Preserve OpenAI-compatible replay reasoning when the selected custom or self-hosted model already has reasoning metadata enabled.
The transcript policy now treats existing model metadata as the replay contract instead of requiring a new provider config knob, and the OpenAI-compatible serializer preserves reasoning_content for those routes while keeping stock OpenAI, Gemma 4, and known non-replayable OpenRouter safeguards.
Fixes#88068.
Replaces #88071.
Treat pathless POSIX shell builtins (`:`, `cd`, `false`, `pwd`, `true`) as internally safe only during shell allowlist evaluation. This avoids approval prompts for chains like `cd /tmp && git status` when the executable segment is already allowlisted, without adding a `tools.exec.safeBuiltins` config knob.
Environment-mutating builtins (`export`, `unset`), code-evaluating builtins (`eval`, `source`, `.`), unknown commands, and direct argv execution remain approval-gated unless separately allowlisted.
Proof: `pnpm test src/infra/exec-safe-builtins.test.ts src/agents/bash-tools.exec.security-floor.test.ts -- --reporter=verbose`; `pnpm changed:lanes --json`; `pnpm check:no-conflict-markers`; `git diff --check origin/main...HEAD`. CI related failures were resolved on the final SHA; remaining `checks-node-core-runtime-media-ui` failure is unrelated to this PR.
Fixes#46056.
Thanks @kinjitakabe.
Co-authored-by: kevinkang-ai <273844887+kevinkang-ai@users.noreply.github.com>
Summary:
- The branch documents friendly browser tab references across docs, the browser skill, CLI help, and tool schema descriptions, and adds tests for target reference resolution and tab alias behavior.
- PR surface: Source +24, Tests +328, Docs +9. Total +361 across 21 files.
- Reproducibility: yes. for the documentation mismatch by source inspection: current main supports friendly ta ... schema/help surfaces still emphasize raw CDP target ids. Runtime behavior itself is not a new failing path.
Automerge notes:
- PR branch already contained follow-up commit before automerge: refactor(browser): share tab reference CLI help
Validation:
- ClawSweeper review passed for head 118af80b0b.
- Required merge gates passed before the squash merge.
Prepared head SHA: 118af80b0b
Review: https://github.com/openclaw/openclaw/pull/88393#issuecomment-4583558133
Co-authored-by: FMLS <kfliuyang@gmail.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Fixes#88443.
Cooldown-only edits under auth.cooldowns now hot reload the active runtime config instead of scheduling a gateway restart. This avoids dropping active gateway work while preserving restart-required behavior for gateway.auth.* credential changes.
Verification:
- pnpm test src/gateway/config-reload.test.ts -- --reporter=verbose
- env -u OPENCLAW_TESTBOX pnpm check:changed
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main --prompt 'Review PR 88474 after rebase. Focus on whether auth.cooldowns hot reload correctly refreshes active runtime config without weakening gateway auth/token restart behavior. Treat no-op vs hot reload semantics as central.'
- GitHub CI, Real behavior proof, CodeQL, Dependency Guard, OpenGrep PR Diff, and Workflow Sanity passed on 51232ff66c.
Thanks @IWhatsskill.
Retry live query embeddings on transient provider transport failures and split eligible batch embedding socket failures after bounded retries.
Fixes#71784Fixes#44166
Supersedes #44167
Co-authored-by: MrGeDiao <MrGeDiao@users.noreply.github.com>
Suppress BOOT.md/internal-runtime-context echoes in fallback boot sends.
Wrap boot prompts as internal runtime context, track the active boot prompt during boot runs, and sanitize message-tool visible payloads before dispatch so fallback models cannot deliver copied BOOT.md instructions or leak them through raw-params errors. Preserves media/presentation sends that still contain non-text payload content after sanitization.
Fixes#53732.
Co-authored-by: stainlu <stainlu@newtype-ai.org>
Allow media understanding providers to opt into synthetic non-secret auth for local or self-hosted no-auth audio/video execution.
This preserves configured env/profile/literal provider credentials first, keeps explicit profile failures hard-fail, and leaves unmarked remote providers fail-closed.
Fixes#74644.
Limit plugin metadata snapshots to the channel, provider, and startup surfaces that need them, while preserving unscoped fallback for incomplete index data and provider runtime resolution.
Refs #70533.
Refs #84628.
Co-authored-by: IWhatsskill <IWhatsskill@users.noreply.github.com>
Fixes#67423.
Resolve provider-entry apiKey fields that intentionally reference model auth profiles through centralized binding logic, so runtime auth and status labeling agree. Preserve env-first precedence, SecretRef handling, provider/baseUrl compatibility checks, and model auth-mode guards.
Verification:
- node scripts/run-vitest.mjs src/agents/model-auth.profiles.test.ts src/agents/model-auth-label.test.ts
- PATH=/tmp/openclaw-corepack-shim.XXXXXX:$PATH CI=true pnpm check:changed
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main
- GitHub CI run 26710260760 and related CodeQL/proof checks on f55dec154d
Co-authored-by: kinjitakabe <273844887+kinjitakabe@users.noreply.github.com>
Stabilizes Claude CLI reusable sessions when Claude token rotation causes transient token-shaped credential reads. Local Claude CLI OAuth and token credential encodings now share the same identity-only auth-epoch, while ref-backed token auth profiles ignore refreshed token material and plaintext token profiles remain epoch-sensitive on manual token replacement.
Fixes#74312.
Proof: focused local Vitest, autoreview, Testbox-through-Crabbox tbx_01ksyrcknbt743x32x6k1s95qw, and GitHub CI run 26709864094 all passed.
Co-authored-by: stainlu <stainlu@newtype-ai.org>
Deliver plugin-owned bound-thread replies even when the source room is configured for `message_tool` visible replies. Normal agent final text still stays private unless the agent calls `message(action=send)`.
Document the distinction in the group/channel docs and root routing policy, and keep ambient room-event plus unauthorized text-slash suppression covered by regression tests.
Fixes#87721.
Adds a report-only memory-core dreaming shadow-trial runner that writes inspectable artifacts without mutating durable memory. The public helper now stores default reports under daily directories with opaque content-hash filenames, so multiple same-day trials coexist without leaking candidate text into paths.
Verification:
- OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs run --config test/vitest/vitest.extension-memory.config.ts extensions/memory-core/src/dreaming-shadow-trial.test.ts --reporter=verbose --maxWorkers=1
- git diff --check
- pnpm exec oxfmt --check extensions/memory-core/src/dreaming-shadow-trial.ts extensions/memory-core/src/dreaming-shadow-trial.test.ts
- pnpm tsgo:extensions
- autoreview clean: no accepted/actionable findings
- GitHub CI run 26709794635 passed
- Real behavior proof run 26709798698 passed
- Dependency Guard run 26709794113 passed
Co-authored-by: Firas Alswihry <itzfiras@gmail.com>
