npm openclaw 2026.5.16-beta.1
openclaw 2026.5.16-beta.1
on Node.js NPM

latest release: 2026.5.16-beta.2
14 hours ago

Changes

  • Maintainer tooling: route Crabbox skill defaults through the repo brokered AWS config, leaving Blacksmith Testbox as an explicit opt-in instead of the broad-proof default.
  • CLI/onboarding: localize the setup wizard and bundled channel setup flows for English, Simplified Chinese, and Traditional Chinese. (#80645) Thanks @GaosCode.
  • Agents/skills: cache hydrated resolvedSkills across warm gateway turns while keying reuse by the redacted effective config, reducing redundant skill snapshot rebuilds without crossing config-gated skill boundaries. (#81451) Thanks @solodmd.
  • Telegram/group chat: add opt-in messages.groupChat.ambientTurns: "room_event" handling so always-on ambient chatter can run as quiet room context and speak visibly only via the message tool. (#81317) Thanks @obviyus.

Fixes

  • Release tooling: align the published launcher Node floor, npm start, package script checks, sharded lint locking, Vitest root project coverage, and plugin-SDK declaration build cache metadata so release/package validation does not silently skip or ship stale surfaces.
  • Cron/agents: honor configured subagent model fallbacks for isolated scheduled runs and forward that fallback policy into embedded agent timeout failover. Fixes #74985. Thanks @chrisgwynne.
  • Codex app-server/MCP: scope user MCP servers to specific OpenClaw agent ids through an optional mcp.servers.<name>.codex.agents list and accept codex.defaultToolsApprovalMode (auto/prompt/approve) for native Codex approval defaults; OpenClaw strips the codex block before handing mcp_servers config to Codex. (#82180) Thanks @sercada.
  • Agents/OpenAI Responses: clamp input_tokens - cached_tokens at zero and reconstruct totalTokens from input + output + cached components so Responses-API streams report consistent usage when providers under-report input_tokens relative to cached_tokens.
  • Plugins: reject malformed package.json openclaw.extensions metadata during install, discovery, and post-update payload smoke instead of silently dropping invalid entries.
  • Media/files: sniff input_file bytes before trusting declared MIME headers, rejecting spoofed image or zip payloads before they become agent-visible text.
  • Config persistence: ignore malformed array/scalar auth profile, cron job state, and session store entries instead of hydrating them into numeric profile ids, crashed cron rows, or invalid session records.
  • Providers: reject malformed successful Runway, BytePlus, and Ollama embedding responses with provider-owned errors instead of raw parser/type failures, silent bad vectors, or long bogus polling.
  • Trajectory export: skip and report malformed session/runtime JSONL rows in manifest.json instead of letting wrong-shaped session rows crash support bundle export.
  • Config/doctor: copy fallback-enabled channel allowFrom entries into explicit groupAllowFrom allowlists during openclaw doctor --fix, preserving current group access without adding runtime fallback-transition flags.
  • Hooks: raise bounded gateway lifecycle hook wait budgets to 5 seconds for shutdown and 10 seconds for pre-restart, giving short restart notification handlers time to finish before shutdown continues. (#82273) Thanks @bryanbaer.
  • Plugin releases: require external package compatibility metadata in the npm plugin publish plan, matching the ClawHub package contract before packages ship.
  • Agents/OpenAI-compatible: honor per-model max_completion_tokens/max_tokens params in embedded OpenAI-completions runs so high-token Kimi-style routes keep their configured completion cap. Fixes #82230. Thanks @albert-zen.
  • Agents/local: install a local gateway request scope around trusted openclaw agent --local runs, so subagent completion announces can use in-process gateway dispatch without crashing. Fixes #82140. Thanks @Kushmaro.
  • Cron: keep failed isolated-agent runs from marking successful result delivery when only the failure notification was delivered. Fixes #72985. Thanks @Allenbluff.
  • Discord: validate message-read results before normalizing channel history and report unexpected payloads with a Discord boundary error instead of map is not a function. Fixes #82252. Thanks @jessewunderlich.
  • Agents/runtime: apply agents.defaults.models["provider/*"].agentRuntime as provider-wide model runtime policy while preserving exact model runtime precedence. Fixes #82243. Thanks @rendrag-git.
  • Agents/auto-reply: restrict NO_REPLY prompt guidance to automatic group/channel replies, remove legacy silent-reply rewrites, and suppress accidental direct-chat silent tokens instead of delivering fallback text. Fixes #82254. Thanks @absol89.
  • Telegram: retain a longer partial-stream preview when a final callback only carries an ellipsis-truncated snapshot, preventing the visible answer and transcript mirror from being replaced by the short preview. Fixes #82239.
  • Telegram/active-memory: run blocking memory recall through the Telegram provider for direct-message turns even when the hook context carries the raw chat id, preventing embedded recall from launching against an invalid numeric channel. Fixes #82177. Thanks @cslash-zz.
  • Control UI/WebChat: keep optimistic image messages from embedding large inline data: previews and preserve image-only user turns in chat history, avoiding browser stack overflows when sending image attachments. Fixes #82182. Thanks @ExploreSheep.
  • Agents/media: preserve message-tool-only delivery for generated music and video completion handoffs, so group/channel completions do not finish without posting the generated attachment.
  • Telegram: drain queued outbound deliveries after polling reconnect confirms fresh getUpdates activity, so stale-socket and network recovery do not leave failed replies stranded. Fixes #50040. Refs #82175. Thanks @dmitriiforpost-commits and @shellyrocklobster.
  • Telegram: mark isolated polling ingress unhealthy when a spooled inbound backlog stalls while Bot API polling still succeeds, so gateway/channel health no longer stays green after Telegram DM processing wedges. Fixes #82175. Thanks @shellyrocklobster.
  • Agents: strip Gemini/Gemma <final> tags with attributes or self-closing syntax from delivered replies, including strict final-tag streaming enforcement. Fixes #65867.
  • macOS/update: disarm legacy ai.openclaw.update.* LaunchAgents when openclaw update starts from one, preventing KeepAlive relaunch loops that repeatedly restart the Gateway and replay update continuations. Fixes #82167.
  • Agents/replay: strip internal runtime-context metadata and NO_REPLY sentinels from provider replay and pending final-delivery recovery so restart and heartbeat resumes do not feed control text back to the model. Fixes #76629. Thanks @fuyizheng3120, @bryan-chx, and @cael-dandelion-cult.
  • LINE: acknowledge signed webhook events before agent processing so slow model replies do not cause LINE request_timeout delivery failures. Fixes #65375. Thanks @myericho.
  • LINE: stop cron recovery from inferring lowercased LINE recipients from canonical session keys, so long-running task replies do not silently retry undeliverable push targets. Fixes #81628. (#81704) Thanks @edenfunf.
  • TTS: preserve channel-derived voice-note delivery for /tts audio replies even when the provider output is not natively voice-compatible. (#82174) Thanks @xuruiray.
  • Codex app-server: preserve inbound sender metadata and source-channel provenance on mirrored user prompts, including failure snapshots, so channel history keeps the original sender identity. (#82184) Thanks @zknicker.
  • Codex account/status: treat metadata-only rate-limit buckets as returned but empty so /codex status and /codex account report none returned instead of counting phantom limits.
  • Codex/Lossless: keep Codex explicit compaction on native app-server threads while allowing Lossless through the context-engine slot; openclaw doctor --fix now migrates legacy compaction.provider: "lossless-claw" config to plugins.slots.contextEngine.
  • Cron/doctor: report scheduled jobs with explicit payload.model overrides, including provider namespace counts and default-model mismatches, so stale cron model pins are visible during auth or billing investigations. Fixes #82151. Thanks @mgonto.
  • Codex app-server: keep the short turn-completion idle watchdog armed after the last non-assistant current-turn item completes, so a quiet Codex app-server releases the OpenClaw session lane before the outer attempt timeout. Fixes #82171. (#82172) Thanks @funmerlin.
  • Providers/OpenRouter: stop adding empty DeepSeek V4 reasoning_content placeholders to assistant tool-call replay messages and strip empty replay artifacts before follow-up Chat Completions requests, so openrouter/deepseek/deepseek-v4-pro no longer fails after tool use. Fixes #82150. (#82158) Thanks @luyao618 and @Suquir0.
  • OpenAI-compatible providers: honor streaming-usage compatibility metadata when deciding whether to send stream_options.include_usage, while keeping bundled Volcengine routes opted in to Ark streaming usage. Refs #44845. (#82181) Thanks @xuruiray.
  • Gateway/approvals: treat turnSourceTo as optional in canBridgeNoDeviceChatApprovalFromBackend, matching the existing optional handling of turnSourceAccountId and turnSourceThreadId. Channels without a recipient concept (webchat, control-ui) leave turnSourceTo null on both the approval snapshot and the replay params, so the prior required-string check rejected every backend replay with APPROVAL_CLIENT_MISMATCH. Cross-channel replay is still gated by the required turnSourceChannel and sessionKey checks. Fixes #82132. (#82136) Thanks @ottodeng.
  • Cron: load runtime plugins before isolated cron model and delivery resolution so external channels can be selected for scheduled runs. (#82111) Thanks @medns.
  • Cron: mirror successful direct scheduled deliveries into the resolved destination session transcript while preserving isolated-delivery awareness policy. (#80786) Thanks @cavit99.
  • Cron: preserve rotated transcript identity after session-bound scheduled runs compact, so sessionTarget: "current" keeps the next user message on the same conversation. Fixes #82164. Thanks @weissfl.
  • Twitch: keep gateway accounts running until shutdown instead of treating successful monitor startup as a clean channel exit, preventing immediate auto-restart loops. Fixes #60071. (#81853) Thanks @edenfunf.
  • Agents/auto-reply: honor agents.defaults.silentReply and per-surface group silent-reply policy when generic agent-run failure fallbacks decide whether to send visible fallback text. Fixes #82060. (#82086) Thanks @taozengabc.
  • Discord: render channel topic context as structured untrusted metadata in reply prompts and stop duplicating inbound message bodies or exposing raw EXTERNAL_UNTRUSTED_CONTENT envelopes. Fixes #82168. Thanks @ronan-dandelion-cult.
  • Codex app-server: arm the short idle watchdog as soon as Codex accepts a turn, so accepted turns with no current-turn progress release the OpenClaw session lane before the outer model timeout. Fixes #82129. Thanks @Francois3d.
  • Agents/replies: also strip <function_response> workflow output when it becomes visible after an adjacent stripped tool-call XML block, closing the remaining sanitizer leak from #47444.
  • Control UI/WebChat: focus the composer when users click the visible input chrome and restore larger, labeled desktop composer controls while preserving compact mobile taps. Fixes #45656. Thanks @BunsDev.
  • Discord: suppress generated link embeds on outbound messages by default so agent-sent URLs stay as plain links unless channels.discord.suppressEmbeds is disabled.
  • System events: keep owner downgrades in structured metadata while rendering queued prompt text as plain System: lines, preserving least-privilege wakeups without prompt-visible trust labels. (#82067)
  • Slack: default outbound bot link unfurls off so agent-sent URLs no longer expand into inline previews unless channels.slack.unfurlLinks is enabled. (#82123) Thanks @kibi-bsp.
  • Slack: keep finalized draft-preview replies visible when a later same-turn tool warning is delivered normally instead of clearing the edited answer. Fixes #81903. (#81979) Thanks @neeravmakwana.
  • Providers/Xiaomi: preserve MiMo reasoning_content on multi-turn tool-call replay, including custom Xiaomi-compatible proxy routes, so follow-up turns no longer fail with 400 Param Incorrect. Fixes #81419. (#81589) Thanks @lovelefeng-glitch and @jimdawdy-hub.
  • Slack/plugins: route plugin-owned modal view_submission and view_closed events through Slack interactive handlers before compacting the agent-visible system event, so plugins can persist full submitted form state while the transcript stays compact. Fixes #82102. Thanks @shannon0430.
  • Providers/Xiaomi: promote legacy MiMo V2 reasoning-only final answers to visible text, including Xiaomi-compatible proxy routes, so mimo-v2-pro and mimo-v2-omni replies no longer appear blank when the answer arrives in reasoning_content. Fixes #60261. (#60304) Thanks @HiddenPuppy.
  • Providers: preserve required reasoning_content replay for Kimi K2.6/K2 thinking and MiMo V2.6 OpenAI-compatible tool-call follow-up turns while keeping the stock OpenAI/Qwen strip path intact. Fixes #82139. Thanks @yimao.
  • Memory search: stop using chokidar write-stability polling for memory and QMD watchers so large Markdown extraPath trees no longer build up regular file descriptors; changed files now settle through the existing debounced sync queue. Fixes #77327 and #78224. (#81802) Thanks @frankekn, @loyur, and @JanPlessow.
  • Message tool: rename the Discord channel-create schema field exposed to models from type to channelType, avoiding NVIDIA NIM JSON Schema parser failures while still accepting legacy type tool calls. (#78920) Thanks @YashSaliya.
Check out latest releases or
releases around openclaw 2026.5.16-beta.1

Don't miss a new openclaw release

NewReleases is sending notifications on new releases.

Get notifications