Yonatan
38cd7f72b6
fix(whatsapp): resolve configured default account in single-arg setActiveWebListener overload ( #53918 )
...
Merged via squash.
Prepared head SHA: ad9be6383510474956+yhyatt@users.noreply.github.com >
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com >
Reviewed-by: @mcaxtr
2026-04-11 00:25:16 -03:00
George Zhang
9a4a9a5993
Heartbeat: spread interval runs across stable phases ( #64560 )
...
Merged via squash.
Prepared head SHA: 774ede64088635094+odysseus0@users.noreply.github.com >
Co-authored-by: odysseus0 <8635094+odysseus0@users.noreply.github.com >
Reviewed-by: @odysseus0
2026-04-10 19:40:21 -07:00
Peter Steinberger
3b6fac85ea
chore: prepare 2026.4.10 release
2026-04-11 03:22:18 +01:00
Balaji Siva
efab9763dc
Fix vLLM reasoning model response parsing (empty tool_calls array) ( #61534 )
...
Merged via squash.
Prepared head SHA: dfe6a3581c13068516+balajisiva@users.noreply.github.com >
Co-authored-by: scoootscooob <167050519+scoootscooob@users.noreply.github.com >
Reviewed-by: @scoootscooob
2026-04-10 19:14:48 -07:00
Peter Steinberger
07edaffb04
fix: finalize OpenAI replay liveness landing
2026-04-11 02:58:31 +01:00
Coy Geek
192ee081e7
fix: Implicit latest-device approval can pair the wrong requester ( #64160 )
...
* fix: require confirmation before implicit device approval
Keep re-requested pairing entries from jumping the queue and force operators to confirm implicit latest-request approval so a refreshed attacker request cannot be silently approved.
* fix: require exact device pairing approval
* fix: stabilize reply CI checks
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-04-11 02:55:01 +01:00
Peter Steinberger
efbab8ff8c
docs: reshuffle unreleased changelog
2026-04-11 02:45:48 +01:00
Peter Steinberger
b56cd114e7
feat: add Seedance 2 fal video models
2026-04-11 02:18:31 +01:00
Peter Steinberger
ab687f4637
fix: harden OpenAI tool replay compatibility
2026-04-11 01:27:31 +01:00
Peter Steinberger
55578a5c40
fix: stabilize Codex runtime truthfulness ( #64439 ) (thanks @100yenadmin)
2026-04-11 01:19:32 +01:00
Peter Steinberger
5ed410b79e
docs: polish unreleased changelog
2026-04-11 01:08:44 +01:00
Peter Steinberger
c94888dbee
fix: honor heartbeat timeoutSeconds ( #64491 )
2026-04-11 00:39:21 +01:00
Gustavo Madeira Santana
25445a9f2e
qa-lab: add Matrix live transport QA lane ( #64489 )
...
Merged via squash.
Prepared head SHA: ae9bb377515599352+gumadeiras@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-04-10 19:35:08 -04:00
EVA
3b289c7942
fix(subagents): retry archived session deletes after sweep failures ( #61801 )
...
Merged via squash.
Prepared head SHA: 1152c26a78239388517+100yenadmin@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-04-10 16:34:27 -07:00
EVA
71bd9e0df0
fix(agents): preserve malformed function-call arguments instead of silent {} replacement ( #61956 )
...
Merged via squash.
Prepared head SHA: 4185913276239388517+100yenadmin@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-04-10 16:20:26 -07:00
Rahul kumar Pal
3b57af0388
fix: don't bleed top-level interval/prompt into heartbeat task parsing ( #64488 )
...
Merged via squash.
Prepared head SHA: c0cd0fc823151990777+Rahulkumar070@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-04-10 16:05:09 -07:00
hcl
8a28a3b056
fix(plugins): preserve contextEngine slot through config normalization ( #64192 )
...
Merged via squash.
Prepared head SHA: ae8bd9f09d7755017+hclsys@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-04-10 15:58:27 -07:00
mariosousa-finn
ac13b09b74
fix(agents,gateway): keep subagent announces in the original thread ( #63143 )
...
Merged via squash.
Prepared head SHA: 9aa5303b48244526439+mariosousa-finn@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-04-10 15:46:01 -07:00
Peter Steinberger
e22f60faea
docs: note strict-agentic execution contract
2026-04-10 22:56:37 +01:00
Shion Eria
552667271e
fix(cli): route gateway media sends through sendMedia (openclaw#64492)
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm test -- src/cli/send-runtime/channel-outbound-send.test.ts src/gateway/server-methods/send.test.ts
Representative verification note:
- pnpm check reached tsgo in this worktree and then failed locally without actionable diagnostics; treated as an unhealthy local tooling signal rather than a PR-specific regression.
Co-authored-by: ShionEria <267903315+ShionEria@users.noreply.github.com >
2026-04-10 16:33:46 -05:00
Peter Steinberger
691a758e65
docs(changelog): add launchd stop lifecycle note ( #64447 ) (thanks @ngutman)
2026-04-10 22:19:37 +01:00
Eva H
3b13986214
fix: prevent fallback persistence from clobbering user /models picks ( #64471 )
...
Merged via squash.
Prepared head SHA: b0a6add41f63033505+hoyyeva@users.noreply.github.com >
Co-authored-by: BruceMacD <5853428+BruceMacD@users.noreply.github.com >
Reviewed-by: @BruceMacD
2026-04-10 14:05:07 -07:00
EronFan
5e2136c6ae
fix: include memory plugins in gateway startup (openclaw#64423)
...
Verified:
- pnpm build
- pnpm check
- pnpm test -- src/plugins/channel-plugin-ids.test.ts
Co-authored-by: EronFan <50734013+EronFan@users.noreply.github.com >
2026-04-10 16:02:44 -05:00
Davanum Srinivas
fbf11ebdb7
fix(sandbox): enforce CDP source-range restriction by default ( #61404 )
...
* fix(sandbox): enforce CDP source-range restriction by default
Auto-derive CDP_SOURCE_RANGE from Docker network gateway IP when not
explicitly configured. The entrypoint script refuses to start the socat
CDP relay without a source range (fail-closed).
- readDockerNetworkGateway: use Go template println, filter <no value>
sentinel, prefer IPv4 gateway on dual-stack networks
- Reject IPv6-only gateways for auto-derivation (relay binds IPv4)
- Remove stale browser_cdp_bridge_unrestricted audit check (runtime
auto-derives range for all bridge-like networks)
- Bump SANDBOX_BROWSER_SECURITY_HASH_EPOCH to force container recreation
* chore(changelog): add sandbox CDP source-range entry
* fix(sandbox): gate CDP source-range derivation to bridge-style networks
Only auto-derive OPENCLAW_BROWSER_CDP_SOURCE_RANGE from the Docker
gateway IP for bridge networks (or when driver is unknown). Non-bridge
drivers (macvlan, ipvlan, overlay) may route traffic from different
source IPs, so they require explicit cdpSourceRange config.
Adds readDockerNetworkDriver helper and a regression test for macvlan.
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 14:59:25 -06:00
Peter Steinberger
dbca237c77
docs: note Codex harness PR in changelog
2026-04-10 21:22:16 +01:00
Peter Steinberger
bfc0889776
docs: document Codex harness plugin workflow
2026-04-10 21:22:16 +01:00
Agustin Rivera
851294126b
Redact Gmail watcher startup args from log tail ( #62661 )
...
* fix(logging): redact gmail watcher startup args
* fix(logging): normalize redaction formatting
* fix(logging): harden gmail watcher log redaction
* fix(logging): honor configured log tail redaction
* fix(logging): skip redact pattern resolution when off
* fix(logging): reuse compiled redact regexes
* chore: untrack USER.md (covered by .gitignore)
* chore: untrack USER.md (covered by .gitignore)
* fix(logging): avoid double-resolution in log-tail redaction
* fix(logging): redact across line boundaries for multiline patterns
* fix(logging): guard redactSensitiveLines against empty input
* chore(changelog): add Gmail watcher log redaction entry
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 14:07:28 -06:00
Agustin Rivera
eab6fcedaa
Ensure ACPX plugin-tools bridge honors before_tool_call ( #63886 )
...
* fix(acpx): honor tool hook on plugin bridge
Co-authored-by: smaeljaish771 <smaeljaish771@gmail.com >
* chore(changelog): add ACPX plugin-tools before_tool_call entry
---------
Co-authored-by: smaeljaish771 <smaeljaish771@gmail.com >
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 14:05:34 -06:00
Extra Small
abb4736267
fix(skills): add missing opening --- to taskflow and taskflow-inbox-triage SKILL.md frontmatter (openclaw#64469)
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test src/agents/skills.bundled-frontmatter.test.ts
Co-authored-by: extrasmall0 <"258180677"+extrasmall0@users.noreply.github.com >
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com >
2026-04-10 14:59:55 -05:00
Peter Steinberger
0ebeee8b0d
chore: enable consistent-return
2026-04-10 20:56:43 +01:00
Agustin Rivera
121c452d66
fix(browser): tighten strict browser hostname navigation ( #64367 )
...
* fix(browser): tighten strict browser hostname navigation
* fix(browser): address review follow-ups
* chore(changelog): add strict browser hostname navigation entry
* fix(browser): remove stale state prop from SelectionDeps call site
The PR's SelectionDeps uses getSsrFPolicy instead of the full state
object; the state property was leftover from an earlier iteration.
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 13:18:53 -06:00
Agustin Rivera
c949af9fab
fix(media): honor sender policy for host media reads ( #64459 )
...
* fix(media): honor sender policy for host media reads
* fix(media): clarify host read group policy gating
* fix(media): forward sender identity for outbound reads
* fix(media): propagate non-id sender fields through outbound session for e164/username/name policy matching
* fix(media): preserve requester provider for host read policy
* fix(media): forward full sender identity through followup and core send paths
* fix(media): forward requester session/account context through core send fallback
* fix(media): preserve account policy fallback for requester-scoped host reads
* chore(changelog): add outbound media sender-policy entry
* fix(media): align test call shape with production — omit messageProvider when sessionKey is set
Addresses P2 review: production call sites pass messageProvider: undefined
when sessionKey is present; tests should mirror that so regressions in
the precedence order are caught.
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 13:07:56 -06:00
Agustin Rivera
e3a845bde5
Normalize agent hook system event trust handling ( #64372 )
...
* fix(hooks): sanitize agent hook system events
Co-authored-by: zsx <git@zsxsoft.com >
* chore(changelog): add agent hook trust normalization entry
---------
Co-authored-by: zsx <git@zsxsoft.com >
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 12:56:00 -06:00
Agustin Rivera
109267b82a
Handle subframe document navigations in browser guards ( #64371 )
...
* fix(browser): guard subframe document navigations
Co-authored-by: zsx <git@zsxsoft.com >
* fix(browser): preserve quarantine on subframe blocks
* chore(changelog): add subframe SSRF guard entry
* fix(browser): fail closed when subframe frame resolution throws
isSubframeDocumentNavigationRequest now returns true (apply SSRF
check) instead of false (skip check) when request.frame() throws,
so transient renderer churn cannot bypass the subframe navigation
policy guard.
---------
Co-authored-by: zsx <git@zsxsoft.com >
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 12:51:23 -06:00
Agustin Rivera
905f19230a
Align external marker span mapping ( #63885 )
...
* fix(markers): align external marker spans
* fix(browser): ssrfPolicy defaults fail-closed for unconfigured installs (GHSA-53vx-pmqw-863c)
* fix(browser): enforce strict default SSRF policy
* chore(changelog): add browser SSRF default + marker alignment entry
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 12:35:20 -06:00
Agustin Rivera
daeb74920d
fix(browser): guard existing-session navigation ( #64370 )
...
* fix(browser): guard existing-session navigation
Co-authored-by: zsx <git@zsxsoft.com >
* fix(browser): tighten interaction navigation guard
* fix(browser): tighten existing-session nav guard
* fix(browser): fail closed on unstable existing-session probes
* fix(browser): add follow-up probe for late URL transitions in existing-session nav guard
* fix(browser): keep probing through full navigation window
* fix(browser): reset stability flag on probe error in existing-session nav guard
* chore(changelog): add Chrome MCP interaction SSRF guard entry
---------
Co-authored-by: zsx <git@zsxsoft.com >
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 12:31:41 -06:00
Peter Steinberger
cbce38d78c
style: format post-rebase files
2026-04-10 19:28:42 +01:00
Michael Appel
e0b8ddc1a5
fix(browser): apply three-phase interaction navigation guard to pressKey and type(submit) [AI-assisted] ( #63889 )
...
* fix: address issue
* chore(changelog): add pressKey/type SSRF guard entry
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 11:27:53 -06:00
Michael Appel
9f97ad857a
fix(security): pin axios to 1.15.0 and add dependency denylist for plugin installs [AI-assisted] ( #63891 )
...
* fix: address issue
* fix: address review feedback
* fix: address PR review feedback
* fix: address PR review feedback
* fix: address PR review feedback
* fix: address PR review feedback
* fix: address PR review feedback
* Plugins: fix install security CI regressions
* Plugins: make manifest traversal linear
* Plugins: bound manifest security traversal
* Plugins: block denied node_modules package dirs
* Plugins: match node_modules case-insensitively
* Plugins: block denied package symlink paths
* Tests: normalize blocked symlink assertion
* Plugins: fail closed on unreadable denied paths
* Plugins: block denied node_modules file aliases
* Plugins: inspect node_modules symlink targets
* Plugins: preserve symlink target package paths
* fix: address PR review feedback
* chore(changelog): add axios pin and dependency denylist entry
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 11:20:05 -06:00
Michael Appel
19a2e9ddb5
fix(infra): extend exec completion detection to cover local background exec formats [AI-assisted] ( #64376 )
...
* fix: address issue
* fix: address PR review feedback
* fix: address PR review feedback
* fix: address PR review feedback
* chore(changelog): add exec completion owner-downgrade entry
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 11:07:14 -06:00
Agustin Rivera
8dfbf3268b
fix(browser): gate sandbox noVNC helper auth
...
Require bridge auth before /sandbox/novnc token redemption and keep the noVNC observer URL out of model-visible prompt context.
Local verification:
- pnpm test extensions/browser/src/browser/bridge-server.auth.test.ts src/agents/sanitize-for-prompt.test.ts src/agents/pi-embedded-runner.buildembeddedsandboxinfo.test.ts
Note: pnpm check currently fails on latest main in unrelated files (src/agents/tools/message-tool.ts and src/gateway/mcp-http.test.ts), outside this PR diff.
Thanks @eleqtrizit.
Co-authored-by: eleqtrizit <31522568+eleqtrizit@users.noreply.github.com >
2026-04-10 18:01:26 +01:00
Michael Appel
979c6f09d6
fix: include image param in sandbox media normalization [AI-assisted] ( #64377 )
...
* fix: address issue
* chore(changelog): add Discord event image sandbox entry
---------
Co-authored-by: Devin Robison <drobison@nvidia.com >
2026-04-10 11:01:04 -06:00
Michael Appel
afadb7dae6
fix(voice-call): reject oversized realtime WebSocket frames
...
Reject realtime voice WebSocket frames above 256 KB before JSON parsing or bridge setup, and absorb ws error events so oversized frames close the connection instead of crashing the gateway.
Local verification:
- pnpm test extensions/voice-call/src/webhook/realtime-handler.test.ts
- pnpm check
Thanks @mmaps.
Co-authored-by: mmaps <3399869+mmaps@users.noreply.github.com >
2026-04-10 17:58:44 +01:00
Agustin Rivera
fe0f686c92
Gate Matrix profile updates for non-owner message tool runs ( #62662 )
...
Merged via squash.
Prepared head SHA: 602b16a67631522568+eleqtrizit@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-04-10 12:56:17 -04:00
Devin Robison
54ae138db7
fix: the cron isolated agent in openclaw unconditiona ( #383 ) ( #63878 )
2026-04-10 10:44:22 -06:00
Gustavo Madeira Santana
9c44f10026
fix: preserve canonical restart sentinel routes ( #64391 )
...
Merged via squash.
Prepared head SHA: 0183c1782f5599352+gumadeiras@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-04-10 12:44:07 -04:00
Devin Robison
dffad08529
fix: a sandboxed agent can request host node in an ex ( #384 ) ( #63880 )
2026-04-10 10:40:27 -06:00
EVA
47c0a5135a
fix: dedupe delivered subagent completion announces ( #61525 ) (thanks @100yenadmin)
...
* fix(subagents): dedupe delivered completion announces
* refactor(subagents): distill cleanup delivery status writes
* fix: dedupe delivered subagent completion announces (#61525 ) (thanks @100yenadmin)
---------
Co-authored-by: Eva <eva@100yen.org >
Co-authored-by: Ayaan Zaidi <hi@obviy.us >
2026-04-10 22:06:46 +05:30
Gustavo Madeira Santana
5d2225212d
fix(matrix): preserve ACP thread binding targets ( #64343 )
...
Merged via squash.
Prepared head SHA: def7dcda965599352+gumadeiras@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-04-10 12:30:08 -04:00
Ayaan Zaidi
5df09052e0
fix: add Telegram QA E2E lane ( #64303 )
2026-04-10 21:53:31 +05:30
