Jesse Merhi
64318d7624
Rework Android gateway onboarding setup ( #98752 )
...
* feat(android): rework gateway onboarding setup
* fix(android): restore protocol mismatch onboarding guidance
* fix(android): sync onboarding native i18n
* fix(android): preserve LAN manual setup prefill
* fix(android): refine onboarding node approval step
* fix(android): polish onboarding recovery actions
* test(android): cover onboarding protocol mismatch copy
* fix(android): separate onboarding node approval
* fix(android): guard onboarding node approval transitions
* fix(android): keep onboarding approval states reachable
* fix(android): wait for node access before onboarding continue
* fix(android): refresh node approval after operator handoff
* fix(android): refresh onboarding approval states
* fix(android): require approval after onboarding permission changes
* fix(android): keep onboarding approval gates active
* fix(android): preserve permission reapproval state
* fix(android): skip node approval on legacy gateways
* fix(android): wait for node approval refresh
* fix(android): preserve camera setting on upgrade
* fix(android): avoid stuck approval check spinner
* fix(android): request talk secrets on operator connects
* fix(android): avoid missed node approval completion
* fix(android): keep nearby LAN setup local
* fix(android): complete onboarding after node approval
* fix(android): reconcile onboarding with gateway auth plans
* chore(android): refresh native i18n inventory after rebase
* Fix Android onboarding review edge cases
* Fix native i18n onboarding sentinels
2026-07-03 21:20:12 +10:00
Colin Johnson
7cfc66ad07
fix(android): derive Voice readiness from Gateway catalog ( #98269 )
...
* fix(android): derive voice readiness from Gateway catalog
Co-authored-by: Colin <colin@solvely.net >
* chore(android): sync native i18n inventory
* test(gateway): use registered realtime provider ids
* fix(gateway): satisfy Talk catalog lint
* chore(android): refresh voice i18n inventory
* fix(talk): preserve runtime readiness semantics
* fix(talk): make catalog readiness authoritative
* fix(talk): validate selected provider readiness
* fix(android): honor authoritative talk readiness
* fix(android): inventory voice readiness copy
* fix(talk): report runtime-selected catalog provider
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-02 23:32:03 -07:00
Josh Avant
0cdce79221
docs: update mobile app release messaging ( #98843 )
2026-07-01 21:11:56 -05:00
Kevin Lin
d9b5afad18
fix(codex): rename destructive approval mode to ask ( #98501 )
...
* fix(codex): rename destructive approval mode to ask
* fix(codex): keep ask reviewer app-scoped
* test: fix current-main CI regressions
2026-07-01 15:14:55 -07:00
solodmd
cf2efbe5d5
docs(gateway): fix Telegram streaming default in config-channels.md ( #98453 )
...
The config example in docs/gateway/config-channels.md incorrectly
listed streaming default as "off". The actual runtime default is
"partial", as confirmed by the Telegram plugin's default resolver.
docs/channels/telegram.md already correctly documents the default
as "partial".
Co-authored-by: Claude <noreply@anthropic.com >
2026-07-01 02:33:24 -07:00
Nikhil Patel
2d9aa92d7e
docs(config-agents): correct built-in alias table for opus and gpt ( #96375 )
...
The built-in alias shorthands table listed stale model ids that no longer
match src/config/defaults.ts (DEFAULT_MODEL_ALIASES):
opus: anthropic/claude-opus-4-6 -> anthropic/claude-opus-4-8
gpt: openai/gpt-5.5 -> openai/gpt-5.4
These now match defaults.ts and the help/faq-models alias table, and resolve
an internal contradiction on this same page (its runtime-policy example already
uses anthropic/claude-opus-4-8).
2026-07-01 02:32:14 -07:00
Brian Snyder
9f98b6e174
fix(gateway): emit stale exec approval followup diagnostics ( #98293 )
...
* fix(gateway): emit stale exec approval followup diagnostics
* fix(gateway): cover approval suppression diagnostics in ci
* fix(logging): preserve approval ids in stability bundles
* docs(exec): document suppression diagnostics
---------
Co-authored-by: BSnizND <199837910+BsnizND@users.noreply.github.com >
Co-authored-by: Peter Steinberger <steipete@golden-gate.local >
2026-07-01 05:20:53 +01:00
Momo
f5d0c370d6
fix(security): warn on agent skill MCP boundary drift ( #98352 )
...
Summary:
- Merged fix(security): warn on agent skill MCP boundary drift after ClawSweeper review.
Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head ab3c29ef4c .
- Required merge gates passed before the squash merge.
Prepared head SHA: ab3c29ef4c
Review: https://github.com/openclaw/openclaw/pull/98352#issuecomment-4850104358
Co-authored-by: momothemage <niuzhengnan@163.com >
Approved-by: momothemage
2026-07-01 03:56:28 +00:00
ooiuuii
201eb9cd29
fix(gateway): iOS Talk treats SecretRef-backed API keys as missing ( #98210 )
...
* fix(gateway): resolve Talk SecretRefs for scoped native clients
* fix(gateway): constrain Talk secret materialization
* fix(gateway): redact Talk source provider secrets
* fix(gateway): satisfy Talk config lint
* docs(gateway): clarify Talk secret config payload
---------
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com >
2026-06-30 20:17:33 -05:00
ZOOWH
5a73361ed2
fix(plugins): apply output text transforms to toolcall_delta and toolcall_end events ( #97769 )
...
* fix(plugins): apply output text transforms to toolcall_delta and toolcall_end events
toolcall_delta and toolcall_end events bypassed the output replacement
pipeline, leaking masked tokens (e.g. PII placeholders) into tool call
arguments and external systems.
Closes #97761
* fix(plugins): transform nested tool call arguments in output replacements
Add recursive transformToolCallArgumentText to handle strings, arrays,
and nested objects in tool call arguments, not just the name field.
* fix(plugins): keep tool names unchanged and cover result path
- Remove toolCall.name transformation to prevent breaking tool routing
- Add arguments transform to stream.result()/done.message via
transformContentText for tool-call content blocks
* fix(plugins): narrow argument transform to toolCall content blocks only
Only transform arguments on content blocks with type=toolCall to avoid
touching non-tool-call blocks that happen to have an arguments field.
* test(plugins): assert stream.result() tool-call content block is transformed
* test(plugins): fix result-path fixture to actually contain toolCall block
The previous fixture used makeAssistantMessage('final') which produces
a plain text content block, not a toolCall block. The stream.result()
assertion was vacuously passing.
* style(plugins): fix type cast in result-path test assertion
* fix(agents): preserve tool argument transforms after repair
* refactor(agents): keep tool transform boundary narrow
---------
Co-authored-by: Peter Steinberger <steipete@golden-gate.local >
2026-06-30 17:15:01 -07:00
Jason (Json)
786abe78df
Streamline OpenClaw onboarding ( #98218 )
...
* feat: streamline onboarding setup flow
* fix: harden onboarding preflight installs
* test: isolate gateway preflight safety env
* fix: keep local gateway probes on loopback
* fix: honor onboarding node manager installs
* docs: align setup onboarding reference
* fix: harden bare gateway probe fallback
* fix: honor env gateway auth in bare TUI probe
* test: isolate wizard TUI hatch mocks
2026-06-30 11:22:26 -07:00
Alex Knight
aeab5f8418
feat: improve model call telemetry
2026-06-29 15:21:53 +10:00
Kevin Lin
c5d34c8376
feat(codex): add always plugin approval mode ( #97123 )
...
* feat(codex): add always plugin approval mode
* fix(codex): normalize plugin approval decisions
* fix(codex): fail closed on layered approval overrides
2026-06-27 01:19:00 -07:00
Gio Della-Libera
4fc504d321
Doctor: add lint --all ( #96471 )
...
* fix(doctor): keep audit scrub lint opt-in
* fix(doctor): keep audit lint defaults internal
* feat(doctor): add lint profiles
2026-06-25 22:26:42 -07:00
Josh Lehman
070996e5c3
fix: keep model-run pruning internal
2026-06-24 13:42:39 -07:00
Vincent Koc
eabc12b7d6
fix(sandbox): install supported node in common image
2026-06-24 22:54:00 +08:00
Zaid
9e68fb1178
docs(docker): document Claude CLI persistence ( #96380 )
...
Summary:
- The branch adds Docker-specific Claude CLI persistence guidance and cross-links it from the CLI backend and Anthropic provider docs.
- PR surface: Docs +101. Total +101 across 3 files.
- Reproducibility: not applicable. as a bug reproduction. Source inspection confirms the current docs gap and the PR examples match existing Docker, config, and Claude CLI backend contracts.
Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head ad95482074 .
- Required merge gates passed before the squash merge.
Prepared head SHA: ad95482074
Review: https://github.com/openclaw/openclaw/pull/96380#issuecomment-4788612433
Co-authored-by: zaidazmi <zaidazmi27@gmail.com >
Approved-by: takhoffman
2026-06-24 11:29:52 +00:00
joshavant
d4f666874f
feat: harden ios app store push release mode
2026-06-23 00:01:20 -05:00
wangjieweb3-design
a84d3b6853
docs: document local avatar file size limit ( #78884 )
...
* docs: document local avatar file size limit
* docs: update docs/gateway/config-agents.md
* docs: document local avatar file size limit
---------
Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
2026-06-23 02:17:04 +00:00
snowzlm
10113b2c9f
fix(daemon): keep systemd gateway running after child OOM ( #93585 )
...
Co-authored-by: snowzlm <snowzlm@noreply.codeberg.org >
2026-06-22 18:54:21 +00:00
thomas.szbay
9bf681d663
feat(channels): add directUserId support for per-DM model override ( #95120 )
...
Add optional directUserId field to ChannelModelOverrideParams so the
shared channels.modelByChannel resolver can match DM-specific config
entries. Callers pass sessionEntry.origin?.nativeDirectUserId.
Closes #53638
Co-authored-by: Thomas Zhengtao <thomas.zhengtao@gmail.com >
2026-06-22 17:26:01 +00:00
Vincent Koc
2b75806197
feat: forward-port fast talks auto mode ( #85104 )
2026-06-22 09:37:09 +08:00
Omar Shahine
a0714a3d68
fix(imessage): keep split-send coalescing opt-in ( #93143 )
...
Merged via squash.
Prepared head SHA: 7fc3eca084
Co-authored-by: omarshahine <10343873+omarshahine@users.noreply.github.com >
Co-authored-by: omarshahine <10343873+omarshahine@users.noreply.github.com >
Reviewed-by: @omarshahine
2026-06-21 17:12:21 -07:00
Vincent Koc
c8ab37f6fe
chore(deadcode): drop inert legacy workspace doctor check
2026-06-22 01:47:27 +08:00
Vincent Koc
a60947fb3e
fix(agents): keep live tool-result prompts cache-stable
2026-06-21 21:54:35 +08:00
Alix-007
6a27300a5b
fix(gateway): remove device-backed node pairings ( #90373 )
...
Merged via squash.
Prepared head SHA: 8bd0e964ec
Co-authored-by: Alix-007 <267018309+Alix-007@users.noreply.github.com >
Co-authored-by: steipete <58493+steipete@users.noreply.github.com >
Reviewed-by: @steipete
2026-06-19 22:04:16 +01:00
Alix-007
3fa4fdaec1
docs: fix two broken cross-reference anchors ( #93941 )
...
Merged via squash.
Prepared head SHA: 32c61da44d
Co-authored-by: Alix-007 <267018309+Alix-007@users.noreply.github.com >
Co-authored-by: steipete <58493+steipete@users.noreply.github.com >
Reviewed-by: @steipete
2026-06-19 20:27:25 +01:00
pick-cat
b677ea6726
fix(agent): resolve compaction model alias to canonical model ref ( #90885 )
...
Merged via squash.
Prepared head SHA: 72d28dc385
Co-authored-by: Pick-cat <266665499+Pick-cat@users.noreply.github.com >
Co-authored-by: steipete <58493+steipete@users.noreply.github.com >
Reviewed-by: @steipete
2026-06-19 15:03:06 +01:00
Jesse Merhi
5db2f6c1fc
Add stdout diagnostics OTEL log exporter
...
Adds stdout and both-mode diagnostics OTEL log export, with focused QA Lab smoke coverage and docs/config updates.
Prepared head SHA: efa2ef07ab
Verification: CI 27808480969 passed for the prepared head.
Reviewed-by: @jesse-merhi
2026-06-19 16:06:37 +10:00
Vincent Koc
dd5febe2aa
fix(config): preserve raw snapshots after materialization
2026-06-19 09:01:54 +08:00
Vincent Koc
943511674c
fix(config): preserve raw snapshots after materialization
2026-06-19 09:01:03 +08:00
Vincent Koc
c9605779ef
fix(doctor): warn on volatile SQLite state ( #94725 )
...
* fix(doctor): warn on volatile SQLite state
* fix(doctor): resolve symlinked state paths
2026-06-19 08:56:37 +08:00
Vincent Koc
21728777df
feat(plugins): externalize official provider batch
2026-06-19 01:05:52 +08:00
Vincent Koc
beea31a6b5
feat(firecrawl): add keyless scrape support ( #94551 )
...
Merged under maintainer approval while exact-head CI was queue-bound.
Co-authored-by: Developers Digest <124798203+developersdigest@users.noreply.github.com >
Co-authored-by: Vincent Koc <vincentkoc@users.noreply.github.com >
2026-06-19 00:23:41 +08:00
Alix-007
4d6befe7cd
fix(doctor): clear inert legacy cron notify markers ( #89396 )
...
Stop repeated cron doctor warnings by removing inert top-level `notify` metadata when `cron.webhook` is unset. Existing delivery stays unchanged, while configured invalid webhook URLs keep the actionable warning.
Fixes #44460 .
Co-authored-by: Alix-007 <li.long15@xydigit.com >
Reviewed-by: @steipete
2026-06-17 16:21:22 +02:00
huangjianxiong
73df6d48af
fix(secrets): explicitly pass BWS_SERVER_URL to resolver for self-hosted instances ( #93929 )
...
Merged via squash after the required `scripts/pr merge-run` workflow falsely flagged a non-overlapping mainline refactor as an overlap.
Prepared head SHA: dc0bba965a
Co-authored-by: Pandah97 <80405497+Pandah97@users.noreply.github.com >
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com >
Reviewed-by: @vincentkoc
2026-06-17 22:04:48 +08:00
Shakker
c6b5ef9b20
docs: update Gemini CLI backend defaults
2026-06-17 03:31:14 +01:00
Shakker
c6d7d85763
fix: parse Gemini CLI stream output
2026-06-17 03:31:14 +01:00
Stellar鱼
bbfea21a18
fix(security): audit open dm tool exposure ( #92883 )
...
* fix(security): audit open dm tool exposure
* fix(security): align open DM audit precedence
---------
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com >
2026-06-16 14:38:39 +08:00
openclaw-clownfish[bot]
8694fe7e81
fix(gateway): block internal HTTP session overrides
...
Reject HTTP session-key overrides that target reserved internal session namespaces while preserving normal explicit session keys.
Co-authored-by: RichardCao <4612401+RichardCao@users.noreply.github.com >
2026-06-16 09:30:27 +08:00
litang9
0f71a665ed
fix(logging): avoid stalled warnings for active model calls
...
Classify owned silent model calls as long-running until the abort threshold while preserving stalled handling for ownerless stale activity, with diagnostics tests and docs.
2026-06-16 06:27:40 +08:00
Vyctor H. Brzezowski
f00de6b06a
docs(cli): add agent selector to cli backend quick start ( #74613 )
2026-06-16 00:39:48 +08:00
Peter Steinberger
1fef20c96b
fix(tasks): preserve requester agent attribution
2026-06-15 07:09:01 -07:00
Andy Ye
8549a203d4
Honor WhatsApp configured ACP bindings ( #92513 )
...
Merged via squash.
Prepared head SHA: 665080f482
Co-authored-by: TurboTheTurtle <35905412+TurboTheTurtle@users.noreply.github.com >
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com >
Reviewed-by: @mcaxtr
2026-06-13 18:09:22 -03:00
clawsweeper[bot]
5854e0c8f6
fix: split image setup and request timeout semantics ( #92673 )
...
Summary:
- The PR separates image media-understanding setup and provider request timeout handling, adds focused timeout regression tests, and updates gateway/Codex docs for the existing image timeout setting.
- PR surface: Source +39, Tests +67, Docs +8. Total +114 across 5 files.
- Reproducibility: yes. Source inspection shows current main subtracts setup elapsed time from the provider request timeout, and the PR adds a slow-setup regression test that exercises the failure path.
Automerge notes:
- PR branch already contained follow-up commit before automerge: docs: clarify image timeout phase semantics
- PR branch already contained follow-up commit before automerge: fix: bound image setup timeout separately
- PR branch already contained follow-up commit before automerge: Revert "fix: bound image setup timeout separately"
- PR branch already contained follow-up commit before automerge: fix: split image setup and request timeout semantics
Validation:
- ClawSweeper review passed for head 001dee3fb0 .
- Required merge gates passed before the squash merge.
Prepared head SHA: 001dee3fb0
Review: https://github.com/openclaw/openclaw/pull/92673#issuecomment-4698582136
Co-authored-by: Mason Huang <masonxhuang@tencent.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com >
2026-06-13 13:29:45 +00:00
Peter Steinberger
26b9736922
fix: require admin for HTTP model overrides
...
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-06-13 02:08:20 -07:00
liuhao1024
c5d599c8c4
docs(gateway): add uptime monitoring guidance to health check docs ( fixes #55768 ) ( #92608 )
2026-06-13 02:59:18 -05:00
Shakker
6b0525f237
fix: gate Skill Workshop symlink writes
2026-06-11 15:20:38 +01:00
Shakker
6b3bcc986f
fix: require service identity for update handoffs
2026-06-11 02:18:47 +01:00
Shakker
3394a4ad2c
fix: refresh update status sentinel
2026-06-11 02:18:47 +01:00