The display sanitizer's long-token chunker (`\S{33,}` -> 32-char chunks
joined by spaces) was injecting literal spaces inside inline code spans,
fenced code blocks, and bare identifiers it didn't recognize. Tokens like
`requireConfirmationForMutatingActions`, `ubuntu-budgie-desktop-environment`,
and `binary_sensor.sense_energy_monitor_power` rendered with mid-word
spaces, contaminating copy/paste of package names, entity IDs, and shell
line-continuations.
Fix:
- Make sanitizer code-aware: split text into fenced/inline-code segments
and prose, and only run the chunker on prose segments. Code regions
pass through verbatim.
- Widen `isCopySensitiveToken` to use the punctuation-stripped candidate
for all classification, and accept any `FILE_LIKE_RE` token that
contains `_`, `-`, or `.` (covers package names, dotted IDs, kebab
flags). Picks up the goals of #69340 and #39565.
- Skip chunking for symbol-only runs (box-drawing rows, dashes, equals)
so table borders aren't corrupted.
- Preserve the original goal of narrow-terminal protection: long
unidentifiable prose tokens (e.g. accidental base64 dumps) are still
chunked so they don't blow out terminal layout.
Security ordering preserved: ANSI strip / control-char strip / binary
redaction still run on the whole string before segmentation, so code
regions cannot smuggle escapes, control characters, or binary garbage
past the sanitizer.
16 new regression tests cover: camelCase config keys in inline code,
hyphenated package names (bare and in code), dotted entity IDs (bare
and in code), backtick and tilde fenced blocks, base64-like blobs in
code, prose-token chunking unchanged, prose-around-code mixed content,
box-drawing horizontal rules, multi-line shell `\\` continuations,
plus three explicit security-ordering tests asserting ANSI/control/
binary stripping still runs inside code segments.
Fixes#48432, #39505.
Supersedes #69340, #39565 (carries forward both ideas in a more
general fix). Carries forward the code-fence-aware approach from the
closed#48445.
* fix(tui): abort run during pre-event waiting gap
Track the runId returned from chat.send so pressing Esc while `activeChatRunId` is still null aborts the in-flight run instead of repeatedly printing "no active run". Identified in #1296.
* fix(tui): drop redundant comment on pendingChatRunId set
Bound default Gateway sessions.list responses to 100 rows when callers omit limit, with response metadata for totalCount, limitApplied, and hasMore.\n\nFixes #77062.
* fix: expose session-specific thinking levels (#76482)
* fix: preserve lightweight sessions.list contract, fix consumer-side fallbacks only
* fix: include thinking levels in lightweight session rows for Control UI (#76482)
The Control UI cannot resolve provider-specific thinking levels client-side
(ui/src/ui/thinking.ts always returns base 5 levels). The gateway must
provide them even in lightweight rows. listThinkingLevelOptions is a cheap
in-memory lookup — negligible perf impact vs the transcript/cost/model ops
that the lightweight flag still skips.
Also update existing test assertions that expected thinkingOptions: [] for
lightweight rows (flagged by ClawSweeper review).
* test: add e2e regression tests for thinking level pipeline (#76482)
Summary:
- The PR bounds async transcript history reads and shares async transcript-index builds across gateway history, embedded/TUI history, restart recovery, fork token checks, and preflight compaction paths.
- Reproducibility: not applicable. this is a performance PR rather than a user bug report. The verification pa ... ource review plus the added unit coverage for bounded reads, usage snapshots, and concurrent index sharing.
ClawSweeper fixups:
- No separate fixup commits were needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head ccfe33658c.
- Required merge gates passed before the squash merge.
Prepared head SHA: ccfe33658c
Review: https://github.com/openclaw/openclaw/pull/75977#issuecomment-4363170293
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Fixes#63195.
Closes#68162.
Closes#73546.
- Keep Control UI chat sends bound to the history-backed session id across reconnects.
- Accept chat.send sessionId at the gateway/protocol boundary and update generated Swift models.
- Resume the last selected TUI session for the same gateway/agent/scope when still present.
Validated by exact-SHA CI on PR #75948.
* fix(tui): clear stale streaming after unbound final events
* fix(clownfish): address review for ghcrawl-156749-autonomous-smoke (1)
* fix(tui): address stale streaming review
* fix(tui): clear stale streaming after orphaned finals
* fix(tui): clear stale streaming after orphaned finals
* fix(tui): clear stale streaming after orphaned finals
* feat(tui): add local embedded TUI mode with terminal/chat aliases
Adds a gateway-free local TUI path so users can run openclaw in their
terminal without needing a running gateway process.
- TuiBackend interface abstraction (tui-backend.ts) with EmbeddedTuiBackend
implementation that drives the agent loop in-process
- openclaw tui --local flag for local embedded mode
- openclaw terminal / openclaw chat aliases that imply --local
- /auth slash command with codex CLI delegation to avoid prolite plan issue
- Default model display fallback on startup
- Local-aware status text and log suppression
- Concise auth error hints, raw HTML 403 suppression
- Onboarding hatch flow launches local TUI (no gateway required)
- Commander alias bug fix in run-main.ts (.aliases() check)
- All new and updated tests passing (145/145)
* TUI: fix alias detection, cross-platform codex lookup, and history byte-budget safeguards
* TUI: remove RuntimeEnv type annotation to fix CI oxlint error
* TUI: filter gateway-dependent tools and auto-approve plugin hooks in embedded mode
* TUI: suppress console noise and add embedded mode system prompt note
* TUI: reduce embedded-mode tool filtering from 15 to 7, add local session tools
* TUI: fix remaining PR review comments
* TUI: address latest review feedback and CI drift
* Core: align prompt helper with latest base
* Core: match prompt helper formatting with base
* Core: restore prompt helper from latest base
* fix(tui): preserve local auth fallback in source checkouts
* fix(tts): guard telephony provider invocation
* fix(tui): support Windows codex auth shim
* fix(tui): harden local auth flow
* fix: preserve embedded tool-first run events
* fix(tui): keep embedded plugin approvals gated
* fix(tui): restore embedded attempt import
* fix(tui): resolve sessions in embedded stub
* fix: add embedded TUI changelog entry (#66767) (thanks @fuller-stack-dev)
* fix: pass setup TUI local mode through relaunch (#66767) (thanks @fuller-stack-dev)
---------
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
