Kevin Lin
e3c40efeb0
feat(update): notify extended-stable availability ( #100438 )
...
* docs(update): clarify extended-stable notifications
* feat(update): notify extended-stable availability
* fix(update): isolate notification state
* fix(docs): align update channel table
* fix(update): refresh after channel switch
* fix(update): satisfy notification checks
* test(update): prove loopback notification path
* test(update): fix loopback server lifecycle
* fix(update): refresh extended stable without cache
* fix(update): retain extended stable throttle marker
2026-07-06 19:57:03 -07:00
pash-openai
806a116f9d
Let owner-operated Codex agents use connected account apps ( #100973 )
...
* Allow connected Codex account apps
* Preserve explicit plugin app policy
* Refresh Codex documentation map
* Unify connected apps with Codex plugin policy
* Format Codex configuration reference
2026-07-06 12:31:45 -07:00
Peter Steinberger
c4c4caadfe
fix(android): clarify SMS command authorization ( #100993 )
2026-07-06 18:36:05 +01:00
Peter Steinberger
f53346944d
feat: correlate native search outcomes in audit history ( #98704 )
...
* feat: correlate native search outcomes in audit history
Metadata-only audit ledger for agent runs and tool actions in the shared
state DB: stable event identity, closed action/status/error vocabularies,
one-way-hashed tool-call ids, never-inferred terminal outcomes for native
web-search (explicit completed/failed only; otherwise unknown), bounded
retention, audit.list gateway RPC and openclaw audit CLI. Squashed from
the 82-commit audit stack for replay onto current main.
* feat(audit): add audit.enabled config gate (default on)
The metadata-only audit ledger records by default: an audit trail enabled
only after an incident cannot explain the incident, and the rows are
strictly less sensitive than the transcripts every install already
stores. audit.enabled=false stops new writes at the gateway subscription
seam; audit.list and openclaw audit keep serving existing records until
they expire. Documented in the configuration reference, protocol page,
and CLI reference.
* fix: repair full-matrix CI findings after rebase
- break the dynamic-tools/dynamic-tool-execution import cycle by
extracting resolveCodexToolAbortTerminalReason into a leaf module
- restore main's session-worktree protocol exports lost in the
index.ts auto-merge
- register the audit event writer worker as a knip entry point
- docs table formatting; subagent wait-cancellation test scoped to its
audit intent (outcome + timing) and advanced past main's new
lifecycle-timeout retry grace
2026-07-06 12:30:12 +01:00
Hemant Sudarshan
bacd1c512a
fix(browser): time out remote tab enumeration ( #80147 )
...
* fix(browser): time out remote tab enumeration
* chore: remove stale changelog entry
* fix(browser): isolate timed-out read cleanup
* fix(browser): isolate timed-out read cleanup
* test(browser): satisfy connection regression lint
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-06 00:56:05 +01:00
Peter Steinberger
f7d7148cf0
docs: rewrite published docs grounded in current source ( #100142 )
...
Source-grounded rewrite of 529 published docs pages with per-unit information-loss verification: 1,713 factual corrections cited to src/**, generated surfaces regenerated, frontmatter titles preserved for i18n, release notes pages untouched. All docs gates green.
Closes #100141
2026-07-05 00:32:47 -04:00
Peter Steinberger
e57bcbca50
docs: fold terminal reattach into the hardened terminal docs (opt-in default)
2026-07-04 15:58:18 -07:00
Peter Steinberger
5938c7809a
feat(gateway): terminal detach/reattach with output replay, terminal.list/text
2026-07-04 15:58:17 -07:00
Peter Steinberger
7e8ea61b08
fix(gateway): harden embedded terminal policy ( #100081 )
...
* fix(gateway): harden operator terminal policy
* test(gateway): complete terminal context coverage
* test(gateway): narrow terminal policy mock
* test(gateway): satisfy CSP header lint
* docs: refresh terminal docs map
* test: route terminal temp helper importer
2026-07-04 16:34:07 -04:00
Kevin Lin
d214622320
feat(update): support extended-stable package updates ( #99811 )
...
* feat(update): add extended-stable channel contract
* feat(update): implement extended-stable package flow
* docs(update): document extended-stable behavior
* fix(update): preserve extended-stable preflight guarantees
* fix(update): reject extended-stable Git repair
* fix(update): support loopback extended-stable canaries
* fix(update): preserve scoped package roots
2026-07-04 12:34:29 -07:00
Peter Steinberger
af420dbee5
fix(macos): remote mode fails with managed SSH aliases ( #99661 )
...
* fix(macos): support managed SSH aliases safely
* test(macos): serialize gateway state isolation
2026-07-03 15:19:01 -07:00
Josh Avant
0cdce79221
docs: update mobile app release messaging ( #98843 )
2026-07-01 21:11:56 -05:00
Kevin Lin
d9b5afad18
fix(codex): rename destructive approval mode to ask ( #98501 )
...
* fix(codex): rename destructive approval mode to ask
* fix(codex): keep ask reviewer app-scoped
* test: fix current-main CI regressions
2026-07-01 15:14:55 -07:00
Jason (Json)
786abe78df
Streamline OpenClaw onboarding ( #98218 )
...
* feat: streamline onboarding setup flow
* fix: harden onboarding preflight installs
* test: isolate gateway preflight safety env
* fix: keep local gateway probes on loopback
* fix: honor onboarding node manager installs
* docs: align setup onboarding reference
* fix: harden bare gateway probe fallback
* fix: honor env gateway auth in bare TUI probe
* test: isolate wizard TUI hatch mocks
2026-06-30 11:22:26 -07:00
Kevin Lin
c5d34c8376
feat(codex): add always plugin approval mode ( #97123 )
...
* feat(codex): add always plugin approval mode
* fix(codex): normalize plugin approval decisions
* fix(codex): fail closed on layered approval overrides
2026-06-27 01:19:00 -07:00
joshavant
d4f666874f
feat: harden ios app store push release mode
2026-06-23 00:01:20 -05:00
Jesse Merhi
5db2f6c1fc
Add stdout diagnostics OTEL log exporter
...
Adds stdout and both-mode diagnostics OTEL log export, with focused QA Lab smoke coverage and docs/config updates.
Prepared head SHA: efa2ef07ab
Verification: CI 27808480969 passed for the prepared head.
Reviewed-by: @jesse-merhi
2026-06-19 16:06:37 +10:00
Vincent Koc
beea31a6b5
feat(firecrawl): add keyless scrape support ( #94551 )
...
Merged under maintainer approval while exact-head CI was queue-bound.
Co-authored-by: Developers Digest <124798203+developersdigest@users.noreply.github.com >
Co-authored-by: Vincent Koc <vincentkoc@users.noreply.github.com >
2026-06-19 00:23:41 +08:00
Shakker
6b0525f237
fix: gate Skill Workshop symlink writes
2026-06-11 15:20:38 +01:00
lifuyue
ac21e89c13
Support existing-session browser CDP endpoints ( #91736 )
...
* Support existing-session browser CDP endpoints
* Fix browser existing-session test fixture type
---------
Co-authored-by: OpenAI Codex <codex@openai.com >
2026-06-10 10:44:35 -04:00
Pavan Kumar Gondhi
2a21de6322
fix: gate owner-only HTTP tools ( #90261 )
...
* fix: gate owner-only HTTP tools
* fix: inherit HTTP owner tool denies
* fix: use mutable HTTP owner deny policy
* fix: preserve RPC owner tool access
* docs: clarify owner-only gateway tool allowlist
---------
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com >
2026-06-07 17:26:12 -05:00
Ayaan Zaidi
2bf886b7dd
fix(acp): reuse progress commentary config
2026-06-04 18:55:55 +05:30
Eva
9ac94568f3
fix(acp): honor tag visibility for status progress
2026-06-04 18:55:55 +05:30
Eva
0d44d970a9
Handle ACP status progress commentary
2026-06-04 18:55:55 +05:30
Eva
0c272958cf
Add opt-in ACP commentary relay
2026-06-04 18:55:55 +05:30
Kevin Lin
fce002ad03
revert(codex): revert first-party marketplace allowlist
...
Reverts openclaw/openclaw#82219 .
2026-06-03 15:35:35 -07:00
Coy Geek
3509f7613e
fix: audit and repair hooks token reuse with Gateway auth
...
Keep startup non-breaking for existing installs when hooks.token reuses Gateway auth, but surface a startup warning, critical security audit finding, and doctor --fix repair that rotates persisted hooks.token.
Closes #87376 .
Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com >
2026-06-02 08:58:40 -04:00
charles-openclaw
a6f4de4a66
feat(gateway): support Tailscale Serve service names
...
Adds optional `gateway.tailscale.serviceName` support for Tailscale Serve so the Gateway Control UI can be exposed through a named Tailscale Service while existing hostname-based Serve and Funnel behavior stays unchanged.
The implementation validates `svc:<dns-label>`, passes the Service name to `tailscale serve`, clears named Service config with `tailscale serve clear <service>` when resetOnExit runs, and uses the derived Service hostname in startup logs, status output, and pairing URLs.
Verification:
- node scripts/run-vitest.mjs src/infra/tailscale.test.ts src/gateway/server-tailscale.test.ts src/config/config.gateway-tailscale-bind.test.ts src/gateway/startup-auth.test.ts src/commands/status.scan.shared.test.ts src/pairing/setup-code.test.ts
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main --parallel-tests "node scripts/run-vitest.mjs src/infra/tailscale.test.ts src/gateway/server-tailscale.test.ts src/config/config.gateway-tailscale-bind.test.ts src/gateway/startup-auth.test.ts src/commands/status.scan.shared.test.ts src/pairing/setup-code.test.ts"
- git diff --check
- git merge-tree --write-tree origin/main origin/pr/88691
Closes #88629 .
Co-authored-by: Charles OpenClaw <charles-openclaw@9bcfae.inboxapi.ai >
2026-05-31 20:05:02 +01:00
Peter Steinberger
729712d194
docs(codex): clarify first-party plugin marketplaces
2026-05-31 13:22:00 +01:00
Peter Steinberger
2bd07eead7
Refactor cron SQLite runtime paths ( #88582 )
...
* refactor: clean cron sqlite runtime paths
* fix: preserve legacy cron sqlite delivery migration
* fix: keep legacy cron notify fallback for invalid webhooks
* test: handle packaged lint suppression files
* fix: keep invalid cron notify migrations retryable
* test: fix ui timer lint
2026-05-31 12:14:48 +01:00
Soham Patankar
4f3d8a57dd
fix(codex): accept first-party OpenAI plugin marketplaces
...
Allow Codex native plugin config to target first-party OpenAI marketplaces, including openai-curated, openai-bundled, and openai-primary-runtime.
Fixes #82216 .
Thanks @yaanfpv for the contribution.
Verification:
- node scripts/run-vitest.mjs test/scripts/lint-suppressions.test.ts
- pnpm build:ci-artifacts
- OPENCLAW_VITEST_MAX_WORKERS=2 node scripts/run-vitest.mjs run --config test/vitest/vitest.full-core-support-boundary.config.ts test/scripts/lint-suppressions.test.ts
- node scripts/run-vitest.mjs extensions/codex/src/app-server/config.test.ts extensions/codex/src/app-server/plugin-activation.test.ts extensions/codex/src/app-server/session-binding.test.ts extensions/codex/src/migration/provider.test.ts extensions/sms/src/channel.test.ts extensions/sms/src/inbound.test.ts
- git diff --check
- ./.agents/skills/autoreview/scripts/autoreview --mode local
- GitHub PR CI on head 896640060b , including build-artifacts run 26709647050
2026-05-31 11:08:42 +01:00
Peter Steinberger
38d3d11cbc
feat: improve MCP operator workflows
...
Add MCP server add/configure/login/reload flows plus config/runtime support for enablement, filters, timeouts, OAuth, TLS, and parallel execution hints. Update docs and tests for the expanded MCP operator surface.
2026-05-30 23:51:40 +01:00
Peter Steinberger
005da57957
Move cron persistence to SQLite ( #88285 )
...
* refactor: move cron persistence to sqlite
* fix: repair sqlite cron migration regressions
* fix: move cron legacy migration to doctor
* test: align cron sqlite migration fixtures
* test: fix cron sqlite rebase gates
* test: align cron sqlite runtime tests
* test: fix doctor e2e migration mock
* test: fix doctor shard e2e isolation
* test: fix infra child-process mocks
2026-05-30 21:03:41 +01:00
Peter Steinberger
99ce71ddbb
feat: improve MCP operability
...
Summary:
- Add MCP status, probe, and projected-tools CLI surfaces.
- Add per-server MCP tool filters plus resource/prompt utility projection.
- Harden MCP runtime discovery, listChanged invalidation, request-failure backoff, and metadata sanitization.
- Preserve current main type health by narrowing the shared future timestamp guard.
Verification:
- pnpm test src/shared/number-coercion.test.ts src/agents/auth-profiles/usage.test.ts src/cli/mcp-cli.test.ts src/agents/agent-bundle-mcp-runtime.test.ts src/agents/agent-bundle-mcp-tools.materialize.test.ts -- --reporter=verbose
- pnpm lint
- pnpm tsgo:prod
- pnpm build
- git diff --check origin/main...HEAD
- GitHub Actions: dependency-guard, real behavior proof, security high MCP boundary, build/lint/types/guards/docs, gateway/plugin/agent shards green on PR head.
Known proof gap:
- Existing checks-node-agentic-commands-doctor no-output watchdog reproduced locally outside touched paths.
2026-05-30 19:48:52 +01:00
mushuiyu_xydt
f93a558892
fix(plugins): ignore helper files in extension roots
...
Fixes #88198 .
Ignore top-level helper scripts in auto-discovered global/workspace extension roots so they do not become manifestless plugin candidates during config validation. Standalone plugin files remain supported when explicitly configured through `plugins.load.paths`, and docs now call out the supported path.
Verification:
- `node scripts/run-vitest.mjs src/plugins/discovery.test.ts src/config/config.plugin-validation.test.ts`
- `node scripts/run-oxlint.mjs src/plugins/discovery.ts src/plugins/discovery.test.ts src/config/config.plugin-validation.test.ts`
- `git diff --check`
- GitHub CI green at `93073bfa85ee294e644c623881ba59ba71d90975`
- `.agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main`
Thanks @mushuiyu886 for the fix and @mmhzlrj for the report.
2026-05-30 17:31:53 +01:00
Peter Steinberger
d92b3b5cc2
refactor: unify OpenAI provider identity
...
Refactor OpenAI provider identity so OpenAI remains the canonical provider for API-key and OAuth-backed flows while legacy openai-codex state is doctor/migration-only.
Keeps OpenAI Codex Responses as an API/transport class rather than a provider identity, moves auth aliases through providerAuthAliases, updates doctor repair sequencing for old auth/profile state, and refreshes tests/docs around the canonical OpenAI behavior.
2026-05-30 11:48:41 +02:00
Peter Steinberger
00c9f81171
fix: retry transient recurring cron failures
2026-05-29 04:54:42 +01:00
Peter Steinberger
bb46b79d3c
refactor: internalize OpenClaw agent runtime ( #85341 )
...
* refactor: extract agent core package
Introduce packages/agent-core as the OpenClaw-owned home for reusable agent loop, harness, session, prompt, and runtime dependency contracts.
* refactor: extract shared llm runtime
Move provider model registries, stream wrappers, OAuth helpers, and LLM utilities into src/llm with plugin-sdk barrels instead of depending on the old embedded runtime layout.
* refactor: remove pi runtime internals
Rename remaining Pi-shaped agent surfaces to OpenClaw agent runtime names, delete obsolete Pi docs and package graph checks, and add the third-party notice for incorporated code.
* refactor: tighten agent session runtime
Make agent-core/runtime dependencies explicit, consolidate compaction and session transcript helpers, and move model/session helpers behind OpenClaw-owned contracts.
* refactor: remove static model and pi auth paths
Drop static model catalogs and Pi auth bridges, move model/provider facts to manifest-owned runtime contracts, and harden internal embedded-agent utilities.
* refactor: remove legacy provider compat paths
* docs: remove agent parity notes
* fix: skip provider wildcard metadata parsing
* refactor: share session extension sdk loading
* refactor: inline acpx proxy error formatter
* refactor: fold edit recovery into edit tool
* fix: accept extension batch separator
* test: align startup provider plugin expectations
* fix: restore provider-scoped release discovery
* test: align static asset packaging expectations
* fix: run static provider catalogs during scoped discovery
* fix: add provider entry catalogs for scoped live discovery
* fix: load lightweight provider catalog entries
* fix: refresh provider-scoped plugin metadata
* fix: keep provider catalog entries on release live path
* fix: keep static manifest models in release live checks
* fix: harden release model discovery
* fix: reduce OpenAI live cache probe reasoning
* fix: disable OpenAI cache probe reasoning
* ci: extend OpenAI gateway live timeout
* fix: extend live gateway model budget
* fix: stabilize release validation regressions
* fix: honor provider aliases in model rows
* fix: stabilize release validation lanes
* fix: stabilize release memory qa
* ci: stabilize release validation lanes
* ci: prefer ipv4 for live docker node calls
* fix: restore shared tool-call stream wrapper
* ci: remove legacy pi test shard alias
* fix: clean up embedded agent test drift
* fix: stabilize runtime alias status
* fix: clean up embedded agent ci drift
* fix: restore release ci invariants
* fix: clean up post-rebase runtime drift
* fix: restore release ci checks
* fix: restore release ci after rebase
* fix: remove stale pi runtime path
* test: align compaction runtime expectations
* test: update plugin prerelease expectations
* fix: handle claude live tool approvals
* fix: stabilize release validation gates
* fix: finish agent runtime import
* test: finish post-rebase agent runtime mocks
* fix: keep codex compaction native
* fix: stabilize codex app-server hook tests
* test: isolate codex diagnostic active run
* test: remove codex diagnostic completion race
# Conflicts:
# extensions/codex/src/app-server/run-attempt.test.ts
* ci: fix full release manifest performance run id
* refactor: narrow llm plugin sdk boundary
* chore: drop generated google boundary stamps
* fix: repair rebase fallout
* fix: clean up rebased runtime references
* fix: decode codex jwt payloads as base64url
* fix: preserve shipped pi runtime alias
* fix: add scoped sdk virtual modules
* fix: decode llm codex oauth jwt as base64url
* fix: avoid stale vertex adc negative cache
* fix: harden tool arg decoding and codeql path
* fix: keep vertex adc negative checks live
* refactor: consolidate codex jwt and edit helpers
* fix: await codex oauth node runtime imports
* fix: preserve sdk tool and notice contracts
* fix: preserve shipped compat config boundaries
* fix: align codex oauth callback host
* fix: terminate agent-core loop streams on failure
* fix: keep codex oauth callback alive during fallback
* ci: include session tools in critical codeql scans
* fix: keep Cloudflare Anthropic provider auth header
* docs: redirect legacy pi runtime pages
* fix: honor bundled web provider compat discovery
* fix: protect session output spill files
* fix: keep legacy agent dir env blocked
* fix: contain auto-discovered skill symlinks
* fix: harden agent core sdk proxy surfaces
* fix: restore approval reaction sdk compat
* fix: keep live docker runs bounded
* fix: keep codex oauth redirect host aligned
* fix: resolve post-rebase agent runtime drift
* fix: redact anthropic oauth parse failures
* fix: preserve responses strict tool shaping
* fix: repair agent runtime rebase cleanup
* docs: redirect retired parity pages
* fix: bound auto-discovered resources to roots
* fix: repair post-rebase agent test drift
* fix: preserve bundled provider allowlist migration
* fix: preserve manifest-owned provider aliases
* fix: declare photon image dependency
* fix: keep provider headers out of proxy body
* fix: preserve shipped env aliases
* fix: refresh control ui i18n generated state
* fix: quote read fallback paths
* fix: preview edits through configured backend
* test: satisfy core test typecheck
* fix: preserve ZAI usage auth fallback
* test: repair codex diagnostic test
* fix: repair agent runtime rebase drift
* test: finish embedded runner import rename
* fix: repair agent runtime rebase integrations
* test: align compaction oauth fallback expectations
* fix: allow sdk-auth session models
* fix: update doctor tool schema import
* fix: preserve bedrock plugin region
* fix: stream harmony-like prose immediately
* ci: include session runtime in codeql shards
* fix: repair latest rebase integrations
* fix: honor explicit codex websocket transport
* fix: keep openai-compatible credentials provider-scoped
* fix: refresh sdk api baseline after rebase
* fix: route cli runtime aliases through openclaw harness
* test: rename stale harness mock expectation
* test: rename embedded agent overflow calls
* test: clean embedded auth test wording
* test: use openclaw stream types in deepinfra cache test
* fix: refresh sdk api baseline on latest main
* fix: honor bundled discovery compat allowlists
* fix: refresh sdk api baseline after latest rebase
* fix: remove stale rebase imports
* test: rename stale model catalog mock
* test: mock renamed doctor runtime modules
* fix: map canonical kimi env auth
* fix: use internal model registry in bench script
* fix: migrate deepinfra provider catalog entry
* fix: enforce builtin tool suppression
* fix: route compaction auth and proxy payloads safely
* refactor: prune unused llm registry leftovers
* test: update codex hooks session import
* test: fix model picker ci coverage
* test: align model picker auth mock types
2026-05-27 19:24:04 +01:00
Agustin Rivera
e72621e566
fix(hooks): enforce default hook agent allowlist
...
Enforce hook allowedAgentIds against the effective default agent when hook payloads omit or blank agentId, while preserving omitted-agent dispatch semantics for default/global routing.
Also updates the affected generated hook config docs from the contributor change and fixes the current-main memory-core test mock after rebasing the PR branch.
Verification:
- pnpm format:check extensions/memory-core/src/dreaming.test.ts src/gateway/hooks.ts src/gateway/hooks.test.ts src/gateway/server/hooks-request-handler.ts src/gateway/server.hooks.test.ts && git diff --check
- node scripts/run-vitest.mjs run --config test/vitest/vitest.gateway-server.config.ts src/gateway/hooks.test.ts src/gateway/server.hooks.test.ts --reporter=dot --pool=forks --no-file-parallelism --testTimeout=120000
- node scripts/run-tsgo.mjs -p test/tsconfig/tsconfig.extensions.test.json --incremental --tsBuildInfoFile .artifacts/tsgo-cache/extensions-test-local-pr87124.tsbuildinfo
- pnpm check:test-types
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main
- GitHub PR merge state CLEAN; CodeQL Critical Quality rerun succeeded after first runner checkout wedged
Co-authored-by: Agustin Rivera <agustin@rivera-web.com >
2026-05-27 05:05:18 +01:00
Alex Knight
f824e1596a
Add OpenTelemetry LLM content spans ( #86191 )
...
* feat: add otel llm content spans
* fix: gate otel tool definitions separately
* fix(diagnostics): sanitize tool_call parts and truncate oversized OTEL content attributes
* fix: keep otel content truncation parseable
* fix: simplify codex model diagnostics
* fix(diagnostics): align opt-in GenAI span shape
* test(codex): align resume params after rebase
* fix(diagnostics): keep model content off shared event bus
* test(diagnostics): keep extension tests on sdk boundary
---------
Co-authored-by: Alex Knight <15041791+amknight@users.noreply.github.com >
Co-authored-by: Vincent Koc <vincentkoc@ieee.org >
2026-05-26 02:24:02 +01:00
Peter Steinberger
bc12e04993
fix: raise default cron concurrency
2026-05-25 18:59:26 +01:00
clawsweeper[bot]
d51f26850d
fix: Hook ingress token unlocks password-mode gateway auth ( #86453 )
...
Summary:
- The PR expands security audit, CLI docs, and tests so `hooks.token` reuse of active Gateway token/password auth is reported while password-mode Gateway startup remains compatible.
- PR surface: Source +178, Tests +311, Docs +14. Total +503 across 14 files.
- Reproducibility: yes. from source inspection: current main forwards a bearer token as both token and passwor ... ecause this review was read-only, but the linked issue and code path make the reproduction high confidence.
Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(cr-fmi-hook-ingress-token-unlocks-password-mode-gateway-auth): ap…
- PR branch already contained follow-up commit before automerge: fix: include trusted proxy password in hooks token reuse check
- PR branch already contained follow-up commit before automerge: fix(gateway): audit hooks password reuse without blocking startup
- PR branch already contained follow-up commit before automerge: fix: Hook ingress token unlocks password-mode gateway auth
Validation:
- ClawSweeper review passed for head 7c796b22ec .
- Required merge gates passed before the squash merge.
Prepared head SHA: 7c796b22ec
Review: https://github.com/openclaw/openclaw/pull/86453#issuecomment-4533831028
Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com >
Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: jesse-merhi
2026-05-25 13:39:56 +00:00
clawsweeper[bot]
675158c896
fix(secrets): allow hash in exec SecretRef ids ( #86072 )
...
Summary:
- The branch widens exec SecretRef id validation/schema/docs/test vectors to allow `#` selector syntax, adds a changelog entry, and includes a small `npm pack` filename helper cleanup.
- Reproducibility: yes. Source inspection on current main shows the shared exec SecretRef validator omits `#`, matching the linked gateway startup failure before resolver execution.
Automerge notes:
- PR branch already contained follow-up commit before automerge: docs(secrets): document hash exec SecretRef ids
- PR branch already contained follow-up commit before automerge: docs(secrets): sync exec SecretRef hash pattern
- PR branch already contained follow-up commit before automerge: fix(secrets): allow hash in exec SecretRef ids
- PR branch already contained follow-up commit before automerge: fix(clawsweeper): address review for automerge-openclaw-openclaw-8073…
Validation:
- ClawSweeper review passed for head 1cf53d95f4 .
- Required merge gates passed before the squash merge.
Prepared head SHA: 1cf53d95f4
Review: https://github.com/openclaw/openclaw/pull/86072#issuecomment-4528994482
Co-authored-by: Andy Ye <andy@Andys-MacBook-Pro-2.local >
Co-authored-by: Andy Ye <andylye@outlook.com >
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: takhoffman
Co-authored-by: takhoffman <781889+takhoffman@users.noreply.github.com >
2026-05-24 14:56:17 +00:00
Peter Steinberger
2c536a8626
docs: absorb documentation PR sweep
2026-05-23 10:23:34 +01:00
VACInc
683ad75b31
fix(talk): stabilize realtime voice consults
...
Stabilize realtime Talk playback, transcript ordering, and consult routing across Android, Web, and the gateway relay.
- serialize Android realtime playback and transcript updates
- add opt-in forced consult routing for Talk realtime sessions
- keep web/gateway consult turns behind OpenClaw results with ordered transcript bubbles
- document the new `talk.realtime.consultRouting` config and keep prompt wording generic
Co-authored-by: VACInc <3279061+VACInc@users.noreply.github.com >
2026-05-22 15:12:39 +01:00
Peter Steinberger
5b383af736
feat: add native mac dashboard window
2026-05-16 23:49:18 +01:00
Peter Steinberger
66c64a29ee
fix(gateway): capture opt-in memory pressure snapshots ( #82674 )
...
* fix(gateway): persist critical memory pressure bundles
* docs(gateway): add memory pressure troubleshooting
* feat(gateway): gate memory pressure bundles
* feat(gateway): flatten memory pressure bundle config
* feat(gateway): rename memory pressure snapshot config
* fix(gateway): make memory pressure snapshots opt in
* docs(config): refresh config baseline
* fix(config): simplify memory pressure migration default
2026-05-16 21:52:09 +01:00
Sergio Cadavid
472523360d
fix(codex): scope user MCP servers by agent ( #82180 )
2026-05-15 20:17:16 +01:00
Peter Steinberger
cd91bd9a1e
docs: document admin HTTP RPC plugin
2026-05-15 11:44:58 +01:00
Peter Steinberger
e30be460e1
fix: shorten stalled Codex recovery window
2026-05-15 10:19:37 +01:00