* feat(plugins): support multi-kind plugins for dual slot ownership
* fix: address review feedback on multi-kind plugin support
- Use sorted normalizeKinds() for kind-mismatch comparison in loader.ts
(fixes order-sensitive JSON.stringify for arrays)
- Derive slot-to-kind reverse mapping from SLOT_BY_KIND in slots.ts
(removes hardcoded ternary that would break for future slot types)
- Use shared hasKind() helper in config-state.ts instead of inline logic
* fix: don't disable dual-kind plugin that still owns another slot
When a new plugin takes over one slot, a dual-kind plugin that still
owns the other slot must not be disabled — otherwise context engine
resolution fails at runtime.
* fix: exempt dual-kind plugins from memory slot disablement
A plugin with kind: ["memory", "context-engine"] must stay enabled even
when it loses the memory slot, so its context engine role can still load.
* fix: address remaining review feedback
- Pass manifest kind (not hardcoded "memory") in early memory gating
- Extract kindsEqual() helper for DRY kind comparison in loader.ts
- Narrow slotKeyForPluginKind back to single PluginKind with JSDoc
- Reject empty array in parsePluginKind
- Add kindsEqual tests
* fix: use toSorted() instead of sort() per lint rules
* plugins: include default slot ownership in disable checks and gate dual-kind memory registration
* fix(slack): restore table block mode seam
Restore the shared markdown/config seam needed for Slack Block Kit table support, while coercing non-Slack block mode back to code.
* fix(slack): narrow table block seam defaults
Keep Slack table block mode opt-in in this seam-only PR, clamp collected placeholder offsets, and align fallback-table rendering with Slack block limits.
* fix(slack): bound table fallback rendering
Avoid spread-based maxima and bound Slack table fallback rendering by row, column, cell-width, and total-output limits to prevent resource exhaustion.
* fix(slack): keep block mode inactive in seam PR
Keep markdown table block mode schema-valid but runtime-resolved to code until the Slack send path is wired to emit table attachments.
* fix(slack): normalize configured block mode safely
Accept configured markdown table block mode at parse time, then normalize it back to code during runtime resolution so seam-only branches do not drop table content.
* fix(config): prevent AJV schema defaults from leaking into persisted config
Fixes#56772. Ensures that channel and plugin AJV validations respect the applyDefaults option, preventing runtime defaults from being written to openclaw.json during doctor/update flows.
* test: address review feedback on #56772 fix
- Split validation.channel-metadata.test.ts into applyDefaults true/false cases (fixes CI)
- Update io.write-config.test.ts regression test to use a mock plugin registry, ensuring it actually exercises the AJV default injection path
* fix(config): revert applyDefaults passthrough to prevent required-field regression
Codex-connector correctly identified that BlueBubbles channel schema marks
enrichGroupParticipantsFromContacts as both default:true and required.
Passing applyDefaults:false during write validation would cause required
checks to fail, breaking writeConfigFile entirely.
Reverted validation.ts to always use applyDefaults:true for channel/plugin
AJV validation. The protection against default leakage into persisted config
is fully handled by the persistCandidate change in io.ts (cfgToWrite uses
the pre-validation merge-patched value, not validated.config).
Updated validation.channel-metadata.test.ts to reflect this architecture.
* fix(config): apply legacy web-search normalization to persistCandidate
* fix: stabilize config default-leak landing tests (#56834) (thanks @openperf)
---------
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
Problem: When LLM stops responding, the agent hangs for ~5 minutes with no feedback.
Users had to use /stop to recover.
Solution: Add idle timeout detection for LLM streaming responses.
* fix: canonicalize session keys at write time to prevent orphaned sessions (#29683)
resolveSessionKey() uses hardcoded DEFAULT_AGENT_ID="main", but all read
paths canonicalize via cfg. When the configured default agent differs
(e.g. "ops" with mainKey "work"), writes produce "agent:main:main" while
reads look up "agent:ops:work", orphaning transcripts on every restart.
Fix all three write-path call sites by wrapping with
canonicalizeMainSessionAlias:
- initSessionState (auto-reply/reply/session.ts)
- runWebHeartbeatOnce (web/auto-reply/heartbeat-runner.ts)
- resolveCronAgentSessionKey (cron/isolated-agent/session-key.ts)
Add startup migration (migrateOrphanedSessionKeys) to rename existing
orphaned keys to canonical form, merging by most-recent updatedAt.
* fix: address review — track agent IDs in migration map, align snapshot key
P1: migrateOrphanedSessionKeys now tracks agentId alongside each store
path in a Map instead of inferring from the filesystem path. This
correctly handles custom session.store templates outside the default
agents/<id>/ layout.
P2: Pass the already-canonicalized sessionKey to getSessionSnapshot so
the heartbeat snapshot reads/restores use the same key as the write path.
* fix: log migration results at all early return points
migrateOrphanedSessionKeys runs before detectLegacyStateMigrations, so
it can canonicalize legacy keys (e.g. "main" → "agent:main:main") before
the legacy detector sees them. This caused the early return path to skip
logging, breaking doctor-state-migrations tests that assert log.info was
called.
Extract logMigrationResults helper and call it at every return point.
* fix: handle shared stores and ~ expansion in migration
P1: When session.store has no {agentId}, all agents resolve to the same
file. Track all agentIds per store path (Map<path, Set<id>>) and run
canonicalization once per agent. Skip cross-agent "agent:main:*"
remapping when "main" is a legitimate configured agent sharing the store,
to avoid merging its data into another agent's namespace.
P2: Use expandHomePrefix (environment-aware ~ resolution) instead of
os.homedir() in resolveStorePathFromTemplate, matching the runtime
resolveStorePath behavior for OPENCLAW_HOME/HOME overrides.
* fix: narrow cross-agent remap to provable orphan aliases only
Only remap agent:main:* keys where the suffix is a main session alias
("main" or the configured mainKey). Other agent:main:* keys — hooks,
subagents, cron sessions, per-sender keys — may be intentional
cross-agent references and must not be silently moved into another
agent's namespace.
* fix: run orphan-key session migration at gateway startup (#29683)
* fix: canonicalize cross-agent legacy main aliases in session keys (#29683)
* fix: guard shared-store migration against cross-agent legacy alias remap (#29683)
* refactor: split session-key migration out of pr 30654
---------
Co-authored-by: Your Name <your_email@example.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
