npm openclaw 2026.5.14-beta.1
openclaw 2026.5.14-beta.1
on Node.js NPM

4 hours ago

Changes

  • Dependencies: route root ambient Node proxy agents through @openclaw/proxyline and drop root proxy-agent, https-proxy-agent, and minimatch dependencies.
  • Control UI/i18n: add a pnpm ui:i18n:report baseline report for hardcoded-copy focus areas and locale fallback metadata. (#81320) Thanks @samzong.
  • Maintainer tooling: add a repo-local codex-review skill for Codex closeout reviews, including local dirty-work and PR-branch review helpers that rerun until no accepted/actionable findings remain and avoid unsupported inline prompts with --base.
  • Maintainer tooling: fail CI when pull requests add package patch files or pnpm patched dependencies, preserving the upstream-and-bump dependency workflow.
  • Codex app-server: stream commentary preambles into editable channel progress drafts without promoting them to final answers.
  • Codex migration: remove the bundled codex-cli backend and repair legacy codex-cli/* model refs to the Codex app-server route on openai/*.
  • Gateway/startup: add owner-level startup trace attribution for auth, plugin loading, lookup counts, and plugin sidecar services. (#81738) Thanks @samzong.
  • Channels/status reactions: wire StatusReactionController into WhatsApp message turns (queued → thinking → tool → done/error lifecycle, on par with Telegram and Discord), add deploy/build/concierge emoji categories with tool-token routing, and replace the status reaction defaults with self-explanatory emoji (🧠 thinking, 🛠️ tool, 💻 coding, 🌐 web, ⏳ stallSoft, ⚠️ stallHard, ✅ done, ❌ error, 🗜️ compacting) so stall and lifecycle reactions read as status indicators instead of emotional commentary. Fixes #59077. (#80612) Thanks @gado-ships-it.
  • Control UI: add a browser-local Text size setting in Appearance and Quick Settings, scaling chat and dense UI text while keeping inputs above the mobile Safari focus-zoom threshold. Fixes #8547. Thanks @BunsDev.
  • Docs: add a dedicated ds4 provider page with local DeepSeek V4 Flash config, on-demand startup, context sizing, and live verification steps.
  • Release validation: add a package-installed Docker user-journey lane that verifies onboarding, mocked model setup, external plugin install/uninstall, ClickClack outbound/inbound messaging, Gateway restart survival, and doctor.
  • Release validation: add package-installed Docker lanes for real TTY onboarding, media and memory persistence, published-package upgrade journeys, and local marketplace plugin install/update/uninstall coverage.
  • Maintainers: add a Clawdtributor skill for Discrawl-backed contributor PR triage, live status checks, and compact review formatting.
  • Telegram: support Mini App web_app buttons in generic message presentation payloads, allowing openclaw message send --presentation to render Telegram Web App inline buttons for private chats. (#81356) Thanks @jzakirov.
  • Scripts: add OPENCLAW_HEAVY_CHECK_LOCK_SCOPE=worktree so high-capacity local worktrees can use independent heavy-check locks while shared locks remain the default. Fixes #80729. (#80734) Thanks @samzong.
  • Agents/subagents: deliver native sessions_spawn tasks in the child session's first visible [Subagent Task] message instead of hiding the task in the sub-agent system prompt, keeping delegation auditable without duplicating tokens. Fixes #78592. Thanks @bradestes and @stainlu.
  • Messages/queue: make mid-turn prompts steer active runs by default via /queue steer, preserve /queue followup and /queue collect for users who want messages to queue by default, and make /steer continue as a normal prompt when steering is unavailable. (#77023) Thanks @fuller-stack-dev.
  • Voice Call/Telnyx: add realtime media-streaming call support for conversational voice calls. (#81024) Thanks @dynamite-bud.
  • Dependencies: add release dependency evidence reports, npm advisory gating, and PR dependency-change awareness so maintainers can review dependency risk before and during releases. Thanks @joshavant.
  • Gateway: expose optional isHeartbeat metadata on agent event payloads so clients can distinguish scheduled heartbeat runs from ordinary chat runs. (#80610) Thanks @medns.
  • Agents: add agents.defaults.runRetries and agents.list[].runRetries config for embedded Pi runner retry loop limits. (#80661) Thanks @medns.
  • Codex: add node-backed Codex CLI session listing and binding so an OpenClaw conversation can continue an existing Codex CLI session running on a paired node.

Fixes

  • Cron/Codex: default exact-command scheduled agent turns to lightweight bootstrap context so automation runs the command before loading workspace identity or memory context.
  • Codex plugin/Gateway: strip unpaired UTF-16 surrogates from Codex app-server JSON-RPC payloads and let stale reply-work recovery abort stalled reply runs, preventing malformed media turns from wedging gateway lanes.
  • Codex app server: force OAuth refresh requests to perform a real token refresh instead of reusing unchanged inherited auth-profile tokens after refresh failures. (#80738) Thanks @simplyclever914.
  • Control UI/WebChat: render /tts audio replies as playable audio attachments through the assistant-media ticket path, with structured-audio compatibility for older live payloads. (#81722) Thanks @Conan-Scott.
  • Bind gateway approval access to requester metadata [AI]. (#81380) Thanks @pgondhi987.
  • Telegram: let isolated polling drain independent topics, DMs, and status/control commands concurrently while preserving same-lane order. (#81849) Thanks @VACInc.
  • Build: keep externalized Slack, OpenShell sandbox, and Anthropic Vertex runtime dependency declarations out of the root dist artifact build.
  • ClawHub: include Amazon Bedrock and Bedrock Mantle provider packages in the published registry metadata so the externalized providers are discoverable from ClawHub as well as npm.
  • Auto-reply/Claude CLI: bridge CLI-runtime assistant text-delta agent events into the chat reasoning preview through onReasoningStream, mirroring the existing assistant-text (#76914) and tool-event (#80046) bridges and adding gating so non-CLI runtimes are unaffected. Thanks @anagnorisis2peripeteia and @pashpashpash.
  • Mantis: keep QA evidence in Actions artifacts only and stop publishing evidence files to Git-backed artifact branches.
  • CLI/migrate: handle delayed Codex plugin marketplace responses so warnings, next-steps, and conflict states render with ⚠️ glyphs and post-install migration retries the marketplace fetch instead of silently skipping plugin items. (#81625) Thanks @sjf.
  • Channels/Weixin: bump the bundled @tencent-weixin/openclaw-weixin external entry to 2.4.3 (from 2.4.1) so onboarding and openclaw channels add install the current Tencent Weixin (personal WeChat) plugin release. (#81730) Thanks @scotthuang.
  • CLI: lazy-load model, plugin, and device runtime helpers and keep channel option help on generated startup metadata or generic fallback text so parent/help output renders without importing those runtime paths.
  • CLI: route plugins list --json through the parsed command fast path and cover it in response budgets so plugin JSON inventory avoids full CLI registration work.
  • Gateway/network: keep OpenClaw-installed undici dispatchers on HTTP/1.1 and treat destroyed HTTP/2 session errors as recoverable network teardown, preventing ERR_HTTP2_INVALID_SESSION from crashing active gateway turns. Fixes #81627. (#81838) Thanks @joshavant.
  • Memory/daily-files: widen the daily-memory file matcher used by Dreaming, rem-backfill, rem-harness, the doctor sweep, and short-term promotion so memory/YYYY-MM-DD-<slug>.md files written by the bundled session-memory hook (and any future slugged variants) are discovered alongside the date-only memory/YYYY-MM-DD.md shape. Date extraction still uses the leading YYYY-MM-DD capture group, so per-day ingestion/promotion semantics are unchanged for existing date-only files; slugged files now flow through the same paths instead of being silently skipped. Fixes #69536. Thanks @jack-stormentswe.
  • macOS/Gateway: fail managed LaunchAgent stop and restart when the configured gateway port remains busy after cleanup instead of reporting success while a listener survives. Fixes #73132. Thanks @BunsDev.
  • Telegram: reuse the sticky IPv4 Bot API transport for periodic getMe health checks, so IPv4-working hosts with broken IPv6 egress stop logging repeated probe timeouts. Fixes #76852. (#76856) Thanks @SymbolStar.
  • Telegram: ship the isolated polling worker at the root dist path used by the bundled worker loader, avoiding startup failures looking for dist/telegram-ingress-worker.runtime.js.
  • Control UI/Gateway: stop stale token-mismatch reconnect loops when no trusted device-token retry is available, and cap rendered chat history by raw tool-output size so dashboard auth/history work cannot keep degrading channel sockets. Fixes #72139. Thanks @BunsDev.
  • Memory/daily-files: prioritize the canonical memory/YYYY-MM-DD.md daily note before same-day slugged session captures during capped live ingestion and historical seeding, preserving existing daily-note behavior when slugged files exist.
  • Gateway/OpenAI-compatible HTTP: parse shared JSON endpoint paths without trusting malformed Host headers, avoiding 500s before /v1/chat/completions, /v1/responses, and /v1/embeddings request handling.
  • Telegram: resolve plugin native commands with the active runtime config so commands like /codex ... stay on the native command path.
  • Voice-call webhooks: parse webhook and realtime upgrade paths without trusting malformed Host headers, avoiding 500s before provider signature checks or path rejection.
  • Media store: reject malformed redirect Location headers as media-download failures instead of letting URL parsing escape the async response callback.
  • ClickClack: skip malformed realtime websocket frames instead of stopping the channel monitor on a single bad JSON event.
  • Browser tool: treat malformed node proxy payloadJSON responses as browser proxy failures instead of leaking raw JSON parser errors.
  • Gateway HTTP: match models, session kill, and session history route paths without trusting malformed Host headers, avoiding pre-auth 500s on those endpoints.
  • Google Meet/Codex: report malformed node proxy payloadJSON responses with plugin-owned errors instead of leaking raw JSON parser failures.
  • Debug proxy: reject malformed relative-form proxy targets with a controlled 400 response instead of letting URL parsing escape the request handler.
  • File transfer: reject malformed inline file_write base64 before computing hashes or invoking paired nodes, avoiding Node's lenient base64 decoder.
  • QA channel: skip malformed inline inbound attachment base64 instead of staging silently corrupted media for agent turns.
  • Microsoft Teams: reject malformed inline HTML image base64 padding instead of decoding corrupted data: image attachments.
  • Voice-call realtime: ignore malformed provider media-frame base64 before forwarding audio into bridge and transcription paths.
  • QQBot: reject malformed stored cron payload base64 before JSON decoding structured reminder data.
  • Telnyx voice-call: use the raw client_state fallback when webhook state is malformed base64 instead of using silently corrupted decoded text.
  • Google Meet: report malformed node-host params JSON with plugin-owned errors instead of leaking raw JSON parser failures.
  • CLI/export-trajectory: report malformed encoded request JSON with a stable CLI error instead of leaking raw parser output.
  • Twilio voice-call: report malformed successful API JSON responses with provider-owned errors instead of leaking raw parser failures.
  • Voice-call provider APIs: report malformed successful guarded JSON responses with provider-prefixed errors instead of leaking raw parser failures.
  • Realtime transcription: report malformed provider websocket JSON frames with owned parser errors instead of leaking raw SyntaxError objects.
  • Microsoft Foundry: report malformed Azure CLI token JSON with owned auth errors instead of leaking raw parser failures.
  • Gateway/model pricing: report malformed external pricing catalog JSON with source-owned errors instead of leaking raw parser failures.
  • QA Lab: report malformed model-catalog subprocess JSON with an owned error and ignore invalid catalog rows.
  • Google Meet: report malformed browser-control status JSON with plugin-owned errors instead of leaking raw parser failures.
  • Google provider: report malformed SSE stream JSON with provider-owned errors instead of leaking raw parser failures.
  • Node host: report malformed built-in invoke paramsJSON with stable invalid-request errors instead of leaking raw parser failures.
  • Amazon Bedrock embeddings: report malformed provider response JSON with provider-owned errors instead of leaking raw parser failures.
  • QQBot: report malformed access-token JSON with provider-owned errors instead of leaking raw parser failures.
  • OpenAI embeddings: report malformed batch output JSONL with provider-owned errors instead of leaking raw parser failures.
  • Synology Chat: report malformed JSON webhook payloads with stable channel-owned parser errors.
  • Mattermost: report malformed interaction callback JSON with stable channel-owned parser errors.
  • Matrix: ignore malformed percent-encoding in optional location URI parameters instead of letting a bad geo: event abort inbound message handling.
  • Web search: auto-detect Brave through its legacy tools.web.search.apiKey compatibility fallback while keeping doctor migration to plugins.entries.brave.config.webSearch.apiKey as the canonical repair, so allowlisted isolated cron runs do not report web_search unavailable before migration. Fixes #81538. Thanks @atomicmonk.
  • Plugins: memoize repeated in-process plugin metadata snapshots and keep vanished managed-install residue from forcing full derived discovery, reducing gateway/status startup scans under large plugin sets. Fixes #81143 and #79806. (#81570) Thanks @Kaspre, @holgergruenhagen, @JanPlessow, and @mjamiv.
  • CLI/plugins: route lazy plugin command-registration chatter to stderr only during JSON-output command registration, keeping plugin-backed --json stdout parseable without changing parse-only or pass-through --json behavior. Fixes #81535. (#81536) Thanks @ScientificProgrammer and @vincentkoc.
  • Plugins: treat git plugin install refs as refs instead of checkout flags, so option-like selectors fail checkout instead of silently installing the default branch. Fixes #79898. (#79901) Thanks @afurm and @vincentkoc.
  • Web: honor explicitly configured global web_search providers during provider ownership resolution while keeping sandboxed web_fetch limited to bundled providers.
  • Plugins/doctor: repair configured legacy npm declaration stubs by reinstalling their npm packages into the managed plugin root instead of loading workspace node_modules, and warn when discovery sees those stubs. Fixes #79632. Thanks @Dylanzhang1128 and @vincentkoc.
  • Channels: keep configured third-party channel plugins visible in openclaw channels list when their manifest declares channels but has not added channelConfigs metadata yet. Fixes #81334. (#81340) Thanks @AllynSheep and @vincentkoc.
  • Agents: skip bootstrap file and hook preload work on completed continuation-skip turns when no workspace bootstrap is pending, reducing isolated-agent prep latency without changing first-turn bootstrap behavior. Fixes #81548. Thanks @delizaran-unpa.
  • Config: validate JSON dry-runs against plugin-owned channel schemas, so external channel fields are not rejected by stale bundled schemas. Fixes #77887. (#81504) Thanks @giodl73-repo.
  • iOS: restore first-use Contacts, Calendar, and Reminders permission prompts and add Privacy & Access status/actions in Settings. Thanks @BunsDev.
  • Canvas: return not found for malformed percent-encoded Canvas/A2UI/document asset paths and keep decoded parent traversal blocked before path normalization.
  • Telegram: allow trusted local Bot API media files whose filenames start with dots instead of falling back to remote download.
  • Agents/Codex app-server: remap injected context files under dot-dot-prefixed workspace directories when a run switches to an effective sandbox workspace.
  • Control UI/i18n: use the installed workspace pi runtime for locale refreshes, update the fallback package pin, and skip scheduled refreshes with invalid provider credentials instead of failing main.
  • CI/performance: authenticate the clawgrit report repository remote during both checkout and publish so performance report pushes do not fail after benchmarks complete.
  • Hooks: load workspace-relative legacy hook modules from dot-dot-prefixed directories without treating the filename prefix as parent traversal.
  • Plugins: preserve installed package metadata and persisted registry freshness checks for plugin package paths under dot-dot-prefixed directories.
  • Agents: allow dot-dot-prefixed filenames such as ..note.txt through sandbox FS bridge, remote sandbox reads, and apply_patch summaries without mistaking the name for parent traversal.
  • CLI/migrate: hide per-item source/plugin hints on non-conflicting Codex skill and plugin selection prompts, keeping the hint text reserved for rows that actually need attention. Thanks @sjf.
  • Codex harness: treat high-confidence app-server OAuth refresh invalidation as a terminal auth-profile failure, stopping repeated raw token-refresh errors without turning entitlement or usage-limit payloads into re-auth prompts.
  • CLI/migrate: humanize Codex conflict-status messaging across the migrate UI so selection prompts and plan/result rows say "Codex skill already installed in workspace" instead of surfacing internal MIGRATION_REASON_* codes. Thanks @sjf.
  • CLI/migrate: render migrate result rows with distinct glyphs for manual-review (🔍) and archive (📖) items instead of the misleading "skipped" and "migrated" checkmarks, so users can see which entries still need attention versus which were filed away. Thanks @sjf.
  • CLI/migrate: split Codex migrate output into separate preview and result phases so the Before plan and After result render through clack with independently tunable copy. Thanks @sjf.
  • Codex app-server: project bundle and user MCP servers into Codex threads, rotate threads when an MCP server is disabled, scope bundle MCP injection to bundled servers, and resend user MCP config on resume so MCP changes take effect mid-session without restarting the agent. (#81551) Thanks @jalehman.
  • Codex migration: invoke the managed Codex binary instead of a stale system codex for source-config migration plans, so users running the bundled Codex runtime get plan output that matches the binary the gateway will actually use. (#81582) Thanks @fuller-stack-dev.
  • Subagents/maintenance: preserve pending subagent registry sessions during session-store cleanup, pruning, and disk-budget enforcement so in-flight subagent runs are not deleted by background maintenance before they complete. (#81498) Thanks @ai-hpc.
  • Control UI/chat: reconcile terminal and reconnect run cleanup with cached session activity, stale compaction/fallback indicators, and a compact composer run-status chip so completed or interrupted turns do not leave Stop active. Fixes #76874 and #64220; refs #71630. Thanks @BunsDev.
  • Maintainer tooling: clarify which pnpm test/check commands are safe locally versus inside Codex worktrees, routing linked-worktree gates through node wrappers and Crabbox/Testbox.
  • Auto-reply: preserve same-key ordering when debounced inbound work falls back to immediate flushes, so follow-up turns cannot overtake an active buffered flush.
  • Telegram/WhatsApp: keep Telegram same-chat replies ordered behind active no-delay turns without blocking WhatsApp follow-up message dispatch.
  • Codex migration: avoid duplicate cached plugin bundle warnings when app-server plugin inventory is available.
  • Agents: suppress aborted embedded assistant partials, reasoning text, reply directives, and stale prior replies before user-facing delivery while preserving clean timeout/error payloads. Fixes #48241. Thanks @BunsDev, @andyliu, and @yassinebkr.
  • Agents: allow dot-dot-prefixed filenames such as ..file.txt inside workspace and sandbox path policy while still rejecting real parent traversal.
  • Native image input: detect Windows drive image paths in plain prompts so C:\...\screenshot.png references are not missed.
  • Media: normalize Windows-style filename hints before staging attachments, remote media, audio transcodes, and saved-media display names, so POSIX hosts do not preserve drive or directory text in generated filenames.
  • Media references: resolve first-level inbound media files whose IDs start with dots instead of treating names like ..photo.png as parent traversal.
  • iOS/chat: resize PhotosPicker image attachments to capped JPEGs before staging and sending, stripping source metadata and keeping oversized camera photos under the chat upload budget. Fixes #68524. Thanks @BunsDev.
  • Control UI: keep shared form, config, and usage text-entry controls at 16px on touch-primary devices while preserving chat composer input sizing, so iOS Safari no longer auto-zooms focused fields. Fixes #64651; carries forward #64673. Thanks @NianJiuZst and @BunsDev.
  • Agents/trajectory: make the trajectory flush cleanup timeout configurable with OPENCLAW_TRAJECTORY_FLUSH_TIMEOUT_MS, preserving the 10s default while slower stores drain. Refs #75839. Thanks @BunsDev.
  • Codex auth: accept OAuth profiles backed by oauthRef during runtime auth selection, so official Codex OAuth logins are used by app-server agent runs. (#81633) Thanks @obviyus.
  • Telegram: release stopped polling leases after the gateway stop grace so in-process restarts can reuse the same bot token without weakening active duplicate-poller protection. Fixes #81507. (#81890) Thanks @joshavant.
  • ACP: preserve redacted numeric JSON-RPC RequestError details in runtime failure text, so backend diagnostics are visible instead of only Internal error. Fixes #81126. (#81188) Thanks @vyctorbrzezowski.
  • Agents: cache unchanged PI model discovery stores and model lookups, reducing repeated model-resolution startup latency under large model configs. Fixes #78851.
  • Onboarding: carry returned Codex plugin migration config through the OpenAI model wizard so accepted plugin migrations are saved with the final config write.
  • Security/Windows ACL audit: classify Anonymous Logon, Guests, Interactive, Local, and Network SIDs as world-equivalent principals so broadly writable paths stay critical instead of being downgraded to group-writable. Fixes #74350. (#74383) Thanks @dwc1997.
  • Media-understanding: retry transient remote attachment fetch failures before audio or vision processing, so Discord voice notes are not lost after one network/CDN blip. Fixes #74316. Thanks @vyctorbrzezowski and @gabrielexito-stack.
  • Control UI: order timestamped live stream and tool items before untimestamped history fallbacks, keeping chat history in visible time order. Fixes #80759. (#81016) Thanks @akrimm702.
  • ClawHub: cancel stalled archive body reads for skill, package, and ClawPack downloads instead of leaving installs hanging after headers arrive. Fixes #52073. Refs #80006. Thanks @xinhuagu and @stainlu.
  • Control UI/config: discard stale redacted placeholders from form-mode config saves while preserving restorable saved secrets, so unrelated settings changes no longer submit __OPENCLAW_REDACTED__ as real data. Fixes #60917. Thanks @giodl73-repo and @BunsDev.
  • OpenAI plugin: clarify remote Codex OAuth login copy so tunneled users know sign-in may finish automatically before they paste the redirect URL. (#81301) Thanks @rubencu.
  • SGLang: preserve replayed reasoning history for OpenAI-compatible chat completions, keeping thinking-capable local models from losing prior reasoning turns. (#81091) Thanks @akrimm702.
  • Plugins/install: derive managed peer dependency pins from npm's lockfile planner instead of recursively scanning node_modules, while keeping OpenClaw host peers out of managed root ownership and preserving active root-managed runtimes. Thanks @fuller-stack-dev.
  • Control UI/WebChat: keep short assistant replies clear of in-bubble copy/open action buttons by applying the existing reserved action spacing in the grouped chat renderer. Fixes #79509. (#81244) Thanks @JARVIS-Glasses.
  • Codex harness: make the live test wrapper portable to Windows and defer locked temp cleanup so native Windows and WSL2 live runs complete.
  • Link understanding: fetch page content through the SSRF guard before running configured CLI summarizers, preventing curl/wget-style link fetchers from reaching private redirect or DNS-rebound targets.
  • fix: harden safe-bin argument validation [AI]. (#80999) Thanks @pgondhi987.
  • Codex/status: align /codex status rate-limit wording with /status by showing remaining quota and compact reset durations instead of used quota and raw ISO timestamps. Thanks @MatthewSchleder.
  • Mattermost: log a structured mattermost no-visible-reply diagnostic when a substantive (non-reasoning) final reply payload reaches deliverMattermostReplyPayload but the underlying deliverTextOrMediaReply returns "empty" — previously the run completed with a misleading delivered reply to <channel> log even though no Mattermost API send happened, masking silent completions in channel/thread contexts. No behavior change; the diagnostic surfaces the failure so operators can detect it instead of seeing the agent appear to go silent. Fixes #80501. Thanks @robbyproc87.
  • Telegram: limit concurrent startup getMe probes across multi-account bots so large Telegram configs do not fan out all account probes at once during gateway startup. Refs #80695. (#80986) Thanks @stainlu.
  • fix(config): reject auto-managed meta.lastTouched* paths in config set/unset (#80856). Thanks @ai-hpc
  • Test state: seed isolated auth-profile secret keys for generated homes, preventing helper-backed proof runs from falling back to host Keychain secrets. (#81393) Thanks @altaywtf.
  • Plugins/update: clear stale allow/deny entries and selected plugin slots when disabling a plugin after update failure, keeping failed external plugin updates from leaving half-disabled config. (#81512) Thanks @JARVIS-Glasses.
  • Memory/LanceDB: make auto-capture recognize short CJK memory phrases and configurable literal triggers, so Chinese, Japanese, and Korean users can capture memories without regex or LLM intent detection. Fixes #75680. Thanks @vyctorbrzezowski and @guokewuming.
  • Plugins doctor: report stale plugin config warnings and avoid claiming full plugin health when config warnings remain. (#81515) Thanks @BKF-Gitty.
  • Sessions: display model: "<agentId>-acp" / modelProvider: "acpx" (ACP-runtime sentinel) for ACP control-plane sessions in openclaw sessions output, instead of the agent's configured model which was misleading. Catalog finding 20. (#79543)
  • Slack: normalize message read before and after timestamp bounds before calling Slack history or thread reply APIs. Fixes #80835. (#81338) Thanks @honor2030.
  • Gateway: throttle assistant/thinking agent event fanout during streaming bursts without dropping buffered deltas. (#80335) Thanks @samzong.
  • Models: restore authenticated CLI runtime providers in the /models picker while keeping legacy runtime aliases hidden from setup/default model choices. Closes #81212. (#81239) Thanks @anagnorisis2peripeteia.
  • Changelog gates: reject bot/app handles as Thanks attribution and require explicit human credit for bot/app-authored changelog entries. (#81357) Thanks @hxy91819.
  • Agents/heartbeat: fix seven layered issues that broke multi-agent heartbeat cadence — (1) fan out the scheduler broadcast wake across agents in parallel via Promise.all instead of awaiting each runOnce sequentially, so one agent doing real work no longer starves every later agent in iteration order; (2) scope skipWhenBusy to lanes attributable to the firing agent via session-key parsing of session:agent:<id>:… / nested:agent:<id>:… lane names, instead of consulting the global subagent lane, so a single stuck subagent on one agent no longer silently disables every other agent's heartbeat; (3) always append workspace HEARTBEAT.md directives (everything outside an optional tasks: block) to the dispatch prompt, so prose-runbook HEARTBEAT.md files reach the model directly instead of being silently dropped unless periodic tasks are declared; (4) race the initial stream-establishment promise inside streamWithIdleTimeout against the same watchdog timer that previously only guarded inter-token gaps, so SDK requests stuck at TCP/TLS handshake or before the first response byte no longer hang indefinitely (the stalled-session diagnostic's recovery=none case); (5) emit an openclaw doctor warning when heartbeat.session pins a session key that has no entry in the agent's session store, so silently-dropped heartbeat deliveries surface at config-validation time; (6) also route the commitment-only task dispatch path (tasks configured, none due) through appendHeartbeatFileDirectives so prose directives outside the tasks: block reach the model on this path as well; (7) wrap the synchronous baseFn(...) invocation inside streamWithIdleTimeout in a try/catch that clears the connect watchdog timer before rethrowing, so a provider stream function that throws during setup no longer leaves a live timer that can fire onIdleTimeout later with a stale error and keep the process open past the real failure. Thanks @zeroaltitude.
  • Matrix: stop running npm install/pnpm install at runtime from a parent-derived plugin path; missing Matrix runtime dependencies now fail with repair guidance instead of mutating the wrong node_modules tree. Fixes #80758. (#80876) Thanks @kinjitakabe.
  • Agents/memory-flush: surface non-abort memory-flush failures (provider timeout, transport error, generic agent failure) as visible reply payloads so the outer reply loop short-circuits and isolated cron runs propagate the error into meta.error instead of completing silently with status: "ok" and an empty payload. Previously only the specific "Memory flush writes are restricted to ..." message was surfaced. Fixes #80755. Thanks @nailujac.
  • Channels/loop-guard: enforce shared per-pair bot loop protection in the core channel-turn kernel, with Discord, Slack, Matrix, and Google Chat supplying bot-pair facts where they can reliably identify accepted bot-authored messages. The generic guard keys on (scope, conversation, participant pair), suppresses every additional bot-to-bot event in either direction once a pair crosses the configured budget, and lifts suppression after cooldownSeconds. Defaults are maxEventsPerWindow: 20, windowSeconds: 60, and cooldownSeconds: 60 whenever a channel lets bot-authored messages reach dispatch; they can be set globally via channels.defaults.botLoopProtection and overridden per channel/account or supported per-conversation config. Fixes #58789. Thanks @pandadev66.
  • Agents/memory-flush: surface non-abort memory-flush failures (provider timeout, transport error, generic agent failure) as visible reply payloads so the outer reply loop short-circuits and isolated cron runs propagate the error into meta.error instead of completing silently with status: "ok" and an empty payload. Previously only the specific "Memory flush writes are restricted to ..." message was surfaced. Refs #80755. Thanks @kinjitakabe and @nailujac.
Check out latest releases or
releases around openclaw 2026.5.14-beta.1

Don't miss a new openclaw release

NewReleases is sending notifications on new releases.

Get notifications