chore(deps): update ghcr.io/openclaw/openclaw docker tag to v2026.5.6 #29

Merged
notarock-s-renovate[bot] merged 1 commit from renovate/docker-images into main 2026-05-07 18:02:50 +00:00
notarock-s-renovate[bot] commented 2026-05-05 09:06:26 +00:00 (Migrated from github.com)

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
ghcr.io/openclaw/openclaw (source) final patch 2026.5.32026.5.6

Release Notes

openclaw/openclaw (ghcr.io/openclaw/openclaw)

v2026.5.6: openclaw 2026.5.6

Compare Source

2026.5.6

Fixes
  • Doctor/OpenAI Codex: revert the 2026.5.5 doctor --fix repair that rewrote valid openai-codex/* ChatGPT/Codex OAuth routes to openai/*, which could break OAuth-only GPT-5.5 setups or accidentally move users onto the OpenAI API-key route. If 2026.5.5 already changed your default model, run openclaw models set openai-codex/gpt-5.5 && openclaw config validate to switch the default agent back to the Codex OAuth PI route. Fixes #​78407.
  • Plugins/runtime fetch: drop third-party symbol metadata from plain request header dictionaries before passing them into native fetch or Headers, so SDK and guarded/proxy fetch paths do not reject otherwise valid plugin requests. Fixes #​77846. Thanks @​shakkernerd.
  • Debug proxy: normalize captured fetch header dictionaries before replaying requests so symbol metadata from caller-owned header objects cannot make debug-proxy fetches fail.
  • Web fetch: bound guarded dispatcher cleanup after request timeouts so timed-out fetches return tool errors instead of leaving Gateway tool lanes active. (#​78439) Thanks @​obviyus.

Recovery docs: https://docs.openclaw.ai/providers/openai#check-and-recover-codex-oauth-routing

v2026.5.5: openclaw 2026.5.5

Compare Source

2026.5.5

Fixes
  • Feishu: hydrate missing native topic starter thread IDs before session routing so first turns and follow-ups stay in the same topic session. Fixes #​78262. Thanks @​joeyzenghuan.
  • LINE: reject dmPolicy: "open" configs without wildcard allowFrom so webhook DMs fail validation instead of being acknowledged and silently blocked before inbound processing. Fixes #​78316.
  • Telegram/Codex: keep message-tool-only progress drafts visible and render native Codex tool progress once per tool instead of duplicating item/tool draft lines. Fixes #​75641. (#​77949)
  • Providers/xAI: stop sending OpenAI-style reasoning effort controls to native Grok Responses models, so xai/grok-4.3 no longer fails live Docker/Gateway runs with Invalid reasoning effort.
  • Providers/xAI: clamp the bundled xAI thinking profile to off so live Gateway runs cannot send unsupported reasoning levels to native Grok Responses models.
  • Matrix/approvals: retry approval delivery up to 3 times with a short backoff so transient Matrix send failures do not strand pending approval prompts. (#​78179) Thanks @​Patrick-Erichsen.
  • Discord/gateway: measure heartbeat ACK timeouts from the actual heartbeat send, preventing late initial heartbeats from triggering false reconnect loops while the channel is still awaiting readiness. Fixes #​77668. (#​78087) Thanks @​bryce-d-greybeard and @​NikolaFC.
  • Discord/guilds: route plain text control commands such as /steer through the normal authorization and mention gate instead of silently dropping them before an agent session can see them. Fixes #​78080. Thanks @​ramitrkar-hash.
  • Control UI/Sessions: make the compaction count a compact N Checkpoint(s) disclosure and show expanded session-level details with modern checkpoint history cards across responsive table layouts. Thanks @​BunsDev.
  • Control UI/performance: keep chat and channel tabs responsive while history payloads and channel probes are slow, label partial channel status, and record slow chat/config render timings in the event log. Thanks @​BunsDev.
  • Control UI/sessions: fire the documented /new command and lifecycle hooks only for explicit Control UI session creation, restoring session-memory and custom hook capture without changing SDK parent-session creates. Fixes #​76957. Thanks @​BunsDev.
  • Exec approvals: fall back to a guarded copy when Windows rejects rename-overwrite for exec-approvals.json, while preserving symlink, hard-link, and owner-only permission safeguards. Fixes #​77785. (#​77907) Thanks @​Alex-Alaniz and @​MilleniumGenAI.
  • Slack: preserve Socket Mode SDK error context and structured Slack API fields in reconnect logs, so startup failures no longer collapse to a bare unknown error.
  • iOS pairing: allow setup-code and manual ws:// connects for private LAN and .local gateways while keeping Tailscale/public routes on wss://, and prefer explicit gateway passwords over stale bootstrap tokens in mixed-auth reconnects. Fixes #​47887; carries forward #​65185. Thanks @​draix and @​BunsDev.
  • Plugins/diagnostics: make source-only TypeScript package warnings actionable by explaining that missing compiled runtime output is a publisher packaging issue and pointing users to update/reinstall or disable/uninstall the plugin. Fixes #​77835. Thanks @​googlerest.
  • Control UI/chat: keep persisted assistant progress text visible when the same transcript turn also contains tool-use metadata, so chat.history reloads no longer make those replies vanish after the next user message. Fixes #​77374. Thanks @​BunsDev.
  • TUI: skip the generic CLI respawn wrapper for interactive launches, exit cleanly on terminal loss, and refuse to restore heartbeat sessions as the remembered chat session, preventing stale heartbeat history and orphaned openclaw-tui processes on first boot. Thanks @​vincentkoc.
  • Doctor/sessions: move heartbeat-poisoned default main session store entries to recovery keys and clear stale TUI restore pointers, so doctor --fix can repair instances already stuck on agent:main:main heartbeat history. Thanks @​vincentkoc.
  • Agents/context engines: keep hidden OpenClaw runtime-context custom messages out of context-engine assemble, afterTurn, and ingest hooks so transcript reconstruction plugins only see conversation messages. Thanks @​vincentkoc.
  • Gateway/shutdown: cancel delayed post-ready maintenance during close and suppress maintenance/cron startup after quick restarts, preventing orphaned background timers. Thanks @​vincentkoc.
  • Agents/generated media: treat attachment-style message tool actions as completed chat sends, preventing duplicate fallback media posts when generated files were already uploaded.
  • Control UI/sessions: show each session's agent runtime in the Sessions table and allow filtering by runtime labels, matching the Agents panel runtime wording. Thanks @​vincentkoc.
  • Discord/streaming: show live reasoning text in progress drafts instead of a bare Reasoning status line.
  • Gateway/status: avoid marking fast repeated health/status samples as event-loop degraded from CPU/utilization alone until the Gateway has accumulated a sustained sampling window. Thanks @​shakkernerd.
  • Plugins/update: keep installed official npm and ClawHub plugins such as Codex, Discord, WhatsApp, and diagnostics plugins synced during host updates even when disabled or previously exact-pinned, while preserving third-party plugin pins. Thanks @​vincentkoc.
  • Doctor/status: warn when OPENCLAW_GATEWAY_TOKEN would shadow a different active gateway.auth.token source for local CLI commands, while avoiding false positives when config points at the same env token. Fixes #​74271. Thanks @​yelog.
  • Gateway/HTTP: avoid loading managed outgoing-image media handlers for unrelated requests, so disabled OpenAI-compatible routes return 404 without waiting on lazy media sidecars. Thanks @​vincentkoc.
  • Gateway/OpenAI-compatible: send the assistant role SSE chunk as soon as streaming chat-completion headers are accepted, so cold agent setup cannot leave /v1/chat/completions clients with a bodyless 200 response until their idle timeout fires.
  • Agents/media: avoid direct generated-media completion fallback while the announce-agent run is still pending, so async video and music completions do not duplicate raw media messages. (#​77754)
  • WebChat/Codex media: stage Codex app-server generated local images into managed media before Gateway display, so Codex-home image paths no longer hit LocalMediaAccessError while keeping Codex home out of the display allowlist. Thanks @​frankekn.
  • TUI/sessions: bound the session picker to recent rows and use exact lookup-style refreshes for the active session, so dusty stores no longer make TUI hydrate weeks-old transcripts before becoming responsive. Thanks @​vincentkoc.
  • Doctor/gateway: report recent supervisor restart handoffs in openclaw doctor --deep, using the installed service environment when available so service-managed clean exits are visible in guided diagnostics. Thanks @​shakkernerd.
  • Gateway/status: show recent supervisor restart handoffs in openclaw gateway status --deep, including JSON details, so clean service-managed restarts are reported as restart handoffs instead of opaque stopped-service diagnostics. Thanks @​shakkernerd.
  • Providers/Fireworks: expose Kimi models as thinking-off-only and keep K2.5/K2.6 requests on thinking: disabled, so manual model switches do not send Fireworks-rejected reasoning* parameters. Refs #​74289. Thanks @​frankekn.
  • WhatsApp responsiveness: stop only verified stale local TUI clients when they degrade the Gateway event loop and delay replies. Thanks @​vincentkoc.
  • Plugins/update: repair stale managed npm-root openclaw peer packages before plugin installs, so beta-channel official plugin updates are not downgraded by old core package-lock state. Thanks @​vincentkoc.
  • Plugins/install: reassert managed npm plugin openclaw peer links after shared-root npm installs, updates, and uninstalls, so mutating one plugin does not leave previously installed SDK-using plugins unable to resolve openclaw/plugin-sdk/*.
  • Hooks/session-memory: add collision suffixes to fallback memory filenames so repeated /new or /reset captures in the same minute do not overwrite the earlier session archive. Thanks @​vincentkoc.
  • Agents/config: remove the ambiguous legacy main agent dir helper from runtime paths; model, auth, gateway, bundled plugin, and test helpers now resolve default/session agent dirs through agents.list/agent-scope helpers while plugin SDK keeps a deprecated compatibility export.
  • CLI/status: show the selected agent runtime/harness in openclaw status session rows so terminal status matches the /status runtime line. Thanks @​vincentkoc.
  • CLI/sessions: prune old unreferenced transcript, compaction checkpoint, and trajectory artifacts during normal sessions cleanup, so gateway restart or crash orphans do not accumulate indefinitely outside sessions.json. Fixes #​77608. Thanks @​slideshow-dingo.
  • Doctor/Codex: repair legacy openai-codex/* routes in primary models, fallbacks, heartbeat/subagent/compaction overrides, hooks, channel overrides, and stale session pins to canonical openai/*, selecting agentRuntime.id: "codex" only when the Codex plugin is installed, enabled, contributes the codex harness, and has usable OAuth; otherwise select agentRuntime.id: "pi". Thanks @​vincentkoc.
  • Plugins/update: keep installed official npm and ClawHub plugins such as Codex, Discord, WhatsApp, and diagnostics plugins synced during host updates even when disabled or previously exact-pinned, while preserving third-party plugin pins. Thanks @​vincentkoc.
  • Video generation: accept provider-specific aspect-ratio and resolution hints at the tool boundary, normalize 720P to MiniMax's supported 768P, and stop sending Google generateAudio on Gemini video requests so provider fallback can recover from model-specific parameter differences. Thanks @​vincentkoc.
  • Status: show compact Gateway process uptime and host system uptime in /status, making restart and host-lifetime checks visible from chat. Thanks @​vincentkoc.
  • WhatsApp responsiveness: stop only verified stale local TUI clients when they degrade the Gateway event loop and delay replies. Thanks @​vincentkoc.
  • Hooks/session-memory: run reset memory capture off the command reply path and make model-generated memory filename slugs opt-in with llmSlug: true, so /new and /reset no longer block WhatsApp and other message-channel reset replies on hook housekeeping or a nested model call. Thanks @​vincentkoc.
  • CLI/gateway: pause non-TTY stdin after full CLI command completion and stop openclaw agent from falling back to embedded mode after gateway request/auth failures, so parent help commands exit cleanly and scoped delivery probes surface the real Gateway error immediately. Thanks @​vincentkoc.
  • Gateway/model catalog: cache empty read-only model catalog results until reload, so TUI and control-plane refresh loops cannot hammer plugin metadata reads when no usable models are currently discovered. Thanks @​vincentkoc.
  • Hooks/session-memory: add collision suffixes to fallback memory filenames so repeated /new or /reset captures in the same minute do not overwrite the earlier session archive. Thanks @​vincentkoc.
  • TUI/sessions: bound the session picker to recent rows and use exact lookup-style refreshes for the active session, so dusty stores no longer make TUI hydrate weeks-old transcripts before becoming responsive. Thanks @​vincentkoc.
  • Agents/context engines: keep hidden OpenClaw runtime-context custom messages out of context-engine assemble, afterTurn, and ingest hooks so transcript reconstruction plugins only see conversation messages. Thanks @​vincentkoc.
  • TUI: skip the generic CLI respawn wrapper for interactive launches, exit cleanly on terminal loss, and refuse to restore heartbeat sessions as the remembered chat session, preventing stale heartbeat history and orphaned openclaw-tui processes on first boot. Thanks @​vincentkoc.
  • Doctor/sessions: move heartbeat-poisoned default main session store entries to recovery keys and clear stale TUI restore pointers, so doctor --fix can repair instances already stuck on agent:main:main heartbeat history. Thanks @​vincentkoc.
  • Gateway/shutdown: report structured shutdown warnings and HTTP close timeout warnings through ShutdownResult while preserving lifecycle hook hardening. Carries forward #​41296. Thanks @​edenfunf.
  • CLI/update: make dev-channel preflight lint opt-in and constrained when enabled, so openclaw update --channel dev no longer walks back otherwise-good main commits when Ubuntu hosts OOM-kill or fail parallel oxlint shards. Thanks @​vincentkoc.
  • CLI/channels: skip config, proxy, channel-option catalog, banner-config, and plugin startup bootstrap for the bare openclaw channels parent-help command, so it exits promptly after printing help instead of loading configured channel plugins. Thanks @​vincentkoc.
  • Gateway/shutdown: cancel delayed post-ready maintenance during close and suppress maintenance/cron startup after quick restarts, preventing orphaned background timers. Thanks @​vincentkoc.
  • CLI/status: show the selected agent runtime/harness in openclaw status session rows so terminal status matches the /status runtime line. Thanks @​vincentkoc.
  • Sessions CLI: show the selected agent runtime in the openclaw sessions table so terminal output matches the runtime visibility already present in JSON/status surfaces. Thanks @​vincentkoc.
  • Control UI/sessions: show each session's agent runtime in the Sessions table and allow filtering by runtime labels, matching the Agents panel runtime wording. Thanks @​vincentkoc.
  • Docker/Gateway: harden the gateway container by dropping NET_RAW and NET_ADMIN capabilities and enabling no-new-privileges in the bundled docker-compose.yml. Thanks @​VintageAyu.
  • OpenAI/Gateway: flush the initial chat stream chunk correctly so first-token streaming is visible instead of being delayed behind later chunks.
  • Gateway/media: skip media sidecar handling for unrelated HTTP routes so non-media requests do not pay the media route behavior.
  • Discord: show reasoning text in progress drafts so streaming replies expose useful thinking/progress instead of blank draft updates.
  • Auth profiles: avoid putting providers on cooldown for format-level rejections, so fallback profiles can still be tried when a model name is unsupported.
  • Update/plugins: tolerate corrupt managed plugin records during update so core package updates can still complete and report the plugin repair path.
  • Update: stop dev-channel updates cleanly after a fetch failure instead of continuing into later update steps.
  • Agents/generated media: treat attachment-style message tool actions as completed chat sends, preventing duplicate fallback media posts when generated files were already uploaded.

v2026.5.4: openclaw 2026.5.4

Compare Source

2026.5.4

Highlights
  • Google Meet/Voice Call: make Twilio dial-in joins speak through the realtime Gemini voice bridge with paced audio streaming, backpressure-aware buffering, barge-in queue clearing, and no TwiML fallback during realtime speech, giving Meet participants a much snappier OpenClaw voice agent. (#​77064) Thanks @​scoootscooob.
Changes
  • Gateway/Windows: bind the default loopback gateway listener only to 127.0.0.1 on Windows so libuv's dual-stack ::1 behavior cannot wedge localhost HTTP requests. (#​69701, fixes #​69674) Thanks @​SARAMALI15792.
  • Plugins/migration: emit catalog-backed install hints when plugins.entries or plugins.allow references an official external plugin that is not installed, so upgraded configs point operators to openclaw plugins install <spec> instead of telling them to remove valid plugin config. (#​77483) Thanks @​hclsys.
  • OpenAI/Codex media: advertise Codex audio transcription in runtime and manifest metadata and route active Codex chat models to the OpenAI transcription default instead of sending chat model ids to audio transcription. Thanks @​vincentkoc.
  • Dependencies: refresh runtime and provider packages including Pi 0.73.0, ACPX adapters, OpenAI, Anthropic, Slack, and TypeScript native preview, while keeping the Bedrock runtime installer override pinned below the Windows ARM Node 24 npm resolver failure.
  • Agents/performance: pass the resolved workspace through BTW, compaction, embedded-run model generation, and PDF model setup so explicit agent-dir model refreshes can reuse the current workspace-scoped plugin metadata snapshot instead of falling back to cold plugin metadata scans. (#​77519, #​77532)
  • Plugins/performance: let unscoped model catalog and manifest-contract readers reuse the current workspace-compatible plugin metadata snapshot, avoiding repeated cold plugin metadata scans on hot control-plane paths while preserving env/config/workspace compatibility checks. (#​77519, #​77532)
  • Config/plugin auto-enable: prefer the claiming plugin manifest id over a built-in channel alias when auto-allowlisting a configured channel, so WeCom/Yuanbao-style aliases resolve to the installed plugin id. Thanks @​Beandon13.
  • Secrets/apply: preserve auth-profile keyRef and tokenRef fields when scrubbing provider-target secrets, so the canonical SecretRef metadata survives secrets apply without keeping plaintext values. Thanks @​Beandon13.
  • Plugins/active-memory: skip session-store channel entries that contain : when resolving the recall subagent's channel, so QQ c2c agent IDs (e.g. c2c:10D4F7C2…) and other scoped conversation IDs do not reach bundled-plugin dirName validation and crash the recall run. The same guard already applied to explicit channelId params (#​76704); this extends it to store-derived channels. (#​77396) Thanks @​hclsys.
  • Secrets/external channel contracts: also look in <rootDir>/dist/ when resolving the secret-contract-api sidecar, so npm-published externalized channel plugins (e.g. @openclaw/discord since 2026.5.2) whose compiled artifacts live under dist/ actually contribute their channel SecretRef contracts to the runtime snapshot. Without this, env-backed channels.discord.token SecretRefs silently failed to resolve at gateway start on 2026.5.3, leaving the channel not configured even though #​76449 had landed the generic external-contract loader. Thanks @​mogglemoss.
  • Models/auth: add openclaw models auth list [--provider <id>] [--json] so users can inspect saved per-agent auth profiles without dumping secrets or hitting the old “too many arguments” path. Thanks @​vincentkoc.
  • Control UI/header: show the active agent name in dashboard breadcrumbs without adding the current session key, keeping non-chat views oriented without crowding the topbar.
  • Control UI/cron: make the New Job sidebar collapsible so the jobs list can reclaim space while keeping the form one click away. Thanks @​BunsDev.
  • Gateway/startup: keep model-catalog test helpers, run-session lookup code, QR pairing helpers, and TypeBox memory-tool schema construction out of hot startup import paths, reducing default gateway benchmark plugin-load and memory pressure.
  • Control UI/performance: record browser long animation frame or long task entries in the debug event log when supported, making slow dashboard renders easier to attribute from the UI.
  • Slack/streaming: add streaming.progress.render: "rich" for Block Kit progress drafts backed by structured progress line data.
  • Slack/streaming: keep the newest rich progress lines when Block Kit limits trim long progress drafts. Thanks @​vincentkoc.
  • Channels/streaming: cap progress-draft tool lines by default so edited progress boxes avoid jumpy reflow from long wrapped lines.
  • Agents/verbose: use compact explain-mode tool summaries for /verbose and progress drafts by default, with agents.defaults.toolProgressDetail: "raw" and per-agent overrides for debugging raw command/detail output.
  • Control UI/chat: add an agent-first filter to the chat session picker, keep chat controls/composer responsive across phone/tablet/desktop widths, keep desktop chat controls on one row, avoid duplicate avatar refreshes during initial chat load, and hide that row while scrolling down the transcript. Thanks @​BunsDev.
  • Control UI/chat: collapse consecutive duplicate text messages into one bubble with a count so no-op heartbeat acknowledgements stay compact without hiding nearby context.
  • Agents/subagents: preserve every grouped child result when direct completion fallback has to bypass the requester-agent announce turn. Thanks @​vincentkoc.
  • TTS/telephony: honor provider voice/model overrides in telephony synthesis providers so Google Meet agent speech logs match the backend that actually produced the audio. Thanks @​vincentkoc.
  • Voice Call/realtime: bound the paced Twilio audio queue and close overloaded realtime streams before provider audio can pile up behind the websocket backpressure guard. Thanks @​vincentkoc.
  • Docs: clarify that IRC uses raw TCP/TLS sockets outside operator-managed forward proxy routing, so direct IRC egress should be explicitly approved before enabling IRC. Thanks @​jesse-merhi.
  • Gateway/performance: defer non-readiness sidecars until after the ready signal, avoid hot-path channel plugin barrel imports, and fast-path trusted bundled plugin metadata during Gateway startup.
  • Gateway/performance: avoid importing jiti on native-loadable plugin startup paths, so compiled bundled plugin surfaces do not pay source-transform loader cost unless fallback loading is actually needed.
  • Gateway/diagnostics: add startup phase spans, active work labels, stale terminal bridge markers, and default sync-I/O tracing in pnpm gateway:watch so slow Gateway turns are easier to attribute from logs and stability diagnostics.
  • Plugins/loader: preserve real compiled plugin module evaluation errors on the native fast path instead of treating every thrown .js module as a source-transform fallback miss. Thanks @​vincentkoc.
  • QA/Mantis: add pnpm openclaw qa mantis slack-desktop-smoke to run Slack live QA inside a Crabbox VNC desktop, open Slack Web, and capture desktop screenshots beside the Slack QA artifacts.
  • QA/Mantis: pass the runtime env through desktop-browser Crabbox and artifact-copy child commands, so embedded Mantis callers can provide Crabbox credentials without mutating the parent process. Thanks @​vincentkoc.
  • QA/Mantis: return the copied Slack desktop screenshot path even when remote Slack QA fails, so the CLI still prints the failure screenshot artifact. Thanks @​vincentkoc.
  • QA/Mantis: accept Blacksmith Testbox tbx_... lease ids from desktop smoke warmup, so provider overrides do not fail before inspect/run. Thanks @​vincentkoc.
  • QA/Codex harness: add targeted live Docker/Testbox diagnostics, auth preflight checks, cache mount fixes, and app-server protocol checkout discovery so maintainer harness failures are easier to reproduce. Thanks @​vincentkoc.
  • Plugins/update: treat official externalized bundled npm migrations and ClawHub-to-npm fallbacks as trusted source-linked installs, so prerelease-only official plugin packages can migrate from bundled builds without being rejected as unsafe prerelease resolutions. Thanks @​vincentkoc.
  • Plugins/update: move ClawHub-preferred externalized plugin installs back to ClawHub after an earlier npm fallback once the ClawHub package becomes available. Thanks @​vincentkoc.
  • Plugins/update: clean stale bundled load paths for already-externalized pinned npm and ClawHub plugin installs, so release-channel sync does not leave removed bundled paths ahead of the installed external package. Thanks @​vincentkoc.
  • Telegram: accept plugin-owned numeric forum-topic targets in the agent message tool and keep reply-dispatch provider chunks behind a real stable runtime alias during in-place package updates. Fixes #​77137. Thanks @​richardmqq.
  • Google Meet: preserve realtime.introMessage: "" so realtime Chrome joins can stay silent instead of restoring the default spoken intro. Thanks @​vincentkoc.
  • Plugins/SDK: add bounded before_agent_finalize retry instructions so workflow plugins can request one more model pass. Thanks @​100yenadmin.
  • Discord/status: add degraded Discord transport and gateway event-loop starvation signals to openclaw channels status, openclaw status --deep, and fetch-timeout logs so intermittent socket resets do not look like a healthy running channel. (#​76327) Thanks @​joshavant.
  • Providers/OpenRouter: add opt-in response caching params that send OpenRouter's X-OpenRouter-Cache, X-OpenRouter-Cache-TTL, and cache-clear headers only on verified OpenRouter routes. Thanks @​vincentkoc.
  • Providers/OpenRouter: expand app-attribution categories so OpenClaw advertises coding, programming, writing, chat, and personal-agent usage on verified OpenRouter routes. Thanks @​vincentkoc.
  • Plugins/update: make package upgrades swap pnpm/npm-prefix installs cleanly, keep legacy plugin install runtime chunks working, and on the beta channel fall back default-line npm plugins to default/latest when plugin beta releases are missing or fail install validation. Thanks @​vincentkoc and @​joshavant.
  • Channels/WhatsApp: support explicit WhatsApp Channel/Newsletter @newsletter outbound message targets with channel session metadata instead of DM routing. Fixes #​13417; carries forward the narrow outbound target idea from #​13424. Thanks @​vincentkoc and @​agentz-manfred.
  • Exec approvals: add a tree-sitter-backed shell command explainer for future approval and command-review surfaces. (#​75004) Thanks @​jesse-merhi.
  • Agents/sandbox: store sandbox container and browser registry entries as per-runtime shard files, reducing unrelated session lock contention while openclaw doctor --fix migrates legacy monolithic registry files. (#​74831) Thanks @​luckylhb90.
  • Plugins/ClawHub: annotate 429 errors from ClawHub with the reset window from RateLimit-Reset/Retry-After and append a Sign in for higher rate limits. hint when the request was unauthenticated, so users can see when downloads will recover and how to lift the cap. Thanks @​romneyda.
  • Plugins/runtime state: add registerIfAbsent for atomic keyed-store dedupe claims that return whether a plugin successfully claimed a key without overwriting an existing live value. Thanks @​amknight.
  • Plugin SDK: add plugin-owned SessionEntry slot projection and scoped trusted-policy session extension reads. (#​75609; replaces part of #​73384/#​74483) Thanks @​100yenadmin.
  • Sandbox/Windows: accept drive-absolute Docker bind sources while keeping sandbox blocked-path and allowed-root policy comparisons Windows-case-insensitive. (#​42174) Thanks @​6607changchun.
Fixes
  • Plugins/install: honor the beta update channel for onboarding and doctor-managed plugin installs by requesting floating npm and ClawHub specs with @beta while keeping persistent install records on the catalog default. Thanks @​vincentkoc.
  • WhatsApp/onboarding: canonicalize setup and pairing allowlist entries to WhatsApp's digit-only phone ids while still accepting E.164, JID, and whatsapp: inputs, so personal-phone allowlists match WhatsApp Web sender ids after setup. Thanks @​vincentkoc.
  • Gateway/startup: load provider plugins that own explicitly configured image, video, or music generation defaults so generation tools become live after gateway restart instead of remaining catalog-only. Fixes #​77244. Thanks @​buyuangtampan, @​Nikoxx99, and @​vincentkoc.
  • Slack/subagents: keep resumed parent message.send calls in the originating Slack thread when ambient session thread context is present, and suppress successful silent child completion rows from follow-up findings. Thanks @​bek91.
  • Slack/mentions: record thread participation for successful visible threaded Slack sends, including message-tool and media delivery paths, so unmentioned replies in bot-participated threads can bypass mention gating as documented. Fixes #​77648. Thanks @​bek91.
  • Infra/Windows: skip the POSIX /tmp/openclaw preferred path on Windows in resolvePreferredOpenClawTmpDir so log files, TTS temp files, and other writes land in %TEMP%\openclaw-<uid> instead of C:\tmp\openclaw. Fixes #​60713. Thanks @​juan-flores077.
  • Media/Windows: open saved attachment temp files read/write before fsync so Windows WebChat and chat.send media offloads no longer fail with EPERM during durability flush. (#​76593) Thanks @​qq230849622-a11y.
  • Agents/tools: honor narrow runtime tool allowlists when constructing embedded-runner tool families and bundled MCP/LSP runtimes, so cron/subagent runs that request tools such as update_plan, browser, x_search, channel login tools, or group:plugins no longer start with missing tools or unrelated bootstrap work. (#​77519, #​77532)
  • Codex plugin: mirror the experimental upstream app-server protocol and format generated TypeScript before drift checks, keeping OpenClaw's experimentalApi bridge compatible with latest Codex while preserving formatter gates.
  • Telegram/media: derive no-caption inbound media placeholders from saved MIME metadata instead of the Telegram photo shape, so non-image and mixed attachments no longer reach the model as <media:image>. Fixes #​69793. Thanks @​aspalagin.
  • Telegram/streaming: reuse the active preview as the first chunk for long text finals, so multi-chunk replies no longer create a transient extra bubble that appears and then disappears. Thanks @​vincentkoc.
  • Agents/cache: keep per-turn runtime context out of ordinary chat system prompts while still delivering hidden current-turn context, restoring prompt-cache reuse on chat continuations. Fixes #​77431. Thanks @​Udjin79.
  • Gateway/startup: include resolved thinking and fast-mode defaults in the agent model startup log line, defaulting unset startup thinking to medium without mixing in reasoning visibility.
  • Gateway/update: resolve local gateway probe auth from the installed config during post-update restart verification, so token/device-authenticated VPS gateways are not misreported as unhealthy port conflicts after a package swap. Thanks @​vincentkoc.
  • Agents/Tools: add post-compaction loop guard in pi-embedded-runner that arms after auto-compaction-retry and aborts the run with compaction_loop_persisted when the agent emits the same (tool, args, result) triple windowSize times (default 3) within that window. Disable via existing tools.loopDetection.enabled; tune via tools.loopDetection.postCompactionGuard.windowSize. Targets the failure mode where context-overflow + compaction does not break a tool-call loop. Refs #​77474; carries forward #​21597. Thanks @​efpiva.
  • Gateway/watch: suppress sync-I/O trace output during pnpm gateway:watch --benchmark unless explicitly requested, so CPU profiling no longer floods the terminal with stack traces.
  • Gateway/watch: when benchmark sync-I/O tracing is explicitly enabled, tee trace blocks to the benchmark output log and filter them from the terminal pane while keeping normal Gateway logs visible.
  • Plugins/runtime-deps: include json5 in the memory-core plugin runtime dependency set so packaged memory_search sandboxes can resolve generated OpenClaw runtime chunks that parse JSON5 config. Fixes #​77461.
  • Plugins/Windows: show a Git install hint when npm plugin installation fails with spawn git ENOENT, and document the WhatsApp plugin's Git-on-PATH requirement for Baileys/libsignal installs.
  • Codex harness: preserve app-server usage-limit reset details and deliver OpenClaw-owned runtime failure notices through tool-only source-reply mode, so Telegram and other chat channels tell users when Codex subscription limits or API failures block a turn instead of going silent. (#​77557) Thanks @​pashpashpash.
  • Agents/OpenAI: default direct OpenAI Responses models to the SSE transport instead of WebSocket auto-selection, preventing pi runtime chat turns from hanging on servers where the WebSocket path stalls while the OpenAI HTTP stream works. Thanks @​vincentkoc.
  • Plugins/update: repair missing plugin-local openclaw peer links before skipping unchanged npm plugin updates, so current external Codex installs can recover openclaw/plugin-sdk/* resolution during OTA repair. (#​77544) Thanks @​ProspectOre.
  • Discord/replies: treat failed final reply delivery as a failed turn instead of counting it as a delivered automatic visible reply, so guild/channel turns no longer show done when the final message was dropped. Fixes #​77520. Thanks @​Patrick-Erichsen.
  • Discord: prefer IPv4 for Discord REST and gateway WebSocket startup paths so IPv4-only networks no longer stall before Gateway READY and inbound message dispatch. Fixes #​77398; refs #​77526. Thanks @​Beandon13.
  • Channels/plugins: key bundled package-state probes, env/config presence, and read-only command defaults by channel id instead of manifest plugin id, preserving setup and native-command detection for channel plugins whose package id differs from the channel alias. Thanks @​vincentkoc.
  • Docker: prune package-excluded plugin dist directories from runtime images unless the build explicitly opts that plugin in, so official external plugins such as Feishu stay install-on-demand instead of shipping partial metadata without compiled runtime output. Fixes #​77424. Thanks @​vincentkoc.
  • Model switching: include the exact additive allowlist repair command when /model ... --runtime ... targets a blocked model, and make Telegram's model picker say that it changes only the session model while leaving the runtime unchanged. Thanks @​vincentkoc.
  • Mattermost: clarify that the model picker only changes the session model and that runtime switches require /oc_model <provider/model> --runtime <runtime>. Thanks @​vincentkoc.
  • Doctor/config: keep active auth.profiles metadata intact when doctor --fix strips stale secret fields from configs, repairing legacy <provider>:default API-key profile metadata when model fallbacks or explicit model@profile refs still depend on it. Fixes #​77400.
  • Doctor/plugins: include plugins.allow-only official plugin ids in the release configured-plugin repair set, so doctor --fix installs official external plugins that are configured but not yet loaded instead of removing them as stale allow entries. Fixes #​77155. Thanks @​hclsys.
  • Doctor/sessions: clear auto-created stale session routing state from the sessions store when doctor --fix sees plugin-owned model/runtime/auth/session bindings outside the current configured route, while leaving explicit user model choices for manual review. Refs #​68615.
  • CLI/update: disable and skip plugins that fail package-update plugin sync, so a broken npm/ClawHub/git/marketplace plugin cannot turn a successful OpenClaw package update into a failed update result. Thanks @​vincentkoc.
  • CLI/update: use an absolute POSIX npm script shell during package-manager updates, so restricted PATH environments can still run dependency lifecycle scripts while updating from --tag main. Fixes #​77530. Thanks @​PeterTremonti.
  • Diagnostics: grant the internal diagnostics event bus to official installed diagnostics exporter plugins, so npm-installed @openclaw/diagnostics-prometheus can emit metrics without broadening the capability to arbitrary global plugins. Fixes #​76628. Thanks @​RayWoo.
  • Browser: enforce strict SSRF current-URL checks before existing-session screenshots, matching existing-session snapshot handling. Thanks @​vincentkoc.
  • Active Memory: give timeout partial transcript recovery enough abort-settle headroom so temporary recall summaries are returned before cleanup. Thanks @​vincentkoc.
  • Gateway/chat: clear the active reply-run guard before draining queued same-session follow-up turns, so sequential chat.send calls no longer trip ReplyRunAlreadyActiveError every other request. Fixes #​77485. Thanks @​bws14email.
  • Agents/media: avoid sending generated image, video, and music attachments twice when streamed reply text arrives before the final MEDIA: directive.
  • CLI/sessions: cap openclaw sessions output to the newest 100 rows by default and add --limit <n|all> plus JSON pagination metadata, so repeated machine polling of large session stores cannot fan out into unbounded per-row enrichment/output work. Fixes #​77500. Thanks @​Kaotic3.
  • Doctor/config: restore legacy group chat config migrations for routing.allowFrom, routing.groupChat.*, and channels.telegram.requireMention so upgrades keep WhatsApp, Telegram, and iMessage group mention gates and history settings instead of leaving configs invalid or silently blocked. Thanks @​scoootscooob.
  • CLI/update: make package-update follow-up processes write completion results and exit explicitly, so Windows packaged upgrades do not hang after the new package finishes post-core plugin work. Thanks @​vincentkoc.
  • Release validation: skip Slack live QA unless Slack credentials are explicitly configured, so release gates can keep proving non-Slack surfaces while Slack is still local and credential-gated. Thanks @​vincentkoc.
  • Plugins/update: treat OpenClaw CalVer correction versions like 2026.5.3-1 as satisfying base plugin API ranges, so correction builds can install plugins that require the base runtime API. Fixes #​77293. (#​77450) Thanks @​p3nchan.
  • Discord/Gateway startup: retry Discord READY waits with backoff, defer startup sessions.list and native approval readiness failures until sidecars recover, and preserve component-only Discord payloads when final reply scrubbing removes all text. (#​77478) Thanks @​NikolaFC.
  • CLI/launcher: forward termination signals to compile-cache respawn children, so killing a wrapper process no longer leaves the security audit worker orphaned. Fixes #​77458. Thanks @​jaikharbanda.
  • Plugins/registry: recover managed-npm external plugins from the owned npm root when a stale persisted registry would otherwise hide them after package-manager upgrades. Fixes #​77266. Thanks @​p3nchan.
  • fix(gateway): clamp unbound websocket auth scopes [AI]. (#​77413) Thanks @​pgondhi987.
  • Gate zalouser startup name matching [AI]. (#​77411) Thanks @​pgondhi987.
  • Active Memory: send a bounded latest-message search query to the recall worker so channel/runtime metadata does not become the memory search string. Fixes #​65309. Thanks @​joeykrug, @​westley3601, @​pimenov, and @​tasi333.
  • fix(device-pair): require pairing scope for pair command [AI]. (#​76377) Thanks @​pgondhi987.
  • Providers/OpenRouter: keep DeepSeek V4 reasoning_effort on OpenRouter-supported values, mapping stale max thinking overrides to xhigh so openrouter/deepseek/deepseek-v4-pro no longer fails with OpenRouter's invalid-effort 400. Fixes #​77350. (#​77423) Thanks @​krllagent, @​mushuiyu886, and @​sallyom.
  • fix(qqbot): keep private commands off framework surface [AI]. (#​77212) Thanks @​pgondhi987.
  • Claude CLI: honor non-off /think levels by passing Claude Code's session-scoped --effort flag through the CLI backend seam, so chat bridges no longer show an inert thinking control. Fixes #​77303. Thanks @​Petr1t.
  • Agents/subagents: refresh deferred final-delivery payloads when same-session completion output changes, so retried parent notifications use the final child summary instead of stale progress text. Thanks @​vincentkoc.
  • Agents/media: route async music and video completion results back through the requester agent, preserving automatic replies while requiring the message tool only for message-tool-only group/channel delivery.
  • active-memory: skip the memory sub-agent gracefully instead of logging a confusing allowlist error when no memory plugin (memory-core or memory-lancedb) is loaded, so active-memory with no memory backend no longer produces misleading "No callable tools remain" warnings in the gateway log. Fixes #​77506. Thanks @​hclsys.
  • Memory/wiki: preserve representation from both corpora in corpus=all searches while backfilling unused result capacity, so memory hits are not starved by numerically higher wiki integer scores. Fixes #​77337. Thanks @​hclsys.
  • Docker/compose: pin container-side OPENCLAW_CONFIG_DIR and OPENCLAW_WORKSPACE_DIR on both gateway and CLI services so the host paths written into .env by scripts/docker/setup.sh (used as Compose bind-mount sources) cannot leak into runtime code via the env_file import. Fixes regressions on macOS Docker setups where the first agent reply died with EACCES: permission denied, mkdir '/Users' because the host-style workspace path got persisted into agents.defaults.workspace. Fixes #​77436. Thanks @​lonexreb.
  • Telegram: clean up tool-only draft previews after assistant message boundaries so transient Surfacing... tool-status bubbles do not linger when no matching final preview arrives. Thanks @​BunsDev.
  • Slack: report unknown error instead of undefined in socket-mode startup retry logs and label the retry reason explicitly.
  • Telegram: let explicit forum-topic requireMention settings override persisted /activate and /deactivate state, so per-topic mention gates work consistently. Fixes #​49864. Thanks @​Panniantong.
  • Cron: surface failed isolated-run diagnostics in cron show, status, and run history when requested tools are unavailable, so blocked cron runs report the actual tool-policy failure instead of a misleading green result. Fixes #​75763. Thanks @​RyanSandoval.
  • TUI/escape abort: track the in-flight runId after chat.send resolves so pressing Esc during the gap before the first gateway event aborts the run instead of repeatedly printing no active run. Fixes #​1296. Thanks [@​Luka

Configuration

📅 Schedule: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

> ℹ️ **Note** > > This PR body was truncated due to platform limits. This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [ghcr.io/openclaw/openclaw](https://openclaw.ai) ([source](https://redirect.github.com/openclaw/openclaw)) | final | patch | `2026.5.3` → `2026.5.6` | --- ### Release Notes <details> <summary>openclaw/openclaw (ghcr.io/openclaw/openclaw)</summary> ### [`v2026.5.6`](https://redirect.github.com/openclaw/openclaw/releases/tag/v2026.5.6): openclaw 2026.5.6 [Compare Source](https://redirect.github.com/openclaw/openclaw/compare/v2026.5.5...v2026.5.6) #### 2026.5.6 ##### Fixes - Doctor/OpenAI Codex: revert the 2026.5.5 `doctor --fix` repair that rewrote valid `openai-codex/*` ChatGPT/Codex OAuth routes to `openai/*`, which could break OAuth-only GPT-5.5 setups or accidentally move users onto the OpenAI API-key route. If 2026.5.5 already changed your default model, run `openclaw models set openai-codex/gpt-5.5 && openclaw config validate` to switch the default agent back to the Codex OAuth PI route. Fixes [#&#8203;78407](https://redirect.github.com/openclaw/openclaw/issues/78407). - Plugins/runtime fetch: drop third-party symbol metadata from plain request header dictionaries before passing them into native `fetch` or `Headers`, so SDK and guarded/proxy fetch paths do not reject otherwise valid plugin requests. Fixes [#&#8203;77846](https://redirect.github.com/openclaw/openclaw/issues/77846). Thanks [@&#8203;shakkernerd](https://redirect.github.com/shakkernerd). - Debug proxy: normalize captured fetch header dictionaries before replaying requests so symbol metadata from caller-owned header objects cannot make debug-proxy fetches fail. - Web fetch: bound guarded dispatcher cleanup after request timeouts so timed-out fetches return tool errors instead of leaving Gateway tool lanes active. ([#&#8203;78439](https://redirect.github.com/openclaw/openclaw/issues/78439)) Thanks [@&#8203;obviyus](https://redirect.github.com/obviyus). Recovery docs: <https://docs.openclaw.ai/providers/openai#check-and-recover-codex-oauth-routing> ### [`v2026.5.5`](https://redirect.github.com/openclaw/openclaw/releases/tag/v2026.5.5): openclaw 2026.5.5 [Compare Source](https://redirect.github.com/openclaw/openclaw/compare/v2026.5.4...v2026.5.5) #### 2026.5.5 ##### Fixes - Feishu: hydrate missing native topic starter thread IDs before session routing so first turns and follow-ups stay in the same topic session. Fixes [#&#8203;78262](https://redirect.github.com/openclaw/openclaw/issues/78262). Thanks [@&#8203;joeyzenghuan](https://redirect.github.com/joeyzenghuan). - LINE: reject `dmPolicy: "open"` configs without wildcard `allowFrom` so webhook DMs fail validation instead of being acknowledged and silently blocked before inbound processing. Fixes [#&#8203;78316](https://redirect.github.com/openclaw/openclaw/issues/78316). - Telegram/Codex: keep message-tool-only progress drafts visible and render native Codex tool progress once per tool instead of duplicating item/tool draft lines. Fixes [#&#8203;75641](https://redirect.github.com/openclaw/openclaw/issues/75641). ([#&#8203;77949](https://redirect.github.com/openclaw/openclaw/issues/77949)) - Providers/xAI: stop sending OpenAI-style reasoning effort controls to native Grok Responses models, so `xai/grok-4.3` no longer fails live Docker/Gateway runs with `Invalid reasoning effort`. - Providers/xAI: clamp the bundled xAI thinking profile to `off` so live Gateway runs cannot send unsupported reasoning levels to native Grok Responses models. - Matrix/approvals: retry approval delivery up to 3 times with a short backoff so transient Matrix send failures do not strand pending approval prompts. ([#&#8203;78179](https://redirect.github.com/openclaw/openclaw/issues/78179)) Thanks [@&#8203;Patrick-Erichsen](https://redirect.github.com/Patrick-Erichsen). - Discord/gateway: measure heartbeat ACK timeouts from the actual heartbeat send, preventing late initial heartbeats from triggering false reconnect loops while the channel is still awaiting readiness. Fixes [#&#8203;77668](https://redirect.github.com/openclaw/openclaw/issues/77668). ([#&#8203;78087](https://redirect.github.com/openclaw/openclaw/issues/78087)) Thanks [@&#8203;bryce-d-greybeard](https://redirect.github.com/bryce-d-greybeard) and [@&#8203;NikolaFC](https://redirect.github.com/NikolaFC). - Discord/guilds: route plain text control commands such as `/steer` through the normal authorization and mention gate instead of silently dropping them before an agent session can see them. Fixes [#&#8203;78080](https://redirect.github.com/openclaw/openclaw/issues/78080). Thanks [@&#8203;ramitrkar-hash](https://redirect.github.com/ramitrkar-hash). - Control UI/Sessions: make the compaction count a compact `N Checkpoint(s)` disclosure and show expanded session-level details with modern checkpoint history cards across responsive table layouts. Thanks [@&#8203;BunsDev](https://redirect.github.com/BunsDev). - Control UI/performance: keep chat and channel tabs responsive while history payloads and channel probes are slow, label partial channel status, and record slow chat/config render timings in the event log. Thanks [@&#8203;BunsDev](https://redirect.github.com/BunsDev). - Control UI/sessions: fire the documented `/new` command and lifecycle hooks only for explicit Control UI session creation, restoring session-memory and custom hook capture without changing SDK parent-session creates. Fixes [#&#8203;76957](https://redirect.github.com/openclaw/openclaw/issues/76957). Thanks [@&#8203;BunsDev](https://redirect.github.com/BunsDev). - Exec approvals: fall back to a guarded copy when Windows rejects rename-overwrite for `exec-approvals.json`, while preserving symlink, hard-link, and owner-only permission safeguards. Fixes [#&#8203;77785](https://redirect.github.com/openclaw/openclaw/issues/77785). ([#&#8203;77907](https://redirect.github.com/openclaw/openclaw/issues/77907)) Thanks [@&#8203;Alex-Alaniz](https://redirect.github.com/Alex-Alaniz) and [@&#8203;MilleniumGenAI](https://redirect.github.com/MilleniumGenAI). - Slack: preserve Socket Mode SDK error context and structured Slack API fields in reconnect logs, so startup failures no longer collapse to a bare `unknown error`. - iOS pairing: allow setup-code and manual `ws://` connects for private LAN and `.local` gateways while keeping Tailscale/public routes on `wss://`, and prefer explicit gateway passwords over stale bootstrap tokens in mixed-auth reconnects. Fixes [#&#8203;47887](https://redirect.github.com/openclaw/openclaw/issues/47887); carries forward [#&#8203;65185](https://redirect.github.com/openclaw/openclaw/issues/65185). Thanks [@&#8203;draix](https://redirect.github.com/draix) and [@&#8203;BunsDev](https://redirect.github.com/BunsDev). - Plugins/diagnostics: make source-only TypeScript package warnings actionable by explaining that missing compiled runtime output is a publisher packaging issue and pointing users to update/reinstall or disable/uninstall the plugin. Fixes [#&#8203;77835](https://redirect.github.com/openclaw/openclaw/issues/77835). Thanks [@&#8203;googlerest](https://redirect.github.com/googlerest). - Control UI/chat: keep persisted assistant progress text visible when the same transcript turn also contains tool-use metadata, so chat.history reloads no longer make those replies vanish after the next user message. Fixes [#&#8203;77374](https://redirect.github.com/openclaw/openclaw/issues/77374). Thanks [@&#8203;BunsDev](https://redirect.github.com/BunsDev). - TUI: skip the generic CLI respawn wrapper for interactive launches, exit cleanly on terminal loss, and refuse to restore heartbeat sessions as the remembered chat session, preventing stale heartbeat history and orphaned `openclaw-tui` processes on first boot. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Doctor/sessions: move heartbeat-poisoned default main session store entries to recovery keys and clear stale TUI restore pointers, so `doctor --fix` can repair instances already stuck on `agent:main:main` heartbeat history. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Agents/context engines: keep hidden OpenClaw runtime-context custom messages out of context-engine assemble, afterTurn, and ingest hooks so transcript reconstruction plugins only see conversation messages. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway/shutdown: cancel delayed post-ready maintenance during close and suppress maintenance/cron startup after quick restarts, preventing orphaned background timers. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Agents/generated media: treat attachment-style message tool actions as completed chat sends, preventing duplicate fallback media posts when generated files were already uploaded. - Control UI/sessions: show each session's agent runtime in the Sessions table and allow filtering by runtime labels, matching the Agents panel runtime wording. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Discord/streaming: show live reasoning text in progress drafts instead of a bare `Reasoning` status line. - Gateway/status: avoid marking fast repeated health/status samples as event-loop degraded from CPU/utilization alone until the Gateway has accumulated a sustained sampling window. Thanks [@&#8203;shakkernerd](https://redirect.github.com/shakkernerd). - Plugins/update: keep installed official npm and ClawHub plugins such as Codex, Discord, WhatsApp, and diagnostics plugins synced during host updates even when disabled or previously exact-pinned, while preserving third-party plugin pins. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Doctor/status: warn when `OPENCLAW_GATEWAY_TOKEN` would shadow a different active `gateway.auth.token` source for local CLI commands, while avoiding false positives when config points at the same env token. Fixes [#&#8203;74271](https://redirect.github.com/openclaw/openclaw/issues/74271). Thanks [@&#8203;yelog](https://redirect.github.com/yelog). - Gateway/HTTP: avoid loading managed outgoing-image media handlers for unrelated requests, so disabled OpenAI-compatible routes return 404 without waiting on lazy media sidecars. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway/OpenAI-compatible: send the assistant role SSE chunk as soon as streaming chat-completion headers are accepted, so cold agent setup cannot leave `/v1/chat/completions` clients with a bodyless 200 response until their idle timeout fires. - Agents/media: avoid direct generated-media completion fallback while the announce-agent run is still pending, so async video and music completions do not duplicate raw media messages. ([#&#8203;77754](https://redirect.github.com/openclaw/openclaw/issues/77754)) - WebChat/Codex media: stage Codex app-server generated local images into managed media before Gateway display, so Codex-home image paths no longer hit `LocalMediaAccessError` while keeping Codex home out of the display allowlist. Thanks [@&#8203;frankekn](https://redirect.github.com/frankekn). - TUI/sessions: bound the session picker to recent rows and use exact lookup-style refreshes for the active session, so dusty stores no longer make TUI hydrate weeks-old transcripts before becoming responsive. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Doctor/gateway: report recent supervisor restart handoffs in `openclaw doctor --deep`, using the installed service environment when available so service-managed clean exits are visible in guided diagnostics. Thanks [@&#8203;shakkernerd](https://redirect.github.com/shakkernerd). - Gateway/status: show recent supervisor restart handoffs in `openclaw gateway status --deep`, including JSON details, so clean service-managed restarts are reported as restart handoffs instead of opaque stopped-service diagnostics. Thanks [@&#8203;shakkernerd](https://redirect.github.com/shakkernerd). - Providers/Fireworks: expose Kimi models as thinking-off-only and keep K2.5/K2.6 requests on `thinking: disabled`, so manual model switches do not send Fireworks-rejected `reasoning*` parameters. Refs [#&#8203;74289](https://redirect.github.com/openclaw/openclaw/issues/74289). Thanks [@&#8203;frankekn](https://redirect.github.com/frankekn). - WhatsApp responsiveness: stop only verified stale local TUI clients when they degrade the Gateway event loop and delay replies. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/update: repair stale managed npm-root `openclaw` peer packages before plugin installs, so beta-channel official plugin updates are not downgraded by old core package-lock state. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/install: reassert managed npm plugin `openclaw` peer links after shared-root npm installs, updates, and uninstalls, so mutating one plugin does not leave previously installed SDK-using plugins unable to resolve `openclaw/plugin-sdk/*`. - Hooks/session-memory: add collision suffixes to fallback memory filenames so repeated `/new` or `/reset` captures in the same minute do not overwrite the earlier session archive. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Agents/config: remove the ambiguous legacy `main` agent dir helper from runtime paths; model, auth, gateway, bundled plugin, and test helpers now resolve default/session agent dirs through `agents.list`/agent-scope helpers while plugin SDK keeps a deprecated compatibility export. - CLI/status: show the selected agent runtime/harness in `openclaw status` session rows so terminal status matches the `/status` runtime line. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - CLI/sessions: prune old unreferenced transcript, compaction checkpoint, and trajectory artifacts during normal `sessions cleanup`, so gateway restart or crash orphans do not accumulate indefinitely outside `sessions.json`. Fixes [#&#8203;77608](https://redirect.github.com/openclaw/openclaw/issues/77608). Thanks [@&#8203;slideshow-dingo](https://redirect.github.com/slideshow-dingo). - Doctor/Codex: repair legacy `openai-codex/*` routes in primary models, fallbacks, heartbeat/subagent/compaction overrides, hooks, channel overrides, and stale session pins to canonical `openai/*`, selecting `agentRuntime.id: "codex"` only when the Codex plugin is installed, enabled, contributes the `codex` harness, and has usable OAuth; otherwise select `agentRuntime.id: "pi"`. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/update: keep installed official npm and ClawHub plugins such as Codex, Discord, WhatsApp, and diagnostics plugins synced during host updates even when disabled or previously exact-pinned, while preserving third-party plugin pins. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Video generation: accept provider-specific aspect-ratio and resolution hints at the tool boundary, normalize `720P` to MiniMax's supported `768P`, and stop sending Google `generateAudio` on Gemini video requests so provider fallback can recover from model-specific parameter differences. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Status: show compact Gateway process uptime and host system uptime in `/status`, making restart and host-lifetime checks visible from chat. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - WhatsApp responsiveness: stop only verified stale local TUI clients when they degrade the Gateway event loop and delay replies. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Hooks/session-memory: run reset memory capture off the command reply path and make model-generated memory filename slugs opt-in with `llmSlug: true`, so `/new` and `/reset` no longer block WhatsApp and other message-channel reset replies on hook housekeeping or a nested model call. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - CLI/gateway: pause non-TTY stdin after full CLI command completion and stop `openclaw agent` from falling back to embedded mode after gateway request/auth failures, so parent help commands exit cleanly and scoped delivery probes surface the real Gateway error immediately. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway/model catalog: cache empty read-only model catalog results until reload, so TUI and control-plane refresh loops cannot hammer plugin metadata reads when no usable models are currently discovered. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Hooks/session-memory: add collision suffixes to fallback memory filenames so repeated `/new` or `/reset` captures in the same minute do not overwrite the earlier session archive. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - TUI/sessions: bound the session picker to recent rows and use exact lookup-style refreshes for the active session, so dusty stores no longer make TUI hydrate weeks-old transcripts before becoming responsive. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Agents/context engines: keep hidden OpenClaw runtime-context custom messages out of context-engine assemble, afterTurn, and ingest hooks so transcript reconstruction plugins only see conversation messages. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - TUI: skip the generic CLI respawn wrapper for interactive launches, exit cleanly on terminal loss, and refuse to restore heartbeat sessions as the remembered chat session, preventing stale heartbeat history and orphaned `openclaw-tui` processes on first boot. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Doctor/sessions: move heartbeat-poisoned default main session store entries to recovery keys and clear stale TUI restore pointers, so `doctor --fix` can repair instances already stuck on `agent:main:main` heartbeat history. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway/shutdown: report structured shutdown warnings and HTTP close timeout warnings through `ShutdownResult` while preserving lifecycle hook hardening. Carries forward [#&#8203;41296](https://redirect.github.com/openclaw/openclaw/issues/41296). Thanks [@&#8203;edenfunf](https://redirect.github.com/edenfunf). - CLI/update: make dev-channel preflight lint opt-in and constrained when enabled, so `openclaw update --channel dev` no longer walks back otherwise-good main commits when Ubuntu hosts OOM-kill or fail parallel oxlint shards. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - CLI/channels: skip config, proxy, channel-option catalog, banner-config, and plugin startup bootstrap for the bare `openclaw channels` parent-help command, so it exits promptly after printing help instead of loading configured channel plugins. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway/shutdown: cancel delayed post-ready maintenance during close and suppress maintenance/cron startup after quick restarts, preventing orphaned background timers. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - CLI/status: show the selected agent runtime/harness in `openclaw status` session rows so terminal status matches the `/status` runtime line. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Sessions CLI: show the selected agent runtime in the `openclaw sessions` table so terminal output matches the runtime visibility already present in JSON/status surfaces. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Control UI/sessions: show each session's agent runtime in the Sessions table and allow filtering by runtime labels, matching the Agents panel runtime wording. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Docker/Gateway: harden the gateway container by dropping `NET_RAW` and `NET_ADMIN` capabilities and enabling `no-new-privileges` in the bundled `docker-compose.yml`. Thanks [@&#8203;VintageAyu](https://redirect.github.com/VintageAyu). - OpenAI/Gateway: flush the initial chat stream chunk correctly so first-token streaming is visible instead of being delayed behind later chunks. - Gateway/media: skip media sidecar handling for unrelated HTTP routes so non-media requests do not pay the media route behavior. - Discord: show reasoning text in progress drafts so streaming replies expose useful thinking/progress instead of blank draft updates. - Auth profiles: avoid putting providers on cooldown for format-level rejections, so fallback profiles can still be tried when a model name is unsupported. - Update/plugins: tolerate corrupt managed plugin records during update so core package updates can still complete and report the plugin repair path. - Update: stop dev-channel updates cleanly after a fetch failure instead of continuing into later update steps. - Agents/generated media: treat attachment-style message tool actions as completed chat sends, preventing duplicate fallback media posts when generated files were already uploaded. ### [`v2026.5.4`](https://redirect.github.com/openclaw/openclaw/releases/tag/v2026.5.4): openclaw 2026.5.4 [Compare Source](https://redirect.github.com/openclaw/openclaw/compare/v2026.5.3...v2026.5.4) #### 2026.5.4 ##### Highlights - Google Meet/Voice Call: make Twilio dial-in joins speak through the realtime Gemini voice bridge with paced audio streaming, backpressure-aware buffering, barge-in queue clearing, and no TwiML fallback during realtime speech, giving Meet participants a much snappier OpenClaw voice agent. ([#&#8203;77064](https://redirect.github.com/openclaw/openclaw/issues/77064)) Thanks [@&#8203;scoootscooob](https://redirect.github.com/scoootscooob). ##### Changes - Gateway/Windows: bind the default loopback gateway listener only to `127.0.0.1` on Windows so libuv's dual-stack `::1` behavior cannot wedge localhost HTTP requests. ([#&#8203;69701](https://redirect.github.com/openclaw/openclaw/issues/69701), fixes [#&#8203;69674](https://redirect.github.com/openclaw/openclaw/issues/69674)) Thanks [@&#8203;SARAMALI15792](https://redirect.github.com/SARAMALI15792). - Plugins/migration: emit catalog-backed install hints when `plugins.entries` or `plugins.allow` references an official external plugin that is not installed, so upgraded configs point operators to `openclaw plugins install <spec>` instead of telling them to remove valid plugin config. ([#&#8203;77483](https://redirect.github.com/openclaw/openclaw/issues/77483)) Thanks [@&#8203;hclsys](https://redirect.github.com/hclsys). - OpenAI/Codex media: advertise Codex audio transcription in runtime and manifest metadata and route active Codex chat models to the OpenAI transcription default instead of sending chat model ids to audio transcription. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Dependencies: refresh runtime and provider packages including Pi 0.73.0, ACPX adapters, OpenAI, Anthropic, Slack, and TypeScript native preview, while keeping the Bedrock runtime installer override pinned below the Windows ARM Node 24 npm resolver failure. - Agents/performance: pass the resolved workspace through BTW, compaction, embedded-run model generation, and PDF model setup so explicit agent-dir model refreshes can reuse the current workspace-scoped plugin metadata snapshot instead of falling back to cold plugin metadata scans. ([#&#8203;77519](https://redirect.github.com/openclaw/openclaw/issues/77519), [#&#8203;77532](https://redirect.github.com/openclaw/openclaw/issues/77532)) - Plugins/performance: let unscoped model catalog and manifest-contract readers reuse the current workspace-compatible plugin metadata snapshot, avoiding repeated cold plugin metadata scans on hot control-plane paths while preserving env/config/workspace compatibility checks. ([#&#8203;77519](https://redirect.github.com/openclaw/openclaw/issues/77519), [#&#8203;77532](https://redirect.github.com/openclaw/openclaw/issues/77532)) - Config/plugin auto-enable: prefer the claiming plugin manifest id over a built-in channel alias when auto-allowlisting a configured channel, so WeCom/Yuanbao-style aliases resolve to the installed plugin id. Thanks [@&#8203;Beandon13](https://redirect.github.com/Beandon13). - Secrets/apply: preserve auth-profile `keyRef` and `tokenRef` fields when scrubbing provider-target secrets, so the canonical SecretRef metadata survives `secrets apply` without keeping plaintext values. Thanks [@&#8203;Beandon13](https://redirect.github.com/Beandon13). - Plugins/active-memory: skip session-store channel entries that contain `:` when resolving the recall subagent's channel, so QQ c2c agent IDs (e.g. `c2c:10D4F7C2…`) and other scoped conversation IDs do not reach bundled-plugin `dirName` validation and crash the recall run. The same guard already applied to explicit `channelId` params ([#&#8203;76704](https://redirect.github.com/openclaw/openclaw/issues/76704)); this extends it to store-derived channels. ([#&#8203;77396](https://redirect.github.com/openclaw/openclaw/issues/77396)) Thanks [@&#8203;hclsys](https://redirect.github.com/hclsys). - Secrets/external channel contracts: also look in `<rootDir>/dist/` when resolving the `secret-contract-api` sidecar, so npm-published externalized channel plugins (e.g. `@openclaw/discord` since 2026.5.2) whose compiled artifacts live under `dist/` actually contribute their channel SecretRef contracts to the runtime snapshot. Without this, env-backed `channels.discord.token` SecretRefs silently failed to resolve at gateway start on 2026.5.3, leaving the channel `not configured` even though [#&#8203;76449](https://redirect.github.com/openclaw/openclaw/issues/76449) had landed the generic external-contract loader. Thanks [@&#8203;mogglemoss](https://redirect.github.com/mogglemoss). - Models/auth: add `openclaw models auth list [--provider <id>] [--json]` so users can inspect saved per-agent auth profiles without dumping secrets or hitting the old “too many arguments” path. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Control UI/header: show the active agent name in dashboard breadcrumbs without adding the current session key, keeping non-chat views oriented without crowding the topbar. - Control UI/cron: make the New Job sidebar collapsible so the jobs list can reclaim space while keeping the form one click away. Thanks [@&#8203;BunsDev](https://redirect.github.com/BunsDev). - Gateway/startup: keep model-catalog test helpers, run-session lookup code, QR pairing helpers, and TypeBox memory-tool schema construction out of hot startup import paths, reducing default gateway benchmark plugin-load and memory pressure. - Control UI/performance: record browser long animation frame or long task entries in the debug event log when supported, making slow dashboard renders easier to attribute from the UI. - Slack/streaming: add `streaming.progress.render: "rich"` for Block Kit progress drafts backed by structured progress line data. - Slack/streaming: keep the newest rich progress lines when Block Kit limits trim long progress drafts. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Channels/streaming: cap progress-draft tool lines by default so edited progress boxes avoid jumpy reflow from long wrapped lines. - Agents/verbose: use compact explain-mode tool summaries for `/verbose` and progress drafts by default, with `agents.defaults.toolProgressDetail: "raw"` and per-agent overrides for debugging raw command/detail output. - Control UI/chat: add an agent-first filter to the chat session picker, keep chat controls/composer responsive across phone/tablet/desktop widths, keep desktop chat controls on one row, avoid duplicate avatar refreshes during initial chat load, and hide that row while scrolling down the transcript. Thanks [@&#8203;BunsDev](https://redirect.github.com/BunsDev). - Control UI/chat: collapse consecutive duplicate text messages into one bubble with a count so no-op heartbeat acknowledgements stay compact without hiding nearby context. - Agents/subagents: preserve every grouped child result when direct completion fallback has to bypass the requester-agent announce turn. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - TTS/telephony: honor provider voice/model overrides in telephony synthesis providers so Google Meet agent speech logs match the backend that actually produced the audio. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Voice Call/realtime: bound the paced Twilio audio queue and close overloaded realtime streams before provider audio can pile up behind the websocket backpressure guard. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Docs: clarify that IRC uses raw TCP/TLS sockets outside operator-managed forward proxy routing, so direct IRC egress should be explicitly approved before enabling IRC. Thanks [@&#8203;jesse-merhi](https://redirect.github.com/jesse-merhi). - Gateway/performance: defer non-readiness sidecars until after the ready signal, avoid hot-path channel plugin barrel imports, and fast-path trusted bundled plugin metadata during Gateway startup. - Gateway/performance: avoid importing `jiti` on native-loadable plugin startup paths, so compiled bundled plugin surfaces do not pay source-transform loader cost unless fallback loading is actually needed. - Gateway/diagnostics: add startup phase spans, active work labels, stale terminal bridge markers, and default sync-I/O tracing in `pnpm gateway:watch` so slow Gateway turns are easier to attribute from logs and stability diagnostics. - Plugins/loader: preserve real compiled plugin module evaluation errors on the native fast path instead of treating every thrown `.js` module as a source-transform fallback miss. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - QA/Mantis: add `pnpm openclaw qa mantis slack-desktop-smoke` to run Slack live QA inside a Crabbox VNC desktop, open Slack Web, and capture desktop screenshots beside the Slack QA artifacts. - QA/Mantis: pass the runtime env through desktop-browser Crabbox and artifact-copy child commands, so embedded Mantis callers can provide Crabbox credentials without mutating the parent process. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - QA/Mantis: return the copied Slack desktop screenshot path even when remote Slack QA fails, so the CLI still prints the failure screenshot artifact. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - QA/Mantis: accept Blacksmith Testbox `tbx_...` lease ids from desktop smoke warmup, so provider overrides do not fail before inspect/run. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - QA/Codex harness: add targeted live Docker/Testbox diagnostics, auth preflight checks, cache mount fixes, and app-server protocol checkout discovery so maintainer harness failures are easier to reproduce. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/update: treat official externalized bundled npm migrations and ClawHub-to-npm fallbacks as trusted source-linked installs, so prerelease-only official plugin packages can migrate from bundled builds without being rejected as unsafe prerelease resolutions. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/update: move ClawHub-preferred externalized plugin installs back to ClawHub after an earlier npm fallback once the ClawHub package becomes available. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/update: clean stale bundled load paths for already-externalized pinned npm and ClawHub plugin installs, so release-channel sync does not leave removed bundled paths ahead of the installed external package. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Telegram: accept plugin-owned numeric forum-topic targets in the agent message tool and keep reply-dispatch provider chunks behind a real stable runtime alias during in-place package updates. Fixes [#&#8203;77137](https://redirect.github.com/openclaw/openclaw/issues/77137). Thanks [@&#8203;richardmqq](https://redirect.github.com/richardmqq). - Google Meet: preserve `realtime.introMessage: ""` so realtime Chrome joins can stay silent instead of restoring the default spoken intro. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/SDK: add bounded `before_agent_finalize` retry instructions so workflow plugins can request one more model pass. Thanks [@&#8203;100yenadmin](https://redirect.github.com/100yenadmin). - Discord/status: add degraded Discord transport and gateway event-loop starvation signals to `openclaw channels status`, `openclaw status --deep`, and fetch-timeout logs so intermittent socket resets do not look like a healthy running channel. ([#&#8203;76327](https://redirect.github.com/openclaw/openclaw/issues/76327)) Thanks [@&#8203;joshavant](https://redirect.github.com/joshavant). - Providers/OpenRouter: add opt-in response caching params that send OpenRouter's `X-OpenRouter-Cache`, `X-OpenRouter-Cache-TTL`, and cache-clear headers only on verified OpenRouter routes. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Providers/OpenRouter: expand app-attribution categories so OpenClaw advertises coding, programming, writing, chat, and personal-agent usage on verified OpenRouter routes. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/update: make package upgrades swap pnpm/npm-prefix installs cleanly, keep legacy plugin install runtime chunks working, and on the beta channel fall back default-line npm plugins to default/latest when plugin beta releases are missing or fail install validation. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc) and [@&#8203;joshavant](https://redirect.github.com/joshavant). - Channels/WhatsApp: support explicit WhatsApp Channel/Newsletter `@newsletter` outbound message targets with channel session metadata instead of DM routing. Fixes [#&#8203;13417](https://redirect.github.com/openclaw/openclaw/issues/13417); carries forward the narrow outbound target idea from [#&#8203;13424](https://redirect.github.com/openclaw/openclaw/issues/13424). Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc) and [@&#8203;agentz-manfred](https://redirect.github.com/agentz-manfred). - Exec approvals: add a tree-sitter-backed shell command explainer for future approval and command-review surfaces. ([#&#8203;75004](https://redirect.github.com/openclaw/openclaw/issues/75004)) Thanks [@&#8203;jesse-merhi](https://redirect.github.com/jesse-merhi). - Agents/sandbox: store sandbox container and browser registry entries as per-runtime shard files, reducing unrelated session lock contention while `openclaw doctor --fix` migrates legacy monolithic registry files. ([#&#8203;74831](https://redirect.github.com/openclaw/openclaw/issues/74831)) Thanks [@&#8203;luckylhb90](https://redirect.github.com/luckylhb90). - Plugins/ClawHub: annotate 429 errors from ClawHub with the reset window from `RateLimit-Reset`/`Retry-After` and append a `Sign in for higher rate limits.` hint when the request was unauthenticated, so users can see when downloads will recover and how to lift the cap. Thanks [@&#8203;romneyda](https://redirect.github.com/romneyda). - Plugins/runtime state: add `registerIfAbsent` for atomic keyed-store dedupe claims that return whether a plugin successfully claimed a key without overwriting an existing live value. Thanks [@&#8203;amknight](https://redirect.github.com/amknight). - Plugin SDK: add plugin-owned `SessionEntry` slot projection and scoped trusted-policy session extension reads. ([#&#8203;75609](https://redirect.github.com/openclaw/openclaw/issues/75609); replaces part of [#&#8203;73384](https://redirect.github.com/openclaw/openclaw/issues/73384)/[#&#8203;74483](https://redirect.github.com/openclaw/openclaw/issues/74483)) Thanks [@&#8203;100yenadmin](https://redirect.github.com/100yenadmin). - Sandbox/Windows: accept drive-absolute Docker bind sources while keeping sandbox blocked-path and allowed-root policy comparisons Windows-case-insensitive. ([#&#8203;42174](https://redirect.github.com/openclaw/openclaw/issues/42174)) Thanks [@&#8203;6607changchun](https://redirect.github.com/6607changchun). ##### Fixes - Plugins/install: honor the beta update channel for onboarding and doctor-managed plugin installs by requesting floating npm and ClawHub specs with `@beta` while keeping persistent install records on the catalog default. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - WhatsApp/onboarding: canonicalize setup and pairing allowlist entries to WhatsApp's digit-only phone ids while still accepting E.164, JID, and `whatsapp:` inputs, so personal-phone allowlists match WhatsApp Web sender ids after setup. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway/startup: load provider plugins that own explicitly configured image, video, or music generation defaults so generation tools become live after gateway restart instead of remaining catalog-only. Fixes [#&#8203;77244](https://redirect.github.com/openclaw/openclaw/issues/77244). Thanks [@&#8203;buyuangtampan](https://redirect.github.com/buyuangtampan), [@&#8203;Nikoxx99](https://redirect.github.com/Nikoxx99), and [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Slack/subagents: keep resumed parent `message.send` calls in the originating Slack thread when ambient session thread context is present, and suppress successful silent child completion rows from follow-up findings. Thanks [@&#8203;bek91](https://redirect.github.com/bek91). - Slack/mentions: record thread participation for successful visible threaded Slack sends, including message-tool and media delivery paths, so unmentioned replies in bot-participated threads can bypass mention gating as documented. Fixes [#&#8203;77648](https://redirect.github.com/openclaw/openclaw/issues/77648). Thanks [@&#8203;bek91](https://redirect.github.com/bek91). - Infra/Windows: skip the POSIX `/tmp/openclaw` preferred path on Windows in `resolvePreferredOpenClawTmpDir` so log files, TTS temp files, and other writes land in `%TEMP%\openclaw-<uid>` instead of `C:\tmp\openclaw`. Fixes [#&#8203;60713](https://redirect.github.com/openclaw/openclaw/issues/60713). Thanks [@&#8203;juan-flores077](https://redirect.github.com/juan-flores077). - Media/Windows: open saved attachment temp files read/write before fsync so Windows WebChat and `chat.send` media offloads no longer fail with EPERM during durability flush. ([#&#8203;76593](https://redirect.github.com/openclaw/openclaw/issues/76593)) Thanks [@&#8203;qq230849622-a11y](https://redirect.github.com/qq230849622-a11y). - Agents/tools: honor narrow runtime tool allowlists when constructing embedded-runner tool families and bundled MCP/LSP runtimes, so cron/subagent runs that request tools such as `update_plan`, `browser`, `x_search`, channel login tools, or `group:plugins` no longer start with missing tools or unrelated bootstrap work. ([#&#8203;77519](https://redirect.github.com/openclaw/openclaw/issues/77519), [#&#8203;77532](https://redirect.github.com/openclaw/openclaw/issues/77532)) - Codex plugin: mirror the experimental upstream app-server protocol and format generated TypeScript before drift checks, keeping OpenClaw's `experimentalApi` bridge compatible with latest Codex while preserving formatter gates. - Telegram/media: derive no-caption inbound media placeholders from saved MIME metadata instead of the Telegram `photo` shape, so non-image and mixed attachments no longer reach the model as `<media:image>`. Fixes [#&#8203;69793](https://redirect.github.com/openclaw/openclaw/issues/69793). Thanks [@&#8203;aspalagin](https://redirect.github.com/aspalagin). - Telegram/streaming: reuse the active preview as the first chunk for long text finals, so multi-chunk replies no longer create a transient extra bubble that appears and then disappears. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Agents/cache: keep per-turn runtime context out of ordinary chat system prompts while still delivering hidden current-turn context, restoring prompt-cache reuse on chat continuations. Fixes [#&#8203;77431](https://redirect.github.com/openclaw/openclaw/issues/77431). Thanks [@&#8203;Udjin79](https://redirect.github.com/Udjin79). - Gateway/startup: include resolved thinking and fast-mode defaults in the `agent model` startup log line, defaulting unset startup thinking to `medium` without mixing in reasoning visibility. - Gateway/update: resolve local gateway probe auth from the installed config during post-update restart verification, so token/device-authenticated VPS gateways are not misreported as unhealthy port conflicts after a package swap. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Agents/Tools: add post-compaction loop guard in `pi-embedded-runner` that arms after auto-compaction-retry and aborts the run with `compaction_loop_persisted` when the agent emits the same `(tool, args, result)` triple `windowSize` times (default 3) within that window. Disable via existing `tools.loopDetection.enabled`; tune via `tools.loopDetection.postCompactionGuard.windowSize`. Targets the failure mode where context-overflow + compaction does not break a tool-call loop. Refs [#&#8203;77474](https://redirect.github.com/openclaw/openclaw/issues/77474); carries forward [#&#8203;21597](https://redirect.github.com/openclaw/openclaw/issues/21597). Thanks [@&#8203;efpiva](https://redirect.github.com/efpiva). - Gateway/watch: suppress sync-I/O trace output during `pnpm gateway:watch --benchmark` unless explicitly requested, so CPU profiling no longer floods the terminal with stack traces. - Gateway/watch: when benchmark sync-I/O tracing is explicitly enabled, tee trace blocks to the benchmark output log and filter them from the terminal pane while keeping normal Gateway logs visible. - Plugins/runtime-deps: include `json5` in the memory-core plugin runtime dependency set so packaged `memory_search` sandboxes can resolve generated OpenClaw runtime chunks that parse JSON5 config. Fixes [#&#8203;77461](https://redirect.github.com/openclaw/openclaw/issues/77461). - Plugins/Windows: show a Git install hint when npm plugin installation fails with `spawn git ENOENT`, and document the WhatsApp plugin's Git-on-PATH requirement for Baileys/libsignal installs. - Codex harness: preserve app-server usage-limit reset details and deliver OpenClaw-owned runtime failure notices through tool-only source-reply mode, so Telegram and other chat channels tell users when Codex subscription limits or API failures block a turn instead of going silent. ([#&#8203;77557](https://redirect.github.com/openclaw/openclaw/issues/77557)) Thanks [@&#8203;pashpashpash](https://redirect.github.com/pashpashpash). - Agents/OpenAI: default direct OpenAI Responses models to the SSE transport instead of WebSocket auto-selection, preventing pi runtime chat turns from hanging on servers where the WebSocket path stalls while the OpenAI HTTP stream works. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/update: repair missing plugin-local `openclaw` peer links before skipping unchanged npm plugin updates, so current external Codex installs can recover `openclaw/plugin-sdk/*` resolution during OTA repair. ([#&#8203;77544](https://redirect.github.com/openclaw/openclaw/issues/77544)) Thanks [@&#8203;ProspectOre](https://redirect.github.com/ProspectOre). - Discord/replies: treat failed final reply delivery as a failed turn instead of counting it as a delivered automatic visible reply, so guild/channel turns no longer show done when the final message was dropped. Fixes [#&#8203;77520](https://redirect.github.com/openclaw/openclaw/issues/77520). Thanks [@&#8203;Patrick-Erichsen](https://redirect.github.com/Patrick-Erichsen). - Discord: prefer IPv4 for Discord REST and gateway WebSocket startup paths so IPv4-only networks no longer stall before Gateway READY and inbound message dispatch. Fixes [#&#8203;77398](https://redirect.github.com/openclaw/openclaw/issues/77398); refs [#&#8203;77526](https://redirect.github.com/openclaw/openclaw/issues/77526). Thanks [@&#8203;Beandon13](https://redirect.github.com/Beandon13). - Channels/plugins: key bundled package-state probes, env/config presence, and read-only command defaults by channel id instead of manifest plugin id, preserving setup and native-command detection for channel plugins whose package id differs from the channel alias. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Docker: prune package-excluded plugin dist directories from runtime images unless the build explicitly opts that plugin in, so official external plugins such as Feishu stay install-on-demand instead of shipping partial metadata without compiled runtime output. Fixes [#&#8203;77424](https://redirect.github.com/openclaw/openclaw/issues/77424). Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Model switching: include the exact additive allowlist repair command when `/model ... --runtime ...` targets a blocked model, and make Telegram's model picker say that it changes only the session model while leaving the runtime unchanged. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Mattermost: clarify that the model picker only changes the session model and that runtime switches require `/oc_model <provider/model> --runtime <runtime>`. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Doctor/config: keep active `auth.profiles` metadata intact when `doctor --fix` strips stale secret fields from configs, repairing legacy `<provider>:default` API-key profile metadata when model fallbacks or explicit `model@profile` refs still depend on it. Fixes [#&#8203;77400](https://redirect.github.com/openclaw/openclaw/issues/77400). - Doctor/plugins: include `plugins.allow`-only official plugin ids in the release configured-plugin repair set, so `doctor --fix` installs official external plugins that are configured but not yet loaded instead of removing them as stale allow entries. Fixes [#&#8203;77155](https://redirect.github.com/openclaw/openclaw/issues/77155). Thanks [@&#8203;hclsys](https://redirect.github.com/hclsys). - Doctor/sessions: clear auto-created stale session routing state from the sessions store when `doctor --fix` sees plugin-owned model/runtime/auth/session bindings outside the current configured route, while leaving explicit user model choices for manual review. Refs [#&#8203;68615](https://redirect.github.com/openclaw/openclaw/issues/68615). - CLI/update: disable and skip plugins that fail package-update plugin sync, so a broken npm/ClawHub/git/marketplace plugin cannot turn a successful OpenClaw package update into a failed update result. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - CLI/update: use an absolute POSIX npm script shell during package-manager updates, so restricted PATH environments can still run dependency lifecycle scripts while updating from `--tag main`. Fixes [#&#8203;77530](https://redirect.github.com/openclaw/openclaw/issues/77530). Thanks [@&#8203;PeterTremonti](https://redirect.github.com/PeterTremonti). - Diagnostics: grant the internal diagnostics event bus to official installed diagnostics exporter plugins, so npm-installed `@openclaw/diagnostics-prometheus` can emit metrics without broadening the capability to arbitrary global plugins. Fixes [#&#8203;76628](https://redirect.github.com/openclaw/openclaw/issues/76628). Thanks [@&#8203;RayWoo](https://redirect.github.com/RayWoo). - Browser: enforce strict SSRF current-URL checks before existing-session screenshots, matching existing-session snapshot handling. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Active Memory: give timeout partial transcript recovery enough abort-settle headroom so temporary recall summaries are returned before cleanup. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Gateway/chat: clear the active reply-run guard before draining queued same-session follow-up turns, so sequential `chat.send` calls no longer trip `ReplyRunAlreadyActiveError` every other request. Fixes [#&#8203;77485](https://redirect.github.com/openclaw/openclaw/issues/77485). Thanks [@&#8203;bws14email](https://redirect.github.com/bws14email). - Agents/media: avoid sending generated image, video, and music attachments twice when streamed reply text arrives before the final `MEDIA:` directive. - CLI/sessions: cap `openclaw sessions` output to the newest 100 rows by default and add `--limit <n|all>` plus JSON pagination metadata, so repeated machine polling of large session stores cannot fan out into unbounded per-row enrichment/output work. Fixes [#&#8203;77500](https://redirect.github.com/openclaw/openclaw/issues/77500). Thanks [@&#8203;Kaotic3](https://redirect.github.com/Kaotic3). - Doctor/config: restore legacy group chat config migrations for `routing.allowFrom`, `routing.groupChat.*`, and `channels.telegram.requireMention` so upgrades keep WhatsApp, Telegram, and iMessage group mention gates and history settings instead of leaving configs invalid or silently blocked. Thanks [@&#8203;scoootscooob](https://redirect.github.com/scoootscooob). - CLI/update: make package-update follow-up processes write completion results and exit explicitly, so Windows packaged upgrades do not hang after the new package finishes post-core plugin work. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Release validation: skip Slack live QA unless Slack credentials are explicitly configured, so release gates can keep proving non-Slack surfaces while Slack is still local and credential-gated. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Plugins/update: treat OpenClaw CalVer correction versions like `2026.5.3-1` as satisfying base plugin API ranges, so correction builds can install plugins that require the base runtime API. Fixes [#&#8203;77293](https://redirect.github.com/openclaw/openclaw/issues/77293). ([#&#8203;77450](https://redirect.github.com/openclaw/openclaw/issues/77450)) Thanks [@&#8203;p3nchan](https://redirect.github.com/p3nchan). - Discord/Gateway startup: retry Discord READY waits with backoff, defer startup `sessions.list` and native approval readiness failures until sidecars recover, and preserve component-only Discord payloads when final reply scrubbing removes all text. ([#&#8203;77478](https://redirect.github.com/openclaw/openclaw/issues/77478)) Thanks [@&#8203;NikolaFC](https://redirect.github.com/NikolaFC). - CLI/launcher: forward termination signals to compile-cache respawn children, so killing a wrapper process no longer leaves the security audit worker orphaned. Fixes [#&#8203;77458](https://redirect.github.com/openclaw/openclaw/issues/77458). Thanks [@&#8203;jaikharbanda](https://redirect.github.com/jaikharbanda). - Plugins/registry: recover managed-npm external plugins from the owned npm root when a stale persisted registry would otherwise hide them after package-manager upgrades. Fixes [#&#8203;77266](https://redirect.github.com/openclaw/openclaw/issues/77266). Thanks [@&#8203;p3nchan](https://redirect.github.com/p3nchan). - fix(gateway): clamp unbound websocket auth scopes \[AI]. ([#&#8203;77413](https://redirect.github.com/openclaw/openclaw/issues/77413)) Thanks [@&#8203;pgondhi987](https://redirect.github.com/pgondhi987). - Gate zalouser startup name matching \[AI]. ([#&#8203;77411](https://redirect.github.com/openclaw/openclaw/issues/77411)) Thanks [@&#8203;pgondhi987](https://redirect.github.com/pgondhi987). - Active Memory: send a bounded latest-message search query to the recall worker so channel/runtime metadata does not become the memory search string. Fixes [#&#8203;65309](https://redirect.github.com/openclaw/openclaw/issues/65309). Thanks [@&#8203;joeykrug](https://redirect.github.com/joeykrug), [@&#8203;westley3601](https://redirect.github.com/westley3601), [@&#8203;pimenov](https://redirect.github.com/pimenov), and [@&#8203;tasi333](https://redirect.github.com/tasi333). - fix(device-pair): require pairing scope for pair command \[AI]. ([#&#8203;76377](https://redirect.github.com/openclaw/openclaw/issues/76377)) Thanks [@&#8203;pgondhi987](https://redirect.github.com/pgondhi987). - Providers/OpenRouter: keep DeepSeek V4 `reasoning_effort` on OpenRouter-supported values, mapping stale `max` thinking overrides to `xhigh` so `openrouter/deepseek/deepseek-v4-pro` no longer fails with OpenRouter's invalid-effort 400. Fixes [#&#8203;77350](https://redirect.github.com/openclaw/openclaw/issues/77350). ([#&#8203;77423](https://redirect.github.com/openclaw/openclaw/issues/77423)) Thanks [@&#8203;krllagent](https://redirect.github.com/krllagent), [@&#8203;mushuiyu886](https://redirect.github.com/mushuiyu886), and [@&#8203;sallyom](https://redirect.github.com/sallyom). - fix(qqbot): keep private commands off framework surface \[AI]. ([#&#8203;77212](https://redirect.github.com/openclaw/openclaw/issues/77212)) Thanks [@&#8203;pgondhi987](https://redirect.github.com/pgondhi987). - Claude CLI: honor non-off `/think` levels by passing Claude Code's session-scoped `--effort` flag through the CLI backend seam, so chat bridges no longer show an inert thinking control. Fixes [#&#8203;77303](https://redirect.github.com/openclaw/openclaw/issues/77303). Thanks [@&#8203;Petr1t](https://redirect.github.com/Petr1t). - Agents/subagents: refresh deferred final-delivery payloads when same-session completion output changes, so retried parent notifications use the final child summary instead of stale progress text. Thanks [@&#8203;vincentkoc](https://redirect.github.com/vincentkoc). - Agents/media: route async music and video completion results back through the requester agent, preserving automatic replies while requiring the message tool only for message-tool-only group/channel delivery. - active-memory: skip the memory sub-agent gracefully instead of logging a confusing allowlist error when no memory plugin (`memory-core` or `memory-lancedb`) is loaded, so active-memory with no memory backend no longer produces misleading "No callable tools remain" warnings in the gateway log. Fixes [#&#8203;77506](https://redirect.github.com/openclaw/openclaw/issues/77506). Thanks [@&#8203;hclsys](https://redirect.github.com/hclsys). - Memory/wiki: preserve representation from both corpora in `corpus=all` searches while backfilling unused result capacity, so memory hits are not starved by numerically higher wiki integer scores. Fixes [#&#8203;77337](https://redirect.github.com/openclaw/openclaw/issues/77337). Thanks [@&#8203;hclsys](https://redirect.github.com/hclsys). - Docker/compose: pin container-side `OPENCLAW_CONFIG_DIR` and `OPENCLAW_WORKSPACE_DIR` on both gateway and CLI services so the host paths written into `.env` by `scripts/docker/setup.sh` (used as Compose bind-mount sources) cannot leak into runtime code via the `env_file` import. Fixes regressions on macOS Docker setups where the first agent reply died with `EACCES: permission denied, mkdir '/Users'` because the host-style workspace path got persisted into `agents.defaults.workspace`. Fixes [#&#8203;77436](https://redirect.github.com/openclaw/openclaw/issues/77436). Thanks [@&#8203;lonexreb](https://redirect.github.com/lonexreb). - Telegram: clean up tool-only draft previews after assistant message boundaries so transient `Surfacing...` tool-status bubbles do not linger when no matching final preview arrives. Thanks [@&#8203;BunsDev](https://redirect.github.com/BunsDev). - Slack: report `unknown error` instead of `undefined` in socket-mode startup retry logs and label the retry reason explicitly. - Telegram: let explicit forum-topic `requireMention` settings override persisted `/activate` and `/deactivate` state, so per-topic mention gates work consistently. Fixes [#&#8203;49864](https://redirect.github.com/openclaw/openclaw/issues/49864). Thanks [@&#8203;Panniantong](https://redirect.github.com/Panniantong). - Cron: surface failed isolated-run diagnostics in `cron show`, status, and run history when requested tools are unavailable, so blocked cron runs report the actual tool-policy failure instead of a misleading green result. Fixes [#&#8203;75763](https://redirect.github.com/openclaw/openclaw/issues/75763). Thanks [@&#8203;RyanSandoval](https://redirect.github.com/RyanSandoval). - TUI/escape abort: track the in-flight runId after `chat.send` resolves so pressing Esc during the gap before the first gateway event aborts the run instead of repeatedly printing `no active run`. Fixes [#&#8203;1296](https://redirect.github.com/openclaw/openclaw/issues/1296). Thanks [@&#8203;Luka </details> --- ### Configuration 📅 **Schedule**: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My43Ni4yIiwidXBkYXRlZEluVmVyIjoiNDMuNzYuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
les_clankeurs/openclaw-image-2!29
No description provided.