Commit Graph

53240 Commits

Author SHA1 Message Date
xiaotian
fb1dfd486b fix(slack): retain delivered final replies during late cleanup
Fix Slack draft cleanup after final-visible delivery.

Track when Slack has already delivered a visible final reply and stop reusing the draft finalizer for later same-turn final/error payloads. This keeps the first fallback cleanup for transient previews while preventing late cleanup from deleting a visible answer.

Fixes #87363

Co-authored-by: tianxiaochannel-oss88 <tianxiaochannel@gmail.com>
2026-05-27 23:16:17 +01:00
Peter Steinberger
cf47580a45 test(ci): align startup and model fixtures 2026-05-27 18:09:03 -04:00
Peter Steinberger
efbd00f282 fix: preserve retry-after fallback 2026-05-27 18:03:13 -04:00
Peter Steinberger
f24844d801 fix: reject partial numeric parsing 2026-05-27 18:00:19 -04:00
Peter Steinberger
db549137d3 fix(agents): bound compaction wake retry timeouts 2026-05-27 22:57:51 +01:00
alkor2000
ea2e9ce8bd fix(agents): clamp compaction steer retry wait to remaining delivery window
The compaction retry loop checked the delivery-timeout deadline before
choosing a fixed backoff delay, then slept that whole delay. When the
remaining window was shorter than the next backoff entry, the final
retry could sleep past the deadline, overrunning the delivery timeout
the retry is meant to stay within. Clamp the wait to the remaining
window (min(scheduledDelay, deadline - now)) and stop retrying once no
time remains, so compaction waiting never exceeds the delivery timeout.

Addresses the near-deadline overrun raised in ClawSweeper review of #86606.
2026-05-27 22:57:51 +01:00
alkor2000
a7b8e6a5a9 fix(agents): wait for compaction before requester steering fallback
Follow-up to #85489. Active requester steering treated a `compacting`
outcome from queueEmbeddedPiMessageWithOutcome as a terminal wake
failure and fell through to the requester-agent/direct fallback, even
though the active run becomes steerable again as soon as compaction
finishes.

Introduce a shared resolveActiveWakeWithRetries helper used by both the
steer path (maybeSteerSubagentAnnounce) and the generated-completion
active wake (sendSubagentAnnounceDirectly). The helper treats
`compacting` as transient and waits through compaction, retrying the
same wake. Waiting is bounded by the active wake's delivery timeout (not
just the backoff schedule): the backoff schedule controls the gap
between attempts, and once it is exhausted its last delay is reused until
the delivery deadline, so a compaction that finishes after the schedule
but within the delivery timeout still re-steers. The best-effort
transcript-commit retry and the compaction retry share one loop, so a
run that compacts and then reports transcript_commit_wait_unsupported
still gets the best-effort retry. Other wake failures keep their
existing single-attempt fallback.

Fixes #86566
2026-05-27 22:57:51 +01:00
Mariano
7299c56953 Fix sub-agent cwd/workspace separation (#87218)
Merged via squash.

Prepared head SHA: f47b073830
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
2026-05-27 23:55:24 +02:00
martingarramon
039fcbaa4c fix(agent-job): preserve grace for pending error diagnostics
Preserve pending agent-job error diagnostics as non-terminal timeout snapshots so the retry grace path can still recover when the lifecycle later starts and completes.

Local proof:
- node scripts/run-vitest.mjs packages/sdk/src/index.test.ts src/gateway/server-methods/server-methods.test.ts src/gateway/server.chat.gateway-server-chat.test.ts src/agents/run-wait.test.ts src/agents/openclaw-tools.sessions.test.ts
- node scripts/run-oxlint.mjs packages/sdk/src/client.ts packages/sdk/src/index.test.ts src/gateway/server-methods/agent-job.ts src/gateway/server-methods/agent.ts src/gateway/server-methods/agent-wait-dedupe.ts src/agents/run-wait.ts src/agents/tools/sessions-send-tool.ts src/gateway/server-methods/server-methods.test.ts src/gateway/server.chat.gateway-server-chat.test.ts src/agents/run-wait.test.ts src/agents/openclaw-tools.sessions.test.ts
- autoreview --mode local: no accepted/actionable findings
- CI run 26536599850: success

Co-authored-by: Martin Garramon <martin@yulicreative.ai>
2026-05-27 22:51:11 +01:00
Kevin Lin
bb752c2b47 Revert "feat: expose plugin approval action metadata" (#87419)
This reverts commit 0c867eef75.

# Conflicts:
#	docs/.generated/plugin-sdk-api-baseline.sha256
2026-05-27 14:48:06 -07:00
Vincent Koc
dfcf211232 test(agents): clarify live subagent steering prompt 2026-05-27 23:45:35 +02:00
Vincent Koc
5ad8036bda test(openai): stabilize live audio transcription 2026-05-27 23:45:35 +02:00
Vincent Koc
7b967c5701 fix(oauth): bound GitHub Copilot requests 2026-05-27 23:27:27 +02:00
Patrick Erichsen
b4e5038692 fix(cli): respect subcommand version options (#87398)
* fix(cli): respect subcommand version options

* test: stabilize model directive auth status
2026-05-27 16:26:11 -05:00
Vincent Koc
67277088eb fix(oauth): bound Codex token requests 2026-05-27 23:20:15 +02:00
Peter Steinberger
5f68291f4f fix(agents): move session write lock into owned session runtime (#87409)
* fix(agents): move session write lock into owned session runtime

* test(agents): use typed tool-call fixtures
2026-05-27 22:17:35 +01:00
Vincent Koc
21d9609866 fix(gateway): quarantine unsupported effective tool schemas 2026-05-27 23:15:24 +02:00
Mariano Belinky
a7d2d9c6df fix: migrate legacy memory auto provider 2026-05-27 23:03:32 +02:00
Vincent Koc
09d2682cd8 fix(openai): resolve gpt-5.5 without cached catalog 2026-05-27 22:57:30 +02:00
Vincent Koc
00004ca798 fix(cli): wait for respawn child shutdown 2026-05-27 22:57:30 +02:00
Peter Steinberger
7f7eca1ad2 fix(codex): preserve shared app-server after startup app errors (#87399)
* fix(codex): preserve shared app-server after startup app errors

* fix(codex): align startup cleanup tests with current types

* test(config): isolate installed plugin ledger cache
2026-05-27 21:50:41 +01:00
Dallin Romney
87944c0d80 chore(ui): mark generated locale artifacts (#87406) 2026-05-27 13:48:21 -07:00
Vincent Koc
f39f1a4712 fix(e2e): bound MCP channel harness buffers 2026-05-27 22:34:08 +02:00
Vincent Koc
1eb27da55d fix(testing): bound openclaw instance logs 2026-05-27 22:29:36 +02:00
Peter Steinberger
9ff071f646 test(config): clear install record cache in validation fixture 2026-05-27 16:23:01 -04:00
GarlicGo
2900c1c25c fix(inbound-meta): include seconds in timestamps
Include second-level precision in inbound metadata and auto-reply envelope timestamps, matching the timestamp helper contract used by providers and channel adapters.

Docs now show the weekday plus seconds form in date-time and timezone examples.

Verification:
- node scripts/run-vitest.mjs src/auto-reply/envelope.test.ts src/auto-reply/reply/inbound-meta.test.ts
- pnpm docs:list >/tmp/openclaw-docs-list-87360.log
- git diff --check origin/main...HEAD
- pnpm format:docs:check
- pnpm lint:docs
- pnpm lint:extensions:bundled
- pnpm lint
- PR CI green on 495bb6c10f

Fixes #87257

Co-authored-by: GarlicGo <582149912@qq.com>
2026-05-27 21:18:08 +01:00
Alix-007
f4329fe0d6 fix(agents): bound plugin system context
* fix(agents): bound plugin system context

* test(agents): align wrapped system context expectations

* style(agents): format hook context helper

* test(codex): expect plugin system context boundary

---------

Co-authored-by: Alix-007 <267018309+Alix-007@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-05-27 21:16:15 +01:00
Peter Steinberger
b257b988a1 perf(plugins): trust install records cache between reloads 2026-05-27 21:13:39 +01:00
Pavan Kumar Gondhi
c923b07784 fix(gateway): expire browser tokens after auth rotation
Expire browser-origin Control UI/WebChat device tokens when shared gateway auth rotates by tagging those tokens with the shared-auth generation and enforcing it during verification.

Preserve the issuer tag when a shared-auth-derived device token reconnects through a non-browser client, so reconnect rotation cannot turn it into an untagged long-lived token.

Proof:
- OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs src/gateway/server.shared-auth-rotation.test.ts src/infra/device-pairing.test.ts src/gateway/control-ui.http.test.ts
- GitHub CI run 26535632102: relevant build/runtime/test-type checks green; inherited lint reds match origin/main.
- GitHub CodeQL Critical Quality run 26535631610: network-runtime-boundary green.

Co-authored-by: Pavan Kumar Gondhi <pavangondhi@gmail.com>
2026-05-27 21:13:20 +01:00
Vincent Koc
d9051151d7 fix(gateway): scope assistant idempotency dedupe 2026-05-27 22:09:31 +02:00
Vincent Koc
4ff944c0e8 fix(ci): stabilize model picker and release checks 2026-05-27 22:05:38 +02:00
Peter Steinberger
171675b54b docs: clarify backport target 2026-05-27 21:05:25 +01:00
Peter Steinberger
d30ba7f961 fix(ci): satisfy codex extension lint 2026-05-27 16:05:06 -04:00
Dallin Romney
cc2948d1e1 fix(codex): narrow legacy hook generation grace (#87386) 2026-05-27 13:01:44 -07:00
Peter Steinberger
4da2b5f4d9 perf(config): prefer native JSON parsing 2026-05-27 20:56:58 +01:00
Peter Steinberger
c71c49c460 fix(ci): address lint and test type failures 2026-05-27 15:56:12 -04:00
Sebastien Tardif
60e8e60306 fix(tool-search): reuse unchanged catalogs
Fixes repeated Tool Search catalog registration for unchanged effective tool sets by reusing a fingerprinted catalog snapshot across embedded-agent run cleanup.

The reusable catalog is guarded by catalog-affecting fields, parameters, and executable identity, and reuse now rebinds the current run/session refs before returning. Embedded-agent prep logging only suppresses the catalog line when reuse actually happened.

Verification:
- pnpm test src/agents/tool-search.test.ts -- --reporter=verbose
- pnpm check:changed, Testbox tbx_01ksney4f00wgk9n39yv7jsh4m
- Real behavior proof, GitHub Actions run 26534896284
- CI rerun for unrelated model-picker timeout passed, GitHub Actions run 26534489215
- autoreview clean: no accepted/actionable findings

Closes #86887
Co-authored-by: Sebastien Tardif <sebtardif@ncf.ca>
2026-05-27 20:56:06 +01:00
Peter Steinberger
d93524d1cc fix(codex): route workspace memory through tools (#87383)
* fix(codex): route workspace memory through tools

* fix(codex): preserve extra memory bootstrap files

* fix(codex): support memory_get-only context routing

* fix(codex): only tool-route canonical workspace memory

* fix(codex): keep memory fallback for sandbox workspaces
2026-05-27 20:55:27 +01:00
Yuval Dinodia
74f9d6b96d fix(codex): preserve shared app-server when spawned helper run fails logically (#72574) (#87375)
* fix(codex): preserve shared app-server when spawned helper run fails logically

* fix(codex): widen spawnedBy param to match EmbeddedRunAttemptParams

* fix(codex): align spawnedBy startup typing

* fix(codex): retire shared client on spawned startup timeout

* fix(codex): narrow spawned thread-start preservation

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-05-27 20:48:18 +01:00
Peter Steinberger
15b1e99df3 perf(sessions): add precomputed patch writer 2026-05-27 20:45:27 +01:00
Peter Steinberger
26a8432ee1 fix(ci): align release and image tests 2026-05-27 15:44:56 -04:00
Peter Steinberger
94749b0a45 fix(cli): reject malformed numeric inputs 2026-05-27 15:43:12 -04:00
狼哥
b789e71e57 fix(agents): avoid session event queue self-wait (#86123)
Avoids a self-wait in embedded agent session event hooks by skipping the queue drain only for hooks running inside the current session event processing chain. Detached or external hook work still drains the queue before taking the session write lock.

Verification:
- node scripts/run-vitest.mjs run --config test/vitest/vitest.agents-embedded-agent.config.ts src/agents/embedded-agent-runner/run/attempt.session-lock.test.ts
- node scripts/run-oxlint.mjs --tsconfig config/tsconfig/oxlint.core.json src/agents/embedded-agent-runner/run/attempt.session-lock.test.ts src/agents/embedded-agent-runner/run/attempt.session-lock.ts --threads=8
- .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main
- GitHub CI: https://github.com/openclaw/openclaw/actions/runs/26533883763

Thanks @luoyanglang.

Co-authored-by: luoyanglang <hanwanlonga@gmail.com>
2026-05-27 20:38:01 +01:00
keshavbotagent
e339586750 fix(plugin-state): evict current namespace on plugin row cap
Make plugin-state enforce the plugin-wide live-row fuse by evicting only from the namespace currently being written, preserving sibling namespace rows and still failing atomically when the current namespace cannot free enough rows.

Raise the plugin-wide cap to 6,000 rows, keep Telegram's persistent message-cache namespace at 3,000 entries, and document the updated SDK runtime contract. Harden legacy plugin-state import so capacity pressure cannot archive a source after losing imported keys, with focused regression coverage for Telegram-shaped namespaces and migration rollback.

Also restore the Docker runtime-assets preflight step in full release validation so release workflow contract tests stay aligned.

Verification: focused plugin-state, migration, Telegram, workflow-contract, lint, deprecated-API, diff-check, Blacksmith Testbox, CI, CodeQL, Workflow Sanity, OpenGrep, and autoreview all passed on PR head fee021cfa6.

Co-authored-by: Keshav's Bot <keshavbotagent@gmail.com>
2026-05-27 20:33:40 +01:00
Shubhankar Tripathy
90f30075aa fix(channels): preserve Telegram SecretRef prompt config
Use read-only Telegram account inspection for prompt-time channel actions, inline buttons, and reaction guidance so unresolved SecretRef tokens retain configured non-secret behavior before runtime snapshot hydration.

Match runtime Telegram account lookup for normalized config keys and multi-account fallback guards, while keeping sends/actions on the existing strict credential resolution path.

Fixes #75433.

Co-authored-by: Shubhankar Tripathy <reach2shubhankar@gmail.com>
2026-05-27 20:25:41 +01:00
Patrick Erichsen
ee57f341f0 Add ClawHub skill verification and trust surfaces (#86699)
* feat(skills): fetch ClawHub skill verification

* feat(skills): resolve ClawHub verification targets

* feat(skills): add ClawHub verify command

* docs(skills): document ClawHub verification

* test(skills): type verify CLI fixture

* fix(skills): fetch verified skill card URL

* fix(skills): bound verified card downloads

* fix(skills): fail closed on malformed verification

* fix(skills): corroborate ClawHub install origins

* feat(skills): surface ClawHub trust in control UI

* chore(protocol): refresh generated gateway models

* chore(ui): refresh i18n raw copy baseline

* docs: clarify skills verify wording

* fix: fail closed on skill trust mismatches

* fix: reject incomplete clawhub provenance

* fix: satisfy trust verdict lint

* fix: restore ci checks after main merge
2026-05-27 14:23:24 -05:00
Peter Steinberger
431eb9cda4 perf(sessions): skip unchanged store serialization 2026-05-27 20:22:22 +01:00
Vincent Koc
bde1bad2c1 fix(gateway): bound webchat image data scans 2026-05-27 21:00:38 +02:00
Peter Steinberger
2f710f5604 fix(ci): avoid deprecated sdk import in canvas cli 2026-05-27 14:57:00 -04:00
Alex Knight
42e9504114 fix(codex): preserve native hook relay across restarts
Fixes #87331.\n\nPersist Codex native hook relay generations for real app-server resumes, keep a bounded legacy-binding grace path, and rotate generation on fresh-thread fallback so stale hook commands stay rejected.\n\nCo-authored-by: Alex Knight <15041791+amknight@users.noreply.github.com>
2026-05-27 19:55:19 +01:00