* fix(browser): reject ambiguous tab references
Co-authored-by: llagy007 <0668001470@xydigit.com>
* fix(browser): close tracked tabs by raw target id
* fix(browser): harden raw tab cleanup routing
* test(browser): type raw close request mock
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Carry typed forum/media parent metadata through the message-send path so implicit thread creation uses the configured default archive duration.
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix(discord): add timeouts to voice upload requests
* fix(discord): refine voice upload timeouts
Use the normalized REST timeout for upload negotiation and the existing attachment transfer budget for the signed audio upload. Reuse the shared loopback test harness and verify both hanging sockets close.
Thanks @Alix-007 for the original timeout fix.
Co-authored-by: llagy009 <0668001470@xydigit.com>
---------
Co-authored-by: llagy009 <0668001470@xydigit.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix(anthropic): don't crash models list when a configured Sonnet 5 model has no cost
applyAnthropicSonnet5Cost read params.model.cost.input unconditionally, so
'openclaw models list' aborted with 'Cannot read properties of undefined
(reading input)' whenever config supplied an anthropic Sonnet 5 model row
without cost metadata (e.g. an agents.defaults.models runtime binding).
Guard with optional chaining — a costless model now falls through and gets
the canonical Sonnet 5 cost applied.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
* fix(models): normalize missing Sonnet 5 costs
Co-authored-by: VACInc <3279061+VACInc@users.noreply.github.com>
* chore(plugin-sdk): refresh API baseline
* ci(plugin-sdk): update surface budgets
---------
Co-authored-by: VACInc <3279061+VACInc@users.noreply.github.com>
Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix(nvidia): refresh bundled featured models
* fix(nvidia): match featured model feed exactly
* fix(nvidia): remove transient feed detail
* fix(nvidia): correct super context window
* fix(nvidia): align auth choice expectation
* fix(nvidia): hide deprecated models from selection
Refresh the bundled featured catalog while retaining deprecated model metadata for exact-reference compatibility. Route NVIDIA onboarding and catalog picker surfaces through selectable-only provider builders.
* fix(nvidia): simplify featured model table
* fix(nvidia): restore shipped compatibility rows
Render pending approvals from shared typed views, add marked grapheme-safe display wraps for QQ Desktop, preserve the 300 UTF-16-unit cap, fence command and metadata safely, and report plugin expiry from the runtime clock.
Fixes#101979
* fix(imessage): cap per-chat group-allowlist warn-once cache
Replace unbounded perChatWarned Set with createDedupeCache(maxSize=512)
to keep long-running iMessage monitor memory stable. The cache grows
with every distinct group chat the gateway sees; without a cap it can
accumulate entries indefinitely.
Co-Authored-By: Claude <noreply@anthropic.com>
* fix(imessage): prove warning cache eviction
---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* feat(usage): route claude-cli to Anthropic plan usage with plan label and billing
* feat(webchat): redesign context popover with plan-usage bars and API-cost gating
* fix(usage): match plan usage across CLI provider aliases and source plan label from synced auth profile
* docs(plugins): document plan metadata on usage auth token
* chore(usage): document provider-level billing attribution limits, fix overview test types
* fix(webchat): avoid map-spread in quota group collection
* test(webchat): deflake subscription popover reset fixture
* fix(googlechat): add 30 s request timeout to withGoogleChatResponse
* fix(googlechat): satisfy ResolvedGoogleChatAccount in api.test.ts
* fix(googlechat): bound control and media requests
Co-authored-by: NIO <nocodet@mail.com>
---------
Co-authored-by: NIO <nocodet@mail.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix(codex-dynamic-tools): use truncateUtf16Safe for notice text truncation
* fix(codex): keep dynamic tool text UTF-16 safe
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix(google-meet): use truncateUtf16Safe for log value truncation
One .slice(0, 180) truncation site in the Google Meet extension
may cut UTF-16 surrogate pairs in half when the log value contains
multi-byte characters such as emoji. Replace it with
truncateUtf16Safe to keep the truncated output valid Unicode.
* test(google-meet): cover UTF-16 model log boundary
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix(migrate-claude): use truncateUtf16Safe for skill description truncation
One .slice(0, 180) truncation site in the migrate-claude extension
may cut UTF-16 surrogate pairs in half when the skill description
contains multi-byte characters such as emoji. Replace it with
truncateUtf16Safe to keep the truncated output valid Unicode.
* test(migrate-claude): cover UTF-16 skill description
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix(slack): use truncateUtf16Safe for message body preview truncation
One .slice(0, 160) truncation site in the Slack message handler may
cut UTF-16 surrogate pairs in half when the message body preview
contains multi-byte characters such as emoji. Replace it with
truncateUtf16Safe to keep the truncated output valid Unicode.
* test(slack): cover UTF-16 preview boundary
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>