chore(deps): update ghcr.io/openclaw/openclaw docker tag to v2026.5.2 #27

Merged
notarock-s-renovate[bot] merged 1 commit from renovate/docker-images into main 2026-05-03 03:57:06 +00:00
notarock-s-renovate[bot] commented 2026-05-03 00:03:18 +00:00 (Migrated from github.com)

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
ghcr.io/openclaw/openclaw (source) final minor 2026.4.292026.5.2

Release Notes

openclaw/openclaw (ghcr.io/openclaw/openclaw)

v2026.5.2

Compare Source

Highlights
  • External plugin installation now covers diagnostics, onboarding, doctor repair, channel setup, install/update records, and artifact metadata while keeping bare package installs on npm for the first cutover. Thanks @​vincentkoc.
  • Gateway startup, session listing, task maintenance, prompt prep, plugin loading, and filesystem hot paths get targeted cache and fanout reductions for large or plugin-heavy installs.
  • Control UI and WebChat reliability improves across Sessions, Cron, long-running Gateway WebSockets, grouped-message width, slash-command feedback, iOS PWA bounds, selection contrast, and Talk diagnostics.
  • Channel and provider fixes cover Telegram topic commands and networking, Discord delivery and startup edge cases, OpenAI-compatible TTS/Realtime, OpenRouter/DeepSeek replay, Anthropic-compatible streaming, Brave/SearXNG/Firecrawl web search, and voice-call routing.
Changes
  • Gateway/startup: skip plugin-backed auth-profile overlays during startup secrets preflight, reducing gateway readiness latency while keeping reload and OAuth recovery paths overlay-capable. (#​68327) Thanks @​JIRBOY.
  • Plugins/ClawHub: make diagnostics, onboarding, doctor repair, and channel setup carry ClawPack metadata through install records while keeping explicit clawhub: installs on ClawHub and bare package installs on npm for the launch cutover. Thanks @​vincentkoc.
  • Plugins/runtime: scope broad runtime preloads to the effective plugin ids derived from config, startup planning, configured channels, slots, and auto-enable rules instead of importing every discoverable plugin.
  • Agents/runtime: reuse the startup-loaded plugin registry for request-time providers, tools, channel actions, web/capability/memory/migration helpers, and memoized provider extra-params so stable embedded-run inputs no longer repeat plugin registry resolution while model-specific transport hook patches stay isolated. Thanks @​DmitryPogodaev.
  • Agents/runtime: memoize transcript replay-policy resolution for stable config and process-env runs while preserving custom-env provider hook behavior. Thanks @​DmitryPogodaev.
  • Infra/path-guards: add a fast path for canonical absolute POSIX containment checks, avoiding repeated path.resolve and path.relative work in hot filesystem walkers. Refs #​75895, #​75575, and #​68782. Thanks @​Enderfga.
  • Tools: add a platform-level tool descriptor planner for descriptor-first visibility, generic availability checks, and executor references. Thanks @​shakkernerd.
  • Plugins/tools: cache plugin tool descriptors captured from api.registerTool(...) so repeated prompt-time planning can skip plugin runtime loading while execution still loads the live plugin tool. (#​76079) Thanks @​shakkernerd.
  • Docs/Codex: clarify that ChatGPT/Codex subscription setups should use openai/gpt-* with agentRuntime.id: "codex" for native Codex runtime, while openai-codex/* remains the PI OAuth route. Thanks @​pashpashpash.
  • Plugins/source checkout: load bundled plugins from the extensions/* pnpm workspace tree in source checkouts, so plugin-local dependencies and edits are used directly while packaged installs keep using the built runtime tree. Thanks @​vincentkoc.
  • Plugins/beta: externalize ACPX behind the official @openclaw/acpx package so packaged installs keep ACP harness adapter binaries out of core until the ACP backend is installed. Thanks @​vincentkoc.
  • Plugins/beta: externalize diagnostics OpenTelemetry behind the official @openclaw/diagnostics-otel package so packaged installs keep the OTEL dependency stack out of core until the plugin is installed. Thanks @​vincentkoc.
  • Plugins/beta: prepare Google Chat, LINE, Matrix, and Mattermost for 2026.5.1-beta.2 npm and ClawHub publishing, and keep publishable plugin dist trees out of the core npm package. Thanks @​vincentkoc.
  • Plugins/beta: prepare BlueBubbles, diagnostics Prometheus, Google Meet, Nextcloud Talk, Nostr, Zalo, and Zalo Personal for 2026.5.1-beta.2 npm and ClawHub publishing. Thanks @​vincentkoc.
  • Plugins/beta: prepare diagnostics OpenTelemetry, Discord, Diffs, Lobster, Memory LanceDB, Microsoft Teams, QQ Bot, Voice Call, and WhatsApp for 2026.5.1-beta.1 npm and ClawHub publishing. Thanks @​vincentkoc.
  • Plugins/beta: prepare Brave, Codex, Feishu, Synology Chat, Tlon, and Twitch for 2026.5.1-beta.1 npm and ClawHub publishing. Thanks @​vincentkoc.
  • Providers/xAI: add Grok 4.3 to the bundled catalog and make it the default xAI chat model.
  • Google Meet: let API-created rooms set accessType and entryPointAccess, and add googlemeet end-active-conference for closing managed spaces after a call. (#​74824) Thanks @​BsnizND.
  • Google Meet: add googlemeet test-listen and the matching google_meet test_listen action so transcribe-mode joins wait for real caption or transcript movement before reporting listen-first health. Refs #​72478. Thanks @​DougButdorf.
  • Plugins/ClawHub: prefer versioned ClawPack artifacts when ClawHub publishes digest metadata, verifying the ClawPack response header and downloaded bytes before installing. Thanks @​vincentkoc.
  • Plugins/ClawHub: persist ClawPack digest metadata on ClawHub plugin install and update records so registry refreshes and download verification can reuse stored artifact facts. Thanks @​vincentkoc.
  • Plugins/ClawHub: allow official bundled-plugin cutovers to record ClawHub artifact metadata while preserving npm as the launch default for bare package specs. Thanks @​vincentkoc.
  • Plugins/onboarding: allow install-on-demand provider setup entries to persist ClawHub artifact metadata after explicit ClawHub installs while retaining npm/local fallback paths. Thanks @​vincentkoc.
  • Plugins/Crestodian: add ClawHub plugin search plus Crestodian plugin list/search/install/uninstall operations, with approval and audit coverage for install and uninstall.
  • Channels/thread bindings: replace split subagent/ACP thread-spawn toggles with threadBindings.spawnSessions, default thread-bound spawns on, and let openclaw doctor --fix migrate the legacy keys. (#​75943)
  • Providers/OpenAI: add extraBody/extra_body passthrough for OpenAI-compatible TTS endpoints, so custom speech servers can receive fields such as lang in /audio/speech requests. Fixes #​39900. Thanks @​R3NK0R.
  • Dependencies: refresh workspace dependency pins, including TypeBox 1.1.37, AWS SDK 3.1041.0, Microsoft Teams 2.0.9, and Marked 18.0.3. Thanks @​mariozechner, @​aws, and @​microsoft.
  • Discord/channels: add reusable message-channel access groups plus Discord channel-audience DM authorization, so allowlists can reference accessGroup:<name> across channel auth paths. (#​75813)
  • Crabbox/scripts: print the selected Crabbox binary, version, and supported providers before pnpm crabbox:* commands, and reject stale binaries that lack blacksmith-testbox provider support.
  • Agents/Codex: add committed happy-path prompt snapshots for Codex/message-tool Telegram direct, Discord group, and heartbeat turns so prompt drift can be reviewed. Thanks @​pashpashpash.
Fixes
  • CLI/message: skip eager model context warmup and preserve channel-declared gateway execution for Discord and Telegram message actions, avoiding Codex app-server/model discovery during simple send/read commands. Thanks @​fuller-stack-dev.
  • Codex/app-server: resolve managed binaries from bundled dist chunks and from the @openai/codex package bin when installs do not provide a nearby .bin/codex shim, avoiding false missing-binary startup failures.
  • Plugins/ClawHub: use the ClawHub artifact resolver response as the install decision before downloading, keeping legacy ZIP fallback and future ClawPack npm-pack installs on the same explicit resolver path. Thanks @​vincentkoc.
  • Plugins/ClawHub: keep bare plugin package specs on npm for the launch cutover and reserve ClawHub resolution for explicit clawhub: specs until ClawHub pack readiness is deployed. Thanks @​vincentkoc.
  • Plugins/source checkout: discover source-only plugins such as Codex from the extensions/* workspace while using npm package excludes as the packaged-core boundary, removing the stale core-bundle metadata path.
  • Plugins/ClawHub: install ClawPack artifacts from the explicit npm-pack .tgz resolver path and persist artifact kind, npm integrity, shasum, and tarball metadata for update and diagnostics flows. Thanks @​vincentkoc.
  • Control UI: allow deployments to configure grouped chat message max-width with a validated gateway.controlUi.chatMessageMaxWidth setting instead of patching bundled CSS after upgrades. Fixes #​67935. Thanks @​xiew4589-lang.
  • Control UI/Cron: ignore malformed persisted cron rows without valid payloads before they enter UI state and guard stale cron render paths, preventing blank Control UI sections after a bad cron snapshot. Fixes #​55047 and #​54439; supersedes #​54550 and #​54552.
  • Control UI/sessions: bound the default Sessions tab query to recent activity and fewer rows, avoiding expensive full-history loads while keeping filters editable. Fixes #​76050. (#​76051) Thanks @​Neomail2.
  • Gateway/channels: cap startup fanout at four channel/account handoffs and recover from Bonjour ciao self-probe races, reducing Windows startup stalls with many Telegram accounts. Fixes #​75687.
  • Gateway/sessions: keep sessions.list polling responsive on large session stores by reusing list-safe session cache/indexes and returning a lightweight compaction checkpoint preview instead of heavyweight summaries. Thanks @​rolandrscheel.
  • Control UI/Gateway: keep long-running dashboard WebSocket sessions alive with protocol pings and keep Stop available after reconnect or reload by recovering session-scoped active-run abort state. Fixes #​70991. Thanks @​alexandre-leng.
  • CLI/update: treat inherited Gateway service markers as origin hints and only block package replacement when the managed Gateway is still live, so self-updates can stop the service and continue safely. (#​75729) Thanks @​hxy91819.
  • Agents/failover: exempt run-level timeouts that fire during tool execution from model fallback, timeout-triggered compaction, and generic timeout payload synthesis, avoiding misleading "LLM request timed out" errors after the primary model has already responded. Fixes #​52147. (#​75873) Thanks @​simonusa.
  • Docker: copy Bun 1.3.13 from a digest-pinned image and keep CI on the same version. Fixes #​74356. Thanks @​fede-kamel and @​sallyom.
  • Agents/compaction: keep prior context on consecutive turns against z.ai-style providers (z.ai direct, openrouter z-ai/*, in-house GLM gateways), avoiding accidental Pi state reset after successful turns. (#​76056) Thanks @​openperf.
  • Doctor/plugins: run a one-time 2026.5.2 configured-plugin install repair based on meta.lastTouchedVersion, installing actively used downloadable OpenClaw plugins through the configured external source before marking the config touched for the release.
  • Sessions/transcripts: use one session.writeLock.acquireTimeoutMs policy for session transcript lock acquisitions and raise the default wait to 60 seconds, avoiding user-visible lock timeouts during legitimate slow prep, cleanup, compaction, and mirror work. Fixes #​75894. Thanks @​shandutta.
  • Control UI: contain the standalone iOS PWA viewport with safe-area-aware document locking, so Add-to-Home-Screen launches cannot scroll past the device bounds. Refs #​76072. Thanks @​kvncrw.
  • Agents/restart recovery: match cleaned transcript locks by exact transcript lock paths plus the canonical session fallback, so interrupted main sessions using topic-suffixed transcripts resume after gateway restart. Refs #​76052. Thanks @​anyech.
  • Agents/runtime: cache the stable system-prompt prefix and reuse prompt-report tool schema stats during dispatch prep, reducing repeated CPU work before streaming starts. Fixes #​75999; supersedes #​76061. Thanks @​zackchiutw and @​STLI69.
  • Control UI/WebChat: use high-contrast text selection colors so highlighted chat text stays visible across themes. Fixes #​60850; supersedes #​60854. Thanks @​Badschaff and @​efe-arv.
  • Telegram/native commands: pass persisted session files into plugin commands for topic-bound sessions, so /codex bind works from Telegram forum topics. Refs #​75845 and #​76049. Thanks @​MatthewSchleder.
  • Security audit/plugins: ignore plugin install backup, disabled, and dependency debris directories when enumerating installed plugin roots, avoiding false-positive findings for .openclaw-install-backups after plugin updates. Fixes #​75456.
  • Telegram: honor runtime conversation bindings for native slash commands in bound top-level groups, so commands like /status@bot route to the active non-main session instead of falling back to the default route. Fixes #​75405; supersedes #​75558. Thanks @​ziptbm and @​yfge.
  • Gateway/tasks: make task registry maintenance use pass-local backing-session lookups and fresh active child-session indexes, avoiding repeated full task snapshots and session-store clones on large stale registries. Fixes #​73517 and #​75708; supersedes #​74406 and #​75709. Thanks @​Lightningxxl, @​glfruit, and @​jared-rebel.
  • Auth/sessions: JSON-clone auth-profile cache/runtime snapshots and remaining session cleanup previews instead of using structuredClone, preserving mutation isolation while avoiding native-memory growth on large stores. Fixes #​45438. Thanks @​markus-lassfolk.
  • Models CLI: restore openclaw models list --provider <id> catalog and registry fallback rows for unconfigured providers, so provider-specific verification commands no longer report "No models found." Fixes #​75517; supersedes #​75615. Thanks @​lotsoftick and @​koshaji.
  • Gateway/macOS: write LaunchAgent services with a canonical system PATH and stop preserving old plist PATH entries, so Volta, asdf, fnm, and pnpm shell paths no longer affect gateway child-process Node resolution. Fixes #​75233; supersedes #​75246. Thanks @​nphyde2.
  • Slack/hooks: preserve bot alert attachment text in message-received hook content when command text is blank. Fixes #​76035; refs #​76036. Thanks @​amsminn.
  • Sessions/agents: route Gateway session-store writes, CLI cleanup maintenance, and agent-delete session purges through a dedicated in-process writer and borrow the validated mutable cache during the writer slot, avoiding runtime file locks plus repeated sessions.json rereads and JSON clones on hot metadata updates. Refs #​68554. Thanks @​henkterharmsel.
  • Control UI/chat: show inline feedback when local slash-command dispatch is unavailable or fails unexpectedly instead of clearing the composer silently. Fixes #​52105. Thanks @​MooreQiao.
  • Memory/markdown: replace CRLF managed blocks in place and collapse duplicate marker blocks without rewriting unmanaged markdown, so Dreaming and Memory Wiki files self-heal from repeated generated sections. Fixes #​75491; supersedes #​75495, #​75810, and #​76008. Thanks @​asaenokkostya-coder, @​ottodeng, @​everettjf, and @​lrg913427-dot.
  • Agents/tools: return critical tool-loop circuit-breaker stops as blocked tool results instead of thrown tool failures, so models see the guardrail and stop retrying the same call. Thanks @​rayraiser.
  • Agents/sessions: preserve pre-existing runtime model and context window after heartbeat turns so a per-run heartbeat model override does not bleed into shared-session status. Fixes #​75452. Thanks @​zhangguiping-xydt.
  • Model commands: clarify direct and inline /model acknowledgements for non-default selections as session-scoped. Thanks @​addu2612.
  • Doctor/gateway: stop warning that non-existent, unconfigured user-bin directories are required in the Gateway service PATH. Fixes #​76017. Thanks @​xiphis.
  • TUI/chat: skip full provider model normalization during context-window warmup while preserving provider-owned context metadata, avoiding cold-start stalls with large model registries. Thanks @​547895019.
  • Agents: enable malformed tool-call argument repair for Codex and Azure OpenAI Responses transports while keeping generic OpenAI Responses paths out of the repair gate. Fixes #​75154. Thanks @​Nimraakram22.
  • Memory Wiki: accept relative Markdown links that include the .md suffix during broken-wikilink validation, avoiding false positives for native render-mode links. Thanks @​Kenneth8128.
  • OpenAI Codex: show the device-pairing code in the interactive SSH/headless prompt while keeping the short-lived code out of persistent runtime logs. Fixes #​74212. Thanks @​da22le123.
  • QA Lab: stop gateway children when the suite parent disappears, so interrupted local QA runs cannot leave hot orphaned gateways behind.
  • Codex/app-server: tolerate a second connection close during startup recovery and include retry counts plus stringified errors in the restart warning, so concurrent lanes do not fail after one shared-client race.
  • Plugins/CLI: cache plugin CLI registration entries per command program so completion state generation does not repeat the full plugin sweep in one invocation. Thanks @​ScientificProgrammer.
  • Plugins: reuse gateway-bindable plugin loader cache entries for later default-mode loads without serving default-built registries to gateway-bound requests, reducing repeated plugin registration during dispatch. Refs #​61756. Thanks @​DmitryPogodaev.
  • Gateway/secrets: include the caught error message in secrets.reload and secrets.resolve warning logs while keeping RPC errors generic, so operators can diagnose reload and permission failures. Thanks @​davidangularme.
  • Providers/OpenRouter: fill DeepSeek V4 reasoning_content replay placeholders for openrouter/deepseek/deepseek-v4-flash and openrouter/deepseek/deepseek-v4-pro, so thinking/tool follow-up turns do not fail with DeepSeek's replay-shape error. Fixes #​76018. Thanks @​cloph-dsp.
  • Anthropic-compatible streams: recover text deltas that arrive before their matching content block, so Kimi Code and similar providers do not finish as empty incomplete_result replies. Fixes #​76007. Thanks @​vliuyt.
  • fix(infra): block workspace state-directory env override [AI]. (#​75940) Thanks @​pgondhi987.
  • MCP/OpenAI: normalize parameter-free tool schemas whose top-level object properties is missing, null, or invalid before sending tools to OpenAI, so MCP tools without params stay usable. Fixes #​75362. Thanks @​tolkonepiu and @​SymbolStar.
  • Control UI/WebChat: add server-side chat-draft microphone dictation via the existing audio transcription pipeline, avoiding browser Web Speech while keeping provider credentials on the Gateway. Fixes #​47311. Thanks @​jmomford.
  • TTS: honor explicit short [[tts:text]]...[[/tts:text]] blocks while keeping untagged short auto-TTS suppressed, so tagged voice replies are synthesized instead of being dropped as empty voice-only payloads. Fixes #​73758. Thanks @​yfge.
  • Hooks/doctor: warn when hooks.transformsDir points outside the canonical hooks transform directory, so invalid workspace skill paths get a direct recovery hint before the Gateway crash-loops. Fixes #​75853. Thanks @​midobk.
  • Proxy/audio: convert standard FormData bodies before proxy-backed undici fetches, so audio transcription and multipart uploads no longer send [object FormData] when HTTP_PROXY or HTTPS_PROXY is configured. Fixes #​48554. Thanks @​dco5.
  • Discord: allow explicitly configured ack reactions in tool-only guild channels while keeping automatic lifecycle/status reactions suppressed. Fixes #​74922. Thanks @​samvilian and @​BlueBirdBack.
  • Discord: enable session-backed A2A announce target lookup so sessions_send uses the target session's deliveryContext.accountId or lastAccountId instead of falling back to the default bot in multi-account setups. Fixes #​42652; refs #​51626 and #​44773; supersedes #​73975. Thanks @​irchelper, @​dpalfox, and @​Lanfei.
  • Discord/setup: write resolved guild/channel allowlist selections to the selected guild and channel instead of falling back to the wildcard guild during setup. Supersedes #​47788. Thanks @​Eldersonar.
  • Discord: treat abort-time Carbon reconnect-exhausted events as expected shutdown during stale-socket restarts, so health-monitor restarts no longer reject the monitor lifecycle. Carries forward #​58216; supersedes #​73949. Thanks @​Perttulands.
  • Discord/native commands: return an explicit warning when slash command dispatch or direct plugin execution produces no visible reply instead of a success-style completion ack. Fixes #​58986; supersedes #​62057. Thanks @​jb510.
  • Discord: keep typing indicators alive during long tool runs and auto-compaction while keepalive ticks continue, so active sessions do not appear stalled before the final reply. Thanks @​Squirbie.
  • Discord: preserve multipart Content-Type headers for attachment uploads across REST fetch paths, so generated images and other media no longer fail delivery with CONTENT_TYPE_INVALID. Thanks @​FunJim.
  • Discord: preserve attachment and sticker filenames when saving inbound media, so agents can see human-readable file names instead of only UUID-based paths. Fixes #​59744. Thanks @​xela92 and @​rockcent.
  • Discord: preserve non-ASCII channel names in session display labels while keeping allowlist matching on the existing ASCII slug contract. Thanks @​swjeong9.
  • Discord/PluralKit: canonicalize proxied webhook turns to the original Discord message id for inbound dedupe, while preserving the proxy message id for reply routing. Thanks @​acgh213.
  • Discord: only inject thread starter context on the first turn of the effective thread session, so follow-up thread replies do not repeat the starter block. Fixes #​41355; supersedes #​44447 and #​44449. Thanks @​p3nchan.
  • Discord: resolve thread ownerId and parentId from Discord API-style snake_case payload fields, so bot-owned autoThreads do not require unnecessary mentions. Thanks @​mgh3326.
  • Gateway/diagnostics: include a bounded redacted startup error message in stability bundles, so crash-loop reports identify the failing plugin or contract without exposing secrets. Refs #​75797. Thanks @​ymebosma.
  • Gateway/pricing: defer optional model pricing catalog refresh until after sidecars and channels reach the ready path, so slow OpenRouter or LiteLLM pricing fetches cannot block Gateway readiness. Fixes #​74128; supersedes #​73486. Thanks @​ctbritt and @​alprclbi.
  • Gateway/pricing: abort in-flight model pricing catalog fetches when Gateway shutdown stops the refresh loop, and avoid post-stop cache writes or refresh timers. Fixes #​72208. Thanks @​rzcq.
  • Codex/app-server: make startup retry cleanup ownership-aware so concurrent Codex lanes cannot close another lane's freshly restarted shared app-server client. Thanks @​vincentkoc.
  • Google Meet/Twilio: report missing dial-in details during setup and explain that Twilio cannot join Meet URLs without a phone dial plan.
  • Google Meet/Twilio: start the phone leg before sending Meet PIN DTMF, delay intro speech until after the post-connect dial sequence, and log each stage so operators can tell Twilio-leg audio from Meet-room audio.
  • Voice Call: accept provider call IDs for gateway speak/continue requests and report ended-call state from history instead of returning a generic "Call not found" for stale calls.
  • Control UI/Talk: allow the OpenAI Realtime WebRTC offer endpoint through the Control UI CSP, configure browser sessions with explicit VAD/transcription input settings, and surface OpenAI realtime error/lifecycle events instead of leaving Talk stuck as live with no diagnostic. Fixes #​73427.
  • Plugins: clarify config-selected duplicate plugin override diagnostics and document manifest schema updates for bundled-plugin forks. Fixes #​8582. Thanks @​sachah.
  • CLI backends/Claude: make live-session JSONL turn caps bounded and configurable via reliability.outputLimits, raising the default guard for tool-heavy Claude CLI turns while preserving memory limits. Fixes #​75838. Thanks @​hcordoba840.
  • Telegram/DMs: keep incidental message_thread_id reply-with-quote metadata on the flat DM session by default while preserving opt-in DM topic isolation for configured topics, dm.threadReplies, and direct.<chatId>.threadReplies. Fixes #​75975. Thanks @​ProjectEvolutionEVE.
  • Telegram/network: raise outbound text and typing Bot API request guards to 60 seconds, keep low grammY client timeouts from preempting those guards, let higher timeoutSeconds configs extend safe method guards, and retry timed-out typing indicators through the transport fallback without risking duplicate messages. Fixes #​76013. Thanks @​iaki1206.
  • Telegram/native commands: register and clear command menus in both default and group-chat scopes, so /status and plugin commands stay available in forum topics. Fixes #​74032; updates #​6457. Thanks @​dae-sun and @​WouldenShyp.
  • Providers/OpenAI: resolve keychain:<service>:<account> OPENAI_API_KEY refs before creating OpenAI Realtime browser sessions or voice bridges, with a bounded cached Keychain lookup. Fixes #​72120. Thanks @​ctbritt.
  • Discord/gateway: reconnect when the gateway socket closes while waiting for the shared IDENTIFY concurrency window, instead of silently skipping IDENTIFY and leaving the bot online but unresponsive. Fixes #​74617. Thanks @​zeeskdr-ai.
  • Voice Call: add sessionScope: "per-call" for fresh per-call agent memory while preserving the default per-phone caller history. Fixes #​45280. Thanks @​pondcountry.
  • Music generation: raise too-small tool timeouts to the provider-safe 10-second floor and collapse cascading abort fallback errors into a clearer root-cause summary. Thanks @​shakkernerd.
  • Memory-core/dreaming: include the primary runtime workspace in multi-agent dreaming sweeps without mixing main-agent session transcripts into configured subagent workspaces. Fixes #​70014. Thanks @​ttomiczek.
  • Control UI: add tab/RPC timing attribution and decouple slow Overview/Cron secondary refreshes so Sessions navigation gets immediate visible feedback. Refs #​64004. Thanks @​WaMaSeDu.
  • Memory: retry transient SQLite index file swaps during atomic reindex on Windows, so brief EBUSY, EPERM, or EACCES locks do not fail memory rebuilds. Fixes #​64187. Thanks @​kunpeng-ai-lab.
  • Telegram/startup: use the existing getMe request guard for the gateway bot probe instead of a fixed 2.5-second budget, and honor higher timeoutSeconds configs for slow Telegram API paths. Fixes #​75783. Thanks @​tankotan.
  • Telegram/models: make model picker confirmations say selections are session-scoped and do not change the agent's persistent default. Fixes #​75965. Thanks @​sd1114820.
  • Control UI/slash commands: keep fallback command metadata on a browser-safe registry path, so provider thinking runtime imports cannot blank the Web UI with process is not defined. Fixes #​75987. Thanks @​novkien.
  • Heartbeat/Discord: keep async exec completion events out of the generic System (untrusted) prompt block and let the dedicated exec heartbeat prompt handle them, so Discord no longer receives raw exec failure tails as separate system-style messages. Fixes #​66366. Thanks @​Promee-ThaBossHoss.
  • Channels: strip plain-text MiniMax and XML tool-call scaffolding from shared user-facing reply sanitization, so messaging channels do not deliver raw model tool syntax when a provider emits it as text instead of structured tool calls. Fixes #​62820. Thanks @​canh0chua.
  • Infer/media: report missing image-understanding and audio-transcription provider configuration for image describe, image describe-many, and audio transcribe instead of blaming the input path when no provider is available. Fixes #​73569 and supersedes #​73593, #​74288, and #​74495. Thanks @​bittoby, @​tmimmanuel, @​Linux2010, and @​vyctorbrzezowski.
  • Docs/health: clarify that session listing surfaces stored conversation rows rather than Discord/channel socket liveness, and point connectivity checks at channel status and health probes. Fixes #​70420. Thanks @​ashersoutherncities-art and @​martingarramon.
  • WhatsApp/Cron: keep DM pairing-store approvals out of implicit cron and heartbeat recipient fallback, so scheduled automation only uses explicit targets, active configured recipients, or configured allowFrom entries. Fixes #​62339. Thanks @​kelvinisly-collab.
  • Google Meet: keep the agent-facing google_meet tool visible on non-macOS hosts but block local Chrome realtime actions with guidance, so Linux agents can still use transcribe, Twilio, chrome-node, and artifact flows without choosing the macOS-only BlackHole path. Refs #​75950. Thanks @​actual-software-inc.
  • macOS/settings: keep opening General from rewriting openclaw.json during Tailscale settings hydration, preserving gateway, auth, meta, and wizard until the user changes a setting. Fixes #​59545. Thanks @​Tengdw.
  • Discord: prioritize interaction callbacks ahead of stale background REST work without polling active REST buckets, validate oversized gateway payloads and member-intent requests before send, and forward explicit component payloads from message actions. (#​75363)
  • Active Memory: use the configured recall timeout as the blocking prompt-build hook budget by default and move cold-start setup grace behind explicit setupGraceTimeoutMs config, so the plugin no longer silently extends 15000 ms configs to 45000 ms on the main lane. Fixes #​75843. Thanks @​vishutdhar.
  • Plugins/web-provider: reuse the active gateway plugin registry for runtime web provider resolution after deriving the same candidate plugin ids as the loader path, avoiding a redundant loadOpenClawPlugins call on every request while preserving origin and scope filters. Fixes #​75513. Thanks @​jochen.
  • Crestodian/CLI: exit non-zero when interactive Crestodian is invoked without a TTY, so scripts and CI no longer treat the setup error as success. Fixes #​73646 and supersedes #​73928 and #​74059. Thanks @​bittoby, @​luyao618, and @​Linux2010.
  • Cron: keep implicit/default isolated cron announce deliveries out of the main session awareness queue, so isolated jobs do not accumulate in the main conversation. Fixes #​61426. Thanks @​Lihannon.
  • Subagents: avoid duplicate parent-visible replies when a parent uses sessions_send on its own persistent native subagent session, while preserving announce delivery for async sends. Fixes #​73550. Thanks @​sylviazhang2006-design.
  • Web search/Brave: add opt-in brave.http diagnostics for Brave request URLs/query params, response status/timing, and cache hit/miss/write events without logging API keys or response bodies. Fixes #​55196. Thanks @​mecampbellsoup.
  • Web search/Brave: add plugins.entries.brave.config.webSearch.baseUrl for Brave-compatible proxies, including endpoint-aware cache keys for both web and LLM Context modes. Fixes #​19075. Thanks @​jkoprax and @​vishnukool.
  • Web search/config: validate explicit tools.web.search.provider values against bundled and installed plugin manifests, while warning for stale third-party plugin config. Fixes #​53092. Thanks @​TinyTb.
  • Web search/SearXNG: retry empty non-general category searches once with the general category, so unsupported category engines do not return empty results when general search has matches. Fixes #​73552. Thanks @​Loukky.
  • CLI/message: skip gateway-stop hooks for read-only message read and bound stop-hook shutdown for other message actions, so one-shot Discord reads cannot hang behind plugin lifecycle cleanup.
  • Plugins/web-provider: cache repeated bundled web search and web fetch provider registry loads by default while preserving explicit cache opt-outs. Supersedes #​75992. Thanks @​DmitryPogodaev.
  • Agents/sandbox: preserve existing workspace file modes when sandbox edits atomically replace files, so 0644 files do not collapse to 0600 after Write/Edit/apply_patch. Fixes #​44077. Thanks @​patosullivan.
  • Control UI/WebChat: route typed /new through the New Chat dashboard-session creation flow instead of chat.send, while keeping /reset as the explicit current-session reset. Fixes #​69599. Thanks @​WolvenRA.
  • Agents/models: keep legacy CLI runtime model refs such as claude-cli/* in the configured allowlist after canonical runtime migration, so cron payload.model overrides keep working. Fixes #​75753. Thanks @​RyanSandoval.
  • Codex/app-server: restart the shared Codex app-server client once when it closes during startup thread resume, preserving the existing thread binding instead of retrying thread/start on a closed client. Thanks @​vincentkoc.
  • Gateway/watch: keep colored subsystem log prefixes in the managed tmux pane even when the parent shell exports NO_COLOR, while preserving explicit FORCE_COLOR=0 opt-out. Thanks @​vincentkoc.
  • Agents/compaction: submit a non-empty runtime-event marker for pre-compaction memory flush turns, so strict Anthropic providers no longer reject the silent flush as an empty user message. Fixes #​75305. Thanks @​sableassistant3777-source.
  • Plugin SDK: re-export isPrivateIpAddress from plugin-sdk/ssrf-runtime, restoring source-checkout builds for SearXNG and Firecrawl private-network guards. Thanks @​vincentkoc.
  • Discord/message actions: advertise upload-file and route it through Discord's send runtime with agent-scoped media reads, so agents can discover and send file attachments. Fixes #​60652 and supersedes #​60808, #​61087, and #​61100. Thanks @​claw-io, @​efe-arv, @​joelnishanth, and @​sjhddh.
  • Sessions: suppress exact inter-session control replies such as NO_REPLY and keep agent-to-agent announce bookkeeping out of visible transcripts. Fixes #​53145. Thanks @​TarahAssistant.
  • CLI/directory: report unsupported directory operations for installed channel plugins instead of prompting to reinstall the plugin when it lacks a directory adapter. Fixes #​75770. Thanks @​lawong888.
  • Web search/SearXNG: show the JSON API search.formats prerequisite during SearXNG setup before prompting for the base URL. Supersedes #​65592. Thanks @​evanpaul14.
  • Web search/SearXNG: pass through img_src image URLs from SearXNG image-category results. Supersedes #​61416. Thanks @​sghael.
  • Web search/Kimi: fail explicitly when Moonshot returns an ungrounded chat answer instead of native web-search evidence, so Kimi no longer reports generic fallback text as a successful search. Fixes #​52573. Thanks @​wangwllu.
  • Web search: keep public provider requests on the strict SSRF guard and reserve private-network access for explicit self-hosted SearXNG/Firecrawl endpoints. Fixes #​74357 and supersedes #​74360. Thanks @​fede-kamel.
  • Firecrawl: reject private, loopback, metadata, and non-HTTP(S) firecrawl_scrape target URLs before forwarding them to Firecrawl. Supersedes #​48133. Thanks @​kn1ghtc.
  • Web search/Firecrawl: allow self-hosted private/internal Firecrawl baseUrl endpoints, including HTTP for private targets, while keeping hosted Firecrawl on the strict official endpoint. Fixes #​63877 and supersedes #​59666, #​63941, and #​74013. Thanks @​jhthompson12, @​jzakirov, @​Mlightsnow, and @​shad0wca7.
  • CLI/models: report gateway model fallback attempts in infer model run --json and avoid double-prefixing provider-qualified defaults such as openrouter/auto in models status. Partially fixes #​69527. Thanks @​alexifra.
  • Providers/OpenRouter: strip trailing assistant prefill turns from verified OpenRouter Anthropic model requests when reasoning is enabled, so Claude 4.6 routes no longer fail with Anthropic's prefill rejection through the OpenAI-compatible adapter. Fixes #​75395. Thanks @​sbmilburn.
  • Voice Call: add per-number inbound routing for dialed-number greetings, response agents/models/prompts, and TTS voice overrides. Fixes #​56604. Thanks @​healthstatus.
  • Feishu: preserve Feishu/Lark HTTP error bodies for message sends, media sends, and chat member lookups, so HTTP 400 failures include vendor code, message, log id, and troubleshooter details. Fixes #​73860. Thanks @​desksk.
  • Agents/transcripts: avoid reopening large Pi transcript files through the synchronous session manager for maintenance rewrites, persisted tool-result truncation, manual compaction boundary hardening, and queued compaction rotation. Thanks @​mariozechner.
  • Web search/Exa: accept plugins.entries.exa.config.webSearch.baseUrl, normalize it to the Exa /search endpoint, and partition cached results by endpoint. Fixes #​54928 and supersedes #​54939. Thanks @​mrpl327 and @​lyfuci.
  • Web search/MiniMax: include MiniMax Search in the web-search setup flow and let MINIMAX_API_KEY participate in MiniMax Search auto-detection. Supersedes #​65828. Thanks @​Jah-yee.
  • Plugins/ClawHub: preserve official source-linked trust through archive installs, so OpenClaw can install trusted ClawHub plugin packages that trigger the built-in dangerous-pattern scanner. Thanks @​vincentkoc.
  • Plugins/ClawHub: install package runtime dependencies for archive-backed plugin installs, so ClawHub packages such as WhatsApp load declared dependencies after download. Thanks @​vincentkoc.
  • Plugins/tools: cache repeated plugin tool factory results only for matching request context, reducing per-turn tool prep without leaking sandbox, session, browser, delivery, or runtime config state. Fixes #​75956. Thanks @​Linux2010.
  • Providers/LM Studio: allow models.providers.lmstudio.params.preload: false to skip OpenClaw's native model-load call so LM Studio JIT loading, idle TTL, and auto-evict can own model lifecycle. Fixes #​75921. Thanks @​garyd9.
  • Agents/transcripts: keep chat history, restart recovery, fork token checks, and stale-token compaction checks on bounded async transcript reads or cached async indexes instead of reparsing

Configuration

📅 Schedule: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

> ℹ️ **Note** > > This PR body was truncated due to platform limits. This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [ghcr.io/openclaw/openclaw](https://openclaw.ai) ([source](https://redirect.github.com/openclaw/openclaw)) | final | minor | `2026.4.29` → `2026.5.2` | --- ### Release Notes <details> <summary>openclaw/openclaw (ghcr.io/openclaw/openclaw)</summary> ### [`v2026.5.2`](https://redirect.github.com/openclaw/openclaw/blob/HEAD/CHANGELOG.md#202652) [Compare Source](https://redirect.github.com/openclaw/openclaw/compare/v2026.4.29...v2026.5.2) ##### Highlights - External plugin installation now covers diagnostics, onboarding, doctor repair, channel setup, install/update records, and artifact metadata while keeping bare package installs on npm for the first cutover. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway startup, session listing, task maintenance, prompt prep, plugin loading, and filesystem hot paths get targeted cache and fanout reductions for large or plugin-heavy installs. - Control UI and WebChat reliability improves across Sessions, Cron, long-running Gateway WebSockets, grouped-message width, slash-command feedback, iOS PWA bounds, selection contrast, and Talk diagnostics. - Channel and provider fixes cover Telegram topic commands and networking, Discord delivery and startup edge cases, OpenAI-compatible TTS/Realtime, OpenRouter/DeepSeek replay, Anthropic-compatible streaming, Brave/SearXNG/Firecrawl web search, and voice-call routing. ##### Changes - Gateway/startup: skip plugin-backed auth-profile overlays during startup secrets preflight, reducing gateway readiness latency while keeping reload and OAuth recovery paths overlay-capable. ([#&#8203;68327](https://redirect.github.com/openclaw/openclaw/issues/68327)) Thanks [@&#8203;JIRBOY](https://redirect.github.com/JIRBOY). - Plugins/ClawHub: make diagnostics, onboarding, doctor repair, and channel setup carry ClawPack metadata through install records while keeping explicit `clawhub:` installs on ClawHub and bare package installs on npm for the launch cutover. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/runtime: scope broad runtime preloads to the effective plugin ids derived from config, startup planning, configured channels, slots, and auto-enable rules instead of importing every discoverable plugin. - Agents/runtime: reuse the startup-loaded plugin registry for request-time providers, tools, channel actions, web/capability/memory/migration helpers, and memoized provider extra-params so stable embedded-run inputs no longer repeat plugin registry resolution while model-specific transport hook patches stay isolated. Thanks [@&#8203;DmitryPogodaev](https://redirect.github.com/DmitryPogodaev). - Agents/runtime: memoize transcript replay-policy resolution for stable config and process-env runs while preserving custom-env provider hook behavior. Thanks [@&#8203;DmitryPogodaev](https://redirect.github.com/DmitryPogodaev). - Infra/path-guards: add a fast path for canonical absolute POSIX containment checks, avoiding repeated `path.resolve` and `path.relative` work in hot filesystem walkers. Refs [#&#8203;75895](https://redirect.github.com/openclaw/openclaw/issues/75895), [#&#8203;75575](https://redirect.github.com/openclaw/openclaw/issues/75575), and [#&#8203;68782](https://redirect.github.com/openclaw/openclaw/issues/68782). Thanks [@&#8203;Enderfga](https://redirect.github.com/Enderfga). - Tools: add a platform-level tool descriptor planner for descriptor-first visibility, generic availability checks, and executor references. Thanks [@&#8203;shakkernerd](https://redirect.github.com/shakkernerd). - Plugins/tools: cache plugin tool descriptors captured from `api.registerTool(...)` so repeated prompt-time planning can skip plugin runtime loading while execution still loads the live plugin tool. ([#&#8203;76079](https://redirect.github.com/openclaw/openclaw/issues/76079)) Thanks [@&#8203;shakkernerd](https://redirect.github.com/shakkernerd). - Docs/Codex: clarify that ChatGPT/Codex subscription setups should use `openai/gpt-*` with `agentRuntime.id: "codex"` for native Codex runtime, while `openai-codex/*` remains the PI OAuth route. Thanks [@&#8203;pashpashpash](https://redirect.github.com/pashpashpash). - Plugins/source checkout: load bundled plugins from the `extensions/*` pnpm workspace tree in source checkouts, so plugin-local dependencies and edits are used directly while packaged installs keep using the built runtime tree. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/beta: externalize ACPX behind the official `@openclaw/acpx` package so packaged installs keep ACP harness adapter binaries out of core until the ACP backend is installed. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/beta: externalize diagnostics OpenTelemetry behind the official `@openclaw/diagnostics-otel` package so packaged installs keep the OTEL dependency stack out of core until the plugin is installed. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/beta: prepare Google Chat, LINE, Matrix, and Mattermost for `2026.5.1-beta.2` npm and ClawHub publishing, and keep publishable plugin dist trees out of the core npm package. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/beta: prepare BlueBubbles, diagnostics Prometheus, Google Meet, Nextcloud Talk, Nostr, Zalo, and Zalo Personal for `2026.5.1-beta.2` npm and ClawHub publishing. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/beta: prepare diagnostics OpenTelemetry, Discord, Diffs, Lobster, Memory LanceDB, Microsoft Teams, QQ Bot, Voice Call, and WhatsApp for `2026.5.1-beta.1` npm and ClawHub publishing. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/beta: prepare Brave, Codex, Feishu, Synology Chat, Tlon, and Twitch for `2026.5.1-beta.1` npm and ClawHub publishing. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Providers/xAI: add Grok 4.3 to the bundled catalog and make it the default xAI chat model. - Google Meet: let API-created rooms set `accessType` and `entryPointAccess`, and add `googlemeet end-active-conference` for closing managed spaces after a call. ([#&#8203;74824](https://redirect.github.com/openclaw/openclaw/issues/74824)) Thanks [@&#8203;BsnizND](https://redirect.github.com/BsnizND). - Google Meet: add `googlemeet test-listen` and the matching `google_meet` `test_listen` action so transcribe-mode joins wait for real caption or transcript movement before reporting listen-first health. Refs [#&#8203;72478](https://redirect.github.com/openclaw/openclaw/issues/72478). Thanks [@&#8203;DougButdorf](https://redirect.github.com/DougButdorf). - Plugins/ClawHub: prefer versioned ClawPack artifacts when ClawHub publishes digest metadata, verifying the ClawPack response header and downloaded bytes before installing. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/ClawHub: persist ClawPack digest metadata on ClawHub plugin install and update records so registry refreshes and download verification can reuse stored artifact facts. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/ClawHub: allow official bundled-plugin cutovers to record ClawHub artifact metadata while preserving npm as the launch default for bare package specs. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/onboarding: allow install-on-demand provider setup entries to persist ClawHub artifact metadata after explicit ClawHub installs while retaining npm/local fallback paths. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/Crestodian: add ClawHub plugin search plus Crestodian plugin list/search/install/uninstall operations, with approval and audit coverage for install and uninstall. - Channels/thread bindings: replace split subagent/ACP thread-spawn toggles with `threadBindings.spawnSessions`, default thread-bound spawns on, and let `openclaw doctor --fix` migrate the legacy keys. ([#&#8203;75943](https://redirect.github.com/openclaw/openclaw/issues/75943)) - Providers/OpenAI: add `extraBody`/`extra_body` passthrough for OpenAI-compatible TTS endpoints, so custom speech servers can receive fields such as `lang` in `/audio/speech` requests. Fixes [#&#8203;39900](https://redirect.github.com/openclaw/openclaw/issues/39900). Thanks [@&#8203;R3NK0R](https://redirect.github.com/R3NK0R). - Dependencies: refresh workspace dependency pins, including TypeBox 1.1.37, AWS SDK 3.1041.0, Microsoft Teams 2.0.9, and Marked 18.0.3. Thanks [@&#8203;mariozechner](https://redirect.github.com/mariozechner), [@&#8203;aws](https://redirect.github.com/aws), and [@&#8203;microsoft](https://redirect.github.com/microsoft). - Discord/channels: add reusable message-channel access groups plus Discord channel-audience DM authorization, so allowlists can reference `accessGroup:<name>` across channel auth paths. ([#&#8203;75813](https://redirect.github.com/openclaw/openclaw/issues/75813)) - Crabbox/scripts: print the selected Crabbox binary, version, and supported providers before `pnpm crabbox:*` commands, and reject stale binaries that lack `blacksmith-testbox` provider support. - Agents/Codex: add committed happy-path prompt snapshots for Codex/message-tool Telegram direct, Discord group, and heartbeat turns so prompt drift can be reviewed. Thanks [@&#8203;pashpashpash](https://redirect.github.com/pashpashpash). ##### Fixes - CLI/message: skip eager model context warmup and preserve channel-declared gateway execution for Discord and Telegram message actions, avoiding Codex app-server/model discovery during simple send/read commands. Thanks [@&#8203;fuller-stack-dev](https://redirect.github.com/fuller-stack-dev). - Codex/app-server: resolve managed binaries from bundled `dist` chunks and from the `@openai/codex` package bin when installs do not provide a nearby `.bin/codex` shim, avoiding false missing-binary startup failures. - Plugins/ClawHub: use the ClawHub artifact resolver response as the install decision before downloading, keeping legacy ZIP fallback and future ClawPack npm-pack installs on the same explicit resolver path. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/ClawHub: keep bare plugin package specs on npm for the launch cutover and reserve ClawHub resolution for explicit `clawhub:` specs until ClawHub pack readiness is deployed. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/source checkout: discover source-only plugins such as Codex from the `extensions/*` workspace while using npm package excludes as the packaged-core boundary, removing the stale core-bundle metadata path. - Plugins/ClawHub: install ClawPack artifacts from the explicit npm-pack `.tgz` resolver path and persist artifact kind, npm integrity, shasum, and tarball metadata for update and diagnostics flows. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Control UI: allow deployments to configure grouped chat message max-width with a validated `gateway.controlUi.chatMessageMaxWidth` setting instead of patching bundled CSS after upgrades. Fixes [#&#8203;67935](https://redirect.github.com/openclaw/openclaw/issues/67935). Thanks [@&#8203;xiew4589-lang](https://redirect.github.com/xiew4589-lang). - Control UI/Cron: ignore malformed persisted cron rows without valid payloads before they enter UI state and guard stale cron render paths, preventing blank Control UI sections after a bad cron snapshot. Fixes [#&#8203;55047](https://redirect.github.com/openclaw/openclaw/issues/55047) and [#&#8203;54439](https://redirect.github.com/openclaw/openclaw/issues/54439); supersedes [#&#8203;54550](https://redirect.github.com/openclaw/openclaw/issues/54550) and [#&#8203;54552](https://redirect.github.com/openclaw/openclaw/issues/54552). - Control UI/sessions: bound the default Sessions tab query to recent activity and fewer rows, avoiding expensive full-history loads while keeping filters editable. Fixes [#&#8203;76050](https://redirect.github.com/openclaw/openclaw/issues/76050). ([#&#8203;76051](https://redirect.github.com/openclaw/openclaw/issues/76051)) Thanks [@&#8203;Neomail2](https://redirect.github.com/Neomail2). - Gateway/channels: cap startup fanout at four channel/account handoffs and recover from Bonjour ciao self-probe races, reducing Windows startup stalls with many Telegram accounts. Fixes [#&#8203;75687](https://redirect.github.com/openclaw/openclaw/issues/75687). - Gateway/sessions: keep `sessions.list` polling responsive on large session stores by reusing list-safe session cache/indexes and returning a lightweight compaction checkpoint preview instead of heavyweight summaries. Thanks [@&#8203;rolandrscheel](https://redirect.github.com/rolandrscheel). - Control UI/Gateway: keep long-running dashboard WebSocket sessions alive with protocol pings and keep Stop available after reconnect or reload by recovering session-scoped active-run abort state. Fixes [#&#8203;70991](https://redirect.github.com/openclaw/openclaw/issues/70991). Thanks [@&#8203;alexandre-leng](https://redirect.github.com/alexandre-leng). - CLI/update: treat inherited Gateway service markers as origin hints and only block package replacement when the managed Gateway is still live, so self-updates can stop the service and continue safely. ([#&#8203;75729](https://redirect.github.com/openclaw/openclaw/issues/75729)) Thanks [@&#8203;hxy91819](https://redirect.github.com/hxy91819). - Agents/failover: exempt run-level timeouts that fire during tool execution from model fallback, timeout-triggered compaction, and generic timeout payload synthesis, avoiding misleading "LLM request timed out" errors after the primary model has already responded. Fixes [#&#8203;52147](https://redirect.github.com/openclaw/openclaw/issues/52147). ([#&#8203;75873](https://redirect.github.com/openclaw/openclaw/issues/75873)) Thanks [@&#8203;simonusa](https://redirect.github.com/simonusa). - Docker: copy Bun 1.3.13 from a digest-pinned image and keep CI on the same version. Fixes [#&#8203;74356](https://redirect.github.com/openclaw/openclaw/issues/74356). Thanks [@&#8203;fede-kamel](https://redirect.github.com/fede-kamel) and [@&#8203;sallyom](https://redirect.github.com/sallyom). - Agents/compaction: keep prior context on consecutive turns against z.ai-style providers (z.ai direct, openrouter z-ai/\*, in-house GLM gateways), avoiding accidental Pi state reset after successful turns. ([#&#8203;76056](https://redirect.github.com/openclaw/openclaw/issues/76056)) Thanks [@&#8203;openperf](https://redirect.github.com/openperf). - Doctor/plugins: run a one-time 2026.5.2 configured-plugin install repair based on `meta.lastTouchedVersion`, installing actively used downloadable OpenClaw plugins through the configured external source before marking the config touched for the release. - Sessions/transcripts: use one `session.writeLock.acquireTimeoutMs` policy for session transcript lock acquisitions and raise the default wait to 60 seconds, avoiding user-visible lock timeouts during legitimate slow prep, cleanup, compaction, and mirror work. Fixes [#&#8203;75894](https://redirect.github.com/openclaw/openclaw/issues/75894). Thanks [@&#8203;shandutta](https://redirect.github.com/shandutta). - Control UI: contain the standalone iOS PWA viewport with safe-area-aware document locking, so Add-to-Home-Screen launches cannot scroll past the device bounds. Refs [#&#8203;76072](https://redirect.github.com/openclaw/openclaw/issues/76072). Thanks [@&#8203;kvncrw](https://redirect.github.com/kvncrw). - Agents/restart recovery: match cleaned transcript locks by exact transcript lock paths plus the canonical session fallback, so interrupted main sessions using topic-suffixed transcripts resume after gateway restart. Refs [#&#8203;76052](https://redirect.github.com/openclaw/openclaw/issues/76052). Thanks [@&#8203;anyech](https://redirect.github.com/anyech). - Agents/runtime: cache the stable system-prompt prefix and reuse prompt-report tool schema stats during dispatch prep, reducing repeated CPU work before streaming starts. Fixes [#&#8203;75999](https://redirect.github.com/openclaw/openclaw/issues/75999); supersedes [#&#8203;76061](https://redirect.github.com/openclaw/openclaw/issues/76061). Thanks [@&#8203;zackchiutw](https://redirect.github.com/zackchiutw) and [@&#8203;STLI69](https://redirect.github.com/STLI69). - Control UI/WebChat: use high-contrast text selection colors so highlighted chat text stays visible across themes. Fixes [#&#8203;60850](https://redirect.github.com/openclaw/openclaw/issues/60850); supersedes [#&#8203;60854](https://redirect.github.com/openclaw/openclaw/issues/60854). Thanks [@&#8203;Badschaff](https://redirect.github.com/Badschaff) and [@&#8203;efe-arv](https://redirect.github.com/efe-arv). - Telegram/native commands: pass persisted session files into plugin commands for topic-bound sessions, so `/codex bind` works from Telegram forum topics. Refs [#&#8203;75845](https://redirect.github.com/openclaw/openclaw/issues/75845) and [#&#8203;76049](https://redirect.github.com/openclaw/openclaw/issues/76049). Thanks [@&#8203;MatthewSchleder](https://redirect.github.com/MatthewSchleder). - Security audit/plugins: ignore plugin install backup, disabled, and dependency debris directories when enumerating installed plugin roots, avoiding false-positive findings for `.openclaw-install-backups` after plugin updates. Fixes [#&#8203;75456](https://redirect.github.com/openclaw/openclaw/issues/75456). - Telegram: honor runtime conversation bindings for native slash commands in bound top-level groups, so commands like `/status@bot` route to the active non-`main` session instead of falling back to the default route. Fixes [#&#8203;75405](https://redirect.github.com/openclaw/openclaw/issues/75405); supersedes [#&#8203;75558](https://redirect.github.com/openclaw/openclaw/issues/75558). Thanks [@&#8203;ziptbm](https://redirect.github.com/ziptbm) and [@&#8203;yfge](https://redirect.github.com/yfge). - Gateway/tasks: make task registry maintenance use pass-local backing-session lookups and fresh active child-session indexes, avoiding repeated full task snapshots and session-store clones on large stale registries. Fixes [#&#8203;73517](https://redirect.github.com/openclaw/openclaw/issues/73517) and [#&#8203;75708](https://redirect.github.com/openclaw/openclaw/issues/75708); supersedes [#&#8203;74406](https://redirect.github.com/openclaw/openclaw/issues/74406) and [#&#8203;75709](https://redirect.github.com/openclaw/openclaw/issues/75709). Thanks [@&#8203;Lightningxxl](https://redirect.github.com/Lightningxxl), [@&#8203;glfruit](https://redirect.github.com/glfruit), and [@&#8203;jared-rebel](https://redirect.github.com/jared-rebel). - Auth/sessions: JSON-clone auth-profile cache/runtime snapshots and remaining session cleanup previews instead of using `structuredClone`, preserving mutation isolation while avoiding native-memory growth on large stores. Fixes [#&#8203;45438](https://redirect.github.com/openclaw/openclaw/issues/45438). Thanks [@&#8203;markus-lassfolk](https://redirect.github.com/markus-lassfolk). - Models CLI: restore `openclaw models list --provider <id>` catalog and registry fallback rows for unconfigured providers, so provider-specific verification commands no longer report "No models found." Fixes [#&#8203;75517](https://redirect.github.com/openclaw/openclaw/issues/75517); supersedes [#&#8203;75615](https://redirect.github.com/openclaw/openclaw/issues/75615). Thanks [@&#8203;lotsoftick](https://redirect.github.com/lotsoftick) and [@&#8203;koshaji](https://redirect.github.com/koshaji). - Gateway/macOS: write LaunchAgent services with a canonical system PATH and stop preserving old plist PATH entries, so Volta, asdf, fnm, and pnpm shell paths no longer affect gateway child-process Node resolution. Fixes [#&#8203;75233](https://redirect.github.com/openclaw/openclaw/issues/75233); supersedes [#&#8203;75246](https://redirect.github.com/openclaw/openclaw/issues/75246). Thanks [@&#8203;nphyde2](https://redirect.github.com/nphyde2). - Slack/hooks: preserve bot alert attachment text in message-received hook content when command text is blank. Fixes [#&#8203;76035](https://redirect.github.com/openclaw/openclaw/issues/76035); refs [#&#8203;76036](https://redirect.github.com/openclaw/openclaw/issues/76036). Thanks [@&#8203;amsminn](https://redirect.github.com/amsminn). - Sessions/agents: route Gateway session-store writes, CLI cleanup maintenance, and agent-delete session purges through a dedicated in-process writer and borrow the validated mutable cache during the writer slot, avoiding runtime file locks plus repeated `sessions.json` rereads and JSON clones on hot metadata updates. Refs [#&#8203;68554](https://redirect.github.com/openclaw/openclaw/issues/68554). Thanks [@&#8203;henkterharmsel](https://redirect.github.com/henkterharmsel). - Control UI/chat: show inline feedback when local slash-command dispatch is unavailable or fails unexpectedly instead of clearing the composer silently. Fixes [#&#8203;52105](https://redirect.github.com/openclaw/openclaw/issues/52105). Thanks [@&#8203;MooreQiao](https://redirect.github.com/MooreQiao). - Memory/markdown: replace CRLF managed blocks in place and collapse duplicate marker blocks without rewriting unmanaged markdown, so Dreaming and Memory Wiki files self-heal from repeated generated sections. Fixes [#&#8203;75491](https://redirect.github.com/openclaw/openclaw/issues/75491); supersedes [#&#8203;75495](https://redirect.github.com/openclaw/openclaw/issues/75495), [#&#8203;75810](https://redirect.github.com/openclaw/openclaw/issues/75810), and [#&#8203;76008](https://redirect.github.com/openclaw/openclaw/issues/76008). Thanks [@&#8203;asaenokkostya-coder](https://redirect.github.com/asaenokkostya-coder), [@&#8203;ottodeng](https://redirect.github.com/ottodeng), [@&#8203;everettjf](https://redirect.github.com/everettjf), and [@&#8203;lrg913427-dot](https://redirect.github.com/lrg913427-dot). - Agents/tools: return critical tool-loop circuit-breaker stops as blocked tool results instead of thrown tool failures, so models see the guardrail and stop retrying the same call. Thanks [@&#8203;rayraiser](https://redirect.github.com/rayraiser). - Agents/sessions: preserve pre-existing runtime model and context window after heartbeat turns so a per-run heartbeat model override does not bleed into shared-session status. Fixes [#&#8203;75452](https://redirect.github.com/openclaw/openclaw/issues/75452). Thanks [@&#8203;zhangguiping-xydt](https://redirect.github.com/zhangguiping-xydt). - Model commands: clarify direct and inline `/model` acknowledgements for non-default selections as session-scoped. Thanks [@&#8203;addu2612](https://redirect.github.com/addu2612). - Doctor/gateway: stop warning that non-existent, unconfigured user-bin directories are required in the Gateway service PATH. Fixes [#&#8203;76017](https://redirect.github.com/openclaw/openclaw/issues/76017). Thanks [@&#8203;xiphis](https://redirect.github.com/xiphis). - TUI/chat: skip full provider model normalization during context-window warmup while preserving provider-owned context metadata, avoiding cold-start stalls with large model registries. Thanks [@&#8203;547895019](https://redirect.github.com/547895019). - Agents: enable malformed tool-call argument repair for Codex and Azure OpenAI Responses transports while keeping generic OpenAI Responses paths out of the repair gate. Fixes [#&#8203;75154](https://redirect.github.com/openclaw/openclaw/issues/75154). Thanks [@&#8203;Nimraakram22](https://redirect.github.com/Nimraakram22). - Memory Wiki: accept relative Markdown links that include the `.md` suffix during broken-wikilink validation, avoiding false positives for native render-mode links. Thanks [@&#8203;Kenneth8128](https://redirect.github.com/Kenneth8128). - OpenAI Codex: show the device-pairing code in the interactive SSH/headless prompt while keeping the short-lived code out of persistent runtime logs. Fixes [#&#8203;74212](https://redirect.github.com/openclaw/openclaw/issues/74212). Thanks [@&#8203;da22le123](https://redirect.github.com/da22le123). - QA Lab: stop gateway children when the suite parent disappears, so interrupted local QA runs cannot leave hot orphaned gateways behind. - Codex/app-server: tolerate a second connection close during startup recovery and include retry counts plus stringified errors in the restart warning, so concurrent lanes do not fail after one shared-client race. - Plugins/CLI: cache plugin CLI registration entries per command program so completion state generation does not repeat the full plugin sweep in one invocation. Thanks [@&#8203;ScientificProgrammer](https://redirect.github.com/ScientificProgrammer). - Plugins: reuse gateway-bindable plugin loader cache entries for later default-mode loads without serving default-built registries to gateway-bound requests, reducing repeated plugin registration during dispatch. Refs [#&#8203;61756](https://redirect.github.com/openclaw/openclaw/issues/61756). Thanks [@&#8203;DmitryPogodaev](https://redirect.github.com/DmitryPogodaev). - Gateway/secrets: include the caught error message in `secrets.reload` and `secrets.resolve` warning logs while keeping RPC errors generic, so operators can diagnose reload and permission failures. Thanks [@&#8203;davidangularme](https://redirect.github.com/davidangularme). - Providers/OpenRouter: fill DeepSeek V4 `reasoning_content` replay placeholders for `openrouter/deepseek/deepseek-v4-flash` and `openrouter/deepseek/deepseek-v4-pro`, so thinking/tool follow-up turns do not fail with DeepSeek's replay-shape error. Fixes [#&#8203;76018](https://redirect.github.com/openclaw/openclaw/issues/76018). Thanks [@&#8203;cloph-dsp](https://redirect.github.com/cloph-dsp). - Anthropic-compatible streams: recover text deltas that arrive before their matching content block, so Kimi Code and similar providers do not finish as empty `incomplete_result` replies. Fixes [#&#8203;76007](https://redirect.github.com/openclaw/openclaw/issues/76007). Thanks [@&#8203;vliuyt](https://redirect.github.com/vliuyt). - fix(infra): block workspace state-directory env override \[AI]. ([#&#8203;75940](https://redirect.github.com/openclaw/openclaw/issues/75940)) Thanks [@&#8203;pgondhi987](https://redirect.github.com/pgondhi987). - MCP/OpenAI: normalize parameter-free tool schemas whose top-level object `properties` is missing, null, or invalid before sending tools to OpenAI, so MCP tools without params stay usable. Fixes [#&#8203;75362](https://redirect.github.com/openclaw/openclaw/issues/75362). Thanks [@&#8203;tolkonepiu](https://redirect.github.com/tolkonepiu) and [@&#8203;SymbolStar](https://redirect.github.com/SymbolStar). - Control UI/WebChat: add server-side chat-draft microphone dictation via the existing audio transcription pipeline, avoiding browser Web Speech while keeping provider credentials on the Gateway. Fixes [#&#8203;47311](https://redirect.github.com/openclaw/openclaw/issues/47311). Thanks [@&#8203;jmomford](https://redirect.github.com/jmomford). - TTS: honor explicit short `[[tts:text]]...[[/tts:text]]` blocks while keeping untagged short auto-TTS suppressed, so tagged voice replies are synthesized instead of being dropped as empty voice-only payloads. Fixes [#&#8203;73758](https://redirect.github.com/openclaw/openclaw/issues/73758). Thanks [@&#8203;yfge](https://redirect.github.com/yfge). - Hooks/doctor: warn when `hooks.transformsDir` points outside the canonical hooks transform directory, so invalid workspace skill paths get a direct recovery hint before the Gateway crash-loops. Fixes [#&#8203;75853](https://redirect.github.com/openclaw/openclaw/issues/75853). Thanks [@&#8203;midobk](https://redirect.github.com/midobk). - Proxy/audio: convert standard `FormData` bodies before proxy-backed undici fetches, so audio transcription and multipart uploads no longer send `[object FormData]` when `HTTP_PROXY` or `HTTPS_PROXY` is configured. Fixes [#&#8203;48554](https://redirect.github.com/openclaw/openclaw/issues/48554). Thanks [@&#8203;dco5](https://redirect.github.com/dco5). - Discord: allow explicitly configured ack reactions in tool-only guild channels while keeping automatic lifecycle/status reactions suppressed. Fixes [#&#8203;74922](https://redirect.github.com/openclaw/openclaw/issues/74922). Thanks [@&#8203;samvilian](https://redirect.github.com/samvilian) and [@&#8203;BlueBirdBack](https://redirect.github.com/BlueBirdBack). - Discord: enable session-backed A2A announce target lookup so `sessions_send` uses the target session's `deliveryContext.accountId` or `lastAccountId` instead of falling back to the default bot in multi-account setups. Fixes [#&#8203;42652](https://redirect.github.com/openclaw/openclaw/issues/42652); refs [#&#8203;51626](https://redirect.github.com/openclaw/openclaw/issues/51626) and [#&#8203;44773](https://redirect.github.com/openclaw/openclaw/issues/44773); supersedes [#&#8203;73975](https://redirect.github.com/openclaw/openclaw/issues/73975). Thanks [@&#8203;irchelper](https://redirect.github.com/irchelper), [@&#8203;dpalfox](https://redirect.github.com/dpalfox), and [@&#8203;Lanfei](https://redirect.github.com/Lanfei). - Discord/setup: write resolved guild/channel allowlist selections to the selected guild and channel instead of falling back to the wildcard guild during setup. Supersedes [#&#8203;47788](https://redirect.github.com/openclaw/openclaw/issues/47788). Thanks [@&#8203;Eldersonar](https://redirect.github.com/Eldersonar). - Discord: treat abort-time Carbon reconnect-exhausted events as expected shutdown during stale-socket restarts, so health-monitor restarts no longer reject the monitor lifecycle. Carries forward [#&#8203;58216](https://redirect.github.com/openclaw/openclaw/issues/58216); supersedes [#&#8203;73949](https://redirect.github.com/openclaw/openclaw/issues/73949). Thanks [@&#8203;Perttulands](https://redirect.github.com/Perttulands). - Discord/native commands: return an explicit warning when slash command dispatch or direct plugin execution produces no visible reply instead of a success-style completion ack. Fixes [#&#8203;58986](https://redirect.github.com/openclaw/openclaw/issues/58986); supersedes [#&#8203;62057](https://redirect.github.com/openclaw/openclaw/issues/62057). Thanks [@&#8203;jb510](https://redirect.github.com/jb510). - Discord: keep typing indicators alive during long tool runs and auto-compaction while keepalive ticks continue, so active sessions do not appear stalled before the final reply. Thanks [@&#8203;Squirbie](https://redirect.github.com/Squirbie). - Discord: preserve multipart Content-Type headers for attachment uploads across REST fetch paths, so generated images and other media no longer fail delivery with `CONTENT_TYPE_INVALID`. Thanks [@&#8203;FunJim](https://redirect.github.com/FunJim). - Discord: preserve attachment and sticker filenames when saving inbound media, so agents can see human-readable file names instead of only UUID-based paths. Fixes [#&#8203;59744](https://redirect.github.com/openclaw/openclaw/issues/59744). Thanks [@&#8203;xela92](https://redirect.github.com/xela92) and [@&#8203;rockcent](https://redirect.github.com/rockcent). - Discord: preserve non-ASCII channel names in session display labels while keeping allowlist matching on the existing ASCII slug contract. Thanks [@&#8203;swjeong9](https://redirect.github.com/swjeong9). - Discord/PluralKit: canonicalize proxied webhook turns to the original Discord message id for inbound dedupe, while preserving the proxy message id for reply routing. Thanks [@&#8203;acgh213](https://redirect.github.com/acgh213). - Discord: only inject thread starter context on the first turn of the effective thread session, so follow-up thread replies do not repeat the starter block. Fixes [#&#8203;41355](https://redirect.github.com/openclaw/openclaw/issues/41355); supersedes [#&#8203;44447](https://redirect.github.com/openclaw/openclaw/issues/44447) and [#&#8203;44449](https://redirect.github.com/openclaw/openclaw/issues/44449). Thanks [@&#8203;p3nchan](https://redirect.github.com/p3nchan). - Discord: resolve thread `ownerId` and `parentId` from Discord API-style snake\_case payload fields, so bot-owned autoThreads do not require unnecessary mentions. Thanks [@&#8203;mgh3326](https://redirect.github.com/mgh3326). - Gateway/diagnostics: include a bounded redacted startup error message in stability bundles, so crash-loop reports identify the failing plugin or contract without exposing secrets. Refs [#&#8203;75797](https://redirect.github.com/openclaw/openclaw/issues/75797). Thanks [@&#8203;ymebosma](https://redirect.github.com/ymebosma). - Gateway/pricing: defer optional model pricing catalog refresh until after sidecars and channels reach the ready path, so slow OpenRouter or LiteLLM pricing fetches cannot block Gateway readiness. Fixes [#&#8203;74128](https://redirect.github.com/openclaw/openclaw/issues/74128); supersedes [#&#8203;73486](https://redirect.github.com/openclaw/openclaw/issues/73486). Thanks [@&#8203;ctbritt](https://redirect.github.com/ctbritt) and [@&#8203;alprclbi](https://redirect.github.com/alprclbi). - Gateway/pricing: abort in-flight model pricing catalog fetches when Gateway shutdown stops the refresh loop, and avoid post-stop cache writes or refresh timers. Fixes [#&#8203;72208](https://redirect.github.com/openclaw/openclaw/issues/72208). Thanks [@&#8203;rzcq](https://redirect.github.com/rzcq). - Codex/app-server: make startup retry cleanup ownership-aware so concurrent Codex lanes cannot close another lane's freshly restarted shared app-server client. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Google Meet/Twilio: report missing dial-in details during setup and explain that Twilio cannot join Meet URLs without a phone dial plan. - Google Meet/Twilio: start the phone leg before sending Meet PIN DTMF, delay intro speech until after the post-connect dial sequence, and log each stage so operators can tell Twilio-leg audio from Meet-room audio. - Voice Call: accept provider call IDs for gateway speak/continue requests and report ended-call state from history instead of returning a generic "Call not found" for stale calls. - Control UI/Talk: allow the OpenAI Realtime WebRTC offer endpoint through the Control UI CSP, configure browser sessions with explicit VAD/transcription input settings, and surface OpenAI realtime error/lifecycle events instead of leaving Talk stuck as live with no diagnostic. Fixes [#&#8203;73427](https://redirect.github.com/openclaw/openclaw/issues/73427). - Plugins: clarify config-selected duplicate plugin override diagnostics and document manifest schema updates for bundled-plugin forks. Fixes [#&#8203;8582](https://redirect.github.com/openclaw/openclaw/issues/8582). Thanks [@&#8203;sachah](https://redirect.github.com/sachah). - CLI backends/Claude: make live-session JSONL turn caps bounded and configurable via `reliability.outputLimits`, raising the default guard for tool-heavy Claude CLI turns while preserving memory limits. Fixes [#&#8203;75838](https://redirect.github.com/openclaw/openclaw/issues/75838). Thanks [@&#8203;hcordoba840](https://redirect.github.com/hcordoba840). - Telegram/DMs: keep incidental `message_thread_id` reply-with-quote metadata on the flat DM session by default while preserving opt-in DM topic isolation for configured topics, `dm.threadReplies`, and `direct.<chatId>.threadReplies`. Fixes [#&#8203;75975](https://redirect.github.com/openclaw/openclaw/issues/75975). Thanks [@&#8203;ProjectEvolutionEVE](https://redirect.github.com/ProjectEvolutionEVE). - Telegram/network: raise outbound text and typing Bot API request guards to 60 seconds, keep low grammY client timeouts from preempting those guards, let higher `timeoutSeconds` configs extend safe method guards, and retry timed-out typing indicators through the transport fallback without risking duplicate messages. Fixes [#&#8203;76013](https://redirect.github.com/openclaw/openclaw/issues/76013). Thanks [@&#8203;iaki1206](https://redirect.github.com/iaki1206). - Telegram/native commands: register and clear command menus in both default and group-chat scopes, so `/status` and plugin commands stay available in forum topics. Fixes [#&#8203;74032](https://redirect.github.com/openclaw/openclaw/issues/74032); updates [#&#8203;6457](https://redirect.github.com/openclaw/openclaw/issues/6457). Thanks [@&#8203;dae-sun](https://redirect.github.com/dae-sun) and [@&#8203;WouldenShyp](https://redirect.github.com/WouldenShyp). - Providers/OpenAI: resolve `keychain:<service>:<account>` `OPENAI_API_KEY` refs before creating OpenAI Realtime browser sessions or voice bridges, with a bounded cached Keychain lookup. Fixes [#&#8203;72120](https://redirect.github.com/openclaw/openclaw/issues/72120). Thanks [@&#8203;ctbritt](https://redirect.github.com/ctbritt). - Discord/gateway: reconnect when the gateway socket closes while waiting for the shared IDENTIFY concurrency window, instead of silently skipping IDENTIFY and leaving the bot online but unresponsive. Fixes [#&#8203;74617](https://redirect.github.com/openclaw/openclaw/issues/74617). Thanks [@&#8203;zeeskdr-ai](https://redirect.github.com/zeeskdr-ai). - Voice Call: add `sessionScope: "per-call"` for fresh per-call agent memory while preserving the default per-phone caller history. Fixes [#&#8203;45280](https://redirect.github.com/openclaw/openclaw/issues/45280). Thanks [@&#8203;pondcountry](https://redirect.github.com/pondcountry). - Music generation: raise too-small tool timeouts to the provider-safe 10-second floor and collapse cascading abort fallback errors into a clearer root-cause summary. Thanks [@&#8203;shakkernerd](https://redirect.github.com/shakkernerd). - Memory-core/dreaming: include the primary runtime workspace in multi-agent dreaming sweeps without mixing main-agent session transcripts into configured subagent workspaces. Fixes [#&#8203;70014](https://redirect.github.com/openclaw/openclaw/issues/70014). Thanks [@&#8203;ttomiczek](https://redirect.github.com/ttomiczek). - Control UI: add tab/RPC timing attribution and decouple slow Overview/Cron secondary refreshes so Sessions navigation gets immediate visible feedback. Refs [#&#8203;64004](https://redirect.github.com/openclaw/openclaw/issues/64004). Thanks [@&#8203;WaMaSeDu](https://redirect.github.com/WaMaSeDu). - Memory: retry transient SQLite index file swaps during atomic reindex on Windows, so brief `EBUSY`, `EPERM`, or `EACCES` locks do not fail memory rebuilds. Fixes [#&#8203;64187](https://redirect.github.com/openclaw/openclaw/issues/64187). Thanks [@&#8203;kunpeng-ai-lab](https://redirect.github.com/kunpeng-ai-lab). - Telegram/startup: use the existing `getMe` request guard for the gateway bot probe instead of a fixed 2.5-second budget, and honor higher `timeoutSeconds` configs for slow Telegram API paths. Fixes [#&#8203;75783](https://redirect.github.com/openclaw/openclaw/issues/75783). Thanks [@&#8203;tankotan](https://redirect.github.com/tankotan). - Telegram/models: make model picker confirmations say selections are session-scoped and do not change the agent's persistent default. Fixes [#&#8203;75965](https://redirect.github.com/openclaw/openclaw/issues/75965). Thanks [@&#8203;sd1114820](https://redirect.github.com/sd1114820). - Control UI/slash commands: keep fallback command metadata on a browser-safe registry path, so provider thinking runtime imports cannot blank the Web UI with `process is not defined`. Fixes [#&#8203;75987](https://redirect.github.com/openclaw/openclaw/issues/75987). Thanks [@&#8203;novkien](https://redirect.github.com/novkien). - Heartbeat/Discord: keep async exec completion events out of the generic `System (untrusted)` prompt block and let the dedicated exec heartbeat prompt handle them, so Discord no longer receives raw exec failure tails as separate system-style messages. Fixes [#&#8203;66366](https://redirect.github.com/openclaw/openclaw/issues/66366). Thanks [@&#8203;Promee-ThaBossHoss](https://redirect.github.com/Promee-ThaBossHoss). - Channels: strip plain-text MiniMax and XML tool-call scaffolding from shared user-facing reply sanitization, so messaging channels do not deliver raw model tool syntax when a provider emits it as text instead of structured tool calls. Fixes [#&#8203;62820](https://redirect.github.com/openclaw/openclaw/issues/62820). Thanks [@&#8203;canh0chua](https://redirect.github.com/canh0chua). - Infer/media: report missing image-understanding and audio-transcription provider configuration for `image describe`, `image describe-many`, and `audio transcribe` instead of blaming the input path when no provider is available. Fixes [#&#8203;73569](https://redirect.github.com/openclaw/openclaw/issues/73569) and supersedes [#&#8203;73593](https://redirect.github.com/openclaw/openclaw/issues/73593), [#&#8203;74288](https://redirect.github.com/openclaw/openclaw/issues/74288), and [#&#8203;74495](https://redirect.github.com/openclaw/openclaw/issues/74495). Thanks [@&#8203;bittoby](https://redirect.github.com/bittoby), [@&#8203;tmimmanuel](https://redirect.github.com/tmimmanuel), [@&#8203;Linux2010](https://redirect.github.com/Linux2010), and [@&#8203;vyctorbrzezowski](https://redirect.github.com/vyctorbrzezowski). - Docs/health: clarify that session listing surfaces stored conversation rows rather than Discord/channel socket liveness, and point connectivity checks at channel status and health probes. Fixes [#&#8203;70420](https://redirect.github.com/openclaw/openclaw/issues/70420). Thanks [@&#8203;ashersoutherncities-art](https://redirect.github.com/ashersoutherncities-art) and [@&#8203;martingarramon](https://redirect.github.com/martingarramon). - WhatsApp/Cron: keep DM pairing-store approvals out of implicit cron and heartbeat recipient fallback, so scheduled automation only uses explicit targets, active configured recipients, or configured `allowFrom` entries. Fixes [#&#8203;62339](https://redirect.github.com/openclaw/openclaw/issues/62339). Thanks [@&#8203;kelvinisly-collab](https://redirect.github.com/kelvinisly-collab). - Google Meet: keep the agent-facing `google_meet` tool visible on non-macOS hosts but block local Chrome realtime actions with guidance, so Linux agents can still use transcribe, Twilio, chrome-node, and artifact flows without choosing the macOS-only BlackHole path. Refs [#&#8203;75950](https://redirect.github.com/openclaw/openclaw/issues/75950). Thanks [@&#8203;actual-software-inc](https://redirect.github.com/actual-software-inc). - macOS/settings: keep opening General from rewriting `openclaw.json` during Tailscale settings hydration, preserving `gateway`, `auth`, `meta`, and `wizard` until the user changes a setting. Fixes [#&#8203;59545](https://redirect.github.com/openclaw/openclaw/issues/59545). Thanks [@&#8203;Tengdw](https://redirect.github.com/Tengdw). - Discord: prioritize interaction callbacks ahead of stale background REST work without polling active REST buckets, validate oversized gateway payloads and member-intent requests before send, and forward explicit component payloads from message actions. ([#&#8203;75363](https://redirect.github.com/openclaw/openclaw/issues/75363)) - Active Memory: use the configured recall timeout as the blocking prompt-build hook budget by default and move cold-start setup grace behind explicit `setupGraceTimeoutMs` config, so the plugin no longer silently extends 15000 ms configs to 45000 ms on the main lane. Fixes [#&#8203;75843](https://redirect.github.com/openclaw/openclaw/issues/75843). Thanks [@&#8203;vishutdhar](https://redirect.github.com/vishutdhar). - Plugins/web-provider: reuse the active gateway plugin registry for runtime web provider resolution after deriving the same candidate plugin ids as the loader path, avoiding a redundant `loadOpenClawPlugins` call on every request while preserving origin and scope filters. Fixes [#&#8203;75513](https://redirect.github.com/openclaw/openclaw/issues/75513). Thanks [@&#8203;jochen](https://redirect.github.com/jochen). - Crestodian/CLI: exit non-zero when interactive Crestodian is invoked without a TTY, so scripts and CI no longer treat the setup error as success. Fixes [#&#8203;73646](https://redirect.github.com/openclaw/openclaw/issues/73646) and supersedes [#&#8203;73928](https://redirect.github.com/openclaw/openclaw/issues/73928) and [#&#8203;74059](https://redirect.github.com/openclaw/openclaw/issues/74059). Thanks [@&#8203;bittoby](https://redirect.github.com/bittoby), [@&#8203;luyao618](https://redirect.github.com/luyao618), and [@&#8203;Linux2010](https://redirect.github.com/Linux2010). - Cron: keep implicit/default isolated cron announce deliveries out of the main session awareness queue, so isolated jobs do not accumulate in the main conversation. Fixes [#&#8203;61426](https://redirect.github.com/openclaw/openclaw/issues/61426). Thanks [@&#8203;Lihannon](https://redirect.github.com/Lihannon). - Subagents: avoid duplicate parent-visible replies when a parent uses `sessions_send` on its own persistent native subagent session, while preserving announce delivery for async sends. Fixes [#&#8203;73550](https://redirect.github.com/openclaw/openclaw/issues/73550). Thanks [@&#8203;sylviazhang2006-design](https://redirect.github.com/sylviazhang2006-design). - Web search/Brave: add opt-in `brave.http` diagnostics for Brave request URLs/query params, response status/timing, and cache hit/miss/write events without logging API keys or response bodies. Fixes [#&#8203;55196](https://redirect.github.com/openclaw/openclaw/issues/55196). Thanks [@&#8203;mecampbellsoup](https://redirect.github.com/mecampbellsoup). - Web search/Brave: add `plugins.entries.brave.config.webSearch.baseUrl` for Brave-compatible proxies, including endpoint-aware cache keys for both web and LLM Context modes. Fixes [#&#8203;19075](https://redirect.github.com/openclaw/openclaw/issues/19075). Thanks [@&#8203;jkoprax](https://redirect.github.com/jkoprax) and [@&#8203;vishnukool](https://redirect.github.com/vishnukool). - Web search/config: validate explicit `tools.web.search.provider` values against bundled and installed plugin manifests, while warning for stale third-party plugin config. Fixes [#&#8203;53092](https://redirect.github.com/openclaw/openclaw/issues/53092). Thanks [@&#8203;TinyTb](https://redirect.github.com/TinyTb). - Web search/SearXNG: retry empty non-general category searches once with the general category, so unsupported category engines do not return empty results when general search has matches. Fixes [#&#8203;73552](https://redirect.github.com/openclaw/openclaw/issues/73552). Thanks [@&#8203;Loukky](https://redirect.github.com/Loukky). - CLI/message: skip gateway-stop hooks for read-only `message read` and bound stop-hook shutdown for other message actions, so one-shot Discord reads cannot hang behind plugin lifecycle cleanup. - Plugins/web-provider: cache repeated bundled web search and web fetch provider registry loads by default while preserving explicit cache opt-outs. Supersedes [#&#8203;75992](https://redirect.github.com/openclaw/openclaw/issues/75992). Thanks [@&#8203;DmitryPogodaev](https://redirect.github.com/DmitryPogodaev). - Agents/sandbox: preserve existing workspace file modes when sandbox edits atomically replace files, so 0644 files do not collapse to 0600 after Write/Edit/apply\_patch. Fixes [#&#8203;44077](https://redirect.github.com/openclaw/openclaw/issues/44077). Thanks [@&#8203;patosullivan](https://redirect.github.com/patosullivan). - Control UI/WebChat: route typed `/new` through the New Chat dashboard-session creation flow instead of `chat.send`, while keeping `/reset` as the explicit current-session reset. Fixes [#&#8203;69599](https://redirect.github.com/openclaw/openclaw/issues/69599). Thanks [@&#8203;WolvenRA](https://redirect.github.com/WolvenRA). - Agents/models: keep legacy CLI runtime model refs such as `claude-cli/*` in the configured allowlist after canonical runtime migration, so cron `payload.model` overrides keep working. Fixes [#&#8203;75753](https://redirect.github.com/openclaw/openclaw/issues/75753). Thanks [@&#8203;RyanSandoval](https://redirect.github.com/RyanSandoval). - Codex/app-server: restart the shared Codex app-server client once when it closes during startup thread resume, preserving the existing thread binding instead of retrying `thread/start` on a closed client. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway/watch: keep colored subsystem log prefixes in the managed tmux pane even when the parent shell exports `NO_COLOR`, while preserving explicit `FORCE_COLOR=0` opt-out. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Agents/compaction: submit a non-empty runtime-event marker for pre-compaction memory flush turns, so strict Anthropic providers no longer reject the silent flush as an empty user message. Fixes [#&#8203;75305](https://redirect.github.com/openclaw/openclaw/issues/75305). Thanks [@&#8203;sableassistant3777-source](https://redirect.github.com/sableassistant3777-source). - Plugin SDK: re-export `isPrivateIpAddress` from `plugin-sdk/ssrf-runtime`, restoring source-checkout builds for SearXNG and Firecrawl private-network guards. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Discord/message actions: advertise `upload-file` and route it through Discord's send runtime with agent-scoped media reads, so agents can discover and send file attachments. Fixes [#&#8203;60652](https://redirect.github.com/openclaw/openclaw/issues/60652) and supersedes [#&#8203;60808](https://redirect.github.com/openclaw/openclaw/issues/60808), [#&#8203;61087](https://redirect.github.com/openclaw/openclaw/issues/61087), and [#&#8203;61100](https://redirect.github.com/openclaw/openclaw/issues/61100). Thanks [@&#8203;claw-io](https://redirect.github.com/claw-io), [@&#8203;efe-arv](https://redirect.github.com/efe-arv), [@&#8203;joelnishanth](https://redirect.github.com/joelnishanth), and [@&#8203;sjhddh](https://redirect.github.com/sjhddh). - Sessions: suppress exact inter-session control replies such as `NO_REPLY` and keep agent-to-agent announce bookkeeping out of visible transcripts. Fixes [#&#8203;53145](https://redirect.github.com/openclaw/openclaw/issues/53145). Thanks [@&#8203;TarahAssistant](https://redirect.github.com/TarahAssistant). - CLI/directory: report unsupported directory operations for installed channel plugins instead of prompting to reinstall the plugin when it lacks a directory adapter. Fixes [#&#8203;75770](https://redirect.github.com/openclaw/openclaw/issues/75770). Thanks [@&#8203;lawong888](https://redirect.github.com/lawong888). - Web search/SearXNG: show the JSON API `search.formats` prerequisite during SearXNG setup before prompting for the base URL. Supersedes [#&#8203;65592](https://redirect.github.com/openclaw/openclaw/issues/65592). Thanks [@&#8203;evanpaul14](https://redirect.github.com/evanpaul14). - Web search/SearXNG: pass through `img_src` image URLs from SearXNG image-category results. Supersedes [#&#8203;61416](https://redirect.github.com/openclaw/openclaw/issues/61416). Thanks [@&#8203;sghael](https://redirect.github.com/sghael). - Web search/Kimi: fail explicitly when Moonshot returns an ungrounded chat answer instead of native web-search evidence, so Kimi no longer reports generic fallback text as a successful search. Fixes [#&#8203;52573](https://redirect.github.com/openclaw/openclaw/issues/52573). Thanks [@&#8203;wangwllu](https://redirect.github.com/wangwllu). - Web search: keep public provider requests on the strict SSRF guard and reserve private-network access for explicit self-hosted SearXNG/Firecrawl endpoints. Fixes [#&#8203;74357](https://redirect.github.com/openclaw/openclaw/issues/74357) and supersedes [#&#8203;74360](https://redirect.github.com/openclaw/openclaw/issues/74360). Thanks [@&#8203;fede-kamel](https://redirect.github.com/fede-kamel). - Firecrawl: reject private, loopback, metadata, and non-HTTP(S) `firecrawl_scrape` target URLs before forwarding them to Firecrawl. Supersedes [#&#8203;48133](https://redirect.github.com/openclaw/openclaw/issues/48133). Thanks [@&#8203;kn1ghtc](https://redirect.github.com/kn1ghtc). - Web search/Firecrawl: allow self-hosted private/internal Firecrawl `baseUrl` endpoints, including HTTP for private targets, while keeping hosted Firecrawl on the strict official endpoint. Fixes [#&#8203;63877](https://redirect.github.com/openclaw/openclaw/issues/63877) and supersedes [#&#8203;59666](https://redirect.github.com/openclaw/openclaw/issues/59666), [#&#8203;63941](https://redirect.github.com/openclaw/openclaw/issues/63941), and [#&#8203;74013](https://redirect.github.com/openclaw/openclaw/issues/74013). Thanks [@&#8203;jhthompson12](https://redirect.github.com/jhthompson12), [@&#8203;jzakirov](https://redirect.github.com/jzakirov), [@&#8203;Mlightsnow](https://redirect.github.com/Mlightsnow), and [@&#8203;shad0wca7](https://redirect.github.com/shad0wca7). - CLI/models: report gateway model fallback attempts in `infer model run --json` and avoid double-prefixing provider-qualified defaults such as `openrouter/auto` in `models status`. Partially fixes [#&#8203;69527](https://redirect.github.com/openclaw/openclaw/issues/69527). Thanks [@&#8203;alexifra](https://redirect.github.com/alexifra). - Providers/OpenRouter: strip trailing assistant prefill turns from verified OpenRouter Anthropic model requests when reasoning is enabled, so Claude 4.6 routes no longer fail with Anthropic's prefill rejection through the OpenAI-compatible adapter. Fixes [#&#8203;75395](https://redirect.github.com/openclaw/openclaw/issues/75395). Thanks [@&#8203;sbmilburn](https://redirect.github.com/sbmilburn). - Voice Call: add per-number inbound routing for dialed-number greetings, response agents/models/prompts, and TTS voice overrides. Fixes [#&#8203;56604](https://redirect.github.com/openclaw/openclaw/issues/56604). Thanks [@&#8203;healthstatus](https://redirect.github.com/healthstatus). - Feishu: preserve Feishu/Lark HTTP error bodies for message sends, media sends, and chat member lookups, so HTTP 400 failures include vendor code, message, log id, and troubleshooter details. Fixes [#&#8203;73860](https://redirect.github.com/openclaw/openclaw/issues/73860). Thanks [@&#8203;desksk](https://redirect.github.com/desksk). - Agents/transcripts: avoid reopening large Pi transcript files through the synchronous session manager for maintenance rewrites, persisted tool-result truncation, manual compaction boundary hardening, and queued compaction rotation. Thanks [@&#8203;mariozechner](https://redirect.github.com/mariozechner). - Web search/Exa: accept `plugins.entries.exa.config.webSearch.baseUrl`, normalize it to the Exa `/search` endpoint, and partition cached results by endpoint. Fixes [#&#8203;54928](https://redirect.github.com/openclaw/openclaw/issues/54928) and supersedes [#&#8203;54939](https://redirect.github.com/openclaw/openclaw/issues/54939). Thanks [@&#8203;mrpl327](https://redirect.github.com/mrpl327) and [@&#8203;lyfuci](https://redirect.github.com/lyfuci). - Web search/MiniMax: include MiniMax Search in the web-search setup flow and let `MINIMAX_API_KEY` participate in MiniMax Search auto-detection. Supersedes [#&#8203;65828](https://redirect.github.com/openclaw/openclaw/issues/65828). Thanks [@&#8203;Jah-yee](https://redirect.github.com/Jah-yee). - Plugins/ClawHub: preserve official source-linked trust through archive installs, so OpenClaw can install trusted ClawHub plugin packages that trigger the built-in dangerous-pattern scanner. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/ClawHub: install package runtime dependencies for archive-backed plugin installs, so ClawHub packages such as WhatsApp load declared dependencies after download. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/tools: cache repeated plugin tool factory results only for matching request context, reducing per-turn tool prep without leaking sandbox, session, browser, delivery, or runtime config state. Fixes [#&#8203;75956](https://redirect.github.com/openclaw/openclaw/issues/75956). Thanks [@&#8203;Linux2010](https://redirect.github.com/Linux2010). - Providers/LM Studio: allow `models.providers.lmstudio.params.preload: false` to skip OpenClaw's native model-load call so LM Studio JIT loading, idle TTL, and auto-evict can own model lifecycle. Fixes [#&#8203;75921](https://redirect.github.com/openclaw/openclaw/issues/75921). Thanks [@&#8203;garyd9](https://redirect.github.com/garyd9). - Agents/transcripts: keep chat history, restart recovery, fork token checks, and stale-token compaction checks on bounded async transcript reads or cached async indexes instead of reparsing </details> --- ### Configuration 📅 **Schedule**: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My43Ni4yIiwidXBkYXRlZEluVmVyIjoiNDMuNzYuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
les_clankeurs/openclaw-image-2!27
No description provided.