Omar Shahine
9b9a124cc5
Fix Codex message-tool-only source reply completion ( #95942 )
...
* fix(codex): recognize message tool source replies
* fix(codex): accept numeric source message ids
* fix(codex): account for source reply SDK surface
* fix(codex): require delivered reply receipts
* fix(codex): reject alias-routed source replies
* fix(codex): require delivered non-send telemetry
* fix(codex): honor normalized source routes
---------
Co-authored-by: Omar Shahine <10343873+omarshahine@users.noreply.github.com >
2026-06-28 12:02:36 -07:00
Josh Lehman
b5e9179063
docs: deprecate legacy session file helpers ( #97494 )
...
* docs: deprecate legacy session file helpers
* docs: update sdk deprecation budgets
2026-06-28 07:33:34 -07:00
Vincent Koc
bfffc77bfc
feat(copilot): add BYOK provider parity
2026-06-24 18:29:56 +08:00
Vincent Koc
d3019e6127
fix(copilot): tighten harness sdk boundaries
2026-06-23 15:48:27 +08:00
Vincent Koc
21d67b168a
feat(copilot): wire harness parity helpers
2026-06-23 15:48:27 +08:00
Vincent Koc
2b75806197
feat: forward-port fast talks auto mode ( #85104 )
2026-06-22 09:37:09 +08:00
Vincent Koc
8ff1d3e67b
fix(harness): surface returned tool errors
2026-06-21 07:00:11 +08:00
Vincent Koc
6ef9207201
refactor(harness): complete lifecycle parity
2026-06-21 07:00:11 +08:00
Peter Steinberger
0314819f91
fix(agents): replace prose terminal classifiers ( #93228 )
...
* fix(agents): replace prose terminal classifiers
Co-authored-by: fuller-stack-dev <263060202+fuller-stack-dev@users.noreply.github.com >
* fix(agents): preserve terminal failure lifecycles
* fix(agents): order parallel terminal summaries
* fix(agents): preserve structured post-tool silence
* fix(agents): preserve structured replay provenance
---------
Co-authored-by: fuller-stack-dev <263060202+fuller-stack-dev@users.noreply.github.com >
2026-06-15 02:53:14 -07:00
Jason (Json)
77a682c5de
fix(agents): retry empty post-tool final turns ( #93073 )
...
Recover assistant turns that complete tool work without producing a visible final answer, while preserving intentional silent replies.
Use concrete tool-instance replay safety across embedded, Codex, and Copilot runtimes so unknown, mutating, async-started, and durable recall operations fail closed. Preserve genuine empty Codex final items without promoting commentary or tool-progress echoes.
Supersedes #90872 . Thanks @fuller-stack-dev.
Co-authored-by: fuller-stack-dev <263060202+fuller-stack-dev@users.noreply.github.com >
2026-06-15 00:08:57 -07:00
sandieman2
c67dc59b02
fix(reply): deliver final reply when queued follow-up claims session; scope dedupe to routed thread ( #90943 )
...
* fix(reply): deliver final reply when queued follow-up claims session; scope dedupe to routed thread
Two core bugs caused composed replies to be silently dropped (no delivery,
no error) when a second message arrived in the same thread mid-run:
1. dispatch-from-config: ensureDispatchReplyOperation only kept the
dispatch-owned operation authoritative while it had no result. Once
runReplyAgent completed the operation to drain queued follow-ups, a
second same-thread inbound could claim the session and the first final
reply would try to re-acquire the lane instead of finishing delivery,
deadlocking behind the queued work. Keep the dispatch-owned operation
authoritative through final delivery.
2. reply-payloads-dedupe: messaging-tool reply dedupe compared only the
channel target, not the routed thread, so a send in one thread could
suppress a later reply in a different thread. Thread the routed thread
id through buildReplyPayloads + follow-up delivery and only fall back to
channel-only matching for providers without a thread-aware suppression
matcher when neither side carries thread evidence.
Adds regression tests; existing Telegram topic-suppression behavior is
preserved by gating the thread guard to providers lacking a plugin matcher.
* fix(reply): preserve threaded message delivery evidence
* fix(reply): dedupe final payloads by delivery route
* fix(slack): preserve native send thread evidence
* fix(reply): preserve explicit reply thread evidence
* fix(reply): align explicit reply route dedupe
* fix(reply): preserve delivery lane through final dispatch
* fix(mattermost): preserve threaded tool send routes
* chore(plugin-sdk): refresh API baseline
* fix(reply): align final delivery route dedupe
* fix(reply): gate followups on final delivery
* fix(reply): keep send receipts private
* fix(reply): infer implicit message provider
* fix(reply): align routed threading policy
* fix(reply): preserve queued delivery context
* fix(reply): hydrate queued system event routes
* fix(reply): hydrate queued execution routes
* fix(reply): scope final delivery barriers
* fix(slack): preserve DM target aliases
* fix(reply): mirror resolved source thread routes
* fix(mattermost): retain delayed delivery barrier
* fix(codex): separate message routing from tool policy
* fix(reply): consume normalized Slack DM targets once
* fix(slack): remove stale target alias
* style(reply): satisfy changed lint gates
* fix(mattermost): preserve explicit reply targets
* test: align Slack reply branch checks
* fix(reply): persist overflow summaries to admitted session
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-06-14 09:11:05 -07:00
brokemac79
d1299658ac
fix(active-memory): preserve verbose recall summaries ( #90739 )
...
* fix(active-memory): preserve verbose recall summaries
* fix(active-memory): require recall evidence for recovery
* fix(active-memory): recognize capped recall results
* fix(active-memory): preserve grounded recall state
* refactor(active-memory): limit recovery to completed recalls
* fix(active-memory): ground terminal recall recovery
* fix(active-memory): limit unavailable recovery to completed replies
* fix(active-memory): harden recall evidence recovery
* fix(active-memory): preserve timeout recovery contract
* fix(active-memory): preserve capped failure evidence
* fix(active-memory): reject content-only recall failures
* fix(active-memory): ground completed recall summaries
* fix(active-memory): separate hook and recall timeouts
* fix(active-memory): classify custom tool failures
* fix(active-memory): preserve harness tool evidence
* fix(active-memory): reject explicit empty results
* fix(active-memory): wait for fallback recall evidence
* fix(codex): report dynamic tool results
* fix(active-memory): separate preflight recall deadline
* fix(active-memory): normalize recall tool names
* fix(agents): classify unavailable approvals
* docs(active-memory): clarify hook timeout phases
* test(active-memory): stabilize timeout abort proof
* fix(agents): preserve successful cancellation outcomes
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-06-13 23:38:58 -07:00
Vincent Koc
b4cdd92119
fix(codex): avoid guardian review for local models ( #88630 )
...
* fix(codex): avoid guardian review for local models
* fix(codex): route app-server auto exec review
* fix(codex): make guardian requirements provider-aware
* fix(codex): block unrouted bound approvals
* fix(channels): satisfy ingress queue lint
* fix(codex): use local-model policy for side forks
* fix(extensions): satisfy ingress lint
* fix(codex): require trusted exec reviewer model
* fix(exec): share control command approval guards
* fix(codex): fail closed for unknown guardian model provider
* fix(codex): reject custom exec reviewer endpoints
* fix(codex): preserve bound providers on app-server reuse
* fix(codex): prefer qualified app-server model providers
* fix(codex): preserve guardian on model control switches
* fix(codex): retain local providers across model switches
* fix(codex): distrust aliased reviewer model refs
* fix(codex): preserve providers after thread rotation
* fix(codex): clear stale providers on qualified model switches
* fix(codex): prefer qualified models over legacy providers
* fix(codex): validate reviewer trust before auto approvals
* fix(codex): recompute reviewer policy after binding rotation
* fix(codex): normalize reviewer aliases before trust checks
* fix(codex): retain bound providers for slashed local models
* fix(codex): normalize provider trust checks for exec review
* fix(codex): ignore stale bindings for explicit providers
* fix(codex): share trusted reviewer endpoint policy
* fix(codex): keep network approvals on plugin path
* fix(codex): route provider-qualified model refs
* fix(codex): reject blank masked OpenAI base overrides
* fix(codex): scope exec reviewer alias trust
* fix(codex): distrust exec reviewer transport overrides
2026-06-09 21:38:22 -07:00
Peter Steinberger
8f6e71087b
docs: document agent harness sdk contracts
2026-06-04 22:45:30 -04:00
Vincent Koc
d10d71cdb6
fix(codex): stabilize app-server cleanup tests
2026-06-01 13:15:05 +02:00
Peter Steinberger
db4990d260
refactor: compact copilot sessions through sdk state
...
Route Copilot compaction through SDK-backed state, remove marker sidecars, preserve auth/session binding behavior in SQLite-backed plugin state, and route Copilot CLI budget compaction through native harness compaction.
2026-06-01 01:18:46 -04:00
Vincent Koc
edc0a22179
fix(agents): quarantine tools before schema normalization
2026-05-31 23:33:03 +01:00
Peter Steinberger
77f1359612
refactor: extract media and ACP core packages ( #88534 )
...
* refactor: extract media and acp core packages
* refactor: remove relocated media and acp sources
* build: wire new core packages into dependency checks
* test: alias new core packages in vitest
* build: keep media sniffer runtime dependency
* docs: refresh plugin sdk api baseline
* fix: keep normalized proposal queries non-empty
* test: keep channel timer tests isolated
* fix: keep rebased plugin checks green
* fix: preserve sms numeric allowlist entries
* test: harden exec foreground timeout failure
* test: remove duplicate skill workshop assertion
* fix: remove channel config lint suppression
* test: refresh lint suppression allowlist
2026-05-31 11:30:33 +01:00
Shakker
9a00d74044
fix: share skill workshop prompt with codex
2026-05-31 01:53:01 +01:00
Ramrajprabu
f3cfd752d3
feat(copilot): add GitHub Copilot agent runtime
...
Adds the opt-in bundled GitHub Copilot agent runtime, pinned SDK install path, docs/inventory, SDK/tool/sandbox/auth wiring, and replay/tool-safety fixes.
Verification:
- Local: git diff --check; fnm exec --using 24.15.0 pnpm tsgo:extensions; fnm exec --using 24.15.0 pnpm check:test-types; fnm exec --using 24.15.0 pnpm build.
- Autoreview local: clean for the replay-safety fix; branch autoreview engine returned empty output twice, so local autoreview plus local/Crabbox/CI proof was used.
- Crabbox focused Copilot: run_2c0db9f48a4a, 19 files / 485 tests passed.
- Crabbox additional boundary shard: run_26a246a1aa24, prompt snapshots and plugin SDK boundary/export checks passed.
- Crabbox live Copilot: run_d128e4048b4e, real gpt-4.1 turn with live_echo phase-1-green and clean session-file check.
- GitHub checks: green on head 7cc8657e0d , including Dependency Guard after exact-head approval.
Co-authored-by: Ramraj Balasubramanian <ramrajba@microsoft.com >
2026-05-29 05:15:22 +01:00
Peter Steinberger
56a5d7e865
fix(codex): defer report-mode plugin approvals
...
Route Codex app-server report-mode PreToolUse plugin approval requirements through the matching app-server approval request instead of failing closed. Shares duplicate in-flight approvals, preserves block/rewrite fail-closed behavior, and keeps generic plugin allow-always scoped to one Codex request. Supersedes #86978 ; thanks @clawSean for the original docs clarification.
2026-05-29 00:09:23 +01:00
Peter Steinberger
d93524d1cc
fix(codex): route workspace memory through tools ( #87383 )
...
* fix(codex): route workspace memory through tools
* fix(codex): preserve extra memory bootstrap files
* fix(codex): support memory_get-only context routing
* fix(codex): only tool-route canonical workspace memory
* fix(codex): keep memory fallback for sandbox workspaces
2026-05-27 20:55:27 +01:00
Peter Steinberger
bb46b79d3c
refactor: internalize OpenClaw agent runtime ( #85341 )
...
* refactor: extract agent core package
Introduce packages/agent-core as the OpenClaw-owned home for reusable agent loop, harness, session, prompt, and runtime dependency contracts.
* refactor: extract shared llm runtime
Move provider model registries, stream wrappers, OAuth helpers, and LLM utilities into src/llm with plugin-sdk barrels instead of depending on the old embedded runtime layout.
* refactor: remove pi runtime internals
Rename remaining Pi-shaped agent surfaces to OpenClaw agent runtime names, delete obsolete Pi docs and package graph checks, and add the third-party notice for incorporated code.
* refactor: tighten agent session runtime
Make agent-core/runtime dependencies explicit, consolidate compaction and session transcript helpers, and move model/session helpers behind OpenClaw-owned contracts.
* refactor: remove static model and pi auth paths
Drop static model catalogs and Pi auth bridges, move model/provider facts to manifest-owned runtime contracts, and harden internal embedded-agent utilities.
* refactor: remove legacy provider compat paths
* docs: remove agent parity notes
* fix: skip provider wildcard metadata parsing
* refactor: share session extension sdk loading
* refactor: inline acpx proxy error formatter
* refactor: fold edit recovery into edit tool
* fix: accept extension batch separator
* test: align startup provider plugin expectations
* fix: restore provider-scoped release discovery
* test: align static asset packaging expectations
* fix: run static provider catalogs during scoped discovery
* fix: add provider entry catalogs for scoped live discovery
* fix: load lightweight provider catalog entries
* fix: refresh provider-scoped plugin metadata
* fix: keep provider catalog entries on release live path
* fix: keep static manifest models in release live checks
* fix: harden release model discovery
* fix: reduce OpenAI live cache probe reasoning
* fix: disable OpenAI cache probe reasoning
* ci: extend OpenAI gateway live timeout
* fix: extend live gateway model budget
* fix: stabilize release validation regressions
* fix: honor provider aliases in model rows
* fix: stabilize release validation lanes
* fix: stabilize release memory qa
* ci: stabilize release validation lanes
* ci: prefer ipv4 for live docker node calls
* fix: restore shared tool-call stream wrapper
* ci: remove legacy pi test shard alias
* fix: clean up embedded agent test drift
* fix: stabilize runtime alias status
* fix: clean up embedded agent ci drift
* fix: restore release ci invariants
* fix: clean up post-rebase runtime drift
* fix: restore release ci checks
* fix: restore release ci after rebase
* fix: remove stale pi runtime path
* test: align compaction runtime expectations
* test: update plugin prerelease expectations
* fix: handle claude live tool approvals
* fix: stabilize release validation gates
* fix: finish agent runtime import
* test: finish post-rebase agent runtime mocks
* fix: keep codex compaction native
* fix: stabilize codex app-server hook tests
* test: isolate codex diagnostic active run
* test: remove codex diagnostic completion race
# Conflicts:
# extensions/codex/src/app-server/run-attempt.test.ts
* ci: fix full release manifest performance run id
* refactor: narrow llm plugin sdk boundary
* chore: drop generated google boundary stamps
* fix: repair rebase fallout
* fix: clean up rebased runtime references
* fix: decode codex jwt payloads as base64url
* fix: preserve shipped pi runtime alias
* fix: add scoped sdk virtual modules
* fix: decode llm codex oauth jwt as base64url
* fix: avoid stale vertex adc negative cache
* fix: harden tool arg decoding and codeql path
* fix: keep vertex adc negative checks live
* refactor: consolidate codex jwt and edit helpers
* fix: await codex oauth node runtime imports
* fix: preserve sdk tool and notice contracts
* fix: preserve shipped compat config boundaries
* fix: align codex oauth callback host
* fix: terminate agent-core loop streams on failure
* fix: keep codex oauth callback alive during fallback
* ci: include session tools in critical codeql scans
* fix: keep Cloudflare Anthropic provider auth header
* docs: redirect legacy pi runtime pages
* fix: honor bundled web provider compat discovery
* fix: protect session output spill files
* fix: keep legacy agent dir env blocked
* fix: contain auto-discovered skill symlinks
* fix: harden agent core sdk proxy surfaces
* fix: restore approval reaction sdk compat
* fix: keep live docker runs bounded
* fix: keep codex oauth redirect host aligned
* fix: resolve post-rebase agent runtime drift
* fix: redact anthropic oauth parse failures
* fix: preserve responses strict tool shaping
* fix: repair agent runtime rebase cleanup
* docs: redirect retired parity pages
* fix: bound auto-discovered resources to roots
* fix: repair post-rebase agent test drift
* fix: preserve bundled provider allowlist migration
* fix: preserve manifest-owned provider aliases
* fix: declare photon image dependency
* fix: keep provider headers out of proxy body
* fix: preserve shipped env aliases
* fix: refresh control ui i18n generated state
* fix: quote read fallback paths
* fix: preview edits through configured backend
* test: satisfy core test typecheck
* fix: preserve ZAI usage auth fallback
* test: repair codex diagnostic test
* fix: repair agent runtime rebase drift
* test: finish embedded runner import rename
* fix: repair agent runtime rebase integrations
* test: align compaction oauth fallback expectations
* fix: allow sdk-auth session models
* fix: update doctor tool schema import
* fix: preserve bedrock plugin region
* fix: stream harmony-like prose immediately
* ci: include session runtime in codeql shards
* fix: repair latest rebase integrations
* fix: honor explicit codex websocket transport
* fix: keep openai-compatible credentials provider-scoped
* fix: refresh sdk api baseline after rebase
* fix: route cli runtime aliases through openclaw harness
* test: rename stale harness mock expectation
* test: rename embedded agent overflow calls
* test: clean embedded auth test wording
* test: use openclaw stream types in deepinfra cache test
* fix: refresh sdk api baseline on latest main
* fix: honor bundled discovery compat allowlists
* fix: refresh sdk api baseline after latest rebase
* fix: remove stale rebase imports
* test: rename stale model catalog mock
* test: mock renamed doctor runtime modules
* fix: map canonical kimi env auth
* fix: use internal model registry in bench script
* fix: migrate deepinfra provider catalog entry
* fix: enforce builtin tool suppression
* fix: route compaction auth and proxy payloads safely
* refactor: prune unused llm registry leftovers
* test: update codex hooks session import
* test: fix model picker ci coverage
* test: align model picker auth mock types
2026-05-27 19:24:04 +01:00
Vincent Koc
d7d037b46f
fix(codex): quarantine unsupported dynamic tool schemas
2026-05-27 04:02:07 +02:00
Peter Steinberger
d9af23fb5a
fix(codex): log app-server approval promotion trigger
2026-05-25 01:26:37 +01:00
Jason (Json)
c08400ea7d
Fix context pressure preflight for tool-heavy sessions ( #85541 )
...
* fix context pressure preflight for tool payloads
* fix codex rendered context preflight
---------
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com >
2026-05-22 18:39:37 -07:00
Josh Lehman
cff5244a5b
feat: add context-engine host capability requirements ( #84994 )
...
* feat(context-engine): add host capability requirements
* fix(context-engine): advertise pi host capabilities
* fix: repair incompatible context engine slots
2026-05-22 10:28:08 -04:00
Kaspre
5f0bec4479
fix(agent): await local agent_end hooks ( #85007 )
...
Summary:
- The PR adds an awaited `agent_end` helper, uses it for no-channel local CLI and Codex app-server terminal pa ... erves fire-and-forget behavior for channel-backed paths, and updates docs, changelog, and regression tests.
- Reproducibility: yes. by source inspection. Current main calls `runAgentHarnessAgentEndHook` without awaiting in local CLI and Codex terminal paths, and the PR's pending-hook tests encode the failure and desired split.
Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(agents): await local agent_end hooks
- PR branch already contained follow-up commit before automerge: test: fix agent_end hook helper fixture
- PR branch already contained follow-up commit before automerge: ci: retry security checkout
- PR branch already contained follow-up commit before automerge: ci: allowlist qa-lab lifecycle fixtures
- PR branch already contained follow-up commit before automerge: fix CLI channel agent_end delivery
- PR branch already contained follow-up commit before automerge: ci: drop stale qa-lab deadcode entries
Validation:
- ClawSweeper review passed for head 97b31379d7 .
- Required merge gates passed before the squash merge.
Prepared head SHA: 97b31379d7
Review: https://github.com/openclaw/openclaw/pull/85007#issuecomment-4509911851
Co-authored-by: Kaspre <kaspre@gmail.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com >
2026-05-22 04:12:22 +00:00
Eva
a059309a9f
fix(agents): bound plugin-owned context-engine compaction with a safety timeout ( #84083 )
...
Merged via squash.
Prepared head SHA: 9121a1a5ea
Co-authored-by: 100yenadmin <239388517+100yenadmin@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-05-19 14:49:00 -07:00
Josh Avant
3ee0342061
fix(codex): honor Docker bind write policy ( #83849 )
...
* fix(codex): honor docker bind write policy
* docs: note docker bind sandbox fix
* fix(codex): expose docker sandbox fallback tools
2026-05-18 21:39:18 -05:00
Krzysztof Probola
1912be8619
fix(codex): complete dynamic tool diagnostics
...
fix(codex): complete dynamic tool diagnostics
Co-authored-by: 0x505badc0de <32790662+rozmiarD@users.noreply.github.com >
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-18 15:37:24 +01:00
Peter Steinberger
4f4d108639
chore(lint): remove underscore-dangle allow list ( #83542 )
...
* chore(lint): reduce underscore-dangle exceptions
* chore(lint): reduce more underscore exceptions
* chore(lint): remove underscore-dangle allow list
* fix(lint): repair underscore cleanup regressions
* test(lint): track version define suppression
2026-05-18 14:56:06 +01:00
Alex Knight
8a060b2904
Release embedded session write lock before model I/O ( #82891 )
...
Summary:
- The PR narrows embedded PI session transcript write-lock scope, adds stale/max-hold config plumbing, and updates affected transcript, doctor, gateway, SDK, Codex mirroring, docs, and regression-test surfaces.
- Reproducibility: yes. Current main source still holds the embedded session write lock from early attempt set ... cksmith Testbox contention proof on unmodified main; I did not rerun the live repro in this read-only pass.
Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(agents): narrow context engine session lock
- PR branch already contained follow-up commit before automerge: fix session lock runner build types
- PR branch already contained follow-up commit before automerge: Release embedded session write lock before model I/O
- PR branch already contained follow-up commit before automerge: fix(clawsweeper): address review for automerge-openclaw-openclaw-8289…
Validation:
- ClawSweeper review passed for head 4c6dd7ed6e .
- Required merge gates passed before the squash merge.
Prepared head SHA: 4c6dd7ed6e
Review: https://github.com/openclaw/openclaw/pull/82891#issuecomment-4469282923
Co-authored-by: Alex Knight <15041791+amknight@users.noreply.github.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
2026-05-17 11:54:03 +00:00
Kaspre
69a0c925b8
fix(codex): cover side-question native hooks ( #82559 )
...
* fix(codex): cover side-question native hooks
* fix(codex): enforce native approvals for app-server requests
* fix(codex): preserve approval fallback after native relay noop
* fix(codex): satisfy approval relay json typing
* fix(codex): run approval relay in report mode
* fix(codex): keep relay pre-tool decisions deny-only
* fix(codex): remove dead relay approval branch
* fix(codex): dedupe app-server relay approvals
* fix(codex): fail closed on native relay rewrites
* fix(codex): preserve side-question provider context
* fix(codex): route side-question replies to origin
* fix(codex): preserve native hook channel context
* test(codex): align native relay rewrite assertion
* fix(codex): align side-question hook config
* fix(codex): route side-question approvals safely
* test(codex): fix side-question hook typing
* fix(codex): preserve side-question hook policy context
* fix(codex): close native hook relay review gaps
* fix(codex): keep dynamic tool hook channel context
* fix(codex): preserve native finalize hook channel context
* fix(codex): scope dynamic tool result hooks by channel
* fix(codex): drop stale deadcode allowlist entry
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-17 12:02:17 +01:00
Josh Avant
e57b137aef
fix(codex): enforce native tool policy ( #82496 )
...
* fix(codex): enforce native tool policy
* docs: add changelog for codex native policy fix
* fix(codex): satisfy native hook relay lint
2026-05-16 03:02:28 -05:00
Josh Lehman
80ca48418a
feat(codex): bind context-engine projections to codex threads ( #82351 )
...
* feat(codex): bind context-engine projections to codex threads
* fix: harden Codex context-engine projection
* fix: remove unused Codex projection helper
* fix(codex): adopt compacted context-engine transcripts
2026-05-15 20:59:38 -07:00
Peter Steinberger
934fc6ceeb
fix(codex): keep app-server compaction native
2026-05-15 15:17:12 +01:00
Josh Lehman
1ee0d51e92
fix(codex): preserve MCP servers in app-server harness ( #81551 )
...
* Plumb bundle MCP config into Codex app server
* fix: align codex mcp thread config with pi
* fix: rotate codex mcp threads when disabled
* fix: scope codex bundle mcp to bundled servers
* fix(codex): resend user MCP config on resume
---------
Co-authored-by: Josh Lehman <phaedrus@Mac.hsd1.ca.comcast.net >
2026-05-13 21:05:20 -07:00
pashpashpash
78eb92e622
Route Codex message tool replies back to WebChat and TUI ( #81586 )
...
* fix: route internal ui message tool replies
* docs: document reserved codex sdk helpers
* test(gateway): stabilize sessions send agent assertion
* fix(agents): preserve rich internal source replies
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org >
2026-05-14 11:55:54 +09:00
Jason
70df2b8fe2
feat: steer mid-turn prompts by default ( #77023 )
...
Summary:
- Default active-run queueing to steer while preserving explicit followup/collect modes.
- Keep `/steer` fallback behavior and migrate retired queue steering config.
- Await Codex app-server steering acceptance so rejected/aborted steering can fall back safely.
- Route active subagent announcements through intentional acceptance-aware steering, with legacy queue helpers deprecated for delivery decisions.
Verification:
- git diff --check
- rg -n "^(<<<<<<<|=======|>>>>>>>|\|\|\|\|\|\|\|)" CHANGELOG.md docs src extensions || true
- pnpm test src/agents/subagent-announce-dispatch.test.ts src/agents/subagent-announce-delivery.test.ts src/agents/pi-embedded-runner/runs.test.ts src/agents/subagent-announce.format.e2e.test.ts src/agents/subagent-announce.test.ts
- pnpm test src/auto-reply/reply/commands-steer.test.ts src/auto-reply/reply/queue/settings.test.ts src/auto-reply/reply/queue-policy.test.ts src/auto-reply/reply/agent-runner.runreplyagent.e2e.test.ts src/auto-reply/reply/get-reply-run.media-only.test.ts extensions/codex/src/app-server/run-attempt.test.ts -- -t "queued steering|explicit all-mode steering|flushes pending default queued steering|rejects queued steering|resolveActiveRunQueueAction|resolveQueueSettings|handleSteerCommand"
Co-authored-by: fuller-stack-dev <263060202+fuller-stack-dev@users.noreply.github.com >
2026-05-13 14:00:11 +01:00
Peter Steinberger
694ca50e97
Revert "refactor: move runtime state to SQLite"
...
This reverts commit f91de52f0d .
2026-05-13 13:33:38 +01:00
Peter Steinberger
f91de52f0d
refactor: move runtime state to SQLite
...
* refactor: remove stale file-backed shims
* fix: harden sqlite state ci boundaries
* refactor: store matrix idb snapshots in sqlite
* fix: satisfy rebased CI guardrails
* refactor: store current conversation bindings in sqlite table
* refactor: store tui last sessions in sqlite table
* refactor: reset sqlite schema history
* refactor: drop unshipped sqlite table migration
* refactor: remove plugin index file rollback
* refactor: drop unshipped sqlite sidecar migrations
* refactor: remove runtime commitments kv migration
* refactor: preserve kysely sync result types
* refactor: drop unshipped sqlite schema migration table
* test: keep session usage coverage sqlite-backed
* refactor: keep sqlite migration doctor-only
* refactor: isolate device legacy imports
* refactor: isolate push voicewake legacy imports
* refactor: isolate remaining runtime legacy imports
* refactor: tighten sqlite migration guardrails
* test: cover sqlite persisted enum parsing
* refactor: isolate legacy update and tui imports
* refactor: tighten sqlite state ownership
* refactor: move legacy imports behind doctor
* refactor: remove legacy session row lookup
* refactor: canonicalize memory transcript locators
* refactor: drop transcript path scope fallbacks
* refactor: drop runtime legacy session delivery pruning
* refactor: store tts prefs only in sqlite
* refactor: remove cron store path runtime
* refactor: use cron sqlite store keys
* refactor: rename telegram message cache scope
* refactor: read memory dreaming status from sqlite
* refactor: rename cron status store key
* refactor: stop remembering transcript file paths
* test: use sqlite locators in agent fixtures
* refactor: remove file-shaped commitments and cron store surfaces
* refactor: keep compaction transcript handles out of session rows
* refactor: derive transcript handles from session identity
* refactor: derive runtime transcript handles
* refactor: remove gateway session locator reads
* refactor: remove transcript locator from session rows
* refactor: store raw stream diagnostics in sqlite
* refactor: remove file-shaped transcript rotation
* refactor: hide legacy trajectory paths from runtime
* refactor: remove runtime transcript file bridges
* refactor: repair database-first rebase fallout
* refactor: align tests with database-first state
* refactor: remove transcript file handoffs
* refactor: sync post-compaction memory by transcript scope
* refactor: run codex app-server sessions by id
* refactor: bind codex runtime state by session id
* refactor: pass memory transcripts by sqlite scope
* refactor: remove transcript locator cleanup leftovers
* test: remove stale transcript file fixtures
* refactor: remove transcript locator test helper
* test: make cron sqlite keys explicit
* test: remove cron runtime store paths
* test: remove stale session file fixtures
* test: use sqlite cron keys in diagnostics
* refactor: remove runtime delivery queue backfill
* test: drop fake export session file mocks
* refactor: rename acp session read failure flag
* refactor: rename acp row session key
* refactor: remove session store test seams
* refactor: move legacy session parser tests to doctor
* refactor: reindex managed memory in place
* refactor: drop stale session store wording
* refactor: rename session row helpers
* refactor: rename sqlite session entry modules
* refactor: remove transcript locator leftovers
* refactor: trim file-era audit wording
* refactor: clean managed media through sqlite
* fix: prefer explicit agent for exports
* fix: use prepared agent for session resets
* fix: canonicalize legacy codex binding import
* test: rename state cleanup helper
* docs: align backup docs with sqlite state
* refactor: drop legacy Pi usage auth fallback
* refactor: move legacy auth profile imports to doctor
* refactor: keep Pi model discovery auth in memory
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
* refactor: remove model json compatibility aliases
* refactor: store auth profiles in sqlite
* refactor: seed copied auth profiles in sqlite
* refactor: make auth profile runtime sqlite-addressed
* refactor: migrate hermes secrets into sqlite auth store
* refactor: move plugin install config migration to doctor
* refactor: rename plugin index audit checks
* test: drop auth file assumptions
* test: remove legacy transcript file assertions
* refactor: drop legacy cli session aliases
* refactor: store skill uploads in sqlite
* refactor: keep subagent attachments in sqlite vfs
* refactor: drop subagent attachment cleanup state
* refactor: move legacy session aliases to doctor
* refactor: require node 24 for sqlite state runtime
* refactor: move provider caches into sqlite state
* fix: harden virtual agent filesystem
* refactor: enforce database-first runtime state
* refactor: rename compaction transcript rotation setting
* test: clean sqlite refactor test types
* refactor: consolidate sqlite runtime state
* refactor: model session conversations in sqlite
* refactor: stop deriving cron delivery from session keys
* refactor: stop classifying sessions from key shape
* refactor: hydrate announce targets from typed delivery
* refactor: route heartbeat delivery from typed sqlite context
* refactor: tighten typed sqlite session routing
* refactor: remove session origin routing shadow
* refactor: drop session origin shadow fixtures
* perf: query sqlite vfs paths by prefix
* refactor: use typed conversation metadata for sessions
* refactor: prefer typed session routing metadata
* refactor: require typed session routing metadata
* refactor: resolve group tool policy from typed sessions
* refactor: delete dead session thread info bridge
* Show Codex subscription reset times in channel errors (#80456 )
* feat(plugin-sdk): consolidate session workflow APIs
* fix(agents): allow read-only agent mount reads
* [codex] refresh plugin regression fixtures
* fix(agents): restore compaction gateway logs
* test: tighten gateway startup assertions
* Redact persisted secret-shaped payloads [AI] (#79006 )
* test: tighten device pair notify assertions
* test: tighten hermes secret assertions
* test: assert matrix client error shapes
* test: assert config compat warnings
* fix(heartbeat): remap cron-run exec events to session keys (#80214 )
* fix(codex): route btw through native side threads
* fix(auth): accept friendly OpenAI order for Codex profiles
* fix(codex): rotate auth profiles inside harness
* fix: keep browser status page probe within timeout
* test: assert agents add outputs
* test: pin cron read status
* fix(agents): avoid Pi resource discovery stalls
Co-authored-by: dataCenter430 <titan032000@gmail.com >
* fix: retire timed-out codex app-server clients
* test: tighten qa lab runtime assertions
* test: check security fix outputs
* test: verify extension runtime messages
* feat(wake): expose typed sessionKey on wake protocol + system event CLI
* fix(gateway): await session_end during shutdown drain and track channel + compaction lifecycle paths (#57790 )
* test: guard talk consult call helper
* fix(codex): scale context engine projection (#80761 )
* fix(codex): scale context engine projection
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* chore: align Codex projection changelog
* chore: realign Codex projection changelog
* fix: isolate Codex projection patch
---------
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
* refactor: move agent runtime state toward piless
* refactor: remove cron session reaper
* refactor: move session management to sqlite
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: remove stale file-backed shims
* test: harden kysely type coverage
# Conflicts:
# .agents/skills/kysely-database-access/SKILL.md
# src/infra/kysely-sync.types.test.ts
# src/proxy-capture/store.sqlite.test.ts
# src/state/openclaw-agent-db.test.ts
# src/state/openclaw-state-db.test.ts
* refactor: remove cron store path runtime
* refactor: keep compaction transcript handles out of session rows
* refactor: derive embedded transcripts from sqlite identity
* refactor: remove embedded transcript locator handoff
* refactor: remove runtime transcript file bridges
* refactor: remove transcript file handoffs
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
# Conflicts:
# docs/cli/secrets.md
# docs/gateway/authentication.md
# docs/gateway/secrets.md
* fix: keep oauth sibling sync sqlite-local
# Conflicts:
# src/commands/onboard-auth.test.ts
* refactor: remove task session store maintenance
# Conflicts:
# src/commands/tasks.ts
* refactor: keep diagnostics in state sqlite
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* Show Codex subscription reset times in channel errors (#80456 )
* fix(codex): refresh subscription limit resets
* fix(codex): format reset times for channels
* Update CHANGELOG with latest changes and fixes
Updated CHANGELOG with recent fixes and improvements.
* fix(codex): keep command load failures on codex surface
* fix(codex): format account rate limits as rows
* fix(codex): summarize account limits as usage status
* fix(codex): simplify account limit status
* test: tighten subagent announce queue assertion
* test: tighten session delete lifecycle assertions
* test: tighten cron ops assertions
* fix: track cron execution milestones
* test: tighten hermes secret assertions
* test: assert matrix sync store payloads
* test: assert config compat warnings
* fix(codex): align btw side thread semantics
* fix(codex): honor codex fallback blocking
* fix(agents): avoid Pi resource discovery stalls
* test: tighten codex event assertions
* test: tighten cron assertions
* Fix Codex app-server OAuth harness auth
* refactor: move agent runtime state toward piless
* refactor: move device and push state to sqlite
* refactor: move runtime json state imports to doctor
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: clarify cron sqlite store keys
* refactor: remove stale file-backed shims
* refactor: bind codex runtime state by session id
* test: expect sqlite trajectory branch export
* refactor: rename session row helpers
* fix: keep legacy device identity import in doctor
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* build: align pi contract wrappers
* chore: repair database-first rebase
* refactor: remove session file test contracts
* test: update gateway session expectations
* refactor: stop routing from session compatibility shadows
* refactor: stop persisting session route shadows
* refactor: use typed delivery context in clients
* refactor: stop echoing session route shadows
* refactor: repair embedded runner rebase imports
# Conflicts:
# src/agents/pi-embedded-runner/run/attempt.tool-call-argument-repair.ts
* refactor: align pi contract imports
* refactor: satisfy kysely sync helper guard
* refactor: remove file transcript bridge remnants
* refactor: remove session locator compatibility
* refactor: remove session file test contracts
* refactor: keep rebase database-first clean
* refactor: remove session file assumptions from e2e
* docs: clarify database-first goal state
* test: remove legacy store markers from sqlite runtime tests
* refactor: remove legacy store assumptions from runtime seams
* refactor: align sqlite runtime helper seams
* test: update memory recall sqlite audit mock
* refactor: align database-first runtime type seams
* test: clarify doctor cron legacy store names
* fix: preserve sqlite session route projections
* test: fix copilot token cache test syntax
* docs: update database-first proof status
* test: align database-first test fixtures
* docs: update database-first proof status
* refactor: clean extension database-first drift
* test: align agent session route proof
* test: clarify doctor legacy path fixtures
* chore: clean database-first changed checks
* chore: repair database-first rebase markers
* build: allow baileys git subdependency
* chore: repair exp-vfs rebase drift
* chore: finish exp-vfs rebase cleanup
* chore: satisfy rebase lint drift
* chore: fix qqbot rebase type seam
* chore: fix rebase drift leftovers
* fix: keep auth profile oauth secrets out of sqlite
* fix: repair rebase drift tests
* test: stabilize pairing request ordering
* test: use source manifests in plugin contract checks
* fix: restore gateway session metadata after rebase
* fix: repair database-first rebase drift
* fix: clean up database-first rebase fallout
* test: stabilize line quick reply receipt time
* fix: repair extension rebase drift
* test: keep transcript redaction tests sqlite-backed
* fix: carry injected transcript redaction through sqlite
* chore: clean database branch rebase residue
* fix: repair database branch CI drift
* fix: repair database branch CI guard drift
* fix: stabilize oauth tls preflight test
* test: align database branch fast guards
* test: repair build artifact boundary guards
* chore: clean changelog rebase markers
---------
Co-authored-by: pashpashpash <nik@vault77.ai >
Co-authored-by: Eva <eva@100yen.org >
Co-authored-by: stainlu <stainlu@newtype-ai.org >
Co-authored-by: Jason Zhou <jason.zhou.design@gmail.com >
Co-authored-by: Ruben Cuevas <hi@rubencu.com >
Co-authored-by: Pavan Kumar Gondhi <pavangondhi@gmail.com >
Co-authored-by: Shakker <shakkerdroid@gmail.com >
Co-authored-by: Kaspre <36520309+Kaspre@users.noreply.github.com >
Co-authored-by: dataCenter430 <titan032000@gmail.com >
Co-authored-by: Kaspre <kaspre@gmail.com >
Co-authored-by: pandadev66 <nova.full.stack@outlook.com >
Co-authored-by: Eva <admin@100yen.org >
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
Co-authored-by: jeffjhunter <support@aipersonamethod.com >
2026-05-13 13:15:12 +01:00
Jamil Zakirov
68c77bb55d
feat(plugin-sdk): export plugin hook types
...
Add `openclaw/plugin-sdk/types` entrypoint that re-exports plugin hook
types, so external plugins can import typed hook interfaces without
reaching into internal paths.
Also export `resolveActiveEmbeddedRunSessionId` from
`agent-harness-runtime` for session resolution in embedded runs.
2026-05-13 11:40:25 +01:00
pashpashpash
42e259a696
fix(codex): route btw through native side threads
2026-05-11 12:41:21 +01:00
Peter Steinberger
15cf49222f
build: refresh deps and route testbox through crabbox
2026-05-11 03:41:00 +01:00
Peter Steinberger
1ed50b0ced
fix: expose active-run queue failure reasons
2026-05-10 13:07:42 +01:00
Peter Steinberger
e428a2dfe2
test: add focused seams for faster isolated tests
2026-05-06 00:53:05 +01:00
Peter Steinberger
782963ae66
refactor: compact generated protocol metadata
2026-05-05 20:47:38 +01:00
Peter Steinberger
35da7d2c99
refactor: remove legacy agent dir resolver
2026-05-05 20:07:49 +01:00
Peter Steinberger
5d09b4b92c
feat(agents): add tool progress detail modes
2026-05-04 01:35:27 +01:00