Patrick Erichsen
c0312748c4
feat: support git and local skill installs ( #84793 )
2026-05-20 21:12:03 -07:00
Gio Della-Libera
a30ac3f8d7
Policy: add tool metadata conformance ( #80056 )
...
* feat(policy): add tool metadata conformance checks
* Add policy trusted tool runtime gate
* Use requireMetadata for tool policy
Make tools.requireMetadata the canonical policy schema for risk, sensitivity, and owner requirements. Update runtime enforcement, doctor findings, evidence parsing, tests, and policy docs to use the new schema.
* fix(policy): persist approval metadata
* fix(policy): refresh approval metadata artifacts
* docs(policy): list all tool finding checks
* fix(policy): parse multiline tool metadata
* test(policy): cover unparseable policy check output
* fix(policy): resolve oc-path api in packaged dist
* fix(policy): clear post-rebase CI failures
* test(policy): clear post-rebase CI failures
* fix(policy): restore watch and align validation
* fix(policy): clear ci gate failures
* Simplify policy tool evidence parsing
2026-05-20 20:47:32 -07:00
Peter Steinberger
a13468320c
fix: clarify pinned session model status
2026-05-20 15:59:24 +01:00
Gio Della-Libera
cbf72e5e26
feat(policy): add channel conformance checks ( #80407 )
...
Summary:
- Add the bundled Policy plugin with policy-backed doctor checks for channel conformance.
- Add `openclaw policy check` attestations, accepted-attestation drift checks, and opt-in doctor repair.
- Add policy CLI docs, generated plugin inventory/reference docs, and changelog credit.
Verification:
- node --import tsx scripts/sync-plugin-versions.ts --check
- pnpm plugins:inventory:check
- pnpm docs:list
- git diff --check origin/main..HEAD
- node scripts/run-vitest.mjs extensions/policy/src/policy-state.test.ts extensions/policy/src/cli.test.ts extensions/policy/src/doctor/register.test.ts src/flows/bundled-health-checks.test.ts src/cli/program/register.maintenance.test.ts
- codex review --uncommitted; accepted finding fixed, reran clean
- codex review --commit HEAD
- GitHub CI for 4e09b067f4giodl73@gmail.com >
Co-authored-by: Gio Della-Libera <giodl@microsoft.com >
2026-05-20 11:50:21 +01:00
Galin Iliev
ddf9fbed34
fix(gateway): expose runtime version in gateway status
...
Closes #56222
2026-05-19 22:09:14 -07:00
clawsweeper[bot]
7f8141ead9
fix(cron): use structured denial signals ( #84311 )
...
Summary:
- The PR changes isolated cron denial handling to use structured embedded tool-error metadata, preserves node-host denial wrappers, and updates cron docs, changelog, and focused regression tests.
- Reproducibility: yes. for source-level reproduction: current main scans cron summary, output, synthesized te ... denial tokens and promotes matches into fatal cron state. I did not execute tests in this read-only review.
Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(cron): normalize node denial wrappers
- PR branch already contained follow-up commit before automerge: fix(cron): use structured denial signals
- PR branch already contained follow-up commit before automerge: fix(clawsweeper): address review for automerge-openclaw-openclaw-8406…
Validation:
- ClawSweeper review passed for head 047622fe8d047622fe8dhttps://github.com/openclaw/openclaw/pull/84311#issuecomment-4491946986
Co-authored-by: abnershang <abner.shang@gmail.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: Abner Shang <75654486+abnershang@users.noreply.github.com >
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com >
2026-05-20 00:49:49 +00:00
Nimrod Gutman
94d8391c03
[codex] restore QR bootstrap operator handoff ( #83684 )
...
Merged via squash.
Prepared head SHA: 2dc955cfb71540134+ngutman@users.noreply.github.com >
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com >
Reviewed-by: @ngutman
2026-05-19 20:59:09 +03:00
samzong
323c9760d3
[Docs] Document gateway benchmark probes ( #83866 )
...
Summary:
- The PR updates `docs/cli/gateway.md` and `docs/reference/test.md` to document Gateway startup/restart benchmark prerequisites, commands, case IDs, probes, output semantics, and platform limits.
- Reproducibility: not applicable. as a runtime bug; docs correctness is source-checkable against the benchmar ... ipts, and readiness source. The current PR head corrected the earlier startup-hook readiness wording issue.
Automerge notes:
- PR branch already contained follow-up commit before automerge: docs(gateway): correct benchmark readiness wording
Validation:
- ClawSweeper review passed for head 5bd0f6c4635bd0f6c463https://github.com/openclaw/openclaw/pull/83866#issuecomment-4483820005
Co-authored-by: samzong <samzong.lu@gmail.com >
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com >
2026-05-19 17:50:36 +00:00
Josh Avant
eb6dd2c65d
Fix memory plugin CLI help dispatch ( #83841 )
...
* fix cli help for active memory plugin
* docs add changelog for memory cli help
* test fix root help mock type
2026-05-18 20:35:55 -05:00
nitinjwadhawan
9995e1b4d5
fix(nextcloud-talk): dispatch react action so agents can send reactions ( #70110 ) ( #72348 )
...
Summary:
- This PR adds and registers a Nextcloud Talk message action adapter for add-only reactions, updates reaction docs, and adds adapter plus sender tests.
- Reproducibility: yes. Source inspection on current main shows Nextcloud Talk advertises reactions and has a ... ion sender, but the plugin lacks `actions.handleAction`, so shared `react` dispatch has no channel handler.
Automerge notes:
- PR branch already contained follow-up commit before automerge: test(nextcloud-talk): cover reaction sender request path
- PR branch already contained follow-up commit before automerge: fix(nextcloud-talk): harden react null-guard; fix disabled-account te…
- PR branch already contained follow-up commit before automerge: fix(nextcloud-talk): reject react remove requests instead of silently…
- PR branch already contained follow-up commit before automerge: fix(nextcloud-talk): inline listEnabledAccounts helper after main cle…
- PR branch already contained follow-up commit before automerge: docs(nextcloud-talk): note add-only react support in reactions and me…
Validation:
- ClawSweeper review passed for head 9817fed8429817fed842https://github.com/openclaw/openclaw/pull/72348#issuecomment-4323046928
Co-authored-by: NW <nitinwadhawan66@gmail.com >
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com >
2026-05-18 18:54:44 +00:00
clawsweeper[bot]
fa814eb9ed
feat(browser): add evaluate timeout CLI option ( #83696 )
...
Summary:
- The branch adds `openclaw browser evaluate --timeout-ms`, forwards it to the evaluate body and request timeo ... ents and tests it, adds a changelog entry, and includes a config.patch no-op shortcut from the repair pass.
- Reproducibility: not applicable. this is a feature PR rather than a bug report. Source inspection shows current main lacks the CLI flag while the branch wires it into an already-supported evaluate `timeoutMs` payload.
Automerge notes:
- PR branch already contained follow-up commit before automerge: feat(browser): add evaluate timeout CLI option
Validation:
- ClawSweeper review passed for head 0d81d3d93e0d81d3d93ehttps://github.com/openclaw/openclaw/pull/83696#issuecomment-4479900502
Co-authored-by: fred <fengruifree@gmail.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com >
2026-05-18 17:30:33 +00:00
clawsweeper[bot]
5702858553
feat(cli): support installing skills to shared global directory via --global ( #83705 )
...
Summary:
- Adds `--global` to `openclaw skills install` and `openclaw skills update`, routing ClawHub installs and updates to the shared managed skills root with docs, changelog, and CLI command tests.
- Reproducibility: not applicable. as a bug reproduction; this is a new CLI feature request. Source inspection confirms current `main` lacks `--global`, and the source PR includes after-fix terminal proof for the new path.
Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(cli): address skills global review
- PR branch already contained follow-up commit before automerge: feat(cli): support installing skills to shared global directory via -…
Validation:
- ClawSweeper review passed for head 6eb7187fc16eb7187fc1https://github.com/openclaw/openclaw/pull/83705#issuecomment-4480023577
Co-authored-by: Hongwei Ma <marvae24@gmail.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com >
2026-05-18 17:22:00 +00:00
Gio Della-Libera
1b5bc33161
fix(doctor): archive legacy clawd browser profile residue ( #83230 )
...
* fix(doctor): archive legacy clawd browser profile residue
* Avoid browser cleanup load without residue
Doctor --fix now skips loading the browser doctor facade unless the legacy browser/clawd profile path exists, preventing broad config repair tests from paying the plugin load cost when there is nothing to archive.
* Use structured health check for browser residue
Register the legacy clawd browser profile residue cleanup through the modern doctor health-check contract so doctor --lint can report it and doctor --fix repairs it through structured effects.
2026-05-17 19:45:03 -07:00
Peter Steinberger
7afac6015f
feat(browser): surface observed dialogs ( #83099 )
2026-05-18 00:05:29 +01:00
Gio Della-Libera
9a5f2f61e7
Doctor: add health-check contract and --lint validation ( #80055 )
...
* feat(doctor): add --lint mode + structured HealthFinding shape
Adds the core machinery for `openclaw doctor --lint` per the
doctor-lint-and-oc-rules upstream proposal. PR-1 of the proposal:
no new top-level verb, no public plugin SDK; everything internal.
Files:
- src/flows/checks.ts ? HealthFinding / HealthCheck / HealthCheckContext
types. Findings carry severity per-finding; checks return
readonly HealthFinding[]. Mode tag (doctor/lint/fix) lets a check
distinguish the calling posture.
- src/flows/health-check-registry.ts ? module-level registry with
duplicate-id rejection + test reset helper.
- src/flows/doctor-lint-flow.ts ? runner over registered checks.
Catches throws into synthetic error findings (anchored at check id;
message scrubbed of control chars, capped at 256 bytes). Sorts
findings by severity desc, check id, path. Exports
exitCodeFromFindings (1 if any warning/error, 0 otherwise).
- src/flows/doctor-core-checks.ts ? 4 modern HealthChecks rewriting
logic from existing legacy run*Health functions:
core/doctor/gateway-config (warning)
core/doctor/command-owner (info)
core/doctor/workspace-status (info)
core/doctor/final-config-validation (error)
Each was audited safe per the proposal's adapter constraints
(no writes, no repair calls, no prompts, no probes incl. local-bind).
Legacy run*Health contributions in doctor-health-contributions.ts
are unchanged ? doctor mode (no --lint) still runs the existing 35.
- src/commands/doctor-lint.ts ? CLI dispatch for --lint. Reads config
snapshot, builds HealthCheckContext (mode: "lint"), runs the registry,
filters by --severity-min, emits human or JSON output, returns exit
code from unfiltered set so --severity-min hides info findings
without changing CI signal.
- src/cli/program/register.maintenance.ts ? adds --lint, --json,
--severity-min, --skip, --only flags to existing doctor command.
--lint branches to runDoctorLintCli; without --lint, doctor runs
unchanged.
LoC: 382 src across 6 files. Tests + doc + oc-path-side rule packs
follow as separate commits on this branch.
* fix: avoid string spread in doctor errors
* chore: refresh plugin SDK API baseline
* docs: clarify doctor lint usage
* feat(doctor): prepare repairs for dry-run reporting
2026-05-17 12:29:57 -07:00
Peter Steinberger
ad861d4c9d
feat: add presentation capability limits
2026-05-17 14:18:23 +01:00
Peter Steinberger
b95c8a4d95
docs: add tool plugin authoring guide
2026-05-17 11:45:18 +01:00
Peter Steinberger
b17e4ed50c
feat: add simple tool plugin authoring
2026-05-17 11:45:18 +01:00
Peter Steinberger
5d1f7bf058
fix: route image URL describes through MiniMax VLM
...
Summary:
- Preserve HTTP image describe inputs as remote media.
- Route MiniMax CN image understanding through MiniMax-VL-01.
- Cover CLI, media runtime, tools, Telegram stickers, docs, and changelog.
Verification:
- codex-review clean
- pnpm check:changed via Blacksmith Testbox tbx_01krtdekwak0mygxbw5z7cfb6z
- PR CI green on 516281448e
2026-05-17 08:45:50 +01:00
Jesse Merhi
7c2425a518
Support HTTPS managed proxy CA trust ( #79171 )
...
* fix: support HTTPS managed proxy CA trust
* fix: strip IP SNI for HTTPS proxy dispatchers
* fix: harden managed proxy undici dispatchers
* docs: refresh proxy baselines
* fix: drop stale whatsapp undici dependency
* fix: satisfy proxy dispatcher lint and tests
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-17 06:23:30 +01:00
Peter Steinberger
ca236d098d
fix: harden gateway launchd and configure sections
2026-05-17 03:44:05 +01:00
Youssef Hemimy
94ed68bc76
fix(whatsapp): honor forceDocument flag end-to-end ( #79272 )
...
Merged via squash.
Prepared head SHA: faaff35f1e53057646+itsuzef@users.noreply.github.com >
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com >
Reviewed-by: @mcaxtr
2026-05-16 23:29:01 -03:00
Peter Steinberger
5b383af736
feat: add native mac dashboard window
2026-05-16 23:49:18 +01:00
100menotu001
a1d0b2709a
Add security audit suppressions ( #76949 )
...
* Add security audit suppressions
* docs: list audit suppression dangerous flag
* fix(security): keep audit suppressions visible
* docs(changelog): thank audit suppression contributor
---------
Co-authored-by: Craig <froelich@craigs.mac.studio.froho >
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-16 22:57:04 +01:00
hcl
c421be6c90
fix(docs): use lowercase MCP search tool ( #82704 )
...
Fixes #82702 .
Summary:
- Use the canonical lowercase docs MCP search tool name.
- Keep docs and changelog aligned for the CLI fix.
Verification:
- node scripts/run-vitest.mjs src/commands/docs.test.ts
- pnpm lint -- src/commands/docs.ts src/commands/docs.test.ts
- pnpm exec oxfmt --check CHANGELOG.md docs/cli/docs.md src/commands/docs.ts src/commands/docs.test.ts
- pnpm docs:list
- git diff --check
- HOME=$(mktemp -d) pnpm openclaw docs "browser existing-session"
- Codex review local + branch: clean
- GitHub CI 25971835163, CodeQL Critical Quality 25971835154, Real behavior proof 25971834239: green
Co-authored-by: hclsys <hclsys@users.noreply.github.com >
2026-05-16 21:21:58 +01:00
Gio Della-Libera
489cab2738
fix(config): add --dry-run support to unset ( #81895 )
...
* Add config unset dry-run
Add --dry-run support to config unset, including JSON output and allow-exec validation parity with config set/patch dry-run handling.
* Refresh checks after proof update
* fix(config): address unset dry-run review
Return structured JSON when config unset dry-run misses a path and validate broad secret provider/default unsets against affected SecretRefs.
2026-05-16 11:09:42 -07:00
Gio Della-Libera
0b708a2574
OC Path: restore YAML support ( #81436 )
...
* OC Path: restore YAML support
* fix(oc-path): guard yaml writes and empty sequences
* fix(oc-path): guard yaml insertion keys
* fix(oc-path): guard yaml object key
* fix(oc-path): classify yaml root insertions
* style(oc-path): format yaml branch after rebase
* fix(oc-path): reject malformed yaml edits
* docs(oc-path): clarify yaml file support
* fix(ci): refresh yaml branch after rebase
* fix(ci): clean shared blockers for yaml path PR
* fix(changelog): keep yaml path note scoped
* fix(ci): preserve current shared contracts
---------
Co-authored-by: Gio Della-Libera <giodl73@gmail.com
2026-05-16 07:52:08 -07:00
Peter Steinberger
661362c89c
docs: document gateway restart trace ( #82396 ) (thanks @samzong)
2026-05-16 13:42:50 +01:00
Gio Della-Libera
c8bec51869
OC Path: add dry-run diff output ( #81437 )
...
* OC Path: add dry-run diff output
* fix(oc-path): require dry-run for diff output
* fix(oc-path): show final newline diff
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
* fix(oc-path): show line-ending-only dry-run diffs
---------
Co-authored-by: Gio Della-Libera <giodl@microsoft.com >
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
2026-05-15 21:54:06 -07:00
Brad
372a8e4d22
Add wait mode for manual cron runs ( #81929 )
...
Adds wait mode for manual cron runs, exact run-id lookup for cron run logs, protocol/Swift schema support, and docs/changelog coverage.
2026-05-15 20:17:48 -07:00
Sergio Cadavid
472523360d
fix(codex): scope user MCP servers by agent ( #82180 )
2026-05-15 20:17:16 +01:00
Peter Steinberger
369917ff79
fix: surface cron model override diagnostics
2026-05-15 16:04:49 +01:00
MrBrain
d8ae3ec4c8
feat(wizard): add cli i18n catalog
2026-05-15 15:33:27 +01:00
Peter Steinberger
b830beb34b
fix: surface update restart and plugin repair guidance
2026-05-15 07:32:29 +01:00
B.K.
22a0ca9e3b
fix: hand off managed update run self-updates
...
Route managed LaunchAgent package self-updates through the post-exit CLI handoff path and persist handoff helper failures through the update restart sentinel so agent-invoked updates cannot stay pending indefinitely.
Add handoff ownership guards for stale helpers, atomic helper sentinel writes, and regression coverage for unrelated and newer pending sentinels.
Fixes #81894 .
Co-authored-by: B.K. <bandark@mac.com >
2026-05-15 06:12:57 +01:00
Kevin Lin
079bf99671
docs: consolidate plugin management docs ( #81898 )
...
* docs: consolidate plugin management docs
* docs: keep community plugins page discovery-only
* docs: restore clawhub publishing guidance
* docs: keep community publishing checklist
2026-05-14 14:27:50 -07:00
Peter Steinberger
a0f35574d0
Remove codex-cli backend and migrate to Codex runtime
...
Remove the bundled codex-cli backend, migrate legacy codex-cli refs and runtime pins to the Codex app-server runtime, and update live/backend workflow coverage for the supported CLI lanes.
2026-05-14 10:07:18 +01:00
Peter Steinberger
65ea6fdb49
docs: clarify Codex home isolation
2026-05-14 06:51:57 +01:00
pashpashpash
74860e93fd
fix(codex): preserve user home for app-server launches
2026-05-13 16:37:03 -07:00
Peter Steinberger
b10b946b12
docs(clawhub): remove missing security route
2026-05-13 23:57:05 +01:00
B.K.
b8ea6097d9
fix(cli): report stale plugin doctor config ( #81515 )
...
Merged via squash.
Prepared head SHA: 23bc849abd263413630+BKF-Gitty@users.noreply.github.com >
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com >
Reviewed-by: @altaywtf
2026-05-14 00:03:54 +03:00
Kevin Lin
6a23e26a27
docs: consolidate plugin install docs ( #81167 )
...
* docs: consolidate plugin install docs
* docs: align plugin getting started page
* snap
* docs: add reusable audit viewer tooling
* docs: add audit viewer doc mode
* docs: add audit viewer diff mode
* docs: strengthen plugin docs audit coverage
* docs: preserve plugin scan order reference
* docs: resolve plugin audit coverage gaps
* docs: strengthen audit line mappings
* docs: narrow plugin docs refactor scope
* docs: preserve plugin audit facts
* docs: keep audit skill local
* docs: remove audit skill from pr
* fix: satisfy plugin scan lint
* docs: address plugin docs review
2026-05-13 13:17:39 -07:00
Pavan Kumar Gondhi
b17e77a22b
Require approval for setup-code device pairing [AI] ( #81292 )
...
* fix: require approval for setup-code bootstrap pairing
* addressing review-skill
* addressing codex review
* addressing codex review
* addressing codex review
* addressing codex review
* addressing codex review
* addressing ci
* addressing ci
* docs: add changelog entry for PR merge
2026-05-13 18:48:44 +05:30
Peter Steinberger
694ca50e97
Revert "refactor: move runtime state to SQLite"
...
This reverts commit f91de52f0d
2026-05-13 13:33:38 +01:00
Peter Steinberger
f91de52f0d
refactor: move runtime state to SQLite
...
* refactor: remove stale file-backed shims
* fix: harden sqlite state ci boundaries
* refactor: store matrix idb snapshots in sqlite
* fix: satisfy rebased CI guardrails
* refactor: store current conversation bindings in sqlite table
* refactor: store tui last sessions in sqlite table
* refactor: reset sqlite schema history
* refactor: drop unshipped sqlite table migration
* refactor: remove plugin index file rollback
* refactor: drop unshipped sqlite sidecar migrations
* refactor: remove runtime commitments kv migration
* refactor: preserve kysely sync result types
* refactor: drop unshipped sqlite schema migration table
* test: keep session usage coverage sqlite-backed
* refactor: keep sqlite migration doctor-only
* refactor: isolate device legacy imports
* refactor: isolate push voicewake legacy imports
* refactor: isolate remaining runtime legacy imports
* refactor: tighten sqlite migration guardrails
* test: cover sqlite persisted enum parsing
* refactor: isolate legacy update and tui imports
* refactor: tighten sqlite state ownership
* refactor: move legacy imports behind doctor
* refactor: remove legacy session row lookup
* refactor: canonicalize memory transcript locators
* refactor: drop transcript path scope fallbacks
* refactor: drop runtime legacy session delivery pruning
* refactor: store tts prefs only in sqlite
* refactor: remove cron store path runtime
* refactor: use cron sqlite store keys
* refactor: rename telegram message cache scope
* refactor: read memory dreaming status from sqlite
* refactor: rename cron status store key
* refactor: stop remembering transcript file paths
* test: use sqlite locators in agent fixtures
* refactor: remove file-shaped commitments and cron store surfaces
* refactor: keep compaction transcript handles out of session rows
* refactor: derive transcript handles from session identity
* refactor: derive runtime transcript handles
* refactor: remove gateway session locator reads
* refactor: remove transcript locator from session rows
* refactor: store raw stream diagnostics in sqlite
* refactor: remove file-shaped transcript rotation
* refactor: hide legacy trajectory paths from runtime
* refactor: remove runtime transcript file bridges
* refactor: repair database-first rebase fallout
* refactor: align tests with database-first state
* refactor: remove transcript file handoffs
* refactor: sync post-compaction memory by transcript scope
* refactor: run codex app-server sessions by id
* refactor: bind codex runtime state by session id
* refactor: pass memory transcripts by sqlite scope
* refactor: remove transcript locator cleanup leftovers
* test: remove stale transcript file fixtures
* refactor: remove transcript locator test helper
* test: make cron sqlite keys explicit
* test: remove cron runtime store paths
* test: remove stale session file fixtures
* test: use sqlite cron keys in diagnostics
* refactor: remove runtime delivery queue backfill
* test: drop fake export session file mocks
* refactor: rename acp session read failure flag
* refactor: rename acp row session key
* refactor: remove session store test seams
* refactor: move legacy session parser tests to doctor
* refactor: reindex managed memory in place
* refactor: drop stale session store wording
* refactor: rename session row helpers
* refactor: rename sqlite session entry modules
* refactor: remove transcript locator leftovers
* refactor: trim file-era audit wording
* refactor: clean managed media through sqlite
* fix: prefer explicit agent for exports
* fix: use prepared agent for session resets
* fix: canonicalize legacy codex binding import
* test: rename state cleanup helper
* docs: align backup docs with sqlite state
* refactor: drop legacy Pi usage auth fallback
* refactor: move legacy auth profile imports to doctor
* refactor: keep Pi model discovery auth in memory
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
* refactor: remove model json compatibility aliases
* refactor: store auth profiles in sqlite
* refactor: seed copied auth profiles in sqlite
* refactor: make auth profile runtime sqlite-addressed
* refactor: migrate hermes secrets into sqlite auth store
* refactor: move plugin install config migration to doctor
* refactor: rename plugin index audit checks
* test: drop auth file assumptions
* test: remove legacy transcript file assertions
* refactor: drop legacy cli session aliases
* refactor: store skill uploads in sqlite
* refactor: keep subagent attachments in sqlite vfs
* refactor: drop subagent attachment cleanup state
* refactor: move legacy session aliases to doctor
* refactor: require node 24 for sqlite state runtime
* refactor: move provider caches into sqlite state
* fix: harden virtual agent filesystem
* refactor: enforce database-first runtime state
* refactor: rename compaction transcript rotation setting
* test: clean sqlite refactor test types
* refactor: consolidate sqlite runtime state
* refactor: model session conversations in sqlite
* refactor: stop deriving cron delivery from session keys
* refactor: stop classifying sessions from key shape
* refactor: hydrate announce targets from typed delivery
* refactor: route heartbeat delivery from typed sqlite context
* refactor: tighten typed sqlite session routing
* refactor: remove session origin routing shadow
* refactor: drop session origin shadow fixtures
* perf: query sqlite vfs paths by prefix
* refactor: use typed conversation metadata for sessions
* refactor: prefer typed session routing metadata
* refactor: require typed session routing metadata
* refactor: resolve group tool policy from typed sessions
* refactor: delete dead session thread info bridge
* Show Codex subscription reset times in channel errors (#80456 )
* feat(plugin-sdk): consolidate session workflow APIs
* fix(agents): allow read-only agent mount reads
* [codex] refresh plugin regression fixtures
* fix(agents): restore compaction gateway logs
* test: tighten gateway startup assertions
* Redact persisted secret-shaped payloads [AI] (#79006 )
* test: tighten device pair notify assertions
* test: tighten hermes secret assertions
* test: assert matrix client error shapes
* test: assert config compat warnings
* fix(heartbeat): remap cron-run exec events to session keys (#80214 )
* fix(codex): route btw through native side threads
* fix(auth): accept friendly OpenAI order for Codex profiles
* fix(codex): rotate auth profiles inside harness
* fix: keep browser status page probe within timeout
* test: assert agents add outputs
* test: pin cron read status
* fix(agents): avoid Pi resource discovery stalls
Co-authored-by: dataCenter430 <titan032000@gmail.com >
* fix: retire timed-out codex app-server clients
* test: tighten qa lab runtime assertions
* test: check security fix outputs
* test: verify extension runtime messages
* feat(wake): expose typed sessionKey on wake protocol + system event CLI
* fix(gateway): await session_end during shutdown drain and track channel + compaction lifecycle paths (#57790 )
* test: guard talk consult call helper
* fix(codex): scale context engine projection (#80761 )
* fix(codex): scale context engine projection
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* fix: document Codex context projection scaling
* chore: align Codex projection changelog
* chore: realign Codex projection changelog
* fix: isolate Codex projection patch
---------
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
* refactor: move agent runtime state toward piless
* refactor: remove cron session reaper
* refactor: move session management to sqlite
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: remove stale file-backed shims
* test: harden kysely type coverage
# Conflicts:
# .agents/skills/kysely-database-access/SKILL.md
# src/infra/kysely-sync.types.test.ts
# src/proxy-capture/store.sqlite.test.ts
# src/state/openclaw-agent-db.test.ts
# src/state/openclaw-state-db.test.ts
* refactor: remove cron store path runtime
* refactor: keep compaction transcript handles out of session rows
* refactor: derive embedded transcripts from sqlite identity
* refactor: remove embedded transcript locator handoff
* refactor: remove runtime transcript file bridges
* refactor: remove transcript file handoffs
* refactor: remove MSTeams legacy learning key fallback
* refactor: store model catalog config in sqlite
* refactor: use sqlite model catalog at runtime
# Conflicts:
# docs/cli/secrets.md
# docs/gateway/authentication.md
# docs/gateway/secrets.md
* fix: keep oauth sibling sync sqlite-local
# Conflicts:
# src/commands/onboard-auth.test.ts
* refactor: remove task session store maintenance
# Conflicts:
# src/commands/tasks.ts
* refactor: keep diagnostics in state sqlite
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* Show Codex subscription reset times in channel errors (#80456 )
* fix(codex): refresh subscription limit resets
* fix(codex): format reset times for channels
* Update CHANGELOG with latest changes and fixes
Updated CHANGELOG with recent fixes and improvements.
* fix(codex): keep command load failures on codex surface
* fix(codex): format account rate limits as rows
* fix(codex): summarize account limits as usage status
* fix(codex): simplify account limit status
* test: tighten subagent announce queue assertion
* test: tighten session delete lifecycle assertions
* test: tighten cron ops assertions
* fix: track cron execution milestones
* test: tighten hermes secret assertions
* test: assert matrix sync store payloads
* test: assert config compat warnings
* fix(codex): align btw side thread semantics
* fix(codex): honor codex fallback blocking
* fix(agents): avoid Pi resource discovery stalls
* test: tighten codex event assertions
* test: tighten cron assertions
* Fix Codex app-server OAuth harness auth
* refactor: move agent runtime state toward piless
* refactor: move device and push state to sqlite
* refactor: move runtime json state imports to doctor
* refactor: finish database-first state migration
* chore: refresh generated sqlite db types
* refactor: clarify cron sqlite store keys
* refactor: remove stale file-backed shims
* refactor: bind codex runtime state by session id
* test: expect sqlite trajectory branch export
* refactor: rename session row helpers
* fix: keep legacy device identity import in doctor
* refactor: enforce database-first runtime state
* refactor: consolidate sqlite runtime state
* build: align pi contract wrappers
* chore: repair database-first rebase
* refactor: remove session file test contracts
* test: update gateway session expectations
* refactor: stop routing from session compatibility shadows
* refactor: stop persisting session route shadows
* refactor: use typed delivery context in clients
* refactor: stop echoing session route shadows
* refactor: repair embedded runner rebase imports
# Conflicts:
# src/agents/pi-embedded-runner/run/attempt.tool-call-argument-repair.ts
* refactor: align pi contract imports
* refactor: satisfy kysely sync helper guard
* refactor: remove file transcript bridge remnants
* refactor: remove session locator compatibility
* refactor: remove session file test contracts
* refactor: keep rebase database-first clean
* refactor: remove session file assumptions from e2e
* docs: clarify database-first goal state
* test: remove legacy store markers from sqlite runtime tests
* refactor: remove legacy store assumptions from runtime seams
* refactor: align sqlite runtime helper seams
* test: update memory recall sqlite audit mock
* refactor: align database-first runtime type seams
* test: clarify doctor cron legacy store names
* fix: preserve sqlite session route projections
* test: fix copilot token cache test syntax
* docs: update database-first proof status
* test: align database-first test fixtures
* docs: update database-first proof status
* refactor: clean extension database-first drift
* test: align agent session route proof
* test: clarify doctor legacy path fixtures
* chore: clean database-first changed checks
* chore: repair database-first rebase markers
* build: allow baileys git subdependency
* chore: repair exp-vfs rebase drift
* chore: finish exp-vfs rebase cleanup
* chore: satisfy rebase lint drift
* chore: fix qqbot rebase type seam
* chore: fix rebase drift leftovers
* fix: keep auth profile oauth secrets out of sqlite
* fix: repair rebase drift tests
* test: stabilize pairing request ordering
* test: use source manifests in plugin contract checks
* fix: restore gateway session metadata after rebase
* fix: repair database-first rebase drift
* fix: clean up database-first rebase fallout
* test: stabilize line quick reply receipt time
* fix: repair extension rebase drift
* test: keep transcript redaction tests sqlite-backed
* fix: carry injected transcript redaction through sqlite
* chore: clean database branch rebase residue
* fix: repair database branch CI drift
* fix: repair database branch CI guard drift
* fix: stabilize oauth tls preflight test
* test: align database branch fast guards
* test: repair build artifact boundary guards
* chore: clean changelog rebase markers
---------
Co-authored-by: pashpashpash <nik@vault77.ai >
Co-authored-by: Eva <eva@100yen.org >
Co-authored-by: stainlu <stainlu@newtype-ai.org >
Co-authored-by: Jason Zhou <jason.zhou.design@gmail.com >
Co-authored-by: Ruben Cuevas <hi@rubencu.com >
Co-authored-by: Pavan Kumar Gondhi <pavangondhi@gmail.com >
Co-authored-by: Shakker <shakkerdroid@gmail.com >
Co-authored-by: Kaspre <36520309+Kaspre@users.noreply.github.com >
Co-authored-by: dataCenter430 <titan032000@gmail.com >
Co-authored-by: Kaspre <kaspre@gmail.com >
Co-authored-by: pandadev66 <nova.full.stack@outlook.com >
Co-authored-by: Eva <admin@100yen.org >
Co-authored-by: Eva (agent) <eva+agent-78055@100yen.org >
Co-authored-by: Josh Lehman <josh@martian.engineering >
Co-authored-by: jeffjhunter <support@aipersonamethod.com >
2026-05-13 13:15:12 +01:00
Peter Steinberger
5f8e1dd399
feat(telegram): support web app presentation buttons
...
Refs #81356
Co-authored-by: Jamil Zakirov <jamil@zakirov.com >
2026-05-13 12:08:29 +01:00
Jesse Merhi
6c92324c5f
Revert "Check ClawHub trust before plugin installs ( #81307 )" ( #81363 )
...
This reverts commit 87eb450047
2026-05-13 19:34:18 +10:00
Jesse Merhi
87eb450047
Check ClawHub trust before plugin installs ( #81307 )
...
Merged via squash.
Prepared head SHA: 273fd7c20e79823012+jesse-merhi@users.noreply.github.com >
Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com >
Reviewed-by: @jesse-merhi
2026-05-13 16:31:52 +10:00
Kevin Lin
bc44f3824f
fix: improve Codex migration selector enter
2026-05-12 15:23:28 -07:00
Kevin Lin
9ff5250792
fix(codex): gate migration on app readiness ( #80815 )
...
* fix(codex): gate migration on app readiness
* fix(codex): preserve source auth during migration
* fix(codex): isolate migration source app probes
* docs(codex): align migration readiness reasons
* docs(codex): remove stale auth-required source reason
* fix(codex): narrow native auth profile resolver input
* fix: clarify codex migration subscription gating
* refactor: simplify codex migration subscription gate
* fix: make codex app verification optional
* docs: clarify codex app inventory cache
* test: avoid map spread in migration test
2026-05-12 13:01:22 -07:00
