes, so heartbeat runs follow updated agents.defaults.model.primary without requiring a manual reset. Fixes #74284. Thanks @brtkwr and @bitloi.
  • CLI/agent: let openclaw agent --model use the backend/admin Gateway scope without cached device-token scopes silently downscoping the request. (#78837) Thanks @VACInc.
  • CLI/help: keep help and version invocations configless while improving shared port, channel, plugin, task, session, message, pairing, and auth recovery text.
  • CLI/config: explain strict JSON parse failures with a valid example and the plain-string escape hatch.
  • CLI/secrets: turn offline Gateway reload failures into actionable recovery text.
  • CLI/channels: explain missing or ambiguous channel selections with next commands.
  • CLI/channels: defer guided channel status collection until a channel is selected, keeping openclaw channels add first screen quieter.
  • CLI/channels: exit guided channel setup cleanly on cancellation instead of printing the internal wizard error.
  • Plugins/CLI: route disabled Matrix and LanceDB memory command roots to plugin-enable guidance instead of generic unknown-command errors.
  • Browser/Docker: detect Playwright-managed Chromium from PLAYWRIGHT_BROWSERS_PATH and the default Playwright cache on Linux, so Docker installs that persist /home/node/.cache/ms-playwright no longer need browser.executablePath.
  • Ollama: keep DeepSeek V4 cloud models thinking-capable even when Ollama Cloud /api/show omits the thinking capability, so /think high no longer rejects ollama/deepseek-v4-*:cloud.
  • ACPX/Claude ACP: keep foreground prompts waiting for their own result when autonomous task-notification results arrive during the same session, and retarget the patch for Claude Agent ACP 0.33.1.
  • WhatsApp: keep Baileys media uploads from passing non-Dispatcher agents to undici in 7.0.0-rc10, and patch the bundled Baileys declaration so the latest tsdown build stays warning-clean.
  • Build: keep tsdown 0.22.0 warning-clean by externalizing known third-party declaration edges and replacing relative channel config module augmentations with explicit built-in channel fields.
  • ACP sessions: map canonical runtime options to backend-advertised ACP config keys like Claude's effort while keeping persisted OpenClaw state canonical. (#79926) Thanks @InTheCloudDan.
  • Models/Discord: support provider/* entries in agents.defaults.models so /model, /models, and model pickers can show dynamically discovered models for selected providers without exact model allowlists. Fixes #79485. Thanks @rendrag-git.
  • Gateway/watch: rebuild or restage missing bundled-plugin dist and runtime-postbuild outputs before launching the Gateway from a source checkout, preventing incomplete watch-mode runtime trees. (#70805) Thanks @rubencu.
  • CLI/update: allow restart health probes from the previous gateway protocol during self-update, and make plugin dry-runs report exact npm target versions instead of unknown while preserving unchanged status.
  • OpenAI/Codex: forward persisted openai-codex OAuth profile metadata into Codex plugin harness attempts after canonical openai/* migration, so OAuth-only installs keep using native Codex auth instead of falling through to direct OpenAI API-key auth. Fixes #79978.
  • OpenAI/Codex: point gateway missing-key recovery and wizard docs at the canonical openai/gpt-5.5 plus Codex OAuth route, and fix trajectory export errors so they suggest the valid openclaw sessions command.
  • Google/Gemini: normalize retired google/gemini-3-pro-preview primary, fallback, and model-map refs during config load and unrelated config writes so saved config keeps targeting Gemini 3.1 Pro Preview.
  • Google/Gemini: normalize retired Gemini 3 Pro Preview ids inside emitted Google provider model config, so regenerated models.json rows test google/gemini-3.1-pro-preview.
  • Google/Gemini: normalize retired Gemini 3 Pro Preview ids for explicit OpenAI-compatible Google and Gemini CLI provider configs, so emitted config targets google/gemini-3.1-pro-preview.
  • Google/Gemini: normalize retired Gemini 3 Pro Preview ids preserved from existing merged models.json providers so config emission keeps targeting google/gemini-3.1-pro-preview.
  • Google/Gemini: normalize retired Gemini 3 Pro Preview ids inside provider auth config patches so setup-emitted provider catalogs test google/gemini-3.1-pro-preview.
  • GitHub Copilot: mint short-lived Copilot API tokens with the same vscode-chat integration identity used by runtime requests, and refresh legacy cached tokens missing that identity so image-capable Copilot models no longer inherit the copilot-language-server scope. Fixes #79946, #80074. Thanks @TurboTheTurtle.
  • Plugins/doctor: drop stale managed npm install records when openclaw doctor --fix removes npm packages that shadow bundled plugins, so the rebuilt registry no longer resurrects the removed package metadata.
  • Discord/voice: reuse or suppress late realtime consult tool calls without stealing newer speaker context or speaking forced fallback answers twice.
  • Discord/voice: skip likely incomplete realtime forced-consult transcript fragments and non-actionable closings so stale partial speech does not queue delayed answers over the next turn.
  • Discord/voice: keep realtime forced consults from clearing active exact-speech playback, so back-to-back voice answers queue instead of cutting each other off.
  • Discord/voice: synthesize realtime playback timestamps from emitted Discord PCM so OpenAI realtime barge-in truncation no longer sees audioEndMs=0 and skips legitimate interruptions.
  • Plugin SDK: keep activated linked plugin runtime facades loadable when bundled plugin fallback is disabled. Thanks @shakkernerd.
  • Feishu: auto-thread message(action="send") replies inside the topic when the active session is group_topic or group_topic_sender, and propagate replyInThread through text, card, and media outbound adapters so topic-scoped sessions no longer post at the group root. Fixes #74903. (#77151) Thanks @ai-hpc.
  • WhatsApp: pass routing context into voice-note transcript echo preflight so echoed transcripts can deliver to the originating chat. Fixes #79778. (#79788) Thanks @hclsys.
  • Cron/failover: classify structured OpenAI-compatible server_error payloads as server_error, expose that reason in cron state, and let one-shot cron retry policy honor retryOn: ["server_error"] without requiring raw 5xx text. (#45594) Thanks @clovericbot.
  • Slack: wake the resolved thread session after interactive reply button/select clicks and carry Slack delivery context through the queued interaction event, so clicks continue the visible conversation. Fixes #79676 and #61502. (#79836) Thanks @velvet-shark, @tianxiaochannel-oss88, and @Saicheg.
  • WhatsApp/streaming: send only the new suffix when text-end block replies repeat prior preambles across tool-call cycles, preventing cumulative WhatsApp preamble messages. Fixes #78946. (#79120) Thanks @brokemac79 and @papawattu.
  • Tests/security audit: sandbox audit-exec-surface.test.ts under a per-case OpenClaw home tempdir, redirecting OPENCLAW_HOME (which wins over HOME/USERPROFILE in resolveRawHomeDir) alongside HOME and USERPROFILE, so its saveExecApprovals(...) calls never touch the live ~/.openclaw/exec-approvals.json on the host running the suite. Sibling exec-approvals tests already used the tempdir pattern; this file did not, so running pnpm test against a contributor's local checkout was silently truncating their real approvals to { "version": 1, "agents": {} }. (#79885) Thanks @omarshahine.
  • ACP/gateway: preserve AcpRuntimeError cause chain (code/method/JSON-RPC detail) through the lifecycle boundary so gateway logs, telegram replies, and tool-result text show the actual upstream failure instead of opaque Internal error/[object Object], with redaction applied before the chain reaches log or reply surfaces.
  • Channels/iMessage: wire action: "reply" attachments through imsg send-rich --file when the installed imsg build advertises that capability (probed once via imsg send-rich --help and cached on the private-API status). Reply now hydrates media/mediaUrl/fileUrl/mediaUrls[0]/filePath/path/base64 buffer+filename through the shared outbound resolver, stages buffers via the existing withTempFile helper, rejects http(s):// URL attachments with a targeted error pointing callers at send's full attachment-resolver pipeline, and falls back to the explicit imsg#114 not landed yet error on older imsg builds. Depends on the upstream openclaw/imsg#114 capability landing in an installable release; until then the new path stays gated and users see the same explicit fallback #79822 introduced. (#79864) Thanks @omarshahine.
  • Telegram: preserve the first-preview debounce while appending true partial-stream deltas, so edited draft previews no longer duplicate earlier text when providers emit incremental output. (#80045) Thanks @TurboTheTurtle.
  • Agents/Anthropic: report 1M session context for Claude Opus/Sonnet 4 models even when local model config still advertises 200k, matching model discovery and preventing premature status/UI overflow. Fixes #66766.
  • Models/OpenRouter: hide missing-auth direct provider rows in /model status when they are only duplicated by a nested OpenRouter model id such as openrouter/google/..., while preserving explicitly configured direct providers. Fixes #62317.
  • Models: preserve an explicitly selected provider/model such as opencode-go/deepseek-v4-pro when another provider owns the same bare model alias. Fixes #79325.
  • Models/config: explain missing models.providers.<provider>.models[] registration when a model exists only in agents.defaults.models, instead of returning a bare unknown-model error. Fixes #80089.
  • MCP/tools: prefix bundle MCP server/tool fragments that would start with digits, keeping generated tool names valid for Moonshot/Kimi and other strict providers. Fixes #79179.
  • Models/OpenRouter: treat 403 API key budget limit exceeded as billing so model fallback advances instead of retrying the exhausted primary. Fixes #60191. Thanks @omgitsgela.
  • Models/OpenRouter: repair stale session overrides that lost the outer openrouter/ provider wrapper, so sessions return to the configured OpenRouter model instead of failing as an unknown direct-provider model. Fixes #78161. Thanks @hjamal7-bit.
  • Google/Gemini: default API-key onboarding back to google/gemini-3.1-pro-preview so fresh Gemini test configs exercise Gemini 3.1 Pro Preview.
  • Telegram: show full provider/model labels for nested OpenRouter model ids in the model picker, so openrouter/openai/gpt-5.4-mini no longer displays as openai/gpt-5.4-mini. Fixes #67792. (#72752) Thanks @iot2edge.
  • Models/OpenRouter: preserve live supported_parameters tool support metadata so non-tool Perplexity Sonar models no longer receive agent tool payloads and fall back unnecessarily. Fixes #64175. Thanks @Catfish-75.
  • Models/OpenRouter: add MoonshotAI Kimi K2.5 to the bundled OpenRouter catalog so onboarding/model pickers can offer it without waiting for live discovery. Fixes #14601.
  • Models/OpenRouter: keep keyRef/tokenRef-backed auth profiles visible to read-only PI model discovery, so OpenRouter models stay available in model pickers without storing plaintext keys. Fixes #58106. Thanks @ThalynLabs.
  • Models/list: include explicit configured provider rows and read-only auth-backed catalog rows in the default configured view without loading PI's full registry, keeping Control UI pickers aligned with usable model auth. Refs #79381. Thanks @ismael-81.
  • Security/audit: honor tools.byProvider["provider/model"].deny when reporting small-model web/browser exposure, so per-model OpenRouter mitigations clear the models.small_params exposure signal. Fixes #80118.
  • Models/Moonshot: accept direct moonshotai/... and moonshot-ai/... refs as aliases for canonical moonshot/..., so copied OpenRouter Kimi ids no longer fail as unknown direct models. Fixes #73876. (#74946) Thanks @jeffrey701.
  • Kimi Code: use Kimi's stable kimi-for-coding API model id in bundled catalog, onboarding, and docs while normalizing legacy kimi-code and k2p5 refs. Fixes #79965.
  • Telegram: render cached reply targets and nearby group chatter as one selected conversation context window, so stale replies no longer split JSON reply chains from local chat context.
  • Volcengine/Kimi: strip provider-unsupported tool schema length and item constraint keywords for direct and coding-plan models so hosted Kimi runs do not reject message tools with minLength. Fixes #38817.
  • DeepSeek: backfill V4 reasoning_content replay fields for unowned OpenAI-compatible proxy providers, preventing follow-up request failures outside the bundled DeepSeek and OpenRouter routes. Fixes #79608.
  • iMessage: emit a WARN log when an action is blocked because the imsg private API bridge is not attached, so operators see the silent-drop in ~/.openclaw/logs/openclaw.log instead of having to read per-session trajectory JSONL tool.result payloads. Common after a gateway restart un-injects the dylib from Messages.app. (#80035) Thanks @omarshahine.
  • Codex: cross-fill missing thread.id and thread.sessionId before schema validation so live Codex app-server responses that omit sessionId no longer fail thread/start or thread/resume. Fixes #80124. (#80137) Thanks @kagura-agent.
  • Agents/Pi: wait for embedded abort cleanup to settle before releasing the session write lock, preventing follow-up turns from racing previous prompt teardown. (#80239) Thanks @samzong.
  • WhatsApp: downgrade OpenClaw watchdog-triggered Web reconnects from runtime errors to recovery warnings and clear the recovered reconnect status after the next healthy connection. (#77026) Thanks @rubencu.
Check out latest releases or
releases around openclaw 2026.5.10-beta.3

Don't miss a new openclaw release

NewReleases is sending notifications on new releases.

Get notifications