Codex review on PR #79383 flagged that the strict groups.*.systemPrompt
schema addition was not reflected in the generated bundled-channel
metadata. Without this, openclaw config set --dry-run and the config UI
schema would still reject channels.imessage.groups.*.systemPrompt as an
additional property.
Refs #78285.
Earlier draft used a simple normalize-and-fall-through resolver: any
empty/whitespace per-chat_id systemPrompt fell through to the
groups['*'] wildcard. That doesn't match the WhatsApp resolver
(extensions/whatsapp/src/system-prompt.ts), where defining the
systemPrompt key on the specific group (even as '') means 'this group
has no prompt' and suppresses the wildcard.
Make iMessage resolution byte-identical:
- specific != null && specific.systemPrompt != null -> use the trimmed
specific (empty trim -> undefined, wildcard suppressed).
- otherwise -> trimmed wildcard.
Add the resolver as a small exported helper resolveIMessageGroupSystemPrompt
so the unit tests cover it directly. Update the per-group systemPrompt
doc section in docs/channels/imessage.md to copy WhatsApp's resolution
hierarchy language and add an explicit-suppression example.
Refs #78285.
channels.imessage.groups.<chat_id|*>.systemPrompt is now resolved at
inbound time and forwarded as ctxPayload.GroupSystemPrompt for group
messages, matching the established pattern in Discord, Telegram, IRC,
Slack, GoogleChat, and the retired BlueBubbles channel.
- Add 'systemPrompt?: string' to the channels.imessage.groups[*] entry
schema (types.imessage.ts + zod parser).
- Capture groupListPolicy.groupConfig.systemPrompt at decision build
time, falling back to the groups['*'] wildcard when the per-chat_id
entry has no explicit prompt. DM decisions never carry the prompt.
- Wire decision.groupSystemPrompt through to ctxPayload.GroupSystemPrompt
in buildIMessageInboundContext, gated on decision.isGroup.
Closes#78285.
Expose the existing safe-restart skipDeferral escape hatch through gateway RPC and the daemon CLI, document the flag, and add restart/CLI regression coverage.
Also keep CLI failure output off the cold bootstrap graph and align CLI guidance expectations needed by current CI.
Co-authored-by: Solomon Neas <solomonneas@users.noreply.github.com>
Summary:
- Document the canonical macOS LaunchAgent PATH including Apple Silicon Homebrew bin directories.
- Add service-audit regression coverage that flags stale macOS service PATHs missing Homebrew directories.
- Record the user-facing Gateway/macOS fix in the changelog.
Verification:
- Exact PR head 8aa19dde07 was approved, CLEAN, and MERGEABLE before merge.
- GitHub exact-head CI/check-docs/proof lanes were green with no failing or pending check runs.
- pnpm exec oxfmt --check --threads=1 CHANGELOG.md docs/gateway/doctor.md src/daemon/service-audit.test.ts src/daemon/service-env.ts src/daemon/service-env.test.ts src/commands/daemon-install-helpers.test.ts
- pnpm check:changelog-attributions
Adds opt-in `gateway.tailscale.preserveFunnel`. When `tailscale.mode = "serve"`
and an externally configured Tailscale Funnel route already covers the gateway
port, OpenClaw checks `tailscale funnel status --json` before re-applying
`tailscale serve` and skips both Serve and the `resetOnExit` teardown for that
run, preserving operator-managed Funnel exposure across gateway restarts.
The Funnel-status parser handles every documented Tailscale target scheme
(http, https, https+insecure) via an RFC 3986 scheme strip, plus loopback
hostnames (127.0.0.1, localhost, ::1) and bare-port forms. AllowFunnel-disabled
hosts and other-port routes are ignored.
Closes#57241.
- Add resolveBedrockServiceTier() and createBedrockServiceTierWrapper()
to bedrock-stream-wrappers.ts
- Export service tier functions from provider-stream-shared.ts SDK barrel
- Wire service tier into Bedrock provider wrapStreamFn
- Accepts serviceTier or service_tier via agents.defaults.params
Valid values: default, flex, priority, reserved
Authored by Deepseek-v4-Pro, reviewed by rob@mobilinkd.com.
Summary:
- The PR exports `ensureAbsoluteDirectory` through the fs-safe/SDK runtime facades and routes browser download ... through safe output directory/file helpers with focused tests, a changelog entry, and SDK API hash updates.
- Reproducibility: yes. at source level: current main creates browser download/output roots with raw recursive ... jection coverage for that path. I did not run a live browser runtime reproduction in this read-only review.
Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(browser): use fs-safe output directory helper
- PR branch already contained follow-up commit before automerge: docs(changelog): mention browser fs-safe hardening
- PR branch already contained follow-up commit before automerge: fix(browser): harden download output writes
Validation:
- ClawSweeper review passed for head a9c9570f66.
- Required merge gates passed before the squash merge.
Prepared head SHA: a9c9570f66
Review: https://github.com/openclaw/openclaw/pull/78780#issuecomment-4394146682
Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Defer OpenClaw Codex dynamic tools behind Codex tool_search, keep required turn-control tools direct, pin the managed Codex harness to 0.129.0-alpha.15, and document the real behavior/token impact from the live dev-agent watch.
