Ben.Li
a5379472f7
feat(onboard): show setup timeline note ( #97482 )
...
* feat(onboard): show setup timeline note
* test(agents): stabilize retained lock CI flakes
2026-06-28 10:47:11 -07:00
Gio Della-Libera
102a65477e
Add marketplace feed refresh command ( #96155 )
...
Merged via squash.
Prepared head SHA: 1614070e92
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com >
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com >
Reviewed-by: @giodl73-repo
2026-06-28 10:29:15 -07:00
mushuiyu886
891096926e
fix(opencode): restore Zen model catalog ( #92495 )
...
* fix(opencode): restore Zen model catalog
* fix(opencode): restore Zen transport routing
* fix(opencode): broaden Zen fallback catalog
* fix(opencode): correct Zen family routing
* fix(opencode): route Zen MiniMax through Anthropic
* fix(opencode): filter Zen live-only catalog rows
* fix(opencode): route MiniMax through Zen chat completions
* fix(opencode): omit unverified Zen model costs
* fix(opencode): align sampled Zen costs
* fix(opencode): keep Zen cost metadata required
* fix(opencode): keep Zen docs examples resolvable
* fix(opencode): move Zen catalog to provider discovery
* test(opencode): cover Zen discovery cache isolation
* fix(opencode): add Zen GLM-5.2 catalog coverage
* test(opencode): detect Zen catalog drift
Signed-off-by: sallyom <somalley@redhat.com >
---------
Signed-off-by: sallyom <somalley@redhat.com >
Co-authored-by: sallyom <somalley@redhat.com >
2026-06-28 12:32:44 -04:00
Gio Della-Libera
70e0fd4d8b
Add hosted catalog config profiles ( #95981 )
...
Merged via squash.
Prepared head SHA: ef4d81cd08
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com >
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com >
Reviewed-by: @giodl73-repo
2026-06-28 07:53:32 -07:00
Josh Lehman
b5e9179063
docs: deprecate legacy session file helpers ( #97494 )
...
* docs: deprecate legacy session file helpers
* docs: update sdk deprecation budgets
2026-06-28 07:33:34 -07:00
Bek
9c95abd49d
fix: seed Slack thread context after reset ( #97100 )
2026-06-28 02:36:53 -04:00
Josh Avant
07b934901a
fix: scanned PDF pages reach chat vision models ( #97354 )
...
* fix: forward scanned PDF page images to chat models
* fix: remove stale reply option cast
2026-06-27 23:01:08 -05:00
Dallin Romney
7bbd09047b
docs: simplify macOS app overview ( #97120 )
...
* docs: simplify macOS app docs
* docs: preserve macOS app detail links
* docs: address macOS review feedback
2026-06-27 16:04:30 -07:00
Shakker
461e551e85
test: clarify delegated Testbox proof status
2026-06-27 23:53:52 +01:00
Galin Iliev
dc575d148a
fix: page sessions_history beyond truncated tails ( #97101 )
...
* Add sessions history offset pagination
* Fix sessions_history pagination after tool caps
* Fix sessions_history PR CI blockers
* Update sessions_history prompt snapshots
* Fix offset history projection windows
---------
Co-authored-by: Galin Iliev <5711535+galiniliev@users.noreply.github.com >
2026-06-27 15:30:49 -07:00
Milosz Jankiewicz
84bcd500c9
feat(xai): route OAuth login through device-code flow ( #97249 )
...
Route xAI OAuth through device-code sign-in so remote and headless hosts do not need a localhost callback. Preserve the legacy manual `xai-device-code` auth choice/method as a compatibility alias to the same device-code flow.
Also migrate stale xAI token endpoints on refresh and fail fast on structured refresh errors while keeping retries scoped to detected HTML/Cloudflare challenge responses.
Verification:
- `node scripts/run-vitest.mjs extensions/xai/index.test.ts extensions/xai/xai-oauth.test.ts`
- `node scripts/run-vitest.mjs src/cli/models-cli.test.ts -t 'maps --device-code'`
- `node scripts/run-vitest.mjs src/commands/auth-choice.test.ts -t 'removed provider auth choice'`
- Crabbox local-container live smoke on exact head `fef3cb24afb01cd1f69cf04ef67ed11d71dfadb3`: xAI discovery and device authorization returned 200.
- `$autoreview` after the live smoke: clean.
Co-authored-by: Jaaneek <Jaaneek@users.noreply.github.com >
Co-authored-by: fuller-stack-dev <263060202+fuller-stack-dev@users.noreply.github.com >
2026-06-27 10:02:57 -06:00
Kevin Lin
c5d34c8376
feat(codex): add always plugin approval mode ( #97123 )
...
* feat(codex): add always plugin approval mode
* fix(codex): normalize plugin approval decisions
* fix(codex): fail closed on layered approval overrides
2026-06-27 01:19:00 -07:00
mushuiyu886
65fec9d787
fix(voice-call): emit canonical session keys ( #89884 )
...
* fix(voice-call): scope generated session keys by agent
* docs(voice-call): document session key canonicalization
* test(voice-call): prove legacy session migration
* fix(voice-call): preserve canonical session ownership
* fix(sessions): isolate opaque nested identities
* fix(voice-call): preserve routing ownership
* fix(voice-call): enforce inbound route direction
* fix(sessions): preserve migration and policy boundaries
* fix(sessions): normalize ambiguous main aliases
* fix(sessions): preserve canonical peer and warning paths
* fix(sessions): exclude mixed-case scoped legacy keys
* fix(sessions): cover first-run plugin migration gaps
* fix(sessions): compare aliased store identities
* fix(sessions): coalesce aliased store ownership
* fix(sessions): defer ambiguous aliased migrations
* fix(sessions): preserve shared migration boundaries
* fix(sessions): preserve opaque peer ownership
* fix(sessions): reject ambiguous ownership shapes
* fix(sessions): preserve transcript rewrite keys
* fix(sessions): close routing and migration ambiguities
* fix(sessions): preserve plugin-owned ACP aliases
* fix(sessions): retain physical store ownership
* fix(sessions): restore configured store owners
* fix(sessions): reject malformed store owners
* fix(sessions): validate ACP store ownership
* fix(sessions): include canonical store owners
* fix(sessions): preserve final store symlinks
* fix(sessions): retain shared row owners
* fix(sessions): close legacy policy gaps
* fix(sessions): preserve aliases across migrations
* fix(sessions): resolve first-run store ownership
* fix(sessions): preserve hostile legacy keys
* fix(sessions): inspect unlisted store owners
* test(doctor): refresh migration harness
* fix(sessions): preserve opaque route segments
* fix(sessions): retain metadata during migration
* fix(sessions): fail closed on store alias uncertainty
* fix(sessions): defer aliased store rewrites
* fix(sessions): retain legacy row owners
* test(sessions): harden migration proof
* fix(sessions): migrate opaque agent keys
* chore(plugin-sdk): refresh API baseline
* fix(voice-call): reuse public routing parser
* fix(sessions): retain readable alias warnings
* fix(sessions): reject opaque nested routes
* fix(sessions): share strict delivery parsing
* test(voice-call): preserve malformed Matrix case
* fix(sessions): reject legacy peer overlap
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-06-27 01:29:58 +01:00
Patrick Erichsen
808c227edb
feat: scaffold provider plugins from init ( #94352 )
...
* feat: scaffold provider plugins from init
* fix: satisfy plugin init scaffold CI guards
* fix: preserve plugin init id argument
2026-06-26 16:43:51 -07:00
Vincent Koc
a82902c725
ci: right-size runner registration caps ( #97119 )
2026-06-27 07:01:26 +08:00
Vincent Koc
689baa5c1e
feat(i18n): add Hindi and Russian docs and Control UI locales
2026-06-26 15:01:15 -07:00
Bek
9636bea901
perf(memory): add QMD search diagnostics and runtime cache ( #96655 )
2026-06-26 16:16:12 -04:00
NIO
527f8f0cbb
fix(image-gen): bound image generation provider JSON response reads ( #96495 )
...
* fix(image-gen): bound image generation provider JSON response reads
Route success JSON reads through readProviderJsonResponse (16 MiB cap)
in openrouter, google, fal, minimax, openai, and vydra image generation
providers to prevent OOM from oversized or hostile endpoint responses.
Mirrors the response-limit campaign already applied to other provider paths.
AI-assisted.
Co-authored-by: Cursor <cursoragent@cursor.com >
* fix(image-gen): size bounded JSON caps for inline image payloads
Signed-off-by: sallyom <somalley@redhat.com >
---------
Signed-off-by: sallyom <somalley@redhat.com >
Co-authored-by: Cursor <cursoragent@cursor.com >
Co-authored-by: sallyom <somalley@redhat.com >
2026-06-26 07:08:30 -04:00
Jesse Merhi
ec737ee74d
fix: rebase clawhub install trust ( #81364 )
2026-06-26 18:33:19 +10:00
Gio Della-Libera
4fc504d321
Doctor: add lint --all ( #96471 )
...
* fix(doctor): keep audit scrub lint opt-in
* fix(doctor): keep audit lint defaults internal
* feat(doctor): add lint profiles
2026-06-25 22:26:42 -07:00
Kevin Lin
a6a4652c70
fix(codex): expose plugin apps after delayed inventory load ( #96872 )
...
* fix(codex): refresh missing plugin app inventory
* fix(codex): honor OpenClaw app enablement overrides
2026-06-25 21:10:02 -07:00
Renaud Cerrato
95b97e5b0b
fix(exec): fail invalid explicit workdir before running ( #94441 )
...
* fix(exec): fail invalid explicit workdir before running
* test(exec): tighten invalid workdir regression
* fix(exec): clarify invalid workdir recovery
* refactor(exec): centralize workdir resolution
* test(exec): update invalid workdir assertion
* fix(exec): harden backend workdir contract
* fix(exec): map missing backend host workdirs
* fix(exec): reject control commands before workdir prep
* fix(exec): defer env hook until backend cwd validation
* chore(sdk): refresh plugin api baseline
* test(agents): drop redundant definition assertions
* test(exec): use real config workdirs
* test(exec): use tracked temp dirs
* test(openshell): keep temp setup local
* test: update temp-dir route fixture
---------
Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com >
2026-06-26 08:02:00 +10:00
Ben Badejo
b3ac552c82
fix(codex): prefer desktop app-server for Computer Use on macOS ( #96730 )
...
* fix(codex): prefer desktop app-server for Computer Use on macOS
* fix(codex): fall back from stale desktop app-server
---------
Co-authored-by: Benjamin Badejo <ben@benbadejo.com >
2026-06-25 14:28:20 -04:00
Radek Sienkiewicz
0247eab773
fix(cli): sync official plugins during update all ( #96831 )
...
Co-authored-by: ooiuuii <169449607+ooiuuii@users.noreply.github.com >
2026-06-25 20:13:37 +02:00
Yzx
7fefc5ff58
fix: cron stream stalls fail over before job timeout ( #96096 )
...
* fix(agents): cap cron stream idle stalls
* fix(agents): preserve cron hostname timeout
* fix: bound cron idle timeout local exceptions
* fix: bound cron idle timeout local exceptions
---------
Co-authored-by: Radek Sienkiewicz <mail@velvetshark.com >
2026-06-25 19:04:15 +02:00
zhang-guiping
5fccf06b5f
fix(outbound): defer reserved-literal errors to async session-route resolver
...
In resolveAgentDeliveryPlanWithSessionRoute, reserved-literal errors from the
sync outbound target check are no longer treated as fatal. Instead, the path
proceeds to resolveOutboundSessionRoute which calls resolveMessagingTarget,
already fixed to do directory-first lookup before rejecting reserved literals.
This preserves configured Telegram directory entries named like reserved words
(current, self, this, me) through the explicit agent/gateway delivery path.
Update docs to reflect directory-first ordering.
2026-06-25 08:37:00 -07:00
张贵萍
56baf9d079
fix(outbound): reject reserved Telegram targets
2026-06-25 08:37:00 -07:00
Vincent Koc
56d95b18f4
fix(sdk): refresh plugin sdk api baseline
2026-06-25 06:51:02 +02:00
Dallin Romney
61d4ff782e
docs: clarify maturity scorecard scoring ( #96594 )
...
* docs: clarify maturity scorecard scoring
* chore: split qa profile workflow change
* docs: keep maturity coverage values stable
* test: keep maturity renderer fixture in core boundary
2026-06-24 17:32:08 -07:00
joshavant
0a14444924
Bound successful provider response reads
2026-06-24 19:08:22 -05:00
Omar Shahine
f2af052cee
perf(imessage): show typing sooner for slow replies ( #95621 )
...
Merged via squash.
Prepared head SHA: 65e9ad10fd
Co-authored-by: omarshahine <10343873+omarshahine@users.noreply.github.com >
Co-authored-by: omarshahine <10343873+omarshahine@users.noreply.github.com >
Reviewed-by: @omarshahine
2026-06-24 15:31:48 -07:00
Dallin Romney
15bfadf2bd
fix: count maturity coverage ids ( #96543 )
2026-06-24 14:56:51 -07:00
joshavant
259877dccf
docs: require OpenProse remote import consent
2026-06-24 16:36:48 -05:00
Josh Lehman
070996e5c3
fix: keep model-run pruning internal
2026-06-24 13:42:39 -07:00
Vincent Koc
9514faca27
chore(sdk): refresh plugin SDK API baseline
2026-06-24 21:40:41 +02:00
Josh Lehman
b6bc3ed0db
fix: Codex turns stop showing typing during tool work ( #95844 )
...
* fix: bridge harness execution phases to typing
* docs: clarify typing indicator activity triggers
2026-06-24 11:50:09 -07:00
Colin Johnson
4ae0a5d958
ci: run QA smoke profile in CI ( #94291 )
...
* ci: add qa lab smoke profile dispatch
* ci: prove qa lab smoke profile on prs
* ci: preserve manual qa lab profile dispatch
* ci: run qa lab smoke profile on pull requests
* ci: keep QA smoke mock lane bounded
* ci: run QA smoke PR proof through crabline
* ci: keep mock QA timeouts on caller fallbacks
* ci: prebuild QA smoke runtime
* ci: delegate smoke QA evidence workflow
* ci: trust release branch smoke evidence refs
* ci: trim smoke evidence workflow comments
* ci: align smoke evidence wrapper with QA profile contract
* ci: keep smoke profile evidence mock-only
* ci: make smoke profile evidence manual
* ci: shard qa smoke profile in ci
* ci: drop qa-channel-only smoke shard
* ci: derive qa smoke shards from taxonomy
* ci: keep qa smoke planner legacy-safe
* ci: enforce qa smoke shard failures
* ci: run qa smoke in existing fast shard
* ci: opt qa smoke into crabline concurrency
* test(ci): align qa smoke guard with taxonomy cleanup
* ci: split qa smoke into dedicated check
---------
Co-authored-by: Dallin Romney <dallinromney@gmail.com >
2026-06-24 09:47:45 -07:00
Vincent Koc
dbe2802cdc
fix(sdk): refresh API baseline hash
2026-06-25 00:04:34 +08:00
Vincent Koc
eabc12b7d6
fix(sandbox): install supported node in common image
2026-06-24 22:54:00 +08:00
Peter Lindsey
6add1cc969
feat(messages): config-level default for the persistent /usage footer
...
Adds `messages.responseUsage` (precedence session -> channel -> config default
-> off) so the persistent /usage footer can default-on, with three distinct
states: explicit on (tokens/full), explicit off (persisted), and unset (inherit
the configured default).
Unifies effective-value resolution behind a single channel-aware resolver
`resolveEffectiveResponseUsage` used by reply rendering, the no-arg /usage
toggle, the ACP control, and the gateway session-row builder; the row builder's
`effectiveResponseUsage` is carried through sessions.changed events, chat
snapshots, and the UI row so live consumers never go stale. `/usage reset`
(aliases inherit/clear/default) clears the override to inherit; only explicit
off persists; a full session reset preserves the preference. ACP "Usage detail"
gains an "inherit" option for unset sessions. Docs/help/completions updated; "on"
documented as a legacy alias; config-doc baseline regenerated.
2026-06-24 07:12:33 -07:00
Zaid
9e68fb1178
docs(docker): document Claude CLI persistence ( #96380 )
...
Summary:
- The branch adds Docker-specific Claude CLI persistence guidance and cross-links it from the CLI backend and Anthropic provider docs.
- PR surface: Docs +101. Total +101 across 3 files.
- Reproducibility: not applicable. as a bug reproduction. Source inspection confirms the current docs gap and the PR examples match existing Docker, config, and Claude CLI backend contracts.
Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head ad95482074 .
- Required merge gates passed before the squash merge.
Prepared head SHA: ad95482074
Review: https://github.com/openclaw/openclaw/pull/96380#issuecomment-4788612433
Co-authored-by: zaidazmi <zaidazmi27@gmail.com >
Approved-by: takhoffman
2026-06-24 11:29:52 +00:00
Vincent Koc
ae06d846fa
docs(qa): clarify Matrix smoke provider mode
2026-06-24 19:02:57 +08:00
Vincent Koc
20293036ca
fix(sdk): refresh API baseline hash
2026-06-24 18:58:08 +08:00
Vincent Koc
bfffc77bfc
feat(copilot): add BYOK provider parity
2026-06-24 18:29:56 +08:00
Dallin Romney
9666db607e
test(qa): clean up smoke taxonomy profile ( #96320 )
2026-06-24 00:43:00 -07:00
Dallin Romney
4a503ed45e
docs: add maturity docs routes ( #91483 )
2026-06-23 23:59:47 -07:00
Vincent Koc
9d381d4530
docs(testing): document openshell e2e prerequisites
2026-06-24 14:07:30 +08:00
Vincent Koc
0671c08900
chore(release): close out 2026.6.10 on main ( #96271 )
...
* chore(release): close out 2026.6.10 on main
* chore(release): align native app metadata for 2026.6.10
* chore(release): sync Android 2026.6.10 notes
* docs(changelog): preserve 2026.6.9 history
* docs(changelog): preserve 2026.6.9 history
2026-06-24 11:51:14 +08:00
Vincent Koc
89460288c4
ci: move codeql quality off blacksmith ( #96258 )
2026-06-24 11:48:32 +08:00
Wynne668
d15e89a83e
fix(workboard): hide archived cards in CLI list by default ( #94562 )
...
* fix(workboard): hide archived cards in CLI list by default
The `openclaw workboard list` CLI printed soft-archived cards, while the
`workboard_list` agent tool and the `/workboard list` command both hide
cards with `metadata.archivedAt` set unless archives are requested. Users
who archived cards still saw them in CLI output and assumed archive failed.
Filter archived cards by default in the CLI list handler and add an
`--include-archived` flag mirroring the tool's `includeArchived` option, so
all three list surfaces share one default. Docs updated to match.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
* fix(workboard): preserve json list archive visibility
* fix(workboard): preserve json list archive visibility
---------
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com >
Co-authored-by: Vincent Koc <vincentkoc@ieee.org >
2026-06-24 10:57:06 +08:00