chore(deps): update ghcr.io/openclaw/openclaw docker tag to v2026.5.2 #27
No reviewers
Labels
No labels
bug
documentation
duplicate
enhancement
good first issue
help wanted
invalid
question
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
les_clankeurs/openclaw-image-2!27
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "renovate/docker-images"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
2026.4.29→2026.5.2Release Notes
openclaw/openclaw (ghcr.io/openclaw/openclaw)
v2026.5.2Compare Source
Highlights
Changes
clawhub:installs on ClawHub and bare package installs on npm for the launch cutover. Thanks @vincentkoc.path.resolveandpath.relativework in hot filesystem walkers. Refs #75895, #75575, and #68782. Thanks @Enderfga.api.registerTool(...)so repeated prompt-time planning can skip plugin runtime loading while execution still loads the live plugin tool. (#76079) Thanks @shakkernerd.openai/gpt-*withagentRuntime.id: "codex"for native Codex runtime, whileopenai-codex/*remains the PI OAuth route. Thanks @pashpashpash.extensions/*pnpm workspace tree in source checkouts, so plugin-local dependencies and edits are used directly while packaged installs keep using the built runtime tree. Thanks @vincentkoc.@openclaw/acpxpackage so packaged installs keep ACP harness adapter binaries out of core until the ACP backend is installed. Thanks @vincentkoc.@openclaw/diagnostics-otelpackage so packaged installs keep the OTEL dependency stack out of core until the plugin is installed. Thanks @vincentkoc.2026.5.1-beta.2npm and ClawHub publishing, and keep publishable plugin dist trees out of the core npm package. Thanks @vincentkoc.2026.5.1-beta.2npm and ClawHub publishing. Thanks @vincentkoc.2026.5.1-beta.1npm and ClawHub publishing. Thanks @vincentkoc.2026.5.1-beta.1npm and ClawHub publishing. Thanks @vincentkoc.accessTypeandentryPointAccess, and addgooglemeet end-active-conferencefor closing managed spaces after a call. (#74824) Thanks @BsnizND.googlemeet test-listenand the matchinggoogle_meettest_listenaction so transcribe-mode joins wait for real caption or transcript movement before reporting listen-first health. Refs #72478. Thanks @DougButdorf.threadBindings.spawnSessions, default thread-bound spawns on, and letopenclaw doctor --fixmigrate the legacy keys. (#75943)extraBody/extra_bodypassthrough for OpenAI-compatible TTS endpoints, so custom speech servers can receive fields such aslangin/audio/speechrequests. Fixes #39900. Thanks @R3NK0R.accessGroup:<name>across channel auth paths. (#75813)pnpm crabbox:*commands, and reject stale binaries that lackblacksmith-testboxprovider support.Fixes
distchunks and from the@openai/codexpackage bin when installs do not provide a nearby.bin/codexshim, avoiding false missing-binary startup failures.clawhub:specs until ClawHub pack readiness is deployed. Thanks @vincentkoc.extensions/*workspace while using npm package excludes as the packaged-core boundary, removing the stale core-bundle metadata path..tgzresolver path and persist artifact kind, npm integrity, shasum, and tarball metadata for update and diagnostics flows. Thanks @vincentkoc.gateway.controlUi.chatMessageMaxWidthsetting instead of patching bundled CSS after upgrades. Fixes #67935. Thanks @xiew4589-lang.sessions.listpolling responsive on large session stores by reusing list-safe session cache/indexes and returning a lightweight compaction checkpoint preview instead of heavyweight summaries. Thanks @rolandrscheel.meta.lastTouchedVersion, installing actively used downloadable OpenClaw plugins through the configured external source before marking the config touched for the release.session.writeLock.acquireTimeoutMspolicy for session transcript lock acquisitions and raise the default wait to 60 seconds, avoiding user-visible lock timeouts during legitimate slow prep, cleanup, compaction, and mirror work. Fixes #75894. Thanks @shandutta./codex bindworks from Telegram forum topics. Refs #75845 and #76049. Thanks @MatthewSchleder..openclaw-install-backupsafter plugin updates. Fixes #75456./status@botroute to the active non-mainsession instead of falling back to the default route. Fixes #75405; supersedes #75558. Thanks @ziptbm and @yfge.structuredClone, preserving mutation isolation while avoiding native-memory growth on large stores. Fixes #45438. Thanks @markus-lassfolk.openclaw models list --provider <id>catalog and registry fallback rows for unconfigured providers, so provider-specific verification commands no longer report "No models found." Fixes #75517; supersedes #75615. Thanks @lotsoftick and @koshaji.sessions.jsonrereads and JSON clones on hot metadata updates. Refs #68554. Thanks @henkterharmsel./modelacknowledgements for non-default selections as session-scoped. Thanks @addu2612..mdsuffix during broken-wikilink validation, avoiding false positives for native render-mode links. Thanks @Kenneth8128.secrets.reloadandsecrets.resolvewarning logs while keeping RPC errors generic, so operators can diagnose reload and permission failures. Thanks @davidangularme.reasoning_contentreplay placeholders foropenrouter/deepseek/deepseek-v4-flashandopenrouter/deepseek/deepseek-v4-pro, so thinking/tool follow-up turns do not fail with DeepSeek's replay-shape error. Fixes #76018. Thanks @cloph-dsp.incomplete_resultreplies. Fixes #76007. Thanks @vliuyt.propertiesis missing, null, or invalid before sending tools to OpenAI, so MCP tools without params stay usable. Fixes #75362. Thanks @tolkonepiu and @SymbolStar.[[tts:text]]...[[/tts:text]]blocks while keeping untagged short auto-TTS suppressed, so tagged voice replies are synthesized instead of being dropped as empty voice-only payloads. Fixes #73758. Thanks @yfge.hooks.transformsDirpoints outside the canonical hooks transform directory, so invalid workspace skill paths get a direct recovery hint before the Gateway crash-loops. Fixes #75853. Thanks @midobk.FormDatabodies before proxy-backed undici fetches, so audio transcription and multipart uploads no longer send[object FormData]whenHTTP_PROXYorHTTPS_PROXYis configured. Fixes #48554. Thanks @dco5.sessions_senduses the target session'sdeliveryContext.accountIdorlastAccountIdinstead of falling back to the default bot in multi-account setups. Fixes #42652; refs #51626 and #44773; supersedes #73975. Thanks @irchelper, @dpalfox, and @Lanfei.CONTENT_TYPE_INVALID. Thanks @FunJim.ownerIdandparentIdfrom Discord API-style snake_case payload fields, so bot-owned autoThreads do not require unnecessary mentions. Thanks @mgh3326.reliability.outputLimits, raising the default guard for tool-heavy Claude CLI turns while preserving memory limits. Fixes #75838. Thanks @hcordoba840.message_thread_idreply-with-quote metadata on the flat DM session by default while preserving opt-in DM topic isolation for configured topics,dm.threadReplies, anddirect.<chatId>.threadReplies. Fixes #75975. Thanks @ProjectEvolutionEVE.timeoutSecondsconfigs extend safe method guards, and retry timed-out typing indicators through the transport fallback without risking duplicate messages. Fixes #76013. Thanks @iaki1206./statusand plugin commands stay available in forum topics. Fixes #74032; updates #6457. Thanks @dae-sun and @WouldenShyp.keychain:<service>:<account>OPENAI_API_KEYrefs before creating OpenAI Realtime browser sessions or voice bridges, with a bounded cached Keychain lookup. Fixes #72120. Thanks @ctbritt.sessionScope: "per-call"for fresh per-call agent memory while preserving the default per-phone caller history. Fixes #45280. Thanks @pondcountry.EBUSY,EPERM, orEACCESlocks do not fail memory rebuilds. Fixes #64187. Thanks @kunpeng-ai-lab.getMerequest guard for the gateway bot probe instead of a fixed 2.5-second budget, and honor highertimeoutSecondsconfigs for slow Telegram API paths. Fixes #75783. Thanks @tankotan.process is not defined. Fixes #75987. Thanks @novkien.System (untrusted)prompt block and let the dedicated exec heartbeat prompt handle them, so Discord no longer receives raw exec failure tails as separate system-style messages. Fixes #66366. Thanks @Promee-ThaBossHoss.image describe,image describe-many, andaudio transcribeinstead of blaming the input path when no provider is available. Fixes #73569 and supersedes #73593, #74288, and #74495. Thanks @bittoby, @tmimmanuel, @Linux2010, and @vyctorbrzezowski.allowFromentries. Fixes #62339. Thanks @kelvinisly-collab.google_meettool visible on non-macOS hosts but block local Chrome realtime actions with guidance, so Linux agents can still use transcribe, Twilio, chrome-node, and artifact flows without choosing the macOS-only BlackHole path. Refs #75950. Thanks @actual-software-inc.openclaw.jsonduring Tailscale settings hydration, preservinggateway,auth,meta, andwizarduntil the user changes a setting. Fixes #59545. Thanks @Tengdw.setupGraceTimeoutMsconfig, so the plugin no longer silently extends 15000 ms configs to 45000 ms on the main lane. Fixes #75843. Thanks @vishutdhar.loadOpenClawPluginscall on every request while preserving origin and scope filters. Fixes #75513. Thanks @jochen.sessions_sendon its own persistent native subagent session, while preserving announce delivery for async sends. Fixes #73550. Thanks @sylviazhang2006-design.brave.httpdiagnostics for Brave request URLs/query params, response status/timing, and cache hit/miss/write events without logging API keys or response bodies. Fixes #55196. Thanks @mecampbellsoup.plugins.entries.brave.config.webSearch.baseUrlfor Brave-compatible proxies, including endpoint-aware cache keys for both web and LLM Context modes. Fixes #19075. Thanks @jkoprax and @vishnukool.tools.web.search.providervalues against bundled and installed plugin manifests, while warning for stale third-party plugin config. Fixes #53092. Thanks @TinyTb.message readand bound stop-hook shutdown for other message actions, so one-shot Discord reads cannot hang behind plugin lifecycle cleanup./newthrough the New Chat dashboard-session creation flow instead ofchat.send, while keeping/resetas the explicit current-session reset. Fixes #69599. Thanks @WolvenRA.claude-cli/*in the configured allowlist after canonical runtime migration, so cronpayload.modeloverrides keep working. Fixes #75753. Thanks @RyanSandoval.thread/starton a closed client. Thanks @vincentkoc.NO_COLOR, while preserving explicitFORCE_COLOR=0opt-out. Thanks @vincentkoc.isPrivateIpAddressfromplugin-sdk/ssrf-runtime, restoring source-checkout builds for SearXNG and Firecrawl private-network guards. Thanks @vincentkoc.upload-fileand route it through Discord's send runtime with agent-scoped media reads, so agents can discover and send file attachments. Fixes #60652 and supersedes #60808, #61087, and #61100. Thanks @claw-io, @efe-arv, @joelnishanth, and @sjhddh.NO_REPLYand keep agent-to-agent announce bookkeeping out of visible transcripts. Fixes #53145. Thanks @TarahAssistant.search.formatsprerequisite during SearXNG setup before prompting for the base URL. Supersedes #65592. Thanks @evanpaul14.img_srcimage URLs from SearXNG image-category results. Supersedes #61416. Thanks @sghael.firecrawl_scrapetarget URLs before forwarding them to Firecrawl. Supersedes #48133. Thanks @kn1ghtc.baseUrlendpoints, including HTTP for private targets, while keeping hosted Firecrawl on the strict official endpoint. Fixes #63877 and supersedes #59666, #63941, and #74013. Thanks @jhthompson12, @jzakirov, @Mlightsnow, and @shad0wca7.infer model run --jsonand avoid double-prefixing provider-qualified defaults such asopenrouter/autoinmodels status. Partially fixes #69527. Thanks @alexifra.plugins.entries.exa.config.webSearch.baseUrl, normalize it to the Exa/searchendpoint, and partition cached results by endpoint. Fixes #54928 and supersedes #54939. Thanks @mrpl327 and @lyfuci.MINIMAX_API_KEYparticipate in MiniMax Search auto-detection. Supersedes #65828. Thanks @Jah-yee.models.providers.lmstudio.params.preload: falseto skip OpenClaw's native model-load call so LM Studio JIT loading, idle TTL, and auto-evict can own model lifecycle. Fixes #75921. Thanks @garyd9.Configuration
📅 Schedule: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.