openclaw 2026.5.25-beta.1

openclaw 2026.5.25-beta.1

on Node.js NPM

2026.5.25-beta.1

Beta 1 late fixes

• iMessage: thread current channel/account inbound attachment roots into the image tool so iMessage-saved attachments under ~/Library/Messages/Attachments (including wildcard roots) are read through the existing inbound path policy instead of being rejected as path-not-allowed. Fixes #30170. (#86569)
• iMessage: dedupe watcher startup when channels.imessage.accounts lists both default and a named account pointing at the same local Messages source, preventing duplicate imsg rpc processes and doubled inbound replies while leaving duplicate accounts usable for outbound sends/status. Fixes #65141. (#86705)
• Codex: preserve sandbox bootstrap path style when remapping workspace instruction files across host and sandbox paths.

2026.5.25

Fixes

• Installer: let the local-prefix CLI installer use Alpine's apk Node.js, npm, and Git packages on musl Linux instead of downloading glibc Node tarballs that fail node:sqlite.
• Checks: prefilter tracked conflict-marker scans so changed checks avoid reading every repository file on clean runs.
• Plugins: allow linked local plugin paths to probe TypeScript source entries without requiring compiled package output, restoring source-checkout plugin development on native Windows.
• CLI: route source-checkout build output to stderr before launching OpenClaw commands so stale local builds do not corrupt --json stdout.
• Installer: install Node.js through apk on Alpine Linux instead of falling through to the NodeSource package-manager path.
• Agents/perf: cache manifest-backed CLI provider descriptors and fallback provider resolution so model fallback retries avoid repeated bundled provider runtime scans while still invalidating across plugin reloads.
• Installer: detect musl Linux shells such as Alpine as Linux instead of rejecting them before npm install.
• Windows: run direct Node package scripts with env overrides through a cross-platform launcher so gateway, TUI, Docker-all, generated-module formatting, and optional Discord native opus installer entrypoints work on native Windows.
• Tests: run Vitest import timing entrypoints through a Node wrapper so native Windows package scripts can collect import diagnostics.
• Control UI: split large build-time runtime dependencies into stable chunks so Linux/Docker install and package builds stay below the app chunk warning threshold.
• Tests: run test:max and test:changed:max through a Node wrapper so high-worker Vitest entrypoints work on native Windows.
• Tests: retry transient loopback HTTP resets in the kitchen-sink RPC walk so native Windows readiness probes do not fail after the gateway is already ready.
• Tests: run test:serial through a Node wrapper so targeted serial Vitest commands work on native Windows.
• Tests: normalize Vitest config path assertions so the infra config suite runs on native Windows paths.
• Installer: avoid the incompatible generated --before install filter when raw npm min-release-age config is present. (#85491) Thanks @TurboTheTurtle.
• Agents/MCP: bound bundled MCP tools/list catalog discovery so hung MCP servers do not block session tool materialization. (#85063) Thanks @nxmxbbd.
• Channels/iMessage: recover malformed anchorless group watch payloads by GUID before debounce/routing, and drop unrecoverable payloads instead of replying to the sender DM. Fixes #84470. Refs #84503. Thanks @zhangguiping-xydt and @zqchris.
• Channels/iMessage: advance the startup catchup cursor from live-handled rows after a completed catchup pass, including rows received while catchup is still running, so restarts do not replay them. (#85475) Thanks @TurboTheTurtle.
• Tests: mount the shared Windows command helper into bare Docker E2E harness containers so published upgrade-survivor config walks can start on Linux.
• Tests: keep the plugin binding command escape Docker smoke focused on its intended Vitest cases and skip source-only install lifecycle scripts.
• Tests: let the generic plugin install E2E assertions use a configurable temp root and Windows home-relative install paths.
• Tests: keep kitchen-sink plugin assertion fixtures on a configurable temp root so native Windows runs no longer skip full-surface diagnostic coverage.
• Tests: fail Gateway startup benchmarks when a child startup never produces ready probes or process metrics instead of reporting all n/a samples as passing.
• Config/secrets: allow exec SecretRef ids to include # selectors so AWS-style secret#json_key ids validate consistently. (#80731) Thanks @TurboTheTurtle.
• Tests: keep the Telegram user credential helper on platform temp and path APIs so native Windows credential export and restore commands do not write through POSIX-only paths.
• Installer: include the optional verify phase in the progress counter so --verify shows [4/4] Verifying installation instead of [4/3].
• Crabbox: let the wrapper find a sibling Crabbox checkout from linked Git worktrees so Codex worktrees can run remote gates without a PATH shim.
• CI: tolerate the standard -- option separator in shared helper flag parsing so perf and test commands accept package-manager argument forwarding.
• Tests: preserve -- passthrough arguments in live-media, live-shard, and extension batch harnesses so Vitest filters are not misread or silently ignored.
• Crabbox: default AWS macOS runner requests to on-demand capacity so EC2 Mac proof commands do not fail on the unsupported Spot market default.
• Tests: run upgrade-survivor config recipe commands through the Windows npm shim so native Windows package walks keep baseline config coverage.
• Image tool: use bundled Anthropic media limits when resolving image compression policy without provider-runtime hooks.
• Tests: fail the kitchen-sink RPC Docker walk when gateway RSS sampling is unavailable instead of silently disabling the per-process memory guard.
• Tests: suppress the current Rolldown plugin timing warning format in the Vitest wrapper so tiny focused runs do not drown useful stderr in repeated build-timing noise.
• Models/OpenRouter: use endpoint-specific OpenRouter context limits from top_provider metadata so provider-routed models no longer overstate available context. (#85949) Thanks @TurboTheTurtle.
• Crabbox: sync clean sparse-checkout remote changed gates from a temporary full checkout with local-only commits overlaid as worktree changes so git-backed script checks can seed the runner repository.
• Agents: avoid loading bundled channel plugins while resolving completion delivery policy and queue defaults on subagent handoff paths.
• Tests: allow split Vitest config shards through the explicit-target preflight so CI shard jobs run their intended projects.
• Tests: make startup memory and startup bench smoke scripts build CLI startup artifacts when run from a fresh source checkout.
• iMessage: mark authorized slash-command turns as text-sourced commands so /status, /new, and /restart acknowledgements return to the source conversation. (#82642) thanks @homer-byte.
• Crabbox: install Corepack shims into the writable hydration PNPM_HOME so local AWS runner hydration no longer tries to overwrite /usr/local/bin/pnpm.
• Live tests: fail Gateway live model sweeps when selected coverage is lost to timeouts or stale high-signal filters instead of reporting false missing-profile coverage, and pin Docker OpenAI gateway coverage to the current gpt-5.5 lane.
• Tests: fail Docker resource-ceiling checks when stats samples or configured limits are invalid instead of silently reporting zero peaks.
• Auth/Codex: emit a one-shot actionable log.warn from the embedded legacy Codex OAuth sidecar loader when the only available seed lives in the macOS Keychain, naming openclaw doctor --fix and macOS Keychain instead of letting the credential silently fall through to a downstream No API key found for provider "openai-codex". Thanks @RomneyDa.
• Agents: fail closed when provider-less session models match multiple provider-prefixed runtime policies so CLI runtime routing no longer depends on config order. (#85970) Thanks @potterdigital.
• Control UI/agents: keep collapsed tool rows readable without early ellipses, preserve raw expanded tool details, and make post-compaction AGENTS.md reinjection opt-in to avoid duplicated project context. Fixes #45649 and #45488. Thanks @BunsDev.

Release verification

• npm package: https://www.npmjs.com/package/openclaw/v/2026.5.25-beta.1
• registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.5.25-beta.1.tgz
• integrity: sha512-aTxlF5Cls7/JTg3sjalOiZTa62kVzulOcKlkjNDuVfF1iJlwoo+L3T9i+V/Byp2tjs2V3lhdQ71kc7QVlAu1dg==
• release branch/tag SHA: f5b52bd
• focused local tests: pnpm test src/agents/tools/image-tool.test.ts src/agents/tools/media-tool-shared.test.ts src/media/channel-inbound-roots.fast-path.test.ts extensions/imessage/src/accounts.test.ts extensions/imessage/src/channel.runtime.test.ts extensions/imessage/src/doctor.test.ts extensions/codex/src/app-server/run-attempt.test.ts test/scripts/package-acceptance-workflow.test.ts -- --reporter=dot
• focused local type proof: pnpm check:test-types
• npm preflight: https://github.com/openclaw/openclaw/actions/runs/26443590151
• npm publish: https://github.com/openclaw/openclaw/actions/runs/26444459399
• note: beta publish intentionally used npm preflight proof only; full release validation is still required before stable/latest promotion.