Quarantine unreadable and structurally invalid direct/custom Anthropic tool schemas in both canonical request builders while preserving healthy siblings, forced-choice semantics, OAuth name mapping, and official OpenAI behavior.
Supersedes #89418, #89221, #90228, #89622, #89229, and #90278.
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
Merge adjacent Anthropic assistant turns before dangling tool-use validation so signed tool calls remain immediately paired with their tool results. Preserve contributor credit. Fixes#87329.
Preserve signed thinking for active Anthropic tool-result continuation while omitting native thinking from completed history when the new request disables or omits thinking. Applies the same replay rule to the legacy SDK provider and managed Anthropic transport. Fixes#92360.
Clarifies cron edit --at help after maintainer rebase and preserves the Gateway-host timezone wording for cron --tz help.
Validation:
- git diff --check
- node scripts/run-vitest.mjs src/cli/cron-cli.test.ts
- local Codex autoreview clean, no actionable findings
Co-authored-by: rrrrrredy <rrrrrredy@users.noreply.github.com>
Surface missing bare Lobster workflow file paths instead of silently falling through to inline pipeline parsing.
The runner now treats plain workflow file inputs as file paths, keeps inline commands with file-like arguments as pipelines, and preserves existing workflow file paths that contain spaces. Regression coverage covers missing bare workflow paths, inline false positives, and spaced workflow filenames.
Fixes#68101.
Based on and credits #68106 by @vvitovec. This replacement branch carries the focused fix forward because #68106 is dirty against current main and could not be repaired on the fork branch with available bot permissions.
Validation:
- node scripts/run-vitest.mjs extensions/lobster/src/lobster-runner.test.ts
- autoreview clean: no accepted/actionable findings after the spaced-path fix
- GitHub checks: 127 pass, 0 fail, 0 pending
Co-authored-by: Viktor Vítovec <230458341+vvitovec@users.noreply.github.com>
Target Feishu Typing reactions at the inbound message id while preserving reply and thread routing to the topic root.
This keeps the fallback to replyToMessageId for flows without a separate inbound target, and adds regression coverage for topic/replyInThread behavior and synthetic Feishu turn sources.
Based on and credits #67783 by @huiwen01. This replacement branch carries the same user-visible fix forward because #67783 is dirty against main and earlier automation could not update the fork branch with available permissions. This intentionally does not reuse or expand #73958; root_id routing remains separate.
Validation:
- pnpm check:changed
- pnpm -s vitest run extensions/feishu/src/bot.test.ts extensions/feishu/src/reply-dispatcher.test.ts extensions/feishu/src/monitor.reaction.test.ts
- autoreview clean: no accepted/actionable findings
- GitHub checks: 127 pass, 0 fail, 0 pending
Co-authored-by: huiwen01 <89329207+huiwen01@users.noreply.github.com>
* fix(update): continue after package doctor warnings
* fix(update): type advisory step rendering
* fix(update): preserve advisory doctor step state
* fix(update): share advisory doctor state
* fix(update): keep timed-out doctor failures blocking
* fix(update): require explicit doctor advisory result
* fix(update): reject malformed doctor advisory results
* fix(update): bound doctor advisory diagnostics
* fix(update): keep doctor advisory restart-neutral
* fix(update): protect doctor advisory IPC
* fix(update): scope doctor advisories to converging updater
* fix(update): scope doctor advisories to deferred repairs
* fix(update): secure doctor advisory IPC
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
* fix(status): render sub-1000 token counts as plain integers
formatKTokens always divided by 1000 and appended "k", so token counts
below 1000 rendered as misleading fractional k in `openclaw status`
output (e.g. 999 rounded up across the boundary to "1.0k", 420 -> "0.4k",
a 300-token cache write -> "write 0.3k").
Guard value < 1000 to render the plain rounded integer, matching the
canonical formatTokenCount convention (src/utils/usage-format.ts). The
>=1000 "k" behavior is unchanged. Adds focused regression tests for the
0/420/999/1000/12000 boundary and small-session/small-cache status lines.
Fixes#89735
* fix(status): reuse canonical token formatter
* refactor(status): extract lightweight token formatter
---------
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
Add clawsweeper:queueable-fix, clawsweeper:source-repro, and
clawsweeper:fix-shape-clear to exempt-issue-labels in all 4 stale
workflow steps and the backfill-closures script's issueExemptLabels
set.
Previously, issues classified by ClawSweeper as actionable fix
candidates could still be marked stale and auto-closed, creating
a conflict between the two automation systems (e.g. #78640,
#81078, #81122 had both 'stale' and 'clawsweeper:queueable-fix').
Fixes#89564
Remove replayed thinking and redacted-thinking blocks from GitHub Copilot Claude history and final Anthropic payloads while preserving visible content, tool turns, and non-empty assistant structure.
Fixes#81520
Supersedes #87060 and #81534
Co-authored-by: Gio Della-Libera <giodl73@gmail.com>
Cap configured session context overrides by the selected model's known context window, refresh provider/model metadata consistently, and preserve the fixed Anthropic 1M context contract.
Fixes#39857
Co-authored-by: Kros Dai <7087+xdanger@users.noreply.github.com>
Fixes#54909.
Repair #54962 by preserving raw slash-command callbacks while routing generic callback data to agents as `callback_data: <value>`.
Validation:
- pnpm check:changed
- pnpm -s vitest run extensions/telegram/src/bot.create-telegram-bot.test.ts
- Codex /review
- Real behavior proof
- GitHub PR checks
Source PR credit: continues @hnshah's work from #54962 and preserves @timt80's report credit from #54909.
Co-authored-by: Hiten Shah <3155200+hnshah@users.noreply.github.com>
* fix(gateway): preserve active run during plugin finalization
* fix(ui): skip session.message history reload while gateway reports active run
* fix(ui): remove unused eslint-disable directive
* fix(ui): preserve active runs through finalization
---------
Co-authored-by: scotthuang <scotthuang@tencent.com>
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
* fix(gateway): use resolveNonNegativeNumber for totalTokens to display 0 instead of ?
resolvePositiveNumber requires value > 0, filtering out the valid
totalTokens = 0 case (new session, no usage yet). This caused the TUI
to display 'tokens ?/200k' instead of 'tokens 0/200k (0%)'.
Use resolveNonNegativeNumber (>= 0) for the final totalTokens value
used in session display. The needsTranscriptTotalTokens check at line
2041 still correctly uses resolvePositiveNumber to decide whether to
fetch transcript data.
Fixes#43009
* fix(gateway): preserve fresh zero-token sessions
---------
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
* fix(macos): defer isOverflowing mutation to break SwiftUI render loop
measuredHeight() mutated model.isOverflowing synchronously during a SwiftUI
view update cycle. The onChange(of: attributed) handler triggered
updateWindowFrame → targetFrame → measuredHeight, which set isOverflowing,
invalidating the view and re-triggering onChange — an infinite render loop
causing 100% CPU pinwheel.
Fix: defer the isOverflowing mutation via DispatchQueue.main.async with an
equality guard to prevent redundant updates. The frame calculation itself
remains synchronous so the window size is correct immediately.
Fixes#43480
* fix(macos): preserve latest overflow measurement
---------
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
* fix(telegram): skip IPv4 fallback when user configures non-ipv4first dnsResultOrder
When the user explicitly configures channels.telegram.network.dnsResultOrder
to a non-ipv4first value (e.g. verbatim), the sticky IPv4 fallback dispatcher
should not be armed. Forcing autoSelectFamily=false + dnsResultOrder=ipv4first
overrides the user's explicit IPv6-friendly config, causing media downloads to
fail on hosts where IPv4 is broken but IPv6 works.
Fixes#41671
* fix(telegram): respect explicit DNS fallback policy
---------
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
* fix(doctor): avoid false-positive legacy cron store warning when store was already migrated
When rawJobs.length > 0 and other issues exist (notifyCount, dreamingStaleCount)
but legacyStoreDetected is false (file already removed after migration), the doctor
unconditionally printed 'Legacy cron job storage detected at ...' — misleading users
into thinking the migration was incomplete.
Fix: conditionally use 'Cron store issues detected' heading when no legacy store file
exists, reserving 'Legacy cron job storage detected' for actual legacy store presence.
Fixes#92683
* test(doctor): add test for false-positive legacy cron store warning (#92683)
Follow-up to #92745 after maintainer autoreview found that the skipped recall event widened the shipped MemoryHostEvent union and changed limited legacy reads.
Keep readMemoryHostEvents() source-compatible by filtering diagnostic records before applying limits, and expose skipped recall diagnostics through the opt-in MemoryHostEventRecord/readMemoryHostEventRecords path.
Original skipped-recall behavior landed in #92745 by @mushuiyu886.
Fixes#42156.
Answer Telegram callback queries before per-chat/topic sequentialize can queue the handler behind an active turn, and carry the in-flight answer promise on the grammY context so the normal handler reuses it instead of double-answering.
Proof:
- node scripts/run-vitest.mjs extensions/telegram/src/bot.create-telegram-bot.test.ts -- -t "answers callback queries before same-chat sequentialize delays handlers|sequentializes updates by chat and thread|routes callback_query payloads as messages"
- node scripts/run-vitest.mjs extensions/telegram/src/bot.test.ts extensions/telegram/src/bot-handlers.runtime.test.ts
- node_modules/.bin/oxfmt --check extensions/telegram/src/bot-core.ts extensions/telegram/src/bot-handlers.runtime.ts extensions/telegram/src/callback-query-answer-state.ts extensions/telegram/src/bot.create-telegram-bot.test.ts
- git diff --check origin/main...HEAD
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main
- Azure Crabbox cbx_cba20c462ad5 / silver-barnacle: OPENCLAW_TESTBOX=1 node scripts/crabbox-wrapper.mjs run --provider azure --class Standard_D4ads_v6 --idle-timeout 90m --ttl 240m --timing-json -- env OPENCLAW_CHECK_CHANGED_REMOTE_CHILD=1 OPENCLAW_CHANGED_LANES_RAW_SYNC=1 corepack pnpm check:changed
Proof gap: live Telegram Desktop/burner-account proof was not run because openclaw-telegram-user-crabbox-proof is not installed in this shell.
Reject voice media stream start frames when no acceptance validator is configured, preventing fail-open STT/TTS session creation. Verified locally, with autoreview, in a remote Linux dev box, and by green CI.
* fix(gateway): accept image-only input on /v1/responses
The OpenResponses endpoint rejected requests whose `input` contained only
an `input_image` (no `input_text`) with `400 Missing user message in
input.`, even though the image was parsed and collected into `images`.
The guard only checked `prompt.message` and ignored `images`, unlike the
equivalent /v1/chat/completions guard which uses
`!prompt.message && images.length === 0`.
Align the OpenResponses guard with Chat Completions so image-only turns
are forwarded to the agent. Empty input (no text and no image) still
returns 400.
Adds regression tests: image-only base64 input -> 200 with image reaching
the agent, and empty content -> 400.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(gateway): pass image-only /v1/responses turns to the agent
The one-line guard alone was insufficient: even after letting image-only
input past the `Missing user message` check, the downstream agent command
(`prepareAgentCommandExecution`) throws `Message (--message) is required`
for an empty message, so image-only `/v1/responses` returned 500.
Mirror the /v1/chat/completions prompt builder: substitute the shared
IMAGE_ONLY_USER_MESSAGE placeholder for the active image-only user turn so
the turn is not dropped and the real image is still attached via `images`.
Promote the placeholder constant to the shared gateway agent-prompt module
so both endpoints stay in sync, and revert the responses guard back to the
original `!prompt.message` check (responses images are not scoped to the
active turn, so the placeholder is the correct, single source of truth).
Co-authored-by: Cursor <cursoragent@cursor.com>
* chore: retrigger CI (flaky startup-core test timeout, unrelated to change)
Co-authored-by: Cursor <cursoragent@cursor.com>
---------
Co-authored-by: songwendong <songwendong@shuidi-inc.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Record diagnostic events when memory_search returns durable memory hits that are intentionally excluded from short-term promotion, so users can distinguish eligibility decisions from recall tracking failures.
