Peter Steinberger
990d0d7261
docs(image-generation): remove nano banana stock docs
2026-03-17 01:09:58 -07:00
Peter Steinberger
e5919bc524
docs(gateway): clarify URL allowlist semantics
2026-03-17 00:03:27 -07:00
Peter Steinberger
c601dda389
docs(image-generation): document google provider
2026-03-16 23:21:16 -07:00
Peter Steinberger
c79ade10e6
docs(plugins): add capability cookbook
2026-03-16 22:58:55 -07:00
Tak Hoffman
4863b651c6
docs: rename onboarding user-facing wizard copy
...
Co-authored-by: Tak <contact-redacted@example.com >
2026-03-16 19:50:31 -05:00
Radek Sienkiewicz
7deb543624
Browser: support non-Chrome existing-session profiles via userDataDir ( #48170 )
...
Merged via squash.
Prepared head SHA: e490035a24126378+velvet-shark@users.noreply.github.com >
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com >
Reviewed-by: @velvet-shark
2026-03-16 14:21:22 +01:00
Vincent Koc
476d948732
!refactor(browser): remove Chrome extension path and add MCP doctor migration ( #47893 )
...
* Browser: replace extension path with Chrome MCP
* Browser: clarify relay stub and doctor checks
* Docs: mark browser MCP migration as breaking
* Browser: reject unsupported profile drivers
* Browser: accept clawd alias on profile create
* Doctor: narrow legacy browser driver migration
2026-03-15 23:56:08 -07:00
Peter Steinberger
f9e185887f
docs: restore onboard docs references
2026-03-16 05:50:57 +00:00
Peter Steinberger
823039c000
docs: prefer setup wizard command
2026-03-15 22:01:04 -07:00
Peter Steinberger
0a2f95916b
test: expand ssh sandbox coverage and docs
2026-03-15 21:38:22 -07:00
Peter Steinberger
b8bb8510a2
feat: move ssh sandboxing into core
2026-03-15 21:35:30 -07:00
Peter Steinberger
be8fef3840
docs: expand openshell sandbox docs
2026-03-15 20:35:56 -07:00
Peter Steinberger
ae7f18e503
feat: add remote openshell sandbox mode
2026-03-15 20:28:19 -07:00
Peter Steinberger
dd40741e18
feat(plugins): add compatible bundle support
2026-03-15 16:08:50 -07:00
Vincent Koc
132e459009
fix(ci): config drift found and documented
2026-03-15 10:43:03 -07:00
Peter Steinberger
ff61343d76
fix: harden mention pattern regex compilation
2026-03-15 08:44:12 -07:00
Peter Steinberger
a472f988d8
fix: harden remote cdp probes
2026-03-15 08:23:01 -07:00
George Zhang
2806f2b878
Heartbeat: add isolatedSession option for fresh session per heartbeat run ( #46634 )
...
Reuses the cron isolated session pattern (resolveCronSession with forceNew)
to give each heartbeat a fresh session with no prior conversation history.
Reduces per-heartbeat token cost from ~100K to ~2-5K tokens.
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-14 16:28:01 -07:00
Peter Steinberger
b6d1d0d72d
fix(browser): prefer user profile over chrome relay
2026-03-14 04:15:34 +00:00
liyuan97
55f47e5ce6
onboard(minimax): flatten auth to 4 direct choices, unify CN/Global under single provider ( #44284 )
...
Replace the multi-step MiniMax onboarding wizard with 4 flat options:
- MiniMax Global — OAuth (minimax.io)
- MiniMax Global — API Key (minimax.io)
- MiniMax CN — OAuth (minimaxi.com)
- MiniMax CN — API Key (minimaxi.com)
Storage changes:
- Unify CN and Global under provider "minimax" (baseUrl distinguishes region)
- Profiles: minimax:global / minimax:cn (both regions can coexist)
- Model ref: minimax/MiniMax-M2.5 (no more minimax-cn/ prefix)
- Remove LM Studio local mode and Lightning/Highspeed choice
Backward compatibility:
- Keep minimax-cn in provider-env-vars for existing configs
- Accept minimax-cn as legacy tokenProvider in CI pipelines
- Error with migration hint for removed auth choices in non-interactive mode
- Warn when dual-profile overwrites shared provider baseUrl
Made-with: Cursor
2026-03-12 11:23:42 -07:00
Nimrod Gutman
b77b7485e0
feat(push): add iOS APNs relay gateway ( #43369 )
...
* feat(push): add ios apns relay gateway
* fix(shared): avoid oslog string concatenation
# Conflicts:
# apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift
* fix(push): harden relay validation and invalidation
* fix(push): persist app attest state before relay registration
* fix(push): harden relay invalidation and url handling
* feat(push): use scoped relay send grants
* feat(push): configure ios relay through gateway config
* feat(push): bind relay registration to gateway identity
* fix(push): tighten ios relay trust flow
* fix(push): bound APNs registration fields (#43369 ) (thanks @ngutman)
2026-03-12 18:15:35 +02:00
Josh Avant
0bcb95e8fa
Models: enforce source-managed SecretRef markers in models.json ( #43759 )
...
Merged via squash.
Prepared head SHA: 4a065ef5d8830519+joshavant@users.noreply.github.com >
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com >
Reviewed-by: @joshavant
2026-03-12 02:22:52 -05:00
Luke
7761e7626f
Providers: add Opencode Go support ( #42313 )
...
* feat(providers): add opencode-go provider support and onboarding
* Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF
* Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF
* Update CHANGELOG.md
---------
Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca >
Co-authored-by: Vincent Koc <vincentkoc@ieee.org >
2026-03-11 01:31:06 -04:00
Josh Avant
0125ce1f44
Gateway: fail closed unresolved local auth SecretRefs ( #42672 )
...
* Gateway: fail closed unresolved local auth SecretRefs
* Docs: align node-host gateway auth precedence
* CI: resolve rebase breakages in checks lanes
* Tests: isolate LOCAL_REMOTE_FALLBACK_TOKEN env state
* Gateway: remove stale remote.enabled auth-surface semantics
* Changelog: note gateway SecretRef fail-closed fix
2026-03-10 21:41:56 -05:00
Peter Steinberger
8eac939417
fix(security): enforce target account configWrites
2026-03-11 01:24:36 +00:00
Peter Steinberger
201420a7ee
fix: harden secret-file readers
2026-03-10 23:40:10 +00:00
Josh Avant
d30dc28b8c
Secrets: reject exec SecretRef traversal ids across schema/runtime/gateway ( #42370 )
...
* Secrets: harden exec SecretRef validation and reload LKG coverage
* Tests: harden exec fast-exit stdin regression case
* Tests: align lifecycle daemon test formatting with oxfmt 0.36
2026-03-10 13:45:37 -05:00
Josh Avant
0687e04760
fix: thread runtime config through Discord/Telegram sends ( #42352 ) (thanks @joshavant) ( #42352 )
2026-03-10 13:30:57 -05:00
Peter Steinberger
d3111fbbcb
fix: make browser relay bind address configurable ( #39364 ) (thanks @mvanhorn)
2026-03-08 19:15:21 +00:00
GitBuck
caf1b84822
feat: allow compaction model override via config ( #38753 )
...
Merged via squash.
Prepared head SHA: a3d6d6c84525417736+starbuck100@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-03-08 10:47:34 -07:00
Peter Steinberger
b4c8950417
refactor: centralize talk silence timeout defaults
2026-03-08 14:58:29 +00:00
dano does design
6ff7e8f42e
talk: add configurable silence timeout
2026-03-08 14:30:25 +00:00
Peter Steinberger
59102a1ff7
fix: add gemini 3.1 flash-lite support
2026-03-08 05:12:48 +00:00
Peter Steinberger
100da9f45c
fix: correct gemini flash model id
2026-03-08 02:32:58 +00:00
Peter Steinberger
5f8f58ae25
fix(gateway): require admin for chat config writes
2026-03-07 19:38:49 +00:00
Josh Avant
8e20dd22d8
Secrets: harden SecretRef-safe models.json persistence ( #38955 )
2026-03-07 11:28:39 -06:00
Peter Steinberger
1dd4f92ea2
fix: default local onboarding tools profile to coding
2026-03-07 16:41:27 +00:00
Efe Büken
03b9abab84
feat(compaction): make post-compaction context sections configurable ( #34556 )
...
Merged via squash.
Prepared head SHA: 491bb28544259833796+efe-arv@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-03-06 14:57:15 -08:00
Vincent Koc
9c1786bdd6
Telegram/Discord: honor outbound mediaMaxMb uploads ( #38065 )
...
* Telegram: default media cap to 100MB
* Telegram: honor outbound mediaMaxMb
* Discord: add shared media upload cap
* Discord: pass mediaMaxMb to outbound sends
* Telegram: cover outbound media cap sends
* Discord: cover media upload cap config
* Docs: update Telegram media cap guide
* Docs: update Telegram config reference
* Changelog: note media upload cap fix
* Docs: note Discord upload cap behavior
2026-03-06 10:53:06 -05:00
Vincent Koc
5470337b1c
docs(config): list the context engine plugin slot
2026-03-06 08:53:30 -05:00
Gustavo Madeira Santana
688b72e158
plugins: enforce prompt hook policy with runtime validation ( #36567 )
...
Merged via squash.
Prepared head SHA: 6b9d883b6a5599352+gumadeiras@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-03-05 18:15:54 -05:00
Vincent Koc
98aecab7bd
Docs: cover heartbeat, cron, and plugin route updates
2026-03-05 17:05:21 -05:00
Vincent Koc
1d3962a000
Docs: update gateway config reference for Slack and TTS
2026-03-05 16:57:40 -05:00
Josh Avant
72cf9253fc
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails ( #35094 )
2026-03-05 12:53:56 -06:00
Bob
6a705a37f2
ACP: add persistent Discord channel and Telegram topic bindings ( #34873 )
...
* docs: add ACP persistent binding experiment plan
* docs: align ACP persistent binding spec to channel-local config
* docs: scope Telegram ACP bindings to forum topics only
* docs: lock bound /new and /reset behavior to in-place ACP reset
* ACP: add persistent discord/telegram conversation bindings
* ACP: fix persistent binding reuse and discord thread parent context
* docs: document channel-specific persistent ACP bindings
* ACP: split persistent bindings and share conversation id helpers
* ACP: defer configured binding init until preflight passes
* ACP: fix discord thread parent fallback and explicit disable inheritance
* ACP: keep bound /new and /reset in-place
* ACP: honor configured bindings in native command flows
* ACP: avoid configured fallback after runtime bind failure
* docs: refine ACP bindings experiment config examples
* acp: cut over to typed top-level persistent bindings
* ACP bindings: harden reset recovery and native command auth
* Docs: add ACP bound command auth proposal
* Tests: normalize i18n registry zh-CN assertion encoding
* ACP bindings: address review findings for reset and fallback routing
* ACP reset: gate hooks on success and preserve /new arguments
* ACP bindings: fix auth and binding-priority review findings
* Telegram ACP: gate ensure on auth and accepted messages
* ACP bindings: fix session-key precedence and unavailable handling
* ACP reset/native commands: honor fallback targets and abort on bootstrap failure
* Config schema: validate ACP binding channel and Telegram topic IDs
* Discord ACP: apply configured DM bindings to native commands
* ACP reset tails: dispatch through ACP after command handling
* ACP tails/native reset auth: fix target dispatch and restore full auth
* ACP reset detection: fallback to active ACP keys for DM contexts
* Tests: type runTurn mock input in ACP dispatch test
* ACP: dedup binding route bootstrap and reset target resolution
* reply: align ACP reset hooks with bound session key
* docs: replace personal discord ids with placeholders
* fix: add changelog entry for ACP persistent bindings (#34873 ) (thanks @dutifulbob)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com >
2026-03-05 09:38:12 +01:00
Gustavo Madeira Santana
e4b4486a96
Agent: unify bootstrap truncation warning handling ( #32769 )
...
Merged via squash.
Prepared head SHA: 5d6d4ddfa65599352+gumadeiras@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-03-03 16:28:38 -05:00
Shadow
65816657c2
feat(discord): add allowBots mention gating
2026-03-03 12:47:25 -06:00
Shadow
05446d6b6b
docs: document discord ignoreOtherMentions
2026-03-03 11:26:20 -06:00
Shadow
e28ff1215c
fix: discord auto presence health signal ( #33277 ) (thanks @thewilloftheshadow) ( #33277 )
2026-03-03 11:20:59 -06:00
Sid
4ffe15c6b2
fix(telegram): warn when accounts.default is missing in multi-account setup ( #32544 )
...
Merged via squash.
Prepared head SHA: 7ebc3f65b2201593046+Sid-Qin@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-03-03 03:27:19 -05:00
