Back

OpenClaw Official Changelog

Source: github.com/openclaw/openclaw ↗, auto-synced hourly

v2026.7.1-beta.5pre-release2026-07-11

OpenClaw 2026.7.1-beta.5

GitHub ↗

Highlights

  • ·**Conversational onboarding:** Crestodian now runs a real agent-loop setup across the CLI, web install, and macOS app, with AI-guided provider setup, model-judged approvals bound to exact operations, masked credential prompts, and deterministic fallback when no model is available. (#99935, #100029, #100656, #101887)
  • ·**ClawRouter routing and quotas:** add the bundled ClawRouter provider with credential-scoped dynamic model discovery, OpenAI-compatible and native Anthropic/Gemini transports, auth-profile model resolution, and managed usage and budget reporting. (#99658, #99759)
  • ·**Control UI and native macOS chat:** make sessions primary with a minimal searchable sidebar, compact context ring, reasoning-effort slider, cleaner dashboard chrome, and a native macOS session browser with model and thinking pickers, slash commands, transcript export, and context usage. (#99289, #99838, #100386, #101103, #101497)
  • ·**Offline and spoken mobile chat:** iOS and Android now pre-paint bounded per-gateway session and transcript caches offline; Apple Watch gains full voice turns, and iOS can speak replies through configured Gateway TTS with on-device fallback. (#100219, #100227, #100283, #100770, #100771)
  • ·**Session organization and generated titles:** generate concise session titles through utility-model routing and add Gateway-backed groups, unread state, rename, fork, archive, and delete controls, plus group management across web, iOS, and Android. (#87643, #100814, #101117, #101234)
  • ·**OpenAI GPT-5.6 support:** recognize the Sol, Terra, and Luna model family across API-key, ChatGPT/Codex OAuth, simple-completion, and Codex app-server paths, with correct context and pricing metadata plus `max` reasoning support. (#98333)
  • ·**External harness attachment:** `openclaw attach` launches Claude Code against an existing Gateway session with scoped, revocable, TTL-bound MCP grants, temporary configuration cleanup, and automatic revoke-on-exit. (#96454)
  • ·**Telegram Codex workflows:** Telegram can pair Codex through private `/login`, steer active runs with `/steer` and `/tell`, and recover final sends across rejected rich entities, captions, quotes, and flood waits. (#98006, #98126, #98786)

Changes

  • ·**Meta provider:** add bundled `muse-spark-1.1` Responses API support with streaming, tool calls, encrypted reasoning replay, onboarding, exact-model live validation, and standalone npm/ClawHub distribution as `@openclaw/meta-provider`. (#102873, #103070, #103163)
  • ·**Android chat agent selector:** switch the active agent directly from the live chat screen while keeping chat, Talk mode, and home canvas on the same canonical session. (#80422)
  • ·**Gateway host status:** show the connected Gateway's host, network address, OS, runtime, uptime, CPU, memory, and disk details in Control UI Settings. (#100478)
  • ·**Gateway crash-loop recovery:** persist boot outcomes, enter control-plane-safe mode after repeated unclean starts, hold transport and provider activation until recovery, and exit with `EX_CONFIG` for fatal configuration errors so systemd and launchd stop restart flapping.
  • ·**iOS offline chat:** pre-paint recent sessions and canonical transcripts from a protected, bounded per-gateway cache, keep sending disabled offline, and purge cached conversation text when pairing is reset. (#100219)
  • ·**Slack progress indicators:** use Slack's native assistant thread status and rotating loading messages by default while keeping acknowledgement reactions static; lifecycle reaction updates now require `messages.statusReactions.enabled: true`.
  • ·**Control UI Talk controls:** keep voice, model, sensitivity, and other realtime defaults in Settings → Communications → Talk, and use the composer microphone caret to select any browser audio input. (#101046)
  • ·**Cron model selection:** choose an agent-turn model in Control UI Quick Create and show configured or default models in cron job rows and details. (#95341)
  • ·**Control UI GitHub previews:** show issue and pull request state, title, author, activity, comments, and change statistics in hover and keyboard-focus cards. (#100434)
  • ·**Logbook work journal:** add a disabled-by-default bundled plugin that turns paired-node screen snapshots into a private timeline, daily standup, and timeline-grounded Q&A in a plugin-contributed Control UI tab. (#99930)
  • ·**Control UI message context:** reveal per-message token, context, and model details from the timestamp on hover or activation instead of showing a separate Context button.
  • ·**Control UI session titles:** reveal truncated recent-session names with a reduced-motion-safe hover animation.
  • ·**Control UI sidebar navigation:** show a small customizable pinned destination set, keep the remaining pages under More, move Settings to the footer, and persist sidebar customization in the browser. (#100296)
  • ·**Control UI sidebar usage:** remove the provider usage quota row from the expanded sidebar while keeping usage details available in the chat composer and Usage page.
  • ·**Android chat code highlighting:** render fenced Kotlin, Swift, TypeScript, JavaScript, Python, Bash, and JSON blocks with bounded, theme-aware syntax colors while preserving plain rendering for unknown, partial, or oversized blocks. (#100217)
  • ·**Gateway TTS playback:** add an operator-scoped `tts.speak` RPC that returns configured-provider speech as inline whole-clip audio for remote clients. (#100770)
  • ·**Control UI context usage:** show context-window progress, latest-run input/output tokens, and the active model when the chat context ring is opened.
  • ·**Apple Watch voice turns:** dictate a message from the Watch chat and hear the new OpenClaw reply spoken on the Watch, with explicit silent-message and stop-speaking controls. (#100224)
  • ·**Conversational onboarding:** add a real agent-loop Crestodian setup flow across the CLI, Gateway, web install, and macOS app, with typed operations, exact approval binding, masked credential prompts, isolated session transcripts, and safe handoff to the normal agent.
  • ·**Generated session titles:** name new Control UI sessions from their first message, and add default/per-agent `utilityModel` routing for lower-cost session, topic, and thread title generation.
  • ·**ClawRouter routing and quotas:** add the bundled ClawRouter provider plugin with credential-scoped dynamic model discovery, OpenAI-compatible and native Anthropic/Gemini transports, and managed budget reporting across OpenClaw usage surfaces. (#99658)
  • ·**Model and provider coverage:** add GPT-5.6 support, use Nemotron Super's 1M context window, and preserve explicit OpenRouter authentication headers. (#98333, #98726, #98187)
  • ·**CLI and node workflows:** add `openclaw attach`, node context-path support, actionable device-approval recovery guidance, soft-resume CLI sessions when prompt metadata changes, and clearer plugin install exit diagnostics. (#96454, #97679, #98115, #98146, #98497, #99822)
  • ·**Cron and usage:** add exit-triggered schedules, detached session-targeted runs, and an in-flight job doctor warning, while making the existing usage footer easier to wrap on Telegram. (#92037, #98755, #98620, #92877)
  • ·**Native apps and localization:** modernize iOS presentation, Chat, Talk, onboarding, and reconnect flows; add Gateway speech providers; improve QR onboarding and protocol recovery; install the local Gateway from macOS; localize core Apple and Android surfaces; and add Swedish mobile localization. (#98452, #98736, #99243, #98376, #98302, #98385, #99767, #97110, #97111, #97112, #97113, #98043)
  • ·**Messaging capabilities:** add native iMessage polls, Telegram Codex pairing and steering, Telegram multi-lane progress summaries, and Signal target aliases. (#98421, #98006, #98126, #98907, #95738)
  • ·**Local inference and chat controls:** auto-discover Ollama inference nodes, add Control UI session-first navigation, reasoning controls, and command picking, and keep OpenClaw control tools available when deferred tool search selects the wrong tool family. (#99234, #99289, #99426, #99838, #99561)
  • ·**Doctor and diagnostics:** expose auth-profile, workspace, device-pairing, channel-plugin, memory-provider, systemd exhaustion, and Windows LAN firewall findings. (#97125, #97358, #97366, #97496, #97968, #98291, #98666)
  • ·**Policy repair previews:** show review-required Gateway bind and denied node-command changes during `doctor --fix` without applying them or counting the findings as repaired. (#99776)
  • ·**Conversation and review controls:** prepare scoped conversation capability profiles and add Cursor Agent as an autoreview engine. (#98536, #97348)

Fixes

  • ·**Browser actions on Node 24:** keep browser request cancellation bound to the client and response lifetime instead of Node 24.16+'s prematurely aborted body-stream signal, preventing valid POST actions from failing after JSON parsing.
  • ·**SecretRef model credentials:** keep resolved provider secrets behind process-local sentinels through auth storage, stream setup, SDK configuration, and managed local-provider probing, then inject plaintext only at the final network or provider-plugin boundary while retaining exact-value log redaction. (#102008, #102009)
  • ·**Telegram token redaction:** redact bot tokens even when log transports split them across chunks, preventing fragmented credentials from escaping structured and streamed logs. (#103861)
  • ·**Telegram durable turn adoption:** complete spooled updates only after durable agent adoption, detach adopted turns from the ingress reply fence, and suppress superseded replies so recovery cannot leak stale or duplicate responses. (#103664, #103952, #103965)
  • ·**Task delivery recovery:** normalize legacy delivery statuses while restoring task records so older queued work becomes runnable instead of aborting registry recovery. (#103946) Fixes #103168
  • ·**Diagnostics provider evidence:** emit one deduplicated `provider.request` timeline event for every completed or failed model call, so opt-in timelines can prove real provider traffic without double-counting terminal paths. Fixes #103063
  • ·**Lean local model shell access:** keep `exec` directly visible beside the default structured Tool Search controls so coding-tuned local models can use their shell fallback instead of searching for missing domain tools. (#101607)
  • ·**OAuth refresh contention diagnostics:** keep local lock paths out of user-facing refresh failures and avoid duplicate failure prefixes while preserving structured provider and profile classification. (#101573)
  • ·**Exec approval prompts:** keep background-disabled fallback warnings out of pending gateway/node approvals and show them only after a command actually runs in the foreground. (#101561)
  • ·**Direct poll delivery:** route direct and hybrid channel polls through the owning outbound adapter while preserving gateway-mode routing and channel option checks. (#99950)
  • ·**Agent wait hard-timeout snapshots:** preserve canonical hard-timeout phase and timestamps when the outer `agent.wait` timer wins the retry-grace race, while leaving queue, draining, and restart-cancelled waits correctable. (#89367)
  • ·**Control UI typed approvals:** send `/approve` commands immediately through the authorized Gateway command path while an agent run is blocked instead of queueing the command behind that run. (#101532)
  • ·**Microsoft Teams Graph response bounds:** cap successful file-upload and chat JSON reads so oversized Microsoft Graph responses cannot be buffered without limit. (#97784)
  • ·**Packaged speech runtime:** stop treating package-backed `speech-core` as a bundled plugin sidecar, restoring TTS startup in npm installs while release checks keep true activation-bypassing facades package-complete. (#89899, #89425)
  • ·**Container image upgrades:** run versioned state migrations and plugin convergence before Gateway readiness when reusing mounted state, failing closed with `doctor --fix` recovery guidance instead of serving half-upgraded state. (#101881) Fixes #98565
  • ·**Codex app-server protocol:** require app-server 0.143 or newer, remove pre-0.142 wire-shape compatibility, migrate retired `on-failure` approval settings to `on-request` in Codex configuration and saved bindings, teach Codex to retrieve deferred native `spawn_agent` through `tool_search` so native subagent task mirroring works on search-capable models, and update the managed runtime to 0.144.1 for code-mode host installation and missing-host fallback reliability.
  • ·**Android hardware keyboard chat:** send with unmodified Enter on physical keyboards while preserving Shift+Enter and other modified Enter combinations for multiline input. (#101239)
  • ·**CJK Markdown emphasis:** render adjacent Chinese, Japanese, and Korean emphasis punctuation through the shared Markdown pipeline instead of leaking literal markers across channels. (#101230, #101120)
  • ·**Backup retry cleanup:** close partial archive output handles and isolate each retry path after live-write failures, preventing Windows `EBUSY` locks from cascading across attempts or leaving stale temp archives. (#101449, #101464)
  • ·**Codex yielded native subagents:** keep the parent app-server subscription and shared client alive until yielded native subagent completion delivery settles, preventing lost wakeups and leaked one-shot cleanup.
  • ·**Delivery recovery pacing:** pace eligible outbound and restart-continuation replays after gateway startup so outage backlogs do not burst into channel rate limits, while preserving the wall-clock recovery budget. (#101118, #101058)
  • ·**Outbound pre-connect recovery:** clear stale platform-send evidence atomically when a connect or DNS failure proves no request was sent, allowing queued Discord and other channel messages to replay after connectivity returns without weakening the unknown-send duplicate guard. (#101024, #100979)
  • ·**Discord streamed finals:** send completion replies as fresh messages so inactive channels become unread, while preserving targeted mentions without escalating `@everyone` or `@here`. (#99711, #99662)
  • ·**OpenAI-compatible SSE parsing:** recognize event streams mislabeled as JSON without prepending a second `data:` prefix, preserving valid streamed responses from non-conforming providers. (#96503)
  • ·**Meta Model API contract:** use the current Meta endpoint and output-token field so `muse-spark-1.1` validation and live requests match the provider contract. (#103680) Fixes #103667
  • ·**LM Studio embedding preload:** honor model- and provider-level context-window limits when preloading embedding models, preventing avoidable GPU out-of-memory failures. (#100750)
  • ·**Provider overload messaging:** keep rate-limited responses classified for retry and fallback behavior while using overload wording when the provider supplies no explicit retry detail. (#98165)
  • ·**Microsoft Teams attachment metadata:** bound Bot Framework `attachmentInfo` JSON reads and cancel oversized streams before they can exhaust Gateway memory. (#99125)
  • ·**Agent auth copy order:** preserve the source agent's portable auth-profile precedence when copying credentials to a new agent while excluding skipped profiles and transient auth state. (#100833)
  • ·**Memory session repair:** keep daily dreaming ingestion bookkeeping outside session-corpus audit and repair so `memory status --fix` preserves healthy daily state. (#93389)
  • ·**Remote browser CDP policy:** allow the configured CDP control host through an existing hostname allowlist without widening page navigation policy, while keeping strict-policy discovery bound to the configured control authority. (#100986, #100819)
  • ·**Config unset diagnostics:** explain when an inherited or default configuration value cannot be unset instead of reporting a misleading successful deletion. (#96557)
  • ·**Crestodian command probes:** contain stdout and stderr stream failures while keeping child-process close and spawn errors authoritative, preventing unhandled probe crashes. (#100741)
  • ·**Feishu mention forwarding:** fail closed when the bot Open ID is unavailable so group messages cannot be misclassified as explicit bot mentions. (#100891)
  • ·**Cron edit delivery:** preserve each job's implicit delivery mode when applying partial delivery updates, so disabling best-effort delivery no longer turns detached job announcements off. (#100846)
  • ·**Control UI session creation:** keep newly created sessions at the front of the stable sidebar order after selecting another session.
  • ·**Control UI file previews:** keep large Skill Workshop files responsive with cached, offscreen-contained text chunks while preserving wrapped content, stable file switching, full-file copy, and clean focus behavior. (#101319)
  • ·**FTS-only memory startup:** skip plugin capability discovery when `memorySearch.provider` is explicitly `none`, avoiding an unnecessary cold-start scan.
  • ·**Control UI agent model labels:** show each selected agent's effective model in the Default picker option instead of the global model. (#100719, #77440)
  • ·**Control UI inbound image previews:** render canonical inbound media references through the authenticated ticket route after chat-history reloads. (#100725, #89591)
  • ·**Small-context compaction:** cap the effective reserve against the known model context window so small local models do not enter compaction from the first token. (#100621)
  • ·**Detail-less provider failures:** keep opaque upstream failures from cooling API-key auth profiles while preserving WHAM-backed OpenAI OAuth health checks and configured model fallback. (#100617)
  • ·**Plugin install diagnostics:** suppress the misleading hook-pack fallback after plugin install failures only when the hook manifest is absent, while preserving actionable malformed hook-pack errors. (#100554)
  • ·**Config validation diagnostics:** emit each unchanged sanitized validation-warning payload once per config path, reset deduplication after a clean validation, and preserve the warning fingerprint across transient invalid reads and failed refreshes. (#100569, #25574)
  • ·**Config size-drop guard:** compare writes against canonical bytes for parseable object configs instead of raw BOM and indentation overhead, while preserving raw audit telemetry and the conservative malformed-input fallback. (#100591, #71865)
  • ·**Control UI coalesced updates:** show a clear queued-restart completion banner when an update joins an already-running Gateway restart. (#93082)
  • ·**Control UI connection errors:** preserve structured pairing and authentication failures for pending RPC callers while keeping generic disconnect behavior unchanged. (#54758)
  • ·**iOS embedded terminal:** open the terminal-only Control surface directly while native Gateway authentication connects instead of exposing the Web UI login screen.
  • ·**TUI startup status:** show `starting up` during post-connect initialization without overwriting active-run or reconnect state. (#93999)
  • ·**Control UI restart recovery:** recover stale bundle pages through a bounded whole-document refresh after Gateway updates or restarts. (#99111)
  • ·**TUI active Gateway ports:** follow the verified active local Gateway port when no explicit URL, port, or remote target is configured. (#73338, #42461)
  • ·**Apple chat run recovery:** restore active responses from canonical Gateway history after reconnects, foreground resumes, and event gaps, while preserving gateway user-turn identity across Codex and Copilot transcript mirrors to prevent duplicate rows. (#100277)
  • ·**Claude CLI streamed replies:** preserve assistant text already received from Claude CLI when its terminal result envelope is empty, preventing false empty-response failover after a complete streamed answer. (#90450)
  • ·**Phone identity normalization:** canonicalize stray plus signs, preserve non-phone iMessage handles, and reject digit-free Signal identities across shared channel routing. (#100467)
  • ·**Tlon scry response bounds:** cap successful Urbit scry JSON reads and cancel oversized streams instead of buffering unbounded peer responses. (#100376)
  • ·**Source build portability:** keep tsdown configuration self-contained so builds do not depend on resolving the tsdown package from unrun's temporary module directory.
  • ·**Agent tool-call decoding:** preserve surrogate-range numeric HTML entities as literal text while still decoding valid supplementary-plane values, preventing malformed model output from injecting lone UTF-16 surrogates into tool arguments. (#99564)
  • ·**Gateway event dispatch:** catch and log lazy subscriber setup and handler failures instead of leaking unhandled promise rejections. (#100401)
  • ·**Ollama fallback routing:** classify incomplete native streams through the Ollama provider hook so configured model fallbacks can advance. (#100482)
  • ·**Diffs rendering:** render viewer and image output from one SSR preload, preserve language-pack highlighting through hydration, normalize language hints case-insensitively, skip identical before/after inputs with an explicit `changed` result, report truthful file-render and input errors, cache hash-pinned viewer runtimes, and prefer canonical file settings over stale aliases. (#100487)
  • ·**Remote browser reliability:** bound persistent Playwright tab enumeration by the existing remote CDP timeout budget and retire timed-out connection attempts so late completions cannot restore a stuck connection. (#80147, #58968)
  • ·**Browser attachment downloads:** return managed URL, filename, and path metadata when direct Playwright navigation starts an attachment download, while validating final URLs before saving bytes and preserving single-owner explicit downloads. (#48045, #89416)
  • ·**Browser action downloads:** return managed URL, filename, and path metadata when agent actions trigger downloads, while preserving explicit ownership, validating final URLs before saving bytes, and quarantining policy-denied tabs without closing them. (#93250, #93307)
  • ·**Managed browser cookie persistence:** initialize new isolated macOS headless profiles with a non-interactive encryption key while preserving existing profile keys, and close Chromium through CDP before bounded signal fallback so persistent logins survive graceful browser and Gateway restarts. (#96704, #98284)
  • ·**MCP OAuth response bounds:** reject body-less foreign error bodies without calling their inherently unbounded `text()` fallback, while preserving HTTP status and headers for safe SDK diagnostics. (#98143)
  • ·**Tlon image upload bounds:** cap remote image fetches before upload and fail closed on oversized or stalled responses instead of buffering them without a limit. (#100374)
  • ·**Control UI approval prompts:** keep stale resolve failures and busy-state cleanup from leaking across newer approvals or Gateway reconnects. (#98394)
  • ·**macOS service SecretRefs:** preserve generated env-file values for SecretRefs that remain in config when stale Gateway LaunchAgents are repaired or reinstalled without those variables in the invoking shell. (#99124)
  • ·**Anthropic OAuth callbacks:** keep the provider-required `localhost` redirect URI stable while allowing the local callback listener to bind an explicit loopback host. (#96917)
  • ·**Prompt-release media delivery:** accept active-leaf-preserving side appends while an embedded run temporarily releases its session lock, so successive message-tool media replies merge without a false session-takeover failure. (#100490)
  • ·**Control UI Skills filters:** align agent and search controls, use translated labels, and preserve native checkbox and radio sizing. (#100526)
  • ·**Control UI completed-run state:** bind active and completed updates to run identities so stale completions keep Send available while newer runs remain active. (#100527)
  • ·**Control UI context usage:** keep stale cached totals visible as approximate without triggering warning styling or Compact actions. (#89772)
  • ·**Control UI file previews:** remove the duplicate Escape header hint while retaining the Close-button shortcut hint and Escape behavior. (#100528)
  • ·**Control UI autonomous tool failures:** preserve an earlier Tool error outcome across later autonomous recovery turns. (#100514)
  • ·**Agent empty replies:** surface a visible failure when a completed interactive turn has no deliverable reply, including queued follow-ups, while preserving explicit silence, pending continuations, and committed side effects, honoring queued send policies, and treating compaction notices as progress. (#100456)
  • ·**Subprocess, maintenance, and output hardening:** keep child output failures from crashing exec and TUI sessions, isolate remote skill refresh and subagent sweeps, surface skill-scan and approval diagnostics, sanitize ANSI and stray parameter markup without losing visible text, and stop Android audio capture cleanly on device loss. (#100440)
  • ·**Docker sandbox command output:** fail and terminate Docker sandbox operations when stdout/stderr capture breaks instead of returning success with incomplete output. (#100523)
  • ·**Android push-to-talk lifecycle:** serialize gateway PTT preparation with app foreground and Manual Mic ownership so delayed work cannot restart, replace, or tear down a newer capture. (#100552)
  • ·**Lean local-model tools:** trim media generation, TTS, and PDF tools from lean agent surfaces while preserving explicit config and runtime opt-ins. (#88881)
  • ·**iOS development app identity:** keep the development app labeled OpenClaw while using its distinct debug icon to differentiate it from release builds.
  • ·**Android chat recovery:** preserve optimistic user messages and locally owned runs while reconnect and sequence-gap history snapshots catch up, preventing sent messages from disappearing or stale runs from taking ownership. (#100197)
  • ·**iOS QR gateway handoff:** stop VisionKit before delivering scanned setup codes, and keep deferred auth, approval, Watch, and foreground-node work bound to its originating gateway across reconnects. (#99572)
  • ·**Agent terminal failures:** surface a safe interactive reply when an agent run ends without visible output, while preserving completed message-tool delivery and heartbeat-specific guidance. (#99304)
  • ·**MCP loopback tool results:** preserve schema-valid text, image, and embedded-resource content through HTTP tool calls while rendering malformed or protocol-incompatible blocks as safe text. (#100336)
  • ·**Control UI tool-result images:** render direct image content blocks from Gateway history and make the delayed-send scroll E2E setup deterministic. (#100295)
  • ·**Control UI live tool ordering:** keep assistant stream text before its matching tool card when browser and Gateway timestamps disagree. (#93184)
  • ·**IRC Unicode messages:** split outbound PRIVMSG payloads on UTF-16 code-point boundaries so emoji cannot be cut into lone surrogates. (#96572)
  • ·**OpenAI realtime voice greetings:** prevent server VAD from creating a second outbound greeting while an explicit greeting response owns the turn, without disabling caller interruption. (#86285)
  • ·**Realtime voice tools:** filter malformed tool names at each OpenAI, Azure, and Google realtime payload boundary while preserving provider-specific valid names. (#89175)
  • ·**Discord voice status:** treat Discord error 10065 as a normal disconnected state while preserving unrelated REST failures. (#90969)
  • ·**Discord voice accounts:** isolate `@discordjs/voice` connections by Discord account and recover auto-join when gateway readiness predates listener registration. (#87530)
  • ·**iOS Voice Wake cleanup:** avoid initializing the microphone audio pipeline while disabling inactive Voice Wake, preventing simulator launch aborts and unnecessary audio setup.
  • ·**Reliability edge cases:** reject sub-millisecond cron durations, preserve generated proposal newlines, normalize blank integer inputs and fail embedded LSP startup promptly, surface persistence and memory-close failures, keep UTF-16 and plugin package verification correct, propagate Android cancellation, and defer Codex relay registry writes until listening. (#100399)
  • ·**Voice Call completed status:** resolve finalized calls from the full retained event store across Gateway, tool, and CLI status paths while preserving active-call lookup performance. (#99797)
  • ·**Agent stop recovery:** prevent late-aborting prompts from reacquiring orphaned session locks after teardown, so `/stop` leaves the conversation ready for the next turn.
  • ·**Message delivery status:** report failed and partially failed best-effort channel delivery instead of returning a success-shaped message-tool result. (#99928)
  • ·**WhatsApp credential recovery:** restore malformed primary auth state from a valid backup during startup. (#99070)
  • ·**WhatsApp quoted replies:** preserve bot-authored outbound quote metadata so replies to those messages keep their reply bubble in WhatsApp Desktop. (#94879)
  • ·**WhatsApp reconnect catch-up:** admit recently missed Baileys `append` messages during a bounded reconnect window while preserving startup stale-history guards. (#80642)
  • ·**WhatsApp restart recovery:** stop automatic restart loops after logged-out or connection-replaced disconnects until the account reconnects. (#78511)
  • ·**Local Gateway CLI auth:** keep loopback CLI token/password calls off durable device scopes so read probes cannot block later write/admin commands behind a stale pairing baseline. (#95997)
  • ·**Plugin module identity:** keep OpenClaw package chunks on Node's native module graph when jiti transforms plugin entries, preventing duplicate evaluation and class identity drift. (#88384)
  • ·**Shell completion repair:** generate core-only caches during doctor and update repair while preserving full plugin command completion for onboarding and explicit user rebuilds. (#76235)
  • ·**MCP schema diagnostics:** attribute draft-2020-12 compiler failures to the external MCP schema so malformed patterns produce actionable setup errors.
  • ·**Windows Scheduled Task recovery:** keep clean early exits inside the existing bounded launch poll, falling back only when neither the task process nor Gateway listener becomes observable.
  • ·**iMessage group warnings:** suppress the false drop-all startup warning when an effective group sender allowlist can admit groups, and point true empty-allowlist configurations at the correct remedy. (#100046)
  • ·**Control UI mobile login:** keep Gateway recovery guidance visible after connection failures, make the disconnected gate scroll safely on constrained screens, and improve mobile keyboard and tap-target behavior. (#100208)
  • ·**TUI streaming:** render delta-only assistant events in live Gateway and embedded TUI sessions instead of waiting for the final response. (#83000)
  • ·**Model aliases:** resolve provider-qualified aliases during session and chat-command model switches without collisions when providers share a display alias. (#100209)
  • ·**TUI new-session hooks:** create `/new` sessions through the shared Gateway lifecycle so command and session hooks receive the completed parent transcript in both Gateway and embedded modes, while preventing rollover during an active turn. (#100241, #49918)
  • ·**TUI abort diagnostics:** show sanitized tool argument-validation summaries for aborted runs in both Gateway and local TUI modes without exposing raw model arguments. (#91002)
  • ·**iOS Watch replies:** persist queued quick replies in the gateway-scoped chat outbox and submit them through idempotent chat delivery, preventing losses, duplicates, and cross-gateway sends after reconnects. (#100372)
  • ·**iOS Gateway auth retry:** restrict stored device-token retry to parsed loopback hosts and reject wildcard bind addresses, preventing remote lookalike hostnames from receiving trusted retry credentials. (#99859)
  • ·**Bedrock Mantle discovery:** bound model-catalog fetch time and response size, and release rejected response bodies so stalled, oversized, or failed provider responses fall back safely. (#99961)
  • ·**Discord thread-title prompts:** truncate generated-title message and channel context on UTF-16 boundaries so emoji cannot leave malformed model prompt text. (#101551)
  • ·**Mobile pairing routes:** advertise verified persistent Tailscale Serve fallbacks alongside `gateway.bind=lan` setup URLs, show every route in the Control UI and CLI, and let iOS save the first reachable endpoint. (#100280)
  • ·**Control UI terminal tabs:** vertically center the new-session button in the terminal tab strip.
  • ·**Control UI composer scrollbar:** show the message-field scrollbar only when the draft actually overflows its autosized height.
  • ·**Control UI terminal cursor:** hide the browser-native contenteditable caret so the integrated terminal shows only its canvas-rendered cursor.
  • ·**macOS SSH tunnels:** resolve user-installed SSH `ProxyCommand` helpers through the app's managed PATH while preserving inherited connection environment, so remote aliases work after Finder and sanitized-script launches.
  • ·**Control UI OpenAI speed picker:** show only Standard and Fast choices for OpenAI models.
  • ·**Control UI terminal rendering:** adopt the shared `@openclaw/libterminal` browser lifecycle and add Nerd Font fallbacks so icon-enabled shell listings render their glyphs when a compatible local font is installed.
  • ·**Slack transcript history:** let Codex app-server own its persisted assistant replies so Slack does not append redundant delivery-mirror rows, while the Control UI keeps legacy duplicate mirrors hidden.
  • ·**Control UI chat history:** hide redundant channel-final delivery mirrors when the preceding app-server assistant reply already shows the same text.
  • ·**Control UI chat spacing:** keep the first message comfortably clear of the topbar with a responsive minimum transcript inset.
  • ·**ClawRouter auth profiles:** resolve credential-scoped catalog models during agent runs when the proxy key is stored in an auth profile, and document plugin and model allowlists.
  • ·**Telegram durability:** retry restart-dropped media, survive transient polling errors, dead-letter poison updates, preserve forwarded rich text, route plugin callbacks correctly, keep progress updates in one stable multi-line window, map self-hosted Bot API container paths through trusted host roots, and fall back safely when Telegram rejects rich final replies. (#98102, #98735, #98775, #98776, #97174, #98907, #91984, #98786)
  • ·**Cross-channel inbound media:** preserve captions and expose unavailable-attachment notices when WhatsApp, LINE, Signal, iMessage, Microsoft Teams, Feishu, Mattermost, or Zalo cannot materialize inbound media, instead of dispatching phantom placeholders or dropping media-only turns. (#100092)
  • ·**Agent and context reliability:** preserve runtime overrides, steered subagent tasks, fallback tool-call hints, and legacy reseed attachments; soft-resume CLI sessions across prompt-only drift; improve harness-aware context estimation; time out silent local streams; recover mid-stream failures; and cap Gateway run-cache growth. (#92237, #77539, #99851, #99839, #99822, #97928, #98525, #95430, #77973)
  • ·**Provider and network safety:** bound oversized or malformed responses across Moonshot, MiniMax, Anthropic OAuth, Discord, Matrix, SMS, browser, update, embeddings, Tlön, and Inworld paths. (#96502, #96322, #96644, #97693, #97662, #97999, #98455, #98508, #98554, #98496, #98660)
  • ·**Channel delivery and routing:** keep Slack replies in active thread sessions, preserve account-bound delivery routes, apply response prefixes, and suppress internal traces and unwanted fallback replies. (#97168, #98240, #93639, #97989, #80928)
  • ·**Cron correctness:** preserve provider and model selections on timeouts, retain startup catch-up deferrals across maintenance reads, keep action-required output, clear blank thinking overrides, and preserve provider-owned daily-reset sessions. (#95943, #94022, #96393, #96293, #98356)
  • ·**Memory and session recovery:** detect unindexed transcripts, preserve notes through transient reads, avoid cross-directory resumes, disambiguate reserved wiki index pages, and skip empty QMD sync work. (#97857, #98360, #97785, #94326, #90030)
  • ·**Windows and execution:** bind allowlisted execution to the validated Windows path, propagate `PATHEXT`, normalize inbound paths case-insensitively, and prevent cleanup crashes on Windows. (#98260, #98093, #97630, #97901)
  • ·**Mobile and UI stability:** preserve iOS chat line breaks and final replies, improve Android pairing and TLS recovery, hide expired pairing cards, keep workspace file rails scrollable, restore copy-path over plain HTTP, and stop rubber-band scrolling in the Mac app Control UI. (#98304, #98117, #98366, #98439, #98483, #98049, #98646, #98611, #98764, #99830)
  • ·**Codex and approval flows:** report ChatGPT authentication correctly, rename destructive approval mode to `ask`, classify `get_goal` read statuses accurately, and derive terminal-idle timeouts from the explicit run deadline. (#91240, #98501, #98659, #85296)
  • ·**Configuration and plugin health:** restrict config traversal to owned properties, preserve config-health recovery state, surface unloadable channel plugins, preserve defaulted provider base URLs during patches, validate bundled plugin updates by manifest contract, resolve public artifacts from installed plugin roots, and retain legacy ClawHub families where required. (#99846, #99728, #96397, #98396, #98010, #98819, #98249)
  • ·**Runtime process safety:** prevent unhandled child-stream errors in SSH tunnels, supervisors, and MCP stdio transports; keep auto-replies from waiting on transcript mirroring; and avoid splitting Unicode characters in approval previews and LINE outbound fields. (#99800, #99802, #99803, #99549, #99566, #98994)
  • ·**Node runtime compatibility:** installers, the CLI launcher, doctor, and the macOS app now reject incompatible Node 23 runtimes and guide users toward supported Node 22 or 24 releases. (#99832)
  • ·**QQBot media delivery:** scope sandbox-generated media sends to the active session's workspace so `/workspace/...` and relative generated-file paths resolve safely across QQBot media tags, structured payloads, and streaming delivery. (#92872)

Complete contribution record

    Release verification

    • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.7.1-beta.5
    • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.7.1-beta.5.tgz
    • ·integrity: `sha512-ejdttiBZwk5RJmZdGD3gQPW1+4819pb0gyw4ZbGg/NcEAdozk6UQWq4n3P2XfDBgOn2k7D8fSKLcN+YDdJ77TA==`
    • ·release SHA: `b6387afd6d2e0f43c2ae98d2d124dbc277f03cca`; annotated tag signature verified by GitHub
    • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/29148493714
    • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/29148844710
    • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/29148844866
    • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/29149180434
    • ·exact registry-package Telegram E2E: https://github.com/openclaw/openclaw/actions/runs/29153274366
    • ·trusted live Telegram release QA: https://github.com/openclaw/openclaw/actions/runs/29153277474
    • ·release checks: https://github.com/openclaw/openclaw/actions/runs/29153264665 — 48 successful jobs, including QA parity, live Telegram, Windows/macOS fresh and upgrade, installer smoke, package acceptance, and Docker lanes
    • ·plugin prerelease validation: https://github.com/openclaw/openclaw/actions/runs/29153265183 — 30 successful jobs
    • ·product performance evidence: https://github.com/openclaw/openclaw/actions/runs/29153265976 — 6 successful jobs
    • ·dependency evidence: [`openclaw-2026.7.1-beta.5-dependency-evidence.zip`](https://github.com/openclaw/openclaw/releases/download/v2026.7.1-beta.5/openclaw-2026.7.1-beta.5-dependency-evidence.zip), SHA-256 `624d90e32e755eed7261ef59d546cb3d5800f76640b1514bb548e22a3c01ec77`
    • ·closeout evidence: [`openclaw-2026.7.1-beta.5-closeout-evidence.json`](https://github.com/openclaw/openclaw/releases/download/v2026.7.1-beta.5/openclaw-2026.7.1-beta.5-closeout-evidence.json), SHA-256 `cd4fb69d8a6f62abefb4dc0d0a58a63819cf3804880cfce06ada62809b64cb54`
    • ·The immutable beta.5 source fails its pinned `pnpm format:check` on 194 files. The historical-tag audit is recorded at https://github.com/openclaw/openclaw/actions/runs/29153226514, with its normal-CI child at https://github.com/openclaw/openclaw/actions/runs/29153266007.
    • ·The same historical CI child hit the 5-second timeout in `ui/src/pages/chat/chat-responsive.browser.test.ts:575`; the other 2,320 UI tests passed.
    • ·These failures prevent the canonical Full Release Validation manifest from being emitted. No gate was bypassed, the tag was not moved, and no package was republished. The attached closeout evidence records the successful independent lanes and the missing standard manifest/postpublish assets explicitly.
    v2026.7.1-beta.2pre-release2026-07-05

    openclaw 2026.7.1-beta.2

    GitHub ↗

    Highlights

    • ·**OpenAI GPT-5.6 support:** OpenClaw now recognizes the GPT-5.6 model family across catalog, capability, and runtime selection paths. (#98333)
    • ·**External harness attachment:** `openclaw attach` launches an external harness against an existing Gateway session, making interactive Codex-style workflows easier to resume and inspect. (#96454)
    • ·**Telegram Codex workflows:** Telegram can now start Codex pairing with `/login`, steer active Codex runs, and recover final replies across transient API failures. (#98006, #98126, #98786)
    • ·**Event-driven cron runs:** the new `on-exit` schedule kind wakes an agent when a watched command exits, while session-targeted runs can detach cleanly. (#92037, #98755)
    • ·**Native app refresh:** iOS adopts the iOS 26 visual system with clearer Chat, Talk, onboarding, and reconnect flows, while native app localization expands across Apple and Android surfaces. (#98452, #98736, #99243, #97110, #97111, #97112, #97113)
    • ·**Richer messaging:** iMessage gains native poll creation, reading, and voting, and built-in usage footers provide clearer per-turn accounting in chat. (#98421, #92657, #92877)
    • ·**Safer scoped conversations:** capability profiles prepare per-conversation tool and access boundaries without weakening the existing default profile. (#98536)
    • ·**Mac local Gateway setup:** the macOS app can now install and start its local Gateway automatically, reducing the manual setup needed before first use. (#99767)
    • ·**Control UI navigation:** a session-first sidebar, compact context meter, warm light theme, reasoning-effort slider, streamlined composer, and slash-command picker make active conversations and commands easier to reach. (#99289, #99426, #99838)

    Changes

    • ·**ClawRouter routing and quotas:** add the bundled ClawRouter provider plugin with credential-scoped dynamic model discovery, OpenAI-compatible and native Anthropic/Gemini transports, and managed budget reporting across OpenClaw usage surfaces. (#99658)
    • ·**Model and provider coverage:** add GPT-5.6 support, use Nemotron Super's 1M context window, and preserve explicit OpenRouter authentication headers. (#98333, #98726, #98187)
    • ·**CLI and node workflows:** add `openclaw attach`, node context-path support, actionable device-approval recovery guidance, soft-resume CLI sessions when prompt metadata changes, and clearer plugin install exit diagnostics. (#96454, #97679, #98115, #98146, #98497, #99822)
    • ·**Cron and usage:** add exit-triggered schedules, detached session-targeted runs, an in-flight job doctor warning, and a built-in full usage footer. (#92037, #98755, #98620, #92657, #92877)
    • ·**Native apps and localization:** modernize iOS presentation, Chat, Talk, onboarding, and reconnect flows; add Gateway speech providers; improve QR onboarding and protocol recovery; install the local Gateway from macOS; localize core Apple and Android surfaces; and add Swedish mobile localization. (#98452, #98736, #99243, #98376, #98302, #98385, #99767, #97110, #97111, #97112, #97113, #98043)
    • ·**Messaging capabilities:** add native iMessage polls, Telegram Codex pairing and steering, Telegram multi-lane progress summaries, and Signal target aliases. (#98421, #98006, #98126, #98907, #95738)
    • ·**Local inference and chat controls:** auto-discover Ollama inference nodes, add Control UI session-first navigation, reasoning controls, and command picking, and keep OpenClaw control tools available when deferred tool search selects the wrong tool family. (#99234, #99289, #99426, #99838, #99561)
    • ·**Doctor and diagnostics:** expose auth-profile, workspace, device-pairing, channel-plugin, memory-provider, systemd exhaustion, and Windows LAN firewall findings. (#97125, #97358, #97366, #97496, #97968, #98291, #98666)
    • ·**Conversation and review controls:** prepare scoped conversation capability profiles and add Cursor Agent as an autoreview engine. (#98536, #97348)

    Fixes

    • ·**ClawRouter auth profiles:** resolve credential-scoped catalog models during agent runs when the proxy key is stored in an auth profile, and document plugin and model allowlists.
    • ·**Telegram durability:** recover stalled ingress claims, retry restart-dropped media, survive transient polling errors, dead-letter poison updates, preserve forwarded rich text, route plugin callbacks correctly, keep progress updates in one stable multi-line window, throttle reconnect queue drains so fast healthy polls cannot starve active replies, and fall back safely when Telegram rejects rich final replies. (#97118, #98102, #98735, #98775, #98776, #97174, #98907, #98786)
    • ·**Agent and context reliability:** preserve runtime overrides, steered subagent tasks, fallback tool-call hints, and legacy reseed attachments; soft-resume CLI sessions across prompt-only drift; honor stop signals that arrive during eager session-lock acquisition before any provider prompt starts; improve harness-aware context estimation and compaction prechecks; time out silent local streams; recover mid-stream failures; and cap Gateway run-cache growth. (#92237, #77539, #99851, #99839, #99822, #97928, #97861, #98525, #95430, #77973)
    • ·**Provider and network safety:** bound oversized or malformed responses across Moonshot, MiniMax, Anthropic OAuth, Discord, Matrix, SMS, browser, update, embeddings, Tlön, and Inworld paths. (#96502, #96322, #96644, #97693, #97662, #97999, #98455, #98508, #98554, #98496, #98660)
    • ·**Channel delivery and routing:** keep Slack replies in the active thread, preserve account-bound delivery routes, apply response prefixes, suppress internal traces and unwanted fallback replies, and retain WeChat session routing for opaque account ids. (#97168, #98240, #89949, #93639, #97989, #80928, #93686)
    • ·**Cron correctness:** preserve provider and model selections on timeouts, retain startup catch-up deferrals, keep action-required output, clear blank thinking overrides, and preserve provider-owned daily-reset sessions. (#95943, #94022, #93810, #96393, #96293, #98356)
    • ·**Memory and session recovery:** detect unindexed transcripts, preserve notes through transient reads, avoid cross-directory resumes, disambiguate reserved wiki index pages, and skip empty QMD sync work. (#97857, #98360, #97785, #94326, #90030)
    • ·**Windows and execution:** bind allowlisted execution to the validated Windows path, propagate `PATHEXT`, normalize inbound paths case-insensitively, and prevent cleanup crashes on Windows. (#98260, #98093, #97630, #97901)
    • ·**Mobile and UI stability:** preserve iOS chat line breaks and final replies, improve Android pairing and TLS recovery, hide expired pairing cards, keep workspace file rails scrollable, restore copy-path over plain HTTP, and stop rubber-band scrolling in the Mac app Control UI. (#98304, #98117, #98366, #98439, #98483, #98049, #98646, #98611, #98764, #99830)
    • ·**Codex and approval flows:** report ChatGPT authentication correctly, rename destructive approval mode to `ask`, classify dynamic goal and session tool results accurately, and derive terminal-idle timeouts from the explicit run deadline. (#91240, #98501, #98659, #96856, #85296)
    • ·**Configuration and plugin health:** restrict config traversal to owned properties, preserve config-health recovery state, surface unloadable channel plugins, preserve defaulted provider base URLs during patches, validate bundled plugin updates by manifest contract, prefer installed launcher targets when resolving package roots so bundled channel setup entries load from nested installs, resolve public artifacts from installed plugin roots, and retain legacy ClawHub families where required. (#99846, #99728, #96397, #98396, #98010, #98819, #98249)
    • ·**Runtime process safety:** prevent unhandled child-stream errors in SSH tunnels, supervisors, and MCP stdio transports; keep auto-replies from waiting on transcript mirroring; and avoid splitting Unicode characters in approval previews and LINE outbound fields. (#99800, #99802, #99803, #99549, #99566, #98994)
    • ·**Node runtime compatibility:** installers, the CLI launcher, doctor, and the macOS app now reject incompatible Node 23 runtimes and guide users toward supported Node 22 or 24 releases. (#99832)
    • ·**QQBot media delivery:** scope sandbox-generated media sends to the active session's workspace so `/workspace/...` and relative generated-file paths resolve safely across QQBot media tags, structured payloads, and streaming delivery. (#92872)

    Complete contribution record

    • ·**PR #96502** fix(moonshot): bound video description JSON response reads.
    • ·**PR #98249** Preserve legacy ClawHub family for selected plugins.
    • ·**PR #93767** fix(reasoning-tags): strip MiniMax `mm:` namespaced reasoning tags.
    • ·**PR #93820** fix(imessage): recognize MiniMax mm: reasoning tags in reflection guard (completes #93767).
    • ·**PR #94096** fix(usage): reject inverted startDate-endDate range in usage.cost and sessions.usage.
    • ·**PR #97125** Doctor: expose auth profile findings.
    • ·**PR #98256** fix(mcp): require owner for Claude permission replies.
    • ·**PR #98142** fix(cli): stop `pairing list` crashing with empty channel enum.
    • ·**PR #98260** fix(exec): bind Windows allowlist execution path.
    • ·**PR #97118** fix(telegram): recover stalled ingress spool claims.
    • ·**PR #97168** fix(slack): prefer current thread session for inherited outbound replies. Related #96535.
    • ·**PR #97769** fix(plugins): apply output text transforms to toolcall_delta and toolcall_end events. Related #97761.
    • ·**PR #96544** fix(doctor): merge colliding model-ref map keys instead of dropping.
    • ·**PR #97177** fix(memory-wiki): gracefully handle unparsable YAML frontmatter in vault scans (#96125).
    • ·**PR #97167** fix #96840: [Bug]: Targetless message.send fails with 'Action send requires a target' in WebChat despite docs stating source-reply sink should handle it.
    • ·**PR #98302** fix(ios): advance onboarding step after QR scan. Related #98297.
    • ·**PR #96644** fix(anthropic-oauth): bound OAuth token endpoint response reads.
    • ·**PR #96397** fix: warn when configured channel plugins cannot load.
    • ·**PR #96359** test: migrate src/commands tests to shared temp dir helpers.
    • ·**PR #96293** fix(cron): clear agentTurn thinking override by blanking the field. Related #96287.
    • ·**PR #96058** test: prefer shared temp dir helpers in auto-reply and install-fallback tests.
    • ·**PR #87298** test: add temp directory helper guidance.
    • ·**PR #97785** fix(sessions): avoid cross-cwd recent resumes. Related #96542.
    • ·**PR #97698** fix(pdf): reject empty parsed page ranges before native analysis.
    • ·**PR #97693** fix(discord): bound requestDiscord happy-path response reads to prevent OOM.
    • ·**PR #97683** fix(irc): guard surrogate-range codepoints in \u literal-escape decoder.
    • ·**PR #96938** fix(utils): keep reply directive ids unicode-safe.
    • ·**PR #97857** fix(memory): detect unindexed session transcripts in status mode (fixes #97814).
    • ·**PR #98094** fix(android): clarify gateway auth recovery states.
    • ·**PR #98205** test(gateway): add unit tests for node wake state tracking and testing seam.
    • ·**PR #98115** fix: surface node approval guidance from devices CLI.
    • ·**PR #97898** docs: clarify source checkout Node floor. Related #97792.
    • ·**PR #94526** test(telegram): add regression test for forum topic message_thread_id with streamed reasoning. Related #89352.
    • ·**PR #98145** fix(device-pairing): don't churn requestId on subset re-requests.
    • ·**PR #98267** fix(system-prompt): move exec-approval + Authorized Senders below cache boundary. Related #98261.
    • ·**PR #98304** fix: preserve iOS chat line breaks. Related #98028.
    • ·**PR #98187** fix(openrouter): send explicit auth headers. Related #97934.
    • ·**PR #95708** fix: show WebChat preamble progress during tool activity.
    • ·**PR #98210** fix(gateway): iOS Talk treats SecretRef-backed API keys as missing. Related #98209.
    • ·**PR #98009** test(infra): add unit tests for SQLite number normalization.
    • ·**PR #98087** test(config): add unit tests for resolveExecCommandHighlighting.
    • ·**PR #98219** test(utils): add unit tests for chunkItems.
    • ·**PR #98093** fix(core): propagate caller env PATHEXT through isExecutableFile on Windows.
    • ·**PR #97973** fix(matrix): guard JSON.parse against malformed homeserver response bodies.
    • ·**PR #97999** fix(sms): guard Twilio JSON.parse against malformed API response bodies.
    • ·**PR #98043** Add Swedish mobile app localization.
    • ·**PR #98144** fix(tui): correct disconnect copy for device scope upgrades.
    • ·**PR #98240** fix(agents): keep merged delivery routes account-bound.
    • ·**PR #89949** fix(media): pin requester delivery route when task starts.
    • ·**PR #98226** Redact bare Fireworks API keys. Related #98225.
    • ·**PR #98319** docs: publish release notes for v2026.6.11.
    • ·**PR #98257** fix: show in-progress status for channel runs.
    • ·**PR #97931** fix(gateway): keep provider-owned CLI sessions across the daily default reset.
    • ·**PR #98325** docs: refresh docs map for v2026.6.11.
    • ·**PR #97929** fix(auto-reply): stop level directives from eating the next message word.
    • ·**PR #97928** fix(agents): estimate harness role sizes in context guard char estimator (fixes #97927).
    • ·**PR #97861** fix(compaction): count bashExecution and summary turns in pre-prompt overflow precheck.
    • ·**PR #97137** doctor: add memory search lint findings.
    • ·**PR #97358** Doctor: expose workspace status findings.
    • ·**PR #95622** test(qa-lab): harden whatsapp qa scenarios.
    • ·**PR #98346** fix: prevent skill-creator from bypassing workshop proposals. Related #96054.
    • ·**PR #98169** fix(heartbeat): scope commitment fan-out prompts.
    • ·**PR #97366** Doctor: expose device pairing findings.
    • ·**PR #98366** fix: Android TLS fingerprint verification times out on slow handshakes. Related #98365.
    • ·**PR #98353** fix(ios): open app on Chat by default.
    • ·**PR #98352** fix(security): warn on agent skill MCP boundary drift.
    • ·**PR #98347** fix: retry image describe fallback models.
    • ·**PR #98117** fix(ios): avoid transient duplicate final replies. Related #98116.
    • ·**PR #98293** fix(gateway): emit stale exec approval followup diagnostics.
    • ·**PR #98376** fix(ios): use Gateway speech providers in Talk. Related #98153.
    • ·**PR #66685** Suppress expired exec approval followup warnings.
    • ·**PR #98385** fix: show actionable mobile protocol mismatch recovery. Related #98384.
    • ·**PR #98146** fix(cli): explain how to recover from device approve deadlock.
    • ·**PR #98423** improve(ios): clarify Control and Talk visual hierarchy. Related #98397.
    • ·**PR #98217** fix(doctor): recover legacy cron archive across devices.
    • ·**PR #98333** feat(openai): add GPT-5.6 series support. Related #98296.
    • ·**PR #96393** fix(cron): preserve action-required command output. Related #96346.
    • ·**PR #98429** fix(ios): classify TLS fingerprint timeouts.
    • ·**PR #98439** fix: Android setup codes accept local mDNS gateway hosts.
    • ·**PR #98443** fix(ios): improve light and dark appearance contrast. Related #98440.
    • ·**PR #97742** fix(llm): preserve structured tool result text across providers.
    • ·**PR #97968** fix(status): surface unregistered memory embedding providers.
    • ·**PR #92237** fix(agents): preserve runtime settings overrides [AI-assisted].
    • ·**PR #95888** fix(active-memory): caveat mutable ops facts; mark truncated recall as incomplete.
    • ·**PR #98291** fix(gateway): surface systemd start-limit exhaustion.
    • ·**PR #90517** fix(gateway): hint missing external plugin for web login. Related #83277.
    • ·**PR #98369** test(infra): add unit tests for SQLite user_version pragma helper.
    • ·**PR #98340** fix: extension api.exec leaves child processes after timeout. Related #98335.
    • ·**PR #92063** fix(ui): collapse duplicate assistant groups during segmented streaming. Related #63956.
    • ·**PR #98354** fix(infra): guard delivery queue inflate against corrupted entry_json.
    • ·**PR #90566** fix(agents): warn on cron announce skip. Related #68561.
    • ·**PR #98371** fix(ports): validate lsof PID parsing before assignment.
    • ·**PR #98356** fix(cron): keep provider-owned CLI sessions across the daily default reset.
    • ·**PR #98395** test(shared): add unit tests for account enabled guard.
    • ·**PR #98411** fix(agents): recover thinking errors from provider body. Related #98308.
    • ·**PR #98494** docs(skills): support variable landable sweep batches.
    • ·**PR #91240** fix: report Codex ChatGPT status auth. Related #91099.
    • ·**PR #98370** test(agents): add unit tests for thinking block detection.
    • ·**PR #96711** test: prefer shared temp dir helpers in config, gateway, cron, crestodian, and state tests.
    • ·**PR #98483** fix: Android QR scan starts gateway pairing.
    • ·**PR #95230** fix docs-list-mdx-pages.
    • ·**PR #96322** fix(minimax): bound JSON response reads to prevent OOM.
    • ·**PR #95348** fix config-chmod-warning.
    • ·**PR #95229** fix(copilot): guard against undefined runtime.state during cli-metadata registration. Related #94516.
    • ·**PR #94636** fix(memory): skip raw snippets during promotion.
    • ·**PR #94013** [AI] fix(feishu): guard partial channelRuntime in monitor startup.
    • ·**PR #93466** [AI] fix(feishu): guard against missing inbound in channelRuntime fallback.
    • ·**PR #98049** fix: hide expired pairing QR cards in Control UI. Related #98039.
    • ·**PR #96094** fix(memory): prove live manager recovery after CLI reindex. Related #91167.
    • ·**PR #98482** fix: advertise route-aware LAN Control UI links.
    • ·**PR #71537** Recover archived (.reset) session transcripts in memory hook + session-logs skill.
    • ·**PR #96375** docs(config-agents): correct built-in alias table for opus and gpt.
    • ·**PR #98453** docs(gateway): fix Telegram streaming default in config-channels.md.
    • ·**PR #98533** fix: repair hosted CI baseline assertions.
    • ·**PR #98421** feat(imessage): native poll support — create, read, vote.
    • ·**PR #98318** docs(matrix): document missing streaming.progress mode, progress sub-fields, and mentionPatterns config.
    • ·**PR #97753** docs(onboard): document 11 missing non-interactive CLI flags.
    • ·**PR #97851** fix(mattermost): bound null-body error response reads.
    • ·**PR #98360** fix(memory-wiki): preserve notes after transient page reads. Related #98345.
    • ·**PR #98551** test: fix stale core test type failures.
    • ·**PR #98455** fix(browser): bound error body read in fetchHttpJson to prevent OOM.
    • ·**PR #95906** fix(code-mode): surface QuickJS error name and message to the model.
    • ·**PR #97901** fix(agents): stop copilot autoreview cleanup crash on Windows.
    • ·**PR #97923** fix(slack): truncate served arg-menu option labels on a surrogate boundary.
    • ·**PR #98010** fix(update): validate bundle plugin payloads by manifest contract. Related #97985.
    • ·**PR #85296** fix(codex): derive terminal-idle watchdog from explicit run timeout.
    • ·**PR #97110** feat(i18n): add native app locale inventory.
    • ·**PR #98396** fix: allow config.patch with defaulted provider baseUrl. Related #98270.
    • ·**PR #98503** fix(usage-bar): use Object.hasOwn instead of in operator to avoid prototype chain pollution. Related #98466.
    • ·**PR #97111** feat(android): localize core gateway surfaces.
    • ·**PR #97630** fix(media): normalize Windows inbound paths case-insensitively.
    • ·**PR #82638** fix(agents): skip implicit provider discovery when models.mode is 'replace' [AI-assisted]. Related #66957.
    • ·**PR #87917** fix sessions json lineage metadata. Related #80286.
    • ·**PR #93639** fix(message-tool): apply messages.responsePrefix to outbound sends.
    • ·**PR #94440** fix: #94432 classify Cloudflare challenge 403 as upstream_html instead of auth_html.
    • ·**PR #98119** fix: reduce Docker build memory pressure. Related #98118.
    • ·**PR #97679** feat(node): add --context-path flag to node run/install for reverse-p…. Related #97678.
    • ·**PR #98339** fix(irc): classify host-less nick!user allowlist entries as mutable.
    • ·**PR #97662** fix(matrix): bound raw transport response reads to prevent OOM.
    • ·**PR #98137** fix: hoist timer declaration to avoid TDZ ReferenceError in abortable delay.
    • ·**PR #98134** fix: clear timeout timer in Tailscale binary probe Promise.race.
    • ·**PR #97989** fix(sms): stop internal tool-trace banners from reaching SMS replies.
    • ·**PR #97972** fix(browser): CDP auth fails with percent-encoded credentials.
    • ·**PR #98063** fix(reply): suppress tool-error progress delivery when messages.suppressToolErrors is set.
    • ·**PR #94964** fix(reload): cancel deferred channel reload on in-process restart. Related #79487.
    • ·**PR #98598** fix: restore main lint after timer repairs. Related #98462, #98464.
    • ·**PR #98587** fix(slack): guard relay WebSocket frame JSON.parse against malformed input.
    • ·**PR #90030** fix(memory-core): skip qmd zero-hit search sync. Related #90023.
    • ·**PR #98493** fix(transcripts): close readline interface and destroy read stream on error exit. Related #98467.
    • ·**PR #98497** fix(cli): show exit code when plugin npm install returns empty output.
    • ·**PR #97112** feat(apple): localize core native app surfaces.
    • ·**PR #98610** fix: restore tooling CI after transcript test addition.
    • ·**PR #77539** fix(subagent): preserve steered task text on restart redispatch.
    • ·**PR #97113** feat(i18n): refresh all native locale artifacts.
    • ·**PR #98620** feat(doctor): warn about in-flight cron jobs.
    • ·**PR #98605** test(shared): add unit tests for human-readable list formatting.
    • ·**PR #97348** feat(autoreview): support cursor-agent engine.
    • ·**PR #95943** fix(cron): preserve provider/model on isolated-run timeout row. Related #95873.
    • ·**PR #94149** fix(status): bound systemd service probes so status cannot hang on a wedged systemctl (#84698).
    • ·**PR #88159** fix(cli): retry logs.tail after journal fallback in logs follow.
    • ·**PR #98508** fix(update-check): bound npm registry JSON response read to prevent OOM.
    • ·**PR #98496** fix(tlon): bound error response body reads to prevent OOM.
    • ·**PR #98554** fix(openai): bound embedding batch file downloads.
    • ·**PR #98652** fix: stop invalid message timeouts from stalling.
    • ·**PR #77973** fix(gateway): cap agentRunCache to prevent unbounded growth under run fan-out. Related #77976.
    • ·**PR #98525** fix(agents): time out local streams without first event.
    • ·**PR #94022** fix(cron): persist startup catch-up deferral ids in service state to prevent read-RPC clobber. Related #93935.
    • ·**PR #93810** fix(cron): preserve startup overflow catch-up deferrals in start() maintenance pass.
    • ·**PR #98623** fix: media tools skip env-key provider plugins when auto-selecting models.
    • ·**PR #98665** fix(claude-cli): return updatedInput in can_use_tool allow response for Claude Code 2.1. Related #95171.
    • ·**PR #94250** fix(feishu): send blocks as independent messages when blockStreaming is enabled. Related #55027.
    • ·**PR #93379** fix(whatsapp): thread authDir through command authorization and owner bypass for LID JID resolution. Related #77755.
    • ·**PR #98646** fix: keep workspace rail file sections scrollable. Related #98566.
    • ·**PR #98602** fix: iOS Talk fallback settings opens Voice & Talk. Related #98593.
    • ·**PR #98611** fix(ui): add overflow-y:auto to workspace rail sections to prevent file list overflow (fixes #98566).
    • ·**PR #98619** fix(qa-lab): credential lease requests fail on oversized Convex broker responses.
    • ·**PR #94326** fix(memory-wiki): disambiguate the reserved index page stem for synthesis and ingest.
    • ·**PR #98659** fix(codex): classify get_goal read statuses as successful dynamic tool calls.
    • ·**PR #96856** fix(codex): successful sessions_spawn and goal tool results recorded as failures.
    • ·**PR #98660** fix(inworld): guard voices JSON.parse against malformed API response bodies.
    • ·**PR #95430** fix(embedded-agent-runner): pump async streamFn through pumpStreamWithRecovery for mid-stream error recovery. Related #95429.
    • ·**PR #98644** fix: tool summaries preserve emoji truncation boundaries.
    • ·**PR #80928** fix(telegram): suppress fallback reply when plugin command returns suppressReply: true. Related #80756.
    • ·**PR #98701** fix: prevent agents-tools message test timeouts.
    • ·**PR #92657** feat(usage): ship built-in /usage full footer.
    • ·**PR #92877** fix(usage): make built-in footer easier to wrap on Telegram.
    • ·**PR #98126** Restore Telegram /steer for active Codex runs. Related #81594.
    • ·**PR #92037** feat(cron): on-exit schedule — wake on a watched command's exit.
    • ·**PR #98452** feat(ios): modernize the app with iOS 26 Liquid Glass.
    • ·**PR #98006** Add Telegram /login Codex pairing flow.
    • ·**PR #98735** fix(telegram): preserve rich forwarded message text.
    • ·**PR #97962** refactor(qa): use transport-native actions in flow scenarios.
    • ·**PR #98726** fix(nvidia): use Nemotron Super 1M context.
    • ·**PR #98691** fix(imessage): shed emoji anywhere in poll-vote echo match.
    • ·**PR #97174** Fix Telegram plugin callback routing.
    • ·**PR #89597** fix: migrate QQBot credential backups to SQLite KV.
    • ·**PR #98536** feat: prepare scoped conversation capability profiles.
    • ·**PR #92274** fix(agents): classify embedded prompt lock error as permanent announce failure. Related #91527.
    • ·**PR #98102** fix(telegram): durably retry inbound media dropped during restart (#98076).
    • ·**PR #98755** fix(cron): detach session-targeted runs. Related #98121.
    • ·**PR #96065** fix(install): manage config-secretref env refs via OPENCLAW_SERVICE_MANAGED_ENV_KEYS.
    • ·**PR #98666** fix: diagnose Windows LAN Gateway firewall blocks.
    • ·**PR #98501** fix(codex): rename destructive approval mode to ask. Related #98499.
    • ·**PR #98775** fix(telegram): survive transient getUpdates errors and stop per-send cache rewrites. Related #98772, #98773.
    • ·**PR #98776** fix(telegram): back off, dead-letter, and tombstone spooled updates so poison messages cannot block or duplicate. Related #98774.
    • ·**PR #96454** feat(cli): openclaw attach — launch an external harness bound to a gateway session.
    • ·**PR #98786** fix(telegram): final replies no longer drop on rejected rich entities, captions, quotes, or long flood waits. Related #98778.
    • ·**PR #97496** Doctor: expose channel plugin blocker findings.
    • ·**PR #98792** fix(ci): restore docs and test type checks.
    • ·**PR #98736** improve(ios): simplify Talk controls and composer alignment.
    • ·**PR #98183** fix(gateway): distinguish reachable gateway from failed status probe.
    • ·**PR #98808** docs(telegram): move maintainer decisions into scoped AGENTS.md with reliability invariants.
    • ·**PR #98138** fix: guard setDeep against empty keys array in Chrome profile decoration.
    • ·**PR #92283** fix(agents): don't inject A2A turns into isolated-cron sessions_send (#92257).
    • ·**PR #98812** fix(codex): preserve plugin app approvals in side conversations.
    • ·**PR #97889** fix(discord): guard JSON.parse against malformed API response bodies.
    • ·**PR #98689** fix(wizard): reject loose gateway port input. Related #98681.
    • ·**PR #98720** fix(nostr): clear per-relay publish timeout timer to prevent dangling handles. Related #98463.
    • ·**PR #98787** fix(memory-wiki): retry transient existing-page reads in wiki_apply and chatgpt import.
    • ·**PR #98818** fix(ci): recover incomplete Swift build caches.
    • ·**PR #98811** feat(ios): modernize navigation and settings. Related #98803.
    • ·**PR #98843** docs: update mobile app release messaging.
    • ·**PR #93209** test: prefer auto-cleaning temp dir helper.
    • ·**PR #98789** fix(telegram): sends and actions without an account id ignore the configured defaultAccount.
    • ·**PR #98806** fix(telegram): webhook updates survive crashes and restarts via durable spooling. Related #98777.
    • ·**PR #98688** fix(fal): route grok-imagine and nano-banana-2-lite edits to correct endpoints.
    • ·**PR #98891** fix(agents): normalize non-array tool-result content at transcript ingest. Related #98825.
    • ·**PR #98781** fix(imessage): poll render vote-cue, cross-run echo suppression, and comment fold.
    • ·**PR #97500** Doctor: expose tool result cap findings.
    • ·**PR #98769** fix: Telegram replies duplicate recent context after sent replies. Related #98767.
    • ·**PR #98933** fix(agents): stop gateway crash from wedged claude-cli turns and persist heartbeat session bindings. Related #98894, #98895.
    • ·**PR #98934** fix(agents): recover claude-cli context-overflow sessions and keep retry artifacts alive. Related #98897.
    • ·**PR #98908** refactor(agents): fold assistant string normalization into transcript ingest.
    • ·**PR #98738** fix(agents): fail fast with attributable reason after MCP stdio session dies mid-run.
    • ·**PR #98879** fix: backup skips volatile cache paths. Related #98865.
    • ·**PR #98942** fix(agents): unify claude-cli output classification across live and one-shot paths. Related #98896.
    • ·**PR #98932** fix(anthropic): restore Fable 5 Vertex simple completions.
    • ·**PR #98947** fix(cron): restore persistent session targets.
    • ·**PR #96523** fix(agents): preserve embedded OpenAI completions usage.
    • ·**PR #98758** perf(build): reduce plugin SDK declaration package size. Related #98757.
    • ·**PR #98877** fix(mattermost): include later team members in peer directory. Related #98871.
    • ·**PR #98953** feat(ios): refine the chat experience. Related #98929.
    • ·**PR #98876** fix(terminal): preserve sibling home-prefix paths. Related #98872.
    • ·**PR #98930** feat(ios): PR1 brand color palette overhaul.
    • ·**PR #94566** fix(android): make offline chat actionable.
    • ·**PR #98955** fix(agents): preserve fresh tool result text under aggregate cap. Related #98874.
    • ·**PR #98059** [codex] Support Android selected photo access.
    • ·**PR #98914** fix(android): return settings details to their originating tab on Back.
    • ·**PR #98898** fix(ios): back from settings details returns to the originating screen.
    • ·**PR #98235** fix(feishu): include video upload duration.
    • ·**PR #98966** fix(discord): gate guild metadata reads [AI].
    • ·**PR #98985** fix: clean up iOS About page copy. Related #98943.
    • ·**PR #98856** fix(ios): gateway error shows twice on the Settings Gateway page.
    • ·**PR #98936** fix: Control row icons use inconsistent row styling (iOS). Related #98916.
    • ·**PR #98040** [codex] Fix Android camera snap cleanup.
    • ·**PR #99039** fix(macos): stop runtime config-health sidecar access. Related #98917.
    • ·**PR #92667** ci: add process exec CodeQL security shard.
    • ·**PR #98055** [codex] Gate Android Talk capture starts in background.
    • ·**PR #98067** [codex] Cancel Android gateway pending RPCs on close.
    • ·**PR #98698** fix(android): show specific gateway auth-recovery reason instead of generic label. Related #98046.
    • ·**PR #83826** test(android): poll for stale TLS probe cleanup in auth test.
    • ·**PR #98983** fix(agents): handle variadic claude --mcp-config and serialize gemini credential staging. Related #98944, #98945.
    • ·**PR #99145** fix(auto-reply): suppress room-event notice leaks.
    • ·**PR #99144** fix(auto-reply): default room events to silence.
    • ·**PR #98608** fix: Mattermost fails to load after configured plugin repair. Related #98564.
    • ·**PR #99143** fix(telegram): keep group history always on. Related #99142.
    • ·**PR #99159** fix(agents): claude-cli lifecycle cleanup — loopback fail-loud, exit-0 failover, bounded reseed, image sweep, one prepare cleanup owner. Related #98946.
    • ·**PR #98391** Expose disk space doctor lint findings.
    • ·**PR #98835** fix(config/sessions): narrow reply-session initialization revision to identity fields. Related #98672.
    • ·**PR #99123** fix(android): ignore chat events with missing assistant role in voice text extraction.
    • ·**PR #99147** fix(android): preserve split SMS permission grants.
    • ·**PR #99107** fix(android): bracket IPv6 hosts in manual gateway URL composition.
    • ·**PR #99158** fix: require Android contact and calendar write permissions in onboarding.
    • ·**PR #99110** fix(android): strip ws scheme prefix from manual gateway host input. Related #87216.
    • ·**PR #99212** fix(ci): session concurrency test flakes during child handshake.
    • ·**PR #94385** fix(feishu): preserve button command values in fallback text and add Feishu comment guidance with callback privacy. Related #69754.
    • ·**PR #98563** fix: route iOS OpenAI realtime Talk through WebRTC.
    • ·**PR #99204** fix: require Android contact and calendar write permissions.
    • ·**PR #99134** fix: OAuth refresh failures report reauth instead of stale success. Related #99120.
    • ·**PR #99153** fix: clean up Android camera clips on cancellation.
    • ·**PR #99118** [codex] fix(memory-lancedb): align apache arrow peer dependency. Related #90295.
    • ·**PR #98066** fix: keep iOS LAN QR pairing authenticated after bootstrap. Related #98064.
    • ·**PR #99155** fix: stop iOS screen recording after cancellation.
    • ·**PR #95973** fix(telegram): explain disabled plugin approval failures. Related #95800.
    • ·**PR #99233** fix: ignore test-only network CI guard lines.
    • ·**PR #98951** fix: strict guarded fetch fails before managed proxy DNS. Related #98925.
    • ·**PR #99137** fix: prevent Voice Wake crash after Talk audio capture.
    • ·**PR #99052** fix: Update Dark/Light mode UI control appearance. Related #98995.
    • ·**PR #99245** fix(ios): return chat to originating control detail.
    • ·**PR #92602** fix(android): queue node events until gateway connect. Related #79552.
    • ·**PR #98277** fix: keep Android gateway settings save idempotent.
    • ·**PR #99256** fix(auto-reply): single canonical group history and deduped turn metadata. Related #99218.
    • ·**PR #99259** fix(android): use Bluetooth microphones for voice capture. Related #96241.
    • ·**PR #98751** test(qa): prove native command targeting across QA transports.
    • ·**PR #98779** test(qa): cover expanded Crabline bindings.
    • ·**PR #99262** test(qa): cover Crabline Signal sends.
    • ·**PR #99261** refactor(shared): establish lazy runtime loader foundation.
    • ·**PR #99264** test(qa): cover Crabline Mattermost sends.
    • ·**PR #99265** test(qa): cover Crabline Matrix sends.
    • ·**PR #98400** Expose heartbeat template doctor lint findings.
    • ·**PR #98695** Expose legacy plugin manifest doctor lint findings.
    • ·**PR #99278** refactor(shared): consolidate core leaf lazy loaders.
    • ·**PR #99274** fix(zalo): match native bot identity fields.
    • ·**PR #99126** test(discord): clarify and guardrail gateway proxy selection. Related #98266.
    • ·**PR #99290** feat(ios): add licenses settings screen.
    • ·**PR #98907** fix(telegram): distinguish and render streamed reasoning/commentary progress lanes.
    • ·**PR #99294** fix(qa): stagger isolated worker startup.
    • ·**PR #99276** fix(memory-wiki): source imports crash on unreadable pages.
    • ·**PR #99296** refactor(shared): consolidate gateway and stateful runtime lazy loaders.
    • ·**PR #98768** Allow alternate Zalo Bot API roots.
    • ·**PR #99298** refactor(shared): consolidate Discord Slack and Telegram lazy loaders.
    • ·**PR #99307** fix(memory-wiki): avoid implicit error coercion.
    • ·**PR #99306** feat(auto-reply): persist ambient room events as transcript rows. Related #99257.
    • ·**PR #99302** refactor(shared): consolidate remaining channel lazy loaders.
    • ·**PR #99303** test(qa): cover Crabline Zalo transport.
    • ·**PR #99299** feat(android): add licenses settings screen.
    • ·**PR #99220** fix(ios): onboarding Retry Connection does nothing after editing gateway details. Related #99219.
    • ·**PR #98749** refactor(shared): consolidate provider and utility lazy loaders.
    • ·**PR #99355** fix(ci): restore Telegram and plugin SDK guard checks.
    • ·**PR #88899** fix(android): render chat content through Markdown. Related #88014.
    • ·**PR #99310** test(qa): migrate channel streaming evidence to transport flow.
    • ·**PR #99350** fix(ios): add Photos permission controls. Related #99046.
    • ·**PR #99361** refactor(plugins): consolidate record guards.
    • ·**PR #99359** refactor(shared): consolidate core record guards.
    • ·**PR #97208** fix: avoid DeepSeek-native thinking on OpenRouter V4. Related #97196.
    • ·**PR #99385** fix(sessions): scope ambient transcript watermark to session id. Related #99373.
    • ·**PR #99389** fix(auto-reply): restore per-turn message-tool delivery contract. Related #99371.
    • ·**PR #98269** fix(android): derive Voice readiness from Gateway catalog. Related #98268.
    • ·**PR #92872** fix(qqbot): allow scoped sandbox media sends.
    • ·**PR #99414** fix(android): expose exact gateway recovery actions. Related #98045, #98046.
    • ·**PR #99289** feat: session-first sidebar, compact context ring, and warm light theme for the Control UI. Related #99288.
    • ·**PR #99234** feat(nodes): add auto-discovered Ollama inference. Related #99228.
    • ·**PR #97095** fix: memory_search honors generic embedding providers.
    • ·**PR #98841** fix(gateway): include session label in deriveSessionTitle fallback chain. Related #98742.
    • ·**PR #99301** fix(feishu): catch unhandled promise rejection in streaming card flush timer.
    • ·**PR #99391** fix(compaction): count nested tool result content. Related #99375.
    • ·**PR #99407** fix(daemon): avoid loading full gateway logs during diagnostics.
    • ·**PR #99291** Fix/issue 98958 gateway lock fd leak. Related #98958.
    • ·**PR #99475** fix(ios): contacts.add crashes the app via unfetched CNContactFormatter keys.
    • ·**PR #98003** fix(anthropic): wire buildGuardedModelFetch into the Cloudflare createClient branch.
    • ·**PR #99425** fix: strip conda env marker from host tool runs. Related #99424.
    • ·**PR #99398** fix(cli): reject unsafe sessions tail counts.
    • ·**PR #98855** fix: chat.send no reply when thinking metadata is set.
    • ·**PR #98752** Rework Android gateway onboarding setup.
    • ·**PR #99446** fix(agents): preserve fd find failures.
    • ·**PR #99152** fix(config): use Object.hasOwn instead of in operator in restoreOriginalValueOrThrow.
    • ·**PR #99460** fix: redact dotted API key activity previews. Related #99459.
    • ·**PR #99455** fix: long mobile media recordings time out.
    • ·**PR #99410** fix(subagents): match requesterSessionKey when controllerSessionKey differs in list filter. Related #75593.
    • ·**PR #98791** feat(signal): show status reactions during inbound replies.
    • ·**PR #98683** fix(ui): keep landscape composer compact. Related #98615.
    • ·**PR #99428** fix(logging): redact Telegram bot tokens from timeout URLs. Related #96982.
    • ·**PR #99217** Preserve Codex output after missing turn completion.
    • ·**PR #99520** fix(gateway): declare the dev agent required by the gateway e2e session key. Related #99513.
    • ·**PR #95738** feat(signal): add target aliases.
    • ·**PR #98258** improve: make native chat scrolling reader-managed. Related #98255.
    • ·**PR #99506** fix: keep always-on group fallback messages in dispatch. Related #99457.
    • ·**PR #89671** fix(google-meet): force English Meet UI via hl=en so automation works on any locale.
    • ·**PR #98130** fix(infra): bound jsonl-socket response buffer to prevent OOM.
    • ·**PR #99526** fix(agents): preserve primitive tool result output. Related #99523.
    • ·**PR #99525** fix(imessage): recognize bare hex group chat identifiers as chat targets. Related #89235.
    • ·**PR #99098** fix: harden native i18n identifier filtering.
    • ·**PR #99099** fix: harden docs map heading rendering.
    • ·**PR #98725** Expose legacy plugin dependency doctor lint findings.
    • ·**PR #99595** fix(agents): keep cli session binding facts session-stable. Related #99372.
    • ·**PR #90152** fix(telegram): stop duplicate fallback when dispatch fails after final reply.
    • ·**PR #98729** Expose stale plugin runtime symlink doctor lint findings.
    • ·**PR #99591** fix(android): preserve numeric invoke error codes.
    • ·**PR #98406** Expose WhatsApp responsiveness doctor lint findings.
    • ·**PR #99570** fix(android): reject IPv6 zone IDs in gateway endpoint URLs.
    • ·**PR #99557** fix(android): filter device and internal sessions from thread picker.
    • ·**PR #99568** fix(android): block self-package notification forwarding in allowlist mode.
    • ·**PR #99592** fix(android): parse talk directive aliases case-insensitively.
    • ·**PR #99477** fix: avoid iOS node permission prompts.
    • ·**PR #99374** improve(qa): standardize script evidence output.
    • ·**PR #99468** improve: tighten iOS Control row density. Related #99439.
    • ·**PR #99642** test: avoid cross-OS socket close event race.
    • ·**PR #89967** fix(macos): LaunchAgent starts gateway on external home volumes. Related #87199.
    • ·**PR #98613** fix(media): guard ffprobe JSON parse against malformed output.
    • ·**PR #97839** fix: log terminal session persistence failures. Related #97795.
    • ·**PR #99247** feat: clarify iOS Location Always permission flow.
    • ·**PR #98224** fix(auto-reply): strip stray punctuation before silent-reply token detection.
    • ·**PR #97328** fix(google): rotate Gemini API keys for LLM requests.
    • ·**PR #99661** fix(macos): remote mode fails with managed SSH aliases.
    • ·**PR #99649** fix(qa): defer partial Crabline recorder rows. Related #99648.
    • ·**PR #99211** Expose legacy cron store doctor lint findings.
    • ·**PR #99629** test(qa): redact script evidence diagnostics.
    • ·**PR #99647** Fix Slack retry for session init conflicts.
    • ·**PR #99628** improve: enforce canonical QA scenario ownership. Related #99627.
    • ·**PR #99632** refactor(qa): simplify transport adapter contracts. Related #99622.
    • ·**PR #99656** test(qa): use full-turn budget for native stop recovery. Related #99655.
    • ·**PR #99605** fix(google): bound OAuth token error response reads.
    • ·**PR #99679** fix(qa): consume Crabline events without recorder polling. Related #99664.
    • ·**PR #99687** refactor(infra): consolidate SHA-256 digest helpers. Related #99675.
    • ·**PR #98796** [AI-assisted] feat(android): add chat command controls.
    • ·**PR #99671** refactor: consolidate number coercion callers. Related #99667.
    • ·**PR #99640** fix: CLI agent session resume churns when owner and non-owner alternate in a group. Related #99633.
    • ·**PR #99682** refactor(models): consolidate catalog ref parsing. Related #99674.
    • ·**PR #99566** fix(exec): avoid splitting surrogate pairs in approval display.
    • ·**PR #99702** refactor: remove redundant unique-list aliases. Related #99697.
    • ·**PR #99246** feat(ios): implement branded typography design system.
    • ·**PR #99710** fix(build): Docker package preparation misses plugin SDK declarations.
    • ·**PR #99715** refactor: consolidate image data URL formatting.
    • ·**PR #98764** fix(ui): copy workspace file paths over plain HTTP. Related #98759.
    • ·**PR #99678** fix(build): forward default exports through stable runtime aliases. Related #99677.
    • ·**PR #99370** fix(file-transfer): don't inline zero-byte files as image content blocks.
    • ·**PR #99540** fix(doctor): shell completion install fails doctor when profile is read-only. Related #99237.
    • ·**PR #99718** refactor(text): consolidate cleanup owners.
    • ·**PR #98819** fix(plugins): resolve public artifacts from installed plugin roots. Related #98740.
    • ·**PR #99721** refactor: consolidate async timing helpers.
    • ·**PR #99722** fix: group agent session resume churns when messages toggle between @-mention and plain. Related #99696.
    • ·**PR #99676** refactor: consolidate string reader mechanics. Related #99663.
    • ·**PR #99705** improve(qa): execute runtime scenarios through Docker.
    • ·**PR #99231** improve: native iOS look with stock SwiftUI navigation, forms, chat, and talk visualizer. Related #99195.
    • ·**PR #99549** fix(auto-reply): don't block reply completion on transcript mirror.
    • ·**PR #99736** fix(qa): prevent smoke gateways from losing built files. Related #99734.
    • ·**PR #99658** feat(providers): add ClawRouter routing and quotas. Related #99657.
    • ·**PR #99238** Expose channel preview warning doctor findings.
    • ·**PR #99759** fix(providers): resolve ClawRouter auth-profile models.
    • ·**PR #99561** fix: keep OpenClaw control tools available when tool_search misroutes. Related #99464.
    • ·**PR #99750** refactor: consolidate exact boolean coercion.
    • ·**PR #99753** refactor: consolidate abort primitives.
    • ·**PR #99426** feat: add slash command picker in chat composer.
    • ·**PR #99771** refactor: consolidate free-port test helpers.
    • ·**PR #99755** refactor: consolidate policy-free deferred promises.
    • ·**PR #99719** refactor(net): consolidate URL protocol predicates.
    • ·**PR #99743** fix: avoid native command QA timeout under CI contention.
    • ·**PR #99368** fix(qa): prevent qa smoke ci timeouts under gateway concurrency.
    • ·**PR #99778** refactor(scripts): share regexp literal escaping.
    • ·**PR #99737** test: add executable runtime fixture canaries.
    • ·**PR #99735** test(qa): exercise Gateway and MCP scenarios over real transports.
    • ·**PR #99784** fix(qa): stabilize primary smoke runtime evidence.
    • ·**PR #99726** fix(onboard): skip unavailable skill installers via lifecycle readiness preflight.
    • ·**PR #99793** ci: reuse one package in QA smoke.
    • ·**PR #99767** feat(macos): install and run the local Gateway automatically. Related #99764.
    • ·**PR #99820** ci: increase artifact Testbox memory.
    • ·**PR #99822** feat: soft-resume CLI sessions on prompt drift instead of hard invalidation. Related #99729.
    • ·**PR #99129** fix(markdown-core): use Object.hasOwn instead of in operator in parseFrontmatterBlock.
    • ·**PR #99803** fix(mcp): suppress unhandled error on stderr pipe in stdio transport.
    • ·**PR #99802** fix(supervisor): suppress unhandled stream errors on child stdout/stderr.
    • ·**PR #99800** fix(ssh-tunnel): handle spawn error to prevent unhandled rejection crash.
    • ·**PR #99653** fix(cli): hide synthetic Claude reseed prompts. Related #99646.
    • ·**PR #99728** fix(config): preserve recovery state during config-health migration. Related #99280.
    • ·**PR #99839** fix(gateway): preserve legacy reseed attachments.
    • ·**PR #99830** fix: stop rubber-band bounce of the Control UI shell in the Mac app web view.
    • ·**PR #99851** fix(agents): preserve fallback tool-call hints.
    • ·**PR #98994** fix(line): truncate outbound altText, location, menu, and code fields on code point boundaries.
    • ·**PR #99846** fix(config): restrict config paths to own properties.
    • ·**PR #99861** fix(telegram): one outbound rich-HTML normalizer and one rich-to-plain fallback policy. Related #99833.
    • ·**PR #99866** fix(telegram): classify inbound events from the canonical mention decision so direct mentions stop lurking. Related #99854.
    • ·**PR #99832** fix: reject incompatible Node 23 runtimes.
    • ·**PR #99243** Polish iOS onboarding and chat critique fixes.
    • ·**PR #99714** perf(usage): shrink durable usage cache entries. Related #99511.
    • ·**PR #99838** feat: declutter the Control UI shell — reasoning effort slider, borderless composer controls, version out of the sidebar. Related #99837.
    • ·**PR #93686** fix(weixin): startAccount preserves session routing. Related #93556.

    Release verification

    • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.7.1-beta.2
    • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.7.1-beta.2.tgz
    • ·integrity: `sha512-KYPBQnAfEb/9qrxlw/96a90mMQeKdAZdUABMROOue9Ph2oFbnDGezZjd5Bmw4WhRyzgyvHOHqHje/swGipC4xA==`
    • ·release SHA: `a580a7fe3fbd1b3329c978d58ca2f70e8ca37aee`
    • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.7.1-beta.2/release-evidence.md
    • ·release publish: https://github.com/openclaw/openclaw/actions/runs/28735224348
    • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/28717730132
    • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/28717729503
    • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/28735371120
    • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/28735371597
    • ·plugin ClawHub bootstrap: not needed
    • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/28735575588
    • ·npm Telegram beta E2E: not supplied
    v2026.7.1-beta.1pre-release2026-07-02

    openclaw 2026.7.1-beta.1

    GitHub ↗

    Highlights

    • ·**OpenAI GPT-5.6 support:** OpenClaw now recognizes the GPT-5.6 model family across catalog, capability, and runtime selection paths. (#98333)
    • ·**External harness attachment:** `openclaw attach` launches an external harness against an existing Gateway session, making interactive Codex-style workflows easier to resume and inspect. (#96454)
    • ·**Telegram Codex workflows:** Telegram can now start Codex pairing with `/login`, steer active Codex runs, and recover final replies across transient API failures. (#98006, #98126, #98786)
    • ·**Event-driven cron runs:** the new `on-exit` schedule kind wakes an agent when a watched command exits, while session-targeted runs can detach cleanly. (#92037, #98755)
    • ·**Native app refresh:** iOS adopts the iOS 26 visual system with clearer navigation, settings, Chat, Talk, and onboarding flows, while native app localization expands across Apple and Android surfaces. (#98452, #98736, #98811, #97110, #97111, #97112, #97113)
    • ·**Richer messaging:** iMessage gains native poll creation, reading, and voting, and built-in usage footers provide clearer per-turn accounting in chat. (#98421, #92657, #92877)
    • ·**Safer scoped conversations:** capability profiles prepare per-conversation tool and access boundaries without weakening the existing default profile. (#98536)

    Changes

    • ·**Model and provider coverage:** add GPT-5.6 support, use Nemotron Super's 1M context window, and preserve explicit OpenRouter authentication headers. (#98333, #98726, #98187)
    • ·**CLI and node workflows:** add `openclaw attach`, node context-path support, actionable device-approval recovery guidance, and clearer plugin install exit diagnostics. (#96454, #97679, #98115, #98146, #98497)
    • ·**Cron and usage:** add exit-triggered schedules, detached session-targeted runs, an in-flight job doctor warning, and a built-in full usage footer. (#92037, #98755, #98620, #92657, #92877)
    • ·**Native apps and localization:** modernize iOS navigation, settings, presentation, and Talk controls, add Gateway speech providers, improve QR onboarding and protocol recovery, localize core Apple and Android surfaces, and add Swedish mobile localization. (#98452, #98736, #98811, #98376, #98302, #98385, #97110, #97111, #97112, #97113, #98043)
    • ·**Messaging capabilities:** add native iMessage polls and Telegram Codex pairing and steering flows. (#98421, #98006, #98126)
    • ·**Doctor and diagnostics:** expose auth-profile, workspace, device-pairing, channel-plugin, memory-provider, systemd exhaustion, and Windows LAN firewall findings. (#97125, #97358, #97366, #97496, #97968, #98291, #98666)
    • ·**Conversation and review controls:** prepare scoped conversation capability profiles and add Cursor Agent as an autoreview engine. (#98536, #97348)

    Fixes

    • ·**Telegram durability:** recover stalled ingress claims, retry restart-dropped media, survive transient polling errors, dead-letter poison updates, preserve forwarded rich text, route plugin callbacks correctly, and fall back safely when rich final replies are rejected. (#97118, #98102, #98735, #98775, #98776, #97174, #98786)
    • ·**Agent and context reliability:** preserve runtime overrides and steered subagent tasks, keep isolated cron `sessions_send` replies from feeding back into the requester, improve harness-aware context estimation and compaction prechecks, time out silent local streams, recover mid-stream failures, and cap Gateway run-cache growth. (#92237, #92283, #77539, #97928, #97861, #98525, #95430, #77973)
    • ·**Provider and network safety:** bound oversized or malformed responses across Moonshot, MiniMax, Anthropic OAuth, Discord, Matrix, SMS, browser, update, embeddings, Tlön, and Inworld paths. (#96502, #96322, #96644, #97693, #97889, #97662, #97999, #98455, #98508, #98554, #98496, #98660)
    • ·**Channel delivery and routing:** keep Slack replies in the active thread, preserve account-bound delivery routes, apply response prefixes, suppress internal traces and unwanted fallback replies, clear Nostr relay publish timers, and retain WeChat session routing for opaque account ids. (#97168, #98240, #89949, #93639, #97989, #80928, #98720, #93686)
    • ·**Cron correctness:** preserve provider and model selections on timeouts, retain startup catch-up deferrals, keep action-required output, clear blank thinking overrides, and preserve provider-owned daily-reset sessions. (#95943, #94022, #93810, #96393, #96293, #98356)
    • ·**Memory and session recovery:** detect unindexed transcripts, preserve notes and hand-edited frontmatter through transient wiki reads during note updates and ChatGPT imports without weakening directory and hardlink collision guards, avoid cross-directory resumes, disambiguate reserved wiki index pages, and skip empty QMD sync work. (#97857, #98360, #98787, #97785, #94326, #90030)
    • ·**Windows and execution:** bind allowlisted execution to the validated Windows path, propagate `PATHEXT`, normalize inbound paths case-insensitively, and prevent cleanup crashes on Windows. (#98260, #98093, #97630, #97901)
    • ·**Mobile and UI stability:** preserve iOS chat line breaks and final replies, improve Android pairing and TLS recovery, hide expired pairing cards, and keep workspace file rails scrollable. (#98304, #98117, #98366, #98439, #98483, #98049, #98646, #98611)
    • ·**Codex and approval flows:** report ChatGPT authentication correctly, preserve plugin app approvals in side conversations, rename destructive approval mode to `ask`, classify dynamic goal and session tool results accurately, and derive terminal-idle timeouts from the explicit run deadline. (#91240, #98812, #98501, #98659, #96856, #85296)
    • ·**Configuration and plugin health:** surface unloadable channel plugins, preserve defaulted provider base URLs during patches, validate bundled plugin updates by manifest contract, and retain legacy ClawHub families where required. (#96397, #98396, #98010, #98249)
    • ·**Gateway, browser, and setup diagnostics:** distinguish a reachable Gateway from a failed status probe, reject loosely parsed Gateway ports during setup, and avoid creating stray Chrome profile configuration keys from empty paths. (#98183, #98689, #98138)

    Complete contribution record

    • ·**PR #96502** fix(moonshot): bound video description JSON response reads.
    • ·**PR #98249** Preserve legacy ClawHub family for selected plugins.
    • ·**PR #93767** fix(reasoning-tags): strip MiniMax `mm:` namespaced reasoning tags.
    • ·**PR #93820** fix(imessage): recognize MiniMax mm: reasoning tags in reflection guard (completes #93767).
    • ·**PR #94096** fix(usage): reject inverted startDate-endDate range in usage.cost and sessions.usage.
    • ·**PR #97125** Doctor: expose auth profile findings.
    • ·**PR #98256** fix(mcp): require owner for Claude permission replies.
    • ·**PR #98142** fix(cli): stop `pairing list` crashing with empty channel enum.
    • ·**PR #98260** fix(exec): bind Windows allowlist execution path.
    • ·**PR #97118** fix(telegram): recover stalled ingress spool claims.
    • ·**PR #97168** fix(slack): prefer current thread session for inherited outbound replies. Related #96535.
    • ·**PR #97769** fix(plugins): apply output text transforms to toolcall_delta and toolcall_end events. Related #97761.
    • ·**PR #96544** fix(doctor): merge colliding model-ref map keys instead of dropping.
    • ·**PR #97177** fix(memory-wiki): gracefully handle unparsable YAML frontmatter in vault scans (#96125).
    • ·**PR #97167** fix #96840: [Bug]: Targetless message.send fails with 'Action send requires a target' in WebChat despite docs stating source-reply sink should handle it.
    • ·**PR #98302** fix(ios): advance onboarding step after QR scan. Related #98297.
    • ·**PR #96644** fix(anthropic-oauth): bound OAuth token endpoint response reads.
    • ·**PR #96397** fix: warn when configured channel plugins cannot load.
    • ·**PR #96359** test: migrate src/commands tests to shared temp dir helpers.
    • ·**PR #96293** fix(cron): clear agentTurn thinking override by blanking the field. Related #96287.
    • ·**PR #96058** test: prefer shared temp dir helpers in auto-reply and install-fallback tests.
    • ·**PR #87298** test: add temp directory helper guidance.
    • ·**PR #97785** fix(sessions): avoid cross-cwd recent resumes. Related #96542.
    • ·**PR #97698** fix(pdf): reject empty parsed page ranges before native analysis.
    • ·**PR #97693** fix(discord): bound requestDiscord happy-path response reads to prevent OOM.
    • ·**PR #97683** fix(irc): guard surrogate-range codepoints in \u literal-escape decoder.
    • ·**PR #96938** fix(utils): keep reply directive ids unicode-safe.
    • ·**PR #97857** fix(memory): detect unindexed session transcripts in status mode (fixes #97814).
    • ·**PR #98094** fix(android): clarify gateway auth recovery states.
    • ·**PR #98205** test(gateway): add unit tests for node wake state tracking and testing seam.
    • ·**PR #98115** fix: surface node approval guidance from devices CLI.
    • ·**PR #97898** docs: clarify source checkout Node floor. Related #97792.
    • ·**PR #94526** test(telegram): add regression test for forum topic message_thread_id with streamed reasoning. Related #89352.
    • ·**PR #98145** fix(device-pairing): don't churn requestId on subset re-requests.
    • ·**PR #98267** fix(system-prompt): move exec-approval + Authorized Senders below cache boundary. Related #98261.
    • ·**PR #98304** fix: preserve iOS chat line breaks. Related #98028.
    • ·**PR #98187** fix(openrouter): send explicit auth headers. Related #97934.
    • ·**PR #95708** fix: show WebChat preamble progress during tool activity.
    • ·**PR #98210** fix(gateway): iOS Talk treats SecretRef-backed API keys as missing. Related #98209.
    • ·**PR #98009** test(infra): add unit tests for SQLite number normalization.
    • ·**PR #98087** test(config): add unit tests for resolveExecCommandHighlighting.
    • ·**PR #98219** test(utils): add unit tests for chunkItems.
    • ·**PR #98093** fix(core): propagate caller env PATHEXT through isExecutableFile on Windows.
    • ·**PR #97973** fix(matrix): guard JSON.parse against malformed homeserver response bodies.
    • ·**PR #97999** fix(sms): guard Twilio JSON.parse against malformed API response bodies.
    • ·**PR #98043** Add Swedish mobile app localization.
    • ·**PR #98144** fix(tui): correct disconnect copy for device scope upgrades.
    • ·**PR #98240** fix(agents): keep merged delivery routes account-bound.
    • ·**PR #89949** fix(media): pin requester delivery route when task starts.
    • ·**PR #98226** Redact bare Fireworks API keys. Related #98225.
    • ·**PR #98319** docs: publish release notes for v2026.6.11.
    • ·**PR #98257** fix: show in-progress status for channel runs.
    • ·**PR #97931** fix(gateway): keep provider-owned CLI sessions across the daily default reset.
    • ·**PR #98325** docs: refresh docs map for v2026.6.11.
    • ·**PR #97929** fix(auto-reply): stop level directives from eating the next message word.
    • ·**PR #97928** fix(agents): estimate harness role sizes in context guard char estimator (fixes #97927).
    • ·**PR #97861** fix(compaction): count bashExecution and summary turns in pre-prompt overflow precheck.
    • ·**PR #97137** doctor: add memory search lint findings.
    • ·**PR #97358** Doctor: expose workspace status findings.
    • ·**PR #95622** test(qa-lab): harden whatsapp qa scenarios.
    • ·**PR #98346** fix: prevent skill-creator from bypassing workshop proposals. Related #96054.
    • ·**PR #98169** fix(heartbeat): scope commitment fan-out prompts.
    • ·**PR #97366** Doctor: expose device pairing findings.
    • ·**PR #98366** fix: Android TLS fingerprint verification times out on slow handshakes. Related #98365.
    • ·**PR #98353** fix(ios): open app on Chat by default.
    • ·**PR #98352** fix(security): warn on agent skill MCP boundary drift.
    • ·**PR #98347** fix: retry image describe fallback models.
    • ·**PR #98117** fix(ios): avoid transient duplicate final replies. Related #98116.
    • ·**PR #98293** fix(gateway): emit stale exec approval followup diagnostics.
    • ·**PR #98376** fix(ios): use Gateway speech providers in Talk. Related #98153.
    • ·**PR #66685** Suppress expired exec approval followup warnings.
    • ·**PR #98385** fix: show actionable mobile protocol mismatch recovery. Related #98384.
    • ·**PR #98146** fix(cli): explain how to recover from device approve deadlock.
    • ·**PR #98423** improve(ios): clarify Control and Talk visual hierarchy. Related #98397.
    • ·**PR #98217** fix(doctor): recover legacy cron archive across devices.
    • ·**PR #98333** feat(openai): add GPT-5.6 series support. Related #98296.
    • ·**PR #96393** fix(cron): preserve action-required command output. Related #96346.
    • ·**PR #98429** fix(ios): classify TLS fingerprint timeouts.
    • ·**PR #98439** fix: Android setup codes accept local mDNS gateway hosts.
    • ·**PR #98443** fix(ios): improve light and dark appearance contrast. Related #98440.
    • ·**PR #97742** fix(llm): preserve structured tool result text across providers.
    • ·**PR #97968** fix(status): surface unregistered memory embedding providers.
    • ·**PR #92237** fix(agents): preserve runtime settings overrides [AI-assisted].
    • ·**PR #95888** fix(active-memory): caveat mutable ops facts; mark truncated recall as incomplete.
    • ·**PR #98291** fix(gateway): surface systemd start-limit exhaustion.
    • ·**PR #90517** fix(gateway): hint missing external plugin for web login. Related #83277.
    • ·**PR #98369** test(infra): add unit tests for SQLite user_version pragma helper.
    • ·**PR #98340** fix: extension api.exec leaves child processes after timeout. Related #98335.
    • ·**PR #92063** fix(ui): collapse duplicate assistant groups during segmented streaming. Related #63956.
    • ·**PR #98354** fix(infra): guard delivery queue inflate against corrupted entry_json.
    • ·**PR #90566** fix(agents): warn on cron announce skip. Related #68561.
    • ·**PR #98371** fix(ports): validate lsof PID parsing before assignment.
    • ·**PR #98356** fix(cron): keep provider-owned CLI sessions across the daily default reset.
    • ·**PR #98395** test(shared): add unit tests for account enabled guard.
    • ·**PR #98411** fix(agents): recover thinking errors from provider body. Related #98308.
    • ·**PR #98494** docs(skills): support variable landable sweep batches.
    • ·**PR #91240** fix: report Codex ChatGPT status auth. Related #91099.
    • ·**PR #98370** test(agents): add unit tests for thinking block detection.
    • ·**PR #96711** test: prefer shared temp dir helpers in config, gateway, cron, crestodian, and state tests.
    • ·**PR #98483** fix: Android QR scan starts gateway pairing.
    • ·**PR #95230** fix docs-list-mdx-pages.
    • ·**PR #96322** fix(minimax): bound JSON response reads to prevent OOM.
    • ·**PR #95348** fix config-chmod-warning.
    • ·**PR #95229** fix(copilot): guard against undefined runtime.state during cli-metadata registration. Related #94516.
    • ·**PR #94636** fix(memory): skip raw snippets during promotion.
    • ·**PR #94013** [AI] fix(feishu): guard partial channelRuntime in monitor startup.
    • ·**PR #93466** [AI] fix(feishu): guard against missing inbound in channelRuntime fallback.
    • ·**PR #98049** fix: hide expired pairing QR cards in Control UI. Related #98039.
    • ·**PR #96094** fix(memory): prove live manager recovery after CLI reindex. Related #91167.
    • ·**PR #98482** fix: advertise route-aware LAN Control UI links.
    • ·**PR #71537** Recover archived (.reset) session transcripts in memory hook + session-logs skill.
    • ·**PR #96375** docs(config-agents): correct built-in alias table for opus and gpt.
    • ·**PR #98453** docs(gateway): fix Telegram streaming default in config-channels.md.
    • ·**PR #98533** fix: repair hosted CI baseline assertions.
    • ·**PR #98421** feat(imessage): native poll support — create, read, vote.
    • ·**PR #98318** docs(matrix): document missing streaming.progress mode, progress sub-fields, and mentionPatterns config.
    • ·**PR #97753** docs(onboard): document 11 missing non-interactive CLI flags.
    • ·**PR #97851** fix(mattermost): bound null-body error response reads.
    • ·**PR #98360** fix(memory-wiki): preserve notes after transient page reads. Related #98345.
    • ·**PR #98551** test: fix stale core test type failures.
    • ·**PR #98455** fix(browser): bound error body read in fetchHttpJson to prevent OOM.
    • ·**PR #95906** fix(code-mode): surface QuickJS error name and message to the model.
    • ·**PR #97901** fix(agents): stop copilot autoreview cleanup crash on Windows.
    • ·**PR #97923** fix(slack): truncate served arg-menu option labels on a surrogate boundary.
    • ·**PR #98010** fix(update): validate bundle plugin payloads by manifest contract. Related #97985.
    • ·**PR #85296** fix(codex): derive terminal-idle watchdog from explicit run timeout.
    • ·**PR #97110** feat(i18n): add native app locale inventory.
    • ·**PR #98396** fix: allow config.patch with defaulted provider baseUrl. Related #98270.
    • ·**PR #98503** fix(usage-bar): use Object.hasOwn instead of in operator to avoid prototype chain pollution. Related #98466.
    • ·**PR #97111** feat(android): localize core gateway surfaces.
    • ·**PR #97630** fix(media): normalize Windows inbound paths case-insensitively.
    • ·**PR #82638** fix(agents): skip implicit provider discovery when models.mode is 'replace' [AI-assisted]. Related #66957.
    • ·**PR #87917** fix sessions json lineage metadata. Related #80286.
    • ·**PR #93639** fix(message-tool): apply messages.responsePrefix to outbound sends.
    • ·**PR #94440** fix: #94432 classify Cloudflare challenge 403 as upstream_html instead of auth_html.
    • ·**PR #98119** fix: reduce Docker build memory pressure. Related #98118.
    • ·**PR #97679** feat(node): add --context-path flag to node run/install for reverse-p…. Related #97678.
    • ·**PR #98339** fix(irc): classify host-less nick!user allowlist entries as mutable.
    • ·**PR #97662** fix(matrix): bound raw transport response reads to prevent OOM.
    • ·**PR #98137** fix: hoist timer declaration to avoid TDZ ReferenceError in abortable delay.
    • ·**PR #98134** fix: clear timeout timer in Tailscale binary probe Promise.race.
    • ·**PR #97989** fix(sms): stop internal tool-trace banners from reaching SMS replies.
    • ·**PR #97972** fix(browser): CDP auth fails with percent-encoded credentials.
    • ·**PR #98063** fix(reply): suppress tool-error progress delivery when messages.suppressToolErrors is set.
    • ·**PR #94964** fix(reload): cancel deferred channel reload on in-process restart. Related #79487.
    • ·**PR #98598** fix: restore main lint after timer repairs. Related #98462, #98464.
    • ·**PR #98587** fix(slack): guard relay WebSocket frame JSON.parse against malformed input.
    • ·**PR #90030** fix(memory-core): skip qmd zero-hit search sync. Related #90023.
    • ·**PR #98493** fix(transcripts): close readline interface and destroy read stream on error exit. Related #98467.
    • ·**PR #98497** fix(cli): show exit code when plugin npm install returns empty output.
    • ·**PR #97112** feat(apple): localize core native app surfaces.
    • ·**PR #98610** fix: restore tooling CI after transcript test addition.
    • ·**PR #77539** fix(subagent): preserve steered task text on restart redispatch.
    • ·**PR #97113** feat(i18n): refresh all native locale artifacts.
    • ·**PR #98620** feat(doctor): warn about in-flight cron jobs.
    • ·**PR #98605** test(shared): add unit tests for human-readable list formatting.
    • ·**PR #97348** feat(autoreview): support cursor-agent engine.
    • ·**PR #95943** fix(cron): preserve provider/model on isolated-run timeout row. Related #95873.
    • ·**PR #94149** fix(status): bound systemd service probes so status cannot hang on a wedged systemctl (#84698).
    • ·**PR #88159** fix(cli): retry logs.tail after journal fallback in logs follow.
    • ·**PR #98508** fix(update-check): bound npm registry JSON response read to prevent OOM.
    • ·**PR #98496** fix(tlon): bound error response body reads to prevent OOM.
    • ·**PR #98554** fix(openai): bound embedding batch file downloads.
    • ·**PR #98652** fix: stop invalid message timeouts from stalling.
    • ·**PR #77973** fix(gateway): cap agentRunCache to prevent unbounded growth under run fan-out. Related #77976.
    • ·**PR #98525** fix(agents): time out local streams without first event.
    • ·**PR #94022** fix(cron): persist startup catch-up deferral ids in service state to prevent read-RPC clobber. Related #93935.
    • ·**PR #93810** fix(cron): preserve startup overflow catch-up deferrals in start() maintenance pass.
    • ·**PR #98623** fix: media tools skip env-key provider plugins when auto-selecting models.
    • ·**PR #98665** fix(claude-cli): return updatedInput in can_use_tool allow response for Claude Code 2.1. Related #95171.
    • ·**PR #94250** fix(feishu): send blocks as independent messages when blockStreaming is enabled. Related #55027.
    • ·**PR #93379** fix(whatsapp): thread authDir through command authorization and owner bypass for LID JID resolution. Related #77755.
    • ·**PR #98646** fix: keep workspace rail file sections scrollable. Related #98566.
    • ·**PR #98602** fix: iOS Talk fallback settings opens Voice & Talk. Related #98593.
    • ·**PR #98611** fix(ui): add overflow-y:auto to workspace rail sections to prevent file list overflow (fixes #98566).
    • ·**PR #98619** fix(qa-lab): credential lease requests fail on oversized Convex broker responses.
    • ·**PR #94326** fix(memory-wiki): disambiguate the reserved index page stem for synthesis and ingest.
    • ·**PR #98659** fix(codex): classify get_goal read statuses as successful dynamic tool calls.
    • ·**PR #96856** fix(codex): successful sessions_spawn and goal tool results recorded as failures.
    • ·**PR #98660** fix(inworld): guard voices JSON.parse against malformed API response bodies.
    • ·**PR #95430** fix(embedded-agent-runner): pump async streamFn through pumpStreamWithRecovery for mid-stream error recovery. Related #95429.
    • ·**PR #98644** fix: tool summaries preserve emoji truncation boundaries.
    • ·**PR #80928** fix(telegram): suppress fallback reply when plugin command returns suppressReply: true. Related #80756.
    • ·**PR #98701** fix: prevent agents-tools message test timeouts.
    • ·**PR #92657** feat(usage): ship built-in /usage full footer.
    • ·**PR #92877** fix(usage): make built-in footer easier to wrap on Telegram.
    • ·**PR #98126** Restore Telegram /steer for active Codex runs. Related #81594.
    • ·**PR #92037** feat(cron): on-exit schedule — wake on a watched command's exit.
    • ·**PR #98452** feat(ios): modernize the app with iOS 26 Liquid Glass.
    • ·**PR #98006** Add Telegram /login Codex pairing flow.
    • ·**PR #98735** fix(telegram): preserve rich forwarded message text.
    • ·**PR #97962** refactor(qa): use transport-native actions in flow scenarios.
    • ·**PR #98726** fix(nvidia): use Nemotron Super 1M context.
    • ·**PR #98691** fix(imessage): shed emoji anywhere in poll-vote echo match.
    • ·**PR #97174** Fix Telegram plugin callback routing.
    • ·**PR #89597** fix: migrate QQBot credential backups to SQLite KV.
    • ·**PR #98536** feat: prepare scoped conversation capability profiles.
    • ·**PR #92274** fix(agents): classify embedded prompt lock error as permanent announce failure. Related #91527.
    • ·**PR #98102** fix(telegram): durably retry inbound media dropped during restart (#98076).
    • ·**PR #98755** fix(cron): detach session-targeted runs. Related #98121.
    • ·**PR #96065** fix(install): manage config-secretref env refs via OPENCLAW_SERVICE_MANAGED_ENV_KEYS.
    • ·**PR #98666** fix: diagnose Windows LAN Gateway firewall blocks.
    • ·**PR #98501** fix(codex): rename destructive approval mode to ask. Related #98499.
    • ·**PR #98775** fix(telegram): survive transient getUpdates errors and stop per-send cache rewrites. Related #98772, #98773.
    • ·**PR #98776** fix(telegram): back off, dead-letter, and tombstone spooled updates so poison messages cannot block or duplicate. Related #98774.
    • ·**PR #96454** feat(cli): openclaw attach — launch an external harness bound to a gateway session.
    • ·**PR #98786** fix(telegram): final replies no longer drop on rejected rich entities, captions, quotes, or long flood waits. Related #98778.
    • ·**PR #97496** Doctor: expose channel plugin blocker findings.
    • ·**PR #98792** fix(ci): restore docs and test type checks.
    • ·**PR #98736** improve(ios): simplify Talk controls and composer alignment.
    • ·**PR #97889** fix(discord): guard JSON.parse against malformed API response bodies.
    • ·**PR #98812** fix(codex): preserve plugin app approvals in side conversations.
    • ·**PR #92283** fix(agents): don't inject A2A turns into isolated-cron sessions_send (#92257).
    • ·**PR #98138** fix: guard setDeep against empty keys array in Chrome profile decoration.
    • ·**PR #98183** fix(gateway): distinguish reachable gateway from failed status probe.
    • ·**PR #98689** fix(wizard): reject loose gateway port input. Related #98681.
    • ·**PR #98720** fix(nostr): clear per-relay publish timeout timer to prevent dangling handles. Related #98463.
    • ·**PR #98818** fix(ci): recover incomplete Swift build caches.
    • ·**PR #98787** fix(memory-wiki): retry transient existing-page reads in wiki_apply and chatgpt import.
    • ·**PR #98811** feat(ios): modernize navigation and settings. Related #98803.
    • ·**PR #98843** docs: update mobile app release messaging.
    • ·**PR #93686** fix(weixin): startAccount preserves session routing. Related #93556.

    Release verification

    • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.7.1-beta.1
    • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.7.1-beta.1.tgz
    • ·integrity: `sha512-Yu/ELLje9mxvFTlaxVGHnIkKvHcLnoEj3AQhzmhpP4k8Fi7/ln0NvYnBgaZ2BJ8tdAAsq3iZ8uroRUuXiMB0dg==`
    • ·release SHA: `4eb1d333cfeca440b796b6a3f70d3c2bef996243`
    • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.7.1-beta.1/release-evidence.md
    • ·release publish: https://github.com/openclaw/openclaw/actions/runs/28571485937
    • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/28569693832
    • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/28569693812
    • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/28571834366
    • ·plugin ClawHub publish: success: https://github.com/openclaw/openclaw/actions/runs/28571835541
    • ·plugin ClawHub bootstrap: not needed
    • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/28572195585
    • ·package Telegram E2E: passed in release checks: https://github.com/openclaw/openclaw/actions/runs/28569815816/job/84705725486
    • ·advisory WhatsApp live QA: blocked before scenarios by exhausted Convex credential pool after two attempts: https://github.com/openclaw/openclaw/actions/runs/28569693831
    v2026.6.112026-06-30

    openclaw 2026.6.11

    GitHub ↗

    Highlights

    • ·Fixes newer Google Chat direct messages sometimes being treated like group conversations, so they reach the correct one-to-one chat while Space and group-chat messages keep their existing routing. [#58993](https://github.com/openclaw/openclaw/pull/58993)
    • ·Feishu voice replies from OpenClaw now show their duration in the chat bubble, so recipients can see how long the audio is before playing it. [#89172](https://github.com/openclaw/openclaw/pull/89172) Related [#53798](https://github.com/openclaw/openclaw/issues/53798).
    • ·Discord and Telegram replies and mirrored chat history stay tied to the intended conversation more consistently, including across repeated Telegram replies and session changes. [#89911](https://github.com/openclaw/openclaw/pull/89911)
    • ·Background image, video, and music results now return to the chat that requested them when the task starts without a full conversation target, instead of appearing to fail after creation or being sent to the wrong peer as the session moves. [#89949](https://github.com/openclaw/openclaw/pull/89949) Related [#86034](https://github.com/openclaw/openclaw/issues/86034).
    • ·Telegram answers now stay attached to the user's current question when they quote an earlier bot message, while quotes of other people's messages still reply to the selected quote. [#90475](https://github.com/openclaw/openclaw/pull/90475)
    • ·QQBot group admins can choose how broadly slash commands are available, and private-only commands now direct users to a private chat instead of being exposed or silently ignored in groups. [#92154](https://github.com/openclaw/openclaw/pull/92154)
    • ·Heartbeat checks using reasoning-capable models now show the assistant's intended reply instead of exposing internal reasoning in Telegram, WhatsApp, and other channels, while opt-in Thinking messages still work. [#92356](https://github.com/openclaw/openclaw/pull/92356) Related [#92260](https://github.com/openclaw/openclaw/issues/92260).
    • ·Telegram progress-mode chats now clear an old progress bubble before newer tool output or artifacts appear, keeping the conversation in a clean, readable order. [#93002](https://github.com/openclaw/openclaw/pull/93002) Related [#90753](https://github.com/openclaw/openclaw/issues/90753).
    • ·iMessage command-and-link messages now stay together as one OpenClaw turn when delayed link previews arrive, while unrelated quick messages remain separate for users who enabled same-sender DM coalescing. [#93143](https://github.com/openclaw/openclaw/pull/93143)
    • ·Successful Discord replies sent through the message tool no longer trigger a misleading failure warning in affected `message_tool_only` source-channel turns. [#94072](https://github.com/openclaw/openclaw/pull/94072) Related [#93875](https://github.com/openclaw/openclaw/issues/93875).
    • ·WhatsApp group conversations now preserve the right message and group context more reliably during retries, reconnects, and group changes. [#94338](https://github.com/openclaw/openclaw/pull/94338) Related [#7433](https://github.com/openclaw/openclaw/issues/7433).
    • ·Fixes OpenClaw sometimes replying to its own delayed iMessage echoes when stray leading characters keep the sent message from being recognized. [#94442](https://github.com/openclaw/openclaw/pull/94442)
    • ·Telegram webhook users can keep receiving DMs and group messages through brief channel restarts, configuration reloads, and recovery cycles without temporary message blackouts. [#94506](https://github.com/openclaw/openclaw/pull/94506) Related [#90254](https://github.com/openclaw/openclaw/issues/90254).
    • ·Matrix E2EE gateways can stay online during long-running use instead of gradually consuming memory until a crash takes channels and in-flight work down. [#94942](https://github.com/openclaw/openclaw/pull/94942) Related [#90455](https://github.com/openclaw/openclaw/issues/90455).
    • ·Telegram users now see the intended native reaction instead of leaked instructions or a dropped reaction-only reply, with success recorded only after Telegram accepts it. [#94977](https://github.com/openclaw/openclaw/pull/94977) Related [#71140](https://github.com/openclaw/openclaw/issues/71140).
    • ·Telegram progress updates for commands, searches, updates, and API activity now stay readable instead of exposing noisy HTML or code-style rows, with plain-text fallback when Telegram cannot parse the formatting. [#95007](https://github.com/openclaw/openclaw/pull/95007) Related [#95002](https://github.com/openclaw/openclaw/issues/95002).
    • ·Telegram conversations continued in WebChat now show one assistant reply per turn and keep later replies with the active conversation instead of duplicating answers or sending them back to Telegram. [#95069](https://github.com/openclaw/openclaw/pull/95069) Related [#94930](https://github.com/openclaw/openclaw/issues/94930).
    • ·Google Chat now hides misleading internal failure banners when a tool result is harmless, leaving users with the completed answer while normal assistant text remains unchanged. [#95084](https://github.com/openclaw/openclaw/pull/95084) Related [#90684](https://github.com/openclaw/openclaw/issues/90684).
    • ·Bound multi-agent channel conversations now load the workspace files for the configured agent instead of the default agent, though previously misfiled conversations may start fresh in the corrected agent store. [#95118](https://github.com/openclaw/openclaw/pull/95118) Related [#92903](https://github.com/openclaw/openclaw/issues/92903).
    • ·People sharing an OpenClaw gateway can now assign different models to individual direct-message contacts across supported chat channels, while existing group and wildcard model choices keep working as before. [#95120](https://github.com/openclaw/openclaw/pull/95120) Related [#53638](https://github.com/openclaw/openclaw/issues/53638).
    • ·Telegram now shows that OpenClaw is still working during short initial previews or progress-mode replies instead of leaving the chat silent until the final message arrives. [#95183](https://github.com/openclaw/openclaw/pull/95183) Related [#95004](https://github.com/openclaw/openclaw/issues/95004).
    • ·Matrix users and operators now get a clear failure when a homeserver sends an oversized or stalled response, instead of OpenClaw continuing to buffer it and risking unbounded memory use. [#95240](https://github.com/openclaw/openclaw/pull/95240)
    • ·Fixes delayed or missing Telegram and other queued channel replies in Kubernetes-style deployments with many injected environment variables, where opening the queue database could stall the gateway. [#95278](https://github.com/openclaw/openclaw/pull/95278) Related [#94571](https://github.com/openclaw/openclaw/issues/94571).
    • ·Telegram chats recover after one stuck message times out, allowing later messages in the same chat or topic to reach the agent without restarting the gateway. [#95299](https://github.com/openclaw/openclaw/pull/95299) Related [#95248](https://github.com/openclaw/openclaw/issues/95248).
    • ·When people switch between Telegram and another OpenClaw client in a shared direct conversation, short Telegram replies now follow the latest conversation instead of responding to an older, unrelated Telegram proposal. [#95390](https://github.com/openclaw/openclaw/pull/95390) Related [#95378](https://github.com/openclaw/openclaw/issues/95378).
    • ·Fixes completed assistant messages appearing twice in Telegram, Discord, Slack, and other streamed chats after a multi-message reply. [#95432](https://github.com/openclaw/openclaw/pull/95432)
    • ·WhatsApp replies now stay attached to the direct or group message being answered instead of appearing as a separate message that loses the conversation context. [#95483](https://github.com/openclaw/openclaw/pull/95483)
    • ·Telegram rich-message replies now keep paragraphs, bullets, and status lines separated instead of collapsing multi-line content into one run-on block, with no configuration change required. [#95532](https://github.com/openclaw/openclaw/pull/95532) Related [#95409](https://github.com/openclaw/openclaw/issues/95409).
    • ·Mattermost operators who enable native slash commands can now use `/oc_queue` directly in Mattermost to tune active-run queuing, including its mode, debounce timing, cap, and drop handling. [#95546](https://github.com/openclaw/openclaw/pull/95546)
    • ·Previously allowed messages keep reaching named accounts after legacy multi-account channel upgrades, with inherited DM and group access rules preserved across Mattermost, Discord, Slack, Telegram, Signal, WhatsApp, iMessage, and IRC. [#95550](https://github.com/openclaw/openclaw/pull/95550)
    • ·Mattermost users can keep talking in a thread without mentioning the bot again after it replies, and that participation survives gateway restarts until the thread has been idle for seven days. [#95552](https://github.com/openclaw/openclaw/pull/95552)
    • ·Inbound Telegram messages now reach the configured OpenClaw session promptly instead of sitting unanswered until the next polling interval, a gateway restart, or manual intervention. [#95577](https://github.com/openclaw/openclaw/pull/95577) Related [#86957](https://github.com/openclaw/openclaw/issues/86957).
    • ·QQBot users now receive complete markdown tables when valid separators use one or two dashes per column, instead of losing the header and all but the final row. [#95637](https://github.com/openclaw/openclaw/pull/95637)
    • ·Synology Chat users can now receive agent replies that take more than 120 seconds when the configured core timeout allows it, instead of having the channel reject them early. [#95707](https://github.com/openclaw/openclaw/pull/95707)
    • ·Telegram forum-topic cron jobs now keep separately configured failure alerts going to their intended destination, even when the main announcement uses a topic in the same chat. [#95794](https://github.com/openclaw/openclaw/pull/95794)
    • ·Fixes WhatsApp group replies that could quote an older OpenClaw message instead of the user's triggering message, so final answers stay attached to the intended message when a reply target is available and avoid pointing back to stale bot context when it is not. [#95914](https://github.com/openclaw/openclaw/pull/95914)
    • ·WhatsApp users can approve or deny prompts by reaction without the prompt staying stuck when WhatsApp identifies the same direct chat differently, while group approvals remain tied to the correct group and person. [#95935](https://github.com/openclaw/openclaw/pull/95935)
    • ·Final reply processing now uses less CPU when OpenClaw checks whether block text was already sent, without changing which reply reaches the chat or how duplicate text is suppressed. [#96087](https://github.com/openclaw/openclaw/pull/96087)
    • ·Exec approval results from external channel plugins now return to the channel or DM where the command started instead of falling back to WebChat or seeming to disappear after approval. [#96140](https://github.com/openclaw/openclaw/pull/96140) Related [#96103](https://github.com/openclaw/openclaw/issues/96103).
    • ·WhatsApp's final answer now stays quoted to the follow-up message a user just sent when replying to an older OpenClaw message, instead of arriving unquoted or pointing back to the older bot reply. [#96220](https://github.com/openclaw/openclaw/pull/96220)
    • ·Nextcloud Talk bots now ignore ordinary file-share and lifecycle events without logging them as bot errors or risking disabled delivery, while malformed chat payloads still return an error. [#96243](https://github.com/openclaw/openclaw/pull/96243) Related [#81566](https://github.com/openclaw/openclaw/issues/81566).
    • ·Replies and message-tool delivery in Mattermost channels now use channel and thread guidance because the agent identifies those conversations as channels rather than group chats, while existing group-chat behavior remains unchanged. [#96244](https://github.com/openclaw/openclaw/pull/96244) Related [#95645](https://github.com/openclaw/openclaw/issues/95645).
    • ·MCP channel integrations now keep conversation lists, message reads, event polls, and waits within predictable bounds even when a client requests excessive limits or timeouts. [a39e548](https://github.com/openclaw/openclaw/commit/a39e548ede228aa1978bf9d509613cbed6db0c99)
    • ·Long-running streamed auto-replies are less likely to stop early or abort inconsistently when an unusually large timeout is configured. [6c85b90](https://github.com/openclaw/openclaw/commit/6c85b90469f94955ef00c1609e1f1d6fd2cf4ca8)
    • ·Channel progress now shows a repeated status when work genuinely returns to it after another update, instead of hiding useful context as a duplicate. [8a75c4d](https://github.com/openclaw/openclaw/commit/8a75c4dd5f3e625a22a7a08c6e1f368798c48111)
    • ·Completed channel replies no longer gain late progress notices, preventing stale status text from appearing after the answer is finished. [a594d2c](https://github.com/openclaw/openclaw/commit/a594d2ce73257326b7ab78adb3c4643245ec9431)
    • ·During streaming channel replies, progress messages now keep showing the latest state instead of getting stuck on an older update. [e114001](https://github.com/openclaw/openclaw/commit/e114001ccafa83b8b366e095a9d7748dfc50c082)
    • ·Matrix forced resets now handle unavailable secret storage without a runtime error, treating recovery access as unavailable so the reset path can continue safely. [5c5a8a4](https://github.com/openclaw/openclaw/commit/5c5a8a49d76954b53fefc2463bc7b1d6b960e8fc)
    • ·Configured channels now remain visible in `openclaw channels status --json`, while scheduled announcements reject stale entries that have no active plugin to deliver them. [a641c0d](https://github.com/openclaw/openclaw/commit/a641c0d560fd15373e462829facf15fd6a466aeb)
    • ·Discord voice conversations now keep back-to-back assistant responses moving, so a queued reply plays after the previous audio stream closes instead of remaining stuck. [88b64e4](https://github.com/openclaw/openclaw/commit/88b64e4b869e696d99de7417fb52425e9ed67cbf)
    • ·Discord progress previews are less likely to stop before the final edits when an agent response has already started arriving. [86ea382](https://github.com/openclaw/openclaw/commit/86ea382121b00e73af4b4c329d0a2447592e4071)
    • ·Chats no longer show stray `NO_REPLY` text when the assistant means to stay silent, while legitimate media responses still arrive without the placeholder. [96c6f80](https://github.com/openclaw/openclaw/commit/96c6f8022c2420826830b11f4353ce855ab2ac5c)
    • ·Telegram streaming replies now show each progress heading once, keeping tool and search updates easier to scan. [013e33c](https://github.com/openclaw/openclaw/commit/013e33c6d3672a980550912442bb1ac5505918aa)
    • ·Telegram messages that get stuck after a long-running task, crash, or gateway restart now resume processing automatically, so later messages no longer wait silently or require operators to repair the queue by hand. [#97543](https://github.com/openclaw/openclaw/pull/97543)
    • ·MiniMax text-to-speech and voice notes are less likely to fail because OpenClaw now explicitly requests the audio format it can decode instead of relying on provider defaults. [#73079](https://github.com/openclaw/openclaw/pull/73079)
    • ·Gateway operators can again see provider, model, request status, and timing details in normal logs, making model-routing and transport problems easier to diagnose without enabling extra debug logging. [#89648](https://github.com/openclaw/openclaw/pull/89648) Related [#89300](https://github.com/openclaw/openclaw/issues/89300).
    • ·Models reached through Google, Mistral, OpenAI Responses, Azure OpenAI Responses, and ChatGPT/Codex Responses now receive clean system instructions without OpenClaw's internal cache-boundary marker leaking into the prompt. [#89716](https://github.com/openclaw/openclaw/pull/89716)
    • ·Cron tool calls using Gemini models through OpenAI-compatible providers now run without nullable fields triggering provider schema rejections. [#91559](https://github.com/openclaw/openclaw/pull/91559) Related [#91542](https://github.com/openclaw/openclaw/issues/91542).
    • ·Provider-qualified model IDs now honor their configured agent runtime policies and CLI aliases instead of unexpectedly falling back to OpenClaw's default runtime. [#91724](https://github.com/openclaw/openclaw/pull/91724)
    • ·The chat `/models` list and other plugin-aware model or provider selection paths now respond quickly instead of stalling for seconds and consuming a CPU core through repeated setup scans, while plugin changes still refresh normally. [#93356](https://github.com/openclaw/openclaw/pull/93356)
    • ·Hosted Ollama Cloud users can keep only the models they explicitly configured after a restart, without the full shared catalog being added back, while automatic discovery continues for local and self-hosted Ollama servers. [#93956](https://github.com/openclaw/openclaw/pull/93956)
    • ·Cron jobs can now retry or switch to a configured fallback model when a local provider returns the generic `LLM request failed.` error, instead of failing with the fallback unused. [#94062](https://github.com/openclaw/openclaw/pull/94062) Related [#93931](https://github.com/openclaw/openclaw/issues/93931).
    • ·Expired provider tokens no longer bury useful operator logs under repeated fallback warnings, while the first warning and later duplicate summaries remain available for diagnosis. [#94233](https://github.com/openclaw/openclaw/pull/94233) Related [#56979](https://github.com/openclaw/openclaw/issues/56979).
    • ·Google Gemini 3.5 Flash can now be selected with its full 1,048,576-token context window, avoiding missing-model errors and needless prompt-size rejections. [#94726](https://github.com/openclaw/openclaw/pull/94726) Related [#94723](https://github.com/openclaw/openclaw/issues/94723).
    • ·Dashboard child sessions now handle allowed provider-qualified model choices consistently and give accurate recovery guidance when saved model state is stale. [#94752](https://github.com/openclaw/openclaw/pull/94752) Related [#94713](https://github.com/openclaw/openclaw/issues/94713).
    • ·Claude CLI users no longer get promises of completion updates that may never arrive, because OpenClaw now blocks unsupported native background work before it can strand progress. [#95008](https://github.com/openclaw/openclaw/pull/95008)
    • ·OpenClaw now rejects oversized provider catalog or JSON responses with a clear error before buffering the entire response in memory. [#95218](https://github.com/openclaw/openclaw/pull/95218)
    • ·OpenRouter users can now select and run the advertised short DeepSeek V4 model IDs without requests failing with `model_not_found` because OpenClaw sent a duplicated provider prefix. [#95268](https://github.com/openclaw/openclaw/pull/95268) Related [#95198](https://github.com/openclaw/openclaw/issues/95198).
    • ·With `/reasoning on`, DeepSeek-style OpenAI-compatible models now show the final answer separately from their reasoning instead of folding it into the reasoning block, with no configuration change required. [#95283](https://github.com/openclaw/openclaw/pull/95283) Related [#95280](https://github.com/openclaw/openclaw/issues/95280).
    • ·When a Codex subscription reaches its usage limit, OpenClaw now moves to configured fallback models instead of stopping on the failed result, and it does not retry runs that already produced visible output. [#95400](https://github.com/openclaw/openclaw/pull/95400)
    • ·LM Studio users can now run quantized or multi-variant local models without false assistant-turn failures or phantom suffixed model entries caused by mismatched model keys. [#95401](https://github.com/openclaw/openclaw/pull/95401)
    • ·Google-backed embedded-agent runs now stop reading oversized or never-ending prompt-cache responses before they can exhaust memory or leave the run stalled. [#95417](https://github.com/openclaw/openclaw/pull/95417)
    • ·OpenRouter model scans fail safely on oversized or malformed catalogs instead of risking excessive memory use that can destabilize OpenClaw. [#95418](https://github.com/openclaw/openclaw/pull/95418)
    • ·OpenRouter setups now reject oversized model catalogs before they can exhaust OpenClaw's memory, without caching or immediately refetching the failed response. [#95420](https://github.com/openclaw/openclaw/pull/95420)
    • ·Configured fallback models can now answer when Claude CLI runs out of credits or hits a generic runner failure, instead of leaving users with the failure message as the final response. [#95508](https://github.com/openclaw/openclaw/pull/95508) Related [#95489](https://github.com/openclaw/openclaw/issues/95489).
    • ·Gemini-backed web searches using `freshness: "day"` or `pd` now complete instead of failing with a provider 400 error, while broader freshness choices and explicit date ranges retain stricter filtering. [#95682](https://github.com/openclaw/openclaw/pull/95682)
    • ·Follow-up answers from xAI reasoning models such as Grok Composer now preserve earlier reasoning context more reliably, even when configurable reasoning effort is unsupported. [#95686](https://github.com/openclaw/openclaw/pull/95686)
    • ·Vercel AI Gateway users can now run models chosen from the live catalog, including live-only model IDs that are absent from OpenClaw's bundled list. [#95710](https://github.com/openclaw/openclaw/pull/95710)
    • ·Fixes manifest-defined providers turning valid model IDs into broken ones when `stripPrefixes` entries have stray spaces or different casing, so operators and plugin authors get the intended provider model. [#95744](https://github.com/openclaw/openclaw/pull/95744) Related [#95743](https://github.com/openclaw/openclaw/issues/95743).
    • ·First-run setup now opens the credential prompt for a newly installed external provider instead of appearing to loop and leaving OpenAI selected. [#95792](https://github.com/openclaw/openclaw/pull/95792) Related [#95765](https://github.com/openclaw/openclaw/issues/95765).
    • ·Oversized or stalled provider catalogs now fail quickly with a clear error instead of hanging OpenClaw or consuming unbounded memory, while normal catalogs continue to load. [#95827](https://github.com/openclaw/openclaw/pull/95827)
    • ·Xiaomi Token Plan users can now use up to 128K output tokens with `mimo-v2.5` and `mimo-v2.5-pro` instead of being stopped at the outdated 32,000-token limit. [#95934](https://github.com/openclaw/openclaw/pull/95934)
    • ·Tool-heavy model responses can stream with less overhead while repeated tool-call IDs and encrypted reasoning details stay matched to the correct call across Google and OpenAI-compatible providers. [#95957](https://github.com/openclaw/openclaw/pull/95957)
    • ·Token-usage accounting is more reliable for bundled ACPX users because OpenClaw now includes ACPX 0.11.2's persistence fix by default, without a separate package override or manual client update. [#96124](https://github.com/openclaw/openclaw/pull/96124)
    • ·Ollama Cloud users can now find and select `glm-5.2:cloud` with its 1,000,000-token context window, reasoning, and tool support even when it is absent from the public model list. [11484f8](https://github.com/openclaw/openclaw/commit/11484f8a1483b7c42aa2971de2d88289fcef7046)
    • ·MiniMax image-understanding requests no longer fail before reaching the provider when a timeout is zero, negative, or extremely large; invalid values now use a normal or safe maximum wait. [4b6182e](https://github.com/openclaw/openclaw/commit/4b6182ee2a250005e0c25edfeae4db6ec59b7cb8)
    • ·Codex runs now follow the current fast-mode choice instead of carrying over an old speed tier, and the status line clearly shows when fast mode is automatic. [77012f9](https://github.com/openclaw/openclaw/commit/77012f9807851c662e064d05097497a25ab13505)
    • ·Codex-backed conversations now return to normal routing after automatic fast mode is cleared, preventing later turns or model changes from reusing a stale priority tier. [8afc1f7](https://github.com/openclaw/openclaw/commit/8afc1f770bbef30a4d2d9957ef26a685c508448c)
    • ·Fallback agent runs now honor each model's configured automatic fast-mode cutoff even when fast mode is overridden for the run, keeping fallback behavior aligned with the selected model policy. [efd3172](https://github.com/openclaw/openclaw/commit/efd3172662ce023eb8d6568b689361536edf06dd)
    • ·Live model-switch retries now preserve the original fast-mode cutoff for long-running sessions, while explicit fast mode avoids misleading automatic-cutoff progress messages. [d990115](https://github.com/openclaw/openclaw/commit/d990115d1972fdf4361884a29bbf8396f33e5cba)
    • ·Embedded agent runs now keep automatic fast mode working consistently through retries and progress updates without confusing it with a manually selected fast-mode setting. [cf1b6fe](https://github.com/openclaw/openclaw/commit/cf1b6fef4403bee7c206299efc4385a7fcb74375)
    • ·Fast-mode runs now keep their speed setting through model fallback retries and show the configured automatic threshold in status, avoiding inconsistent retry behavior and an unhelpful generic label. [aa3797c](https://github.com/openclaw/openclaw/commit/aa3797c8d0d74b4502d24852ce6baa70286f2f06)
    • ·Agent replies and scheduled cron runs now handle fast-mode fallback retries more reliably, keeping the state needed for the final attempt to finish or report progress correctly. [14e448e](https://github.com/openclaw/openclaw/commit/14e448e0e13db9f194ea16bb98e0f846a67769fd)
    • ·Users no longer see a fast-mode reset notice while model fallback attempts are still running; it appears only when the run reaches its final fallback attempt. [6eb72a8](https://github.com/openclaw/openclaw/commit/6eb72a830ece3e2b4c6c85e5a9c2b72b59e0dae9)
    • ·Users and operators now get clearer handling when a configured live model becomes unavailable because OpenClaw recognizes the provider's "selected model was not found" response as a model-not-found failure instead of a generic error. [2405d02](https://github.com/openclaw/openclaw/commit/2405d029d437ee58ab94da800a5b213bc6bf4628)
    • ·Qwen and vLLM now preserve existing chat-template settings consistently when thinking is switched on or off, and provider plugins can use the same tested helper. [2ba9d6e](https://github.com/openclaw/openclaw/commit/2ba9d6eabef9427a950bacc47f077200446cb865)
    • ·OpenAI-compatible proxy providers can handle thinking levels and legacy `reasoning_effort` fields more consistently, with plugin developers and provider maintainers using one documented normalization helper across OpenRouter, Kilocode, and the SDK. [35bafea](https://github.com/openclaw/openclaw/commit/35bafea757fab0386292951a3dc2a2d3514f370e)
    • ·Browser and Vite builds can now load the OpenAI ChatGPT Responses provider without a server-only dependency breaking the bundle, while WebSocket failures still appear normally. [8c8eb86](https://github.com/openclaw/openclaw/commit/8c8eb86fff6e843bd391808ceee249ac8c7f5fa5)
    • ·OpenRouter model scans now accept the same larger valid catalogs as runtime discovery while still rejecting oversized responses before they can consume unbounded memory. [ad3b2f4](https://github.com/openclaw/openclaw/commit/ad3b2f4b8827cd73b4c1a6c8288569c0966276fe)
    • ·OpenAI Responses users, including affected Bedrock Mantle GPT-5.x reasoning setups, now get one clean final answer with aligned saved transcripts and replay context instead of dozens of repeated cumulative copies. [#92399](https://github.com/openclaw/openclaw/pull/92399) Related [#91959](https://github.com/openclaw/openclaw/issues/91959).
    • ·Scheduled jobs and isolated sessions using opencode-go models now move stalled requests into configured timeout or fallback handling instead of hanging for minutes before ending with a generic `LLM request failed` error. [#93965](https://github.com/openclaw/openclaw/pull/93965) Related [#93610](https://github.com/openclaw/openclaw/issues/93610).
    • ·Affected agent conversations using OpenAI Responses can now recover and keep replying after a visible channel response leaves their saved history incomplete, instead of every later turn failing before a reply appears. [#84708](https://github.com/openclaw/openclaw/pull/84708)
    • ·When a Codex-backed agent produces unusually large tool output, saved and replayed conversations now keep its text within the usual size limit while leaving non-text content unchanged. [#87912](https://github.com/openclaw/openclaw/pull/87912)
    • ·Control UI conversations now stay visible and continue in the same session after a sleep, network drop, or Gateway reconnect instead of disappearing when the next message is sent. [#89017](https://github.com/openclaw/openclaw/pull/89017) Related [#87700](https://github.com/openclaw/openclaw/issues/87700).
    • ·Bundled Codex and Copilot integrations now keep mirrored chat history and transcript updates tied to the correct OpenClaw session as storage evolves, while existing file-backed active transcripts continue working during the migration. [#89518](https://github.com/openclaw/openclaw/pull/89518)
    • ·WebChat's current-session status now matches the conversation you are actually using, so the session identity, thinking level, token context, and cost details no longer come from the fallback `main` session. [#89800](https://github.com/openclaw/openclaw/pull/89800) Related [#89773](https://github.com/openclaw/openclaw/issues/89773).
    • ·Your conversation is less likely to lose its context after you press stop during automatic compaction because the compaction request is now cancelled too. [#89886](https://github.com/openclaw/openclaw/pull/89886) Related [#89868](https://github.com/openclaw/openclaw/issues/89868).
    • ·When cross-agent session access is blocked, OpenClaw now lists all required visibility, agent-to-agent, and allow-list settings, helping operators correct policy configuration instead of chasing a nonexistent agent failure. [#90489](https://github.com/openclaw/openclaw/pull/90489) Related [#90443](https://github.com/openclaw/openclaw/issues/90443).
    • ·`openclaw memory status` now shows an active light or REM dreaming phase instead of incorrectly reporting `Dreaming: off`, so operators can see that valid memory configurations are enabled. [#93113](https://github.com/openclaw/openclaw/pull/93113) Related [#67868](https://github.com/openclaw/openclaw/issues/67868).
    • ·Timed-out QMD memory searches now stop their background work when the agent moves on, preventing abandoned processes from continuing to consume CPU and memory. [#93394](https://github.com/openclaw/openclaw/pull/93394)
    • ·Repeated instructions sent after compaction now remain in the conversation, preventing lost turns, orphaned replies, and malformed history that some providers reject. [#94328](https://github.com/openclaw/openclaw/pull/94328)
    • ·Memory Wiki's Stale Pages report now leaves durable concept and synthesis pages out of freshness warnings, keeping attention on source and entity pages that may actually need review. [#94369](https://github.com/openclaw/openclaw/pull/94369)
    • ·Long embedded runs with recent progress are now less likely to be interrupted by stale-session recovery, while genuinely stalled runs can still be cleared so queued work continues. [#94701](https://github.com/openclaw/openclaw/pull/94701)
    • ·Ollama memory search now respects a configured smaller embedding dimension and keeps indexes for different dimensions separate, avoiding incompatible vectors being mixed together. [#94811](https://github.com/openclaw/openclaw/pull/94811)
    • ·Memory searches and targeted refreshes now stay connected to the correct OpenClaw session even when transcript filenames change or QMD exports use a different name. [#95087](https://github.com/openclaw/openclaw/pull/95087)
    • ·Long-running conversations with screenshots or other images now keep their continuity more consistently when OpenClaw makes room for new messages, instead of repeatedly filling up without moving the retained conversation forward. [#95128](https://github.com/openclaw/openclaw/pull/95128)
    • ·Windows users can now run QMD-backed memory indexing and search through configured absolute `memory.qmd.command` paths, including drive-letter and UNC locations, without OpenClaw stripping the path separators before launch. [#95274](https://github.com/openclaw/openclaw/pull/95274) Related [#92302](https://github.com/openclaw/openclaw/issues/92302).
    • ·Usage footers selected with `/usage full` or `/usage tokens` now remain visible after daily or idle session rollover, so users do not have to turn them on again. [#95322](https://github.com/openclaw/openclaw/pull/95322)
    • ·Follow-up replies, reactions, threaded messages, and status checks stay with the chat they belong to after webchat or system activity, while real channel switches still clear outdated routing details. [#95467](https://github.com/openclaw/openclaw/pull/95467)
    • ·Long-running main conversations now keep their prior context when users return after an overnight or delayed follow-up, rather than silently starting over after an otherwise normal completion. [#95472](https://github.com/openclaw/openclaw/pull/95472)
    • ·People with large session histories can list, preview, and find sessions without multi-second freezes, while older mixed-case session keys are still migrated at startup. [#95699](https://github.com/openclaw/openclaw/pull/95699)
    • ·Fixes delivered replies sometimes being saved to the wrong conversation history, or omitted from it, when operators use a custom or per-agent `session.store`, improving continuity and auditability for the intended session. [#95782](https://github.com/openclaw/openclaw/pull/95782) Related [#95781](https://github.com/openclaw/openclaw/issues/95781).
    • ·Saved session-memory summaries now leave out raw model tokens, tool-call blocks, media placeholders, role tags, and stale `NO_REPLY` markers so future conversations keep useful context. [#95791](https://github.com/openclaw/openclaw/pull/95791)
    • ·Long-running OpenAI sessions using Codex/ChatGPT OAuth can now compact without a separate API key, whether `/compact` is run manually or triggered automatically. [#95831](https://github.com/openclaw/openclaw/pull/95831) Related [#95693](https://github.com/openclaw/openclaw/issues/95693).
    • ·Long, tool-heavy sessions now compact oversized conversations instead of getting stuck when a large tool result appears at the end. [#95860](https://github.com/openclaw/openclaw/pull/95860) Related [#78478](https://github.com/openclaw/openclaw/issues/78478).
    • ·When `memory_search` is unavailable because the Node runtime lacks `node:sqlite`, OpenClaw now points users to a compatible runtime instead of sending them through unrelated embedding-provider troubleshooting. [#95916](https://github.com/openclaw/openclaw/pull/95916)
    • ·Developers and operators inspecting a compacted Copilot session now get its summary, before-and-after token counts, and session details instead of an incomplete result. [#96049](https://github.com/openclaw/openclaw/pull/96049)
    • ·The `/stop` and abort commands now keep stopping active runs, clearing queued followups, and ending related subagents promptly even when session keys need canonicalizing or abort metadata cannot be saved. [#96201](https://github.com/openclaw/openclaw/pull/96201)
    • ·Voice Wake upgrades now keep existing trigger phrases and routing rules working as OpenClaw moves them from retired settings files into the shared state database. [bdf81a8](https://github.com/openclaw/openclaw/commit/bdf81a825fa3ef66ad2c535c1eeb0bb4e31b6d1b)
    • ·Upgrades from older OpenClaw state layouts now preserve update notifications, check throttling, available-version records, and automatic-update attempt history as that state moves into SQLite. [eb00d49](https://github.com/openclaw/openclaw/commit/eb00d499d16feea600fceef92d575fa30f005649)
    • ·Plugin-channel conversations keep their intended session more reliably through startup, doctor checks, and state repairs, with older binding records migrated into OpenClaw's shared database. [9f888d9](https://github.com/openclaw/openclaw/commit/9f888d95e082d50380a66db18ee2e32683e688e0)
    • ·Windows memory-backed session syncing now keeps using the intended transcript file even when path formatting differs. [b3b5b08](https://github.com/openclaw/openclaw/commit/b3b5b08e67a26efd648c7c7d879e5487223cd796)
    • ·Embedded agent runs with a missing or blank session key now stay attached to the intended session instead of being sent through inconsistent session routing. [911f853](https://github.com/openclaw/openclaw/commit/911f853b7fc4d819e2175b001662a01eba30453d)
    • ·When a model guesses the wrong tool name, Tool Search and Code Mode now show how to find and retry the correct tool, reducing the risk that long-running sessions get stuck or lose durable memory during compaction. [#93374](https://github.com/openclaw/openclaw/pull/93374) Related [#92273](https://github.com/openclaw/openclaw/issues/92273).
    • ·Fixes assistant replies disappearing from webchat, Control UI, Feishu, and other embedded conversations after compaction, keeping refreshed chats readable and follow-up requests separate. [#95484](https://github.com/openclaw/openclaw/pull/95484) Related [#76729](https://github.com/openclaw/openclaw/issues/76729).
    • ·OpenClaw memory features now keep active, reset, and deleted transcript coverage aligned with configured session stores and agent ownership, making dreaming, QMD exports, indexing, and sync less likely to miss or misattribute conversation history. [#96162](https://github.com/openclaw/openclaw/pull/96162)
    • ·Gateway TLS setup now rejects blank certificate or key paths clearly or uses OpenClaw's defaults, avoiding confusing startup and certificate-generation failures while preserving valid paths. [#94054](https://github.com/openclaw/openclaw/pull/94054)
    • ·Configured plugin policies keep blocking or rewriting sensitive tool calls after Gateway registry changes, reloads, or later hook initialization instead of being silently skipped. [#94545](https://github.com/openclaw/openclaw/pull/94545)
    • ·Mobile operators with `operator.approvals` can now see and resolve chat-triggered exec approvals on the iOS device that started the request, including while the app is open, without relying only on push notifications. [#95175](https://github.com/openclaw/openclaw/pull/95175)
    • ·Control UI users now get the patched DOMPurify release, reducing exposure to the GHSA-cmwh-pvxp-8882 sanitizer vulnerability without changing how the interface behaves. [#95691](https://github.com/openclaw/openclaw/pull/95691)
    • ·"Always allow" approvals for plugin conversation bindings now carry over from the old settings file and are less likely to be lost or overwritten when multiple OpenClaw processes are running. [ae41b00](https://github.com/openclaw/openclaw/commit/ae41b009224b0a8e3a990912503258d4478fb4d0)
    • ·Matrix users now see that the active recovery key is required before a forced cross-signing reset can proceed, preventing a second reset from leaving encryption recovery and room-key backups unusable. [#95720](https://github.com/openclaw/openclaw/pull/95720) Related [#78396](https://github.com/openclaw/openclaw/issues/78396).
    • ·Managed Slack deployments can now use a central router to send mentions and ongoing threads to the right OpenClaw gateway while replies still appear through Slack. [#94707](https://github.com/openclaw/openclaw/pull/94707)
    • ·Raft External Agent operators can now wake an OpenClaw agent when a workspace has pending work through the supported local CLI bridge, with named profiles and checks for missing CLI prerequisites. [#95497](https://github.com/openclaw/openclaw/pull/95497)
    • ·When `plugins.allow` uses a channel or package name instead of the real plugin id, startup guidance now identifies the unmatched entry and shows the discovered plugin ids needed to correct the configuration. [#68389](https://github.com/openclaw/openclaw/pull/68389) Related [#68352](https://github.com/openclaw/openclaw/issues/68352).
    • ·Plugin trust warnings for first-time or fresh installs now include a ready-to-copy `plugins.allow` example and commands to list or inspect plugin ids, so users can resolve the warning before trusting or reinstalling plugin code. [#78105](https://github.com/openclaw/openclaw/pull/78105) Related [#68780](https://github.com/openclaw/openclaw/issues/68780).
    • ·Codex migrations now work with standard global plugin installs because `openclaw migrate` can find the installed provider instead of failing with `Unknown migration provider`. [#89612](https://github.com/openclaw/openclaw/pull/89612) Related [#89609](https://github.com/openclaw/openclaw/issues/89609).
    • ·Plugin installs and updates recover from stale OpenClaw-managed dependency pins instead of failing with `npm EOVERRIDE`, without later synchronization downgrading or removing packages users installed explicitly. [#91786](https://github.com/openclaw/openclaw/pull/91786) Related [#91772](https://github.com/openclaw/openclaw/issues/91772).
    • ·Channel plugin developers can now carry native sender and conversation identifiers through hooks and selected exec workflows, giving integrations more precise routing without breaking existing sender and chat fields. [#91903](https://github.com/openclaw/openclaw/pull/91903)
    • ·Plugin discovery now repeats fewer blocking filesystem checks during startup, reducing avoidable cold-start work for bundled plugin trees, especially on slower Windows filesystems, without changing bundle discovery behavior. [#93919](https://github.com/openclaw/openclaw/pull/93919) Related [#76209](https://github.com/openclaw/openclaw/issues/76209).
    • ·Plugin Gateway methods now work through `openclaw gateway call` after registration, so plugin authors can use them from scripts and cron jobs instead of hitting an `unknown method` error. [#94154](https://github.com/openclaw/openclaw/pull/94154) Related [#94127](https://github.com/openclaw/openclaw/issues/94127).
    • ·ClawHub skill discovery and install checks are less likely to stall or crash OpenClaw because oversized or stalled marketplace responses are now stopped before they can exhaust memory. [#95226](https://github.com/openclaw/openclaw/pull/95226)
    • ·Pinned official plugins no longer stay on an old release when operators follow the repair advice from `openclaw doctor` or deep gateway status after an upgrade. [#95541](https://github.com/openclaw/openclaw/pull/95541)
    • ·Managed npm plugin updates are less likely to break work on a running gateway with missing-module errors, because the older plugin files remain available until a later gateway start cleans them up. [#95589](https://github.com/openclaw/openclaw/pull/95589)
    • ·Official plugin cards for supported brands now show recognizable icons in ClawHub and other catalogs, and plugin authors can provide marketplace artwork through the documented manifest field. [#95845](https://github.com/openclaw/openclaw/pull/95845)
    • ·Official plugin icons in ClawHub and other catalogs are no longer forced into the same hard-coded color, allowing Simple Icons to use its default artwork instead. [#95987](https://github.com/openclaw/openclaw/pull/95987)
    • ·Docker users now have an official `openclaw/openclaw` Docker Hub mirror alongside GHCR, with versioned beta releases kept from moving the stable `latest` and `main` aliases. [#97122](https://github.com/openclaw/openclaw/pull/97122)
    • ·Git-based OpenClaw installs now use the repository's pinned pnpm version even when another global pnpm or surrounding project package manager is present, so setup commands no longer run against the wrong package-manager environment. [bd74a62](https://github.com/openclaw/openclaw/commit/bd74a62118aa4774706359d9494116ded8c1f6e3)
    • ·ClawHub skill-card and update requests now complete or time out predictably even when they receive an unusually large timeout value. [8cd0c11](https://github.com/openclaw/openclaw/commit/8cd0c11227f6f4096d089cd6108d6f2ae31252b7)
    • ·Windows users can complete source installs without a llama.cpp setup step blocking or slowing them, and the installer restores their existing shell setting afterward. [ea9065b](https://github.com/openclaw/openclaw/commit/ea9065bc68dd4ff94495b85a7dcb4491cf41b67a)
    • ·More official channel, provider, and web-search plugins can now be installed or repaired through normal external package catalogs while still being recognized from their existing credentials. [#95683](https://github.com/openclaw/openclaw/pull/95683)

    Channels and Messaging

    • ·Telegram reply chains keep cached replies attached after context changes instead of failing when those cached replies are reused. [#82909](https://github.com/openclaw/openclaw/pull/82909)
    • ·Fixes Discord dropping an entire long reply with fenced code blocks when a closing code fence lands near the 2,000-character message limit. [#95661](https://github.com/openclaw/openclaw/pull/95661)
    • ·Slack operators can now store tokens and signing secrets as supported SecretRef inputs, while reads, writes, allowlist and target lookups, and setup checks use the resolved credentials instead of rejecting or misreading the references. [7da955f](https://github.com/openclaw/openclaw/commit/7da955fae4ca2083599aa33a1f93dbfff53cb187)
    • ·Channel capability checks now return a clear timeout when an integration stops responding, keeping troubleshooting from hanging in a terminal or automation run. [8ecdb97](https://github.com/openclaw/openclaw/commit/8ecdb97b636e4c3fcc6d142d217327404ae06581)

    Providers and Models

    • ·After changing the default model, starting a fresh channel session with `/new` or `/reset` now uses the new default instead of silently reusing the previous cached model, while explicit `/model` overrides remain unchanged. [#77339](https://github.com/openclaw/openclaw/pull/77339) Related [#77322](https://github.com/openclaw/openclaw/issues/77322).
    • ·Behind HTTP or HTTPS proxies, Codex/OpenAI usage and quota checks in `openclaw status --usage --json` and the Control UI now retrieve usage windows instead of failing when chatgpt.com is unreachable directly. [#93943](https://github.com/openclaw/openclaw/pull/93943) Related [#78714](https://github.com/openclaw/openclaw/issues/78714).
    • ·`/status` now keeps the active model and how to clear a pinned choice on one compact line, so Discord and other chat users can scan model status without a multi-line explanation. [#95797](https://github.com/openclaw/openclaw/pull/95797)
    • ·Anthropic streaming responses now keep interleaved text, thinking, and tool-call updates attached to the correct response block instead of mixing them when several blocks are active at once. [#96013](https://github.com/openclaw/openclaw/pull/96013)

    Memory, Sessions, and State

    • ·Memory-wiki status cards and bridge-backed source sync are less likely to fail during simultaneous page rewrites because OpenClaw now retries the transient path mismatch while still stopping unsafe or persistent filesystem writes. [#94443](https://github.com/openclaw/openclaw/pull/94443) Related [#92134](https://github.com/openclaw/openclaw/issues/92134).
    • ·Fixes recent-session resume opening a fresh conversation for users with long workspace paths instead of returning to their existing transcript. [#94578](https://github.com/openclaw/openclaw/pull/94578) Related [#94577](https://github.com/openclaw/openclaw/issues/94577).
    • ·Memory Wiki now keeps user-written notes intact when an existing source page is re-ingested or synced, while still refreshing its generated content. [#95614](https://github.com/openclaw/openclaw/pull/95614)
    • ·Fixes Memory Wiki repeatedly copying its own generated source pages back into itself when its vault is stored inside the workspace memory folder, avoiding duplicate files, repeated cleanup, and unnecessary memory index growth. [#95666](https://github.com/openclaw/openclaw/pull/95666) Related [#95657](https://github.com/openclaw/openclaw/issues/95657).
    • ·For operators using Active Memory with memory-core dreaming, nightly dreaming jobs no longer start unnecessary recall work and hit 45-second timeouts, while regular web chats continue to receive memory recall. [#95721](https://github.com/openclaw/openclaw/pull/95721) Related [#78500](https://github.com/openclaw/openclaw/issues/78500).
    • ·Agent sessions with many tool calls repair out-of-order results with less repeated work while keeping each result paired with the right tool call. [#96014](https://github.com/openclaw/openclaw/pull/96014)
    • ·Windows qmd-backed memory work now stops all related processes after availability probes and command timeouts, preventing qmd children from continuing to run in the background. [830691b](https://github.com/openclaw/openclaw/commit/830691b2010bd0406399adb8a2e97e0b043e2ca8)

    Gateway, Security, and Trust

    • ·When a configured or explicit remote gateway is slow but reachable, `openclaw gateway probe --timeout ...` now waits for the requested timeout instead of reporting it unreachable after a shorter internal cutoff. [#89859](https://github.com/openclaw/openclaw/pull/89859) Related [#65355](https://github.com/openclaw/openclaw/issues/65355).
    • ·Long or parallel internal subagent runs now avoid unnecessary live-preview processing, while visible subagent sessions still show live updates and final responses. [#91906](https://github.com/openclaw/openclaw/pull/91906)
    • ·ACP conversations, especially Kiro-backed threads, now continue past the first reply by starting a fresh session when the backend can no longer resume the old one. [#93547](https://github.com/openclaw/openclaw/pull/93547) Related [#87830](https://github.com/openclaw/openclaw/issues/87830).
    • ·When Linux memory pressure kills a child command or session, systemd-managed OpenClaw gateways now stay running and keep channel connections alive while reporting the child failure. [#93585](https://github.com/openclaw/openclaw/pull/93585)
    • ·Canceling an OpenClaw run during tool work now ends it promptly instead of starting another model turn or leaving the session locked. [#94412](https://github.com/openclaw/openclaw/pull/94412)
    • ·Scheduled OpenClaw jobs using cloud models now recover from silent, stuck model calls by default, helping prevent later cron work from backing up while local or self-hosted providers keep their existing timeout behavior. [#94445](https://github.com/openclaw/openclaw/pull/94445)
    • ·Gateway readiness checks now turn unhealthy during a restart drain, preventing traffic managers from sending new work to a Gateway that is temporarily rejecting requests. [#94915](https://github.com/openclaw/openclaw/pull/94915) Related [#78136](https://github.com/openclaw/openclaw/issues/78136).
    • ·Mac users can keep LaunchAgent-managed gateways running through OpenClaw upgrades instead of seeing repeated crash-and-restart loops when older text-transform runtime code is still cached. [#95081](https://github.com/openclaw/openclaw/pull/95081) Related [#95057](https://github.com/openclaw/openclaw/issues/95057).
    • ·Codex-powered conversations in TUI, WebChat, and compatible streaming APIs now show replies as they are written, while replacing provisional text cleanly so the final answer does not include stale drafts. [#95404](https://github.com/openclaw/openclaw/pull/95404) Related [#95422](https://github.com/openclaw/openclaw/issues/95422).
    • ·After a gateway restart, users no longer see a misleading retry notice when OpenClaw is already resuming the interrupted reply or reporting the actual recovery failure, reducing unnecessary duplicate attempts. [#95431](https://github.com/openclaw/openclaw/pull/95431)
    • ·Long, tool-heavy agent sessions now retain prompt-cache savings as results accumulate, reducing avoidable delays and cost from resending rewritten history between turns. [#95624](https://github.com/openclaw/openclaw/pull/95624)
    • ·Gateway restarts no longer leave configured Codex, Copilot, or trusted plugin-based agents temporarily unavailable, and untrusted workspace plugins remain blocked from activating themselves. [#95652](https://github.com/openclaw/openclaw/pull/95652)
    • ·Long responses, busy tool streams, image-heavy requests, and memory recall now incur less CPU and filesystem overhead without requiring settings or workflow changes. [#95697](https://github.com/openclaw/openclaw/pull/95697)
    • ·Operators can again add or update scheduled announcements for known channels in no-config setups, while configured environments still reject disabled, stale, ownerless, or unknown destinations before delivery. [#95754](https://github.com/openclaw/openclaw/pull/95754)
    • ·macOS users are less likely to see a false port-conflict failure when stopping or updating a managed gateway, because OpenClaw briefly waits for normal shutdown to release the port while still reporting conflicts that persist. [#95886](https://github.com/openclaw/openclaw/pull/95886)
    • ·Copilot-backed agents can now ask users a question and accept the answer through OpenClaw's normal chat reply flow, while compact tool-search and code-mode controls avoid loading the full tool catalog into the session. [#96005](https://github.com/openclaw/openclaw/pull/96005)
    • ·Gateway restarts on systemd or container setups no longer leave old Codex or Claude adapter processes behind, helping new ACPX sessions start without minutes-long cleanup stalls after repeated restarts. [#96032](https://github.com/openclaw/openclaw/pull/96032)
    • ·Copilot-backed sessions now show plan updates as work unfolds, and their native child tasks stay visible through completion or failure instead of disappearing from OpenClaw's task view. [#96062](https://github.com/openclaw/openclaw/pull/96062)
    • ·Connected agents such as OpenCode now start through OpenClaw even when their harness cannot select a requested model, while genuinely unsupported model choices still return the original error. [#96068](https://github.com/openclaw/openclaw/pull/96068) Related [#95869](https://github.com/openclaw/openclaw/issues/95869).
    • ·Plugins using `heartbeat_prompt_contribution` now deliver their heartbeat-specific context to models when agents run through harness runtimes such as the Codex app-server, without affecting ordinary user turns or plugins that do not use the hook. [#96233](https://github.com/openclaw/openclaw/pull/96233)
    • ·Windows gateway cleanup and listener checks now handle UTF-16 WMIC command-line data consistently, reducing failed or conflicting identification of the running gateway process. [15c880a](https://github.com/openclaw/openclaw/commit/15c880aeff1f4e55964ad7204d14733a2d1362f7)
    • ·Long-context, tool-heavy agent sessions now keep prompt-cache reuse steadier across repeated turns without losing per-result size limits, while advanced operators can configure larger tool-result caps for large-context models without configuration rejection. [a60947f](https://github.com/openclaw/openclaw/commit/a60947fb3e92f45ea7eb2581da8877b10a8bebb2)
    • ·Long, tool-heavy agent sessions are less likely to bloat model requests as tool output accumulates, while repeated turns keep stable prompt-cache reuse. [2f33999](https://github.com/openclaw/openclaw/commit/2f3399989893e6af18be49fb810e58941d7a4a45)
    • ·Gateway restarts now use OpenClaw's durable state database for the handoff, while stale, malformed, wrong-process, or superseded requests are discarded before they can affect the restart. [0ad48da](https://github.com/openclaw/openclaw/commit/0ad48dad2c4747f255d5a156b94578f7d87386a1)
    • ·Gateway status, doctor, and restart diagnostics now retain recent restart details in OpenClaw's shared state database, while expired or malformed records are still discarded. [a39a3b7](https://github.com/openclaw/openclaw/commit/a39a3b74de05f06227ede904a73c1b4687679d3e)
    • ·Gateway restarts and managed-service updates now keep the correct continuation message, avoid reusing stale handoff state, and mark failed update handoffs consistently. [514b336](https://github.com/openclaw/openclaw/commit/514b3365b54c8b3493eaf8a94198b7c04ea34aec)
    • ·Gateway-launched agents no longer lose owner-only OpenClaw tools during tasks such as live cron checks, so authorized operations can use the intended tools with the correct request context. [c2ee9b0](https://github.com/openclaw/openclaw/commit/c2ee9b0be8aeeadedffc8c6aaa9f5f291283fea5)
    • ·Malformed gateway restart requests now fail clearly without scheduling a restart, preventing bad or accidental integration calls from unexpectedly restarting the gateway. [108d6d7](https://github.com/openclaw/openclaw/commit/108d6d7eca0000a736e28d198e77100f4d7774e5)
    • ·Stale node requests queued by the gateway now expire automatically, so old work is less likely to linger and affect later activity. [f6d432e](https://github.com/openclaw/openclaw/commit/f6d432e545e2e2be91d17badc48354a0135e5294)
    • ·Plugin workflows are less likely to stall or overload the gateway when an integration requests too much subagent session history, because each read is now capped at a safe limit. [b66b450](https://github.com/openclaw/openclaw/commit/b66b4504f87205dd8ba0393e763e23a4a6158a79)
    • ·Image descriptions now handle extremely large timeout settings consistently by capping them to a safe runtime limit instead of risking timer overflow. [88b21fc](https://github.com/openclaw/openclaw/commit/88b21fc30b4ac615b3d3870e483190bc832f9846)
    • ·Embedded agent sessions now wait reliably for another session to release its file lock, even with an extremely large timeout, instead of risking timer overflow. [4c736df](https://github.com/openclaw/openclaw/commit/4c736df975fed8e39f18db43bfaea9654b9ac0c7)
    • ·Queued commands with extremely large task timeout settings now time out reliably because OpenClaw caps the wait at the runtime's safe maximum. [1f6ae32](https://github.com/openclaw/openclaw/commit/1f6ae32cabb9d5ed308bb30715c287936ef483f1)
    • ·Fixes normalization-core exposing the wrong string-coercion entry point and ACP sessions showing an outdated fast-mode value, so integrations receive the intended API and users see the mode actually in effect. [93ad397](https://github.com/openclaw/openclaw/commit/93ad39772590a34be3821d83709a5050c186fdf9)
    • ·Fast auto runs now deliver final replies more consistently, with progress-reset handling limited to automatic mode so it does not interfere with responses or forwarded callbacks. [9e8ab08](https://github.com/openclaw/openclaw/commit/9e8ab083dd6b9df4dadf40ee523ff18ac1472bd3)
    • ·Agent sessions using OpenAI Responses now resume tool-based work without failing or losing progress when replayed history contains mismatched tool requests and results. [b4bc1f2](https://github.com/openclaw/openclaw/commit/b4bc1f20c9fca6d316561d42cbabdd793c67a6e7)
    • ·Completed plugin subagent and QA runs are no longer misreported as failures when gateways return alternate completion envelope shapes, making successful handoffs more reliable for plugin authors and operators. [d1b268f](https://github.com/openclaw/openclaw/commit/d1b268f7f7f7309dd5db99728019218b4d453e18)
    • ·Fixes completed subagent tasks sometimes ending without an update, so users receive the result or the parent agent's next step. [68a1e00](https://github.com/openclaw/openclaw/commit/68a1e00b73bd746f6fb577f4127fecb0ade9e228)
    • ·Generated images from a remote Codex app-server now arrive as attachments instead of showing `Media failed` or returning only text after successful generation. [#96212](https://github.com/openclaw/openclaw/pull/96212)
    • ·When a subagent finishes, its result now reaches the active parent run more reliably instead of appearing silent. [7fc4bbc](https://github.com/openclaw/openclaw/commit/7fc4bbc0bcbabc2aa99b1fd51e77099f2b26f4e1)
    • ·Trusted OpenClaw package sources now reject lookalike sibling paths, so trusting `/artifactory/openclaw` no longer also admits paths such as `/artifactory/openclaw-malicious`. [12c34fc](https://github.com/openclaw/openclaw/commit/12c34fc3a95121f5a15f01c3f971a1bc5b0fe6f9)

    Clients and Interfaces

    • ·When a WebChat message fails before the agent starts, WebChat and Control UI now show the session as failed instead of leaving it looking like it is still running. [#84352](https://github.com/openclaw/openclaw/pull/84352)
    • ·Fixes the Control UI session picker getting stuck behind hidden subagent sessions, so Load More reaches the next usable chat without showing a misleading total. [#89323](https://github.com/openclaw/openclaw/pull/89323) Related [#89249](https://github.com/openclaw/openclaw/issues/89249).
    • ·When users reopen a Control UI conversation from History, their prompts now appear with the assistant's replies, preserving the question-and-answer context without blank gaps in long transcripts. [#93841](https://github.com/openclaw/openclaw/pull/93841) Related [#90241](https://github.com/openclaw/openclaw/issues/90241).
    • ·Control UI deployments behind a path prefix now keep manifest, favicon, and service-worker requests under that prefix, avoiding confusing root-level 403 errors after login. [#94204](https://github.com/openclaw/openclaw/pull/94204) Related [#94157](https://github.com/openclaw/openclaw/issues/94157).
    • ·Android users can now open Health log and Skill rows in Settings for readable details, making it easier to troubleshoot gateway activity, check skill setup and status, and understand how to pair with an existing setup code. [#95148](https://github.com/openclaw/openclaw/pull/95148)
    • ·Sent prompts no longer reappear in the Control UI composer after a send, so users can switch sessions or start their next message without risking a duplicate send or overwriting a new draft, while intentional re-entry still works. [#95503](https://github.com/openclaw/openclaw/pull/95503) Related [#89466](https://github.com/openclaw/openclaw/issues/89466).
    • ·Android users now get a cleaner Overview where connection status, the configured agent, node health, approvals, recent sessions, and Chat and Talk actions are visible at a glance. [#95557](https://github.com/openclaw/openclaw/pull/95557)
    • ·Android users can now refresh and resolve gateway command approvals from the in-app Approvals screen, choosing Allow Once, Always, or Deny while connected. [#95593](https://github.com/openclaw/openclaw/pull/95593)
    • ·iOS users now avoid surprise notification prompts and get clear guidance when approval alerts are unavailable, with permission managed from one predictable Settings screen. [#95640](https://github.com/openclaw/openclaw/pull/95640)
    • ·Local TUI shutdowns now stay within safe timer limits even when `OPENCLAW_TUI_LOCAL_RUN_SHUTDOWN_GRACE_MS` is set extremely high. [c21dcfc](https://github.com/openclaw/openclaw/commit/c21dcfc7c272201484514bbc096bd51ab112bd47)
    • ·Canvas A2UI now serves only the current app assets after each build, so outdated compatibility images and leftover files are less likely to appear. [a89e65c](https://github.com/openclaw/openclaw/commit/a89e65c167f3280b047baff931f52e393875c892)
    • ·iOS push relay setup failures are easier to pinpoint because registration diagnostics show where setup stopped while keeping sensitive push credentials out of logs. [f2b8668](https://github.com/openclaw/openclaw/commit/f2b8668a549b50339a96e47020a12615734640a9)
    • ·iOS devices are now enrolled for push notifications only after users accept the hosted relay disclosure and allow notifications, preventing registration data from being published before consent. [8efed50](https://github.com/openclaw/openclaw/commit/8efed50c4ed33105cfed9f2f96532fc9fe2d7e6d)
    • ·Fixes chat, voice, TUI, and forwarded sends sometimes appearing stuck or disappearing after the gateway had already finished or rejected them, so affected clients now clear the pending state, restore retryable input, refresh history, or show a useful failure. [#91049](https://github.com/openclaw/openclaw/pull/91049) Related [#91048](https://github.com/openclaw/openclaw/issues/91048).
    • ·Restores the OpenAI/Codex usage quota in the expanded Control UI chat sidebar, so users can check their limits without leaving the conversation. [#94219](https://github.com/openclaw/openclaw/pull/94219) Related [#93041](https://github.com/openclaw/openclaw/issues/93041).
    • ·iOS screens now use consistent OpenClaw accent and status colors across onboarding, settings, chat, approval prompts, voice permissions, widgets, and shared chat views. [#94627](https://github.com/openclaw/openclaw/pull/94627)
    • ·The Control UI can now create Early Morning jobs with the Silent preset in the main session and without notifications, instead of leaving the dialog open with no visible result. [#95459](https://github.com/openclaw/openclaw/pull/95459) Related [#95073](https://github.com/openclaw/openclaw/issues/95073).
    • ·At the million-token boundary, Control UI badges and usage readouts now show "1M" instead of the confusing "1000k", while the underlying token counts remain unchanged. [#95485](https://github.com/openclaw/openclaw/pull/95485)
    • ·The Control UI Overview now counts and flags only enabled cron jobs that still need attention, while disabled jobs retain their past failure details without appearing as current problems. [#95723](https://github.com/openclaw/openclaw/pull/95723) Related [#95716](https://github.com/openclaw/openclaw/issues/95716).
    • ·Control UI users now see shorter System, Light, and Dark theme tooltips, while screen readers announce less repetitive labels without losing the surrounding Color mode context. [#95837](https://github.com/openclaw/openclaw/pull/95837)
    • ·Raw configuration no longer appears missing in Settings after switching from the form view, because the JSON is brought back into view instead of retaining the previous scroll position. [#96145](https://github.com/openclaw/openclaw/pull/96145) Related [#94202](https://github.com/openclaw/openclaw/issues/94202).
    • ·New iOS users now reach OpenClaw's welcome and onboarding before iOS asks for local-network access, while existing users still get the request when opening gateway setup or otherwise needing LAN gateway discovery. [#96181](https://github.com/openclaw/openclaw/pull/96181)

    Plugins and Packaging

    • ·People installing or updating the official Yuanbao channel plugin through OpenClaw's trusted catalog now get version 2.15.0, with the expected integrity check and missing-plugin guidance aligned to that release. [#94470](https://github.com/openclaw/openclaw/pull/94470)
    • ·First-run onboarding can now install the bundled `gog` skill through Homebrew without failing on the removed third-party tap formula. [#95019](https://github.com/openclaw/openclaw/pull/95019) Related [#95017](https://github.com/openclaw/openclaw/issues/95017).
    • ·Canvas, Discord, Slack, Voice Call, and WhatsApp users keep the same skill guidance with each installed or bundled plugin, while references to the former root `skills/...` paths need to move into the relevant plugin directory. [#95664](https://github.com/openclaw/openclaw/pull/95664)
    • ·ClawHub skill verification now accepts the same `@owner/<slug>` reference used for installs and updates, so users can check the intended publisher without switching to an ambiguous bare slug. [#95992](https://github.com/openclaw/openclaw/pull/95992)
    • ·OpenClaw's install-time package-manager warning now identifies npm, Yarn, Yarn Berry, and Corepack-style launchers correctly, avoiding misleading guidance when those tools run through alternate executable names. [11a2e03](https://github.com/openclaw/openclaw/commit/11a2e03bd4deda748336553710cb6426d448d952)
    • ·Package URL installs now handle oversized download timeouts without failing before available package data can be resolved. [c310f8c](https://github.com/openclaw/openclaw/commit/c310f8cfa4524453c7082bb5aab642c9decc6e99)
    • ·Plugin and CLI developers now see a clearer supported command-formatting API, while device pairing, node registration, and doctor guidance keep producing the same shell-safe commands. [23b4f33](https://github.com/openclaw/openclaw/commit/23b4f33195933ff4def4609d970f073293760683)
    • ·Windows ARM64 users now get matching ARM64 Node and MinGit downloads when running the PowerShell installer through an x64-emulated shell. [fac091b](https://github.com/openclaw/openclaw/commit/fac091b39de230d9ed90e8412123126cf676004f)
    • ·Default OpenClaw installs no longer spend time building optional llama.cpp support, avoiding native-build failures for users who did not enable it. [cc1b3a8](https://github.com/openclaw/openclaw/commit/cc1b3a8550dd9c29f581799934d140aaf5a84f1c)

    Docs and Admin Tools

    • ·OpenClaw's zsh tab-completion menu now displays option descriptions containing `$` variables or backtick-wrapped examples literally instead of evaluating them as shell input and corrupting the menu. [#64490](https://github.com/openclaw/openclaw/pull/64490)
    • ·After upgrading from older sandbox storage, operators now get a clear `openclaw doctor` warning about leftover registry files and can use `openclaw doctor --fix` to migrate or clean them up. [#84326](https://github.com/openclaw/openclaw/pull/84326)
    • ·Operators can now use `doctor --lint` to spot stale legacy Gateway services and preview cleanup, while intentional extra services remain informational and do not fail the default check. [#84340](https://github.com/openclaw/openclaw/pull/84340)
    • ·macOS gateway operators now get a warning before reinstall, repair, or restart overwrites custom LaunchAgent wrapper behavior, while `openclaw status` distinguishes CLI-only missing-secret checks from the installed service. [#90537](https://github.com/openclaw/openclaw/pull/90537) Related [#90518](https://github.com/openclaw/openclaw/issues/90518).
    • ·Long, multiline, or code-heavy prompts can now be sent to `openclaw agent` with `--message-file`, avoiding fragile shell quoting and reporting invalid files before dispatch. [#93351](https://github.com/openclaw/openclaw/pull/93351)
    • ·Fixes scheduled `doctor --fix --non-interactive` repairs restarting an already-running gateway after a temporary health-check failure, so unattended maintenance no longer interrupts the live service. [#94148](https://github.com/openclaw/openclaw/pull/94148) Related [#78217](https://github.com/openclaw/openclaw/issues/78217).
    • ·`openclaw configure` and bare `openclaw config` now stop with clear subcommand guidance when run from scripts or pipes, instead of opening a partial interactive wizard and exiting unclearly. [#94238](https://github.com/openclaw/openclaw/pull/94238) Related [#93953](https://github.com/openclaw/openclaw/issues/93953).
    • ·Multi-agent operators can now use `openclaw gateway usage-cost` to view costs for one configured agent or all agents while the existing default-agent command remains unchanged. [#94483](https://github.com/openclaw/openclaw/pull/94483)
    • ·Archived Workboard cards no longer clutter the default `openclaw workboard list` output, while `--include-archived` and JSON output still provide access when needed. [#94562](https://github.com/openclaw/openclaw/pull/94562) Related [#94555](https://github.com/openclaw/openclaw/issues/94555).
    • ·OpenClaw Doctor now gives accurate guidance for working isolated shell-prompt cron jobs instead of repeatedly suggesting a `--fix` command that cannot clear the warning. [#94784](https://github.com/openclaw/openclaw/pull/94784) Related [#94655](https://github.com/openclaw/openclaw/issues/94655).
    • ·Fixes `openclaw doctor` showing a fix-required warning for healthy local GGUF memory setups after an intentionally skipped readiness check, while preserving the warning when the configured local model is actually missing. [#95393](https://github.com/openclaw/openclaw/pull/95393) Related [#92582](https://github.com/openclaw/openclaw/issues/92582).
    • ·On Windows, installer-created gateway tasks now run in the background without a console window that users could accidentally close and stop the gateway. [#95480](https://github.com/openclaw/openclaw/pull/95480) Related [#89231](https://github.com/openclaw/openclaw/issues/89231).
    • ·Agent channel bindings now reject malformed account specs such as `matrix:work:extra` with a clear error instead of silently routing the agent to a different account. [#95572](https://github.com/openclaw/openclaw/pull/95572)
    • ·ClawHub skill updates now honor your configured install safety policy, and `openclaw skills update --all` updates only tracked ClawHub skills instead of unexpectedly installing other configured skills. [#95684](https://github.com/openclaw/openclaw/pull/95684)
    • ·Windows restart and gateway startup workflows are more reliable because OpenClaw now hands commands to the trusted system `cmd.exe` path instead of depending on process lookup. [7dd01d1](https://github.com/openclaw/openclaw/commit/7dd01d15c56da2ee50f55746ba725d708682fca9)
    • ·Windows gateway cleanup and listener checks are more reliable when PATH lookup is incomplete, so operators can identify the gateway process and free an occupied port without installed system tools being missed. [e9b694e](https://github.com/openclaw/openclaw/commit/e9b694ef9cd8b7528a76d85b8be2a830b296a5e1)
    • ·On Windows, OpenClaw startup and TUI Codex handoff now find `bun`, `codex`, and other runtime binaries through the trusted system locator even when another `where` command appears earlier on PATH. [72b9bc7](https://github.com/openclaw/openclaw/commit/72b9bc730370e3b1155fb231621c2bc7b2c87b56)
    • ·Windows port diagnostics now use the intended system tools even when PATH entries are missing or shadowed, so gateway and service port conflicts are less likely to be obscured by command-resolution failures. [c4facb2](https://github.com/openclaw/openclaw/commit/c4facb2bb372e99037f497e2640ca7bdc5cbc5f6)
    • ·Windows daemon recovery is less likely to miss process detection or cleanup when PATH is incomplete, unusual, or shadowed because scheduled-task fallback now finds PowerShell and taskkill in trusted system locations. [2a140e6](https://github.com/openclaw/openclaw/commit/2a140e6e6ae8c48edb5bd52d8d177915f0555d70)
    • ·OpenClaw now keeps config recovery markers, last-known-good snapshots, and suspicious-read history in its shared state through migration, without leaving a separate config-health log file behind. [6daabd2](https://github.com/openclaw/openclaw/commit/6daabd23f821c66154739de4b0f103e33343333c)
    • ·On Windows, Crabbox commands launched through Node package shims now receive provider flags, shell commands, and special shell characters as entered instead of losing or reinterpreting them. [54d24cd](https://github.com/openclaw/openclaw/commit/54d24cd956ff91f4fa8c4924f17c06798c1e0359)
    • ·Windows-targeted Crabbox workflows are less likely to fail or fall back to slower shell handling when launching Node tools through `.cmd` and `.bat` shims. [d48dcc6](https://github.com/openclaw/openclaw/commit/d48dcc664bc6e1106a61942a951745886f22d582)
    • ·Windows users can run `crabbox`, `git`, and other Node-backed tools through npm-installed command shims without Crabbox stopping before the tool opens. [77f4e45](https://github.com/openclaw/openclaw/commit/77f4e45c3518751b5f586eac193c4aee904f02d9)
    • ·`openclaw doctor` now checks profiles that omit tool policy settings without treating the valid omission as an error. [03ba09b](https://github.com/openclaw/openclaw/commit/03ba09bfa8676832d55bdc7724e79d9980fdd2d7)
    • ·`openclaw doctor` no longer shows misleading tool-section warnings when it cannot evaluate a custom preview profile. [420a0e6](https://github.com/openclaw/openclaw/commit/420a0e6fce4b2c5339e535e6b307f50df1c00bb2)
    • ·`openclaw doctor` now limits preview warnings to tool profiles it can evaluate, avoiding misleading configured-grant warnings for unknown profiles. [541f7ff](https://github.com/openclaw/openclaw/commit/541f7ffc6558c0e59a8afca066a9f00884d39b65)
    • ·Windows users can install OpenClaw from source without dependency setup being blocked by the installer forcing npm or pnpm scripts through `cmd.exe`. [1252378](https://github.com/openclaw/openclaw/commit/1252378018f899bfc110914bac7cba94b65b8930)
    • ·Isolated cron jobs using `deleteAfterRun` now remove their temporary session and transcript after finishing, including runs with delivery disabled, reducing stale files, accumulated context, and manual cleanup. [#84794](https://github.com/openclaw/openclaw/pull/84794) Related [#84707](https://github.com/openclaw/openclaw/issues/84707).
    • ·Individual scheduled jobs can now use their own fallback models, run with fallbacks disabled, or return to normal fallback inheritance through the CLI instead of requiring operators to edit lower-level payload data. [#93369](https://github.com/openclaw/openclaw/pull/93369) Related [#90302](https://github.com/openclaw/openclaw/issues/90302).
    • ·Cron history now reliably finds entries whose job IDs include extra surrounding spaces, and rejects nested or blank IDs before they can create log records that cannot be read back safely. [#93567](https://github.com/openclaw/openclaw/pull/93567)
    • ·Adding or removing a cron job no longer causes another recurring job that is already due to lose its pending run. [#94323](https://github.com/openclaw/openclaw/pull/94323)
    • ·Word, PowerPoint, and Excel document reads and writes now use the intended `.docx`, `.pptx`, or `.xlsx` path instead of failing against a made-up extension. [#95805](https://github.com/openclaw/openclaw/pull/95805) Related [#93326](https://github.com/openclaw/openclaw/issues/93326).
    • ·Browser automation users keep the same reference-rich snapshots, including useful branches in compact results, with less avoidable processing during snapshot generation. [#96072](https://github.com/openclaw/openclaw/pull/96072)
    • ·Fixes timed-out commands and interrupted core updates on Windows sometimes leaving child processes running, so OpenClaw can stop the full process tree more reliably after cancellations, timeouts, or update cleanup. [a192b2e](https://github.com/openclaw/openclaw/commit/a192b2ea52b3166a7d190bf5f60f3feb030306bb)
    • ·Windows users are less likely to see agent-managed tool installs fail while unpacking ZIP downloads such as ripgrep, because OpenClaw now uses the built-in Windows extraction programs instead of relying on PATH lookup. [a5fde91](https://github.com/openclaw/openclaw/commit/a5fde9119c9c50685a392bff078a2f76a03d749d)
    • ·Windows setup and runtime checks now find required tools more reliably by using the trusted System32 resolver instead of depending on an unexpected PATH entry. [d3b4444](https://github.com/openclaw/openclaw/commit/d3b44442f6c8bedd765dc20a06316d3420b5d854)
    • ·SDK runs created with `timeoutMs: 0` now keep the requested zero timeout without an unwanted client-side watchdog. [2bdcc83](https://github.com/openclaw/openclaw/commit/2bdcc8314d3fce9ee2d0300759cd6a1d9bb45a7d)
    • ·Stalled OpenClaw commands now stop reliably even when callers supply extremely large execution or idle-output timeouts. [1425bb3](https://github.com/openclaw/openclaw/commit/1425bb3a03189813787194c23b8a38518166005a)
    • ·Commands given extremely large timeout settings now use a safe maximum instead of failing because the runtime cannot schedule the requested wait. [66b94ba](https://github.com/openclaw/openclaw/commit/66b94ba577b8836a4afa7cb59cd1a749bf2a8d68)
    • ·Provider-specific tool allow/deny settings now align more consistently with OpenClaw's doctor warnings, including configurations with provider aliases, model-specific keys, OpenRouter-style model IDs, or malformed policy entries. [8f2882f](https://github.com/openclaw/openclaw/commit/8f2882f94affbe5e89994ae175fdaf7304d7b392)
    • ·Larger OpenClaw configurations can initialize and generate UI hints more efficiently, while sensitive fields continue to be marked the same way. [#55018](https://github.com/openclaw/openclaw/pull/55018)
    • ·Config changes that still need a manual gateway restart now show a clear restart-required notice with the original note preserved, instead of looking finished with a misleading `config-patch ok` message. [#83041](https://github.com/openclaw/openclaw/pull/83041) Related [#46797](https://github.com/openclaw/openclaw/issues/46797).
    • ·Help for `doctor`, `gateway`, `models`, `plugins`, `sessions`, and `tasks` now appears in tens of milliseconds, while commands such as `sessions --help` and `tasks --help` previously took about 1.6 to 1.8 seconds to begin responding. [#89628](https://github.com/openclaw/openclaw/pull/89628)
    • ·OpenTelemetry trace backends such as Langfuse now show the actual provider/model name instead of "unknown" for slash-qualified model IDs. [#89981](https://github.com/openclaw/openclaw/pull/89981)
    • ·Malformed or older device-pairing records no longer stop `openclaw devices list` from showing pending approval requests, while valid roles still appear normally. [#93504](https://github.com/openclaw/openclaw/pull/93504)
    • ·OpenClaw now rejects SSH targets with stray leading or trailing colons before they can produce invalid SSH configuration or tunnel startup failures for SSH-backed sandboxes and gateways. [#93887](https://github.com/openclaw/openclaw/pull/93887)
    • ·Users whose non-interactive setup fails its local gateway health check now get runnable `openclaw onboard --install-daemon` or `openclaw onboard --skip-health` recovery commands instead of unsupported `setup` flags. [#93994](https://github.com/openclaw/openclaw/pull/93994) Related [#93947](https://github.com/openclaw/openclaw/issues/93947).
    • ·Gateway health and probe checks now accept the same custom `--port` used to start a local gateway, reject invalid ports early, and show the selected loopback target in JSON output. [#94687](https://github.com/openclaw/openclaw/pull/94687) Related [#79100](https://github.com/openclaw/openclaw/issues/79100).
    • ·`gateway --force` now detects IPv4-only processes occupying the gateway port and still attempts cleanup when a port check is inconclusive, instead of mistakenly treating the port as free. [#94949](https://github.com/openclaw/openclaw/pull/94949) Related [#94426](https://github.com/openclaw/openclaw/issues/94426).
    • ·`openclaw config validate` now accepts command-based MCP server setups that explicitly use `transport: "stdio"`, avoiding false validation errors while still rejecting invalid remote-style stdio configurations. [#95102](https://github.com/openclaw/openclaw/pull/95102) Related [#95082](https://github.com/openclaw/openclaw/issues/95082).
    • ·CLI image edits can now return multiple variants in one command with `--count <n>`, instead of being limited to the provider's default single result. [#95300](https://github.com/openclaw/openclaw/pull/95300)
    • ·`openclaw sessions export-trajectory` now finds sessions that other session commands can already see when custom, `~`-based, or `{agentId}`-templated stores are configured, without requiring the store path again. [#95570](https://github.com/openclaw/openclaw/pull/95570) Related [#95568](https://github.com/openclaw/openclaw/issues/95568).
    • ·Fixes `infer inspect --name <id> --json` showing flags that the matching CLI commands did not accept, so developers and operators can reliably discover supported model, auth, and transcription options. [#95719](https://github.com/openclaw/openclaw/pull/95719)
    • ·People inspecting very large or out-of-order sessions can open usage details and still get the latest timestamped log entries without OpenClaw retaining the entire parsed log history in memory. [#96019](https://github.com/openclaw/openclaw/pull/96019)
    • ·Operators can now set up the auth monitor, systemd timer, and Termux widgets for their own OpenClaw host without first replacing maintainer-specific hostnames and filesystem paths. [af3e509](https://github.com/openclaw/openclaw/commit/af3e509ab823dac5f91b16915ee7067b369656a3)
    • ·Native Windows crabbox hydration now selects the required Windows daemon job automatically, avoiding failed or misrouted runs while leaving WSL2 and explicit job overrides unchanged. [d5d9a82](https://github.com/openclaw/openclaw/commit/d5d9a8256d6bc2ff8d699152923357bd61c606c1)
    • ·People setting a local agent avatar can avoid missing images by keeping workspace-relative files under 2 MB, while HTTP(S) and data URI avatars are not subject to that limit. [#78884](https://github.com/openclaw/openclaw/pull/78884) Related [#65312](https://github.com/openclaw/openclaw/issues/65312).
    • ·OpenClaw's default agent instructions now ask agents to check for suitable free or open-source solutions before proposing a custom build, while still allowing custom work when it is the better fit. [#86608](https://github.com/openclaw/openclaw/pull/86608)
    • ·Plugin authors can now use the documented `targetSessionKey` on `subagent_ended` events to match them with the corresponding spawn, instead of relying on `agentId` or `childSessionKey` fields that are not emitted. [#95191](https://github.com/openclaw/openclaw/pull/95191) Related [#95186](https://github.com/openclaw/openclaw/issues/95186).
    • ·ClawHub skill links in OpenClaw docs and showcase cards now open the canonical owner-qualified pages, and install examples use copy-ready `openclaw skills install @owner/<slug>` references instead of older bare-slug routes. [#95972](https://github.com/openclaw/openclaw/pull/95972)
    • ·SDK applications now receive `tool.call.failed` when terminal tools fail or are blocked, instead of a misleading completion event, so existing failure handling can react correctly. [#95383](https://github.com/openclaw/openclaw/pull/95383)
    • ·Fixes cron add and update requests being rejected when recognized job fields arrive with harmless trailing spaces, so schedules can be saved without relaxing checks for ambiguous or unsafe input. [#95674](https://github.com/openclaw/openclaw/pull/95674) Related [#95407](https://github.com/openclaw/openclaw/issues/95407).
    • ·Codex subagent monitoring handles large sets of child agents and transcript files with less unnecessary scanning, while older transcript filename formats continue to resolve as before. [#96085](https://github.com/openclaw/openclaw/pull/96085)
    • ·Fixes native Windows crabbox hydration getting stuck or missing handoffs when the runner and daemon use different home directories, so both can find the same job state and stop files. [f354889](https://github.com/openclaw/openclaw/commit/f354889efa1c8bafca9304767afba2c270add549)

    Additional contributions

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.11
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.11.tgz
      • ·integrity: `sha512-T+P/g19IheeT1ckXMoPN61dYuE8vBF4MderI+kWkvpuFYxPkJxn8AXLpu9IXCnN9g36Acpm9+mMD/V+lsvOkyA==`
      • ·release SHA: `e085fa1a3ffd32d0ea6917e1e6fb4ecbffbb77d2`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.11/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/28456822852
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/28417979026
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/28415183795
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/28457240090
      • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/28457242470
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/28458034111
      • ·npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/28419920660
      • ·Windows Hub promotion: https://github.com/openclaw/openclaw/actions/runs/28458452299 from openclaw/openclaw-windows-node@v0.6.11
      v2026.6.11-beta.2pre-release2026-06-28

      openclaw 2026.6.11-beta.2

      GitHub ↗

      Highlights

      • ·**More capable channel control:** Slack relay mode, native Mattermost `/oc_queue`, and per-DM model overrides make channel operations easier to automate and tune. (#94707, #95546, #95120)
      • ·**Richer operator workflows:** `openclaw agent --message-file` and the RAFT CLI wake bridge add practical file-driven and remote wake-up paths. (#93351, #95497)
      • ·**Safer plugin distribution:** additional official plugins are externalized cleanly, with bundled plugin icon metadata available to installed clients. (#95683, #95845)
      • ·**Stronger mobile operations:** Android settings detail panels improve configuration visibility and control on mobile. (#95148)
      • ·**More reliable agent turns:** Codex partial deltas, harness activation, and long-context prompt-cache stability reduce lost progress and inconsistent runs. (#95404, #95652, #95624)

      Changes

      • ·**Gateway and plugin tooling:** channel identity hook context and per-agent usage-cost reporting give integrations and operators more precise routing and accounting. (#91903, #94483)
      • ·**Provider and model coverage:** catalog parsing, reasoning controls, provider model resolution, and encrypted reasoning support now handle more live provider variants. (#95283, #95710, #95268, #95744, #95686, #93956)

      Fixes

      • ·**Channel delivery:** Telegram progress rendering, webhook lifecycle, reaction directives, duplicate mirror writes, queued update draining, and WhatsApp durable reply targets are now more reliable. (#95532, #93002, #95183, #94506, #94977, #95069, #95577, #95007, #95914)
      • ·**WhatsApp and message identity:** native quotes, Baileys group reliability, and approval reactions across JID drift now preserve the intended conversation context. (#95483, #94338, #95935)
      • ·**Gateway and session safety:** stuck release claims, draining-state reporting, remote probe timeouts, malformed paired access lists, and non-delivery session identity are handled without silent routing loss. (#95299, #94915, #89859, #92178, #95467)
      • ·**Agent and fallback behavior:** aborted runs stop cleanly, provider response bodies stay bounded, Claude CLI credit failures continue through fallback, and Codex usage-limit responses classify correctly. (#94412, #95218, #95508, #95420, #95418, #95417, #95400)
      • ·**Provider and model edge cases:** OpenRouter IDs, Ollama discovery and embeddings, Gemini freshness, and model-catalog prefixes now resolve against the right runtime metadata. (#95268, #94811, #93956, #95682, #95744)
      • ·**Configuration and UI guardrails:** non-interactive configure fails closed, TLS paths reject empty values, memory artifacts are sanitized, and the UI uses the patched DOMPurify release. (#94238, #94054, #95791, #95691)
      • ·**Cron and delivery validation:** no-config delivery checks, thread-aware dedupe, and pending recurring runs retain their intended destinations. (#95754, #95794, #94323)

      Complete contribution record

      • ·**PR #95406** test(qa): make release scorecard categories explicit.
      • ·**PR #94700** test: fold HTTP API script proof into QA Lab.
      • ·**PR #95499** fix(test): unit-fast flow mocks.
      • ·**PR #95308** fix(ci): filter ClawSweeper comment dispatches before token minting.
      • ·**PR #95532** fix(telegram): materialize rich message line breaks as <br>. Related #95409.
      • ·**PR #91786** fix(plugins): reconcile managed npm root overrides with managed peer pins. Related #91772.
      • ·**PR #93002** Fix Telegram progress draft cleanup before tool output. Related #90753.
      • ·**PR #95175** fix: route mobile exec approvals to reviewer device.
      • ·**PR #94506** fix(telegram): stop clearing registered webhook on channel restart. Related #90254.
      • ·**PR #95183** fix(telegram): materialize streaming progress placeholders. Related #95004.
      • ·**PR #95483** fix(whatsapp): preserve native quote replies.
      • ·**PR #94338** fix(whatsapp): wire missing Baileys retry/cache hooks for group message reliability. Related #7433.
      • ·**PR #94707** feat(slack): add relay mode for incoming messages.
      • ·**PR #94977** fix(telegram): honor outbound reaction directives. Related #71140.
      • ·**PR #95069** fix(telegram): skip mirror write when primary reply already exists (#94930).
      • ·**PR #95550** Preserve inherited channel account policies during migration.
      • ·**PR #95390** fix #95378: https://github.com/openclaw/openclaw/issues/95378.
      • ·**PR #93143** fix(imessage): keep split-send coalescing opt-in.
      • ·**PR #95008** fix(claude-cli): also disable native background Bash and Monitor in --print runs.
      • ·**PR #94545** fix: keep trusted policies with hook registry.
      • ·**PR #95007** fix(telegram): render progress draft rows as plain readable text. Related #95002.
      • ·**PR #95624** fix(agents): keep long-context tool-result prompts cache-stable.
      • ·**PR #95625** fix(ci): smooth PR runner-registration bursts.
      • ·**PR #95572** fix(agents): reject bind specs with extra colon segments.
      • ·**PR #95653** test(agents): add large prompt cache coverage.
      • ·**PR #95640** Consolidate iOS notification permission UX.
      • ·**PR #95546** feat(mattermost): register /oc_queue as a native slash command.
      • ·**PR #95019** fix(skills): point gog brew install at homebrew-core gogcli (#95017).
      • ·**PR #93378** test(telegram): keep live polling leases protected. Related #93375.
      • ·**PR #95084** fix(googlechat): sanitize internal tool-trace lines from outbound text (#90684).
      • ·**PR #95278** Avoid copying process.env in ingress queue state DB opens. Related #94571.
      • ·**PR #95577** fix #86957: drain worker-spooled Telegram updates immediately.
      • ·**PR #95128** fix(compaction): count user-message image blocks in cut-point estimator.
      • ·**PR #93887** fix(ssh): reject hostnames with stray leading or trailing colons in parseSshTarget.
      • ·**PR #95191** docs(plugins): document subagent_ended hook fields. Related #95186.
      • ·**PR #95102** fix(config): add stdio to McpServerSchema transport union. Related #95082.
      • ·**PR #95465** fix(sdk): type-narrow manifest.files in pack staging root helper.
      • ·**PR #95664** refactor(plugins): move owner skills into plugins.
      • ·**PR #95299** fix #95248: OpenClaw release_lane is a no-op when claim is held by a live worker; stuck Telegram inbound events block agent response until gateway restart.
      • ·**PR #94687** fix(gateway): accept port for health and probe. Related #79100.
      • ·**PR #95649** fix(ci): bundle test shards and right-size runners.
      • ·**PR #95243** fix(docs): show inline read_when hints in docs:list.
      • ·**PR #95283** fix(openai-completions): seal native reasoning before the answer under /reasoning on. Related #95280.
      • ·**PR #95497** feat(raft): add CLI wake bridge channel.
      • ·**PR #95459** fix(cron): use main-session systemEvent for silent quick-create preset. Related #95073.
      • ·**PR #95503** fix #89466: [Bug]: Control UI chat input text not cleared after sending.
      • ·**PR #95684** fix(skills): harden ClawHub update policy.
      • ·**PR #95683** feat(plugins): externalize additional official plugins.
      • ·**PR #95681** fix(ci): debounce canonical main runner admission.
      • ·**PR #95652** fix(agents): activate selected harness plugins.
      • ·**PR #95404** fix(codex): stream non-final-answer assistant deltas as partials. Related #95422.
      • ·**PR #58993** fix(googlechat): support spaceType field for DM vs Space detection.
      • ·**PR #94148** fix(doctor): prevent non-interactive --fix from auto-restarting gateway. Related #78217.
      • ·**PR #89859** fix(gateway): honor remote status probe timeout. Related #65355.
      • ·**PR #95466** fix(ci): increase timeouts in flaky process-group signal test.
      • ·**PR #95720** fix(matrix): prevent double bootstrapCrossSigning reset in forced reset. Related #78396.
      • ·**PR #95707** fix(synology-chat): remove duplicate local deliver timeout.
      • ·**PR #95706** fix(whatsapp): remove dead watchdog timeout clamp.
      • ·**PR #95719** fix(cli): sync capability inspect metadata flags with registered options.
      • ·**PR #95721** fix(active-memory): exclude dreaming-narrative session keys from eligibility gate. Related #78500.
      • ·**PR #95602** test: save ~79 CI hours/mo in gateway session utils.
      • ·**PR #94412** fix(agent-core): stop loop after aborted tool run.
      • ·**PR #94915** fix(gateway): report draining state in readiness. Related #78136.
      • ·**PR #95691** fix(ui): bump dompurify to patched release.
      • ·**PR #95710** fix(vercel-ai-gateway): resolve dynamic model selections.
      • ·**PR #94072** fix(agents): count message-tool source reply as user-facing reply for tool error warnings. Related #93875.
      • ·**PR #94784** fix(doctor): stop promising --fix for working isolated shell-prompt cron jobs (#94655).
      • ·**PR #93504** fix(device-pairing): guard role normalization against non-string entries.
      • ·**PR #92178** fix(gateway): normalize malformed paired access lists. Related #90654.
      • ·**PR #83041** Fix config patch restart-required notices. Related #46797.
      • ·**PR #95754** fix(cron): preserve no-config delivery validation.
      • ·**PR #93351** feat(cli): add --message-file to openclaw agent.
      • ·**PR #95485** fix(ui): roll values near 1M over from k to M in compact token format.
      • ·**PR #94622** fix(build): allow tsdown heap override.
      • ·**PR #76668** meta(issue-template): add dedicated docs bug report form. Related #76664.
      • ·**PR #91193** fix(cli): document Commander rawArgs internal API dependency in action-reparse.ts. Related #83893.
      • ·**PR #77339** fix(auto-reply): clear runtime model cache on reset. Related #77322.
      • ·**PR #89628** Speed up precomputed command help startup.
      • ·**PR #95087** refactor: add memory and QMD session identity mapping.
      • ·**PR #89323** fix(web-ui): skip hidden subagent picker pages. Related #89249.
      • ·**PR #84794** Clean up isolated cron sessions after runs. Related #84707.
      • ·**PR #95794** fix(cron): compare thread IDs when deduping failure destinations.
      • ·**PR #95791** fix(session-memory): sanitize model artifacts before saving memory.
      • ·**PR #95805** fix(agents): normalize hallucinated Office file extensions. Related #93326.
      • ·**PR #89612** fix: include persisted plugin contracts for migrations. Related #89609.
      • ·**PR #89981** fix(diagnostics-otel): keep full model id on spans instead of collapsing to "unknown".
      • ·**PR #90489** fix(sessions): clarify cross-agent visibility guidance. Related #90443.
      • ·**PR #95383** fix(sdk): classify failed/blocked tool events as tool.call.failed.
      • ·**PR #95827** fix(plugin-sdk): bound live model catalog success body.
      • ·**PR #95792** fix(onboard): refresh provider plugin registry after setup installs. Related #95765.
      • ·**PR #93943** fix(provider-usage): honor proxy env for usage fetch. Related #78714.
      • ·**PR #89648** fix(agents): restore model-fetch info logs. Related #89300.
      • ·**PR #93841** fix(ui): render persisted history text blocks. Related #90241.
      • ·**PR #93502** docs: fix docs metadata spellcheck.
      • ·**PR #86608** docs: add existing-solutions preflight guardrail.
      • ·**PR #95322** fix(reply): preserve usage footer across rollover.
      • ·**PR #91559** fix(agents): clean Gemini tool schemas by model id. Related #91542.
      • ·**PR #94701** Fix embedded-run recovery after refreshed session activity.
      • ·**PR #95472** [AI] fix(main-session): skip current-gen abort controllers for completed sessions.
      • ·**PR #95401** fix(lmstudio): canonicalize variant model keys.
      • ·**PR #94323** fix(cron): stop add/remove from dropping a due recurring job's pending run.
      • ·**PR #94443** fix(memory-wiki): retry transient source-page rewrite race instead of aborting wiki_status. Related #92134.
      • ·**PR #95120** feat(channels): add directUserId support for per-DM model override. Related #53638.
      • ·**PR #91049** fix: handle terminal chat send acknowledgements. Related #91048.
      • ·**PR #95081** fix: keep text transform runtime imports hashed. Related #95057.
      • ·**PR #93356** fix(plugins): cache plugin setup registry to kill the /models CPU storm.
      • ·**PR #85341** refactor: internalize OpenClaw agent runtime.
      • ·**PR #94233** fix(model-fallback): coalesce auth decision logs. Related #56979.
      • ·**PR #92399** fix(llm): collapse cumulative openai-responses message snapshots instead of concatenating [AI-assisted]. Related #91959.
      • ·**PR #94811** fix(ollama): honor memory embedding output dimensionality.
      • ·**PR #84708** fix(agents): recover message-tool mirror replay poison.
      • ·**PR #95274** fix(memory): preserve Windows QMD command paths. Related #92302.
      • ·**PR #95686** fix(xai): request encrypted reasoning include for all reasoning models.
      • ·**PR #82909** fix(telegram): repair message cache reply types.
      • ·**PR #94942** fix(matrix): prune finished fake-indexeddb transactions to prevent OOM. Related #90455.
      • ·**PR #93994** fix(setup): point non-interactive health hints at onboard flags. Related #93947.
      • ·**PR #93956** fix(ollama): skip auto-discovery for remote/cloud base URLs.
      • ·**PR #93547** fix(acp): recover stale persistent sessions by structured resume-required code [AI-assisted]. Related #87830.
      • ·**PR #94204** fix(control-ui): rewrite manifest hrefs for configured base path. Related #94157.
      • ·**PR #95637** fix(qqbot): recognize GFM table separators with one or two dashes.
      • ·**PR #95467** fix(sessions): keep bound channel identity across non-delivery turns.
      • ·**PR #93919** perf(plugins): cache existence probes within bundle manifest scan [AI-assisted]. Related #76209.
      • ·**PR #94726** fix(google): add gemini-3.5-flash model catalog entry. Related #94723.
      • ·**PR #94238** fix(config): fail closed when configure runs without an interactive TTY (#93953).
      • ·**PR #89949** fix(media): pin requester delivery route when task starts. Related #86034.
      • ·**PR #94470** chore: sync yuanbao plugin catalog to 2.15.0.
      • ·**PR #93585** fix(daemon): keep systemd gateway running after child OOM.
      • ·**PR #94442** fix(imessage): strip leading echo corruption markers in the persisted echo cache.
      • ·**PR #93511** fix(imessage): normalize leading NUL echo-cache prefixes.
      • ·**PR #87121** test(cli): add banner emission reset helper. Related #83903.
      • ·**PR #89172** fix(feishu): show voice message duration via upload duration. Related #53798.
      • ·**PR #95118** fix: bound agents load their own inbound workspace context. Related #92903.
      • ·**PR #94752** fix(reply): clarify stale model override resets. Related #94713.
      • ·**PR #89716** fix(providers): strip cache-boundary marker from non-Anthropic prompts.
      • ·**PR #95268** fix(openrouter): expand short canonical model IDs to upstream API slugs (fixes #95198).
      • ·**PR #90475** fix(telegram): keep bot reply answers anchored to current message.
      • ·**PR #94219** fix(control-ui): restore provider usage quota pill in sidebar session switcher (fixes #93041).
      • ·**PR #93369** fix(cron): expose per-job fallbacks in CLI. Related #90302.
      • ·**PR #87912** Handle Codex toolResult blocks in tool-result truncation.
      • ·**PR #95744** fix(model-catalog): strip manifest model-id prefixes by the matched length. Related #95743.
      • ·**PR #95300** fix(cli): expose --count on infer image edit, matching image generate.
      • ·**PR #94156** fix: expose OpenAI image quality and moderation CLI options.
      • ·**PR #94062** fix(agents): classify generic "LLM request failed." as transient time…. Related #93931.
      • ·**PR #93965** fix(opencode-go): streaming completes when provider ends responses. Related #93610.
      • ·**PR #89017** fix(webchat): sessions persist after reconnects. Related #87700.
      • ·**PR #94627** fix(ios): centralize app accent colors.
      • ·**PR #94054** fix(gateway.tls): reject empty/whitespace certPath and keyPath.
      • ·**PR #95674** fix(cron): trim trailing whitespace from recognized job object keys. Related #95407.
      • ·**PR #95857** Fix SQLite user version guardrail allowlist.
      • ·**PR #95858** feat(qa): expose active memory toggles to scenarios.
      • ·**PR #84326** Doctor: expose sandbox registry findings.
      • ·**PR #73079** fix(minimax): request hex TTS output explicitly.
      • ·**PR #94483** feat(gateway-cli): scope usage-cost by agent.
      • ·**PR #91502** feat(qa): crabline channel driver.
      • ·**PR #95872** Move TUI PTY tests into CI node shard.
      • ·**PR #89800** fix(agents): resolve webchat current session status. Related #89773.
      • ·**PR #95870** fix(ci): restore macOS and Windows QA gates.
      • ·**PR #94445** fix(agents): keep cron cloud idle watchdog enabled.
      • ·**PR #91506** fix(qa): reserve shared QA suite flags across runners.
      • ·**PR #95876** ci: add manual release QA profile evidence workflow.
      • ·**PR #95879** fix(ci): use workflow revision for proof checks.
      • ·**PR #93113** fix(memory-core): report active dreaming phases in status. Related #67868.
      • ·**PR #95837** Simplify color mode button labels.
      • ·**PR #95797** fix: /status is too verbose for pinned model sessions.
      • ·**PR #90223** test: make qqbot symlinked media helper test robust on Windows.
      • ·**PR #95557** improve: refresh Android overview control surface.
      • ·**PR #95593** fix: route Android exec approvals to in-app inbox.
      • ·**PR #95570** fix(cli): resolve trajectory export stores consistently. Related #95568.
      • ·**PR #95880** ci: generalize QA profile evidence workflow.
      • ·**PR #95218** fix(agents): bound provider JSON response reads.
      • ·**PR #95614** fix(memory-wiki): preserve human notes block on source re-ingest.
      • ·**PR #95148** feat(android): add settings detail panels.
      • ·**PR #95893** Add iOS push sandbox profiles and relay tooling.
      • ·**PR #95723** fix(control-ui): exclude disabled cron jobs from Overview failed count. Related #95716.
      • ·**PR #78715** Fix minor grammar issue in plugin documentation (capabilities plural).
      • ·**PR #95890** fix(ci): restore QA workflow gates.
      • ·**PR #95661** fix(discord): reserve closing-fence space on fence-closing lines.
      • ·**PR #94272** ci: add maturity scorecard renderer.
      • ·**PR #95901** ci: add maturity scorecard renderer.
      • ·**PR #95914** fix(whatsapp): preserve durable reply target.
      • ·**PR #95697** improve: reduce hot-path linear scans and redundant I/O.
      • ·**PR #95916** fix(memory): improve node:sqlite unavailable guidance.
      • ·**PR #78884** docs: document local avatar file size limit. Related #65312.
      • ·**PR #95909** fix(ci): use available Android SDK platform.
      • ·**PR #68389** plugins: clarify allowlist warning when entries don't match discovered ids. Related #68352.
      • ·**PR #95898** ci: simplify maturity scorecard QA evidence inputs.
      • ·**PR #95928** fix(ci): honor reusable QA evidence failure policy.
      • ·**PR #95508** fix #95489: [Bug]: claude-cli out-of-credits error bypasses model fallback chain — error text delivered as final response.
      • ·**PR #95420** fix(agents): bound OpenRouter model catalog response reads.
      • ·**PR #95103** fix(gateway): bound pricing catalog streams.
      • ·**PR #95108** fix(agents): bound Anthropic error streams.
      • ·**PR #95418** fix(agents): bound OpenRouter model-scan catalog success body.
      • ·**PR #95922** fix(ci): finalize testbox sessions after setup failures.
      • ·**PR #95417** fix(agents): bound Google prompt cache response reads.
      • ·**PR #95935** fix(whatsapp): resolve approval reactions across JID drift.
      • ·**PR #84340** Doctor: expose extra gateway service findings.
      • ·**PR #95946** fix(ci): finalize Windows Testbox after setup failures.
      • ·**PR #95947** feat(qa): add "all" taxonomy profile.
      • ·**PR #91903** feat(plugin-sdk): add extensible channel identity hook context.
      • ·**PR #95930** docs(copilot): refresh harness parity notes.
      • ·**PR #95952** fix(ci): require QA live evidence artifacts.
      • ·**PR #95666** Fix memory-wiki bridge self-import loop. Related #95657.
      • ·**PR #91724** fix(agents): infer runtime provider from qualified model ids.
      • ·**PR #95957** improve: speed up provider tool-call streaming.
      • ·**PR #95541** fix(cli): show working commands for pinned plugin drift.
      • ·**PR #95933** docs: update maturity scorecard.
      • ·**PR #78105** fix(plugins): make empty-allowlist actionable for new users. Related #68780.
      • ·**PR #95961** fix(ci): require live proof evidence artifacts.
      • ·**PR #95400** fix(model-fallback): classify Codex usage-limit payloads.
      • ·**PR #95944** perf(qa-lab): speed up unified QA suites.
      • ·**PR #95971** ci: fail QA profile evidence on QA failures.
      • ·**PR #95845** feat: add bundled plugin icon manifest URLs.
      • ·**PR #95975** fix(ci): require iOS Periphery evidence artifact.
      • ·**PR #95972** docs: update ClawHub skill route references.
      • ·**PR #90537** Warn on generated wrapper overwrites and status diagnostics. Related #90518.
      • ·**PR #93567** fix(cron): normalize run-log jobId on write to match read-side validation.
      • ·**PR #95967** perf(ci): widen main test fanout and move codeql off blacksmith.
      • ·**PR #95983** fix(ci): require OpenGrep SARIF artifacts.
      • ·**PR #64490** CLI: escape zsh completion descriptions.
      • ·**PR #95682** Fix Gemini day freshness time range handling.
      • ·**PR #93374** fix(agents): suggest recovery for unknown tool ids. Related #92273.
      • ·**PR #95991** fix(ci): require release QA evidence artifacts.
      • ·**PR #89886** fix(context-engine): forward abortSignal through delegation bridge to runtime compaction. Related #89868.
      • ·**PR #95999** fix(release): require postpublish evidence artifact.
      • ·**PR #96003** test(qa): harden all-profile QA evidence scenarios.
      • ·**PR #95860** fix(compaction): trim prefix when transcript ends in an oversized tool result. Related #78478.
      • ·**PR #95934** fix(xiaomi): correct mimo-v2.5 and mimo-v2.5-pro max output tokens to 128K.
      • ·**PR #95782** fix(sessions): honor configured store for outbound transcript mirrors. Related #95781.
      • ·**PR #96005** feat(copilot): wire harness parity helpers.
      • ·**PR #95886** fix: avoid false macOS update failures during gateway shutdown.
      • ·**PR #91906** perf: skip subagent live stream parsing.
      • ·**PR #87861** fix(model-usage): coerce numeric-string costs and ignore non-finite values. Related #37878.
      • ·**PR #96030** fix(qa-lab): avoid duplicate child evidence files.
      • ·**PR #94369** fix(memory-wiki): exclude durable reference pages from stale report.
      • ·**PR #94578** Fix recent session resume with long headers. Related #94577.
      • ·**PR #95919** ci: add Codex maturity scorecard agent.
      • ·**PR #92356** fix(heartbeat): skip reasoning payloads when selecting heartbeat reply. Related #92260.
      • ·**PR #94328** fix(agents): keep post-compaction user re-issue of a kept-tail prompt during compaction rotation.
      • ·**PR #95432** fix(reply): suppress per-message finals across multi-message block streaming.
      • ·**PR #95431** fix(auto-reply): keep drain/restart-abort reply paths silent.
      • ·**PR #96017** test(qa): gate maturity docs on passing evidence.
      • ·**PR #95552** feat(mattermost): persist participated threads for mention-free follow-ups.
      • ·**PR #95480** fix #89231: [Bug]: Windows installer-created scheduled task launches gateway.cmd with visible console — should use windowless launcher.
      • ·**PR #96049** fix(copilot): preserve compaction metadata.
      • ·**PR #96044** docs: rename top maturity tier to Clawesome.
      • ·**PR #92154** Gate private QQBot group commands.
      • ·**PR #95484** fix: assistant reply lost between compaction summary and first kept user in successor transcript. Related #76729.
      • ·**PR #95094** ci: add release QA profile evidence.
      • ·**PR #96057** docs: redesign maturity scorecard pages.
      • ·**PR #96014** perf(agents): index displaced tool results.
      • ·**PR #96019** perf(usage): bound session log retention.
      • ·**PR #96013** perf(anthropic): index active stream blocks.
      • ·**PR #96061** docs: place maturity pages under release reference.
      • ·**PR #95589** fix: npm plugin updates break running gateway imports.
      • ·**PR #96068** fix(acpx): consume acpx 0.11.1 model capability errors. Related #95869.
      • ·**PR #89912** refactor: add transcript update identity contract.
      • ·**PR #96055** fix(maint): use rebase PR landing.
      • ·**PR #96062** feat(copilot): mirror native plan and subagent events.
      • ·**PR #96032** fix(acpx): detect wrapper orphan on any PPID change, not just init reparenting.
      • ·**PR #96124** chore(acpx): bump bundled client to 0.11.2.
      • ·**PR #84352** Fix WebChat dispatch failure session status.
      • ·**PR #89518** refactor: migrate plugin transcript mirrors.
      • ·**PR #90439** refactor: add embedded run session target seam.
      • ·**PR #95699** perf(gateway): drop redundant per-access session-key case scan.
      • ·**PR #95992** fix(skills): accept owner-qualified verify refs.
      • ·**PR #95987** fix(plugins): remove Simple Icons color paths.
      • ·**PR #96162** refactor: use accessor-backed transcript corpus for memory.
      • ·**PR #96181** Defer iOS local network permission until onboarding.
      • ·**PR #95475** test(cli): isolate service env in run and update suites.
      • ·**PR #95226** fix(infra): bound ClawHub fetchJson and error response bodies.
      • ·**PR #95240** fix(matrix): bound non-raw JSON response body in transport.
      • ·**PR #91742** fix(memory): abort orphaned embedding work when memory_search times out. Related #91718.
      • ·**PR #93394** fix(memory): abort orphaned qmd search subprocess when memory_search times out.
      • ·**PR #89911** refactor: migrate bundled transcript target lookups.
      • ·**PR #96191** refactor: route plugin host hook state through accessor.
      • ·**PR #96179** fix: route gateway history through session accessor target.
      • ·**PR #96201** refactor: add abort target session accessor.
      • ·**PR #96193** fix(memory-core): migrate dreaming cleanup lifecycle.
      • ·**PR #96195** fix: bridge ACP metadata to session accessors.
      • ·**PR #96182** refactor: migrate agent session accessors.
      • ·**PR #96218** refactor: guard reply session initialization.
      • ·**PR #96213** refactor(gateway): add alias mutation accessor.
      • ·**PR #96204** refactor: migrate command session persistence to accessor.
      • ·**PR #96206** refactor: route live model fresh reads through session accessor.
      • ·**PR #96220** fix(whatsapp): quote current follow-up in durable replies.
      • ·**PR #96226** fix(macos): drop Textual from chat packaging.
      • ·**PR #96212** fix(codex): deliver generated images from remote app-server.
      • ·**PR #96235** fix(crabbox): require Xcode for macOS proof.
      • ·**PR #96145** fix: UI glitch: config is not visible. Related #94202.
      • ·**PR #96072** perf(browser): index role snapshot references.
      • ·**PR #96085** perf(codex): index rollout transcript ids.
      • ·**PR #96087** perf(reply): hoist direct-send fragment index.
      • ·**PR #94154** fix(gateway): resolve plugin-registered gateway methods through live registry. Related #94127.
      • ·**PR #95393** fix #92582: Bug: doctor falsely warns local memory embeddings are not ready.
      • ·**PR #96246** fix(qa): accept pnpm separator for lab up.
      • ·**PR #94949** fix(ports): route isPortBusy through checkPortInUse to catch IPv4-only occupants. Related #94426.
      • ·**PR #94562** fix(workboard): hide archived cards in CLI list by default. Related #94555.
      • ·**PR #96243** fix(nextcloud-talk): ignore signed non-message webhook events. Related #81566.
      • ·**PR #96140** fix(exec): preserve turn-source routing target in approval followups for plugin channels. Related #96103.
      • ·**PR #96258** ci: move CodeQL quality scans to hosted runners.
      • ·**PR #96271** chore(release): close out 2026.6.10 on main.
      • ·**PR #96233** fix(agents): run heartbeat_prompt_contribution on harness prompt builds.
      • ·**PR #55018** fix: avoid O(N²) shallow-copy in mapSensitivePaths schema traversal.
      • ·**PR #95831** fix: compact Codex OAuth OpenAI sessions without API keys. Related #95693.
      • ·**PR #96244** fix(auto-reply): align channel intro wording with chat_type. Related #95645.
      • ·**PR #97118** fix(telegram): recover stalled ingress spool claims.
      • ·**PR #97543** fix(telegram): recover stalled ingress spool claims.
      • ·**PR #97122** ci(docker): publish releases to Docker Hub.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.11-beta.2
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.11-beta.2.tgz
      • ·integrity: `sha512-aUA8lyvSetHvNMVsfbHvEveNhJhafvRl4OYZnxxwWSN4ocO8tNJ2uMUagxHMqZDdzwomjZ6VH3kSuolYjhU0wg==`
      • ·release SHA: `4f9d5864f09f60a6eb9da6ad6317148bbf89e134`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.11-beta.2/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/28338723855
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/28336646700
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/28333012052
      • ·Docker release: https://github.com/openclaw/openclaw/actions/runs/28336644856
      • ·Docker images: `docker.io/openclaw/openclaw:2026.6.11-beta.2` and `ghcr.io/openclaw/openclaw:2026.6.11-beta.2`
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/28338858442
      • ·plugin ClawHub publish: passed in https://github.com/openclaw/openclaw/actions/runs/28397561273
      • ·ClawHub package verification: Discord, Slack, Voice Call, and WhatsApp are live in ClawHub at 2026.6.11-beta.2 with npm-pack artifacts.
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/28338936121
      • ·npm Telegram beta E2E: not supplied
      v2026.6.11-beta.1pre-release2026-06-24

      openclaw 2026.6.11-beta.1

      GitHub ↗

      Highlights

      • ·**More capable channel control:** Slack relay mode, native Mattermost `/oc_queue`, and per-DM model overrides make channel operations easier to automate and tune. (#94707, #95546, #95120)
      • ·**Richer operator workflows:** `openclaw agent --message-file` and the RAFT CLI wake bridge add practical file-driven and remote wake-up paths. (#93351, #95497)
      • ·**Safer plugin distribution:** additional official plugins are externalized cleanly, with bundled plugin icon metadata available to installed clients. (#95683, #95845)
      • ·**Stronger mobile operations:** Android settings detail panels improve configuration visibility and control on mobile. (#95148)
      • ·**More reliable agent turns:** Codex partial deltas, harness activation, and long-context prompt-cache stability reduce lost progress and inconsistent runs. (#95404, #95652, #95624)

      Changes

      • ·**Gateway and plugin tooling:** channel identity hook context and per-agent usage-cost reporting give integrations and operators more precise routing and accounting. (#91903, #94483)
      • ·**Provider and model coverage:** catalog parsing, reasoning controls, provider model resolution, and encrypted reasoning support now handle more live provider variants. (#95283, #95710, #95268, #95744, #95686, #93956)

      Fixes

      • ·**Channel delivery:** Telegram progress rendering, webhook lifecycle, reaction directives, duplicate mirror writes, queued update draining, and WhatsApp durable reply targets are now more reliable. (#95532, #93002, #95183, #94506, #94977, #95069, #95577, #95007, #95914)
      • ·**WhatsApp and message identity:** native quotes, Baileys group reliability, and approval reactions across JID drift now preserve the intended conversation context. (#95483, #94338, #95935)
      • ·**Gateway and session safety:** stuck release claims, draining-state reporting, remote probe timeouts, malformed paired access lists, and non-delivery session identity are handled without silent routing loss. (#95299, #94915, #89859, #92178, #95467)
      • ·**Agent and fallback behavior:** aborted runs stop cleanly, provider response bodies stay bounded, Claude CLI credit failures continue through fallback, and Codex usage-limit responses classify correctly. (#94412, #95218, #95508, #95420, #95418, #95417, #95400)
      • ·**Provider and model edge cases:** OpenRouter IDs, Ollama discovery and embeddings, Gemini freshness, and model-catalog prefixes now resolve against the right runtime metadata. (#95268, #94811, #93956, #95682, #95744)
      • ·**Configuration and UI guardrails:** non-interactive configure fails closed, TLS paths reject empty values, memory artifacts are sanitized, and the UI uses the patched DOMPurify release. (#94238, #94054, #95791, #95691)
      • ·**Cron and delivery validation:** no-config delivery checks, thread-aware dedupe, and pending recurring runs retain their intended destinations. (#95754, #95794, #94323)

      Complete contribution record

      • ·**PR #95406** test(qa): make release scorecard categories explicit.
      • ·**PR #94700** test: fold HTTP API script proof into QA Lab.
      • ·**PR #95499** fix(test): unit-fast flow mocks.
      • ·**PR #95308** fix(ci): filter ClawSweeper comment dispatches before token minting.
      • ·**PR #95532** fix(telegram): materialize rich message line breaks as <br>. Related #95409.
      • ·**PR #91786** fix(plugins): reconcile managed npm root overrides with managed peer pins. Related #91772.
      • ·**PR #93002** Fix Telegram progress draft cleanup before tool output. Related #90753.
      • ·**PR #95175** fix: route mobile exec approvals to reviewer device.
      • ·**PR #94506** fix(telegram): stop clearing registered webhook on channel restart. Related #90254.
      • ·**PR #95183** fix(telegram): materialize streaming progress placeholders. Related #95004.
      • ·**PR #95483** fix(whatsapp): preserve native quote replies.
      • ·**PR #94338** fix(whatsapp): wire missing Baileys retry/cache hooks for group message reliability. Related #7433.
      • ·**PR #94707** feat(slack): add relay mode for incoming messages.
      • ·**PR #94977** fix(telegram): honor outbound reaction directives. Related #71140.
      • ·**PR #95069** fix(telegram): skip mirror write when primary reply already exists (#94930).
      • ·**PR #95550** Preserve inherited channel account policies during migration.
      • ·**PR #95390** fix #95378: https://github.com/openclaw/openclaw/issues/95378.
      • ·**PR #93143** fix(imessage): keep split-send coalescing opt-in.
      • ·**PR #95008** fix(claude-cli): also disable native background Bash and Monitor in --print runs.
      • ·**PR #94545** fix: keep trusted policies with hook registry.
      • ·**PR #95007** fix(telegram): render progress draft rows as plain readable text. Related #95002.
      • ·**PR #95624** fix(agents): keep long-context tool-result prompts cache-stable.
      • ·**PR #95625** fix(ci): smooth PR runner-registration bursts.
      • ·**PR #95572** fix(agents): reject bind specs with extra colon segments.
      • ·**PR #95653** test(agents): add large prompt cache coverage.
      • ·**PR #95640** Consolidate iOS notification permission UX.
      • ·**PR #95546** feat(mattermost): register /oc_queue as a native slash command.
      • ·**PR #95019** fix(skills): point gog brew install at homebrew-core gogcli (#95017).
      • ·**PR #93378** test(telegram): keep live polling leases protected. Related #93375.
      • ·**PR #95084** fix(googlechat): sanitize internal tool-trace lines from outbound text (#90684).
      • ·**PR #95278** Avoid copying process.env in ingress queue state DB opens. Related #94571.
      • ·**PR #95577** fix #86957: drain worker-spooled Telegram updates immediately.
      • ·**PR #95128** fix(compaction): count user-message image blocks in cut-point estimator.
      • ·**PR #93887** fix(ssh): reject hostnames with stray leading or trailing colons in parseSshTarget.
      • ·**PR #95191** docs(plugins): document subagent_ended hook fields. Related #95186.
      • ·**PR #95102** fix(config): add stdio to McpServerSchema transport union. Related #95082.
      • ·**PR #95465** fix(sdk): type-narrow manifest.files in pack staging root helper.
      • ·**PR #95664** refactor(plugins): move owner skills into plugins.
      • ·**PR #95299** fix #95248: OpenClaw release_lane is a no-op when claim is held by a live worker; stuck Telegram inbound events block agent response until gateway restart.
      • ·**PR #94687** fix(gateway): accept port for health and probe. Related #79100.
      • ·**PR #95649** fix(ci): bundle test shards and right-size runners.
      • ·**PR #95243** fix(docs): show inline read_when hints in docs:list.
      • ·**PR #95283** fix(openai-completions): seal native reasoning before the answer under /reasoning on. Related #95280.
      • ·**PR #95497** feat(raft): add CLI wake bridge channel.
      • ·**PR #95459** fix(cron): use main-session systemEvent for silent quick-create preset. Related #95073.
      • ·**PR #95503** fix #89466: [Bug]: Control UI chat input text not cleared after sending.
      • ·**PR #95684** fix(skills): harden ClawHub update policy.
      • ·**PR #95683** feat(plugins): externalize additional official plugins.
      • ·**PR #95681** fix(ci): debounce canonical main runner admission.
      • ·**PR #95652** fix(agents): activate selected harness plugins.
      • ·**PR #95404** fix(codex): stream non-final-answer assistant deltas as partials. Related #95422.
      • ·**PR #58993** fix(googlechat): support spaceType field for DM vs Space detection.
      • ·**PR #94148** fix(doctor): prevent non-interactive --fix from auto-restarting gateway. Related #78217.
      • ·**PR #89859** fix(gateway): honor remote status probe timeout. Related #65355.
      • ·**PR #95466** fix(ci): increase timeouts in flaky process-group signal test.
      • ·**PR #95720** fix(matrix): prevent double bootstrapCrossSigning reset in forced reset. Related #78396.
      • ·**PR #95707** fix(synology-chat): remove duplicate local deliver timeout.
      • ·**PR #95706** fix(whatsapp): remove dead watchdog timeout clamp.
      • ·**PR #95719** fix(cli): sync capability inspect metadata flags with registered options.
      • ·**PR #95721** fix(active-memory): exclude dreaming-narrative session keys from eligibility gate. Related #78500.
      • ·**PR #95602** test: save ~79 CI hours/mo in gateway session utils.
      • ·**PR #94412** fix(agent-core): stop loop after aborted tool run.
      • ·**PR #94915** fix(gateway): report draining state in readiness. Related #78136.
      • ·**PR #95691** fix(ui): bump dompurify to patched release.
      • ·**PR #95710** fix(vercel-ai-gateway): resolve dynamic model selections.
      • ·**PR #94072** fix(agents): count message-tool source reply as user-facing reply for tool error warnings. Related #93875.
      • ·**PR #94784** fix(doctor): stop promising --fix for working isolated shell-prompt cron jobs (#94655).
      • ·**PR #93504** fix(device-pairing): guard role normalization against non-string entries.
      • ·**PR #92178** fix(gateway): normalize malformed paired access lists. Related #90654.
      • ·**PR #83041** Fix config patch restart-required notices. Related #46797.
      • ·**PR #95754** fix(cron): preserve no-config delivery validation.
      • ·**PR #93351** feat(cli): add --message-file to openclaw agent.
      • ·**PR #95485** fix(ui): roll values near 1M over from k to M in compact token format.
      • ·**PR #94622** fix(build): allow tsdown heap override.
      • ·**PR #76668** meta(issue-template): add dedicated docs bug report form. Related #76664.
      • ·**PR #91193** fix(cli): document Commander rawArgs internal API dependency in action-reparse.ts. Related #83893.
      • ·**PR #77339** fix(auto-reply): clear runtime model cache on reset. Related #77322.
      • ·**PR #89628** Speed up precomputed command help startup.
      • ·**PR #95087** refactor: add memory and QMD session identity mapping.
      • ·**PR #89323** fix(web-ui): skip hidden subagent picker pages. Related #89249.
      • ·**PR #84794** Clean up isolated cron sessions after runs. Related #84707.
      • ·**PR #95794** fix(cron): compare thread IDs when deduping failure destinations.
      • ·**PR #95791** fix(session-memory): sanitize model artifacts before saving memory.
      • ·**PR #95805** fix(agents): normalize hallucinated Office file extensions. Related #93326.
      • ·**PR #89612** fix: include persisted plugin contracts for migrations. Related #89609.
      • ·**PR #89981** fix(diagnostics-otel): keep full model id on spans instead of collapsing to "unknown".
      • ·**PR #90489** fix(sessions): clarify cross-agent visibility guidance. Related #90443.
      • ·**PR #95383** fix(sdk): classify failed/blocked tool events as tool.call.failed.
      • ·**PR #95827** fix(plugin-sdk): bound live model catalog success body.
      • ·**PR #95792** fix(onboard): refresh provider plugin registry after setup installs. Related #95765.
      • ·**PR #93943** fix(provider-usage): honor proxy env for usage fetch. Related #78714.
      • ·**PR #89648** fix(agents): restore model-fetch info logs. Related #89300.
      • ·**PR #93841** fix(ui): render persisted history text blocks. Related #90241.
      • ·**PR #93502** docs: fix docs metadata spellcheck.
      • ·**PR #86608** docs: add existing-solutions preflight guardrail.
      • ·**PR #95322** fix(reply): preserve usage footer across rollover.
      • ·**PR #91559** fix(agents): clean Gemini tool schemas by model id. Related #91542.
      • ·**PR #94701** Fix embedded-run recovery after refreshed session activity.
      • ·**PR #95472** [AI] fix(main-session): skip current-gen abort controllers for completed sessions.
      • ·**PR #95401** fix(lmstudio): canonicalize variant model keys.
      • ·**PR #94323** fix(cron): stop add/remove from dropping a due recurring job's pending run.
      • ·**PR #94443** fix(memory-wiki): retry transient source-page rewrite race instead of aborting wiki_status. Related #92134.
      • ·**PR #95120** feat(channels): add directUserId support for per-DM model override. Related #53638.
      • ·**PR #91049** fix: handle terminal chat send acknowledgements. Related #91048.
      • ·**PR #95081** fix: keep text transform runtime imports hashed. Related #95057.
      • ·**PR #93356** fix(plugins): cache plugin setup registry to kill the /models CPU storm.
      • ·**PR #85341** refactor: internalize OpenClaw agent runtime.
      • ·**PR #94233** fix(model-fallback): coalesce auth decision logs. Related #56979.
      • ·**PR #92399** fix(llm): collapse cumulative openai-responses message snapshots instead of concatenating [AI-assisted]. Related #91959.
      • ·**PR #94811** fix(ollama): honor memory embedding output dimensionality.
      • ·**PR #84708** fix(agents): recover message-tool mirror replay poison.
      • ·**PR #95274** fix(memory): preserve Windows QMD command paths. Related #92302.
      • ·**PR #95686** fix(xai): request encrypted reasoning include for all reasoning models.
      • ·**PR #82909** fix(telegram): repair message cache reply types.
      • ·**PR #94942** fix(matrix): prune finished fake-indexeddb transactions to prevent OOM. Related #90455.
      • ·**PR #93994** fix(setup): point non-interactive health hints at onboard flags. Related #93947.
      • ·**PR #93956** fix(ollama): skip auto-discovery for remote/cloud base URLs.
      • ·**PR #93547** fix(acp): recover stale persistent sessions by structured resume-required code [AI-assisted]. Related #87830.
      • ·**PR #94204** fix(control-ui): rewrite manifest hrefs for configured base path. Related #94157.
      • ·**PR #95637** fix(qqbot): recognize GFM table separators with one or two dashes.
      • ·**PR #95467** fix(sessions): keep bound channel identity across non-delivery turns.
      • ·**PR #93919** perf(plugins): cache existence probes within bundle manifest scan [AI-assisted]. Related #76209.
      • ·**PR #94726** fix(google): add gemini-3.5-flash model catalog entry. Related #94723.
      • ·**PR #94238** fix(config): fail closed when configure runs without an interactive TTY (#93953).
      • ·**PR #89949** fix(media): pin requester delivery route when task starts. Related #86034.
      • ·**PR #94470** chore: sync yuanbao plugin catalog to 2.15.0.
      • ·**PR #93585** fix(daemon): keep systemd gateway running after child OOM.
      • ·**PR #94442** fix(imessage): strip leading echo corruption markers in the persisted echo cache.
      • ·**PR #93511** fix(imessage): normalize leading NUL echo-cache prefixes.
      • ·**PR #87121** test(cli): add banner emission reset helper. Related #83903.
      • ·**PR #89172** fix(feishu): show voice message duration via upload duration. Related #53798.
      • ·**PR #95118** fix: bound agents load their own inbound workspace context. Related #92903.
      • ·**PR #94752** fix(reply): clarify stale model override resets. Related #94713.
      • ·**PR #89716** fix(providers): strip cache-boundary marker from non-Anthropic prompts.
      • ·**PR #95268** fix(openrouter): expand short canonical model IDs to upstream API slugs (fixes #95198).
      • ·**PR #90475** fix(telegram): keep bot reply answers anchored to current message.
      • ·**PR #94219** fix(control-ui): restore provider usage quota pill in sidebar session switcher (fixes #93041).
      • ·**PR #93369** fix(cron): expose per-job fallbacks in CLI. Related #90302.
      • ·**PR #87912** Handle Codex toolResult blocks in tool-result truncation.
      • ·**PR #95744** fix(model-catalog): strip manifest model-id prefixes by the matched length. Related #95743.
      • ·**PR #95300** fix(cli): expose --count on infer image edit, matching image generate.
      • ·**PR #94156** fix: expose OpenAI image quality and moderation CLI options.
      • ·**PR #94062** fix(agents): classify generic "LLM request failed." as transient time…. Related #93931.
      • ·**PR #93965** fix(opencode-go): streaming completes when provider ends responses. Related #93610.
      • ·**PR #89017** fix(webchat): sessions persist after reconnects. Related #87700.
      • ·**PR #94627** fix(ios): centralize app accent colors.
      • ·**PR #94054** fix(gateway.tls): reject empty/whitespace certPath and keyPath.
      • ·**PR #95674** fix(cron): trim trailing whitespace from recognized job object keys. Related #95407.
      • ·**PR #95857** Fix SQLite user version guardrail allowlist.
      • ·**PR #95858** feat(qa): expose active memory toggles to scenarios.
      • ·**PR #84326** Doctor: expose sandbox registry findings.
      • ·**PR #73079** fix(minimax): request hex TTS output explicitly.
      • ·**PR #94483** feat(gateway-cli): scope usage-cost by agent.
      • ·**PR #91502** feat(qa): crabline channel driver.
      • ·**PR #95872** Move TUI PTY tests into CI node shard.
      • ·**PR #89800** fix(agents): resolve webchat current session status. Related #89773.
      • ·**PR #95870** fix(ci): restore macOS and Windows QA gates.
      • ·**PR #94445** fix(agents): keep cron cloud idle watchdog enabled.
      • ·**PR #91506** fix(qa): reserve shared QA suite flags across runners.
      • ·**PR #95876** ci: add manual release QA profile evidence workflow.
      • ·**PR #95879** fix(ci): use workflow revision for proof checks.
      • ·**PR #93113** fix(memory-core): report active dreaming phases in status. Related #67868.
      • ·**PR #95837** Simplify color mode button labels.
      • ·**PR #95797** fix: /status is too verbose for pinned model sessions.
      • ·**PR #90223** test: make qqbot symlinked media helper test robust on Windows.
      • ·**PR #95557** improve: refresh Android overview control surface.
      • ·**PR #95593** fix: route Android exec approvals to in-app inbox.
      • ·**PR #95570** fix(cli): resolve trajectory export stores consistently. Related #95568.
      • ·**PR #95880** ci: generalize QA profile evidence workflow.
      • ·**PR #95218** fix(agents): bound provider JSON response reads.
      • ·**PR #95614** fix(memory-wiki): preserve human notes block on source re-ingest.
      • ·**PR #95148** feat(android): add settings detail panels.
      • ·**PR #95893** Add iOS push sandbox profiles and relay tooling.
      • ·**PR #95723** fix(control-ui): exclude disabled cron jobs from Overview failed count. Related #95716.
      • ·**PR #78715** Fix minor grammar issue in plugin documentation (capabilities plural).
      • ·**PR #95890** fix(ci): restore QA workflow gates.
      • ·**PR #95661** fix(discord): reserve closing-fence space on fence-closing lines.
      • ·**PR #94272** ci: add maturity scorecard renderer.
      • ·**PR #95901** ci: add maturity scorecard renderer.
      • ·**PR #95914** fix(whatsapp): preserve durable reply target.
      • ·**PR #95697** improve: reduce hot-path linear scans and redundant I/O.
      • ·**PR #95916** fix(memory): improve node:sqlite unavailable guidance.
      • ·**PR #78884** docs: document local avatar file size limit. Related #65312.
      • ·**PR #95909** fix(ci): use available Android SDK platform.
      • ·**PR #68389** plugins: clarify allowlist warning when entries don't match discovered ids. Related #68352.
      • ·**PR #95898** ci: simplify maturity scorecard QA evidence inputs.
      • ·**PR #95928** fix(ci): honor reusable QA evidence failure policy.
      • ·**PR #95508** fix #95489: [Bug]: claude-cli out-of-credits error bypasses model fallback chain — error text delivered as final response.
      • ·**PR #95420** fix(agents): bound OpenRouter model catalog response reads.
      • ·**PR #95103** fix(gateway): bound pricing catalog streams.
      • ·**PR #95108** fix(agents): bound Anthropic error streams.
      • ·**PR #95418** fix(agents): bound OpenRouter model-scan catalog success body.
      • ·**PR #95922** fix(ci): finalize testbox sessions after setup failures.
      • ·**PR #95417** fix(agents): bound Google prompt cache response reads.
      • ·**PR #95935** fix(whatsapp): resolve approval reactions across JID drift.
      • ·**PR #84340** Doctor: expose extra gateway service findings.
      • ·**PR #95946** fix(ci): finalize Windows Testbox after setup failures.
      • ·**PR #95947** feat(qa): add "all" taxonomy profile.
      • ·**PR #91903** feat(plugin-sdk): add extensible channel identity hook context.
      • ·**PR #95930** docs(copilot): refresh harness parity notes.
      • ·**PR #95952** fix(ci): require QA live evidence artifacts.
      • ·**PR #95666** Fix memory-wiki bridge self-import loop. Related #95657.
      • ·**PR #91724** fix(agents): infer runtime provider from qualified model ids.
      • ·**PR #95957** improve: speed up provider tool-call streaming.
      • ·**PR #95541** fix(cli): show working commands for pinned plugin drift.
      • ·**PR #95933** docs: update maturity scorecard.
      • ·**PR #78105** fix(plugins): make empty-allowlist actionable for new users. Related #68780.
      • ·**PR #95961** fix(ci): require live proof evidence artifacts.
      • ·**PR #95400** fix(model-fallback): classify Codex usage-limit payloads.
      • ·**PR #95944** perf(qa-lab): speed up unified QA suites.
      • ·**PR #95971** ci: fail QA profile evidence on QA failures.
      • ·**PR #95845** feat: add bundled plugin icon manifest URLs.
      • ·**PR #95975** fix(ci): require iOS Periphery evidence artifact.
      • ·**PR #95972** docs: update ClawHub skill route references.
      • ·**PR #90537** Warn on generated wrapper overwrites and status diagnostics. Related #90518.
      • ·**PR #93567** fix(cron): normalize run-log jobId on write to match read-side validation.
      • ·**PR #95967** perf(ci): widen main test fanout and move codeql off blacksmith.
      • ·**PR #95983** fix(ci): require OpenGrep SARIF artifacts.
      • ·**PR #64490** CLI: escape zsh completion descriptions.
      • ·**PR #95682** Fix Gemini day freshness time range handling.
      • ·**PR #93374** fix(agents): suggest recovery for unknown tool ids. Related #92273.
      • ·**PR #95991** fix(ci): require release QA evidence artifacts.
      • ·**PR #89886** fix(context-engine): forward abortSignal through delegation bridge to runtime compaction. Related #89868.
      • ·**PR #95999** fix(release): require postpublish evidence artifact.
      • ·**PR #96003** test(qa): harden all-profile QA evidence scenarios.
      • ·**PR #95860** fix(compaction): trim prefix when transcript ends in an oversized tool result. Related #78478.
      • ·**PR #95934** fix(xiaomi): correct mimo-v2.5 and mimo-v2.5-pro max output tokens to 128K.
      • ·**PR #95782** fix(sessions): honor configured store for outbound transcript mirrors. Related #95781.
      • ·**PR #96005** feat(copilot): wire harness parity helpers.
      • ·**PR #95886** fix: avoid false macOS update failures during gateway shutdown.
      • ·**PR #91906** perf: skip subagent live stream parsing.
      • ·**PR #87861** fix(model-usage): coerce numeric-string costs and ignore non-finite values. Related #37878.
      • ·**PR #96030** fix(qa-lab): avoid duplicate child evidence files.
      • ·**PR #94369** fix(memory-wiki): exclude durable reference pages from stale report.
      • ·**PR #94578** Fix recent session resume with long headers. Related #94577.
      • ·**PR #95919** ci: add Codex maturity scorecard agent.
      • ·**PR #92356** fix(heartbeat): skip reasoning payloads when selecting heartbeat reply. Related #92260.
      • ·**PR #94328** fix(agents): keep post-compaction user re-issue of a kept-tail prompt during compaction rotation.
      • ·**PR #95432** fix(reply): suppress per-message finals across multi-message block streaming.
      • ·**PR #95431** fix(auto-reply): keep drain/restart-abort reply paths silent.
      • ·**PR #96017** test(qa): gate maturity docs on passing evidence.
      • ·**PR #95552** feat(mattermost): persist participated threads for mention-free follow-ups.
      • ·**PR #95480** fix #89231: [Bug]: Windows installer-created scheduled task launches gateway.cmd with visible console — should use windowless launcher.
      • ·**PR #96049** fix(copilot): preserve compaction metadata.
      • ·**PR #96044** docs: rename top maturity tier to Clawesome.
      • ·**PR #92154** Gate private QQBot group commands.
      • ·**PR #95484** fix: assistant reply lost between compaction summary and first kept user in successor transcript. Related #76729.
      • ·**PR #95094** ci: add release QA profile evidence.
      • ·**PR #96057** docs: redesign maturity scorecard pages.
      • ·**PR #96014** perf(agents): index displaced tool results.
      • ·**PR #96019** perf(usage): bound session log retention.
      • ·**PR #96013** perf(anthropic): index active stream blocks.
      • ·**PR #96061** docs: place maturity pages under release reference.
      • ·**PR #95589** fix: npm plugin updates break running gateway imports.
      • ·**PR #96068** fix(acpx): consume acpx 0.11.1 model capability errors. Related #95869.
      • ·**PR #89912** refactor: add transcript update identity contract.
      • ·**PR #96055** fix(maint): use rebase PR landing.
      • ·**PR #96062** feat(copilot): mirror native plan and subagent events.
      • ·**PR #96032** fix(acpx): detect wrapper orphan on any PPID change, not just init reparenting.
      • ·**PR #96124** chore(acpx): bump bundled client to 0.11.2.
      • ·**PR #84352** Fix WebChat dispatch failure session status.
      • ·**PR #89518** refactor: migrate plugin transcript mirrors.
      • ·**PR #90439** refactor: add embedded run session target seam.
      • ·**PR #95699** perf(gateway): drop redundant per-access session-key case scan.
      • ·**PR #95992** fix(skills): accept owner-qualified verify refs.
      • ·**PR #95987** fix(plugins): remove Simple Icons color paths.
      • ·**PR #96162** refactor: use accessor-backed transcript corpus for memory.
      • ·**PR #96181** Defer iOS local network permission until onboarding.
      • ·**PR #95475** test(cli): isolate service env in run and update suites.
      • ·**PR #95226** fix(infra): bound ClawHub fetchJson and error response bodies.
      • ·**PR #95240** fix(matrix): bound non-raw JSON response body in transport.
      • ·**PR #91742** fix(memory): abort orphaned embedding work when memory_search times out. Related #91718.
      • ·**PR #93394** fix(memory): abort orphaned qmd search subprocess when memory_search times out.
      • ·**PR #89911** refactor: migrate bundled transcript target lookups.
      • ·**PR #96191** refactor: route plugin host hook state through accessor.
      • ·**PR #96179** fix: route gateway history through session accessor target.
      • ·**PR #96201** refactor: add abort target session accessor.
      • ·**PR #96193** fix(memory-core): migrate dreaming cleanup lifecycle.
      • ·**PR #96195** fix: bridge ACP metadata to session accessors.
      • ·**PR #96182** refactor: migrate agent session accessors.
      • ·**PR #96218** refactor: guard reply session initialization.
      • ·**PR #96213** refactor(gateway): add alias mutation accessor.
      • ·**PR #96204** refactor: migrate command session persistence to accessor.
      • ·**PR #96206** refactor: route live model fresh reads through session accessor.
      • ·**PR #96220** fix(whatsapp): quote current follow-up in durable replies.
      • ·**PR #96226** fix(macos): drop Textual from chat packaging.
      • ·**PR #96212** fix(codex): deliver generated images from remote app-server.
      • ·**PR #96235** fix(crabbox): require Xcode for macOS proof.
      • ·**PR #96145** fix: UI glitch: config is not visible. Related #94202.
      • ·**PR #96072** perf(browser): index role snapshot references.
      • ·**PR #96085** perf(codex): index rollout transcript ids.
      • ·**PR #96087** perf(reply): hoist direct-send fragment index.
      • ·**PR #94154** fix(gateway): resolve plugin-registered gateway methods through live registry. Related #94127.
      • ·**PR #95393** fix #92582: Bug: doctor falsely warns local memory embeddings are not ready.
      • ·**PR #96246** fix(qa): accept pnpm separator for lab up.
      • ·**PR #94949** fix(ports): route isPortBusy through checkPortInUse to catch IPv4-only occupants. Related #94426.
      • ·**PR #94562** fix(workboard): hide archived cards in CLI list by default. Related #94555.
      • ·**PR #96243** fix(nextcloud-talk): ignore signed non-message webhook events. Related #81566.
      • ·**PR #96140** fix(exec): preserve turn-source routing target in approval followups for plugin channels. Related #96103.
      • ·**PR #96258** ci: move CodeQL quality scans to hosted runners.
      • ·**PR #96271** chore(release): close out 2026.6.10 on main.
      • ·**PR #96233** fix(agents): run heartbeat_prompt_contribution on harness prompt builds.
      • ·**PR #55018** fix: avoid O(N²) shallow-copy in mapSensitivePaths schema traversal.
      • ·**PR #95831** fix: compact Codex OAuth OpenAI sessions without API keys. Related #95693.
      • ·**PR #96244** fix(auto-reply): align channel intro wording with chat_type. Related #95645.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.11-beta.1
      • ·release SHA: `c862a644bff366599ead53df81f452aa913497ae`
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/28123941058
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/28130211221
      • ·npm publish: https://github.com/openclaw/openclaw/actions/runs/28136271139
      • ·ClawHub follow-up: four existing code-plugin family conflicts and the pre-claimed `tencent` id remain in the child publish runs; OpenClaw npm and GitHub beta publication are unaffected.
      v2026.6.102026-06-24

      openclaw 2026.6.10

      GitHub ↗

      Highlights

      • ·Adds [`/fast auto`](https://docs.openclaw.ai/tools/thinking) so short conversational calls can start quickly, while longer or fallback work returns to normal mode with the effective state still visible. [PR #85104](https://github.com/openclaw/openclaw/pull/85104), [Issue #85087](https://github.com/openclaw/openclaw/issues/85087).
      • ·Shows the effective automatic fast-mode state in status instead of reducing it to on/off, and avoids carrying a cleared Codex service-tier choice into later runs. [8845f2f](https://github.com/openclaw/openclaw/commit/8845f2fd6143becc37110ab5021dd5e1517f0cdc).
      • ·Keeps automatic fast-mode timing consistent when a turn switches to a fallback model. [075091d](https://github.com/openclaw/openclaw/commit/075091d0cab94053ff094268efc0acb225d514f4).
      • ·Keeps the original fast-mode timing and progress behavior when a live model switch retries a turn. [d1e190f](https://github.com/openclaw/openclaw/commit/d1e190fbe822ad6ae4e660ce376b60ec9fdb0fba).
      • ·Keeps automatic fast-mode progress and reset behavior distinct from explicit fast mode after a run switches modes. [20aec98](https://github.com/openclaw/openclaw/commit/20aec985545db7a24ea066e5bff1c47b789cbded).
      • ·Shows the effective fast-mode value in connected-agent sessions instead of the configured value, so status reflects what the session is actually using. [9509aa0](https://github.com/openclaw/openclaw/commit/9509aa063c0ef3e32be1516fcb0c23606b6d5c7b).
      • ·Keeps the effective automatic fast-mode setting visible through fallback transitions in connected-agent sessions. [7f5423c](https://github.com/openclaw/openclaw/commit/7f5423ca97174a3f16c211db54a6c96e5b3a6089).
      • ·Keeps automatic fast-mode timing and progress consistent when reply and [scheduled-agent runs](https://docs.openclaw.ai/automation/cron-jobs) retry or switch models. [6c29f88](https://github.com/openclaw/openclaw/commit/6c29f88913796bfe05696556cd82246670b126f0).
      • ·Keeps fast-mode cleanup and status consistent when a run switches between fallback models. [c4694f8](https://github.com/openclaw/openclaw/commit/c4694f84ffd52064f89609098cc4f8570fb72e1b).
      • ·Shows the automatic fast-mode reset only when fallback work is finished, so status messages match the end of the transition. [f4d93c8](https://github.com/openclaw/openclaw/commit/f4d93c855bff6930f5e5d739b95e0c2612ec4899).
      • ·Shows reset and delivery progress at the right time when auto-reply or other follow-up runs retry or leave automatic fast mode. [684e440](https://github.com/openclaw/openclaw/commit/684e44013778bd47d159e64b2595e4d09a92ebea).

      Channels and Messaging

      • ·Prevents the next turn after a [scheduled message](https://docs.openclaw.ai/automation/cron-jobs) from losing what was delivered or whether delivery failed, so replies can use that context without exposing cron details in the channel. [PR #93580](https://github.com/openclaw/openclaw/pull/93580).
      • ·Prevents streamed channel progress from dropping a repeated status that represents a separate step, so each meaningful step remains visible in the draft. [2d42e52](https://github.com/openclaw/openclaw/commit/2d42e52ac5513e0bd824b8a0e069db83e04bc056).
      • ·Prevents keyed streamed progress from staying on an older status, so viewers see the latest state instead of stale text. [8bb6472](https://github.com/openclaw/openclaw/commit/8bb6472c4de2eea06f1ba31d6ed679e2ac4581b0).

      Providers and Models

      • ·Treats Zhipu/GLM overload responses as overloads, so a configured fallback is selected for the right reason instead of following the wrong failover path. [PR #93241](https://github.com/openclaw/openclaw/pull/93241), [Issue #93211](https://github.com/openclaw/openclaw/issues/93211).
      • ·Prevents Telegram, Slack, and Discord `/think` menus for live Ollama models from hiding supported levels, so users can choose valid reasoning settings without guessing. [PR #94067](https://github.com/openclaw/openclaw/pull/94067), [Issue #93835](https://github.com/openclaw/openclaw/issues/93835).
      • ·Expands [`zai/glm-5.2` thinking choices](https://docs.openclaw.ai/tools/thinking) beyond binary on/off and sends high or max requests as the intended Z.AI reasoning effort. [PR #94136](https://github.com/openclaw/openclaw/pull/94136).
      • ·Prevents bundled [Z.ai GLM-5 models](https://docs.openclaw.ai/providers/zai) from falling through to OpenAI and producing misleading API-key errors, so they use Z.AI by default. [PR #94461](https://github.com/openclaw/openclaw/pull/94461), [Issue #94269](https://github.com/openclaw/openclaw/issues/94269).
      • ·Adds GLM-5.2 and Kimi K2.7 Code to the [OpenCode Go catalog](https://docs.openclaw.ai/providers/opencode-go) with current limits, so users can select the models from OpenClaw. [66f84a9](https://github.com/openclaw/openclaw/commit/66f84a9bf1082de26f92b2b3741cc2f34aba34fa).
      • ·Corrects `kimi-k2.7-code` capability listings so OpenCode Go users are not offered unsupported video prompts when the model accepts text and images. [715dc71](https://github.com/openclaw/openclaw/commit/715dc718fc5a2a5d6f7e9ec16e0269382b726e83).
      • ·Prevents first-run setup from skipping the selected provider's credential prompt after plugin installation, so onboarding continues with that provider instead of falling back to OpenAI. [PR #95792](https://github.com/openclaw/openclaw/pull/95792), [Issue #95765](https://github.com/openclaw/openclaw/issues/95765).

      Memory, Sessions, and State

      • ·Adds a durable [session-transcript SDK contract](https://docs.openclaw.ai/plugins/sdk-runtime) so plugins can read, append, publish, and lock the intended transcript without treating [legacy file paths](https://docs.openclaw.ai/plugins/sdk-subpaths) as identity. [PR #95030](https://github.com/openclaw/openclaw/pull/95030).
      • ·Prevents a shared direct-message [session](https://docs.openclaw.ai/concepts/session) from carrying the previous [channel's identity](https://docs.openclaw.ai/channels/channel-routing) after a switch, so status, reactions, threads, and message references target the current channel. [PR #95328](https://github.com/openclaw/openclaw/pull/95328), [Issue #95325](https://github.com/openclaw/openclaw/issues/95325).

      Gateway, Security, and Trust

      • ·Keeps empty prompts separate from hook-added context during compaction or session reuse in [Copilot and Codex sessions](https://docs.openclaw.ai/plugins/copilot), so prompt boundaries remain consistent. [PR #94838](https://github.com/openclaw/openclaw/pull/94838).
      • ·Keeps [approval-sensitive Gateway and plugin tools](https://docs.openclaw.ai/plugins/hooks) protected when connected extensions change, so configured safeguards continue to apply. [PR #94545](https://github.com/openclaw/openclaw/pull/94545).
      • ·Prevents authenticated package-source tokens from being sent to an allowed redirect on another origin, while the valid redirected download still completes. [b0df6dc](https://github.com/openclaw/openclaw/commit/b0df6dc10eb5b9e9fdca93063a16316f8589954e).

      Clients and Interfaces

      • ·Prevents [Docker](https://docs.openclaw.ai/install/docker) and [Podman](https://docs.openclaw.ai/install/podman) setup from running unbounded on hosts where GNU timeout is installed as `gtimeout`, so image pulls, builds, and detached startup receive the intended guard. [62b2e9e](https://github.com/openclaw/openclaw/commit/62b2e9ef14b4be6fd396621c8e5e248331f08695).

      Plugins and Packaging

      • ·Prevents cleared [Codex service tiers](https://docs.openclaw.ai/tools/thinking) from being persisted as explicit stale state, so resumed or switched conversations use the normal default instead. [cd32d9f](https://github.com/openclaw/openclaw/commit/cd32d9ff91caf84c0ead38796ef096cdc5bea06e).
      • ·Restores [ClawHub discovery](https://docs.openclaw.ai/plugins/reference/stepfun) for the [StepFun provider](https://docs.openclaw.ai/providers/stepfun) plugin, so operators can install it through either ClawHub or npm. [ecb82f1](https://github.com/openclaw/openclaw/commit/ecb82f1be93024be23c1b191ebea92c63230b6c0).

      Docs and Operator Workflows

      • ·Keeps core [`openclaw doctor`](https://docs.openclaw.ai/gateway/doctor) diagnostics in their normal order before extension checks, making lint and repair output easier to follow. [PR #86627](https://github.com/openclaw/openclaw/pull/86627).

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.10
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.10.tgz
      • ·integrity: `sha512-LcooND2tBQw8A+kc1Ujltu3lg30bJ0w7XaeRy7eYzobb8BBdcW6DOGbwJL4vpj1vl9+gjRceOtlh5nh9OARcug==`
      • ·release SHA: `aa69b12d0086b631b139c1435c9621a5783e3a40`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.10/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/28071368306
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/28068484614
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/28068476120
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/28071564667
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/28071565774
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/28071984141
      • ·npm Telegram beta E2E: not supplied
      • ·Windows Hub promotion: https://github.com/openclaw/openclaw/actions/runs/28072271374 from openclaw/openclaw-windows-node@v0.6.3
      v2026.6.10-beta.2pre-release2026-06-22

      openclaw 2026.6.10-beta.2

      GitHub ↗

      Highlights

      • ·**Automatic fast mode for talks:** OpenClaw can enable fast mode for short conversational turns, then return to normal mode for longer runs with bounded fallback and delivery behavior. (#85104)
      • ·**More reliable model routing:** Zai model synthesis, GLM overload failover, and native reasoning-level selection now follow the active model catalog more consistently. (#94461, #93241, #94067, #94136)
      • ·**Safer session and channel state:** channel switches reset stale origin fields, and cron delivery awareness stays attached to the target session. (#95328, #93580)
      • ·**Trusted policies survive hook composition:** composed hook registries keep the trusted tool policies required by approval-sensitive flows. (#94545)

      Changes

      • ·**Agent and channel runtime:** fast-mode state now survives retries, fallback transitions, progress events, and embedded/CLI/ACP normalization; session and channel routing retain the current target and delivery context. (#85104, #93580, #95328)
      • ·**Provider behavior:** model catalogs now supply the correct Zai base URL, overload classification, and native reasoning controls for live-discovered models. (#94461, #93241, #94067, #94136)

      Fixes

      • ·**Fast-mode and policy correctness:** fallback cutoffs and reset notices are bounded, repeated progress events remain visible, Codex service-tier state is normalized, and trusted policies are not lost when hook registries are composed. (#85104, #94545)
      • ·**Model and delivery edge cases:** Zai and GLM failover paths use the right runtime metadata, while stale channel-origin state no longer leaks across session changes. (#94461, #93241, #95328)

      Complete contribution record

      • ·**PR #86627** Keep core doctor health in contribution order.
      • ·**PR #93580** fix: preserve cron delivery awareness for target sessions.
      • ·**PR #95030** refactor: add SDK transcript identity target API.
      • ·**PR #94838** refactor(copilot): complete harness lifecycle parity.
      • ·**PR #95328** fix(sessions): reset stale per-channel origin fields on channel switch. Related #95325.
      • ·**PR #94461** fix(zai): fall back to manifest baseUrl for synthesized GLM-5 models. Related #94269.
      • ·**PR #93241** fix(agents): classify Zhipu GLM overload as overloaded for failover. Related #93211.
      • ·**PR #94067** fix(channels): resolve native /think menu levels via runtime catalog for live-discovered models. Related #93835.
      • ·**PR #94136** fix(zai): expose GLM-5.2 reasoning levels [AI-assisted].
      • ·**PR #85104** feat: fast talks auto mode. Related #85087.
      • ·**PR #94545** fix: keep trusted policies with hook registry.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.10-beta.2
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.10-beta.2.tgz
      • ·integrity: `sha512-fOz52YzVw3MhQjQ5qqfPsfSbaMWOM62DNCxDsO/wZXvgvgrqPdZuNEPQokjFX9J7QXDeidl2uMBCnXRxynMzRg==`
      • ·release SHA: `87b40c7160da1e9d470f86520f64ff1642a55b66`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.10-beta.2/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27942155128
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27938779493
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27938779833
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27942563340
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27942565547
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27943117132
      • ·npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/27941744910
      v2026.6.10-beta.1pre-release2026-06-21

      openclaw 2026.6.10-beta.1

      GitHub ↗

      Highlights

      • ·**More reliable agent turns and session state:** OpenClaw now preserves pending subagent completion announcements, keeps chat history transcripts non-empty, maintains media index alignment, restarts dormant follow-up drains, and resolves compaction model aliases consistently. (#94349, #92383, #94257, #95039, #90885)
      • ·**Stronger Codex and approval flows:** Codex app-server SecretRefs, thread context, bounded turn text, routed approval context, and typed SDK approval/session helpers now work together more predictably. (#94093, #94324, #94756, #90918, #95144, #95188, #95196, #95169)
      • ·**Richer channel delivery:** Telegram, Discord, and Slack now preserve richer progress/reasoning/thread output, handle structured send errors, support Slack shortcuts, and record canonical sent threads more reliably. (#94891, #94856, #94810, #95029, #94881, #78536, #95250)
      • ·**Safer release and network boundaries:** SSH tunnel preflight is loopback-scoped, device-backed node pairings are removed, volatile SQLite state is surfaced by doctor, and legacy Codex routes are repaired instead of silently persisting stale state. (#94607, #90373, #94725, #94478)
      • ·**Useful new CLI and status workflows:** Rename sessions from chat, compact sessions explicitly, show session duration, preserve command progress detail, and preview message sends/polls with dry-run output. (#88581, #91378, #88988, #94868, #94684)
      • ·**More capable mobile and desktop clients:** Android settings are grouped by intent, iOS notification state is cleaner, the Watch app uses the Xcode 27-compatible target layout, and macOS file inputs open through the native panel. (#94539, #91923, #92477, #94612)
      • ·**Broader plugin and skill coverage:** Zalo is available as an external channel entry, Trello skills declare their curl dependency, stale managed skill links are retargeted, and tool discovery no longer clears active providers. (#89586, #94729, #86719, #93276)

      Changes

      • ·**Agent and provider behavior:** Codex turn limits, CLI-owned auth, provider-internal error wording, recurring cron backoff, explicit cron delivery targets, and isolated cron key requirements now fail or recover more clearly. (#94756, #88551, #94737, #93051, #94453, #92318, #91685)
      • ·**Channels and integrations:** WhatsApp retries the opening text chunk after media failure, Feishu avoids axios internals, Slack records inbound mentions and preserves buffered streams, and external Zalo/Slack shortcuts are wired through the current channel seams. (#93823, #89806, #94790, #78536, #89586, #94881)
      • ·**Skills and setup:** OnePassword auth no longer forces tmux when the desktop app is available, stale plugin skill symlinks are repaired, and Trello requirements match their examples. (#81825, #86719, #94729)
      • ·**Apps and platform support:** iOS notification cleanup, the single-target Watch migration, Android intent grouping, native macOS file panels, and explicit realtime SDP bounds keep the app surfaces aligned with the Gateway. (#91923, #92477, #94539, #94612, #95093)
      • ·**Operator diagnostics:** Gateway probes now distinguish reachable-but-errored from unreachable, plugin methods authorize through the attached registry, session status exposes duration, and provider pricing streams are bounded. (#93948, #94343, #88988, #95103)

      Fixes

      • ·**Reply and transcript correctness:** OpenClaw now keeps pending completions, non-empty histories, media fields, queued follow-ups, buffered Slack replies, and reasoning deliveries intact across retries and partial turns. (#94349, #92383, #94257, #95039, #78536, #95029, #84292)
      • ·**Security and bounded input handling:** SSH tunnel checks stay on loopback, unsafe chat/tool/package/response lengths are rejected, device-backed pairings are removed, and stale abort markers no longer affect fresh chat events. (#94607, #95066, #95078, #95085, #95090, #90373, #91013)
      • ·**Telegram, WhatsApp, and Slack delivery:** Rich progress previews, structured Telegram errors, WhatsApp listener recovery, and canonical Slack thread/send behavior now survive the edge cases covered by the new release. (#94891, #94856, #94810, #93873, #95250)
      • ·**Cron and queue safety:** Recurring error backoff honors configured floors, implicit isolated delivery requires an explicit target, and dormant follow-up drains restart instead of disappearing. (#93051, #91685, #92318, #95039)
      • ·**Provider, auth, and migration repair:** CLI-owned transports skip the wrong auth gate, compaction aliases resolve canonically, legacy Codex routes are repaired, and tool discovery no longer clears active providers. (#88551, #90885, #94478, #93276)
      • ·**SDK and release tooling:** Approval/session RPC params are typed more strictly, stale packed tarballs are ignored, and DMG output directories are created reliably. (#95144, #95152, #95188, #95196, #95169, #95126, #95133)

      Complete contribution record

      • ·**PR #93685** refactor(auto-reply): add lifecycle storage seams.
      • ·**PR #94349** fix(agents): preserve pending subagent completion announces. Related #93323.
      • ·**PR #93174** test: fold channel message flows into qa e2e.
      • ·**PR #94093** Prevent Codex thread rotation from losing next-step context.
      • ·**PR #53920** fix(scripts): avoid mutating tracked auth-monitor template during setup.
      • ·**PR #94702** Standardize QA coverage IDs on dotted names.
      • ·**PR #81825** fix(skills/1password): stop forcing tmux for desktop app auth (#52540).
      • ·**PR #94725** fix(doctor): warn on volatile SQLite state.
      • ·**PR #88551** fix(agents): skip auth gate for CLI-owned transport.
      • ·**PR #88581** feat(commands): add /name to rename the current session from chat.
      • ·**PR #94324** feat(codex): support app-server SecretRefs.
      • ·**PR #90882** fix: add self-knowledge docs rule to system prompt. Related #90713.
      • ·**PR #94684** fix: #80507 show dry-run output for message send/poll.
      • ·**PR #93823** fix(whatsapp): keep opening text chunk when first media fails on multi-chunk reply.
      • ·**PR #89203** refactor: route SDK session compatibility through seam.
      • ·**PR #94453** fix: default cron runMode to "due" instead of "force" (#94270).
      • ·**PR #94746** fix(note): prevent clack from re-breaking copy-sensitive tokens. Related #94730.
      • ·**PR #89904** refactor: route sdk session compatibility through accessor.
      • ·**PR #86719** fix(skills): retarget stale plugin skill symlinks. Related #85925.
      • ·**PR #94337** fix(tui): show 0 not ? for fresh-session context tokens in footer.
      • ·**PR #94539** fix(android): group settings by intent.
      • ·**PR #92383** fix(gateway): never return an empty chat.history transcript.
      • ·**PR #92574** test(browser): cover action-input CLI request bodies. Related #83877.
      • ·**PR #92873** test(diffs): add viewerState, toolbar toggle, shadow root, and hydrateProps tests (fixes #83915).
      • ·**PR #94257** fix(sessions): preserve Media\* index alignment when reading user-turn fields.
      • ·**PR #94756** fix(codex): bound turn/start text when context budget is non-positive. Related #94748.
      • ·**PR #94729** fix(skills/trello): add curl to requires.bins to match body examples (fixes #94727).
      • ·**PR #94790** feat(slack): log INFO receipt for inbound app_mention events. Related #94691.
      • ·**PR #81696** fix: guard tool event callbacks (AI-assisted).
      • ·**PR #94809** chore: forward-port alpha release fixes.
      • ·**PR #94612** fix(macos): open NSOpenPanel for embedded Control UI file inputs (#94468).
      • ·**PR #89806** fix(feishu): avoid axios interceptor internals. Related #83913.
      • ·**PR #91923** fix(ios): clean up notification settings state.
      • ·**PR #91345** fix: suggest close CLI commands. Related #83999.
      • ·**PR #94561** Add stdout diagnostics OTEL log exporter.
      • ·**PR #91013** fix(gateway): ignore stale abort markers for fresh chat events. Related #91012.
      • ·**PR #89279** fix(tasks): deliver ACP completions to bound Discord threads. Related #84022.
      • ·**PR #91656** test(cron): expand parseAbsoluteTimeMs test coverage to 39 cases. Related #91654.
      • ·**PR #94810** fix(telegram): classify sendChatAction 401 by structured error_code, not bare substring match. Related #94787.
      • ·**PR #94737** fix(reply): clarify provider internal error copy.
      • ·**PR #94868** fix(channels): preserve command progress detail.
      • ·**PR #94891** fix(telegram): send progress previews as html text.
      • ·**PR #94683** fix(outbound): keep direct-only targets out of group sessions. Related #92384.
      • ·**PR #92477** fix: migrate watch app to single-target app (Xcode 27+ compat).
      • ·**PR #94812** test(perf): compare saved CLI startup benchmarks.
      • ·**PR #94856** fix(telegram): normalize all HTML tables before entity-escaping in rich messages. Related #94317.
      • ·**PR #91685** fix(cron): refuse keyless implicit isolated cron delivery inherited from shared agent-main bucket.
      • ·**PR #88988** feat(status): show session duration in footer. Related #68226.
      • ·**PR #94020** docs(browser): resolve networkidle contradiction across browser docs. Related #80587.
      • ·**PR #93948** fix(gateway): distinguish reachable-but-errored from unreachable in probe diagnostics. Related #79099.
      • ·**PR #93276** fix(plugins): stop tool-discovery loads from clearing active providers.
      • ·**PR #94343** fix(gateway): authorize plugin methods from attached registry. Related #92044.
      • ·**PR #94589** fix(channels): stop duplicating inbound previews in system events. Related #94549.
      • ·**PR #93873** fix(whatsapp): restart listener on selfChatMode config change. Related #86888.
      • ·**PR #93969** fix(xai): reject unsupported multi-agent model refs before runtime fallback. Related #85106.
      • ·**PR #89586** feat(channels): add Zalo ClawBot external channel entry and documenta….
      • ·**PR #78536** fix(slack): preserve buffered thread stream replies. Related #78061.
      • ·**PR #89236** fix(slack): default member-info userId to inbound sender.
      • ·**PR #94881** feat(slack): handle global and message shortcuts. Related #63920.
      • ·**PR #90885** fix(agent): resolve compaction model alias to canonical model ref.
      • ·**PR #90918** fix(agents): forward turn-source routing fields to plugin.approval.request. Related #74003.
      • ·**PR #95029** fix(discord): deliver reasoning replies. Related #94936.
      • ·**PR #89581** refactor: use canonical transcript reader identity.
      • ·**PR #94607** fix(ssh): scope tunnel port preflight to loopback (#94603).
      • ·**PR #95060** fix(test): harden script probe bounds.
      • ·**PR #95066** fix(e2e): reject unsafe chat tools body lengths.
      • ·**PR #93941** docs: fix two broken cross-reference anchors.
      • ·**PR #92996** fix(cli): reject present-but-invalid --timeout on status/health fast path.
      • ·**PR #94314** refactor(policy): split doctor modules.
      • ·**PR #93051** fix(cron): honor configured retry.backoffMs for recurring error backoff floor.
      • ·**PR #95078** fix(scripts): reject unsafe package download lengths.
      • ·**PR #91378** feat(cli): add `openclaw sessions compact` and fail loudly on CLI `/compact` (fixes #90640).
      • ·**PR #94676** improve: simplify PR context and evidence.
      • ·**PR #95085** fix(scripts): reject unsafe bounded response lengths.
      • ·**PR #95090** fix(e2e): reject unsafe bounded response text lengths.
      • ·**PR #95076** [codex] docs: clarify PR body evidence updates.
      • ·**PR #84292** fix(agents): preserve delivered message send results. Related #84271.
      • ·**PR #95039** fix(queue): restart dormant followup drains. Related #91909.
      • ·**PR #90373** fix(gateway): remove device-backed node pairings. Related #88488.
      • ·**PR #95093** fix(dev): bound realtime SDP answer reads.
      • ·**PR #95103** fix(gateway): bound pricing catalog streams.
      • ·**PR #95108** fix(agents): bound Anthropic error streams.
      • ·**PR #95111** fix(memory): abort batch upload response reads.
      • ·**PR #95105** fix(ci): cancel stale Testbox PR runs.
      • ·**PR #95114** fix(test): stabilize tooling guard probes.
      • ·**PR #94478** fix(doctor): repair legacy Codex route persistence. Related #94184.
      • ·**PR #95119** fix(test): stream QA Lab stdout artifacts.
      • ·**PR #95116** fix(ci): cancel stale CodeQL runs.
      • ·**PR #95126** fix(package): ignore stale packed tarballs.
      • ·**PR #95133** fix(macos): create DMG output directories.
      • ·**PR #95137** test(docker): stabilize build signal probe.
      • ·**PR #95144** fix(sdk): send exec approval resolve id.
      • ·**PR #95152** fix(sdk): list helpers work without filters.
      • ·**PR #95207** fix(scripts): preserve kitchen sink RPC request errors.
      • ·**PR #95203** fix(scripts): guard reused testbox keys.
      • ·**PR #95188** fix(sdk): type agent mutation RPC params.
      • ·**PR #95196** fix(sdk): tighten approval response params.
      • ·**PR #95169** fix(sdk): require session key for effective tools.
      • ·**PR #95250** fix(slack): record canonical sent thread. Related #95235.
      • ·**PR #86627** Keep core doctor health in contribution order.
      • ·**PR #93580** fix: preserve cron delivery awareness for target sessions.
      • ·**PR #95030** refactor: add SDK transcript identity target API.
      • ·**PR #94838** refactor(copilot): complete harness lifecycle parity.
      • ·**PR #95328** fix(sessions): reset stale per-channel origin fields on channel switch. Related #95325.
      • ·**PR #94461** fix(zai): fall back to manifest baseUrl for synthesized GLM-5 models. Related #94269.
      • ·**PR #93241** fix(agents): classify Zhipu GLM overload as overloaded for failover. Related #93211.
      • ·**PR #94067** fix(channels): resolve native /think menu levels via runtime catalog for live-discovered models. Related #93835.
      • ·**PR #94136** fix(zai): expose GLM-5.2 reasoning levels [AI-assisted].
      • ·**PR #92318** fix(cron): require explicit message target proof.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.10-beta.1
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.10-beta.1.tgz
      • ·integrity: `sha512-OgdN7P0Scm8rNgcXUrCGFyrMPJGdC3TdMxdS95jPbEzws9tp3CgZnehcmBNyBqCc9QU4uK0QUk7bnNSW+3ohbw==`
      • ·release SHA: `d91c1607c4d254b6dafa2ea052aef82e68b0c1b0`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.10-beta.1/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27898612086
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27897098428
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27897098492
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27898772805
      • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/27898773498
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27899322972
      • ·npm Telegram beta E2E: not supplied
      v2026.6.92026-06-21

      openclaw 2026.6.9

      GitHub ↗

      Highlights

      • ·**Richer Telegram delivery:** Telegram now sends rich HTML, preserves rich markdown and sticker paths, renders progress drafts and command output more faithfully, normalizes HTML tables safely, and keeps mentions and spooled handlers on the right delivery path. (#93286, #93164, #93124, #93364, #93130, #93088, #93281, #94891, #94856)
      • ·**More dependable agent recovery:** retries, terminal outcomes, usage after compaction, session history repair, and reply reconciliation now keep more interrupted or partial turns moving toward a visible final result. (#92191, #93073, #93228, #93084, #93469, #93291, #90943)
      • ·**A stronger Codex integration:** Codex gains automatic plugin approvals, GPT-5.3 Spark OAuth routing, remote-node `exec` as a dynamic tool, and more reliable app-server teardown and terminal outcomes. (#92625, #89133, #93654, #91767, #93287)
      • ·**Standalone official provider plugins:** external provider packages are now first-class npm releases, externally installed channel plugins load at Gateway startup, and StepFun is available from npm and ClawHub. (#93470)
      • ·**More capable web and native clients:** the Control UI adds a session workspace rail and extension health, iOS adds Watch controls, and Android shows chat context. (#92856, #91952, #93387, #92837)
      • ·**More useful search and skills:** Codex Hosted Search is available, key-free search providers remain deliberate opt-ins, and ClawHub skill installs retain verified source provenance. (#93446, #93616, #93283, #93506)

      Changes

      • ·Providers and auth: add Codex Hosted Search, improve Gemini CLI OAuth behind proxies, and keep external provider onboarding on current choices and package metadata. (#93446, #92815)
      • ·Plugins and installs: externalized official providers publish as independent npm packages, Gateway discovers installed channel plugins at startup, and StepFun installs from npm or ClawHub. (#93470)
      • ·Dashboard and mobile: add a session workspace rail, plugin health in status, compact cron lists, and iOS Watch controls. (#92856, #91952, #93395, #93387)
      • ·Codex, observability, and skills: add automatic plugin approvals and SecretRefs, preserve ClawHub skill provenance, add OpenTelemetry log export, and expose remote-node execution to Codex when a node is connected. (#92625, #94324, #93283, #94561, #93654)
      • ·QA and release engineering: QA scenarios now use YAML, with broader profile evidence and release coverage for the plugin and channel matrix.

      Fixes

      • ·Security and privacy: redact secrets from debug/config output, block internal HTTP session overrides, audit open-DM tool exposure, and retain plugin write ownership checks. (#93333, #88496, #93443, #92883, #93353)
      • ·Agent and session runtime: retry thinking-only and empty post-tool turns, prevent duplicate hook execution, preserve pending subagent delivery, preserve fresh usage through compaction, and repair partial JSON/history artifacts. (#92191, #93073, #93009, #93084, #93469, #94349, #92383, #94257)
      • ·Channels and replies: fix Telegram rich delivery, table rendering, action-error handling, and ingress recovery; preserve command progress detail across channel adapters; retain WhatsApp opening text after a media failure; keep Mattermost thread replies intact; and harden Discord action handling. (#93286, #93364, #93281, #93076, #93334, #93424, #93488, #94868, #94891, #94856, #94810, #93823)
      • ·Storage and migrations: avoid SQLite WAL on network filesystems, clean reindex artifacts, keep setup state out of workspace dot-directories, and import default-agent auth profiles into SQLite. (#93454, #92891, #93182, #93295, #93520, #93156)
      • ·Provider and model behavior: fix Gemini CLI proxy OAuth, restore Codex Spark OAuth routing, correct Bedrock embedding model IDs, and preserve configured defaults in embedded runs. (#92815, #89133, #93452, #93428)
      • ·CLI, TUI, and apps: accept global flags after subcommands, keep terminal output and activity indicators visible, preserve CJK IME composition, and refresh stale UI state. (#93455, #93460, #93006, #93427, #93498, #93606)
      • ·Operations and updates: harden official plugin recovery, restart managed Gateways after failed update handoff, keep safe cron delivery defaults, avoid Node-specific npm prefixes, and keep package validation paths reliable. (#93325, #92111, #93650, #94453, #91685)

      Complete contribution record

      • ·**PR #90463** refactor: add session accessor seam with gateway consumer.
      • ·**PR #88656** Drop reasoning-only length turns from replay.
      • ·**PR #92856** feat(webui): add session workspace rail.
      • ·**PR #92845** docs(browser-control): document OPENCLAW_EAGER_BROWSER_CONTROL_SERVER requirement. Related #92841.
      • ·**PR #82366** fix: use passive periodic sqlite wal checkpoints. Related #81715.
      • ·**PR #92815** fix(google): route Gemini CLI OAuth through the env proxy (#46184).
      • ·**PR #91331** fix(mattermost): merge progress preview lines by identity. Related #89761.
      • ·**PR #92909** fix(tui): keep spinner active when toggling tools. Related #49763.
      • ·**PR #92904** fix(elevenlabs): use current TTS model ids.
      • ·**PR #92642** fix #86872: Subagent run reports success but fails to write output file.
      • ·**PR #89122** refactor: route command session reads through seam.
      • ·**PR #90943** fix(reply): deliver final reply when queued follow-up claims session; scope dedupe to routed thread.
      • ·**PR #92894** fix(skills): keep managed prompt paths readable. Related #92875.
      • ·**PR #39617** fix: reload config in slash command routing so dmScope is respected. Related #39605.
      • ·**PR #92191** fix(agents): retry thinking-only errored turns. Related #91953.
      • ·**PR #92891** fix(memory): clean stale reindex temp files. Related #92874.
      • ·**PR #93005** Add OpenRouter Fusion guidance and prompt context. Related #92984.
      • ·**PR #88792** fix(state): harden sqlite path caching.
      • ·**PR #93022** fix(gateway): repair usage cost aggregation across agents.
      • ·**PR #93020** fix(telegram): cool down transient sendChatAction failures. Related #56096.
      • ·**PR #89160** fix(agents): detect truncated API responses to prevent silent session hang. Related #89051.
      • ·**PR #93009** fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973).
      • ·**PR #92991** fix(agents): tolerate missing attribution baseUrl. Related #92974.
      • ·**PR #92913** fix(opencode-go): register model catalog to fix context window detection. Related #92912.
      • ·**PR #89129** refactor: route bundled plugin session callers through seam.
      • ·**PR #93084** fix(agents): preserve fresh usage after compaction. Related #50795.
      • ·**PR #92869** fix #90333: [Bug]: Discord image build aborts at step 66 — openclaw-build-messaging-plugins.py exits 1.
      • ·**PR #93011** fix(gateway): accept file-only input on /v1/responses (parity with image-only).
      • ·**PR #92915** Convert QA scenarios to YAML files.
      • ·**PR #91767** Fix one-shot Codex app-server teardown.
      • ·**PR #92625** feat(codex): add auto plugin approvals.
      • ·**PR #91587** test(qa): add qa run --qa-profile and unified output summary/evidence.
      • ·**PR #93104** test(reply): seed channel fixtures for dedupe tests.
      • ·**PR #93107** test(reply): preserve telegram dedupe fallback.
      • ·**PR #92954** fix(memory): accept local default model path migration.
      • ·**PR #90936** fix(agents): do not misclassify client-disconnect abort as run timeout. Related #90764.
      • ·**PR #90812** fix(voice-call): preserve live Twilio streams in stale reaper. Related #79121.
      • ·**PR #93094** fix(whatsapp): bound socket operations.
      • ·**PR #91629** fix(scripts): add database-first legacy store guard. Related #91628.
      • ·**PR #93124** fix(telegram): render progress drafts as rich previews.
      • ·**PR #93109** test(qa): embed profile scorecard evidence.
      • ·**PR #87298** test: add temp directory helper guidance.
      • ·**PR #92318** fix(cron): require explicit message target proof.
      • ·**PR #93137** fix(imessage): honor disabled reply actions. Related #92142.
      • ·**PR #93134** fix(feishu): pass card_msg_content_type to get full card content (fixes #78289).
      • ·**PR #93138** fix(agents): preserve literal current session resolution.
      • ·**PR #91225** fix #83830: [Bug]: Dreaming diary repeats "first day" narrative every sweep — same early memories dominate snippets.
      • ·**PR #93153** simplify QA evidence profile and mappings/coverage shape.
      • ·**PR #93164** fix(telegram): preserve rich markdown line breaks.
      • ·**PR #93119** fix: accept mixed source/dist bundled roots. Related #87730.
      • ·**PR #93130** fix(telegram): preserve sticker media paths. Related #83748.
      • ·**PR #93073** fix(agents): retry empty post-tool final turns.
      • ·**PR #91784** fix(voice-call): require realtime websocket path boundary.
      • ·**PR #89133** Restore GPT-5.3 Codex Spark OAuth routing.
      • ·**PR #91996** refactor: prune unused iOS code.
      • ·**PR #90231** fix #69443: [Bug] Subagent RPC callback to WeChat session key routed to main session instead.
      • ·**PR #89920** fix(matrix): replace recovered command progress lines.
      • ·**PR #93159** fix(tui): keep parent stdin paused after exit.
      • ·**PR #93201** fix(auto-reply): clear pending-final state before honoring post-send abort (#89115).
      • ·**PR #93228** fix(agents): replace prose terminal classifiers.
      • ·**PR #93231** fix(status): correct pinned model clear hint.
      • ·**PR #92428** fix(qqbot): keep markdown table chunks valid.
      • ·**PR #93220** fix(status): avoid stale session context windows.
      • ·**PR #91957** perf(sessions): share one enumeration across archive retention sweeps.
      • ·**PR #93281** fix(telegram): recover pid-reused ingress claims.
      • ·**PR #93287** fix(codex): preserve terminal outcome ordering.
      • ·**PR #93182** fix(memory): clean rollback-journal reindex temp sidecar on NFS stores.
      • ·**PR #93283** Persist ClawHub skill install provenance. Related #92077.
      • ·**PR #88872** fix: attribute spawned task runs to child agent. Related #66670.
      • ·**PR #92837** fix(android): show live chat context usage.
      • ·**PR #93325** fix(cli): harden official plugin recovery.
      • ·**PR #93286** feat(telegram): send rich messages as rich html.
      • ·**PR #92910** fix(memory-core): safely refresh qmd index during collection repair.
      • ·**PR #93329** fix(cli): allow zero Discord timeout duration. Related #93327.
      • ·**PR #91625** fix(cron): add cron edit --clear-model to clear a job's model override.
      • ·**PR #91691** [AI] fix(memory): prevent empty-string expectedModel in resolveMemory….
      • ·**PR #93006** fix(tui): keep stderr visible when local shell stdout fills the output cap.
      • ·**PR #93001** fix(daemon): prefer stderr over stale stdout in gateway restart diagnostics.
      • ·**PR #91117** refactor: remove dead code and improve string concatenation.
      • ·**PR #90893** fix(models): mask paste-token input in CLI auth prompt.
      • ·**PR #90571** fix(configure): mask gateway password input in CLI wizard prompt.
      • ·**PR #91768** fix(ios): respect chat header safe area.
      • ·**PR #93245** fix(cron): resolve lastRunStatus in cron list/show human output.
      • ·**PR #78765** fix(tui): avoid inserting spaces into long CJK text.
      • ·**PR #91776** fix(ios): refresh permission rows after grants.
      • ·**PR #92817** fix(cron): trust agent output when channel is unresolved without explicit delivery. Related #90664.
      • ·**PR #93297** fix(control-ui): respect agents.defaults.timeFormat for timestamps. Related #58147.
      • ·**PR #93364** Fix Telegram rich progress command output.
      • ·**PR #91952** feat(status): surface plugin health.
      • ·**PR #75025** fix(heartbeat): refresh stale Current time line on every helper call (#44993).
      • ·**PR #90992** docs(windows): fix WSL gateway-autostart recipe for WSL ≥ 2.6.1.0 idle-termination.
      • ·**PR #86544** fix(cli): show Gemini CLI runtime auth status. Related #79585.
      • ·**PR #88945** fix(plugins): serialize binding approval saves. Related #64065.
      • ·**PR #90115** fix(gateway): pass managed inbound PDFs through chat.send. Related #90097.
      • ·**PR #74613** docs(cli): add agent selector to CLI backend quick start. Related #68940.
      • ·**PR #89121** refactor: add transcript reader seam.
      • ·**PR #84434** fix(cli): disable ScheduleWakeup/CronCreate in --print claude runs.
      • ·**PR #66985** fix(agents): resolve requestedNode to canonical ID before boundNode comparison. Related #87213.
      • ·**PR #91488** fix(reply): project preflight compaction gate by next-input size on fresh tokens.
      • ·**PR #93353** fix(plugins): require owner for plugin writes.
      • ·**PR #91499** fix(cron): preserve scheduled turn tool policy [AI].
      • ·**PR #90412** fix(sessions): cache warm transcript reads to avoid per-turn re-parse. Related #83943.
      • ·**PR #93118** fix(gateway): guard fast-path startup migrations. Related #93032.
      • ·**PR #93355** fix(ci): verify performance workflow downloads.
      • ·**PR #93358** fix(outbound): guard cross-context message mutations.
      • ·**PR #93362** fix(flock): bind allow-always to wrapped command.
      • ·**PR #92578** refactor(whatsapp): add inbound admission foundation.
      • ·**PR #89547** Control Telegram group history context.
      • ·**PR #89201** refactor: add transcript runtime identity contract.
      • ·**PR #93357** fix(plugins): enforce install policy in wrappers.
      • ·**PR #93156** fix(doctor): import default-agent auth profiles into sqlite. Related #93145.
      • ·**PR #93179** Add slim evidence mode for QA profile evidence.
      • ·**PR #93349** fix(control-ui): keep workboard card titles visible in overflowing columns (fixes #91717).
      • ·**PR #93324** fix(cli): accept --no-color after subcommands.
      • ·**PR #89621** Return Google Chat thread metadata from message sends.
      • ·**PR #82458** fix(infra): drop duplicated "restart" word in restart-sentinel summary.
      • ·**PR #85471** Suppress cron announce control replies. Related #85421.
      • ·**PR #85316** fix(auth): keep alias-compatible auth-profile overrides instead of clearing them.
      • ·**PR #89260** fix(doctor): separate platform-incompatible skills from missing requirements. Related #89232.
      • ·**PR #90846** fix(media): stop pruning media on write; let the configured timer do it.
      • ·**PR #88062** fix(logging): avoid stalled warnings for active model calls.
      • ·**PR #93308** fix(discord): reject malformed realtime consult calls.
      • ·**PR #93334** fix(whatsapp): notify user when trailing media send fails instead of silent drop.
      • ·**PR #92575** fix(sessions): preserve user behavior overrides across daily/idle rollover (#92562) [AI-assisted].
      • ·**PR #89124** refactor: route auto-reply sessions through session seam.
      • ·**PR #93431** fix: stabilize transcript cache and CLI env isolation.
      • ·**PR #93412** fix(discord): suppress tool progress for message-tool replies.
      • ·**PR #93409** fix(whatsapp): stop markdownToWhatsApp dropping code spans followed by a digit.
      • ·**PR #93295** fix(memory): swap rollback-journal sidecar during atomic reindex.
      • ·**PR #93076** fix(whatsapp): preserve auth on terminal disconnects.
      • ·**PR #93435** fix(agents): bound autoreview scope.
      • ·**PR #93279** fix(telegram): restore readable default text sends. Related #93263.
      • ·**PR #93429** fix(line): cap carousel column text at 60 chars when a title or image is set.
      • ·**PR #93428** fix(agents): resolve configured default model in runEmbeddedAgent (fixes #93419).
      • ·**PR #93427** fix(tui): show activity indicator for system-injected runs. Related #51825.
      • ·**PR #90003** feat(policy): cover exec approvals artifact.
      • ·**PR #93448** fix(guards): allow auth profile sqlite reader.
      • ·**PR #93424** fix(mattermost): keep message tool replies in threads.
      • ·**PR #93418** fix(telegram): forward Bot API 10.1 rich_message content to agent. Related #93410.
      • ·**PR #93175** test(qa): taxonomy profiles: includeAllCategories for release profile, update some coverage.
      • ·**PR #93456** fix(agents): handle string assistant message content.
      • ·**PR #93441** fix(outbound): ignore schema-padded poll metadata on send. Related #43015.
      • ·**PR #93443** fix(gateway): block internal HTTP session overrides.
      • ·**PR #93454** fix(sqlite): disable WAL on network filesystems.
      • ·**PR #90275** test: make install-safe-path symlink tests compatible with Windows.
      • ·**PR #93464** fix(qa): suppress empty WhatsApp debug artifacts.
      • ·**PR #90861** fix(cli): preserve sessions_yield over MCP. Related #77426.
      • ·**PR #90946** fix(infra): preserve inherited gateway PID across reparent during cleanup.
      • ·**PR #92220** fix(media): extract large managed inbound PDFs via media-understanding. Related #90096, #90097.
      • ·**PR #91208** fix #91047: Plugin session-extension registry not pinned; sessions.pluginPatch fails after agent/subagent plugin-load churn.
      • ·**PR #92111** fix(update): restart managed gateway when update handoff fails after stop. Related #92088.
      • ·**PR #93238** fix(agents): honor disabled envelope timestamps at model boundary.
      • ·**PR #93343** fix(codex): de-duplicate commentary notes across the raw response lane. Related #93296.
      • ·**PR #93361** fix(openshell): pin mirror remote mutations.
      • ·**PR #93354** fix(discord): block cross-provider guild admin actions.
      • ·**PR #92178** fix(gateway): normalize malformed paired access lists. Related #90654.
      • ·**PR #85254** perf(plugins): thread prepared manifestPlugins through runtime model-id normalize chain.
      • ·**PR #93489** Add ClawHub content rights docs to sidebar.
      • ·**PR #93466** [AI] fix(feishu): guard against missing inbound in channelRuntime fallback.
      • ·**PR #93460** fix(cli): honor --log-level in route-first commands. Related #93457.
      • ·**PR #93495** fix(cron): clear delivery routing fields from cron edit.
      • ·**PR #93494** docs: point PR landing at maintainer workflow.
      • ·**PR #93487** fix(ui): add agent selector to skills page. Related #78553.
      • ·**PR #93488** fix(discord): apply tool status emojis immediately to avoid override by thinking reactions. Related #92715.
      • ·**PR #93055** fix(ui): restore provider usage pill in desktop chat composer [AI].
      • ·**PR #83156** fix(matrix): accept bracketed display-name mentions. Related #83142.
      • ·**PR #93333** fix(auto-reply): redact secrets in /debug show and /debug set output.
      • ·**PR #88496** fix(auto-reply): redact secrets in config show output. Related #65623.
      • ·**PR #93105** fix(doctor): repair null agents.list[].workspace values. Related #77718.
      • ·**PR #73923** fix(ui): preserve gateway token during safe websocket url edits. Related #41545.
      • ·**PR #88970** fix #85871: [Bug]: Heartbeat scheduler silently fails to fire on 5.20 and all 5.x versions (regression from 4.23).
      • ·**PR #93511** fix(imessage): normalize leading NUL echo-cache prefixes.
      • ·**PR #92594** [Bug]: ollama-cloud runtime fails DNS lookup for ai.ollama.com, while ollama/<model>:cloud works. Related #92391.
      • ·**PR #93512** build(docs): finish PowerShell-safe docs formatting. Related #44293.
      • ·**PR #93513** fix(skills): refresh persisted snapshots after restart.
      • ·**PR #93517** fix(skills): quote skill-creator template description.
      • ·**PR #73976** fix(memory): use per-keyword FTS search in hybrid mode #39484.
      • ·**PR #93520** fix(workspace): store setup state outside workspace dot-dir.
      • ·**PR #93521** fix(onboard): skip Homebrew prompt on unsupported platforms. Related #68893.
      • ·**PR #93522** fix(feishu): send post mentions as native at elements.
      • ·**PR #93496** fix(gateway): rotate already-stale generated transcript filename on /reset.
      • ·**PR #93471** fix(cron): preserve aborted isolated-run failure.
      • ·**PR #93473** fix(memory): report skipped QMD embedding probe. Related #77645.
      • ·**PR #93498** fix(ui): preserve CJK IME composition. Related #86035.
      • ·**PR #93088** fix(telegram): bind bot mentions to assistant identity.
      • ·**PR #93499** fix(nodes): return screen snapshots as media. Related #90126.
      • ·**PR #93506** fix(skills): trust verified ClawHub source provenance.
      • ·**PR #93525** agents: notify chat exec empty-success completions.
      • ·**PR #93446** feat: add Codex hosted web search.
      • ·**PR #92883** fix(security): audit open dm tool exposure. Related #55612.
      • ·**PR #93476** fix(mattermost): preserve Codex progress preview. Related #88766.
      • ·**PR #93395** feat(cron): add compact list responses. Related #93366.
      • ·**PR #93527** fix(cron): preserve model overrides for text payloads.
      • ·**PR #90487** fix: harden ChatGPT Responses missing content-type streams.
      • ·**PR #93528** fix(gateway): tolerate transient pre-hello clean closes.
      • ·**PR #93529** fix(auto-reply): allow message tool for group attachments. Related #43146.
      • ·**PR #93291** fix(reply): preserve pending thread evidence when reconciling partial send results.
      • ·**PR #90572** fix(feishu): drop self-authored receive echoes.
      • ·**PR #93455** fix(cli): accept --log-level after subcommands.
      • ·**PR #93452** fix(bedrock): strip inference profile prefix from model ID in embedding adapter. Related #79212.
      • ·**PR #89799** fix(cli): skip compile cache on early Node 24.x to avoid startup deadlock. Related #86550.
      • ·**PR #93469** fix(agents): drop partialJson streaming artifacts from session history repair.
      • ·**PR #93463** fix(codex): log app-server compaction completion. Related #83932.
      • ·**PR #93562** fix(tui): refresh after external session reset. Related #38966.
      • ·**PR #93470** fix(plugins): load externally-installed channel plugins at gateway startup. Related #93219.
      • ·**PR #88796** fix(discord): resolve guildId from session channel for search actions. Related #88790.
      • ·**PR #93194** fix(agents): preserve prompt-released session metadata. Related #93193.
      • ·**PR #89483** fix(gateway): project failed agent turns in chat history. Related #89197.
      • ·**PR #93434** fix: avoid parent group allowlist false positive. Related #92684.
      • ·**PR #93449** fix(feishu): dedupe redelivered text by stable retry identity. Related #46778.
      • ·**PR #93407** AGT-80 AGT-81 Fix Discord ingress ack ordering.
      • ·**PR #93439** fix(agents): honor embedded run default model. Related #93419.
      • ·**PR #93565** fix(cli): summarize cleanup dry-run by label. Related #76826.
      • ·**PR #93509** fix(skills): clear orphaned idempotency pointer on corrupt-metadata re-begin.
      • ·**PR #93274** Clarify plugin channel config additional-property errors.
      • ·**PR #93555** fix(read): route text decoding through shared Windows codepage fallba….
      • ·**PR #93314** fix(skills): preserve ClawHub origin provenance on readback.
      • ·**PR #93573** fix(acp): keep bridge sessions out of stale ACP classification [AI-assisted]. Related #38907.
      • ·**PR #93398** fix(cron): emit isolated model usage diagnostics. Related #92338.
      • ·**PR #93367** Fix SSH sandbox remote directory args. Related #93344.
      • ·**PR #93574** fix(feishu): suppress log noise for bot_p2p_chat_entered_v1 event [AI-assisted]. Related #42351.
      • ·**PR #93269** Fix tokenjuice bash results without details.
      • ·**PR #93575** fix(telegram): hydrate group reply-chain media into model context [AI-assisted].
      • ·**PR #93261** fix(plugins): resolve provider policy surface for plugin-owned CLI backends. Related #93259.
      • ·**PR #93303** fix(whatsapp): bound stalled read-receipt socket operations.
      • ·**PR #93242** fix(mattermost): keep bare @mention with empty body instead of dropping it. Related #93205.
      • ·**PR #93606** fix(ui): clear stale Talk error when session transitions to non-error state (fixes #88176).
      • ·**PR #93607** perf(tasks): memoize reconcileInspectableTasks for same-tick calls (fixes #73531).
      • ·**PR #93612** fix(gateway): compute sessions.usage aggregate totals from all sessions, not just the limited page (fixes #76496).
      • ·**PR #93615** fix(telegram): recover lone active spooled handler on timeout (#84158).
      • ·**PR #93616** Keep key-free web search providers opt-in.
      • ·**PR #93298** fix #93044: control-ui webchat double-renders agent replies when dmScope=main.
      • ·**PR #93618** fix(feishu): filter temporary card-action-c-\* IDs from reply target to prevent Invalid open_message_id errors (fixes #56818).
      • ·**PR #93387** feat(ios): add watch action surface.
      • ·**PR #93648** fix(doctor): archive superseded plugin install index conflicts. Related #90418.
      • ·**PR #93649** fix(qwen): place DashScope image prompts in user content. Related #92688.
      • ·**PR #93650** fix(update): avoid per-Node npm prefixes during self-update. Related #80387.
      • ·**PR #93653** fix(skill-workshop): skip helper sessions during auto-capture.
      • ·**PR #93654** fix(codex): expose remote node exec as a Codex dynamic tool. Related #92141.
      • ·**PR #93662** fix(discord): protect mention aliases in code fences.
      • ·**PR #93663** fix(clawdock): open dashboard on published port without starting deps. Related #77344.
      • ·**PR #93670** fix(browser): recover stale managed Chrome CDP listener. Related #41750.
      • ·**PR #93672** fix(commands): preserve multiline slash skill args. Related #79155.
      • ·**PR #93674** fix(browser): accept top-level act fields with nested requests. Related #38762.
      • ·**PR #93678** fix(plugins): allow Dreaming sidecar through restrictive memory allowlists. Related #92536.
      • ·**PR #93306** fix(status): ignore stale context after model switch.
      • ·**PR #93666** fix(control-ui): copy code blocks over plain HTTP via clipboard fallback. Related #93628.
      • ·**PR #93629** fix(reply): preserve unsent text-only finals after block pipeline streamed partial content (fixes #81078).
      • ·**PR #93690** fix(telegram): dispatch MEDIA directives as attachments. Related #77702.
      • ·**PR #93693** fix(gateway): ignore stale sudo scope for root user services. Related #81410.
      • ·**PR #93646** fix(agents): return string assistant content in getLastAssistantText.
      • ·**PR #93687** fix(i18n): retain Codex error tails in logs.
      • ·**PR #93630** fix(heartbeat): bootstrap plugin session targets.
      • ·**PR #93658** fix(wizard): preserve existing default model during setup auth choice [AI-assisted]. Related #64129.
      • ·**PR #93671** fix(respawn): rewrite pnpm versioned entry paths to stable wrapper (fixes #52313).
      • ·**PR #93698** Fix Telegram rich progress detail updates.
      • ·**PR #93656** fix(gateway): send approval route notices with write scope. Related #93563.
      • ·**PR #93665** fix(gateway): surface codex app-server returned failures.
      • ·**PR #93727** fix(context-engine): avoid turn-maintenance lane livelock. Related #77340.
      • ·**PR #93681** fix(llm): handle string assistant content on the OpenAI-compatible completion path.
      • ·**PR #93722** chore(release): update appcast for 2026.6.8.
      • ·**PR #93677** fix(google-meet): declare realtime provider secret inputs. Related #81891.
      • ·**PR #92947** fix(qqbot): deliver cron auto-TTS voice by trusting OpenClaw temp root. Related #92816.
      • ·**PR #93679** fix(whatsapp): extract GIF metadata and distinguish gifPlayback in media placeholders (fixes #49099).
      • ·**PR #93688** fix(minimax): check base_resp envelope errors in TTS provider. Related #76904.
      • ·**PR #93714** fix: isolate async model resolution mock from sync mock in flaky test. Related #92117.
      • ·**PR #93705** test(macos): cover root command dispatch. Related #83879.
      • ·**PR #93711** Keep command text in progress drafts.
      • ·**PR #93712** fix: scope assistant avatar override to agent ID. Related #90890.
      • ·**PR #93725** fix(usage): prune stale usage cache temp files. Related #78939.
      • ·**PR #93726** fix(typing): start typing on reasoning deltas in thinking mode before visible text. Related #79681.
      • ·**PR #93716** fix(discord): propagate timeout through channel capabilities diagnostics. Related #77040.
      • ·**PR #93729** fix(ollama): preserve configured API during discovery. Related #93710.
      • ·**PR #93719** fix: pin plugin workspace dir for sessions.list to avoid O(rows) memo busting. Related #90814.
      • ·**PR #93732** fix(agents): preserve re-sent user prompt during compaction transcript rotation.
      • ·**PR #93738** fix: break plugin registry type import cycle.
      • ·**PR #93740** fix(sessions): release retained locks after takeover.
      • ·**PR #93745** fix(usage): reject invalid explicit dates in usage RPC date parsing.
      • ·**PR #93746** fix(ui): populate realtime talk provider and transport options from talk.catalog.
      • ·**PR #93751** fix(ios): fix quick setup sheet layout design.
      • ·**PR #93749** fix(compaction): ignore stale persisted totalTokens in preflight gate.
      • ·**PR #93753** fix: correct tautological uppercase check in tool description summarizer.
      • ·**PR #89123** refactor: route transcript writers through session seam.
      • ·**PR #93758** feat(memory): apply outputDimensionality truncation to local GGUF embeddings (fixes #58765).
      • ·**PR #93754** feat(inbound-meta): expose per-turn source modality. Related #50482.
      • ·**PR #93767** fix(reasoning-tags): strip MiniMax `mm:` namespaced reasoning tags.
      • ·**PR #93772** fix(feishu): recover CJK filenames from JSON file_name field (fixes #81103).
      • ·**PR #93773** fix(ui): scope Skill Workshop proposals to selected agent. Related #93760.
      • ·**PR #88750** feat(context-engine): pass runtime settings into lifecycle.
      • ·**PR #93763** fix(agents): use neutral billing copy for subscription auth. Related #80877.
      • ·**PR #93818** List all ClawHub docs in sidebar.
      • ·**PR #93779** fix(webchat): skip textarea resize during IME composition to eliminate typing lag. Related #90800.
      • ·**PR #93786** fix(plugins): treat refreshable catalogs as requiring runtime discovery (fixes #93775).
      • ·**PR #93791** fix(memory): await search-sync before returning results to prevent stale index (fixes #52115).
      • ·**PR #93780** fix(google): keep parallel Gemini tool responses in the turn after the model.
      • ·**PR #93789** fix(agents): make lane suspension consistent across cooldown-precheck and embedded-runner paths. Related #93036.
      • ·**PR #93798** fix(status): show 0 (not ?) for fresh-session context tokens. Related #93771.
      • ·**PR #93810** fix(cron): preserve startup overflow catch-up deferrals in start() maintenance pass.
      • ·**PR #93811** Strip UTF-8 BOM when reading SKILL.md in quick_validate.
      • ·**PR #93803** fix(ui): preserve WebChat visible messages across session switches. Related #80855.
      • ·**PR #93792** fix(android): wait for node capability approval before onboarding.
      • ·**PR #93796** fix(feishu): paginate wiki node and space listing (#37626).
      • ·**PR #93797** fix(browser): use openTab return value to prevent wsUrl race in ensureTabAvailable (fixes #63343).
      • ·**PR #93806** fix(reasoning-tags): strip MiniMax mm: tags on silent-reply and streaming paths missed by #93767.
      • ·**PR #93691** refactor: add gateway sessions.create lifecycle seam.
      • ·**PR #88748** fix(gemini): bridge OAuth profiles into CLI runtime. Related #88742.
      • ·**PR #93857** fix(deps): remediate Dependabot alerts.
      • ·**PR #93874** fix(slack): recognize MiniMax mm: namespaced reasoning tags in monitor preview.
      • ·**PR #93832** feat(providers): add ClawRouter managed proxy.
      • ·**PR #93880** fix(macos): preserve approvals migration data.
      • ·**PR #93903** fix(cron): reject invalid absolute timestamps.
      • ·**PR #93879** fix(update): use configured npm registry for update metadata. Related #79140.
      • ·**PR #93924** revert(providers): remove ClawRouter provider.
      • ·**PR #93955** fix(telegram): surface rich-message disabled state.
      • ·**PR #93881** fix(agents): route BTW through canonical Codex runtime. Related #88902.
      • ·**PR #90192** fix(feishu): fetch quoted content before empty-message guard. Related #90177.
      • ·**PR #93237** Fix Mattermost open DM validation.
      • ·**PR #93945** feat(diagnostics): add SIEM security events.
      • ·**PR #87487** fix(cli): clarify mcp list registry scope. Related #65209.
      • ·**PR #24661** feat(cohere): add provider plugin.
      • ·**PR #93532** Expose verified ClawHub source in skill verify output.
      • ·**PR #93538** feat(codex): support app-server network proxy profiles.
      • ·**PR #93938** fix(telegram): guard UTF-16 surrogate pairs in outbound chunkers. Related #93921.
      • ·**PR #94104** feat(agents): trace compaction summarization model calls.
      • ·**PR #94108** Fix package Telegram temp root.
      • ·**PR #94113** Fix Telegram package output mount.
      • ·**PR #89062** feat(docker): support offline setup reruns. Related #70443.
      • ·**PR #93929** fix(secrets): explicitly pass BWS_SERVER_URL to resolver for self-hosted instances. Related #93851.
      • ·**PR #90057** Polish Workboard operations view.
      • ·**PR #89396** fix(doctor): drop inert legacy cron notify when cron.webhook is unset. Related #44460.
      • ·**PR #94138** fix(session): prevent stale finalizer from recreating deleted session rows. Related #40840.
      • ·**PR #93739** refactor: add session patch projection seam.
      • ·**PR #94178** fix(workspace): skip optional bootstrap files when workspace setup is already completed. Related #83593.
      • ·**PR #93363** fix(feishu): enforce account tool family gates.
      • ·**PR #93813** fix(codex): keep message registered for internal turns. Related #93750.
      • ·**PR #93659** refactor: add session reset delete lifecycle seam.
      • ·**PR #93852** ci(release): harden release controls.
      • ·**PR #94203** feat(codex): support remote app-server plugins.
      • ·**PR #94263** chore: migrate claw-score skill.
      • ·**PR #93695** refactor: add compact trim lifecycle seam.
      • ·**PR #93114** test: fold lifecycle and package proof into QA Lab.
      • ·**PR #93181** test: fold otel smoke into qa e2e.
      • ·**PR #93178** test: fold gateway smoke into qa e2e.
      • ·**PR #94276** qa-lab: support script-backed evidence scenarios.
      • ·**PR #94282** Support owner-qualified ClawHub skill installs.
      • ·**PR #93704** refactor: add session cleanup lifecycle seam.
      • ·**PR #94296** fix: require all taxonomy coverage ids for a feature - AND not OR.
      • ·**PR #92016** fix(plugins): compose live hook registry view for tool-call hooks. Related #91918.
      • ·**PR #89596** fix(policy): recognize declared tool allowlists.
      • ·**PR #93713** fix: route deleted-agent session purge through lifecycle seam.
      • ·**PR #84172** fix(exec): rebuild command authorization on the Tree-sitter command planner.
      • ·**PR #94332** docs: add ClawHub namespace claims to sidebar.
      • ·**PR #86360** fix(codex): honor bound agent exec host policy.
      • ·**PR #73162** fix(slack): remove socket reconnect attempt cap so gateway stays connected indefinitely. Related #72808.
      • ·**PR #94156** fix: expose OpenAI image quality and moderation CLI options.
      • ·**PR #94350** feat: externalize GMI provider plugin.
      • ·**PR #94543** fix(gateway): bound config.get middleware results. Related #94265.
      • ·**PR #91409** fix(update): run plugin convergence after RPC git updates.
      • ·**PR #94556** chore(extensions): bump tokenjuice to 0.8.1.
      • ·**PR #94580** fix(ci): stabilize update run gates.
      • ·**PR #94394** fix(infra): probe 127.0.0.1 in ensurePortAvailable to detect IPv4-only occupants. Related #94379.
      • ·**PR #94421** fix(agents): preserve active compaction retries. Related #94391.
      • ·**PR #94428** fix(feishu): preserve replies before error finals. Related #94360.
      • ·**PR #93735** refactor: add restart recovery lifecycle seam.
      • ·**PR #94591** docs(release): backfill complete contribution records.
      • ·**PR #94588** fix(cron): retry isolated setup timeouts.
      • ·**PR #94082** fix(cron): prevent lane timeout during long tool execution. Related #94033.
      • ·**PR #94551** feat(firecrawl): add keyless scrape support.
      • ·**PR #94619** test(ci): stabilize timeout-sensitive shards.
      • ·**PR #94048** fix(telegram): set richMessages default to false explicitly in schema. Related #93770, #93794.
      • ·**PR #94118** [codex] Fix Telegram rich local Markdown link hrefs. Related #94117.
      • ·**PR #94646** refactor(sqlite): land database-first memory and proxy alignment.
      • ·**PR #94658** test(sqlite): use shared temp directory helper.
      • ·**PR #92135** fix(openai-embedding): preserve openai/ prefix for non-native base URLs. Related #92124.
      • ·**PR #93737** refactor: add session maintenance transaction seam.
      • ·**PR #93685** refactor(auto-reply): add lifecycle storage seams.
      • ·**PR #94349** fix(agents): preserve pending subagent completion announces. Related #93323.
      • ·**PR #93174** test: fold channel message flows into qa e2e.
      • ·**PR #94093** Prevent Codex thread rotation from losing next-step context.
      • ·**PR #53920** fix(scripts): avoid mutating tracked auth-monitor template during setup.
      • ·**PR #94702** Standardize QA coverage IDs on dotted names.
      • ·**PR #81825** fix(skills/1password): stop forcing tmux for desktop app auth (#52540).
      • ·**PR #94725** fix(doctor): warn on volatile SQLite state.
      • ·**PR #88551** fix(agents): skip auth gate for CLI-owned transport.
      • ·**PR #88581** feat(commands): add /name to rename the current session from chat.
      • ·**PR #94324** feat(codex): support app-server SecretRefs.
      • ·**PR #90882** fix: add self-knowledge docs rule to system prompt. Related #90713.
      • ·**PR #94684** fix: #80507 show dry-run output for message send/poll.
      • ·**PR #93823** fix(whatsapp): keep opening text chunk when first media fails on multi-chunk reply.
      • ·**PR #89203** refactor: route SDK session compatibility through seam.
      • ·**PR #94453** fix: default cron runMode to "due" instead of "force" (#94270).
      • ·**PR #94746** fix(note): prevent clack from re-breaking copy-sensitive tokens. Related #94730.
      • ·**PR #89904** refactor: route sdk session compatibility through accessor.
      • ·**PR #86719** fix(skills): retarget stale plugin skill symlinks. Related #85925.
      • ·**PR #94337** fix(tui): show 0 not ? for fresh-session context tokens in footer.
      • ·**PR #94539** fix(android): group settings by intent.
      • ·**PR #92383** fix(gateway): never return an empty chat.history transcript.
      • ·**PR #92574** test(browser): cover action-input CLI request bodies. Related #83877.
      • ·**PR #92873** test(diffs): add viewerState, toolbar toggle, shadow root, and hydrateProps tests (fixes #83915).
      • ·**PR #94257** fix(sessions): preserve Media\* index alignment when reading user-turn fields.
      • ·**PR #94756** fix(codex): bound turn/start text when context budget is non-positive. Related #94748.
      • ·**PR #94729** fix(skills/trello): add curl to requires.bins to match body examples (fixes #94727).
      • ·**PR #94790** feat(slack): log INFO receipt for inbound app_mention events. Related #94691.
      • ·**PR #81696** fix: guard tool event callbacks (AI-assisted).
      • ·**PR #94809** chore: forward-port alpha release fixes.
      • ·**PR #94612** fix(macos): open NSOpenPanel for embedded Control UI file inputs (#94468).
      • ·**PR #89806** fix(feishu): avoid axios interceptor internals. Related #83913.
      • ·**PR #91923** fix(ios): clean up notification settings state.
      • ·**PR #91345** fix: suggest close CLI commands. Related #83999.
      • ·**PR #94561** Add stdout diagnostics OTEL log exporter.
      • ·**PR #91013** fix(gateway): ignore stale abort markers for fresh chat events. Related #91012.
      • ·**PR #89279** fix(tasks): deliver ACP completions to bound Discord threads. Related #84022.
      • ·**PR #91656** test(cron): expand parseAbsoluteTimeMs test coverage to 39 cases. Related #91654.
      • ·**PR #94810** fix(telegram): classify sendChatAction 401 by structured error_code, not bare substring match. Related #94787.
      • ·**PR #94737** fix(reply): clarify provider internal error copy.
      • ·**PR #94868** fix(channels): preserve command progress detail.
      • ·**PR #94891** fix(telegram): send progress previews as html text.
      • ·**PR #94683** fix(outbound): keep direct-only targets out of group sessions. Related #92384.
      • ·**PR #92477** fix: migrate watch app to single-target app (Xcode 27+ compat).
      • ·**PR #94812** test(perf): compare saved CLI startup benchmarks.
      • ·**PR #94856** fix(telegram): normalize all HTML tables before entity-escaping in rich messages. Related #94317.
      • ·**PR #91685** fix(cron): refuse keyless implicit isolated cron delivery inherited from shared agent-main bucket.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.9
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.9.tgz
      • ·integrity: `sha512-y0PGUdE87S8QtQXABPDL0CjNKhH3q/R1h9/WiRQkhVCGSBVhs63/M1iZn2DYVyJCAbDyMz3KNyAE0WzSQIWCRg==`
      • ·release SHA: `c645ec4555c017931de0e35ad9847dffae2741ef`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.9/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27889455826
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27879798419
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27879798405
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27889611545
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27889612007
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27889785109
      • ·npm Telegram beta E2E: not supplied
      • ·Windows Hub promotion: https://github.com/openclaw/openclaw/actions/runs/27890002427 from openclaw/openclaw-windows-node@v0.6.3
      v2026.6.9-beta.1pre-release2026-06-19

      openclaw 2026.6.9-beta.1

      GitHub ↗

      Highlights

      • ·**Richer Telegram delivery:** Telegram now sends rich HTML, preserves rich markdown and sticker paths, renders progress drafts and command output more faithfully, and keeps mentions and spooled handlers on the right delivery path. (#93286, #93164, #93124, #93364, #93130, #93088, #93281)
      • ·**More dependable agent recovery:** retries, terminal outcomes, usage after compaction, session history repair, and reply reconciliation now keep more interrupted or partial turns moving toward a visible final result. (#92191, #93073, #93228, #93084, #93469, #93291, #90943)
      • ·**A stronger Codex integration:** Codex gains automatic plugin approvals, GPT-5.3 Spark OAuth routing, remote-node `exec` as a dynamic tool, and more reliable app-server teardown and terminal outcomes. (#92625, #89133, #93654, #91767, #93287)
      • ·**Standalone official provider plugins:** external provider packages are now first-class npm releases, externally installed channel plugins load at Gateway startup, and StepFun is intentionally npm-only because its ClawHub package name is unavailable. (#93470)
      • ·**More capable web and native clients:** the Control UI adds a session workspace rail and extension health, iOS adds Watch controls, and Android shows chat context. (#92856, #91952, #93387, #92837)
      • ·**More useful search and skills:** Codex Hosted Search is available, key-free search providers remain deliberate opt-ins, and ClawHub skill installs retain verified source provenance. (#93446, #93616, #93283, #93506)

      Changes

      • ·Providers and auth: add Codex Hosted Search, improve Gemini CLI OAuth behind proxies, and keep external provider onboarding on current choices and package metadata. (#93446, #92815)
      • ·Plugins and installs: externalized official providers publish as independent npm packages, Gateway discovers installed channel plugins at startup, and StepFun installs exclusively from npm. (#93470)
      • ·Dashboard and mobile: add a session workspace rail, plugin health in status, compact cron lists, and iOS Watch controls. (#92856, #91952, #93395, #93387)
      • ·Codex and skills: add automatic plugin approvals, preserve ClawHub skill provenance, and expose remote-node execution to Codex when a node is connected. (#92625, #93283, #93654)
      • ·QA and release engineering: QA scenarios now use YAML, with broader profile evidence and release coverage for the plugin and channel matrix.

      Fixes

      • ·Security and privacy: redact secrets from debug/config output, block internal HTTP session overrides, audit open-DM tool exposure, and retain plugin write ownership checks. (#93333, #88496, #93443, #92883, #93353)
      • ·Agent and session runtime: retry thinking-only and empty post-tool turns, prevent duplicate hook execution, preserve fresh usage through compaction, and repair partial JSON/history artifacts. (#92191, #93073, #93009, #93084, #93469)
      • ·Channels and replies: fix Telegram rich delivery and ingress recovery, preserve WhatsApp auth and media error reporting, keep Mattermost thread replies intact, and harden Discord action handling. (#93286, #93364, #93281, #93076, #93334, #93424, #93488)
      • ·Storage and migrations: avoid SQLite WAL on network filesystems, clean reindex artifacts, keep setup state out of workspace dot-directories, and import default-agent auth profiles into SQLite. (#93454, #92891, #93182, #93295, #93520, #93156)
      • ·Provider and model behavior: fix Gemini CLI proxy OAuth, restore Codex Spark OAuth routing, correct Bedrock embedding model IDs, and preserve configured defaults in embedded runs. (#92815, #89133, #93452, #93428)
      • ·CLI, TUI, and apps: accept global flags after subcommands, keep terminal output and activity indicators visible, preserve CJK IME composition, and refresh stale UI state. (#93455, #93460, #93006, #93427, #93498, #93606)
      • ·Operations and updates: harden official plugin recovery, restart managed Gateways after failed update handoff, avoid Node-specific npm prefixes, and keep package validation paths reliable. (#93325, #92111, #93650)

      Complete contribution record

      • ·**PR #90463** refactor: add session accessor seam with gateway consumer.
      • ·**PR #88656** Drop reasoning-only length turns from replay.
      • ·**PR #92856** feat(webui): add session workspace rail.
      • ·**PR #92845** docs(browser-control): document OPENCLAW_EAGER_BROWSER_CONTROL_SERVER requirement. Related #92841.
      • ·**PR #82366** fix: use passive periodic sqlite wal checkpoints. Related #81715.
      • ·**PR #92815** fix(google): route Gemini CLI OAuth through the env proxy (#46184).
      • ·**PR #91331** fix(mattermost): merge progress preview lines by identity. Related #89761.
      • ·**PR #92909** fix(tui): keep spinner active when toggling tools. Related #49763.
      • ·**PR #92904** fix(elevenlabs): use current TTS model ids.
      • ·**PR #92642** fix #86872: Subagent run reports success but fails to write output file.
      • ·**PR #89122** refactor: route command session reads through seam.
      • ·**PR #90943** fix(reply): deliver final reply when queued follow-up claims session; scope dedupe to routed thread.
      • ·**PR #92894** fix(skills): keep managed prompt paths readable. Related #92875.
      • ·**PR #39617** fix: reload config in slash command routing so dmScope is respected. Related #39605.
      • ·**PR #92191** fix(agents): retry thinking-only errored turns. Related #91953.
      • ·**PR #92891** fix(memory): clean stale reindex temp files. Related #92874.
      • ·**PR #93005** Add OpenRouter Fusion guidance and prompt context. Related #92984.
      • ·**PR #88792** fix(state): harden sqlite path caching.
      • ·**PR #93022** fix(gateway): repair usage cost aggregation across agents.
      • ·**PR #93020** fix(telegram): cool down transient sendChatAction failures. Related #56096.
      • ·**PR #89160** fix(agents): detect truncated API responses to prevent silent session hang. Related #89051.
      • ·**PR #93009** fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973).
      • ·**PR #92991** fix(agents): tolerate missing attribution baseUrl. Related #92974.
      • ·**PR #92913** fix(opencode-go): register model catalog to fix context window detection. Related #92912.
      • ·**PR #89129** refactor: route bundled plugin session callers through seam.
      • ·**PR #93084** fix(agents): preserve fresh usage after compaction. Related #50795.
      • ·**PR #92869** fix #90333: [Bug]: Discord image build aborts at step 66 — openclaw-build-messaging-plugins.py exits 1.
      • ·**PR #93011** fix(gateway): accept file-only input on /v1/responses (parity with image-only).
      • ·**PR #92915** Convert QA scenarios to YAML files.
      • ·**PR #91767** Fix one-shot Codex app-server teardown.
      • ·**PR #92625** feat(codex): add auto plugin approvals.
      • ·**PR #91587** test(qa): add qa run --qa-profile and unified output summary/evidence.
      • ·**PR #93104** test(reply): seed channel fixtures for dedupe tests.
      • ·**PR #93107** test(reply): preserve telegram dedupe fallback.
      • ·**PR #92954** fix(memory): accept local default model path migration.
      • ·**PR #90936** fix(agents): do not misclassify client-disconnect abort as run timeout. Related #90764.
      • ·**PR #90812** fix(voice-call): preserve live Twilio streams in stale reaper. Related #79121.
      • ·**PR #93094** fix(whatsapp): bound socket operations.
      • ·**PR #91629** fix(scripts): add database-first legacy store guard. Related #91628.
      • ·**PR #93124** fix(telegram): render progress drafts as rich previews.
      • ·**PR #93109** test(qa): embed profile scorecard evidence.
      • ·**PR #87298** test: add temp directory helper guidance.
      • ·**PR #92318** fix(cron): require explicit message target proof.
      • ·**PR #93137** fix(imessage): honor disabled reply actions. Related #92142.
      • ·**PR #93134** fix(feishu): pass card_msg_content_type to get full card content (fixes #78289).
      • ·**PR #93138** fix(agents): preserve literal current session resolution.
      • ·**PR #91225** fix #83830: [Bug]: Dreaming diary repeats "first day" narrative every sweep — same early memories dominate snippets.
      • ·**PR #93153** simplify QA evidence profile and mappings/coverage shape.
      • ·**PR #93164** fix(telegram): preserve rich markdown line breaks.
      • ·**PR #93119** fix: accept mixed source/dist bundled roots. Related #87730.
      • ·**PR #93130** fix(telegram): preserve sticker media paths. Related #83748.
      • ·**PR #93073** fix(agents): retry empty post-tool final turns.
      • ·**PR #91784** fix(voice-call): require realtime websocket path boundary.
      • ·**PR #89133** Restore GPT-5.3 Codex Spark OAuth routing.
      • ·**PR #91996** refactor: prune unused iOS code.
      • ·**PR #90231** fix #69443: [Bug] Subagent RPC callback to WeChat session key routed to main session instead.
      • ·**PR #89920** fix(matrix): replace recovered command progress lines.
      • ·**PR #93159** fix(tui): keep parent stdin paused after exit.
      • ·**PR #93201** fix(auto-reply): clear pending-final state before honoring post-send abort (#89115).
      • ·**PR #93228** fix(agents): replace prose terminal classifiers.
      • ·**PR #93231** fix(status): correct pinned model clear hint.
      • ·**PR #92428** fix(qqbot): keep markdown table chunks valid.
      • ·**PR #93220** fix(status): avoid stale session context windows.
      • ·**PR #91957** perf(sessions): share one enumeration across archive retention sweeps.
      • ·**PR #93281** fix(telegram): recover pid-reused ingress claims.
      • ·**PR #93287** fix(codex): preserve terminal outcome ordering.
      • ·**PR #93182** fix(memory): clean rollback-journal reindex temp sidecar on NFS stores.
      • ·**PR #93283** Persist ClawHub skill install provenance. Related #92077.
      • ·**PR #88872** fix: attribute spawned task runs to child agent. Related #66670.
      • ·**PR #92837** fix(android): show live chat context usage.
      • ·**PR #93325** fix(cli): harden official plugin recovery.
      • ·**PR #93286** feat(telegram): send rich messages as rich html.
      • ·**PR #92910** fix(memory-core): safely refresh qmd index during collection repair.
      • ·**PR #93329** fix(cli): allow zero Discord timeout duration. Related #93327.
      • ·**PR #91625** fix(cron): add cron edit --clear-model to clear a job's model override.
      • ·**PR #91691** [AI] fix(memory): prevent empty-string expectedModel in resolveMemory….
      • ·**PR #93006** fix(tui): keep stderr visible when local shell stdout fills the output cap.
      • ·**PR #93001** fix(daemon): prefer stderr over stale stdout in gateway restart diagnostics.
      • ·**PR #91117** refactor: remove dead code and improve string concatenation.
      • ·**PR #90893** fix(models): mask paste-token input in CLI auth prompt.
      • ·**PR #90571** fix(configure): mask gateway password input in CLI wizard prompt.
      • ·**PR #91768** fix(ios): respect chat header safe area.
      • ·**PR #93245** fix(cron): resolve lastRunStatus in cron list/show human output.
      • ·**PR #78765** fix(tui): avoid inserting spaces into long CJK text.
      • ·**PR #91776** fix(ios): refresh permission rows after grants.
      • ·**PR #92817** fix(cron): trust agent output when channel is unresolved without explicit delivery. Related #90664.
      • ·**PR #93297** fix(control-ui): respect agents.defaults.timeFormat for timestamps. Related #58147.
      • ·**PR #93364** Fix Telegram rich progress command output.
      • ·**PR #91952** feat(status): surface plugin health.
      • ·**PR #75025** fix(heartbeat): refresh stale Current time line on every helper call (#44993).
      • ·**PR #90992** docs(windows): fix WSL gateway-autostart recipe for WSL ≥ 2.6.1.0 idle-termination.
      • ·**PR #86544** fix(cli): show Gemini CLI runtime auth status. Related #79585.
      • ·**PR #88945** fix(plugins): serialize binding approval saves. Related #64065.
      • ·**PR #90115** fix(gateway): pass managed inbound PDFs through chat.send. Related #90097.
      • ·**PR #74613** docs(cli): add agent selector to CLI backend quick start. Related #68940.
      • ·**PR #89121** refactor: add transcript reader seam.
      • ·**PR #84434** fix(cli): disable ScheduleWakeup/CronCreate in --print claude runs.
      • ·**PR #66985** fix(agents): resolve requestedNode to canonical ID before boundNode comparison. Related #87213.
      • ·**PR #91488** fix(reply): project preflight compaction gate by next-input size on fresh tokens.
      • ·**PR #93353** fix(plugins): require owner for plugin writes.
      • ·**PR #91499** fix(cron): preserve scheduled turn tool policy [AI].
      • ·**PR #90412** fix(sessions): cache warm transcript reads to avoid per-turn re-parse. Related #83943.
      • ·**PR #93118** fix(gateway): guard fast-path startup migrations. Related #93032.
      • ·**PR #93355** fix(ci): verify performance workflow downloads.
      • ·**PR #93358** fix(outbound): guard cross-context message mutations.
      • ·**PR #93362** fix(flock): bind allow-always to wrapped command.
      • ·**PR #92578** refactor(whatsapp): add inbound admission foundation.
      • ·**PR #89547** Control Telegram group history context.
      • ·**PR #89201** refactor: add transcript runtime identity contract.
      • ·**PR #93357** fix(plugins): enforce install policy in wrappers.
      • ·**PR #93156** fix(doctor): import default-agent auth profiles into sqlite. Related #93145.
      • ·**PR #93179** Add slim evidence mode for QA profile evidence.
      • ·**PR #93349** fix(control-ui): keep workboard card titles visible in overflowing columns (fixes #91717).
      • ·**PR #93324** fix(cli): accept --no-color after subcommands.
      • ·**PR #89621** Return Google Chat thread metadata from message sends.
      • ·**PR #82458** fix(infra): drop duplicated "restart" word in restart-sentinel summary.
      • ·**PR #85471** Suppress cron announce control replies. Related #85421.
      • ·**PR #85316** fix(auth): keep alias-compatible auth-profile overrides instead of clearing them.
      • ·**PR #89260** fix(doctor): separate platform-incompatible skills from missing requirements. Related #89232.
      • ·**PR #90846** fix(media): stop pruning media on write; let the configured timer do it.
      • ·**PR #88062** fix(logging): avoid stalled warnings for active model calls.
      • ·**PR #93308** fix(discord): reject malformed realtime consult calls.
      • ·**PR #93334** fix(whatsapp): notify user when trailing media send fails instead of silent drop.
      • ·**PR #92575** fix(sessions): preserve user behavior overrides across daily/idle rollover (#92562) [AI-assisted].
      • ·**PR #89124** refactor: route auto-reply sessions through session seam.
      • ·**PR #93431** fix: stabilize transcript cache and CLI env isolation.
      • ·**PR #93412** fix(discord): suppress tool progress for message-tool replies.
      • ·**PR #93409** fix(whatsapp): stop markdownToWhatsApp dropping code spans followed by a digit.
      • ·**PR #93295** fix(memory): swap rollback-journal sidecar during atomic reindex.
      • ·**PR #93076** fix(whatsapp): preserve auth on terminal disconnects.
      • ·**PR #93435** fix(agents): bound autoreview scope.
      • ·**PR #93279** fix(telegram): restore readable default text sends. Related #93263.
      • ·**PR #93429** fix(line): cap carousel column text at 60 chars when a title or image is set.
      • ·**PR #93428** fix(agents): resolve configured default model in runEmbeddedAgent (fixes #93419).
      • ·**PR #93427** fix(tui): show activity indicator for system-injected runs. Related #51825.
      • ·**PR #90003** feat(policy): cover exec approvals artifact.
      • ·**PR #93448** fix(guards): allow auth profile sqlite reader.
      • ·**PR #93424** fix(mattermost): keep message tool replies in threads.
      • ·**PR #93418** fix(telegram): forward Bot API 10.1 rich_message content to agent. Related #93410.
      • ·**PR #93175** test(qa): taxonomy profiles: includeAllCategories for release profile, update some coverage.
      • ·**PR #93456** fix(agents): handle string assistant message content.
      • ·**PR #93441** fix(outbound): ignore schema-padded poll metadata on send. Related #43015.
      • ·**PR #93443** fix(gateway): block internal HTTP session overrides.
      • ·**PR #93454** fix(sqlite): disable WAL on network filesystems.
      • ·**PR #90275** test: make install-safe-path symlink tests compatible with Windows.
      • ·**PR #93464** fix(qa): suppress empty WhatsApp debug artifacts.
      • ·**PR #90861** fix(cli): preserve sessions_yield over MCP. Related #77426.
      • ·**PR #90946** fix(infra): preserve inherited gateway PID across reparent during cleanup.
      • ·**PR #92220** fix(media): extract large managed inbound PDFs via media-understanding. Related #90096, #90097.
      • ·**PR #91208** fix #91047: Plugin session-extension registry not pinned; sessions.pluginPatch fails after agent/subagent plugin-load churn.
      • ·**PR #92111** fix(update): restart managed gateway when update handoff fails after stop. Related #92088.
      • ·**PR #93238** fix(agents): honor disabled envelope timestamps at model boundary.
      • ·**PR #93343** fix(codex): de-duplicate commentary notes across the raw response lane. Related #93296.
      • ·**PR #93361** fix(openshell): pin mirror remote mutations.
      • ·**PR #93354** fix(discord): block cross-provider guild admin actions.
      • ·**PR #92178** fix(gateway): normalize malformed paired access lists. Related #90654.
      • ·**PR #85254** perf(plugins): thread prepared manifestPlugins through runtime model-id normalize chain.
      • ·**PR #93489** Add ClawHub content rights docs to sidebar.
      • ·**PR #93466** [AI] fix(feishu): guard against missing inbound in channelRuntime fallback.
      • ·**PR #93460** fix(cli): honor --log-level in route-first commands. Related #93457.
      • ·**PR #93495** fix(cron): clear delivery routing fields from cron edit.
      • ·**PR #93494** docs: point PR landing at maintainer workflow.
      • ·**PR #93487** fix(ui): add agent selector to skills page. Related #78553.
      • ·**PR #93488** fix(discord): apply tool status emojis immediately to avoid override by thinking reactions. Related #92715.
      • ·**PR #93055** fix(ui): restore provider usage pill in desktop chat composer [AI].
      • ·**PR #83156** fix(matrix): accept bracketed display-name mentions. Related #83142.
      • ·**PR #93333** fix(auto-reply): redact secrets in /debug show and /debug set output.
      • ·**PR #88496** fix(auto-reply): redact secrets in config show output. Related #65623.
      • ·**PR #93105** fix(doctor): repair null agents.list[].workspace values. Related #77718.
      • ·**PR #73923** fix(ui): preserve gateway token during safe websocket url edits. Related #41545.
      • ·**PR #88970** fix #85871: [Bug]: Heartbeat scheduler silently fails to fire on 5.20 and all 5.x versions (regression from 4.23).
      • ·**PR #93511** fix(imessage): normalize leading NUL echo-cache prefixes.
      • ·**PR #92594** [Bug]: ollama-cloud runtime fails DNS lookup for ai.ollama.com, while ollama/<model>:cloud works. Related #92391.
      • ·**PR #93512** build(docs): finish PowerShell-safe docs formatting. Related #44293.
      • ·**PR #93513** fix(skills): refresh persisted snapshots after restart.
      • ·**PR #93517** fix(skills): quote skill-creator template description.
      • ·**PR #73976** fix(memory): use per-keyword FTS search in hybrid mode #39484.
      • ·**PR #93520** fix(workspace): store setup state outside workspace dot-dir.
      • ·**PR #93521** fix(onboard): skip Homebrew prompt on unsupported platforms. Related #68893.
      • ·**PR #93522** fix(feishu): send post mentions as native at elements.
      • ·**PR #93496** fix(gateway): rotate already-stale generated transcript filename on /reset.
      • ·**PR #93471** fix(cron): preserve aborted isolated-run failure.
      • ·**PR #93473** fix(memory): report skipped QMD embedding probe. Related #77645.
      • ·**PR #93498** fix(ui): preserve CJK IME composition. Related #86035.
      • ·**PR #93088** fix(telegram): bind bot mentions to assistant identity.
      • ·**PR #93499** fix(nodes): return screen snapshots as media. Related #90126.
      • ·**PR #93506** fix(skills): trust verified ClawHub source provenance.
      • ·**PR #93525** agents: notify chat exec empty-success completions.
      • ·**PR #93446** feat: add Codex hosted web search.
      • ·**PR #92883** fix(security): audit open dm tool exposure. Related #55612.
      • ·**PR #93476** fix(mattermost): preserve Codex progress preview. Related #88766.
      • ·**PR #93395** feat(cron): add compact list responses. Related #93366.
      • ·**PR #93527** fix(cron): preserve model overrides for text payloads.
      • ·**PR #90487** fix: harden ChatGPT Responses missing content-type streams.
      • ·**PR #93528** fix(gateway): tolerate transient pre-hello clean closes.
      • ·**PR #93529** fix(auto-reply): allow message tool for group attachments. Related #43146.
      • ·**PR #93291** fix(reply): preserve pending thread evidence when reconciling partial send results.
      • ·**PR #90572** fix(feishu): drop self-authored receive echoes.
      • ·**PR #93455** fix(cli): accept --log-level after subcommands.
      • ·**PR #93452** fix(bedrock): strip inference profile prefix from model ID in embedding adapter. Related #79212.
      • ·**PR #89799** fix(cli): skip compile cache on early Node 24.x to avoid startup deadlock. Related #86550.
      • ·**PR #93469** fix(agents): drop partialJson streaming artifacts from session history repair.
      • ·**PR #93463** fix(codex): log app-server compaction completion. Related #83932.
      • ·**PR #93562** fix(tui): refresh after external session reset. Related #38966.
      • ·**PR #93470** fix(plugins): load externally-installed channel plugins at gateway startup. Related #93219.
      • ·**PR #88796** fix(discord): resolve guildId from session channel for search actions. Related #88790.
      • ·**PR #93194** fix(agents): preserve prompt-released session metadata. Related #93193.
      • ·**PR #89483** fix(gateway): project failed agent turns in chat history. Related #89197.
      • ·**PR #93434** fix: avoid parent group allowlist false positive. Related #92684.
      • ·**PR #93449** fix(feishu): dedupe redelivered text by stable retry identity. Related #46778.
      • ·**PR #93407** AGT-80 AGT-81 Fix Discord ingress ack ordering.
      • ·**PR #93439** fix(agents): honor embedded run default model. Related #93419.
      • ·**PR #93565** fix(cli): summarize cleanup dry-run by label. Related #76826.
      • ·**PR #93509** fix(skills): clear orphaned idempotency pointer on corrupt-metadata re-begin.
      • ·**PR #93274** Clarify plugin channel config additional-property errors.
      • ·**PR #93555** fix(read): route text decoding through shared Windows codepage fallba….
      • ·**PR #93314** fix(skills): preserve ClawHub origin provenance on readback.
      • ·**PR #93573** fix(acp): keep bridge sessions out of stale ACP classification [AI-assisted]. Related #38907.
      • ·**PR #93398** fix(cron): emit isolated model usage diagnostics. Related #92338.
      • ·**PR #93367** Fix SSH sandbox remote directory args. Related #93344.
      • ·**PR #93574** fix(feishu): suppress log noise for bot_p2p_chat_entered_v1 event [AI-assisted]. Related #42351.
      • ·**PR #93269** Fix tokenjuice bash results without details.
      • ·**PR #93575** fix(telegram): hydrate group reply-chain media into model context [AI-assisted].
      • ·**PR #93261** fix(plugins): resolve provider policy surface for plugin-owned CLI backends. Related #93259.
      • ·**PR #93303** fix(whatsapp): bound stalled read-receipt socket operations.
      • ·**PR #93242** fix(mattermost): keep bare @mention with empty body instead of dropping it. Related #93205.
      • ·**PR #93606** fix(ui): clear stale Talk error when session transitions to non-error state (fixes #88176).
      • ·**PR #93607** perf(tasks): memoize reconcileInspectableTasks for same-tick calls (fixes #73531).
      • ·**PR #93612** fix(gateway): compute sessions.usage aggregate totals from all sessions, not just the limited page (fixes #76496).
      • ·**PR #93615** fix(telegram): recover lone active spooled handler on timeout (#84158).
      • ·**PR #93616** Keep key-free web search providers opt-in.
      • ·**PR #93298** fix #93044: control-ui webchat double-renders agent replies when dmScope=main.
      • ·**PR #93618** fix(feishu): filter temporary card-action-c-\* IDs from reply target to prevent Invalid open_message_id errors (fixes #56818).
      • ·**PR #93387** feat(ios): add watch action surface.
      • ·**PR #93648** fix(doctor): archive superseded plugin install index conflicts. Related #90418.
      • ·**PR #93649** fix(qwen): place DashScope image prompts in user content. Related #92688.
      • ·**PR #93650** fix(update): avoid per-Node npm prefixes during self-update. Related #80387.
      • ·**PR #93653** fix(skill-workshop): skip helper sessions during auto-capture.
      • ·**PR #93654** fix(codex): expose remote node exec as a Codex dynamic tool. Related #92141.
      • ·**PR #93662** fix(discord): protect mention aliases in code fences.
      • ·**PR #93663** fix(clawdock): open dashboard on published port without starting deps. Related #77344.
      • ·**PR #93670** fix(browser): recover stale managed Chrome CDP listener. Related #41750.
      • ·**PR #93672** fix(commands): preserve multiline slash skill args. Related #79155.
      • ·**PR #93674** fix(browser): accept top-level act fields with nested requests. Related #38762.
      • ·**PR #93678** fix(plugins): allow Dreaming sidecar through restrictive memory allowlists. Related #92536.
      • ·**PR #93306** fix(status): ignore stale context after model switch.
      • ·**PR #93666** fix(control-ui): copy code blocks over plain HTTP via clipboard fallback. Related #93628.
      • ·**PR #93629** fix(reply): preserve unsent text-only finals after block pipeline streamed partial content (fixes #81078).
      • ·**PR #93690** fix(telegram): dispatch MEDIA directives as attachments. Related #77702.
      • ·**PR #93693** fix(gateway): ignore stale sudo scope for root user services. Related #81410.
      • ·**PR #93646** fix(agents): return string assistant content in getLastAssistantText.
      • ·**PR #93687** fix(i18n): retain Codex error tails in logs.
      • ·**PR #93630** fix(heartbeat): bootstrap plugin session targets.
      • ·**PR #93658** fix(wizard): preserve existing default model during setup auth choice [AI-assisted]. Related #64129.
      • ·**PR #93671** fix(respawn): rewrite pnpm versioned entry paths to stable wrapper (fixes #52313).
      • ·**PR #93698** Fix Telegram rich progress detail updates.
      • ·**PR #93656** fix(gateway): send approval route notices with write scope. Related #93563.
      • ·**PR #93665** fix(gateway): surface codex app-server returned failures.
      • ·**PR #93727** fix(context-engine): avoid turn-maintenance lane livelock. Related #77340.
      • ·**PR #93681** fix(llm): handle string assistant content on the OpenAI-compatible completion path.
      • ·**PR #93722** chore(release): update appcast for 2026.6.8.
      • ·**PR #93677** fix(google-meet): declare realtime provider secret inputs. Related #81891.
      • ·**PR #92947** fix(qqbot): deliver cron auto-TTS voice by trusting OpenClaw temp root. Related #92816.
      • ·**PR #93679** fix(whatsapp): extract GIF metadata and distinguish gifPlayback in media placeholders (fixes #49099).
      • ·**PR #93688** fix(minimax): check base_resp envelope errors in TTS provider. Related #76904.
      • ·**PR #93714** fix: isolate async model resolution mock from sync mock in flaky test. Related #92117.
      • ·**PR #93705** test(macos): cover root command dispatch. Related #83879.
      • ·**PR #93711** Keep command text in progress drafts.
      • ·**PR #93712** fix: scope assistant avatar override to agent ID. Related #90890.
      • ·**PR #93725** fix(usage): prune stale usage cache temp files. Related #78939.
      • ·**PR #93726** fix(typing): start typing on reasoning deltas in thinking mode before visible text. Related #79681.
      • ·**PR #93716** fix(discord): propagate timeout through channel capabilities diagnostics. Related #77040.
      • ·**PR #93729** fix(ollama): preserve configured API during discovery. Related #93710.
      • ·**PR #93719** fix: pin plugin workspace dir for sessions.list to avoid O(rows) memo busting. Related #90814.
      • ·**PR #93732** fix(agents): preserve re-sent user prompt during compaction transcript rotation.
      • ·**PR #93738** fix: break plugin registry type import cycle.
      • ·**PR #93740** fix(sessions): release retained locks after takeover.
      • ·**PR #93745** fix(usage): reject invalid explicit dates in usage RPC date parsing.
      • ·**PR #93746** fix(ui): populate realtime talk provider and transport options from talk.catalog.
      • ·**PR #93751** fix(ios): fix quick setup sheet layout design.
      • ·**PR #93749** fix(compaction): ignore stale persisted totalTokens in preflight gate.
      • ·**PR #93753** fix: correct tautological uppercase check in tool description summarizer.
      • ·**PR #89123** refactor: route transcript writers through session seam.
      • ·**PR #93758** feat(memory): apply outputDimensionality truncation to local GGUF embeddings (fixes #58765).
      • ·**PR #93754** feat(inbound-meta): expose per-turn source modality. Related #50482.
      • ·**PR #93767** fix(reasoning-tags): strip MiniMax `mm:` namespaced reasoning tags.
      • ·**PR #93772** fix(feishu): recover CJK filenames from JSON file_name field (fixes #81103).
      • ·**PR #93773** fix(ui): scope Skill Workshop proposals to selected agent. Related #93760.
      • ·**PR #88750** feat(context-engine): pass runtime settings into lifecycle.
      • ·**PR #93763** fix(agents): use neutral billing copy for subscription auth. Related #80877.
      • ·**PR #93818** List all ClawHub docs in sidebar.
      • ·**PR #93779** fix(webchat): skip textarea resize during IME composition to eliminate typing lag. Related #90800.
      • ·**PR #93786** fix(plugins): treat refreshable catalogs as requiring runtime discovery (fixes #93775).
      • ·**PR #93791** fix(memory): await search-sync before returning results to prevent stale index (fixes #52115).
      • ·**PR #93780** fix(google): keep parallel Gemini tool responses in the turn after the model.
      • ·**PR #93789** fix(agents): make lane suspension consistent across cooldown-precheck and embedded-runner paths. Related #93036.
      • ·**PR #93798** fix(status): show 0 (not ?) for fresh-session context tokens. Related #93771.
      • ·**PR #93810** fix(cron): preserve startup overflow catch-up deferrals in start() maintenance pass.
      • ·**PR #93811** Strip UTF-8 BOM when reading SKILL.md in quick_validate.
      • ·**PR #93803** fix(ui): preserve WebChat visible messages across session switches. Related #80855.
      • ·**PR #93792** fix(android): wait for node capability approval before onboarding.
      • ·**PR #93796** fix(feishu): paginate wiki node and space listing (#37626).
      • ·**PR #93797** fix(browser): use openTab return value to prevent wsUrl race in ensureTabAvailable (fixes #63343).
      • ·**PR #93806** fix(reasoning-tags): strip MiniMax mm: tags on silent-reply and streaming paths missed by #93767.
      • ·**PR #93691** refactor: add gateway sessions.create lifecycle seam.
      • ·**PR #88748** fix(gemini): bridge OAuth profiles into CLI runtime. Related #88742.
      • ·**PR #93857** fix(deps): remediate Dependabot alerts.
      • ·**PR #93874** fix(slack): recognize MiniMax mm: namespaced reasoning tags in monitor preview.
      • ·**PR #93832** feat(providers): add ClawRouter managed proxy.
      • ·**PR #93880** fix(macos): preserve approvals migration data.
      • ·**PR #93903** fix(cron): reject invalid absolute timestamps.
      • ·**PR #93879** fix(update): use configured npm registry for update metadata. Related #79140.
      • ·**PR #93924** revert(providers): remove ClawRouter provider.
      • ·**PR #93955** fix(telegram): surface rich-message disabled state.
      • ·**PR #93881** fix(agents): route BTW through canonical Codex runtime. Related #88902.
      • ·**PR #90192** fix(feishu): fetch quoted content before empty-message guard. Related #90177.
      • ·**PR #93237** Fix Mattermost open DM validation.
      • ·**PR #93945** feat(diagnostics): add SIEM security events.
      • ·**PR #87487** fix(cli): clarify mcp list registry scope. Related #65209.
      • ·**PR #24661** feat(cohere): add provider plugin.
      • ·**PR #93532** Expose verified ClawHub source in skill verify output.
      • ·**PR #93538** feat(codex): support app-server network proxy profiles.
      • ·**PR #93938** fix(telegram): guard UTF-16 surrogate pairs in outbound chunkers. Related #93921.
      • ·**PR #94104** feat(agents): trace compaction summarization model calls.
      • ·**PR #94108** Fix package Telegram temp root.
      • ·**PR #94113** Fix Telegram package output mount.
      • ·**PR #89062** feat(docker): support offline setup reruns. Related #70443.
      • ·**PR #93929** fix(secrets): explicitly pass BWS_SERVER_URL to resolver for self-hosted instances. Related #93851.
      • ·**PR #90057** Polish Workboard operations view.
      • ·**PR #89396** fix(doctor): drop inert legacy cron notify when cron.webhook is unset. Related #44460.
      • ·**PR #94138** fix(session): prevent stale finalizer from recreating deleted session rows. Related #40840.
      • ·**PR #93739** refactor: add session patch projection seam.
      • ·**PR #94178** fix(workspace): skip optional bootstrap files when workspace setup is already completed. Related #83593.
      • ·**PR #93363** fix(feishu): enforce account tool family gates.
      • ·**PR #93813** fix(codex): keep message registered for internal turns. Related #93750.
      • ·**PR #93659** refactor: add session reset delete lifecycle seam.
      • ·**PR #93852** ci(release): harden release controls.
      • ·**PR #94203** feat(codex): support remote app-server plugins.
      • ·**PR #94263** chore: migrate claw-score skill.
      • ·**PR #93695** refactor: add compact trim lifecycle seam.
      • ·**PR #93114** test: fold lifecycle and package proof into QA Lab.
      • ·**PR #93181** test: fold otel smoke into qa e2e.
      • ·**PR #93178** test: fold gateway smoke into qa e2e.
      • ·**PR #94276** qa-lab: support script-backed evidence scenarios.
      • ·**PR #94282** Support owner-qualified ClawHub skill installs.
      • ·**PR #93704** refactor: add session cleanup lifecycle seam.
      • ·**PR #94296** fix: require all taxonomy coverage ids for a feature - AND not OR.
      • ·**PR #92016** fix(plugins): compose live hook registry view for tool-call hooks. Related #91918.
      • ·**PR #89596** fix(policy): recognize declared tool allowlists.
      • ·**PR #93713** fix: route deleted-agent session purge through lifecycle seam.
      • ·**PR #84172** fix(exec): rebuild command authorization on the Tree-sitter command planner.
      • ·**PR #94332** docs: add ClawHub namespace claims to sidebar.
      • ·**PR #86360** fix(codex): honor bound agent exec host policy.
      • ·**PR #73162** fix(slack): remove socket reconnect attempt cap so gateway stays connected indefinitely. Related #72808.
      • ·**PR #94156** fix: expose OpenAI image quality and moderation CLI options.
      • ·**PR #94350** feat: externalize GMI provider plugin.
      • ·**PR #94543** fix(gateway): bound config.get middleware results. Related #94265.
      • ·**PR #91409** fix(update): run plugin convergence after RPC git updates.
      • ·**PR #94556** chore(extensions): bump tokenjuice to 0.8.1.
      • ·**PR #94580** fix(ci): stabilize update run gates.
      • ·**PR #94394** fix(infra): probe 127.0.0.1 in ensurePortAvailable to detect IPv4-only occupants. Related #94379.
      • ·**PR #94421** fix(agents): preserve active compaction retries. Related #94391.
      • ·**PR #94428** fix(feishu): preserve replies before error finals. Related #94360.
      • ·**PR #93735** refactor: add restart recovery lifecycle seam.
      • ·**PR #94591** docs(release): backfill complete contribution records.
      • ·**PR #94588** fix(cron): retry isolated setup timeouts.
      • ·**PR #94082** fix(cron): prevent lane timeout during long tool execution. Related #94033.
      • ·**PR #94551** feat(firecrawl): add keyless scrape support.
      • ·**PR #94619** test(ci): stabilize timeout-sensitive shards.
      • ·**PR #94048** fix(telegram): set richMessages default to false explicitly in schema. Related #93770, #93794.
      • ·**PR #94118** [codex] Fix Telegram rich local Markdown link hrefs. Related #94117.
      • ·**PR #94646** refactor(sqlite): land database-first memory and proxy alignment.
      • ·**PR #94658** test(sqlite): use shared temp directory helper.
      • ·**PR #92135** fix(openai-embedding): preserve openai/ prefix for non-native base URLs. Related #92124.
      • ·**PR #93737** refactor: add session maintenance transaction seam.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.9-beta.1
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.9-beta.1.tgz
      • ·integrity: `sha512-V50OMp+liBbw/soP1SxhZ04yXUGy3VsfVccI5I1oQCfdBGHNoTLtbvuQ44oaOY/C/CdTcmFvMDt2IzWmB9jQRw==`
      • ·release SHA: `687234af56e1f7c2b4037faa9ab2041b159dccf1`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.9-beta.1/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27805906361
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27799737148
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27801668529
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27806014895
      • ·plugin ClawHub publish recovery: https://github.com/openclaw/openclaw/actions/runs/27806975206, https://github.com/openclaw/openclaw/actions/runs/27807226080, https://github.com/openclaw/openclaw/actions/runs/27807501599, https://github.com/openclaw/openclaw/actions/runs/27807783949
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27806117514
      • ·npm Telegram beta E2E: not supplied
      v2026.6.82026-06-16

      openclaw 2026.6.8

      GitHub ↗

      Highlights

      • ·**Richer channel delivery:** Telegram and WhatsApp are less brittle: Telegram renders structured text with tables, lists, expandable blockquotes, preserved intentional line breaks, and CLI-backed replies, while WhatsApp now honors configured ACP bindings. (#92679, #93164, #84082, #89421, #92513)
      • ·**More reliable agent runs:** account-scoped DM sends, generated media completions, auto-reply message-tool final replies, reset archive fallback reads, restart shutdown aborts, yielded subagent pauses, and session identity prompts all stay on the correct recovery path. (#92788, #91246, #92879, #91357, #92631, #92468)
      • ·**Safer model routing:** new GLM-5.2 and Claude Haiku 4.5 catalog support arrives with normalized provider IDs, managed SecretRef auth, bounded model browsing, and safer OpenAI/Anthropic tool-schema recovery. (#92796, #90116, #92627, #90686, #92247, #92941)
      • ·**Useful usage footers:** `/usage` and reply payload hooks now have a native full footer renderer, default template, fixed-decimal formatting, credential-aware limits, better partial-count handling, and warnings for broken templates instead of silent bad output. (#92657, #89835, #89629)
      • ·**Predictable web search defaults:** key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search remain explicit opt-ins rather than surprising automatic fallbacks. (#93616)
      • ·**Calmer UI and mobile sessions:** workspace files start collapsed, WebChat backscroll survives streaming, the desktop session picker remains interactive, reset arguments survive dispatch, and iOS reconnects stale foreground Gateways. (#92779, #92622, #92705, #91353, #92552)
      • ·**Resilient memory and state:** oversized OpenAI embedding batches split before 431s, QMD search stays available in transient mode, SQLite avoids WAL on NFS volumes, and full reindexes preserve rollback/cache recovery. (#92650, #92618, #92639, #91247, #92881)

      Changes

      • ·Providers/models: add GLM-5.2 support and Claude Haiku 4.5 catalog entries while keeping provider-qualified model IDs normalized across OpenRouter and Google Vertex paths. (#92796, #90116, #92627, #91218)
      • ·Web search: keep key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search as explicit opt-ins instead of selecting them automatically when no API-backed provider is configured. (#93616)
      • ·Channel plugins: ship Telegram rich-message delivery and WhatsApp ACP binding support, including preserved intentional line breaks, rich prompt handoff to CLI backends, and transport fixtures for richer drafts. (#92679, #93164, #92513)
      • ·Agent commands: support `/btw` in CLI-backed sessions and keep CLI usage-error exits classified as usage failures instead of successful runs. (#92669, #92162)
      • ·Usage hooks: add built-in full footer rendering, default footer templates, per-turn usage state, credential-aware limits, and fixed-decimal formatting for usage-bar templates. (#92657, #89835, #89629)

      Fixes

      • ·Channels and delivery: preserve account-scoped DM channel send policy, intentional rich-message line breaks in Telegram and status output, rich Telegram final replies, rich Telegram tables and lists, Telegram thread-create CLI remapping, Feishu dynamic-agent routes after persisted binding reuse, Slack outbound `message_sent` hooks, contributed message-tool schema optionality, same-channel generated media completions, and channel chunking around surrogate pairs and Infinity limits. (#92788, #93164, #92679, #89421, #89943, #42837, #92814, #91137, #91246, #92735)
      • ·Gemini CLI: use the selected OpenClaw OAuth/API-key auth profile in an isolated Gemini CLI runtime home, preventing ambient Google machine credentials from overriding the chosen profile. (#88748)
      • ·Discord: give generated auto-thread titles a 60-second timeout and 4,096-token reasoning-model output budget, clamped to the selected model output cap. (#64734)
      • ·Agent, cron, and Gateway runtime: mark active main sessions before restart shutdown aborts, pause yielded subagent runs whose terminal also signals abort, clamp trusted subagent thinking overrides through provider/model fallback, preserve yielded media completions, deliver channel message-tool final replies through auto-reply while hiding internal delivery hints, restore reset archive fallback reads when active async transcripts are missing, de-duplicate main-session heartbeat events, expose session identity in runtime prompts, reject unknown OpenAI agent selectors, keep generated media completions, slash-command block replies, and trajectory export commands in WebChat, and require admin privileges for HTTP session/model override surfaces. (#91357, #92631, #92412, #92146, #92879, #91287, #92468, #92510, #91246, #92651, #92646)
      • ·Providers and model replay: preserve storeless OpenAI Responses replay compatibility, recover invalid OpenAI reasoning signatures and genericized Anthropic thinking-signature replay errors, route OAuth image defaults through Codex for eligible OpenAI profiles, avoid eager tool streaming for Claude 4.5 in Copilot, quarantine unreadable and post-hook OpenAI/Anthropic-family tool schemas without broadening allowed tool choices, deliver explicit thinking-off requests to LM Studio binary-thinking models, honor profile auth for SecretRef model entries, bound model browsing, strip provider prefixes where runtimes need bare IDs, and surface nested embedding fetch failures. (#90706, #92941, #92201, #92916, #92824, #75393, #92908, #92921, #92928, #92002, #90686, #92247, #92627, #91218, #92628)
      • ·Memory, state, diagnostics, and config: split header-too-large embedding batches, keep QMD memory search enabled in transient mode, avoid SQLite WAL on NFS volumes, preserve recovery scheduling outside stuck-session warning backoff, preserve full-reindex rollback/cache recovery, and treat raw Memory Wiki source pages as source evidence. (#92650, #92618, #92639, #91247, #92752, #92881, #59137, #92876)
      • ·UI/mobile/TUI: preserve dashboard session parent lineage, WebChat backscroll, reset soft command args, sidebar session picker interactivity, collapsed workspace files, resolved `/model` confirmation refs, stale foreground iOS Gateway reconnects, and paused setup-parent stdin after inherited-stdio child exit. (#90658, #92622, #91353, #92705, #92779, #92773, #92552, #93159)
      • ·Plugins and updates: repair missing required platform packages during managed plugin installs and updates, including omitted Codex platform binaries.
      • ·Dependencies: update Hono to 4.12.25 so published OpenClaw and ACPX packages use the patched runtime.
      • ·Updates: avoid a false downgrade prompt when the latest tag cannot resolve. (#92911)

      Complete contribution record

      • ·**PR #92144** fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766.
      • ·**PR #92175** fix(channel): harden local setup trust.
      • ·**PR #91528** fix #73837: stop after failed Node package installs.
      • ·**PR #91561** fix(wizard): report keyless web_search providers as ready, not missing a key.
      • ·**PR #92073** fix: handle explicit silent assistant replies. Related #92038.
      • ·**PR #91311** Allow Skill Workshop apply through trusted skill symlinks.
      • ·**PR #88245** refactor(whatsapp): introduce inbound message contexts.
      • ·**PR #92212** refactor: move workspace skill writes to lifecycle.
      • ·**PR #92248** Remove ClawHub owner preflight.
      • ·**PR #91617** test(sqlite): add state perf query plan harness. Related #91616.
      • ·**PR #91626** fix(daemon): keep status readable on unsupported services. Related #25621.
      • ·**PR #92295** fix(cron): preserve tz and staggerMs when --cron replaces expression. Related #92291.
      • ·**PR #92087** fix(docker): bundle QA Lab runtime in the image.
      • ·**PR #92004** fix(telegram): classify streaming preview edit failures instead of killing the draft.
      • ·**PR #91997** fix(telegram): survive getUpdates conflicts in isolated polling ingress.
      • ·**PR #92387** fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads. Related #91982.
      • ·**PR #92229** Fix doctor preview channel SecretRef resolution. Related #91939.
      • ·**PR #92225** Fix disabled heartbeat one-shot cron retries. Related #91775.
      • ·**PR #92265** Fix configured DeepSeek model transport inheritance. Related #92148.
      • ·**PR #92226** Fail closed for CLI-backed /btw fallback. Related #92168.
      • ·**PR #92231** Fix suppressed heartbeat commitment delivery. Related #91948.
      • ·**PR #92280** fix(agents): classify structured unsupported model errors. Related #92118.
      • ·**PR #92276** Fix OTLP log trace correlation. Related #91865.
      • ·**PR #92282** fix(update): hand off Linux service auto-updates. Related #91823.
      • ·**PR #92235** fix: resolve managed SecretRef provider auth. Related #92097.
      • ·**PR #92293** Fix provider static model fallback resolution. Related #92009.
      • ·**PR #92343** fix(agent): continue after source message tool replies. Related #92169.
      • ·**PR #92350** fix(codex): preserve memory prompt registration.
      • ·**PR #92290** fix: clarify gateway SecretRef auth diagnostics. Related #91815.
      • ·**PR #92286** fix: repair rejected Anthropic thinking replay. Related #91983.
      • ·**PR #92281** Fix Telegram spooled buffered replay. Related #92129.
      • ·**PR #47493** fix(doctor): show per-step progress spinners during update.
      • ·**PR #92416** fix(outbound): honor top-level image param as send media source (#92407).
      • ·**PR #92508** fix(sandbox): render CLI skill prompts from materialized paths.
      • ·**PR #92540** chore: fix esbuild production audit failure.
      • ·**PR #91484** Add QA evidence artifact output.
      • ·**PR #91500** Add QA scorecard taxonomy validation.
      • ·**PR #84082** fix(telegram): allow expandable blockquotes.
      • ·**PR #92554** feat(moonshot): add Kimi K2.7 Code support.
      • ·**PR #92396** fix(moonshot): backfill reasoning_content on assistant tool-call replay messages. Related #71491.
      • ·**PR #92566** Fix lifecycle timeout cleanup after leader exit.
      • ·**PR #92311** ci: split plugin ClawHub publishing paths.
      • ·**PR #92216** fix(gateway): mirror hidden commentary-phase assistant events.
      • ·**PR #87596** fix(moonshot): rewrite duplicate native Kimi tool_call ids on replay. Related #51593.
      • ·**PR #88993** Expose paged channel action results.
      • ·**PR #90326** fix(fireworks): resolve catalog model params from plugin.json via core.
      • ·**PR #86629** fix(doctor): warn for untrusted external Discord plugin. Related #83212.
      • ·**PR #90242** fix(providers): skip unreadable Mistral tool schemas.
      • ·**PR #92498** fix(reply): mirror same-channel Slack final replies. Related #92489.
      • ·**PR #92083** fix(channels): default boundary logger for swallowed progress-draft start errors.
      • ·**PR #92564** fix(agents): isolate invalid plugin model catalogs [AI-assisted]. Related #92553.
      • ·**PR #89827** docs: UX-013 — design system documentation.
      • ·**PR #89615** feat(ui): hide empty workboard columns.
      • ·**PR #89822** fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes.
      • ·**PR #92618** fix #92218: memory_search tool disabled with QMD backend.
      • ·**PR #92608** docs(gateway): add uptime monitoring guidance to health check docs (fixes #55768).
      • ·**PR #92605** fix(docs): pin Windows Hub download links to v2026.6.5. Related #92470.
      • ·**PR #92593** #92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters.
      • ·**PR #92606** Run Vitest and Playwright scenarios from qa suite.
      • ·**PR #89629** feat(hooks): per-turn usageState on reply_payload_sending.
      • ·**PR #89835** feat(usage): native templated /usage full footer renderer.
      • ·**PR #92247** fix(models): bound /models and models list catalog loading. Related #91809.
      • ·**PR #92646** fix: require admin for HTTP model overrides.
      • ·**PR #90686** fix(gateway): honor profile auth for SecretRef model entries. Related #90685.
      • ·**PR #92651** fix: require admin for HTTP session kills.
      • ·**PR #92652** test(models): stabilize plugin auth marker fixtures.
      • ·**PR #89438** fix(slack): warn when channels map is keyed by name instead of channel ID. Related #81665.
      • ·**PR #92631** fix(agents): pause yielded subagent runs whose terminal also signals abort. Related #92448.
      • ·**PR #92622** fix(ui): preserve WebChat backscroll during streaming. Related #92386.
      • ·**PR #92627** fix(openrouter): strip openrouter/ prefix from model ID in normalizeResolvedModel hook (fixes #92611).
      • ·**PR #92146** fix(cron): preserve yielded media completions. Related #92120.
      • ·**PR #90116** fix: add Claude Haiku 4.5 static catalog entries. Related #90088.
      • ·**PR #91137** fix(channels): keep contributed message-tool schema properties optional. Related #67852.
      • ·**PR #75393** fix(copilot): disable eager tool streaming for Claude 4.5. Related #75348.
      • ·**PR #92628** fix #73713: surface nested embedding fetch failures.
      • ·**PR #92510** fix(gateway): reject unknown OpenAI agent selectors. Related #92504.
      • ·**PR #91453** fix #91420: [Bug]: Delivery retry loop corrupts active sessions (R-004) — retry selector bypasses delivery.mode=none.
      • ·**PR #92468** fix #92453: add session identity to runtime prompt.
      • ·**PR #89943** fix(slack): emit message_sent hook on outbound delivery (mirror Telegram). Related #89942.
      • ·**PR #92668** fix(docs): finalize i18n postprocess before skip.
      • ·**PR #92673** fix: split image setup and request timeout semantics.
      • ·**PR #92162** #92069: fix(cli): usage errors exit 0.
      • ·**PR #91185** fix(browser): remove dead requireRef import and void expression in register.navigation.ts. Related #83878.
      • ·**PR #90706** fix(OpenAI Responses): disable item id replay for storeless providers. Related #89728.
      • ·**PR #90247** fix(disk-space): promote 1024 MiB to 1.0 GiB in disk warnings. Related #90245.
      • ·**PR #92657** feat(usage): ship built-in /usage full footer.
      • ·**PR #90464** perf(terminal): reuse ANSI scanner during truncation.
      • ·**PR #91281** fix(feishu): clear client cache when SDK is replaced via setFeishuClientRuntimeForTest. Related #83911.
      • ·**PR #92639** fix(memory): keep memory_search in transient qmd mode. Related #92464.
      • ·**PR #91287** fix(cron): de-duplicate main-session systemEvent in heartbeat model input. Related #44922.
      • ·**PR #91246** Fix webchat media completion handoff. Related #91003.
      • ·**PR #91353** fix(ui): preserve /reset soft args in Control UI dispatch. Related #91316.
      • ·**PR #92679** feat(telegram): send rich message text.
      • ·**PR #92705** fix(ui): restore sidebar session picker interactivity above desktop workbench. Related #92707.
      • ·**PR #91218** fix(google): strip provider prefix from Vertex model path.
      • ·**PR #92669** feat: support /btw in CLI-backed sessions.
      • ·**PR #91357** fix(gateway): mark active main sessions before restart shutdown aborts. Related #91355.
      • ·**PR #91066** fix(parallel): send openclaw-parallel User-Agent on free Search MCP requests.
      • ·**PR #90658** fix(ui): preserve dashboard session parent lineage when session list is stale. Related #90623.
      • ·**PR #92552** fix(ios): force stale foreground gateway reconnects.
      • ·**PR #89421** fix(telegram): expose thread create CLI remap. Related #81581.
      • ·**PR #92779** fix: start workspace files collapsed. Related #90359.
      • ·**PR #91247** fix(state): avoid sqlite wal on nfs state volumes. Related #90491.
      • ·**PR #92773** fix(tui): show resolved canonical model ref in /model confirmation.
      • ·**PR #92752** fix(diagnostics): keep recovery scheduling out of the stuck-session warning backoff. Related #92742.
      • ·**PR #92735** fix(markdown-core): treat Infinity chunk limit as unbounded, not 1. Related #92734.
      • ·**PR #92695** docs(config): correct maxConcurrent default in agent-defaults type comments (AI-assisted).
      • ·**PR #92766** clarify before_install hook scope. Related #91593.
      • ·**PR #92677** docs(nodes): add openclaw.json config example to Nodes overview. Related #92662.
      • ·**PR #92513** Honor WhatsApp configured ACP bindings. Related #92449.
      • ·**PR #92650** fix #92465: split OpenAI 431 embedding batches.
      • ·**PR #92796** feat(providers): add GLM-5.2 support.
      • ·**PR #92788** fix(sessions): derive channel from account-scoped DM session keys in send-policy.
      • ·**PR #92590** Docker image ships an extraneous stale openclaw in /app/node_modules (extensions pin the published release). Related #92551.
      • ·**PR #92393** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #92476** fix(agents): preserve compatible CLI session runtime pins.
      • ·**PR #92483** fix(matrix): validate CLI numeric option ranges. Related #92482.
      • ·**PR #92490** fix(canvas): validate CLI numeric options. Related #92487.
      • ·**PR #92802** fix(ui): reflow composer beside workspace rail.
      • ·**PR #91059** fix(configure): mask gateway token input in CLI wizard prompt.
      • ·**PR #91143** fix(ports): only classify SSH -L/-R tunnels on the queried port as ssh. Related #91142.
      • ·**PR #91110** fix(tavily): keep web_search contract executable. Related #91096.
      • ·**PR #91181** fix(daemon): strip schtasks backslash prefix when matching gateway task name. Related #90494.
      • ·**PR #91187** fix(cron): isolate auth profile failure policy so cron runs don't pollute shared cooldowns. Related #90991.
      • ·**PR #92807** fix(heartbeat): route outbound mirror to isolated session key.
      • ·**PR #92745** fix(memory): explain skipped short-term recall hits. Related #92706.
      • ·**PR #92488** fix(gateway): forward image-only input on /v1/responses (parity with chat completions).
      • ·**PR #92604** fix(status): avoid cumulative usage for context percent. Related #83526.
      • ·**PR #92810** fix: reject unvalidated voice media streams.
      • ·**PR #92800** fix(telegram): answer callback queries before sequentialize delays them. Related #42156.
      • ·**PR #92547** fix(nodes): surface pending reapproval diagnostics.
      • ·**PR #92690** fix(doctor): avoid false-positive legacy cron store warning when store was already migrated (fixes #92683).
      • ·**PR #92806** fix(telegram): skip IPv4 fallback when user explicitly configures non-ipv4first dnsResultOrder (fixes #41671).
      • ·**PR #92778** fix(macos): defer isOverflowing mutation to break SwiftUI render loop (fixes #43480).
      • ·**PR #92795** fix(gateway): use resolveNonNegativeNumber for totalTokens to display 0 instead of ? (fixes #43009).
      • ·**PR #92746** fix(gateway): preserve active runs during plugin finalization.
      • ·**PR #92820** UI: localize Logs tab labels.
      • ·**PR #92825** fix(telegram): preserve command callbacks while prefixing generic callback data. Related #54909.
      • ·**PR #90889** fix: cap session context overrides by model window. Related #39857.
      • ·**PR #92830** fix(copilot): strip replayed thinking blocks. Related #81520.
      • ·**PR #92834** feat(browser): extend --labels overlay to full-page and element captures.
      • ·**PR #92836** fix(discord): raise thread title timeout and tokens to fit reasoning models.
      • ·**PR #92095** fix #92039: [Bug]: WhatsApp login reports success before auth is durably persisted, so Docker rebuilds/upgrades can force relink.
      • ·**PR #92801** fix(stale): exempt ClawSweeper actionable labels from stale lifecycle (fixes #89564).
      • ·**PR #89736** fix(status): render sub-1000 token counts as plain integers. Related #89735.
      • ·**PR #92792** fix(agents): catch malformed image blocks in sanitizeContentBlocksImages.
      • ·**PR #92555** ci: gate stable releases on Windows companion assets.
      • ·**PR #91824** fix(agents): add usage guidance to sessions_spawn tool description (fixes #91814).
      • ·**PR #92840** fix(feishu): await HTTP server shutdown during monitor cleanup. Related #48183.
      • ·**PR #91632** feat: add tool search directory mode.
      • ·**PR #92823** fix(qqbot): surface failed media sends.
      • ·**PR #92849** fix(tailscale): preserve parse errors for malformed JSON.
      • ·**PR #92045** Fix diagnostics OTEL runtime install trust.
      • ·**PR #92853** fix(acp): accept MCP date protocolVersion in ACP server. Related #56102.
      • ·**PR #92854** fix(hooks): reject slug-generator error payloads.
      • ·**PR #92855** fix(ui): repair iOS Safari chat viewport handling.
      • ·**PR #91586** fix(update): continue after package doctor warnings.
      • ·**PR #92862** fix(feishu): target typing reaction on inbound message.
      • ·**PR #92861** fix(lobster): surface workflow path errors. Related #68101.
      • ·**PR #69975** fix(cli): clarify --tz help text for offset-less --at values. Related #59456.
      • ·**PR #90682** fix(openai): preserve opaque reasoning transcript fields. Related #90093.
      • ·**PR #92373** fix(anthropic): strip thinking blocks from history when thinking is disabled (fixes #92360).
      • ·**PR #87346** fix(anthropic): merge consecutive assistant turns in turn validation. Related #87329.
      • ·**PR #92896** fix(anthropic): quarantine invalid direct tool schemas.
      • ·**PR #90739** fix(active-memory): preserve verbose recall summaries. Related #90454.
      • ·**PR #92558** Simplify QA scorecard mapping shape.
      • ·**PR #92876** fix(memory-wiki): stop flagging raw source pages as malformed.
      • ·**PR #92908** fix(providers): quarantine unreadable Anthropic payload tools.
      • ·**PR #92881** fix(memory): preserve reindex rollback recovery.
      • ·**PR #92921** fix(openai): quarantine unreadable tool schemas.
      • ·**PR #92550** Fold Telegram RTT sampling into live QA evidence.
      • ·**PR #92824** fix(media): route OAuth image defaults through Codex. Related #87168.
      • ·**PR #92928** fix(openai): guard post-hook tool payloads.
      • ·**PR #92814** fix(feishu): re-resolve route when dynamic agent binding already exists in runtime config (fixes #42837).
      • ·**PR #89055** fix: restart gateway after isolated cron setup timeout.
      • ·**PR #90574** fix(openai): omit gpt-5.5 tool reasoning effort.
      • ·**PR #92941** fix(openai): recover invalid reasoning signatures.
      • ·**PR #92914** fix(agents): clamp unsupported thinking for subagent spawns instead of hard-failing. Related #92412.
      • ·**PR #92573** fix: preserve config-selected subagent model overrides. Related #92486.
      • ·**PR #92852** fix(gateway): fall back to polling when config watcher exhausts inotify retries. Related #92851.
      • ·**PR #92362** fix(gateway): build row metadata context for single session lists.
      • ·**PR #92897** fix(memory-wiki): tolerate public artifacts without agent ids. Related #92207.
      • ·**PR #92002** fix(lmstudio): deliver thinking "off" to binary-thinking models. Related #91913.
      • ·**PR #92738** Forward suppressed-source progress for message-tool channel replies.
      • ·**PR #92916** #92201: Embedded runner: freshly streamed thinking signatures intermittently invalid on replay (Anthropic); recovery wrapper never fires because error text is genericized.
      • ·**PR #90936** fix(agents): do not misclassify client-disconnect abort as run timeout. Related #90764.
      • ·**PR #93009** fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973).
      • ·**PR #92318** fix(cron): require explicit message target proof.
      • ·**PR #93022** fix(gateway): repair usage cost aggregation across agents.
      • ·**PR #93159** fix(tui): keep parent stdin paused after exit.
      • ·**PR #93616** Keep key-free web search providers opt-in.
      • ·**PR #93164** fix(telegram): preserve rich markdown line breaks.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.8
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.8.tgz
      • ·integrity: `sha512-iziR8fi69+ojrtX7FYYvTpkGcVnmyLpIhvchgt5LFkkdHVWw973XAAekKVZ3/xQJ5FG4NwgHkXL0LLTrgsNOSQ==`
      • ·release SHA: `844f405ac1be805d5c598922a37254f12ab6d765`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.8/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27631170936
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27627935264
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27627935341
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27631412538
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27631418543
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27632229765
      • ·npm Telegram beta E2E: not supplied
      • ·Windows Hub promotion: https://github.com/openclaw/openclaw/actions/runs/27632639125 from openclaw/openclaw-windows-node@v0.6.3
      • ·macOS signed/notarized preflight: https://github.com/openclaw/releases/actions/runs/27632793120
      • ·macOS Swift validation: https://github.com/openclaw/releases/actions/runs/27632792831
      • ·macOS asset promotion: https://github.com/openclaw/releases/actions/runs/27635471007
      • ·stable appcast: https://github.com/openclaw/openclaw/pull/93722
      v2026.6.8-beta.2pre-release2026-06-16

      openclaw 2026.6.8-beta.2

      GitHub ↗

      Highlights

      • ·**Richer channel delivery:** Telegram and WhatsApp are less brittle: Telegram renders structured text with tables, lists, expandable blockquotes, preserved intentional line breaks, and CLI-backed replies, while WhatsApp now honors configured ACP bindings. (#92679, #93164, #84082, #89421, #92513)
      • ·**More reliable agent runs:** account-scoped DM sends, generated media completions, auto-reply message-tool final replies, reset archive fallback reads, restart shutdown aborts, yielded subagent pauses, and session identity prompts all stay on the correct recovery path. (#92788, #91246, #92879, #91357, #92631, #92468)
      • ·**Safer model routing:** new GLM-5.2 and Claude Haiku 4.5 catalog support arrives with normalized provider IDs, managed SecretRef auth, bounded model browsing, and safer OpenAI/Anthropic tool-schema recovery. (#92796, #90116, #92627, #90686, #92247, #92941)
      • ·**Useful usage footers:** `/usage` and reply payload hooks now have a native full footer renderer, default template, fixed-decimal formatting, credential-aware limits, better partial-count handling, and warnings for broken templates instead of silent bad output. (#92657, #89835, #89629)
      • ·**Predictable web search defaults:** key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search remain explicit opt-ins rather than surprising automatic fallbacks. (#93616)
      • ·**Calmer UI and mobile sessions:** workspace files start collapsed, WebChat backscroll survives streaming, the desktop session picker remains interactive, reset arguments survive dispatch, and iOS reconnects stale foreground Gateways. (#92779, #92622, #92705, #91353, #92552)
      • ·**Resilient memory and state:** oversized OpenAI embedding batches split before 431s, QMD search stays available in transient mode, SQLite avoids WAL on NFS volumes, and full reindexes preserve rollback/cache recovery. (#92650, #92618, #92639, #91247, #92881)

      Changes

      • ·Providers/models: add GLM-5.2 support and Claude Haiku 4.5 catalog entries while keeping provider-qualified model IDs normalized across OpenRouter and Google Vertex paths. (#92796, #90116, #92627, #91218)
      • ·Web search: keep key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search as explicit opt-ins instead of selecting them automatically when no API-backed provider is configured. (#93616)
      • ·Channel plugins: ship Telegram rich-message delivery and WhatsApp ACP binding support, including preserved intentional line breaks, rich prompt handoff to CLI backends, and transport fixtures for richer drafts. (#92679, #93164, #92513)
      • ·Agent commands: support `/btw` in CLI-backed sessions and keep CLI usage-error exits classified as usage failures instead of successful runs. (#92669, #92162)
      • ·Usage hooks: add built-in full footer rendering, default footer templates, per-turn usage state, credential-aware limits, and fixed-decimal formatting for usage-bar templates. (#92657, #89835, #89629)

      Fixes

      • ·Channels and delivery: preserve account-scoped DM channel send policy, intentional rich-message line breaks in Telegram and status output, rich Telegram final replies, rich Telegram tables and lists, Telegram thread-create CLI remapping, Feishu dynamic-agent routes after persisted binding reuse, Slack outbound `message_sent` hooks, contributed message-tool schema optionality, same-channel generated media completions, and channel chunking around surrogate pairs and Infinity limits. (#92788, #93164, #92679, #89421, #89943, #42837, #92814, #91137, #91246, #92735)
      • ·Gemini CLI: use the selected OpenClaw OAuth/API-key auth profile in an isolated Gemini CLI runtime home, preventing ambient Google machine credentials from overriding the chosen profile. (#88748)
      • ·Discord: give generated auto-thread titles a 60-second timeout and 4,096-token reasoning-model output budget, clamped to the selected model output cap. (#64734)
      • ·Agent, cron, and Gateway runtime: mark active main sessions before restart shutdown aborts, pause yielded subagent runs whose terminal also signals abort, clamp trusted subagent thinking overrides through provider/model fallback, preserve yielded media completions, deliver channel message-tool final replies through auto-reply while hiding internal delivery hints, restore reset archive fallback reads when active async transcripts are missing, de-duplicate main-session heartbeat events, expose session identity in runtime prompts, reject unknown OpenAI agent selectors, keep generated media completions, slash-command block replies, and trajectory export commands in WebChat, and require admin privileges for HTTP session/model override surfaces. (#91357, #92631, #92412, #92146, #92879, #91287, #92468, #92510, #91246, #92651, #92646)
      • ·Providers and model replay: preserve storeless OpenAI Responses replay compatibility, recover invalid OpenAI reasoning signatures and genericized Anthropic thinking-signature replay errors, route OAuth image defaults through Codex for eligible OpenAI profiles, avoid eager tool streaming for Claude 4.5 in Copilot, quarantine unreadable and post-hook OpenAI/Anthropic-family tool schemas without broadening allowed tool choices, deliver explicit thinking-off requests to LM Studio binary-thinking models, honor profile auth for SecretRef model entries, bound model browsing, strip provider prefixes where runtimes need bare IDs, and surface nested embedding fetch failures. (#90706, #92941, #92201, #92916, #92824, #75393, #92908, #92921, #92928, #92002, #90686, #92247, #92627, #91218, #92628)
      • ·Memory, state, diagnostics, and config: split header-too-large embedding batches, keep QMD memory search enabled in transient mode, avoid SQLite WAL on NFS volumes, preserve recovery scheduling outside stuck-session warning backoff, preserve full-reindex rollback/cache recovery, and treat raw Memory Wiki source pages as source evidence. (#92650, #92618, #92639, #91247, #92752, #92881, #59137, #92876)
      • ·UI/mobile/TUI: preserve dashboard session parent lineage, WebChat backscroll, reset soft command args, sidebar session picker interactivity, collapsed workspace files, resolved `/model` confirmation refs, stale foreground iOS Gateway reconnects, and paused setup-parent stdin after inherited-stdio child exit. (#90658, #92622, #91353, #92705, #92779, #92773, #92552, #93159)
      • ·Plugins and updates: repair missing required platform packages during managed plugin installs and updates, including omitted Codex platform binaries.
      • ·Dependencies: update Hono to 4.12.25 so published OpenClaw and ACPX packages use the patched runtime.
      • ·Updates: avoid a false downgrade prompt when the latest tag cannot resolve. (#92911)

      Complete contribution record

      • ·**PR #92144** fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766.
      • ·**PR #92175** fix(channel): harden local setup trust.
      • ·**PR #91528** fix #73837: stop after failed Node package installs.
      • ·**PR #91561** fix(wizard): report keyless web_search providers as ready, not missing a key.
      • ·**PR #92073** fix: handle explicit silent assistant replies. Related #92038.
      • ·**PR #91311** Allow Skill Workshop apply through trusted skill symlinks.
      • ·**PR #88245** refactor(whatsapp): introduce inbound message contexts.
      • ·**PR #92212** refactor: move workspace skill writes to lifecycle.
      • ·**PR #92248** Remove ClawHub owner preflight.
      • ·**PR #91617** test(sqlite): add state perf query plan harness. Related #91616.
      • ·**PR #91626** fix(daemon): keep status readable on unsupported services. Related #25621.
      • ·**PR #92295** fix(cron): preserve tz and staggerMs when --cron replaces expression. Related #92291.
      • ·**PR #92087** fix(docker): bundle QA Lab runtime in the image.
      • ·**PR #92004** fix(telegram): classify streaming preview edit failures instead of killing the draft.
      • ·**PR #91997** fix(telegram): survive getUpdates conflicts in isolated polling ingress.
      • ·**PR #92387** fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads. Related #91982.
      • ·**PR #92229** Fix doctor preview channel SecretRef resolution. Related #91939.
      • ·**PR #92225** Fix disabled heartbeat one-shot cron retries. Related #91775.
      • ·**PR #92265** Fix configured DeepSeek model transport inheritance. Related #92148.
      • ·**PR #92226** Fail closed for CLI-backed /btw fallback. Related #92168.
      • ·**PR #92231** Fix suppressed heartbeat commitment delivery. Related #91948.
      • ·**PR #92280** fix(agents): classify structured unsupported model errors. Related #92118.
      • ·**PR #92276** Fix OTLP log trace correlation. Related #91865.
      • ·**PR #92282** fix(update): hand off Linux service auto-updates. Related #91823.
      • ·**PR #92235** fix: resolve managed SecretRef provider auth. Related #92097.
      • ·**PR #92293** Fix provider static model fallback resolution. Related #92009.
      • ·**PR #92343** fix(agent): continue after source message tool replies. Related #92169.
      • ·**PR #92350** fix(codex): preserve memory prompt registration.
      • ·**PR #92290** fix: clarify gateway SecretRef auth diagnostics. Related #91815.
      • ·**PR #92286** fix: repair rejected Anthropic thinking replay. Related #91983.
      • ·**PR #92281** Fix Telegram spooled buffered replay. Related #92129.
      • ·**PR #47493** fix(doctor): show per-step progress spinners during update.
      • ·**PR #92416** fix(outbound): honor top-level image param as send media source (#92407).
      • ·**PR #92508** fix(sandbox): render CLI skill prompts from materialized paths.
      • ·**PR #92540** chore: fix esbuild production audit failure.
      • ·**PR #91484** Add QA evidence artifact output.
      • ·**PR #91500** Add QA scorecard taxonomy validation.
      • ·**PR #84082** fix(telegram): allow expandable blockquotes.
      • ·**PR #92554** feat(moonshot): add Kimi K2.7 Code support.
      • ·**PR #92396** fix(moonshot): backfill reasoning_content on assistant tool-call replay messages. Related #71491.
      • ·**PR #92566** Fix lifecycle timeout cleanup after leader exit.
      • ·**PR #92311** ci: split plugin ClawHub publishing paths.
      • ·**PR #92216** fix(gateway): mirror hidden commentary-phase assistant events.
      • ·**PR #87596** fix(moonshot): rewrite duplicate native Kimi tool_call ids on replay. Related #51593.
      • ·**PR #88993** Expose paged channel action results.
      • ·**PR #90326** fix(fireworks): resolve catalog model params from plugin.json via core.
      • ·**PR #86629** fix(doctor): warn for untrusted external Discord plugin. Related #83212.
      • ·**PR #90242** fix(providers): skip unreadable Mistral tool schemas.
      • ·**PR #92498** fix(reply): mirror same-channel Slack final replies. Related #92489.
      • ·**PR #92083** fix(channels): default boundary logger for swallowed progress-draft start errors.
      • ·**PR #92564** fix(agents): isolate invalid plugin model catalogs [AI-assisted]. Related #92553.
      • ·**PR #89827** docs: UX-013 — design system documentation.
      • ·**PR #89615** feat(ui): hide empty workboard columns.
      • ·**PR #89822** fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes.
      • ·**PR #92618** fix #92218: memory_search tool disabled with QMD backend.
      • ·**PR #92608** docs(gateway): add uptime monitoring guidance to health check docs (fixes #55768).
      • ·**PR #92605** fix(docs): pin Windows Hub download links to v2026.6.5. Related #92470.
      • ·**PR #92593** #92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters.
      • ·**PR #92606** Run Vitest and Playwright scenarios from qa suite.
      • ·**PR #89629** feat(hooks): per-turn usageState on reply_payload_sending.
      • ·**PR #89835** feat(usage): native templated /usage full footer renderer.
      • ·**PR #92247** fix(models): bound /models and models list catalog loading. Related #91809.
      • ·**PR #92646** fix: require admin for HTTP model overrides.
      • ·**PR #90686** fix(gateway): honor profile auth for SecretRef model entries. Related #90685.
      • ·**PR #92651** fix: require admin for HTTP session kills.
      • ·**PR #92652** test(models): stabilize plugin auth marker fixtures.
      • ·**PR #89438** fix(slack): warn when channels map is keyed by name instead of channel ID. Related #81665.
      • ·**PR #92631** fix(agents): pause yielded subagent runs whose terminal also signals abort. Related #92448.
      • ·**PR #92622** fix(ui): preserve WebChat backscroll during streaming. Related #92386.
      • ·**PR #92627** fix(openrouter): strip openrouter/ prefix from model ID in normalizeResolvedModel hook (fixes #92611).
      • ·**PR #92146** fix(cron): preserve yielded media completions. Related #92120.
      • ·**PR #90116** fix: add Claude Haiku 4.5 static catalog entries. Related #90088.
      • ·**PR #91137** fix(channels): keep contributed message-tool schema properties optional. Related #67852.
      • ·**PR #75393** fix(copilot): disable eager tool streaming for Claude 4.5. Related #75348.
      • ·**PR #92628** fix #73713: surface nested embedding fetch failures.
      • ·**PR #92510** fix(gateway): reject unknown OpenAI agent selectors. Related #92504.
      • ·**PR #91453** fix #91420: [Bug]: Delivery retry loop corrupts active sessions (R-004) — retry selector bypasses delivery.mode=none.
      • ·**PR #92468** fix #92453: add session identity to runtime prompt.
      • ·**PR #89943** fix(slack): emit message_sent hook on outbound delivery (mirror Telegram). Related #89942.
      • ·**PR #92668** fix(docs): finalize i18n postprocess before skip.
      • ·**PR #92673** fix: split image setup and request timeout semantics.
      • ·**PR #92162** #92069: fix(cli): usage errors exit 0.
      • ·**PR #91185** fix(browser): remove dead requireRef import and void expression in register.navigation.ts. Related #83878.
      • ·**PR #90706** fix(OpenAI Responses): disable item id replay for storeless providers. Related #89728.
      • ·**PR #90247** fix(disk-space): promote 1024 MiB to 1.0 GiB in disk warnings. Related #90245.
      • ·**PR #92657** feat(usage): ship built-in /usage full footer.
      • ·**PR #90464** perf(terminal): reuse ANSI scanner during truncation.
      • ·**PR #91281** fix(feishu): clear client cache when SDK is replaced via setFeishuClientRuntimeForTest. Related #83911.
      • ·**PR #92639** fix(memory): keep memory_search in transient qmd mode. Related #92464.
      • ·**PR #91287** fix(cron): de-duplicate main-session systemEvent in heartbeat model input. Related #44922.
      • ·**PR #91246** Fix webchat media completion handoff. Related #91003.
      • ·**PR #91353** fix(ui): preserve /reset soft args in Control UI dispatch. Related #91316.
      • ·**PR #92679** feat(telegram): send rich message text.
      • ·**PR #92705** fix(ui): restore sidebar session picker interactivity above desktop workbench. Related #92707.
      • ·**PR #91218** fix(google): strip provider prefix from Vertex model path.
      • ·**PR #92669** feat: support /btw in CLI-backed sessions.
      • ·**PR #91357** fix(gateway): mark active main sessions before restart shutdown aborts. Related #91355.
      • ·**PR #91066** fix(parallel): send openclaw-parallel User-Agent on free Search MCP requests.
      • ·**PR #90658** fix(ui): preserve dashboard session parent lineage when session list is stale. Related #90623.
      • ·**PR #92552** fix(ios): force stale foreground gateway reconnects.
      • ·**PR #89421** fix(telegram): expose thread create CLI remap. Related #81581.
      • ·**PR #92779** fix: start workspace files collapsed. Related #90359.
      • ·**PR #91247** fix(state): avoid sqlite wal on nfs state volumes. Related #90491.
      • ·**PR #92773** fix(tui): show resolved canonical model ref in /model confirmation.
      • ·**PR #92752** fix(diagnostics): keep recovery scheduling out of the stuck-session warning backoff. Related #92742.
      • ·**PR #92735** fix(markdown-core): treat Infinity chunk limit as unbounded, not 1. Related #92734.
      • ·**PR #92695** docs(config): correct maxConcurrent default in agent-defaults type comments (AI-assisted).
      • ·**PR #92766** clarify before_install hook scope. Related #91593.
      • ·**PR #92677** docs(nodes): add openclaw.json config example to Nodes overview. Related #92662.
      • ·**PR #92513** Honor WhatsApp configured ACP bindings. Related #92449.
      • ·**PR #92650** fix #92465: split OpenAI 431 embedding batches.
      • ·**PR #92796** feat(providers): add GLM-5.2 support.
      • ·**PR #92788** fix(sessions): derive channel from account-scoped DM session keys in send-policy.
      • ·**PR #92590** Docker image ships an extraneous stale openclaw in /app/node_modules (extensions pin the published release). Related #92551.
      • ·**PR #92393** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #92476** fix(agents): preserve compatible CLI session runtime pins.
      • ·**PR #92483** fix(matrix): validate CLI numeric option ranges. Related #92482.
      • ·**PR #92490** fix(canvas): validate CLI numeric options. Related #92487.
      • ·**PR #92802** fix(ui): reflow composer beside workspace rail.
      • ·**PR #91059** fix(configure): mask gateway token input in CLI wizard prompt.
      • ·**PR #91143** fix(ports): only classify SSH -L/-R tunnels on the queried port as ssh. Related #91142.
      • ·**PR #91110** fix(tavily): keep web_search contract executable. Related #91096.
      • ·**PR #91181** fix(daemon): strip schtasks backslash prefix when matching gateway task name. Related #90494.
      • ·**PR #91187** fix(cron): isolate auth profile failure policy so cron runs don't pollute shared cooldowns. Related #90991.
      • ·**PR #92807** fix(heartbeat): route outbound mirror to isolated session key.
      • ·**PR #92745** fix(memory): explain skipped short-term recall hits. Related #92706.
      • ·**PR #92488** fix(gateway): forward image-only input on /v1/responses (parity with chat completions).
      • ·**PR #92604** fix(status): avoid cumulative usage for context percent. Related #83526.
      • ·**PR #92810** fix: reject unvalidated voice media streams.
      • ·**PR #92800** fix(telegram): answer callback queries before sequentialize delays them. Related #42156.
      • ·**PR #92547** fix(nodes): surface pending reapproval diagnostics.
      • ·**PR #92690** fix(doctor): avoid false-positive legacy cron store warning when store was already migrated (fixes #92683).
      • ·**PR #92806** fix(telegram): skip IPv4 fallback when user explicitly configures non-ipv4first dnsResultOrder (fixes #41671).
      • ·**PR #92778** fix(macos): defer isOverflowing mutation to break SwiftUI render loop (fixes #43480).
      • ·**PR #92795** fix(gateway): use resolveNonNegativeNumber for totalTokens to display 0 instead of ? (fixes #43009).
      • ·**PR #92746** fix(gateway): preserve active runs during plugin finalization.
      • ·**PR #92820** UI: localize Logs tab labels.
      • ·**PR #92825** fix(telegram): preserve command callbacks while prefixing generic callback data. Related #54909.
      • ·**PR #90889** fix: cap session context overrides by model window. Related #39857.
      • ·**PR #92830** fix(copilot): strip replayed thinking blocks. Related #81520.
      • ·**PR #92834** feat(browser): extend --labels overlay to full-page and element captures.
      • ·**PR #92836** fix(discord): raise thread title timeout and tokens to fit reasoning models.
      • ·**PR #92095** fix #92039: [Bug]: WhatsApp login reports success before auth is durably persisted, so Docker rebuilds/upgrades can force relink.
      • ·**PR #92801** fix(stale): exempt ClawSweeper actionable labels from stale lifecycle (fixes #89564).
      • ·**PR #89736** fix(status): render sub-1000 token counts as plain integers. Related #89735.
      • ·**PR #92792** fix(agents): catch malformed image blocks in sanitizeContentBlocksImages.
      • ·**PR #92555** ci: gate stable releases on Windows companion assets.
      • ·**PR #91824** fix(agents): add usage guidance to sessions_spawn tool description (fixes #91814).
      • ·**PR #92840** fix(feishu): await HTTP server shutdown during monitor cleanup. Related #48183.
      • ·**PR #91632** feat: add tool search directory mode.
      • ·**PR #92823** fix(qqbot): surface failed media sends.
      • ·**PR #92849** fix(tailscale): preserve parse errors for malformed JSON.
      • ·**PR #92045** Fix diagnostics OTEL runtime install trust.
      • ·**PR #92853** fix(acp): accept MCP date protocolVersion in ACP server. Related #56102.
      • ·**PR #92854** fix(hooks): reject slug-generator error payloads.
      • ·**PR #92855** fix(ui): repair iOS Safari chat viewport handling.
      • ·**PR #91586** fix(update): continue after package doctor warnings.
      • ·**PR #92862** fix(feishu): target typing reaction on inbound message.
      • ·**PR #92861** fix(lobster): surface workflow path errors. Related #68101.
      • ·**PR #69975** fix(cli): clarify --tz help text for offset-less --at values. Related #59456.
      • ·**PR #90682** fix(openai): preserve opaque reasoning transcript fields. Related #90093.
      • ·**PR #92373** fix(anthropic): strip thinking blocks from history when thinking is disabled (fixes #92360).
      • ·**PR #87346** fix(anthropic): merge consecutive assistant turns in turn validation. Related #87329.
      • ·**PR #92896** fix(anthropic): quarantine invalid direct tool schemas.
      • ·**PR #90739** fix(active-memory): preserve verbose recall summaries. Related #90454.
      • ·**PR #92558** Simplify QA scorecard mapping shape.
      • ·**PR #92876** fix(memory-wiki): stop flagging raw source pages as malformed.
      • ·**PR #92908** fix(providers): quarantine unreadable Anthropic payload tools.
      • ·**PR #92881** fix(memory): preserve reindex rollback recovery.
      • ·**PR #92921** fix(openai): quarantine unreadable tool schemas.
      • ·**PR #92550** Fold Telegram RTT sampling into live QA evidence.
      • ·**PR #92824** fix(media): route OAuth image defaults through Codex. Related #87168.
      • ·**PR #92928** fix(openai): guard post-hook tool payloads.
      • ·**PR #92814** fix(feishu): re-resolve route when dynamic agent binding already exists in runtime config (fixes #42837).
      • ·**PR #89055** fix: restart gateway after isolated cron setup timeout.
      • ·**PR #90574** fix(openai): omit gpt-5.5 tool reasoning effort.
      • ·**PR #92941** fix(openai): recover invalid reasoning signatures.
      • ·**PR #92914** fix(agents): clamp unsupported thinking for subagent spawns instead of hard-failing. Related #92412.
      • ·**PR #92573** fix: preserve config-selected subagent model overrides. Related #92486.
      • ·**PR #92852** fix(gateway): fall back to polling when config watcher exhausts inotify retries. Related #92851.
      • ·**PR #92362** fix(gateway): build row metadata context for single session lists.
      • ·**PR #92897** fix(memory-wiki): tolerate public artifacts without agent ids. Related #92207.
      • ·**PR #92002** fix(lmstudio): deliver thinking "off" to binary-thinking models. Related #91913.
      • ·**PR #92738** Forward suppressed-source progress for message-tool channel replies.
      • ·**PR #92916** #92201: Embedded runner: freshly streamed thinking signatures intermittently invalid on replay (Anthropic); recovery wrapper never fires because error text is genericized.
      • ·**PR #90936** fix(agents): do not misclassify client-disconnect abort as run timeout. Related #90764.
      • ·**PR #93009** fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973).
      • ·**PR #92318** fix(cron): require explicit message target proof.
      • ·**PR #93022** fix(gateway): repair usage cost aggregation across agents.
      • ·**PR #93159** fix(tui): keep parent stdin paused after exit.
      • ·**PR #93616** Keep key-free web search providers opt-in.
      • ·**PR #93164** fix(telegram): preserve rich markdown line breaks.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.8-beta.2
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.8-beta.2.tgz
      • ·integrity: `sha512-44ab7b24zUY14dpEVt9TZpd6o6PfbYfnNjSbALHULsCkE7e1ju+ZOia46EawvRLqbYqOwjM9oucnbk7P9/eWsQ==`
      • ·release SHA: `b1736723d716b1abe1f8d324772371661146f3b8`
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27587320308
      • ·postpublish recovery: exact npm install, 35 npm plugins, and 35 ClawHub packages verified after registry propagation
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27582865457
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27584541070
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27587508776
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27587512198
      • ·plugin ClawHub bootstrap: not needed
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27587814328
      • ·npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/27588410701
      v2026.6.8-beta.1pre-release2026-06-14

      openclaw 2026.6.8-beta.1

      GitHub ↗

      Highlights

      • ·**Richer channel delivery:** Telegram and WhatsApp are less brittle: Telegram renders structured text with tables, lists, expandable blockquotes, preserved intentional line breaks, and CLI-backed replies, while WhatsApp now honors configured ACP bindings. (#92679, #93164, #84082, #89421, #92513)
      • ·**More reliable agent runs:** account-scoped DM sends, generated media completions, auto-reply message-tool final replies, reset archive fallback reads, restart shutdown aborts, yielded subagent pauses, and session identity prompts all stay on the correct recovery path. (#92788, #91246, #92879, #91357, #92631, #92468)
      • ·**Safer model routing:** new GLM-5.2 and Claude Haiku 4.5 catalog support arrives with normalized provider IDs, managed SecretRef auth, bounded model browsing, and safer OpenAI/Anthropic tool-schema recovery. (#92796, #90116, #92627, #90686, #92247, #92941)
      • ·**Useful usage footers:** `/usage` and reply payload hooks now have a native full footer renderer, default template, fixed-decimal formatting, credential-aware limits, better partial-count handling, and warnings for broken templates instead of silent bad output. (#92657, #89835, #89629)
      • ·**Predictable web search defaults:** key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search remain explicit opt-ins rather than surprising automatic fallbacks. (#93616)
      • ·**Calmer UI and mobile sessions:** workspace files start collapsed, WebChat backscroll survives streaming, the desktop session picker remains interactive, reset arguments survive dispatch, and iOS reconnects stale foreground Gateways. (#92779, #92622, #92705, #91353, #92552)
      • ·**Resilient memory and state:** oversized OpenAI embedding batches split before 431s, QMD search stays available in transient mode, SQLite avoids WAL on NFS volumes, and full reindexes preserve rollback/cache recovery. (#92650, #92618, #92639, #91247, #92881)

      Changes

      • ·Providers/models: add GLM-5.2 support and Claude Haiku 4.5 catalog entries while keeping provider-qualified model IDs normalized across OpenRouter and Google Vertex paths. (#92796, #90116, #92627, #91218)
      • ·Web search: keep key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search as explicit opt-ins instead of selecting them automatically when no API-backed provider is configured. (#93616)
      • ·Channel plugins: ship Telegram rich-message delivery and WhatsApp ACP binding support, including preserved intentional line breaks, rich prompt handoff to CLI backends, and transport fixtures for richer drafts. (#92679, #93164, #92513)
      • ·Agent commands: support `/btw` in CLI-backed sessions and keep CLI usage-error exits classified as usage failures instead of successful runs. (#92669, #92162)
      • ·Usage hooks: add built-in full footer rendering, default footer templates, per-turn usage state, credential-aware limits, and fixed-decimal formatting for usage-bar templates. (#92657, #89835, #89629)

      Fixes

      • ·Channels and delivery: preserve account-scoped DM channel send policy, intentional rich-message line breaks in Telegram and status output, rich Telegram final replies, rich Telegram tables and lists, Telegram thread-create CLI remapping, Feishu dynamic-agent routes after persisted binding reuse, Slack outbound `message_sent` hooks, contributed message-tool schema optionality, same-channel generated media completions, and channel chunking around surrogate pairs and Infinity limits. (#92788, #93164, #92679, #89421, #89943, #42837, #92814, #91137, #91246, #92735)
      • ·Gemini CLI: use the selected OpenClaw OAuth/API-key auth profile in an isolated Gemini CLI runtime home, preventing ambient Google machine credentials from overriding the chosen profile. (#88748)
      • ·Discord: give generated auto-thread titles a 60-second timeout and 4,096-token reasoning-model output budget, clamped to the selected model output cap. (#64734)
      • ·Agent, cron, and Gateway runtime: mark active main sessions before restart shutdown aborts, pause yielded subagent runs whose terminal also signals abort, clamp trusted subagent thinking overrides through provider/model fallback, preserve yielded media completions, deliver channel message-tool final replies through auto-reply while hiding internal delivery hints, restore reset archive fallback reads when active async transcripts are missing, de-duplicate main-session heartbeat events, expose session identity in runtime prompts, reject unknown OpenAI agent selectors, keep generated media completions, slash-command block replies, and trajectory export commands in WebChat, and require admin privileges for HTTP session/model override surfaces. (#91357, #92631, #92412, #92146, #92879, #91287, #92468, #92510, #91246, #92651, #92646)
      • ·Providers and model replay: preserve storeless OpenAI Responses replay compatibility, recover invalid OpenAI reasoning signatures and genericized Anthropic thinking-signature replay errors, route OAuth image defaults through Codex for eligible OpenAI profiles, avoid eager tool streaming for Claude 4.5 in Copilot, quarantine unreadable and post-hook OpenAI/Anthropic-family tool schemas without broadening allowed tool choices, deliver explicit thinking-off requests to LM Studio binary-thinking models, honor profile auth for SecretRef model entries, bound model browsing, strip provider prefixes where runtimes need bare IDs, and surface nested embedding fetch failures. (#90706, #92941, #92201, #92916, #92824, #75393, #92908, #92921, #92928, #92002, #90686, #92247, #92627, #91218, #92628)
      • ·Memory, state, diagnostics, and config: split header-too-large embedding batches, keep QMD memory search enabled in transient mode, avoid SQLite WAL on NFS volumes, preserve recovery scheduling outside stuck-session warning backoff, preserve full-reindex rollback/cache recovery, and treat raw Memory Wiki source pages as source evidence. (#92650, #92618, #92639, #91247, #92752, #92881, #59137, #92876)
      • ·UI/mobile/TUI: preserve dashboard session parent lineage, WebChat backscroll, reset soft command args, sidebar session picker interactivity, collapsed workspace files, resolved `/model` confirmation refs, stale foreground iOS Gateway reconnects, and paused setup-parent stdin after inherited-stdio child exit. (#90658, #92622, #91353, #92705, #92779, #92773, #92552, #93159)
      • ·Plugins and updates: repair missing required platform packages during managed plugin installs and updates, including omitted Codex platform binaries.
      • ·Dependencies: update Hono to 4.12.25 so published OpenClaw and ACPX packages use the patched runtime.
      • ·Updates: avoid a false downgrade prompt when the latest tag cannot resolve. (#92911)

      Complete contribution record

      • ·**PR #92144** fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766.
      • ·**PR #92175** fix(channel): harden local setup trust.
      • ·**PR #91528** fix #73837: stop after failed Node package installs.
      • ·**PR #91561** fix(wizard): report keyless web_search providers as ready, not missing a key.
      • ·**PR #92073** fix: handle explicit silent assistant replies. Related #92038.
      • ·**PR #91311** Allow Skill Workshop apply through trusted skill symlinks.
      • ·**PR #88245** refactor(whatsapp): introduce inbound message contexts.
      • ·**PR #92212** refactor: move workspace skill writes to lifecycle.
      • ·**PR #92248** Remove ClawHub owner preflight.
      • ·**PR #91617** test(sqlite): add state perf query plan harness. Related #91616.
      • ·**PR #91626** fix(daemon): keep status readable on unsupported services. Related #25621.
      • ·**PR #92295** fix(cron): preserve tz and staggerMs when --cron replaces expression. Related #92291.
      • ·**PR #92087** fix(docker): bundle QA Lab runtime in the image.
      • ·**PR #92004** fix(telegram): classify streaming preview edit failures instead of killing the draft.
      • ·**PR #91997** fix(telegram): survive getUpdates conflicts in isolated polling ingress.
      • ·**PR #92387** fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads. Related #91982.
      • ·**PR #92229** Fix doctor preview channel SecretRef resolution. Related #91939.
      • ·**PR #92225** Fix disabled heartbeat one-shot cron retries. Related #91775.
      • ·**PR #92265** Fix configured DeepSeek model transport inheritance. Related #92148.
      • ·**PR #92226** Fail closed for CLI-backed /btw fallback. Related #92168.
      • ·**PR #92231** Fix suppressed heartbeat commitment delivery. Related #91948.
      • ·**PR #92280** fix(agents): classify structured unsupported model errors. Related #92118.
      • ·**PR #92276** Fix OTLP log trace correlation. Related #91865.
      • ·**PR #92282** fix(update): hand off Linux service auto-updates. Related #91823.
      • ·**PR #92235** fix: resolve managed SecretRef provider auth. Related #92097.
      • ·**PR #92293** Fix provider static model fallback resolution. Related #92009.
      • ·**PR #92343** fix(agent): continue after source message tool replies. Related #92169.
      • ·**PR #92350** fix(codex): preserve memory prompt registration.
      • ·**PR #92290** fix: clarify gateway SecretRef auth diagnostics. Related #91815.
      • ·**PR #92286** fix: repair rejected Anthropic thinking replay. Related #91983.
      • ·**PR #92281** Fix Telegram spooled buffered replay. Related #92129.
      • ·**PR #47493** fix(doctor): show per-step progress spinners during update.
      • ·**PR #92416** fix(outbound): honor top-level image param as send media source (#92407).
      • ·**PR #92508** fix(sandbox): render CLI skill prompts from materialized paths.
      • ·**PR #92540** chore: fix esbuild production audit failure.
      • ·**PR #91484** Add QA evidence artifact output.
      • ·**PR #91500** Add QA scorecard taxonomy validation.
      • ·**PR #84082** fix(telegram): allow expandable blockquotes.
      • ·**PR #92554** feat(moonshot): add Kimi K2.7 Code support.
      • ·**PR #92396** fix(moonshot): backfill reasoning_content on assistant tool-call replay messages. Related #71491.
      • ·**PR #92566** Fix lifecycle timeout cleanup after leader exit.
      • ·**PR #92311** ci: split plugin ClawHub publishing paths.
      • ·**PR #92216** fix(gateway): mirror hidden commentary-phase assistant events.
      • ·**PR #87596** fix(moonshot): rewrite duplicate native Kimi tool_call ids on replay. Related #51593.
      • ·**PR #88993** Expose paged channel action results.
      • ·**PR #90326** fix(fireworks): resolve catalog model params from plugin.json via core.
      • ·**PR #86629** fix(doctor): warn for untrusted external Discord plugin. Related #83212.
      • ·**PR #90242** fix(providers): skip unreadable Mistral tool schemas.
      • ·**PR #92498** fix(reply): mirror same-channel Slack final replies. Related #92489.
      • ·**PR #92083** fix(channels): default boundary logger for swallowed progress-draft start errors.
      • ·**PR #92564** fix(agents): isolate invalid plugin model catalogs [AI-assisted]. Related #92553.
      • ·**PR #89827** docs: UX-013 — design system documentation.
      • ·**PR #89615** feat(ui): hide empty workboard columns.
      • ·**PR #89822** fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes.
      • ·**PR #92618** fix #92218: memory_search tool disabled with QMD backend.
      • ·**PR #92608** docs(gateway): add uptime monitoring guidance to health check docs (fixes #55768).
      • ·**PR #92605** fix(docs): pin Windows Hub download links to v2026.6.5. Related #92470.
      • ·**PR #92593** #92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters.
      • ·**PR #92606** Run Vitest and Playwright scenarios from qa suite.
      • ·**PR #89629** feat(hooks): per-turn usageState on reply_payload_sending.
      • ·**PR #89835** feat(usage): native templated /usage full footer renderer.
      • ·**PR #92247** fix(models): bound /models and models list catalog loading. Related #91809.
      • ·**PR #92646** fix: require admin for HTTP model overrides.
      • ·**PR #90686** fix(gateway): honor profile auth for SecretRef model entries. Related #90685.
      • ·**PR #92651** fix: require admin for HTTP session kills.
      • ·**PR #92652** test(models): stabilize plugin auth marker fixtures.
      • ·**PR #89438** fix(slack): warn when channels map is keyed by name instead of channel ID. Related #81665.
      • ·**PR #92631** fix(agents): pause yielded subagent runs whose terminal also signals abort. Related #92448.
      • ·**PR #92622** fix(ui): preserve WebChat backscroll during streaming. Related #92386.
      • ·**PR #92627** fix(openrouter): strip openrouter/ prefix from model ID in normalizeResolvedModel hook (fixes #92611).
      • ·**PR #92146** fix(cron): preserve yielded media completions. Related #92120.
      • ·**PR #90116** fix: add Claude Haiku 4.5 static catalog entries. Related #90088.
      • ·**PR #91137** fix(channels): keep contributed message-tool schema properties optional. Related #67852.
      • ·**PR #75393** fix(copilot): disable eager tool streaming for Claude 4.5. Related #75348.
      • ·**PR #92628** fix #73713: surface nested embedding fetch failures.
      • ·**PR #92510** fix(gateway): reject unknown OpenAI agent selectors. Related #92504.
      • ·**PR #91453** fix #91420: [Bug]: Delivery retry loop corrupts active sessions (R-004) — retry selector bypasses delivery.mode=none.
      • ·**PR #92468** fix #92453: add session identity to runtime prompt.
      • ·**PR #89943** fix(slack): emit message_sent hook on outbound delivery (mirror Telegram). Related #89942.
      • ·**PR #92668** fix(docs): finalize i18n postprocess before skip.
      • ·**PR #92673** fix: split image setup and request timeout semantics.
      • ·**PR #92162** #92069: fix(cli): usage errors exit 0.
      • ·**PR #91185** fix(browser): remove dead requireRef import and void expression in register.navigation.ts. Related #83878.
      • ·**PR #90706** fix(OpenAI Responses): disable item id replay for storeless providers. Related #89728.
      • ·**PR #90247** fix(disk-space): promote 1024 MiB to 1.0 GiB in disk warnings. Related #90245.
      • ·**PR #92657** feat(usage): ship built-in /usage full footer.
      • ·**PR #90464** perf(terminal): reuse ANSI scanner during truncation.
      • ·**PR #91281** fix(feishu): clear client cache when SDK is replaced via setFeishuClientRuntimeForTest. Related #83911.
      • ·**PR #92639** fix(memory): keep memory_search in transient qmd mode. Related #92464.
      • ·**PR #91287** fix(cron): de-duplicate main-session systemEvent in heartbeat model input. Related #44922.
      • ·**PR #91246** Fix webchat media completion handoff. Related #91003.
      • ·**PR #91353** fix(ui): preserve /reset soft args in Control UI dispatch. Related #91316.
      • ·**PR #92679** feat(telegram): send rich message text.
      • ·**PR #92705** fix(ui): restore sidebar session picker interactivity above desktop workbench. Related #92707.
      • ·**PR #91218** fix(google): strip provider prefix from Vertex model path.
      • ·**PR #92669** feat: support /btw in CLI-backed sessions.
      • ·**PR #91357** fix(gateway): mark active main sessions before restart shutdown aborts. Related #91355.
      • ·**PR #91066** fix(parallel): send openclaw-parallel User-Agent on free Search MCP requests.
      • ·**PR #90658** fix(ui): preserve dashboard session parent lineage when session list is stale. Related #90623.
      • ·**PR #92552** fix(ios): force stale foreground gateway reconnects.
      • ·**PR #89421** fix(telegram): expose thread create CLI remap. Related #81581.
      • ·**PR #92779** fix: start workspace files collapsed. Related #90359.
      • ·**PR #91247** fix(state): avoid sqlite wal on nfs state volumes. Related #90491.
      • ·**PR #92773** fix(tui): show resolved canonical model ref in /model confirmation.
      • ·**PR #92752** fix(diagnostics): keep recovery scheduling out of the stuck-session warning backoff. Related #92742.
      • ·**PR #92735** fix(markdown-core): treat Infinity chunk limit as unbounded, not 1. Related #92734.
      • ·**PR #92695** docs(config): correct maxConcurrent default in agent-defaults type comments (AI-assisted).
      • ·**PR #92766** clarify before_install hook scope. Related #91593.
      • ·**PR #92677** docs(nodes): add openclaw.json config example to Nodes overview. Related #92662.
      • ·**PR #92513** Honor WhatsApp configured ACP bindings. Related #92449.
      • ·**PR #92650** fix #92465: split OpenAI 431 embedding batches.
      • ·**PR #92796** feat(providers): add GLM-5.2 support.
      • ·**PR #92788** fix(sessions): derive channel from account-scoped DM session keys in send-policy.
      • ·**PR #92590** Docker image ships an extraneous stale openclaw in /app/node_modules (extensions pin the published release). Related #92551.
      • ·**PR #92393** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #92476** fix(agents): preserve compatible CLI session runtime pins.
      • ·**PR #92483** fix(matrix): validate CLI numeric option ranges. Related #92482.
      • ·**PR #92490** fix(canvas): validate CLI numeric options. Related #92487.
      • ·**PR #92802** fix(ui): reflow composer beside workspace rail.
      • ·**PR #91059** fix(configure): mask gateway token input in CLI wizard prompt.
      • ·**PR #91143** fix(ports): only classify SSH -L/-R tunnels on the queried port as ssh. Related #91142.
      • ·**PR #91110** fix(tavily): keep web_search contract executable. Related #91096.
      • ·**PR #91181** fix(daemon): strip schtasks backslash prefix when matching gateway task name. Related #90494.
      • ·**PR #91187** fix(cron): isolate auth profile failure policy so cron runs don't pollute shared cooldowns. Related #90991.
      • ·**PR #92807** fix(heartbeat): route outbound mirror to isolated session key.
      • ·**PR #92745** fix(memory): explain skipped short-term recall hits. Related #92706.
      • ·**PR #92488** fix(gateway): forward image-only input on /v1/responses (parity with chat completions).
      • ·**PR #92604** fix(status): avoid cumulative usage for context percent. Related #83526.
      • ·**PR #92810** fix: reject unvalidated voice media streams.
      • ·**PR #92800** fix(telegram): answer callback queries before sequentialize delays them. Related #42156.
      • ·**PR #92547** fix(nodes): surface pending reapproval diagnostics.
      • ·**PR #92690** fix(doctor): avoid false-positive legacy cron store warning when store was already migrated (fixes #92683).
      • ·**PR #92806** fix(telegram): skip IPv4 fallback when user explicitly configures non-ipv4first dnsResultOrder (fixes #41671).
      • ·**PR #92778** fix(macos): defer isOverflowing mutation to break SwiftUI render loop (fixes #43480).
      • ·**PR #92795** fix(gateway): use resolveNonNegativeNumber for totalTokens to display 0 instead of ? (fixes #43009).
      • ·**PR #92746** fix(gateway): preserve active runs during plugin finalization.
      • ·**PR #92820** UI: localize Logs tab labels.
      • ·**PR #92825** fix(telegram): preserve command callbacks while prefixing generic callback data. Related #54909.
      • ·**PR #90889** fix: cap session context overrides by model window. Related #39857.
      • ·**PR #92830** fix(copilot): strip replayed thinking blocks. Related #81520.
      • ·**PR #92834** feat(browser): extend --labels overlay to full-page and element captures.
      • ·**PR #92836** fix(discord): raise thread title timeout and tokens to fit reasoning models.
      • ·**PR #92095** fix #92039: [Bug]: WhatsApp login reports success before auth is durably persisted, so Docker rebuilds/upgrades can force relink.
      • ·**PR #92801** fix(stale): exempt ClawSweeper actionable labels from stale lifecycle (fixes #89564).
      • ·**PR #89736** fix(status): render sub-1000 token counts as plain integers. Related #89735.
      • ·**PR #92792** fix(agents): catch malformed image blocks in sanitizeContentBlocksImages.
      • ·**PR #92555** ci: gate stable releases on Windows companion assets.
      • ·**PR #91824** fix(agents): add usage guidance to sessions_spawn tool description (fixes #91814).
      • ·**PR #92840** fix(feishu): await HTTP server shutdown during monitor cleanup. Related #48183.
      • ·**PR #91632** feat: add tool search directory mode.
      • ·**PR #92823** fix(qqbot): surface failed media sends.
      • ·**PR #92849** fix(tailscale): preserve parse errors for malformed JSON.
      • ·**PR #92045** Fix diagnostics OTEL runtime install trust.
      • ·**PR #92853** fix(acp): accept MCP date protocolVersion in ACP server. Related #56102.
      • ·**PR #92854** fix(hooks): reject slug-generator error payloads.
      • ·**PR #92855** fix(ui): repair iOS Safari chat viewport handling.
      • ·**PR #91586** fix(update): continue after package doctor warnings.
      • ·**PR #92862** fix(feishu): target typing reaction on inbound message.
      • ·**PR #92861** fix(lobster): surface workflow path errors. Related #68101.
      • ·**PR #69975** fix(cli): clarify --tz help text for offset-less --at values. Related #59456.
      • ·**PR #90682** fix(openai): preserve opaque reasoning transcript fields. Related #90093.
      • ·**PR #92373** fix(anthropic): strip thinking blocks from history when thinking is disabled (fixes #92360).
      • ·**PR #87346** fix(anthropic): merge consecutive assistant turns in turn validation. Related #87329.
      • ·**PR #92896** fix(anthropic): quarantine invalid direct tool schemas.
      • ·**PR #90739** fix(active-memory): preserve verbose recall summaries. Related #90454.
      • ·**PR #92558** Simplify QA scorecard mapping shape.
      • ·**PR #92876** fix(memory-wiki): stop flagging raw source pages as malformed.
      • ·**PR #92908** fix(providers): quarantine unreadable Anthropic payload tools.
      • ·**PR #92881** fix(memory): preserve reindex rollback recovery.
      • ·**PR #92921** fix(openai): quarantine unreadable tool schemas.
      • ·**PR #92550** Fold Telegram RTT sampling into live QA evidence.
      • ·**PR #92824** fix(media): route OAuth image defaults through Codex. Related #87168.
      • ·**PR #92928** fix(openai): guard post-hook tool payloads.
      • ·**PR #92814** fix(feishu): re-resolve route when dynamic agent binding already exists in runtime config (fixes #42837).
      • ·**PR #89055** fix: restart gateway after isolated cron setup timeout.
      • ·**PR #90574** fix(openai): omit gpt-5.5 tool reasoning effort.
      • ·**PR #92941** fix(openai): recover invalid reasoning signatures.
      • ·**PR #92914** fix(agents): clamp unsupported thinking for subagent spawns instead of hard-failing. Related #92412.
      • ·**PR #92573** fix: preserve config-selected subagent model overrides. Related #92486.
      • ·**PR #92852** fix(gateway): fall back to polling when config watcher exhausts inotify retries. Related #92851.
      • ·**PR #92362** fix(gateway): build row metadata context for single session lists.
      • ·**PR #92897** fix(memory-wiki): tolerate public artifacts without agent ids. Related #92207.
      • ·**PR #92002** fix(lmstudio): deliver thinking "off" to binary-thinking models. Related #91913.
      • ·**PR #92738** Forward suppressed-source progress for message-tool channel replies.
      • ·**PR #92916** #92201: Embedded runner: freshly streamed thinking signatures intermittently invalid on replay (Anthropic); recovery wrapper never fires because error text is genericized.
      • ·**PR #90936** fix(agents): do not misclassify client-disconnect abort as run timeout. Related #90764.
      • ·**PR #93009** fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973).
      • ·**PR #92318** fix(cron): require explicit message target proof.
      • ·**PR #93022** fix(gateway): repair usage cost aggregation across agents.
      • ·**PR #93159** fix(tui): keep parent stdin paused after exit.
      • ·**PR #93616** Keep key-free web search providers opt-in.
      • ·**PR #93164** fix(telegram): preserve rich markdown line breaks.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.8-beta.1
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.8-beta.1.tgz
      • ·integrity: `sha512-m1SHMi+aFaQnlAczgBvUgKA9mgL1Td3WnySoaf8X9Uy5SOLbBzdJ1miBV7NnINTVE+ec6Rb+jfXCGlEspthX/g==`
      • ·release SHA: `43d00c7724b5b4856ad4055b2dcd21ce6ef61550`
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27505699831
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27504321919
      • ·release publish orchestration: https://github.com/openclaw/openclaw/actions/runs/27513932430 (failed after plugin publish verification; direct OpenClaw npm recovery used)
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27514038012 (published; one post-publish metadata verifier failed for `@openclaw/llama-cpp-provider` readme metadata)
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27514298229
      • ·postpublish verifier: `node --import tsx scripts/openclaw-npm-postpublish-verify.ts 2026.6.8-beta.1` passed
      • ·clean npm smoke: `npm exec --package openclaw@2026.6.8-beta.1 -- openclaw --version` returned `OpenClaw 2026.6.8-beta.1 (43d00c7)`
      • ·ClawHub plugin publish: https://github.com/openclaw/openclaw/actions/runs/27514039764 failed plugin-inspector on packaged transport plugin `setupEntry` metadata; follow-up required
      • ·dependency evidence asset: `openclaw-2026.6.8-beta.1-dependency-evidence.zip`
      • ·npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/27514468230 (running)
      v2026.6.7-beta.1pre-release2026-06-13

      openclaw 2026.6.7-beta.1

      GitHub ↗

      Highlights

      • ·**Durable channel replies:** Telegram polling and preview failures recover instead of ending a stream, Slack keeps delivered replies in the transcript, and top-level image sends retain their intended media source. (#92281, #92498, #92416)
      • ·**More dependable provider sessions:** SecretRef-backed profiles, configured DeepSeek transports, static model fallback, Anthropic thinking replay, and Codex prompt memory all recover cleanly instead of leaving a turn unusable. (#92265, #92235, #92293, #92286, #92350)
      • ·**Kimi K2.7 Code support:** the provider catalog now includes the new Kimi coding model, with replay handling that preserves its reasoning content across tool turns. (#92554, #92396)
      • ·**Safer operations:** SQLite-backed cron status, disabled heartbeat retries, Linux service updates, and external-plugin diagnosis now expose clearer, actionable state to operators. (#92144, #92225, #92282, #86629)
      • ·**Guarded skill installs:** Skill Workshop support-file targets now go through trusted lifecycle writes instead of unbounded filesystem updates, while ClawHub package checks stay on the current release path. (#91311)

      Changes

      • ·Skills and plugin workflows now permit trusted Skill Workshop support-file targets only through guarded lifecycle writes, and package publishing uses the current ClawHub plugin checks. (#91311)
      • ·Providers: add Kimi K2.7 Code support. (#92554)

      Fixes

      • ·Channels and delivery: recover Telegram preview and polling failures, retain Slack final replies in transcripts, preserve top-level outbound image parameters, and make channel-action result pages available to callers. (#92281, #92498, #92407, #88993)
      • ·Agent/provider reliability: preserve configured model transport/auth resolution, fail closed for unsupported CLI-backed `/btw` fallback, continue after source message-tool replies, repair Anthropic thinking replay, and keep Codex memory prompts registered. (#92265, #92226, #92343, #92286, #92350)
      • ·Operations: make cron and daemon status resilient, preserve disabled heartbeat one-shot retries, hand off Linux service auto-updates, and keep lifecycle timeout cleanup alive after leader exit. (#92144, #92225, #92282, #92566)

      Complete contribution record

      • ·**PR #92144** fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766.
      • ·**PR #92175** fix(channel): harden local setup trust.
      • ·**PR #91528** fix #73837: stop after failed Node package installs.
      • ·**PR #91561** fix(wizard): report keyless web_search providers as ready, not missing a key.
      • ·**PR #92073** fix: handle explicit silent assistant replies. Related #92038.
      • ·**PR #91311** Allow Skill Workshop apply through trusted skill symlinks.
      • ·**PR #88245** refactor(whatsapp): introduce inbound message contexts.
      • ·**PR #92212** refactor: move workspace skill writes to lifecycle.
      • ·**PR #92248** Remove ClawHub owner preflight.
      • ·**PR #91617** test(sqlite): add state perf query plan harness. Related #91616.
      • ·**PR #91626** fix(daemon): keep status readable on unsupported services. Related #25621.
      • ·**PR #92295** fix(cron): preserve tz and staggerMs when --cron replaces expression. Related #92291.
      • ·**PR #92087** fix(docker): bundle QA Lab runtime in the image.
      • ·**PR #92004** fix(telegram): classify streaming preview edit failures instead of killing the draft.
      • ·**PR #91997** fix(telegram): survive getUpdates conflicts in isolated polling ingress.
      • ·**PR #92387** fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads. Related #91982.
      • ·**PR #92229** Fix doctor preview channel SecretRef resolution. Related #91939.
      • ·**PR #92225** Fix disabled heartbeat one-shot cron retries. Related #91775.
      • ·**PR #92265** Fix configured DeepSeek model transport inheritance. Related #92148.
      • ·**PR #92226** Fail closed for CLI-backed /btw fallback. Related #92168.
      • ·**PR #92231** Fix suppressed heartbeat commitment delivery. Related #91948.
      • ·**PR #92280** fix(agents): classify structured unsupported model errors. Related #92118.
      • ·**PR #92276** Fix OTLP log trace correlation. Related #91865.
      • ·**PR #92282** fix(update): hand off Linux service auto-updates. Related #91823.
      • ·**PR #92235** fix: resolve managed SecretRef provider auth. Related #92097.
      • ·**PR #92293** Fix provider static model fallback resolution. Related #92009.
      • ·**PR #92343** fix(agent): continue after source message tool replies. Related #92169.
      • ·**PR #92350** fix(codex): preserve memory prompt registration.
      • ·**PR #92290** fix: clarify gateway SecretRef auth diagnostics. Related #91815.
      • ·**PR #92286** fix: repair rejected Anthropic thinking replay. Related #91983.
      • ·**PR #92281** Fix Telegram spooled buffered replay. Related #92129.
      • ·**PR #47493** fix(doctor): show per-step progress spinners during update.
      • ·**PR #92416** fix(outbound): honor top-level image param as send media source (#92407).
      • ·**PR #92508** fix(sandbox): render CLI skill prompts from materialized paths.
      • ·**PR #92540** chore: fix esbuild production audit failure.
      • ·**PR #91484** Add QA evidence artifact output.
      • ·**PR #91500** Add QA scorecard taxonomy validation.
      • ·**PR #84082** fix(telegram): allow expandable blockquotes.
      • ·**PR #92554** feat(moonshot): add Kimi K2.7 Code support.
      • ·**PR #92396** fix(moonshot): backfill reasoning_content on assistant tool-call replay messages. Related #71491.
      • ·**PR #92566** Fix lifecycle timeout cleanup after leader exit.
      • ·**PR #92311** ci: split plugin ClawHub publishing paths.
      • ·**PR #92216** fix(gateway): mirror hidden commentary-phase assistant events.
      • ·**PR #87596** fix(moonshot): rewrite duplicate native Kimi tool_call ids on replay. Related #51593.
      • ·**PR #88993** Expose paged channel action results.
      • ·**PR #90326** fix(fireworks): resolve catalog model params from plugin.json via core.
      • ·**PR #86629** fix(doctor): warn for untrusted external Discord plugin. Related #83212.
      • ·**PR #90242** fix(providers): skip unreadable Mistral tool schemas.
      • ·**PR #92498** fix(reply): mirror same-channel Slack final replies. Related #92489.
      • ·**PR #92083** fix(channels): default boundary logger for swallowed progress-draft start errors.
      • ·**PR #92564** fix(agents): isolate invalid plugin model catalogs [AI-assisted]. Related #92553.
      • ·**PR #89827** docs: UX-013 — design system documentation.
      • ·**PR #89615** feat(ui): hide empty workboard columns.
      • ·**PR #89822** fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes.
      • ·**PR #92618** fix #92218: memory_search tool disabled with QMD backend.
      • ·**PR #92608** docs(gateway): add uptime monitoring guidance to health check docs (fixes #55768).
      • ·**PR #92605** fix(docs): pin Windows Hub download links to v2026.6.5. Related #92470.
      • ·**PR #92593** #92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters.
      • ·**PR #92606** Run Vitest and Playwright scenarios from qa suite.
      v2026.6.62026-06-12

      openclaw 2026.6.6

      GitHub ↗

      Highlights

      • ·**Tighter security boundaries:** transcript, sandbox, MCP, browser, channel, and exec-approval paths now fail closed around unsafe access, timed-out approvals, and malformed boundary input. (#91529, #91618, #91741, #91750, #89938)
      • ·**Reliable Telegram delivery:** account-scoped topics route to the correct agent, streamed text survives tool calls, callbacks and draft chunks stay coherent, and unauthorized DM text does not enter cache or prompt context. (#91189, #88682, #90212, #91478, #91915)
      • ·**iMessage stays connected:** always-on inbound recovery, durable echo markers, block streaming, idle approval discovery, and outbound transport now survive restarts and idle periods. (#91335, #91449, #88969, #91783)
      • ·**Better browser and MCP connectivity:** existing browser sessions, CDP/WebSocket discovery, default-profile URLs, OAuth/SSE transport, and tool schemas now connect through clearer, safer paths. (#91422, #89851, #91736, #91451)
      • ·**Faster first replies:** Control UI startup no longer waits on broad model loading, while cached metadata, lazy slash-command work, and first-event tracing make slow initial responses visible. (#91531, #91538, #91568, #91583)
      • ·**Broader provider support:** OpenRouter OAuth and Claude Fable 5 land alongside correct Codex compaction ownership, local-model execution, normalized tool progress, and Gemma 4 reasoning replay. (#91830, #91882, #91590, #88630, #91696)

      Changes

      • ·CLI progress: emit Claude CLI commentary progress events and bridge inter-tool commentary into channel progress without exposing internal protocol scaffolding. (#89834, #90883)
      • ·Observability: allow trusted diagnostics channels to capture tool input/output content, add first-assistant-event traces, and warn on slow initial replies. (#91256, #91568, #91583)
      • ·Plugins/ClawHub: dogfood reusable package publishing, let dry runs skip publish approval, allow declared installed trusted hooks, report managed plugin version drift, and warn instead of failing on retired Skill Workshop configuration. (#91574, #91591, #90004, #90927, #90838)
      • ·Memory/providers: move the local llama.cpp runtime into its provider plugin, batch embeddings across files, persist the agent model catalog cache, and keep QMD JSON search one-shot while filtering stale REM recall previews. (#91324, #89138, #90457, #91837, #91851)
      • ·Channels/mobile: add the QQBot group mention toggle, improve iPad and iPhone control surfaces, and expose the active connection host in the TUI footer. (#91423, #91557, #89909)
      • ·Performance: prewarm TUI runtime plugins, deduplicate plugin auto-enable fanout, trim dense text-delta snapshots, and reuse prepared startup model metadata. (#90782, #89978, #91580, #91531)

      Fixes

      • ·Agent/session recovery: drop stale approval follow-ups after session rebind, remove drained reply-queue items by identity, recover stale main and visible replies, preserve Codex context-engine compaction ownership, lower the default compaction timeout to 180 seconds while respecting explicit configuration, and keep provider-failure terminal lifecycle state correct. (#85679, #91450, #91566, #91840, #91590, #91361, #91895)
      • ·User-visible content boundaries: suppress Codex/Harmony protocol artifacts, neutralize browser and LanceDB memory media directives, redact transcript images, and preserve native `/compact` replies through source suppression. (#89151, #91422, #91425, #91529, #90212)
      • ·Channel delivery: keep WhatsApp captured replies attached to the successor controller after restart, retry Feishu rate limits, preserve Mattermost thread replies, canonicalize LINE webhook paths, restore Discord reply hydration and runtime timeout exports, and show OpenAI Realtime WebRTC assistant transcripts. (#85823, #89659, #91684, #91649, #90263, #91686, #90426)
      • ·Cron: cancel active task runs cleanly, preserve terminal timeout/cancel state, and recover no-deliver tool warnings instead of silently losing the outcome. (#90666, #90678)
      • ·Gateway/config/auth: share the approval runtime socket token, replace arrays explicitly in `config.patch`, skip the deleted-agent guard only for valid ACP harness sessions, surface headless LaunchAgent state, verify SQLite auth migration before cleanup, and arm QMD startup maintenance. (#87105, #91551, #91219, #91614, #91740, #91978)
      • ·Providers/Codex: clarify quota errors, restore the Codex synthetic usage line, canonicalize Codex protocol assets, require API-key auth for realtime voice, normalize ACP model refs, preserve Gemma 4 `reasoning_content`, and avoid guardian review for local models. (#91390, #91709, #91507, #91567, #88630, #91696)
      • ·Updates/builds: recover package Gateway restarts after refresh failure, expose plugin convergence repair, fall back to Corepack in PATH-less pnpm environments, seed the correct Docker store packages, and keep ClawHub dry-run and publish paths reusable. (#91581, #91599, #91547, #91591)
      • ·UI: require explicit user intent before opening chat sessions and drain restored chat queues after session switches. (#91480)
      • ·Android: avoid the `dataSync` foreground-service type for persistent nodes. (#80082)
      • ·Native hooks: bound relay lifetimes so abandoned native hook connections cannot linger indefinitely. (#91550)

      Complete contribution record

      • ·**PR #91335** fix(imessage): always-on inbound recovery and dedupe. Related #89237.
      • ·**PR #91189** fix(telegram): route account-scoped topic agents.
      • ·**PR #88682** Preserve Telegram streamed text blocks between tool calls. Related #87326.
      • ·**PR #91390** fix: clarify provider quota errors.
      • ·**PR #90883** fix(cli): bridge inter-tool commentary events to channel progress.
      • ·**PR #91419** docs: preserve channel brand terms in Chinese i18n.
      • ·**PR #87105** fix(gateway): share approval runtime socket token.
      • ·**PR #80082** fix(android): avoid dataSync FGS for persistent node.
      • ·**PR #91442** docs: preserve LINE across localized docs glossaries.
      • ·**PR #88768** fix(codex): normalize dynamic tool progress results.
      • ·**PR #91422** fix(browser): neutralize media directives in browser output [AI].
      • ·**PR #89834** feat(cli): emit commentary progress events from Claude CLI parser. Related #87326.
      • ·**PR #85679** fix(agents): drop stale exec approval followups after session rebind. Related #59349.
      • ·**PR #91450** fix(reply-queue): remove the drained item by reference instead of front index.
      • ·**PR #89151** fix(delivery): suppress Codex/Harmony internal protocol artifacts from user-facing channels. Related #88128.
      • ·**PR #90678** fix(cron): recover no-deliver tool warnings.
      • ·**PR #91449** fix(imessage): honor block streaming config.
      • ·**PR #91508** Revert "docs: add maturity scorecard mirror".
      • ·**PR #91364** build(deps): bump github.com/steipete/peekaboo from 3.3.0 to 3.4.0 in /apps/macos in the swift-deps group.
      • ·**PR #91368** build(deps): bump actions/github-script from 8 to 9.
      • ·**PR #91512** chore: add taxonomy file.
      • ·**PR #91369** build(deps): bump actions/cache from 4 to 5.
      • ·**PR #91367** build(deps): bump the actions group with 2 updates.
      • ·**PR #91365** build(deps): bump the android-deps group in /apps/android with 3 updates.
      • ·**PR #91496** chore: bump Codex app-server to 0.137.0.
      • ·**PR #90666** fix(cron): cancel active cron task runs.
      • ·**PR #90927** fix(doctor): report managed plugin version drift. Related #90891.
      • ·**PR #91531** perf(control-ui): reuse startup model metadata.
      • ·**PR #91538** perf(control-ui): avoid startup catalog wait.
      • ·**PR #91507** feat: canonicalize Codex protocol JSON asset ordering.
      • ·**PR #91550** fix: bound native hook relay lifetime. Related #90993.
      • ·**PR #89588** fix(telegram): restore /compact on generic message ingress. Related #89525.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #91568** perf(control-ui): trace first assistant event.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #91574** feat: dogfood reusable ClawHub package publish.
      • ·**PR #91583** perf(control-ui): warn on slow first replies.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91578** fix: make docs i18n frontmatter translation resilient.
      • ·**PR #91567** fix(openai): require api-key auth for realtime voice. Related #90456.
      • ·**PR #91591** fix: let ClawHub dry runs skip publish approval.
      • ·**PR #91598** perf(control-ui): lazy load slash commands.
      • ·**PR #91580** fix(agents): trim dense text delta snapshots. Related #86599.
      • ·**PR #91425** fix(memory-lancedb): guard memory recall output [AI].
      • ·**PR #88969** fix(imessage): persist echo markers before send.
      • ·**PR #91566** Fix stale main session startup recovery. Related #90525.
      • ·**PR #91324** fix(memory): move local llama.cpp runtime to provider plugin. Related #88705.
      • ·**PR #91637** docs: include plugin prerelease in release validation approval.
      • ·**PR #91649** fix(line): canonicalize trailing-slash webhook paths.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.
      • ·**PR #91642** fix(docs): continue partial i18n batches after file errors.
      • ·**PR #91661** chore(plugin-sdk): refresh API baseline hash.
      • ·**PR #91665** docs: fix release CI Android dispatch guidance.
      • ·**PR #89138** fix #88009: [Feature]: batched memory embedding should batch over files.
      • ·**PR #91679** fix(plugin-sdk): align Discord component edit facade types.
      • ·**PR #91686** fix(discord): restore runtime timeout compatibility exports.
      • ·**PR #90212** fix(agents): deliver native /compact replies through source suppression.
      • ·**PR #91618** fix: expand unsafe host env denylist.
      • ·**PR #91615** fix: block rustup toolchain env overrides [AI].
      • ·**PR #89851** fix(gateway): support Streamable HTTP MCP transport on loopback server.
      • ·**PR #91619** fix: block git protocol env controls [AI].
      • ·**PR #91684** fix(mattermost): keep default replies in existing threads.
      • ·**PR #90457** fix(models): persist agent catalog cache.
      • ·**PR #91709** fix(status): restore Codex synthetic usage line. Related #91694.
      • ·**PR #89909** fix(tui): show connection host in footer. Related #56276.
      • ·**PR #89978** perf(config): dedupe plugin auto-enable fanout work.
      • ·**PR #91219** fix(gateway): skip deleted-agent guard for ACP harness session keys.
      • ·**PR #90782** perf(tui): prewarm runtime plugins before first send.
      • ·**PR #90838** fix(config): warn for retired skill-workshop plugin entry instead of failing validation (#90244).
      • ·**PR #91753** docs: clarify Matrix plugin upgrade repair.
      • ·**PR #91755** docs: align Feishu DM policy defaults.
      • ·**PR #91745** fix(discord): require sender for moderation actions [AI].
      • ·**PR #85950** docs: clarify trusted-proxy Control UI scope behavior. Related #80063.
      • ·**PR #91746** fix(msteams): require admin for group actions.
      • ·**PR #91256** feat(diagnostics-otel): capture tool input/output content via trusted channel.
      • ·**PR #91749** fix(gateway): restrict non-owner loopback tools.
      • ·**PR #91748** fix(elevated): reject group ids as senders.
      • ·**PR #91752** fix(codex): guard sandbox http requests.
      • ·**PR #91763** fix: require ACP metadata for deleted-agent bypass.
      • ·**PR #91751** fix(mcp): harden stdio env filtering.
      • ·**PR #91765** Clarify env-var executable behavior reports in SECURITY.md.
      • ·**PR #91480** fix(ui): require user intent for chat sessions. Related #89760.
      • ·**PR #91777** docs: remove superpowers spec draft.
      • ·**PR #91773** fix(mcp): lowercase SSE event-source header keys to prevent duplicate Authorization (401).
      • ·**PR #91741** Validate sandbox bind parent paths [AI].
      • ·**PR #88530** fix(imessage): skip idle approval discovery scans.
      • ·**PR #91780** fix(ui): drain restored chat queue after session switch.
      • ·**PR #91750** fix(search): enforce native web search tool policy.
      • ·**PR #91757** fix(config): clarify retired skill workshop plugin warning.
      • ·**PR #91787** fix(doctor): keep TTS legacy migration on supported paths.
      • ·**PR #91783** fix(imessage): harden outbound send transport. Related #84329.
      • ·**PR #91785** fix(imessage): surface inbound startup diagnostics.
      • ·**PR #91590** Fix context-engine compaction ownership for Codex sessions.
      • ·**PR #91557** Improve iPad and iPhone control surfaces.
      • ·**PR #91666** chore(deps): bump useblacksmith/setup-docker-builder from 1.8.0 to 1.9.0 in the actions group.
      • ·**PR #91819** docs: link ClawHub plugin validation fixes guide.
      • ·**PR #88630** fix(codex): avoid guardian review for local models.
      • ·**PR #91830** feat: add OpenRouter OAuth to onboarding.
      • ·**PR #91842** fix(plugin-sdk): refresh API baseline hash.
      • ·**PR #91614** fix(gateway): surface headless LaunchAgent state.
      • ·**PR #91851** fix(memory-core): filter stale recall entries in REM harness preview.
      • ·**PR #91859** fix(ci): disable memory slot in release smoke config.
      • ·**PR #90004** [plugin sdk] Allow declared installed trusted hooks. Related #87735.
      • ·**PR #91837** fix(memory-core): keep QMD JSON search one-shot. Related #91821.
      • ·**PR #91871** Remove bundled channel contract fallbacks.
      • ·**PR #91879** fix(ci): include ACPX in shared live-test image.
      • ·**PR #91840** Fix stale visible reply recovery. Related #90535.
      • ·**PR #91876** Fix Telegram callback API handling.
      • ·**PR #91874** Share channel draft chunking resolver.
      • ·**PR #91599** fix(update): expose plugin convergence repair.
      • ·**PR #91581** fix(update): recover package gateway restart after refresh failure.
      • ·**PR #91904** fix(telegram): use SDK dispatch dedupe.
      • ·**PR #90263** fix(discord): hydrate reply context metadata.
      • ·**PR #91478** block unauthorized Telegram DM text from prompt context. Related #91209.
      • ·**PR #91915** fix(telegram): audit follow-ups — block-mode chunk config, dedupe bucket cleanup, grammy contract trust.
      • ·**PR #91361** fix(compaction): lower default timeout from 900s to 180s, preserve explicit config. Related #91358.
      • ·**PR #91791** fix(sandbox): use materialized skill paths in startup prompts. Related #91761.
      • ·**PR #91736** Support existing-session browser CDP endpoints. Related #56118.
      • ·**PR #91747** fix(browser): validate discovered CDP websocket URLs.
      • ·**PR #91882** feat(anthropic): support Claude Fable 5 adaptive thinking. Related #91805.
      • ·**PR #91884** fix(memory): keep ignored-name QMD roots watchable.
      • ·**PR #91740** fix(auth): verify SQLite auth migration before cleanup.
      • ·**PR #91451** fix(mcp): repair OAuth redirect, errors, and unicode schema patterns. Related #91433.
      • ·**PR #91978** fix(gateway): arm qmd startup maintenance.
      • ·**PR #90426** fix(talk): show OpenAI Realtime WebRTC assistant transcripts.
      • ·**PR #91696** fix(agents): preserve reasoning_content replay for Gemma 4 openai-completions models. Related #91645.
      • ·**PR #89938** Fail closed on exec approval timeout.
      • ·**PR #91895** fix(webchat): finalize provider failure lifecycle. Related #91730.
      • ·**PR #80143** fix(browser): honor cdpUrl for user default profile. Related #48042.
      • ·**PR #91688** fix(cron): reject cron expressions that have no reachable run time.
      • ·**PR #91737** fix(cron): use final-call usage for session token totals. Related #91716.
      • ·**PR #89605** fix(process): return timeout code for killed commands.
      • ·**PR #80013** perf(usage-cost-cache): throttle full-cache rewrites during refresh.
      • ·**PR #76731** Fix mobile Control UI chat layout.
      • ·**PR #83738** fix(cron): capture originating session/agent on the cron wake tool call.
      • ·**PR #85196** Redact tool output secrets.
      • ·**PR #92007** fix(security): block build tool env overrides.
      • ·**PR #91891** fix: preserve non-oneOf protocol schema array order.
      • ·**PR #91754** fix(macos): hide unsupported Voice Wake controls. Related #89575.
      • ·**PR #92049** test(ci): restore upgrade survivor session fixture.
      • ·**PR #89670** fix: keep skill toggles keyed by skill identity. Related #89661.
      • ·**PR #91934** fix(state): tolerate chmod failures when opening the state database. Related #91919.
      • ·**PR #92051** fix(fal): parse raw completed queue results. Related #91989.
      • ·**PR #92047** fix(agents): prefer explicit sessions_send keys. Related #64699.
      • ·**PR #92020** fix(memory-core): check SQLite plugin state for dreaming ingestion audit after JSON migration (fixes #92017).
      • ·**PR #92032** fix(mcp): always log channel-bridge notification failures.
      • ·**PR #92033** fix(gateway): log swallowed background-task finalization errors.
      • ·**PR #92022** fix(sessions): derive channel from direct-chat session keys in send-policy.
      • ·**PR #91163** fix(xai): clarify x_search query guidance.
      • ·**PR #90121** fix(memory): write dream fallback without subagent runtime.
      • ·**PR #91215** fix(ui): show prompt progress while sending. Related #91199.
      • ·**PR #92029** fix(tools): surface unsupported-signal in anyOf availability.
      • ·**PR #92034** perf(agents): memoize XML attribute regex in DSML stream parser.
      • ·**PR #92026** perf(agents): sanitize compaction messages once for token estimation.
      • ·**PR #91351** fix(opencode-go): add qwen plus tiered pricing. Related #91238.
      • ·**PR #92027** fix(gateway): recover config hot-reload after watcher errors.
      • ·**PR #91471** feat(cron): add readable ISO time fields to `cron runs` JSON output.
      • ·**PR #91711** :bug: fix(agents): classify harness provider mismatch as format error (#91710).
      • ·**PR #91292** fix(models): keep bundled provider catalog when configured base URL is blank (#91270).
      • ·**PR #91720** :bug: fix(openai): remove chatgpt-responses transport override from gpt-5.3-codex catalog entry. Related #91710.
      • ·**PR #91305** fix(control-ui): make Control UI bootstrap config endpoint base-path-relative (#66946).
      • ·**PR #92056** fix(exec): honor state dir approvals.
      • ·**PR #91897** fix(memory): self-heal missing index identity by initializing provider during sync.
      • ·**PR #91802** fix(diagnostics): release wedged session lane when stuck-session recovery aborts a run with queued session work. Related #91700.
      • ·**PR #92030** fix(cron): structural top-of-hour match in stagger heuristic.
      • ·**PR #92055** fix(media): resolve state-relative inbound attachments.
      • ·**PR #91962** fix(agent): dampen Discord stale thread replies.
      • ·**PR #90912** fix(agents): honor configured CLI resume timeouts.
      • ·**PR #91296** fix: hand off supervised git updates.
      • ·**PR #91950** fix(web_fetch): sanitize URL whitespace from LLM tool call arguments (fixes #91651).
      • ·**PR #77367** fix(discord): scope command-deploy cache by application id. Related #77359.
      • ·**PR #91976** feat(auto-reply): durable inter-tool commentary via verbose standalone progress (supersedes #89850/#89890).
      • ·**PR #90128** fix(sessions): preserve user /model override across daily/idle session rollover (#90119).
      • ·**PR #92084** fix(clickclack): allow explicit enable through plugin allowlist.
      • ·**PR #92092** fix(auto-reply): stop dropping claude-cli narration when commentary lane is off.
      • ·**PR #92123** #92109: [Bug]: EmbeddedAttemptSessionTakeoverError caused by Btrfs ctimeNs instability.
      • ·**PR #92136** fix(feishu): reply inside P2P direct-message threads.
      • ·**PR #92121** fix(memory): preserve live SQLite index during swaps. Related #91216.
      • ·**PR #90173** fix(agents): stabilize a2a prompt cache context.
      • ·**PR #91974** fix(cli-runner): scope claude-cli queue to live-session owner identity (#91946).
      • ·**PR #92053** fix(thinking): apply Claude profile to anthropic-messages catalog rows. Related #91975.
      • ·**PR #41991** Google: show detailed Gemini CLI OAuth extraction failures.
      • ·**PR #92074** fix(qqbot): flush tool output before silent non-streaming final.
      • ·**PR #89508** fix(models): clarify provider model registration hint. Related #89192.
      • ·**PR #89085** fix(agents): keep migrated session entry ids unique on v1 upgrade.
      • ·**PR #89552** fix(discord): clean migrated thread binding state.
      • ·**PR #89448** fix(cron): reject durations that overflow to a non-finite value. Related #83906.
      • ·**PR #89319** fix(doctor): warn on unsupported hook entry loaders. Related #89309.
      • ·**PR #91966** fix(config): stop config.patch replacePaths index suffix from widening array consent.
      • ·**PR #92127** fix(plugins): rescan storm in "/models" call (regression shipped since v2026.5.18).
      • ·**PR #91657** fix(ollama): use provider thinking default in SDK session factory. Related #91428.
      • ·**PR #91742** fix(memory): abort orphaned embedding work when memory_search times out. Related #91718.
      • ·**PR #89091** fix(memory-core): retry narrative message reads.
      • ·**PR #92150** fix(release): gate beta publish on plugin verification.
      • ·**PR #92158** fix(cli): validate gateway RPC timeout inputs.
      • ·**PR #91911** fix(agents): retry same model across short rate-limit windows.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.6
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.6.tgz
      • ·integrity: `sha512-oMYoQ8a7zummw1tD+AX98yYLzqoq0tQmYWHG65AA0ZivgzmOb2oD0cVdhcWP9IT3opkHdJ5vBdWywUe6xWQXtw==`
      • ·release SHA: `8c802aa683510c7f7503597b54c3021733245e59`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.6/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27411250030
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27396521799
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27396520911
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27411419408
      • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/27411423316
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27411547994
      • ·npm Telegram beta E2E: not supplied
      v2026.6.6-beta.2pre-release2026-06-12

      openclaw 2026.6.6-beta.2

      GitHub ↗

      Highlights

      • ·**Tighter security boundaries:** transcript, sandbox, MCP, browser, channel, and exec-approval paths now fail closed around unsafe access, timed-out approvals, and malformed boundary input. (#91529, #91618, #91741, #91750, #89938)
      • ·**Reliable Telegram delivery:** account-scoped topics route to the correct agent, streamed text survives tool calls, callbacks and draft chunks stay coherent, and unauthorized DM text does not enter cache or prompt context. (#91189, #88682, #90212, #91478, #91915)
      • ·**iMessage stays connected:** always-on inbound recovery, durable echo markers, block streaming, idle approval discovery, and outbound transport now survive restarts and idle periods. (#91335, #91449, #88969, #91783)
      • ·**Better browser and MCP connectivity:** existing browser sessions, CDP/WebSocket discovery, default-profile URLs, OAuth/SSE transport, and tool schemas now connect through clearer, safer paths. (#91422, #89851, #91736, #91451)
      • ·**Faster first replies:** Control UI startup no longer waits on broad model loading, while cached metadata, lazy slash-command work, and first-event tracing make slow initial responses visible. (#91531, #91538, #91568, #91583)
      • ·**Broader provider support:** OpenRouter OAuth and Claude Fable 5 land alongside correct Codex compaction ownership, local-model execution, normalized tool progress, and Gemma 4 reasoning replay. (#91830, #91882, #91590, #88630, #91696)

      Changes

      • ·CLI progress: emit Claude CLI commentary progress events and bridge inter-tool commentary into channel progress without exposing internal protocol scaffolding. (#89834, #90883)
      • ·Observability: allow trusted diagnostics channels to capture tool input/output content, add first-assistant-event traces, and warn on slow initial replies. (#91256, #91568, #91583)
      • ·Plugins/ClawHub: dogfood reusable package publishing, let dry runs skip publish approval, allow declared installed trusted hooks, report managed plugin version drift, and warn instead of failing on retired Skill Workshop configuration. (#91574, #91591, #90004, #90927, #90838)
      • ·Memory/providers: move the local llama.cpp runtime into its provider plugin, batch embeddings across files, persist the agent model catalog cache, and keep QMD JSON search one-shot while filtering stale REM recall previews. (#91324, #89138, #90457, #91837, #91851)
      • ·Channels/mobile: add the QQBot group mention toggle, improve iPad and iPhone control surfaces, and expose the active connection host in the TUI footer. (#91423, #91557, #89909)
      • ·Performance: prewarm TUI runtime plugins, deduplicate plugin auto-enable fanout, trim dense text-delta snapshots, and reuse prepared startup model metadata. (#90782, #89978, #91580, #91531)

      Fixes

      • ·Agent/session recovery: drop stale approval follow-ups after session rebind, remove drained reply-queue items by identity, recover stale main and visible replies, preserve Codex context-engine compaction ownership, lower the default compaction timeout to 180 seconds while respecting explicit configuration, and keep provider-failure terminal lifecycle state correct. (#85679, #91450, #91566, #91840, #91590, #91361, #91895)
      • ·User-visible content boundaries: suppress Codex/Harmony protocol artifacts, neutralize browser and LanceDB memory media directives, redact transcript images, and preserve native `/compact` replies through source suppression. (#89151, #91422, #91425, #91529, #90212)
      • ·Channel delivery: keep WhatsApp captured replies attached to the successor controller after restart, retry Feishu rate limits, preserve Mattermost thread replies, canonicalize LINE webhook paths, restore Discord reply hydration and runtime timeout exports, and show OpenAI Realtime WebRTC assistant transcripts. (#85823, #89659, #91684, #91649, #90263, #91686, #90426)
      • ·Cron: cancel active task runs cleanly, preserve terminal timeout/cancel state, and recover no-deliver tool warnings instead of silently losing the outcome. (#90666, #90678)
      • ·Gateway/config/auth: share the approval runtime socket token, replace arrays explicitly in `config.patch`, skip the deleted-agent guard only for valid ACP harness sessions, surface headless LaunchAgent state, verify SQLite auth migration before cleanup, and arm QMD startup maintenance. (#87105, #91551, #91219, #91614, #91740, #91978)
      • ·Providers/Codex: clarify quota errors, restore the Codex synthetic usage line, canonicalize Codex protocol assets, require API-key auth for realtime voice, normalize ACP model refs, preserve Gemma 4 `reasoning_content`, and avoid guardian review for local models. (#91390, #91709, #91507, #91567, #88630, #91696)
      • ·Updates/builds: recover package Gateway restarts after refresh failure, expose plugin convergence repair, fall back to Corepack in PATH-less pnpm environments, seed the correct Docker store packages, and keep ClawHub dry-run and publish paths reusable. (#91581, #91599, #91547, #91591)
      • ·UI: require explicit user intent before opening chat sessions and drain restored chat queues after session switches. (#91480)
      • ·Android: avoid the `dataSync` foreground-service type for persistent nodes. (#80082)
      • ·Native hooks: bound relay lifetimes so abandoned native hook connections cannot linger indefinitely. (#91550)

      Complete contribution record

      • ·**PR #91335** fix(imessage): always-on inbound recovery and dedupe. Related #89237.
      • ·**PR #91189** fix(telegram): route account-scoped topic agents.
      • ·**PR #88682** Preserve Telegram streamed text blocks between tool calls. Related #87326.
      • ·**PR #91390** fix: clarify provider quota errors.
      • ·**PR #90883** fix(cli): bridge inter-tool commentary events to channel progress.
      • ·**PR #91419** docs: preserve channel brand terms in Chinese i18n.
      • ·**PR #87105** fix(gateway): share approval runtime socket token.
      • ·**PR #80082** fix(android): avoid dataSync FGS for persistent node.
      • ·**PR #91442** docs: preserve LINE across localized docs glossaries.
      • ·**PR #88768** fix(codex): normalize dynamic tool progress results.
      • ·**PR #91422** fix(browser): neutralize media directives in browser output [AI].
      • ·**PR #89834** feat(cli): emit commentary progress events from Claude CLI parser. Related #87326.
      • ·**PR #85679** fix(agents): drop stale exec approval followups after session rebind. Related #59349.
      • ·**PR #91450** fix(reply-queue): remove the drained item by reference instead of front index.
      • ·**PR #89151** fix(delivery): suppress Codex/Harmony internal protocol artifacts from user-facing channels. Related #88128.
      • ·**PR #90678** fix(cron): recover no-deliver tool warnings.
      • ·**PR #91449** fix(imessage): honor block streaming config.
      • ·**PR #91508** Revert "docs: add maturity scorecard mirror".
      • ·**PR #91364** build(deps): bump github.com/steipete/peekaboo from 3.3.0 to 3.4.0 in /apps/macos in the swift-deps group.
      • ·**PR #91368** build(deps): bump actions/github-script from 8 to 9.
      • ·**PR #91512** chore: add taxonomy file.
      • ·**PR #91369** build(deps): bump actions/cache from 4 to 5.
      • ·**PR #91367** build(deps): bump the actions group with 2 updates.
      • ·**PR #91365** build(deps): bump the android-deps group in /apps/android with 3 updates.
      • ·**PR #91496** chore: bump Codex app-server to 0.137.0.
      • ·**PR #90666** fix(cron): cancel active cron task runs.
      • ·**PR #90927** fix(doctor): report managed plugin version drift. Related #90891.
      • ·**PR #91531** perf(control-ui): reuse startup model metadata.
      • ·**PR #91538** perf(control-ui): avoid startup catalog wait.
      • ·**PR #91507** feat: canonicalize Codex protocol JSON asset ordering.
      • ·**PR #91550** fix: bound native hook relay lifetime. Related #90993.
      • ·**PR #89588** fix(telegram): restore /compact on generic message ingress. Related #89525.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #91568** perf(control-ui): trace first assistant event.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #91574** feat: dogfood reusable ClawHub package publish.
      • ·**PR #91583** perf(control-ui): warn on slow first replies.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91578** fix: make docs i18n frontmatter translation resilient.
      • ·**PR #91567** fix(openai): require api-key auth for realtime voice. Related #90456.
      • ·**PR #91591** fix: let ClawHub dry runs skip publish approval.
      • ·**PR #91598** perf(control-ui): lazy load slash commands.
      • ·**PR #91580** fix(agents): trim dense text delta snapshots. Related #86599.
      • ·**PR #91425** fix(memory-lancedb): guard memory recall output [AI].
      • ·**PR #88969** fix(imessage): persist echo markers before send.
      • ·**PR #91566** Fix stale main session startup recovery. Related #90525.
      • ·**PR #91324** fix(memory): move local llama.cpp runtime to provider plugin. Related #88705.
      • ·**PR #91637** docs: include plugin prerelease in release validation approval.
      • ·**PR #91649** fix(line): canonicalize trailing-slash webhook paths.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.
      • ·**PR #91642** fix(docs): continue partial i18n batches after file errors.
      • ·**PR #91661** chore(plugin-sdk): refresh API baseline hash.
      • ·**PR #91665** docs: fix release CI Android dispatch guidance.
      • ·**PR #89138** fix #88009: [Feature]: batched memory embedding should batch over files.
      • ·**PR #91679** fix(plugin-sdk): align Discord component edit facade types.
      • ·**PR #91686** fix(discord): restore runtime timeout compatibility exports.
      • ·**PR #90212** fix(agents): deliver native /compact replies through source suppression.
      • ·**PR #91618** fix: expand unsafe host env denylist.
      • ·**PR #91615** fix: block rustup toolchain env overrides [AI].
      • ·**PR #89851** fix(gateway): support Streamable HTTP MCP transport on loopback server.
      • ·**PR #91619** fix: block git protocol env controls [AI].
      • ·**PR #91684** fix(mattermost): keep default replies in existing threads.
      • ·**PR #90457** fix(models): persist agent catalog cache.
      • ·**PR #91709** fix(status): restore Codex synthetic usage line. Related #91694.
      • ·**PR #89909** fix(tui): show connection host in footer. Related #56276.
      • ·**PR #89978** perf(config): dedupe plugin auto-enable fanout work.
      • ·**PR #91219** fix(gateway): skip deleted-agent guard for ACP harness session keys.
      • ·**PR #90782** perf(tui): prewarm runtime plugins before first send.
      • ·**PR #90838** fix(config): warn for retired skill-workshop plugin entry instead of failing validation (#90244).
      • ·**PR #91753** docs: clarify Matrix plugin upgrade repair.
      • ·**PR #91755** docs: align Feishu DM policy defaults.
      • ·**PR #91745** fix(discord): require sender for moderation actions [AI].
      • ·**PR #85950** docs: clarify trusted-proxy Control UI scope behavior. Related #80063.
      • ·**PR #91746** fix(msteams): require admin for group actions.
      • ·**PR #91256** feat(diagnostics-otel): capture tool input/output content via trusted channel.
      • ·**PR #91749** fix(gateway): restrict non-owner loopback tools.
      • ·**PR #91748** fix(elevated): reject group ids as senders.
      • ·**PR #91752** fix(codex): guard sandbox http requests.
      • ·**PR #91763** fix: require ACP metadata for deleted-agent bypass.
      • ·**PR #91751** fix(mcp): harden stdio env filtering.
      • ·**PR #91765** Clarify env-var executable behavior reports in SECURITY.md.
      • ·**PR #91480** fix(ui): require user intent for chat sessions. Related #89760.
      • ·**PR #91777** docs: remove superpowers spec draft.
      • ·**PR #91773** fix(mcp): lowercase SSE event-source header keys to prevent duplicate Authorization (401).
      • ·**PR #91741** Validate sandbox bind parent paths [AI].
      • ·**PR #88530** fix(imessage): skip idle approval discovery scans.
      • ·**PR #91780** fix(ui): drain restored chat queue after session switch.
      • ·**PR #91750** fix(search): enforce native web search tool policy.
      • ·**PR #91757** fix(config): clarify retired skill workshop plugin warning.
      • ·**PR #91787** fix(doctor): keep TTS legacy migration on supported paths.
      • ·**PR #91783** fix(imessage): harden outbound send transport. Related #84329.
      • ·**PR #91785** fix(imessage): surface inbound startup diagnostics.
      • ·**PR #91590** Fix context-engine compaction ownership for Codex sessions.
      • ·**PR #91557** Improve iPad and iPhone control surfaces.
      • ·**PR #91666** chore(deps): bump useblacksmith/setup-docker-builder from 1.8.0 to 1.9.0 in the actions group.
      • ·**PR #91819** docs: link ClawHub plugin validation fixes guide.
      • ·**PR #88630** fix(codex): avoid guardian review for local models.
      • ·**PR #91830** feat: add OpenRouter OAuth to onboarding.
      • ·**PR #91842** fix(plugin-sdk): refresh API baseline hash.
      • ·**PR #91614** fix(gateway): surface headless LaunchAgent state.
      • ·**PR #91851** fix(memory-core): filter stale recall entries in REM harness preview.
      • ·**PR #91859** fix(ci): disable memory slot in release smoke config.
      • ·**PR #90004** [plugin sdk] Allow declared installed trusted hooks. Related #87735.
      • ·**PR #91837** fix(memory-core): keep QMD JSON search one-shot. Related #91821.
      • ·**PR #91871** Remove bundled channel contract fallbacks.
      • ·**PR #91879** fix(ci): include ACPX in shared live-test image.
      • ·**PR #91840** Fix stale visible reply recovery. Related #90535.
      • ·**PR #91876** Fix Telegram callback API handling.
      • ·**PR #91874** Share channel draft chunking resolver.
      • ·**PR #91599** fix(update): expose plugin convergence repair.
      • ·**PR #91581** fix(update): recover package gateway restart after refresh failure.
      • ·**PR #91904** fix(telegram): use SDK dispatch dedupe.
      • ·**PR #90263** fix(discord): hydrate reply context metadata.
      • ·**PR #91478** block unauthorized Telegram DM text from prompt context. Related #91209.
      • ·**PR #91915** fix(telegram): audit follow-ups — block-mode chunk config, dedupe bucket cleanup, grammy contract trust.
      • ·**PR #91361** fix(compaction): lower default timeout from 900s to 180s, preserve explicit config. Related #91358.
      • ·**PR #91791** fix(sandbox): use materialized skill paths in startup prompts. Related #91761.
      • ·**PR #91736** Support existing-session browser CDP endpoints. Related #56118.
      • ·**PR #91747** fix(browser): validate discovered CDP websocket URLs.
      • ·**PR #91882** feat(anthropic): support Claude Fable 5 adaptive thinking. Related #91805.
      • ·**PR #91884** fix(memory): keep ignored-name QMD roots watchable.
      • ·**PR #91740** fix(auth): verify SQLite auth migration before cleanup.
      • ·**PR #91451** fix(mcp): repair OAuth redirect, errors, and unicode schema patterns. Related #91433.
      • ·**PR #91978** fix(gateway): arm qmd startup maintenance.
      • ·**PR #90426** fix(talk): show OpenAI Realtime WebRTC assistant transcripts.
      • ·**PR #91696** fix(agents): preserve reasoning_content replay for Gemma 4 openai-completions models. Related #91645.
      • ·**PR #89938** Fail closed on exec approval timeout.
      • ·**PR #91895** fix(webchat): finalize provider failure lifecycle. Related #91730.
      • ·**PR #80143** fix(browser): honor cdpUrl for user default profile. Related #48042.
      • ·**PR #91688** fix(cron): reject cron expressions that have no reachable run time.
      • ·**PR #91737** fix(cron): use final-call usage for session token totals. Related #91716.
      • ·**PR #89605** fix(process): return timeout code for killed commands.
      • ·**PR #80013** perf(usage-cost-cache): throttle full-cache rewrites during refresh.
      • ·**PR #76731** Fix mobile Control UI chat layout.
      • ·**PR #83738** fix(cron): capture originating session/agent on the cron wake tool call.
      • ·**PR #85196** Redact tool output secrets.
      • ·**PR #92007** fix(security): block build tool env overrides.
      • ·**PR #91891** fix: preserve non-oneOf protocol schema array order.
      • ·**PR #91754** fix(macos): hide unsupported Voice Wake controls. Related #89575.
      • ·**PR #92049** test(ci): restore upgrade survivor session fixture.
      • ·**PR #89670** fix: keep skill toggles keyed by skill identity. Related #89661.
      • ·**PR #91934** fix(state): tolerate chmod failures when opening the state database. Related #91919.
      • ·**PR #92051** fix(fal): parse raw completed queue results. Related #91989.
      • ·**PR #92047** fix(agents): prefer explicit sessions_send keys. Related #64699.
      • ·**PR #92020** fix(memory-core): check SQLite plugin state for dreaming ingestion audit after JSON migration (fixes #92017).
      • ·**PR #92032** fix(mcp): always log channel-bridge notification failures.
      • ·**PR #92033** fix(gateway): log swallowed background-task finalization errors.
      • ·**PR #92022** fix(sessions): derive channel from direct-chat session keys in send-policy.
      • ·**PR #91163** fix(xai): clarify x_search query guidance.
      • ·**PR #90121** fix(memory): write dream fallback without subagent runtime.
      • ·**PR #91215** fix(ui): show prompt progress while sending. Related #91199.
      • ·**PR #92029** fix(tools): surface unsupported-signal in anyOf availability.
      • ·**PR #92034** perf(agents): memoize XML attribute regex in DSML stream parser.
      • ·**PR #92026** perf(agents): sanitize compaction messages once for token estimation.
      • ·**PR #91351** fix(opencode-go): add qwen plus tiered pricing. Related #91238.
      • ·**PR #92027** fix(gateway): recover config hot-reload after watcher errors.
      • ·**PR #91471** feat(cron): add readable ISO time fields to `cron runs` JSON output.
      • ·**PR #91711** :bug: fix(agents): classify harness provider mismatch as format error (#91710).
      • ·**PR #91292** fix(models): keep bundled provider catalog when configured base URL is blank (#91270).
      • ·**PR #91720** :bug: fix(openai): remove chatgpt-responses transport override from gpt-5.3-codex catalog entry. Related #91710.
      • ·**PR #91305** fix(control-ui): make Control UI bootstrap config endpoint base-path-relative (#66946).
      • ·**PR #92056** fix(exec): honor state dir approvals.
      • ·**PR #91897** fix(memory): self-heal missing index identity by initializing provider during sync.
      • ·**PR #91802** fix(diagnostics): release wedged session lane when stuck-session recovery aborts a run with queued session work. Related #91700.
      • ·**PR #92030** fix(cron): structural top-of-hour match in stagger heuristic.
      • ·**PR #92055** fix(media): resolve state-relative inbound attachments.
      • ·**PR #91962** fix(agent): dampen Discord stale thread replies.
      • ·**PR #90912** fix(agents): honor configured CLI resume timeouts.
      • ·**PR #91296** fix: hand off supervised git updates.
      • ·**PR #91950** fix(web_fetch): sanitize URL whitespace from LLM tool call arguments (fixes #91651).
      • ·**PR #77367** fix(discord): scope command-deploy cache by application id. Related #77359.
      • ·**PR #91976** feat(auto-reply): durable inter-tool commentary via verbose standalone progress (supersedes #89850/#89890).
      • ·**PR #90128** fix(sessions): preserve user /model override across daily/idle session rollover (#90119).
      • ·**PR #92084** fix(clickclack): allow explicit enable through plugin allowlist.
      • ·**PR #92092** fix(auto-reply): stop dropping claude-cli narration when commentary lane is off.
      • ·**PR #92123** #92109: [Bug]: EmbeddedAttemptSessionTakeoverError caused by Btrfs ctimeNs instability.
      • ·**PR #92136** fix(feishu): reply inside P2P direct-message threads.
      • ·**PR #92121** fix(memory): preserve live SQLite index during swaps. Related #91216.
      • ·**PR #90173** fix(agents): stabilize a2a prompt cache context.
      • ·**PR #91974** fix(cli-runner): scope claude-cli queue to live-session owner identity (#91946).
      • ·**PR #92053** fix(thinking): apply Claude profile to anthropic-messages catalog rows. Related #91975.
      • ·**PR #41991** Google: show detailed Gemini CLI OAuth extraction failures.
      • ·**PR #92074** fix(qqbot): flush tool output before silent non-streaming final.
      • ·**PR #89508** fix(models): clarify provider model registration hint. Related #89192.
      • ·**PR #89085** fix(agents): keep migrated session entry ids unique on v1 upgrade.
      • ·**PR #89552** fix(discord): clean migrated thread binding state.
      • ·**PR #89448** fix(cron): reject durations that overflow to a non-finite value. Related #83906.
      • ·**PR #89319** fix(doctor): warn on unsupported hook entry loaders. Related #89309.
      • ·**PR #91966** fix(config): stop config.patch replacePaths index suffix from widening array consent.
      • ·**PR #92127** fix(plugins): rescan storm in "/models" call (regression shipped since v2026.5.18).
      • ·**PR #91657** fix(ollama): use provider thinking default in SDK session factory. Related #91428.
      • ·**PR #91742** fix(memory): abort orphaned embedding work when memory_search times out. Related #91718.
      • ·**PR #89091** fix(memory-core): retry narrative message reads.
      • ·**PR #92150** fix(release): gate beta publish on plugin verification.
      • ·**PR #92158** fix(cli): validate gateway RPC timeout inputs.
      • ·**PR #91911** fix(agents): retry same model across short rate-limit windows.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.6-beta.2
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.6-beta.2.tgz
      • ·integrity: `sha512-617ITjTL0UxtQK4qGOc248nQBJjExX43/RR7CBr+0rEpqnA88i/VWABfTPrUnNT25181uZkOyzgguZjMW0u4Ug==`
      • ·release SHA: `3129eed4de92d0ddc0209fbf195c790c3d73ab03`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.6-beta.2/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27392222148
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27390602410
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27390601362
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27392305214
      • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/27392308021
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27392531757
      • ·npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/27392727108
      • ·postpublish package acceptance: https://github.com/openclaw/openclaw/actions/runs/27392843057
      v2026.6.6-beta.1pre-release2026-06-10

      OpenClaw 2026.6.6-beta.1

      GitHub ↗

      Highlights

      • ·**Tighter security boundaries:** transcript, sandbox, MCP, browser, channel, and exec-approval paths now fail closed around unsafe access, timed-out approvals, and malformed boundary input. (#91529, #91618, #91741, #91750, #89938)
      • ·**Reliable Telegram delivery:** account-scoped topics route to the correct agent, streamed text survives tool calls, callbacks and draft chunks stay coherent, and unauthorized DM text does not enter cache or prompt context. (#91189, #88682, #90212, #91478, #91915)
      • ·**iMessage stays connected:** always-on inbound recovery, durable echo markers, block streaming, idle approval discovery, and outbound transport now survive restarts and idle periods. (#91335, #91449, #88969, #91783)
      • ·**Better browser and MCP connectivity:** existing browser sessions, CDP/WebSocket discovery, default-profile URLs, OAuth/SSE transport, and tool schemas now connect through clearer, safer paths. (#91422, #89851, #91736, #91451)
      • ·**Faster first replies:** Control UI startup no longer waits on broad model loading, while cached metadata, lazy slash-command work, and first-event tracing make slow initial responses visible. (#91531, #91538, #91568, #91583)
      • ·**Broader provider support:** OpenRouter OAuth and Claude Fable 5 land alongside correct Codex compaction ownership, local-model execution, normalized tool progress, and Gemma 4 reasoning replay. (#91830, #91882, #91590, #88630, #91696)

      Changes

      • ·CLI progress: emit Claude CLI commentary progress events and bridge inter-tool commentary into channel progress without exposing internal protocol scaffolding. (#89834, #90883)
      • ·Observability: allow trusted diagnostics channels to capture tool input/output content, add first-assistant-event traces, and warn on slow initial replies. (#91256, #91568, #91583)
      • ·Plugins/ClawHub: dogfood reusable package publishing, let dry runs skip publish approval, allow declared installed trusted hooks, report managed plugin version drift, and warn instead of failing on retired Skill Workshop configuration. (#91574, #91591, #90004, #90927, #90838)
      • ·Memory/providers: move the local llama.cpp runtime into its provider plugin, batch embeddings across files, persist the agent model catalog cache, and keep QMD JSON search one-shot while filtering stale REM recall previews. (#91324, #89138, #90457, #91837, #91851)
      • ·Channels/mobile: add the QQBot group mention toggle, improve iPad and iPhone control surfaces, and expose the active connection host in the TUI footer. (#91423, #91557, #89909)
      • ·Performance: prewarm TUI runtime plugins, deduplicate plugin auto-enable fanout, trim dense text-delta snapshots, and reuse prepared startup model metadata. (#90782, #89978, #91580, #91531)

      Fixes

      • ·Agent/session recovery: drop stale approval follow-ups after session rebind, remove drained reply-queue items by identity, recover stale main and visible replies, preserve Codex context-engine compaction ownership, lower the default compaction timeout to 180 seconds while respecting explicit configuration, and keep provider-failure terminal lifecycle state correct. (#85679, #91450, #91566, #91840, #91590, #91361, #91895)
      • ·User-visible content boundaries: suppress Codex/Harmony protocol artifacts, neutralize browser and LanceDB memory media directives, redact transcript images, and preserve native `/compact` replies through source suppression. (#89151, #91422, #91425, #91529, #90212)
      • ·Channel delivery: keep WhatsApp captured replies attached to the successor controller after restart, retry Feishu rate limits, preserve Mattermost thread replies, canonicalize LINE webhook paths, restore Discord reply hydration and runtime timeout exports, and show OpenAI Realtime WebRTC assistant transcripts. (#85823, #89659, #91684, #91649, #90263, #91686, #90426)
      • ·Cron: cancel active task runs cleanly, preserve terminal timeout/cancel state, and recover no-deliver tool warnings instead of silently losing the outcome. (#90666, #90678)
      • ·Gateway/config/auth: share the approval runtime socket token, replace arrays explicitly in `config.patch`, skip the deleted-agent guard only for valid ACP harness sessions, surface headless LaunchAgent state, verify SQLite auth migration before cleanup, and arm QMD startup maintenance. (#87105, #91551, #91219, #91614, #91740, #91978)
      • ·Providers/Codex: clarify quota errors, restore the Codex synthetic usage line, canonicalize Codex protocol assets, require API-key auth for realtime voice, normalize ACP model refs, preserve Gemma 4 `reasoning_content`, and avoid guardian review for local models. (#91390, #91709, #91507, #91567, #88630, #91696)
      • ·Updates/builds: recover package Gateway restarts after refresh failure, expose plugin convergence repair, fall back to Corepack in PATH-less pnpm environments, seed the correct Docker store packages, and keep ClawHub dry-run and publish paths reusable. (#91581, #91599, #91547, #91591)
      • ·UI: require explicit user intent before opening chat sessions and drain restored chat queues after session switches. (#91480)
      • ·Android: avoid the `dataSync` foreground-service type for persistent nodes. (#80082)
      • ·Native hooks: bound relay lifetimes so abandoned native hook connections cannot linger indefinitely. (#91550)

      Complete contribution record

      • ·**PR #91335** fix(imessage): always-on inbound recovery and dedupe. Related #89237.
      • ·**PR #91189** fix(telegram): route account-scoped topic agents.
      • ·**PR #88682** Preserve Telegram streamed text blocks between tool calls. Related #87326.
      • ·**PR #91390** fix: clarify provider quota errors.
      • ·**PR #90883** fix(cli): bridge inter-tool commentary events to channel progress.
      • ·**PR #91419** docs: preserve channel brand terms in Chinese i18n.
      • ·**PR #87105** fix(gateway): share approval runtime socket token.
      • ·**PR #80082** fix(android): avoid dataSync FGS for persistent node.
      • ·**PR #91442** docs: preserve LINE across localized docs glossaries.
      • ·**PR #88768** fix(codex): normalize dynamic tool progress results.
      • ·**PR #91422** fix(browser): neutralize media directives in browser output [AI].
      • ·**PR #89834** feat(cli): emit commentary progress events from Claude CLI parser. Related #87326.
      • ·**PR #85679** fix(agents): drop stale exec approval followups after session rebind. Related #59349.
      • ·**PR #91450** fix(reply-queue): remove the drained item by reference instead of front index.
      • ·**PR #89151** fix(delivery): suppress Codex/Harmony internal protocol artifacts from user-facing channels. Related #88128.
      • ·**PR #90678** fix(cron): recover no-deliver tool warnings.
      • ·**PR #91449** fix(imessage): honor block streaming config.
      • ·**PR #91508** Revert "docs: add maturity scorecard mirror".
      • ·**PR #91364** build(deps): bump github.com/steipete/peekaboo from 3.3.0 to 3.4.0 in /apps/macos in the swift-deps group.
      • ·**PR #91368** build(deps): bump actions/github-script from 8 to 9.
      • ·**PR #91512** chore: add taxonomy file.
      • ·**PR #91369** build(deps): bump actions/cache from 4 to 5.
      • ·**PR #91367** build(deps): bump the actions group with 2 updates.
      • ·**PR #91365** build(deps): bump the android-deps group in /apps/android with 3 updates.
      • ·**PR #91496** chore: bump Codex app-server to 0.137.0.
      • ·**PR #90666** fix(cron): cancel active cron task runs.
      • ·**PR #90927** fix(doctor): report managed plugin version drift. Related #90891.
      • ·**PR #91531** perf(control-ui): reuse startup model metadata.
      • ·**PR #91538** perf(control-ui): avoid startup catalog wait.
      • ·**PR #91507** feat: canonicalize Codex protocol JSON asset ordering.
      • ·**PR #91550** fix: bound native hook relay lifetime. Related #90993.
      • ·**PR #89588** fix(telegram): restore /compact on generic message ingress. Related #89525.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #91568** perf(control-ui): trace first assistant event.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #91574** feat: dogfood reusable ClawHub package publish.
      • ·**PR #91583** perf(control-ui): warn on slow first replies.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91578** fix: make docs i18n frontmatter translation resilient.
      • ·**PR #91567** fix(openai): require api-key auth for realtime voice. Related #90456.
      • ·**PR #91591** fix: let ClawHub dry runs skip publish approval.
      • ·**PR #91598** perf(control-ui): lazy load slash commands.
      • ·**PR #91580** fix(agents): trim dense text delta snapshots. Related #86599.
      • ·**PR #91425** fix(memory-lancedb): guard memory recall output [AI].
      • ·**PR #88969** fix(imessage): persist echo markers before send.
      • ·**PR #91566** Fix stale main session startup recovery. Related #90525.
      • ·**PR #91324** fix(memory): move local llama.cpp runtime to provider plugin. Related #88705.
      • ·**PR #91637** docs: include plugin prerelease in release validation approval.
      • ·**PR #91649** fix(line): canonicalize trailing-slash webhook paths.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.
      • ·**PR #91642** fix(docs): continue partial i18n batches after file errors.
      • ·**PR #91661** chore(plugin-sdk): refresh API baseline hash.
      • ·**PR #91665** docs: fix release CI Android dispatch guidance.
      • ·**PR #89138** fix #88009: [Feature]: batched memory embedding should batch over files.
      • ·**PR #91679** fix(plugin-sdk): align Discord component edit facade types.
      • ·**PR #91686** fix(discord): restore runtime timeout compatibility exports.
      • ·**PR #90212** fix(agents): deliver native /compact replies through source suppression.
      • ·**PR #91618** fix: expand unsafe host env denylist.
      • ·**PR #91615** fix: block rustup toolchain env overrides [AI].
      • ·**PR #89851** fix(gateway): support Streamable HTTP MCP transport on loopback server.
      • ·**PR #91619** fix: block git protocol env controls [AI].
      • ·**PR #91684** fix(mattermost): keep default replies in existing threads.
      • ·**PR #90457** fix(models): persist agent catalog cache.
      • ·**PR #91709** fix(status): restore Codex synthetic usage line. Related #91694.
      • ·**PR #89909** fix(tui): show connection host in footer. Related #56276.
      • ·**PR #89978** perf(config): dedupe plugin auto-enable fanout work.
      • ·**PR #91219** fix(gateway): skip deleted-agent guard for ACP harness session keys.
      • ·**PR #90782** perf(tui): prewarm runtime plugins before first send.
      • ·**PR #90838** fix(config): warn for retired skill-workshop plugin entry instead of failing validation (#90244).
      • ·**PR #91753** docs: clarify Matrix plugin upgrade repair.
      • ·**PR #91755** docs: align Feishu DM policy defaults.
      • ·**PR #91745** fix(discord): require sender for moderation actions [AI].
      • ·**PR #85950** docs: clarify trusted-proxy Control UI scope behavior. Related #80063.
      • ·**PR #91746** fix(msteams): require admin for group actions.
      • ·**PR #91256** feat(diagnostics-otel): capture tool input/output content via trusted channel.
      • ·**PR #91749** fix(gateway): restrict non-owner loopback tools.
      • ·**PR #91748** fix(elevated): reject group ids as senders.
      • ·**PR #91752** fix(codex): guard sandbox http requests.
      • ·**PR #91763** fix: require ACP metadata for deleted-agent bypass.
      • ·**PR #91751** fix(mcp): harden stdio env filtering.
      • ·**PR #91765** Clarify env-var executable behavior reports in SECURITY.md.
      • ·**PR #91480** fix(ui): require user intent for chat sessions. Related #89760.
      • ·**PR #91777** docs: remove superpowers spec draft.
      • ·**PR #91773** fix(mcp): lowercase SSE event-source header keys to prevent duplicate Authorization (401).
      • ·**PR #91741** Validate sandbox bind parent paths [AI].
      • ·**PR #88530** fix(imessage): skip idle approval discovery scans.
      • ·**PR #91780** fix(ui): drain restored chat queue after session switch.
      • ·**PR #91750** fix(search): enforce native web search tool policy.
      • ·**PR #91757** fix(config): clarify retired skill workshop plugin warning.
      • ·**PR #91787** fix(doctor): keep TTS legacy migration on supported paths.
      • ·**PR #91783** fix(imessage): harden outbound send transport. Related #84329.
      • ·**PR #91785** fix(imessage): surface inbound startup diagnostics.
      • ·**PR #91590** Fix context-engine compaction ownership for Codex sessions.
      • ·**PR #91557** Improve iPad and iPhone control surfaces.
      • ·**PR #91666** chore(deps): bump useblacksmith/setup-docker-builder from 1.8.0 to 1.9.0 in the actions group.
      • ·**PR #91819** docs: link ClawHub plugin validation fixes guide.
      • ·**PR #88630** fix(codex): avoid guardian review for local models.
      • ·**PR #91830** feat: add OpenRouter OAuth to onboarding.
      • ·**PR #91842** fix(plugin-sdk): refresh API baseline hash.
      • ·**PR #91614** fix(gateway): surface headless LaunchAgent state.
      • ·**PR #91851** fix(memory-core): filter stale recall entries in REM harness preview.
      • ·**PR #91859** fix(ci): disable memory slot in release smoke config.
      • ·**PR #90004** [plugin sdk] Allow declared installed trusted hooks. Related #87735.
      • ·**PR #91837** fix(memory-core): keep QMD JSON search one-shot. Related #91821.
      • ·**PR #91871** Remove bundled channel contract fallbacks.
      • ·**PR #91879** fix(ci): include ACPX in shared live-test image.
      • ·**PR #91840** Fix stale visible reply recovery. Related #90535.
      • ·**PR #91876** Fix Telegram callback API handling.
      • ·**PR #91874** Share channel draft chunking resolver.
      • ·**PR #91599** fix(update): expose plugin convergence repair.
      • ·**PR #91581** fix(update): recover package gateway restart after refresh failure.
      • ·**PR #91904** fix(telegram): use SDK dispatch dedupe.
      • ·**PR #90263** fix(discord): hydrate reply context metadata.
      • ·**PR #91478** block unauthorized Telegram DM text from prompt context. Related #91209.
      • ·**PR #91915** fix(telegram): audit follow-ups — block-mode chunk config, dedupe bucket cleanup, grammy contract trust.
      • ·**PR #91361** fix(compaction): lower default timeout from 900s to 180s, preserve explicit config. Related #91358.
      • ·**PR #91791** fix(sandbox): use materialized skill paths in startup prompts. Related #91761.
      • ·**PR #91736** Support existing-session browser CDP endpoints. Related #56118.
      • ·**PR #91747** fix(browser): validate discovered CDP websocket URLs.
      • ·**PR #91882** feat(anthropic): support Claude Fable 5 adaptive thinking. Related #91805.
      • ·**PR #91884** fix(memory): keep ignored-name QMD roots watchable.
      • ·**PR #91740** fix(auth): verify SQLite auth migration before cleanup.
      • ·**PR #91451** fix(mcp): repair OAuth redirect, errors, and unicode schema patterns. Related #91433.
      • ·**PR #91978** fix(gateway): arm qmd startup maintenance.
      • ·**PR #90426** fix(talk): show OpenAI Realtime WebRTC assistant transcripts.
      • ·**PR #91696** fix(agents): preserve reasoning_content replay for Gemma 4 openai-completions models. Related #91645.
      • ·**PR #89938** Fail closed on exec approval timeout.
      • ·**PR #91895** fix(webchat): finalize provider failure lifecycle. Related #91730.
      • ·**PR #80143** fix(browser): honor cdpUrl for user default profile. Related #48042.
      • ·**PR #91688** fix(cron): reject cron expressions that have no reachable run time.
      • ·**PR #91737** fix(cron): use final-call usage for session token totals. Related #91716.
      • ·**PR #89605** fix(process): return timeout code for killed commands.
      • ·**PR #80013** perf(usage-cost-cache): throttle full-cache rewrites during refresh.
      • ·**PR #76731** Fix mobile Control UI chat layout.
      • ·**PR #83738** fix(cron): capture originating session/agent on the cron wake tool call.
      • ·**PR #85196** Redact tool output secrets.
      • ·**PR #92007** fix(security): block build tool env overrides.
      • ·**PR #91891** fix: preserve non-oneOf protocol schema array order.
      • ·**PR #91754** fix(macos): hide unsupported Voice Wake controls. Related #89575.
      • ·**PR #92049** test(ci): restore upgrade survivor session fixture.
      • ·**PR #89670** fix: keep skill toggles keyed by skill identity. Related #89661.
      • ·**PR #91934** fix(state): tolerate chmod failures when opening the state database. Related #91919.
      • ·**PR #92051** fix(fal): parse raw completed queue results. Related #91989.
      • ·**PR #92047** fix(agents): prefer explicit sessions_send keys. Related #64699.
      • ·**PR #92020** fix(memory-core): check SQLite plugin state for dreaming ingestion audit after JSON migration (fixes #92017).
      • ·**PR #92032** fix(mcp): always log channel-bridge notification failures.
      • ·**PR #92033** fix(gateway): log swallowed background-task finalization errors.
      • ·**PR #92022** fix(sessions): derive channel from direct-chat session keys in send-policy.
      • ·**PR #91163** fix(xai): clarify x_search query guidance.
      • ·**PR #90121** fix(memory): write dream fallback without subagent runtime.
      • ·**PR #91215** fix(ui): show prompt progress while sending. Related #91199.
      • ·**PR #92029** fix(tools): surface unsupported-signal in anyOf availability.
      • ·**PR #92034** perf(agents): memoize XML attribute regex in DSML stream parser.
      • ·**PR #92026** perf(agents): sanitize compaction messages once for token estimation.
      • ·**PR #91351** fix(opencode-go): add qwen plus tiered pricing. Related #91238.
      • ·**PR #92027** fix(gateway): recover config hot-reload after watcher errors.
      • ·**PR #91471** feat(cron): add readable ISO time fields to `cron runs` JSON output.
      • ·**PR #91711** :bug: fix(agents): classify harness provider mismatch as format error (#91710).
      • ·**PR #91292** fix(models): keep bundled provider catalog when configured base URL is blank (#91270).
      • ·**PR #91720** :bug: fix(openai): remove chatgpt-responses transport override from gpt-5.3-codex catalog entry. Related #91710.
      • ·**PR #91305** fix(control-ui): make Control UI bootstrap config endpoint base-path-relative (#66946).
      • ·**PR #92056** fix(exec): honor state dir approvals.
      • ·**PR #91897** fix(memory): self-heal missing index identity by initializing provider during sync.
      • ·**PR #91802** fix(diagnostics): release wedged session lane when stuck-session recovery aborts a run with queued session work. Related #91700.
      • ·**PR #92030** fix(cron): structural top-of-hour match in stagger heuristic.
      • ·**PR #92055** fix(media): resolve state-relative inbound attachments.
      • ·**PR #91962** fix(agent): dampen Discord stale thread replies.
      • ·**PR #90912** fix(agents): honor configured CLI resume timeouts.
      • ·**PR #91296** fix: hand off supervised git updates.
      • ·**PR #91950** fix(web_fetch): sanitize URL whitespace from LLM tool call arguments (fixes #91651).
      • ·**PR #77367** fix(discord): scope command-deploy cache by application id. Related #77359.
      • ·**PR #91976** feat(auto-reply): durable inter-tool commentary via verbose standalone progress (supersedes #89850/#89890).
      • ·**PR #90128** fix(sessions): preserve user /model override across daily/idle session rollover (#90119).
      • ·**PR #92084** fix(clickclack): allow explicit enable through plugin allowlist.
      • ·**PR #92092** fix(auto-reply): stop dropping claude-cli narration when commentary lane is off.
      • ·**PR #92123** #92109: [Bug]: EmbeddedAttemptSessionTakeoverError caused by Btrfs ctimeNs instability.
      • ·**PR #92136** fix(feishu): reply inside P2P direct-message threads.
      • ·**PR #92121** fix(memory): preserve live SQLite index during swaps. Related #91216.
      • ·**PR #90173** fix(agents): stabilize a2a prompt cache context.
      • ·**PR #91974** fix(cli-runner): scope claude-cli queue to live-session owner identity (#91946).
      • ·**PR #92053** fix(thinking): apply Claude profile to anthropic-messages catalog rows. Related #91975.
      • ·**PR #41991** Google: show detailed Gemini CLI OAuth extraction failures.
      • ·**PR #92074** fix(qqbot): flush tool output before silent non-streaming final.
      • ·**PR #89508** fix(models): clarify provider model registration hint. Related #89192.
      • ·**PR #89085** fix(agents): keep migrated session entry ids unique on v1 upgrade.
      • ·**PR #89552** fix(discord): clean migrated thread binding state.
      • ·**PR #89448** fix(cron): reject durations that overflow to a non-finite value. Related #83906.
      • ·**PR #89319** fix(doctor): warn on unsupported hook entry loaders. Related #89309.
      • ·**PR #91966** fix(config): stop config.patch replacePaths index suffix from widening array consent.
      • ·**PR #92127** fix(plugins): rescan storm in "/models" call (regression shipped since v2026.5.18).
      • ·**PR #91657** fix(ollama): use provider thinking default in SDK session factory. Related #91428.
      • ·**PR #91742** fix(memory): abort orphaned embedding work when memory_search times out. Related #91718.
      • ·**PR #89091** fix(memory-core): retry narrative message reads.
      • ·**PR #92150** fix(release): gate beta publish on plugin verification.
      • ·**PR #92158** fix(cli): validate gateway RPC timeout inputs.
      • ·**PR #91911** fix(agents): retry same model across short rate-limit windows.
      v2026.6.52026-06-09

      openclaw 2026.6.5

      GitHub ↗

      Highlights

      • ·**Safer channel output:** QQBot strips model reasoning and thinking scaffolding before native delivery, so users see the final answer rather than raw internal markup. (#89913, #90132)
      • ·**MCP results no longer poison sessions:** `resource_link`, audio, malformed images, and future non-text blocks are normalized before provider conversion, avoiding Anthropic 400s and broken follow-up history. (#90710, #90728)
      • ·**Anthropic extended thinking recovers after restarts:** prompt-cache expiry and early-signature failures wait for a real message start, so they reach the existing retry path rather than ending a turn. (#90667, #90697)
      • ·**Parallel web search is bundled:** API-key discovery, guarded endpoint handling, cache-safe session IDs, onboarding, and documentation make it a first-class search provider. (#85158)
      • ·**Better Matrix and Vertex reliability:** Matrix voice notes and threaded conversations retain their context, while Google Vertex ADC models regain static catalog and runtime resolution. (#78016, #90415, #90506, #90609)
      • ·**Safer upgrades and restarts:** cron JSON stores migrate before runtime, service env placeholders stop masking secrets, and macOS avoids unnecessary direct-Gateway reconnect churn. (#90072, #90208, #90668, #90815)

      Changes

      • ·Search/providers: add the Parallel bundled web-search plugin, registration contracts, onboarding integration, and guarded `api.parallel.ai/v1/search` support. (#85158)
      • ·Matrix/channels: add voice-message preflight and thread-aware read/reply behavior. (#78016, #90415)
      • ·Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478)
      • ·Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.
      • ·Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, while iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, and unavailable Talk controls reachable.
      • ·Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)
      • ·QQBot: add `/bot-group-allways on|off` slash command (with named-account and default-account support) to toggle whether group messages require an `@mention` before the bot replies, and clear the runtime config snapshot after the write so the new account-level `defaultRequireMention` takes effect immediately without restart. (#91423)

      Fixes

      • ·Agents: `sessions_send` now honors an explicit `sessionKey` when stale label metadata is also present, and denied session-id sends no longer echo the resolved canonical session key. Fixes #64699; refs #74009 and #41199
      • ·Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132)
      • ·Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728)
      • ·Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until `message_start`, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319)
      • ·Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702)
      • ·Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815)
      • ·TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123)
      • ·Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, service env planning skips unresolved placeholders that would mask state-dir `.env` values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #90277, #90488)
      • ·Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep malformed operational limits bounded and explicit. (#89732, #90145)
      • ·Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on `globalThis`; Feishu streaming cards preserve full merged content; voice-call tracks Twilio streams after connect; ClickClack reply tools respect `toolsAllow`. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500)
      • ·Feishu: retry transient send rate-limit errors (HTTP 429, per-chat code 230020, tenant-level code 11232) with linear backoff, including SDK responses that fulfill with rate-limit bodies instead of throwing, and route streaming-card sends through the retry wrapper. (#89659)
      • ·Memory: keep doctor REM harness previews aligned with live REM by dropping short-term recall snippets whose source files disappeared before rendering preview output.

      Complete contribution record

      • ·**PR #89102** refactor(auth): store auth profiles in SQLite.
      • ·**PR #90028** docs: clarify legacy openai-codex auth.
      • ·**PR #89600** Fix Workboard status persistence. Related #88592.
      • ·**PR #90067** fix(workboard): isolate stale lifecycle bulk patches.
      • ·**PR #88585** Pin official npm plugin install records.
      • ·**PR #90053** fix: hide Skill Workshop revision handoff from chat.
      • ·**PR #90123** fix(auto-reply): count message tool sends as delivery.
      • ·**PR #87965** fix(whatsapp): restart channel when a per-account config field changes so disabled accounts are torn down. Related #87951.
      • ·**PR #90145** fix: protect global agent config defaults [AI].
      • ·**PR #90147** Rate limit node pairing requests [AI].
      • ·**PR #89732** fix: guard MCP HTTP redirects [AI].
      • ·**PR #90181** fix(feishu): preserve streaming card content. Related #90164.
      • ·**PR #90058** fix(docker): qualify base image refs for podman short-name mode.
      • ·**PR #89488** fix: stabilize Anthropic cache marker through tool loops.
      • ·**PR #89505** fix(acp): re-add opt-in parent commentary progress. Related #89501.
      • ·**PR #90341** fix(acp): default parent commentary in progress mode.
      • ·**PR #90351** fix(message-tool): stabilize send idempotency keys.
      • ·**PR #90375** refactor: remove Feishu runtime dedupe JSON fallback.
      • ·**PR #90385** refactor: move MS Teams state migration to doctor.
      • ·**PR #90287** fix(ci): scope PR merge diff checks to first parent.
      • ·**PR #90436** Add NVIDIA Nemotron 3 Ultra default.
      • ·**PR #90205** fix: tolerate missing streamed response content type.
      • ·**PR #90163** fix(agents): strip stale compaction thinking signatures before Anthropic replay. Related #90108.
      • ·**PR #90486** fix(whastapp): bound connection startup waits.
      • ·**PR #90488** fix service env placeholder collection.
      • ·**PR #90478** feat: install GitHub-backed ClawHub skills.
      • ·**PR #90304** feat(memory): support qmd query rerank toggle. Related #61834.
      • ·**PR #90532** Fix main CI guard drift.
      • ·**PR #90534** fix(mattermost): anchor slash state on globalThis (#68113).
      • ·**PR #89502** feat(googlechat): add native approval cards.
      • ·**PR #90317** Add Codex multi-agent config migration coverage.
      • ·**PR #90319** Add Codex session route migration coverage.
      • ·**PR #90132** fix(qqbot): sanitize outbound text to strip reasoning/thinking content. Related #89913.
      • ·**PR #89874** fix(agents): detect unsigned thinking-only stall when reasoning payload inflates payloadCount. Related #89787.
      • ·**PR #90594** fix(android): align provider readiness with available models.
      • ·**PR #90576** fix(sessions): reconcile stale terminal main transcripts. Related #60542.
      • ·**PR #90405** Fix ClickClack toolsAllow reply dispatch.
      • ·**PR #90415** feat(matrix): handle voice preflight and threads. Related #78016.
      • ·**PR #90208** fix(cron): auto-migrate legacy cron store. Related #90072.
      • ·**PR #85791** fix(gateway): dedupe probe warnings by gateway identity.
      • ·**PR #90632** fix(context-engine): forward isHeartbeat to afterTurn (fixes #89302).
      • ·**PR #90250** docs: prefer web_fetch in weather skill.
      • ·**PR #85158** feat(parallel): add Parallel as a bundled web_search provider.
      • ·**PR #86205** fix(tui): stabilize optimistic user messages across history reloads, runId reassignment, and abort.
      • ·**PR #86483** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #90601** chore(deps): bump the actions group across 1 directory with 4 updates.
      • ·**PR #81757** chore(deps): bump github.com/apple/swift-testing from 6.3.1 to 6.3.2 in /apps/swabble in the swift-deps group across 1 directory.
      • ·**PR #86481** chore(deps): bump the android-deps group across 1 directory with 9 updates.
      • ·**PR #74980** build(deps): bump docker/login-action from 3.6.0 to 4.1.0.
      • ·**PR #90717** fix(agents): re-probe single-provider primary during cooldown. Related #90702.
      • ·**PR #90609** fix(google): preserve Vertex ADC catalog auth. Related #90506.
      • ·**PR #90775** fix: refresh prompt fence after compaction writes. Related #90729.
      • ·**PR #90027** test(codex): pin completion-idle timeout thread reset.
      • ·**PR #89566** fix(telegram): suppress post-final tool error noise.
      • ·**PR #90607** fix(voice-call): track Twilio streams after connect. Related #81122.
      • ·**PR #90728** fix(agents): coerce non-text/image MCP tool-result blocks to text (fixes #90710).
      • ·**PR #90697** fix(llm): defer Anthropic stream start event until after message_start. Related #90667.
      • ·**PR #90816** fix(memory): resolve adapter default model in plain status identity check. Related #90413.
      • ·**PR #90815** fix #90668: [Bug]: macOS node mode can silently self-reconnect in a healthy direct gateway session.
      • ·**PR #90793** Fix OpenAI audio auth to use API keys.
      • ·**PR #90790** fix(codex): preserve completed replies after client close. Related #90771.
      • ·**PR #90820** fix(codex): report completion timeout diagnostics.
      • ·**PR #90845** fix(imessage): frame rpc stdout on LF only. Related #89830.
      • ·**PR #90813** fix(uninstall): refuse to remove current working directory during cleanup. Related #90806.
      • ·**PR #90336** fix(memory): fail fast when embeddings provider is unavailable. Related #89691.
      • ·**PR #90914** fix(talk): resolve realtime provider secret refs.
      • ·**PR #88771** fix(agents): stream phased text deltas incrementally.
      • ·**PR #87856** fix(agents): count streamed model deltas incrementally.
      • ·**PR #88882** test(gateway): add small model live profile.
      • ·**PR #90919** [codex] Add iOS Apple Review demo mode.
      • ·**PR #90954** fix(cron): require HTTP context for server_error retry classification. Related #90947.
      • ·**PR #90854** fix(build): copy export-html assets to dist/export-html matching runtime path (fixes #90843).
      • ·**PR #90922** docs: improve plugin inventory layout.
      • ·**PR #89652** fix(plugins): load owning plugin for configured memory embedding provider at startup. Related #89651.
      • ·**PR #90811** fix(agents): stabilize user-turn serialization across turns to preserve prompt cache. Related #90810.
      • ·**PR #90853** fix(imessage): send TTS audio as voice messages.
      • ·**PR #90995** fix(release): use monthly patch versions.
      • ·**PR #91030** fix: store device-pair notify state in sqlite.
      • ·**PR #91034** fix: store acpx process state in sqlite.
      • ·**PR #90849** feat(parallel): add free Parallel Search MCP as the zero-config default web_search provider.
      • ·**PR #91056** fix: store memory-core dreams state in sqlite.
      • ·**PR #89918** fix(vertex): route eu/us multi-region to .rep.googleapis.com host. Related #89891.
      • ·**PR #91058** fix(gemini): accept empty grounding metadata. Related #88528.
      • ·**PR #91072** refactor(memory-wiki): store source sync state in sqlite.
      • ·**PR #91073** fix(openrouter): reconcile streamed generation cost. Related #68066.
      • ·**PR #91032** docs(imessage): require DisableLibraryValidation on modern macOS; document macOS 26 injection gates.
      • ·**PR #87933** fix(agents): suppress DeepSeek thinking for Foundry aliases. Related #90520.
      • ·**PR #91037** fix(config): allow thinkingLevelMap in persisted model schema. Related #91011.
      • ·**PR #89832** fix(config): allow requiresReasoningContentOnAssistantMessages in ModelCompatSchema. Related #89660.
      • ·**PR #91088** refactor(matrix): store sync cache in sqlite.
      • ·**PR #90138** fix(minimax): exempt M3 from thinking-disabled wrapper.
      • ·**PR #91053** refactor: store Zalo hosted media in plugin state.
      • ·**PR #91098** fix(test): type overflow resolver mock.
      • ·**PR #81277** fix(google): handle compressed Vertex ADC token refresh responses.
      • ·**PR #91100** refactor(matrix): store crypto sidecars in sqlite.
      • ·**PR #90260** fix(agents): decode xai and venice tool-call arguments exactly once.
      • ·**PR #90593** fix: preserve LM Studio Responses tool arguments. Related #90585.
      • ·**PR #89109** fix(agents): block message-tool spam loops defeated by volatile message ids. Related #89090.
      • ·**PR #90429** Fix LM Studio wizard prompter binding.
      • ·**PR #90780** perf(qqbot): narrow tool discovery cold load.
      • ·**PR #90504** fix(codex): preserve post-tool reasoning liveness.
      • ·**PR #91113** fix: align Xiaomi completions replay compat. Related #91106.
      • ·**PR #91108** refactor(memory-wiki): store import runs in sqlite.
      • ·**PR #91118** fix: preserve Foundry Responses reasoning replay ids. Related #91033.
      • ·**PR #91125** fix: strip Google provider prefix from Gemini paths. Related #71932.
      • ·**PR #90056** fix(doctor): merge disjoint openai-codex model entries into canonical openai provider. Related #90047.
      • ·**PR #91127** refactor: store sandbox registry in sqlite.
      • ·**PR #91131** fix: migrate legacy agent registry schema via doctor.
      • ·**PR #91119** fix(outbound): keep Discord runtime adapters resolvable. Related #90162.
      • ·**PR #91128** fix(qqbot): migrate group tool policy config.
      • ·**PR #91133** refactor(plugin-sdk): persist dedupe state in sqlite.
      • ·**PR #90612** fix(agents): dispatch subagent spawn in process.
      • ·**PR #87323** fix(infra/agents): session-routing guard for coalesced gateway restart continuations (#86742).
      • ·**PR #91101** fix(inbound-meta): apply head+tail body truncation to ReplyChain and ReplyToBody JSON paths (fixes #91042).
      • ·**PR #91201** feat(ios): clarify talk realtime fallback.
      • ·**PR #91233** fix(agents): prevent ReDoS in background-session name derivation.
      • ·**PR #90798** fix(agents): materialize sandbox skills for rw sandboxes. Related #90410.
      • ·**PR #91248** fix: preserve live Ollama catalog metadata. Related #90315.
      • ·**PR #91041** fix(imessage): self-explaining private-API failures and dedicated send timeout.
      • ·**PR #90029** feat: add live provider model catalog helper.
      • ·**PR #90752** feat(android): add theme mode selection.
      • ·**PR #90261** fix: gate owner-only HTTP tools.
      • ·**PR #90022** fix(codex): quarantine unreadable dynamic tools.
      • ·**PR #88822** fix(agents): compact lean local tool catalogs.
      • ·**PR #89350** fix(agents): guard prompt cache tool names.
      • ·**PR #91241** fix(outbound): preserve retries for budget-deferred deliveries.
      • ·**PR #91124** fix(agents): do not refresh lastUsedAt on MCP lease release. Related #91075.
      • ·**PR #90858** fix(imessage): gate split-send coalescing on imsg metadata.
      • ·**PR #91235** fix(codex): preserve native subagent completion results. Related #91120.
      • ·**PR #91230** fix(cron): preserve isolated agent turn payload message. Related #91228.
      • ·**PR #90480** feat(whatsapp): expand live QA coverage.
      • ·**PR #89712** feat(cron): support command jobs.
      • ·**PR #90937** fix(gateway): preserve stale channel restart diagnostics. Related #90901.
      • ·**PR #91231** fix(anthropic): drop reasoning_content replay signatures. Related #91205.
      • ·**PR #90897** fix #90452: Regression: Heartbeat exec completion still shows generic fallback text instead of actual output.
      • ·**PR #91322** refactor: move session metadata to SQLite.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5.tgz
      • ·integrity: `sha512-sRgF0TexfRcJX8Eg0lcL6Jj0YdZbSxUbbp8EbG+qo3v6TtVayE6tKPEs3oCKD7YfYe2C/8Qg26HUxTnycd44ZQ==`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.5/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27225410843
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27224743194
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27221691660
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27225579557
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27225585158
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27226037857
      • ·npm Telegram beta E2E: not supplied
      v2026.6.5-beta.6pre-release2026-06-09

      openclaw 2026.6.5-beta.6

      GitHub ↗

      Highlights

      • ·**Safer channel output:** QQBot strips model reasoning and thinking scaffolding before native delivery, so users see the final answer rather than raw internal markup. (#89913, #90132)
      • ·**MCP results no longer poison sessions:** `resource_link`, audio, malformed images, and future non-text blocks are normalized before provider conversion, avoiding Anthropic 400s and broken follow-up history. (#90710, #90728)
      • ·**Anthropic extended thinking recovers after restarts:** prompt-cache expiry and early-signature failures wait for a real message start, so they reach the existing retry path rather than ending a turn. (#90667, #90697)
      • ·**Parallel web search is bundled:** API-key discovery, guarded endpoint handling, cache-safe session IDs, onboarding, and documentation make it a first-class search provider. (#85158)
      • ·**Better Matrix and Vertex reliability:** Matrix voice notes and threaded conversations retain their context, while Google Vertex ADC models regain static catalog and runtime resolution. (#78016, #90415, #90506, #90609)
      • ·**Safer upgrades and restarts:** cron JSON stores migrate before runtime, service env placeholders stop masking secrets, and macOS avoids unnecessary direct-Gateway reconnect churn. (#90072, #90208, #90668, #90815)

      Changes

      • ·Search/providers: add the Parallel bundled web-search plugin, registration contracts, onboarding integration, and guarded `api.parallel.ai/v1/search` support. (#85158)
      • ·Matrix/channels: add voice-message preflight and thread-aware read/reply behavior. (#78016, #90415)
      • ·Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478)
      • ·Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.
      • ·Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, while iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, and unavailable Talk controls reachable.
      • ·Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)
      • ·QQBot: add `/bot-group-allways on|off` slash command (with named-account and default-account support) to toggle whether group messages require an `@mention` before the bot replies, and clear the runtime config snapshot after the write so the new account-level `defaultRequireMention` takes effect immediately without restart. (#91423)

      Fixes

      • ·Agents: `sessions_send` now honors an explicit `sessionKey` when stale label metadata is also present, and denied session-id sends no longer echo the resolved canonical session key. Fixes #64699; refs #74009 and #41199
      • ·Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132)
      • ·Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728)
      • ·Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until `message_start`, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319)
      • ·Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702)
      • ·Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815)
      • ·TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123)
      • ·Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, service env planning skips unresolved placeholders that would mask state-dir `.env` values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #90277, #90488)
      • ·Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep malformed operational limits bounded and explicit. (#89732, #90145)
      • ·Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on `globalThis`; Feishu streaming cards preserve full merged content; voice-call tracks Twilio streams after connect; ClickClack reply tools respect `toolsAllow`. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500)
      • ·Feishu: retry transient send rate-limit errors (HTTP 429, per-chat code 230020, tenant-level code 11232) with linear backoff, including SDK responses that fulfill with rate-limit bodies instead of throwing, and route streaming-card sends through the retry wrapper. (#89659)
      • ·Memory: keep doctor REM harness previews aligned with live REM by dropping short-term recall snippets whose source files disappeared before rendering preview output.

      Complete contribution record

      • ·**PR #89102** refactor(auth): store auth profiles in SQLite.
      • ·**PR #90028** docs: clarify legacy openai-codex auth.
      • ·**PR #89600** Fix Workboard status persistence. Related #88592.
      • ·**PR #90067** fix(workboard): isolate stale lifecycle bulk patches.
      • ·**PR #88585** Pin official npm plugin install records.
      • ·**PR #90053** fix: hide Skill Workshop revision handoff from chat.
      • ·**PR #90123** fix(auto-reply): count message tool sends as delivery.
      • ·**PR #87965** fix(whatsapp): restart channel when a per-account config field changes so disabled accounts are torn down. Related #87951.
      • ·**PR #90145** fix: protect global agent config defaults [AI].
      • ·**PR #90147** Rate limit node pairing requests [AI].
      • ·**PR #89732** fix: guard MCP HTTP redirects [AI].
      • ·**PR #90181** fix(feishu): preserve streaming card content. Related #90164.
      • ·**PR #90058** fix(docker): qualify base image refs for podman short-name mode.
      • ·**PR #89488** fix: stabilize Anthropic cache marker through tool loops.
      • ·**PR #89505** fix(acp): re-add opt-in parent commentary progress. Related #89501.
      • ·**PR #90341** fix(acp): default parent commentary in progress mode.
      • ·**PR #90351** fix(message-tool): stabilize send idempotency keys.
      • ·**PR #90375** refactor: remove Feishu runtime dedupe JSON fallback.
      • ·**PR #90385** refactor: move MS Teams state migration to doctor.
      • ·**PR #90287** fix(ci): scope PR merge diff checks to first parent.
      • ·**PR #90436** Add NVIDIA Nemotron 3 Ultra default.
      • ·**PR #90205** fix: tolerate missing streamed response content type.
      • ·**PR #90163** fix(agents): strip stale compaction thinking signatures before Anthropic replay. Related #90108.
      • ·**PR #90486** fix(whastapp): bound connection startup waits.
      • ·**PR #90488** fix service env placeholder collection.
      • ·**PR #90478** feat: install GitHub-backed ClawHub skills.
      • ·**PR #90304** feat(memory): support qmd query rerank toggle. Related #61834.
      • ·**PR #90532** Fix main CI guard drift.
      • ·**PR #90534** fix(mattermost): anchor slash state on globalThis (#68113).
      • ·**PR #89502** feat(googlechat): add native approval cards.
      • ·**PR #90317** Add Codex multi-agent config migration coverage.
      • ·**PR #90319** Add Codex session route migration coverage.
      • ·**PR #90132** fix(qqbot): sanitize outbound text to strip reasoning/thinking content. Related #89913.
      • ·**PR #89874** fix(agents): detect unsigned thinking-only stall when reasoning payload inflates payloadCount. Related #89787.
      • ·**PR #90594** fix(android): align provider readiness with available models.
      • ·**PR #90576** fix(sessions): reconcile stale terminal main transcripts. Related #60542.
      • ·**PR #90405** Fix ClickClack toolsAllow reply dispatch.
      • ·**PR #90415** feat(matrix): handle voice preflight and threads. Related #78016.
      • ·**PR #90208** fix(cron): auto-migrate legacy cron store. Related #90072.
      • ·**PR #85791** fix(gateway): dedupe probe warnings by gateway identity.
      • ·**PR #90632** fix(context-engine): forward isHeartbeat to afterTurn (fixes #89302).
      • ·**PR #90250** docs: prefer web_fetch in weather skill.
      • ·**PR #85158** feat(parallel): add Parallel as a bundled web_search provider.
      • ·**PR #86205** fix(tui): stabilize optimistic user messages across history reloads, runId reassignment, and abort.
      • ·**PR #86483** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #90601** chore(deps): bump the actions group across 1 directory with 4 updates.
      • ·**PR #81757** chore(deps): bump github.com/apple/swift-testing from 6.3.1 to 6.3.2 in /apps/swabble in the swift-deps group across 1 directory.
      • ·**PR #86481** chore(deps): bump the android-deps group across 1 directory with 9 updates.
      • ·**PR #74980** build(deps): bump docker/login-action from 3.6.0 to 4.1.0.
      • ·**PR #90717** fix(agents): re-probe single-provider primary during cooldown. Related #90702.
      • ·**PR #90609** fix(google): preserve Vertex ADC catalog auth. Related #90506.
      • ·**PR #90775** fix: refresh prompt fence after compaction writes. Related #90729.
      • ·**PR #90027** test(codex): pin completion-idle timeout thread reset.
      • ·**PR #89566** fix(telegram): suppress post-final tool error noise.
      • ·**PR #90607** fix(voice-call): track Twilio streams after connect. Related #81122.
      • ·**PR #90728** fix(agents): coerce non-text/image MCP tool-result blocks to text (fixes #90710).
      • ·**PR #90697** fix(llm): defer Anthropic stream start event until after message_start. Related #90667.
      • ·**PR #90816** fix(memory): resolve adapter default model in plain status identity check. Related #90413.
      • ·**PR #90815** fix #90668: [Bug]: macOS node mode can silently self-reconnect in a healthy direct gateway session.
      • ·**PR #90793** Fix OpenAI audio auth to use API keys.
      • ·**PR #90790** fix(codex): preserve completed replies after client close. Related #90771.
      • ·**PR #90820** fix(codex): report completion timeout diagnostics.
      • ·**PR #90845** fix(imessage): frame rpc stdout on LF only. Related #89830.
      • ·**PR #90813** fix(uninstall): refuse to remove current working directory during cleanup. Related #90806.
      • ·**PR #90336** fix(memory): fail fast when embeddings provider is unavailable. Related #89691.
      • ·**PR #90914** fix(talk): resolve realtime provider secret refs.
      • ·**PR #88771** fix(agents): stream phased text deltas incrementally.
      • ·**PR #87856** fix(agents): count streamed model deltas incrementally.
      • ·**PR #88882** test(gateway): add small model live profile.
      • ·**PR #90919** [codex] Add iOS Apple Review demo mode.
      • ·**PR #90954** fix(cron): require HTTP context for server_error retry classification. Related #90947.
      • ·**PR #90854** fix(build): copy export-html assets to dist/export-html matching runtime path (fixes #90843).
      • ·**PR #90922** docs: improve plugin inventory layout.
      • ·**PR #89652** fix(plugins): load owning plugin for configured memory embedding provider at startup. Related #89651.
      • ·**PR #90811** fix(agents): stabilize user-turn serialization across turns to preserve prompt cache. Related #90810.
      • ·**PR #90853** fix(imessage): send TTS audio as voice messages.
      • ·**PR #90995** fix(release): use monthly patch versions.
      • ·**PR #91030** fix: store device-pair notify state in sqlite.
      • ·**PR #91034** fix: store acpx process state in sqlite.
      • ·**PR #90849** feat(parallel): add free Parallel Search MCP as the zero-config default web_search provider.
      • ·**PR #91056** fix: store memory-core dreams state in sqlite.
      • ·**PR #89918** fix(vertex): route eu/us multi-region to .rep.googleapis.com host. Related #89891.
      • ·**PR #91058** fix(gemini): accept empty grounding metadata. Related #88528.
      • ·**PR #91072** refactor(memory-wiki): store source sync state in sqlite.
      • ·**PR #91073** fix(openrouter): reconcile streamed generation cost. Related #68066.
      • ·**PR #91032** docs(imessage): require DisableLibraryValidation on modern macOS; document macOS 26 injection gates.
      • ·**PR #87933** fix(agents): suppress DeepSeek thinking for Foundry aliases. Related #90520.
      • ·**PR #91037** fix(config): allow thinkingLevelMap in persisted model schema. Related #91011.
      • ·**PR #89832** fix(config): allow requiresReasoningContentOnAssistantMessages in ModelCompatSchema. Related #89660.
      • ·**PR #91088** refactor(matrix): store sync cache in sqlite.
      • ·**PR #90138** fix(minimax): exempt M3 from thinking-disabled wrapper.
      • ·**PR #91053** refactor: store Zalo hosted media in plugin state.
      • ·**PR #91098** fix(test): type overflow resolver mock.
      • ·**PR #81277** fix(google): handle compressed Vertex ADC token refresh responses.
      • ·**PR #91100** refactor(matrix): store crypto sidecars in sqlite.
      • ·**PR #90260** fix(agents): decode xai and venice tool-call arguments exactly once.
      • ·**PR #90593** fix: preserve LM Studio Responses tool arguments. Related #90585.
      • ·**PR #89109** fix(agents): block message-tool spam loops defeated by volatile message ids. Related #89090.
      • ·**PR #90429** Fix LM Studio wizard prompter binding.
      • ·**PR #90780** perf(qqbot): narrow tool discovery cold load.
      • ·**PR #90504** fix(codex): preserve post-tool reasoning liveness.
      • ·**PR #91113** fix: align Xiaomi completions replay compat. Related #91106.
      • ·**PR #91108** refactor(memory-wiki): store import runs in sqlite.
      • ·**PR #91118** fix: preserve Foundry Responses reasoning replay ids. Related #91033.
      • ·**PR #91125** fix: strip Google provider prefix from Gemini paths. Related #71932.
      • ·**PR #90056** fix(doctor): merge disjoint openai-codex model entries into canonical openai provider. Related #90047.
      • ·**PR #91127** refactor: store sandbox registry in sqlite.
      • ·**PR #91131** fix: migrate legacy agent registry schema via doctor.
      • ·**PR #91119** fix(outbound): keep Discord runtime adapters resolvable. Related #90162.
      • ·**PR #91128** fix(qqbot): migrate group tool policy config.
      • ·**PR #91133** refactor(plugin-sdk): persist dedupe state in sqlite.
      • ·**PR #90612** fix(agents): dispatch subagent spawn in process.
      • ·**PR #87323** fix(infra/agents): session-routing guard for coalesced gateway restart continuations (#86742).
      • ·**PR #91101** fix(inbound-meta): apply head+tail body truncation to ReplyChain and ReplyToBody JSON paths (fixes #91042).
      • ·**PR #91201** feat(ios): clarify talk realtime fallback.
      • ·**PR #91233** fix(agents): prevent ReDoS in background-session name derivation.
      • ·**PR #90798** fix(agents): materialize sandbox skills for rw sandboxes. Related #90410.
      • ·**PR #91248** fix: preserve live Ollama catalog metadata. Related #90315.
      • ·**PR #91041** fix(imessage): self-explaining private-API failures and dedicated send timeout.
      • ·**PR #90029** feat: add live provider model catalog helper.
      • ·**PR #90752** feat(android): add theme mode selection.
      • ·**PR #90261** fix: gate owner-only HTTP tools.
      • ·**PR #90022** fix(codex): quarantine unreadable dynamic tools.
      • ·**PR #88822** fix(agents): compact lean local tool catalogs.
      • ·**PR #89350** fix(agents): guard prompt cache tool names.
      • ·**PR #91241** fix(outbound): preserve retries for budget-deferred deliveries.
      • ·**PR #91124** fix(agents): do not refresh lastUsedAt on MCP lease release. Related #91075.
      • ·**PR #90858** fix(imessage): gate split-send coalescing on imsg metadata.
      • ·**PR #91235** fix(codex): preserve native subagent completion results. Related #91120.
      • ·**PR #91230** fix(cron): preserve isolated agent turn payload message. Related #91228.
      • ·**PR #90480** feat(whatsapp): expand live QA coverage.
      • ·**PR #89712** feat(cron): support command jobs.
      • ·**PR #90937** fix(gateway): preserve stale channel restart diagnostics. Related #90901.
      • ·**PR #91231** fix(anthropic): drop reasoning_content replay signatures. Related #91205.
      • ·**PR #90897** fix #90452: Regression: Heartbeat exec completion still shows generic fallback text instead of actual output.
      • ·**PR #91322** refactor: move session metadata to SQLite.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5-beta.6
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.6.tgz
      • ·integrity: `sha512-jwz9IP/LbR6qgS5SUTpgeBArNf2eIM+8jc7LCEMAMQznsznjml/7IrsxBn2S89XieEX6BEhGVtjspOOJt0jVXg==`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.5-beta.6/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27193326577
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27191457144
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27191453479
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27193511392
      • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/27193515101
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27193906215
      • ·npm Telegram beta E2E: not supplied
      v2026.6.5-beta.5pre-release2026-06-08

      openclaw 2026.6.5-beta.5

      GitHub ↗

      Highlights

      • ·**Safer channel output:** QQBot strips model reasoning and thinking scaffolding before native delivery, so users see the final answer rather than raw internal markup. (#89913, #90132)
      • ·**MCP results no longer poison sessions:** `resource_link`, audio, malformed images, and future non-text blocks are normalized before provider conversion, avoiding Anthropic 400s and broken follow-up history. (#90710, #90728)
      • ·**Anthropic extended thinking recovers after restarts:** prompt-cache expiry and early-signature failures wait for a real message start, so they reach the existing retry path rather than ending a turn. (#90667, #90697)
      • ·**Parallel web search is bundled:** API-key discovery, guarded endpoint handling, cache-safe session IDs, onboarding, and documentation make it a first-class search provider. (#85158)
      • ·**Better Matrix and Vertex reliability:** Matrix voice notes and threaded conversations retain their context, while Google Vertex ADC models regain static catalog and runtime resolution. (#78016, #90415, #90506, #90609)
      • ·**Safer upgrades and restarts:** cron JSON stores migrate before runtime, service env placeholders stop masking secrets, and macOS avoids unnecessary direct-Gateway reconnect churn. (#90072, #90208, #90668, #90815)

      Changes

      • ·Search/providers: add the Parallel bundled web-search plugin, registration contracts, onboarding integration, and guarded `api.parallel.ai/v1/search` support. (#85158)
      • ·Matrix/channels: add voice-message preflight and thread-aware read/reply behavior. (#78016, #90415)
      • ·Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478)
      • ·Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.
      • ·Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, while iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, and unavailable Talk controls reachable.
      • ·Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)
      • ·QQBot: add `/bot-group-allways on|off` slash command (with named-account and default-account support) to toggle whether group messages require an `@mention` before the bot replies, and clear the runtime config snapshot after the write so the new account-level `defaultRequireMention` takes effect immediately without restart. (#91423)

      Fixes

      • ·Agents: `sessions_send` now honors an explicit `sessionKey` when stale label metadata is also present, and denied session-id sends no longer echo the resolved canonical session key. Fixes #64699; refs #74009 and #41199
      • ·Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132)
      • ·Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728)
      • ·Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until `message_start`, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319)
      • ·Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702)
      • ·Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815)
      • ·TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123)
      • ·Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, service env planning skips unresolved placeholders that would mask state-dir `.env` values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #90277, #90488)
      • ·Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep malformed operational limits bounded and explicit. (#89732, #90145)
      • ·Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on `globalThis`; Feishu streaming cards preserve full merged content; voice-call tracks Twilio streams after connect; ClickClack reply tools respect `toolsAllow`. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500)
      • ·Feishu: retry transient send rate-limit errors (HTTP 429, per-chat code 230020, tenant-level code 11232) with linear backoff, including SDK responses that fulfill with rate-limit bodies instead of throwing, and route streaming-card sends through the retry wrapper. (#89659)
      • ·Memory: keep doctor REM harness previews aligned with live REM by dropping short-term recall snippets whose source files disappeared before rendering preview output.

      Complete contribution record

      • ·**PR #89102** refactor(auth): store auth profiles in SQLite.
      • ·**PR #90028** docs: clarify legacy openai-codex auth.
      • ·**PR #89600** Fix Workboard status persistence. Related #88592.
      • ·**PR #90067** fix(workboard): isolate stale lifecycle bulk patches.
      • ·**PR #88585** Pin official npm plugin install records.
      • ·**PR #90053** fix: hide Skill Workshop revision handoff from chat.
      • ·**PR #90123** fix(auto-reply): count message tool sends as delivery.
      • ·**PR #87965** fix(whatsapp): restart channel when a per-account config field changes so disabled accounts are torn down. Related #87951.
      • ·**PR #90145** fix: protect global agent config defaults [AI].
      • ·**PR #90147** Rate limit node pairing requests [AI].
      • ·**PR #89732** fix: guard MCP HTTP redirects [AI].
      • ·**PR #90181** fix(feishu): preserve streaming card content. Related #90164.
      • ·**PR #90058** fix(docker): qualify base image refs for podman short-name mode.
      • ·**PR #89488** fix: stabilize Anthropic cache marker through tool loops.
      • ·**PR #89505** fix(acp): re-add opt-in parent commentary progress. Related #89501.
      • ·**PR #90341** fix(acp): default parent commentary in progress mode.
      • ·**PR #90351** fix(message-tool): stabilize send idempotency keys.
      • ·**PR #90375** refactor: remove Feishu runtime dedupe JSON fallback.
      • ·**PR #90385** refactor: move MS Teams state migration to doctor.
      • ·**PR #90287** fix(ci): scope PR merge diff checks to first parent.
      • ·**PR #90436** Add NVIDIA Nemotron 3 Ultra default.
      • ·**PR #90205** fix: tolerate missing streamed response content type.
      • ·**PR #90163** fix(agents): strip stale compaction thinking signatures before Anthropic replay. Related #90108.
      • ·**PR #90486** fix(whastapp): bound connection startup waits.
      • ·**PR #90488** fix service env placeholder collection.
      • ·**PR #90478** feat: install GitHub-backed ClawHub skills.
      • ·**PR #90304** feat(memory): support qmd query rerank toggle. Related #61834.
      • ·**PR #90532** Fix main CI guard drift.
      • ·**PR #90534** fix(mattermost): anchor slash state on globalThis (#68113).
      • ·**PR #89502** feat(googlechat): add native approval cards.
      • ·**PR #90317** Add Codex multi-agent config migration coverage.
      • ·**PR #90319** Add Codex session route migration coverage.
      • ·**PR #90132** fix(qqbot): sanitize outbound text to strip reasoning/thinking content. Related #89913.
      • ·**PR #89874** fix(agents): detect unsigned thinking-only stall when reasoning payload inflates payloadCount. Related #89787.
      • ·**PR #90594** fix(android): align provider readiness with available models.
      • ·**PR #90576** fix(sessions): reconcile stale terminal main transcripts. Related #60542.
      • ·**PR #90405** Fix ClickClack toolsAllow reply dispatch.
      • ·**PR #90415** feat(matrix): handle voice preflight and threads. Related #78016.
      • ·**PR #90208** fix(cron): auto-migrate legacy cron store. Related #90072.
      • ·**PR #85791** fix(gateway): dedupe probe warnings by gateway identity.
      • ·**PR #90632** fix(context-engine): forward isHeartbeat to afterTurn (fixes #89302).
      • ·**PR #90250** docs: prefer web_fetch in weather skill.
      • ·**PR #85158** feat(parallel): add Parallel as a bundled web_search provider.
      • ·**PR #86205** fix(tui): stabilize optimistic user messages across history reloads, runId reassignment, and abort.
      • ·**PR #86483** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #90601** chore(deps): bump the actions group across 1 directory with 4 updates.
      • ·**PR #81757** chore(deps): bump github.com/apple/swift-testing from 6.3.1 to 6.3.2 in /apps/swabble in the swift-deps group across 1 directory.
      • ·**PR #86481** chore(deps): bump the android-deps group across 1 directory with 9 updates.
      • ·**PR #74980** build(deps): bump docker/login-action from 3.6.0 to 4.1.0.
      • ·**PR #90717** fix(agents): re-probe single-provider primary during cooldown. Related #90702.
      • ·**PR #90609** fix(google): preserve Vertex ADC catalog auth. Related #90506.
      • ·**PR #90775** fix: refresh prompt fence after compaction writes. Related #90729.
      • ·**PR #90027** test(codex): pin completion-idle timeout thread reset.
      • ·**PR #89566** fix(telegram): suppress post-final tool error noise.
      • ·**PR #90607** fix(voice-call): track Twilio streams after connect. Related #81122.
      • ·**PR #90728** fix(agents): coerce non-text/image MCP tool-result blocks to text (fixes #90710).
      • ·**PR #90697** fix(llm): defer Anthropic stream start event until after message_start. Related #90667.
      • ·**PR #90816** fix(memory): resolve adapter default model in plain status identity check. Related #90413.
      • ·**PR #90815** fix #90668: [Bug]: macOS node mode can silently self-reconnect in a healthy direct gateway session.
      • ·**PR #90793** Fix OpenAI audio auth to use API keys.
      • ·**PR #90790** fix(codex): preserve completed replies after client close. Related #90771.
      • ·**PR #90820** fix(codex): report completion timeout diagnostics.
      • ·**PR #90845** fix(imessage): frame rpc stdout on LF only. Related #89830.
      • ·**PR #90813** fix(uninstall): refuse to remove current working directory during cleanup. Related #90806.
      • ·**PR #90336** fix(memory): fail fast when embeddings provider is unavailable. Related #89691.
      • ·**PR #90914** fix(talk): resolve realtime provider secret refs.
      • ·**PR #88771** fix(agents): stream phased text deltas incrementally.
      • ·**PR #87856** fix(agents): count streamed model deltas incrementally.
      • ·**PR #88882** test(gateway): add small model live profile.
      • ·**PR #90919** [codex] Add iOS Apple Review demo mode.
      • ·**PR #90954** fix(cron): require HTTP context for server_error retry classification. Related #90947.
      • ·**PR #90854** fix(build): copy export-html assets to dist/export-html matching runtime path (fixes #90843).
      • ·**PR #90922** docs: improve plugin inventory layout.
      • ·**PR #89652** fix(plugins): load owning plugin for configured memory embedding provider at startup. Related #89651.
      • ·**PR #90811** fix(agents): stabilize user-turn serialization across turns to preserve prompt cache. Related #90810.
      • ·**PR #90853** fix(imessage): send TTS audio as voice messages.
      • ·**PR #90995** fix(release): use monthly patch versions.
      • ·**PR #91030** fix: store device-pair notify state in sqlite.
      • ·**PR #91034** fix: store acpx process state in sqlite.
      • ·**PR #90849** feat(parallel): add free Parallel Search MCP as the zero-config default web_search provider.
      • ·**PR #91056** fix: store memory-core dreams state in sqlite.
      • ·**PR #89918** fix(vertex): route eu/us multi-region to .rep.googleapis.com host. Related #89891.
      • ·**PR #91058** fix(gemini): accept empty grounding metadata. Related #88528.
      • ·**PR #91072** refactor(memory-wiki): store source sync state in sqlite.
      • ·**PR #91073** fix(openrouter): reconcile streamed generation cost. Related #68066.
      • ·**PR #91032** docs(imessage): require DisableLibraryValidation on modern macOS; document macOS 26 injection gates.
      • ·**PR #87933** fix(agents): suppress DeepSeek thinking for Foundry aliases. Related #90520.
      • ·**PR #91037** fix(config): allow thinkingLevelMap in persisted model schema. Related #91011.
      • ·**PR #89832** fix(config): allow requiresReasoningContentOnAssistantMessages in ModelCompatSchema. Related #89660.
      • ·**PR #91088** refactor(matrix): store sync cache in sqlite.
      • ·**PR #90138** fix(minimax): exempt M3 from thinking-disabled wrapper.
      • ·**PR #91053** refactor: store Zalo hosted media in plugin state.
      • ·**PR #91098** fix(test): type overflow resolver mock.
      • ·**PR #81277** fix(google): handle compressed Vertex ADC token refresh responses.
      • ·**PR #91100** refactor(matrix): store crypto sidecars in sqlite.
      • ·**PR #90260** fix(agents): decode xai and venice tool-call arguments exactly once.
      • ·**PR #90593** fix: preserve LM Studio Responses tool arguments. Related #90585.
      • ·**PR #89109** fix(agents): block message-tool spam loops defeated by volatile message ids. Related #89090.
      • ·**PR #90429** Fix LM Studio wizard prompter binding.
      • ·**PR #90780** perf(qqbot): narrow tool discovery cold load.
      • ·**PR #90504** fix(codex): preserve post-tool reasoning liveness.
      • ·**PR #91113** fix: align Xiaomi completions replay compat. Related #91106.
      • ·**PR #91108** refactor(memory-wiki): store import runs in sqlite.
      • ·**PR #91118** fix: preserve Foundry Responses reasoning replay ids. Related #91033.
      • ·**PR #91125** fix: strip Google provider prefix from Gemini paths. Related #71932.
      • ·**PR #90056** fix(doctor): merge disjoint openai-codex model entries into canonical openai provider. Related #90047.
      • ·**PR #91127** refactor: store sandbox registry in sqlite.
      • ·**PR #91131** fix: migrate legacy agent registry schema via doctor.
      • ·**PR #91119** fix(outbound): keep Discord runtime adapters resolvable. Related #90162.
      • ·**PR #91128** fix(qqbot): migrate group tool policy config.
      • ·**PR #91133** refactor(plugin-sdk): persist dedupe state in sqlite.
      • ·**PR #90612** fix(agents): dispatch subagent spawn in process.
      • ·**PR #87323** fix(infra/agents): session-routing guard for coalesced gateway restart continuations (#86742).
      • ·**PR #91101** fix(inbound-meta): apply head+tail body truncation to ReplyChain and ReplyToBody JSON paths (fixes #91042).
      • ·**PR #91201** feat(ios): clarify talk realtime fallback.
      • ·**PR #91233** fix(agents): prevent ReDoS in background-session name derivation.
      • ·**PR #90798** fix(agents): materialize sandbox skills for rw sandboxes. Related #90410.
      • ·**PR #91248** fix: preserve live Ollama catalog metadata. Related #90315.
      • ·**PR #91041** fix(imessage): self-explaining private-API failures and dedicated send timeout.
      • ·**PR #90029** feat: add live provider model catalog helper.
      • ·**PR #90752** feat(android): add theme mode selection.
      • ·**PR #90261** fix: gate owner-only HTTP tools.
      • ·**PR #90022** fix(codex): quarantine unreadable dynamic tools.
      • ·**PR #88822** fix(agents): compact lean local tool catalogs.
      • ·**PR #89350** fix(agents): guard prompt cache tool names.
      • ·**PR #91241** fix(outbound): preserve retries for budget-deferred deliveries.
      • ·**PR #91124** fix(agents): do not refresh lastUsedAt on MCP lease release. Related #91075.
      • ·**PR #90858** fix(imessage): gate split-send coalescing on imsg metadata.
      • ·**PR #91235** fix(codex): preserve native subagent completion results. Related #91120.
      • ·**PR #91230** fix(cron): preserve isolated agent turn payload message. Related #91228.
      • ·**PR #90480** feat(whatsapp): expand live QA coverage.
      • ·**PR #89712** feat(cron): support command jobs.
      • ·**PR #90937** fix(gateway): preserve stale channel restart diagnostics. Related #90901.
      • ·**PR #91231** fix(anthropic): drop reasoning_content replay signatures. Related #91205.
      • ·**PR #90897** fix #90452: Regression: Heartbeat exec completion still shows generic fallback text instead of actual output.
      • ·**PR #91322** refactor: move session metadata to SQLite.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5-beta.5
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.5.tgz
      • ·integrity: `sha512-xyh5/CLaxdm9Zh2VBnmS2wxYR6kcqIrMFXNTWklJbVHSmmkLy7HRH6Rnw0cm4pRUXOvh3WQUDJgOqQOjjxG6PQ==`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.5-beta.5/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27171268701
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27169704715
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27169706642
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27171395546
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27171399026
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27171782461
      • ·npm Telegram beta E2E: not supplied
      v2026.6.5-beta.3pre-release2026-06-08

      OpenClaw 2026.6.5-beta.3

      GitHub ↗

      Highlights

      • ·**Safer channel output:** QQBot strips model reasoning and thinking scaffolding before native delivery, so users see the final answer rather than raw internal markup. (#89913, #90132)
      • ·**MCP results no longer poison sessions:** `resource_link`, audio, malformed images, and future non-text blocks are normalized before provider conversion, avoiding Anthropic 400s and broken follow-up history. (#90710, #90728)
      • ·**Anthropic extended thinking recovers after restarts:** prompt-cache expiry and early-signature failures wait for a real message start, so they reach the existing retry path rather than ending a turn. (#90667, #90697)
      • ·**Parallel web search is bundled:** API-key discovery, guarded endpoint handling, cache-safe session IDs, onboarding, and documentation make it a first-class search provider. (#85158)
      • ·**Better Matrix and Vertex reliability:** Matrix voice notes and threaded conversations retain their context, while Google Vertex ADC models regain static catalog and runtime resolution. (#78016, #90415, #90506, #90609)
      • ·**Safer upgrades and restarts:** cron JSON stores migrate before runtime, service env placeholders stop masking secrets, and macOS avoids unnecessary direct-Gateway reconnect churn. (#90072, #90208, #90668, #90815)

      Changes

      • ·Search/providers: add the Parallel bundled web-search plugin, registration contracts, onboarding integration, and guarded `api.parallel.ai/v1/search` support. (#85158)
      • ·Matrix/channels: add voice-message preflight and thread-aware read/reply behavior. (#78016, #90415)
      • ·Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478)
      • ·Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.
      • ·Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, while iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, and unavailable Talk controls reachable.
      • ·Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)
      • ·QQBot: add `/bot-group-allways on|off` slash command (with named-account and default-account support) to toggle whether group messages require an `@mention` before the bot replies, and clear the runtime config snapshot after the write so the new account-level `defaultRequireMention` takes effect immediately without restart. (#91423)

      Fixes

      • ·Agents: `sessions_send` now honors an explicit `sessionKey` when stale label metadata is also present, and denied session-id sends no longer echo the resolved canonical session key. Fixes #64699; refs #74009 and #41199
      • ·Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132)
      • ·Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728)
      • ·Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until `message_start`, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319)
      • ·Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702)
      • ·Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815)
      • ·TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123)
      • ·Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, service env planning skips unresolved placeholders that would mask state-dir `.env` values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #90277, #90488)
      • ·Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep malformed operational limits bounded and explicit. (#89732, #90145)
      • ·Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on `globalThis`; Feishu streaming cards preserve full merged content; voice-call tracks Twilio streams after connect; ClickClack reply tools respect `toolsAllow`. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500)
      • ·Feishu: retry transient send rate-limit errors (HTTP 429, per-chat code 230020, tenant-level code 11232) with linear backoff, including SDK responses that fulfill with rate-limit bodies instead of throwing, and route streaming-card sends through the retry wrapper. (#89659)
      • ·Memory: keep doctor REM harness previews aligned with live REM by dropping short-term recall snippets whose source files disappeared before rendering preview output.

      Complete contribution record

      • ·**PR #89102** refactor(auth): store auth profiles in SQLite.
      • ·**PR #90028** docs: clarify legacy openai-codex auth.
      • ·**PR #89600** Fix Workboard status persistence. Related #88592.
      • ·**PR #90067** fix(workboard): isolate stale lifecycle bulk patches.
      • ·**PR #88585** Pin official npm plugin install records.
      • ·**PR #90053** fix: hide Skill Workshop revision handoff from chat.
      • ·**PR #90123** fix(auto-reply): count message tool sends as delivery.
      • ·**PR #87965** fix(whatsapp): restart channel when a per-account config field changes so disabled accounts are torn down. Related #87951.
      • ·**PR #90145** fix: protect global agent config defaults [AI].
      • ·**PR #90147** Rate limit node pairing requests [AI].
      • ·**PR #89732** fix: guard MCP HTTP redirects [AI].
      • ·**PR #90181** fix(feishu): preserve streaming card content. Related #90164.
      • ·**PR #90058** fix(docker): qualify base image refs for podman short-name mode.
      • ·**PR #89488** fix: stabilize Anthropic cache marker through tool loops.
      • ·**PR #89505** fix(acp): re-add opt-in parent commentary progress. Related #89501.
      • ·**PR #90341** fix(acp): default parent commentary in progress mode.
      • ·**PR #90351** fix(message-tool): stabilize send idempotency keys.
      • ·**PR #90375** refactor: remove Feishu runtime dedupe JSON fallback.
      • ·**PR #90385** refactor: move MS Teams state migration to doctor.
      • ·**PR #90287** fix(ci): scope PR merge diff checks to first parent.
      • ·**PR #90436** Add NVIDIA Nemotron 3 Ultra default.
      • ·**PR #90205** fix: tolerate missing streamed response content type.
      • ·**PR #90163** fix(agents): strip stale compaction thinking signatures before Anthropic replay. Related #90108.
      • ·**PR #90486** fix(whastapp): bound connection startup waits.
      • ·**PR #90488** fix service env placeholder collection.
      • ·**PR #90478** feat: install GitHub-backed ClawHub skills.
      • ·**PR #90304** feat(memory): support qmd query rerank toggle. Related #61834.
      • ·**PR #90532** Fix main CI guard drift.
      • ·**PR #90534** fix(mattermost): anchor slash state on globalThis (#68113).
      • ·**PR #89502** feat(googlechat): add native approval cards.
      • ·**PR #90317** Add Codex multi-agent config migration coverage.
      • ·**PR #90319** Add Codex session route migration coverage.
      • ·**PR #90132** fix(qqbot): sanitize outbound text to strip reasoning/thinking content. Related #89913.
      • ·**PR #89874** fix(agents): detect unsigned thinking-only stall when reasoning payload inflates payloadCount. Related #89787.
      • ·**PR #90594** fix(android): align provider readiness with available models.
      • ·**PR #90576** fix(sessions): reconcile stale terminal main transcripts. Related #60542.
      • ·**PR #90405** Fix ClickClack toolsAllow reply dispatch.
      • ·**PR #90415** feat(matrix): handle voice preflight and threads. Related #78016.
      • ·**PR #90208** fix(cron): auto-migrate legacy cron store. Related #90072.
      • ·**PR #85791** fix(gateway): dedupe probe warnings by gateway identity.
      • ·**PR #90632** fix(context-engine): forward isHeartbeat to afterTurn (fixes #89302).
      • ·**PR #90250** docs: prefer web_fetch in weather skill.
      • ·**PR #85158** feat(parallel): add Parallel as a bundled web_search provider.
      • ·**PR #86205** fix(tui): stabilize optimistic user messages across history reloads, runId reassignment, and abort.
      • ·**PR #86483** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #90601** chore(deps): bump the actions group across 1 directory with 4 updates.
      • ·**PR #81757** chore(deps): bump github.com/apple/swift-testing from 6.3.1 to 6.3.2 in /apps/swabble in the swift-deps group across 1 directory.
      • ·**PR #86481** chore(deps): bump the android-deps group across 1 directory with 9 updates.
      • ·**PR #74980** build(deps): bump docker/login-action from 3.6.0 to 4.1.0.
      • ·**PR #90717** fix(agents): re-probe single-provider primary during cooldown. Related #90702.
      • ·**PR #90609** fix(google): preserve Vertex ADC catalog auth. Related #90506.
      • ·**PR #90775** fix: refresh prompt fence after compaction writes. Related #90729.
      • ·**PR #90027** test(codex): pin completion-idle timeout thread reset.
      • ·**PR #89566** fix(telegram): suppress post-final tool error noise.
      • ·**PR #90607** fix(voice-call): track Twilio streams after connect. Related #81122.
      • ·**PR #90728** fix(agents): coerce non-text/image MCP tool-result blocks to text (fixes #90710).
      • ·**PR #90697** fix(llm): defer Anthropic stream start event until after message_start. Related #90667.
      • ·**PR #90816** fix(memory): resolve adapter default model in plain status identity check. Related #90413.
      • ·**PR #90815** fix #90668: [Bug]: macOS node mode can silently self-reconnect in a healthy direct gateway session.
      • ·**PR #90793** Fix OpenAI audio auth to use API keys.
      • ·**PR #90790** fix(codex): preserve completed replies after client close. Related #90771.
      • ·**PR #90820** fix(codex): report completion timeout diagnostics.
      • ·**PR #90845** fix(imessage): frame rpc stdout on LF only. Related #89830.
      • ·**PR #90813** fix(uninstall): refuse to remove current working directory during cleanup. Related #90806.
      • ·**PR #90336** fix(memory): fail fast when embeddings provider is unavailable. Related #89691.
      • ·**PR #90914** fix(talk): resolve realtime provider secret refs.
      • ·**PR #88771** fix(agents): stream phased text deltas incrementally.
      • ·**PR #87856** fix(agents): count streamed model deltas incrementally.
      • ·**PR #88882** test(gateway): add small model live profile.
      • ·**PR #90919** [codex] Add iOS Apple Review demo mode.
      • ·**PR #90954** fix(cron): require HTTP context for server_error retry classification. Related #90947.
      • ·**PR #90854** fix(build): copy export-html assets to dist/export-html matching runtime path (fixes #90843).
      • ·**PR #90922** docs: improve plugin inventory layout.
      • ·**PR #89652** fix(plugins): load owning plugin for configured memory embedding provider at startup. Related #89651.
      • ·**PR #90811** fix(agents): stabilize user-turn serialization across turns to preserve prompt cache. Related #90810.
      • ·**PR #90853** fix(imessage): send TTS audio as voice messages.
      • ·**PR #90995** fix(release): use monthly patch versions.
      • ·**PR #91030** fix: store device-pair notify state in sqlite.
      • ·**PR #91034** fix: store acpx process state in sqlite.
      • ·**PR #90849** feat(parallel): add free Parallel Search MCP as the zero-config default web_search provider.
      • ·**PR #91056** fix: store memory-core dreams state in sqlite.
      • ·**PR #89918** fix(vertex): route eu/us multi-region to .rep.googleapis.com host. Related #89891.
      • ·**PR #91058** fix(gemini): accept empty grounding metadata. Related #88528.
      • ·**PR #91072** refactor(memory-wiki): store source sync state in sqlite.
      • ·**PR #91073** fix(openrouter): reconcile streamed generation cost. Related #68066.
      • ·**PR #91032** docs(imessage): require DisableLibraryValidation on modern macOS; document macOS 26 injection gates.
      • ·**PR #87933** fix(agents): suppress DeepSeek thinking for Foundry aliases. Related #90520.
      • ·**PR #91037** fix(config): allow thinkingLevelMap in persisted model schema. Related #91011.
      • ·**PR #89832** fix(config): allow requiresReasoningContentOnAssistantMessages in ModelCompatSchema. Related #89660.
      • ·**PR #91088** refactor(matrix): store sync cache in sqlite.
      • ·**PR #90138** fix(minimax): exempt M3 from thinking-disabled wrapper.
      • ·**PR #91053** refactor: store Zalo hosted media in plugin state.
      • ·**PR #91098** fix(test): type overflow resolver mock.
      • ·**PR #81277** fix(google): handle compressed Vertex ADC token refresh responses.
      • ·**PR #91100** refactor(matrix): store crypto sidecars in sqlite.
      • ·**PR #90260** fix(agents): decode xai and venice tool-call arguments exactly once.
      • ·**PR #90593** fix: preserve LM Studio Responses tool arguments. Related #90585.
      • ·**PR #89109** fix(agents): block message-tool spam loops defeated by volatile message ids. Related #89090.
      • ·**PR #90429** Fix LM Studio wizard prompter binding.
      • ·**PR #90780** perf(qqbot): narrow tool discovery cold load.
      • ·**PR #90504** fix(codex): preserve post-tool reasoning liveness.
      • ·**PR #91113** fix: align Xiaomi completions replay compat. Related #91106.
      • ·**PR #91108** refactor(memory-wiki): store import runs in sqlite.
      • ·**PR #91118** fix: preserve Foundry Responses reasoning replay ids. Related #91033.
      • ·**PR #91125** fix: strip Google provider prefix from Gemini paths. Related #71932.
      • ·**PR #90056** fix(doctor): merge disjoint openai-codex model entries into canonical openai provider. Related #90047.
      • ·**PR #91127** refactor: store sandbox registry in sqlite.
      • ·**PR #91131** fix: migrate legacy agent registry schema via doctor.
      • ·**PR #91119** fix(outbound): keep Discord runtime adapters resolvable. Related #90162.
      • ·**PR #91128** fix(qqbot): migrate group tool policy config.
      • ·**PR #91133** refactor(plugin-sdk): persist dedupe state in sqlite.
      • ·**PR #90612** fix(agents): dispatch subagent spawn in process.
      • ·**PR #87323** fix(infra/agents): session-routing guard for coalesced gateway restart continuations (#86742).
      • ·**PR #91101** fix(inbound-meta): apply head+tail body truncation to ReplyChain and ReplyToBody JSON paths (fixes #91042).
      • ·**PR #91201** feat(ios): clarify talk realtime fallback.
      • ·**PR #91233** fix(agents): prevent ReDoS in background-session name derivation.
      • ·**PR #90798** fix(agents): materialize sandbox skills for rw sandboxes. Related #90410.
      • ·**PR #91248** fix: preserve live Ollama catalog metadata. Related #90315.
      • ·**PR #91041** fix(imessage): self-explaining private-API failures and dedicated send timeout.
      • ·**PR #90029** feat: add live provider model catalog helper.
      • ·**PR #90752** feat(android): add theme mode selection.
      • ·**PR #90261** fix: gate owner-only HTTP tools.
      • ·**PR #90022** fix(codex): quarantine unreadable dynamic tools.
      • ·**PR #88822** fix(agents): compact lean local tool catalogs.
      • ·**PR #89350** fix(agents): guard prompt cache tool names.
      • ·**PR #91241** fix(outbound): preserve retries for budget-deferred deliveries.
      • ·**PR #91124** fix(agents): do not refresh lastUsedAt on MCP lease release. Related #91075.
      • ·**PR #90858** fix(imessage): gate split-send coalescing on imsg metadata.
      • ·**PR #91235** fix(codex): preserve native subagent completion results. Related #91120.
      • ·**PR #91230** fix(cron): preserve isolated agent turn payload message. Related #91228.
      • ·**PR #90480** feat(whatsapp): expand live QA coverage.
      • ·**PR #89712** feat(cron): support command jobs.
      • ·**PR #90937** fix(gateway): preserve stale channel restart diagnostics. Related #90901.
      • ·**PR #91231** fix(anthropic): drop reasoning_content replay signatures. Related #91205.
      • ·**PR #90897** fix #90452: Regression: Heartbeat exec completion still shows generic fallback text instead of actual output.
      • ·**PR #91322** refactor: move session metadata to SQLite.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.

      Release verification

      • ·npm package: `openclaw@2026.6.5-beta.3` on dist-tag `beta`.
      • ·npm tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.3.tgz
      • ·npm integrity: `sha512-OUmv5kb3nEa9DZsnF4dVhwKlSApzr7KNgN+PCO7U5pbEQBlemAyLEgZDruiKmmoS6wlPjq73+PdD9i9c5zihOA==`
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27165128882
      • ·Docker release: https://github.com/openclaw/openclaw/actions/runs/27165128944
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27165128963
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27167497019
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27168216099
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27167084540
      • ·release publish wrapper recovery: https://github.com/openclaw/openclaw/actions/runs/27167309611 was cancelled after its rerun hit the already-published npm guard; release proof was completed from the successful beta.3 publish runs above.
      • ·postpublish verification: passed with OpenClaw npm, plugin npm, and ClawHub included; evidence assets are attached to this release.
      v2026.6.5-beta.2pre-release2026-06-07

      openclaw 2026.6.5-beta.2

      GitHub ↗

      Highlights

      • ·**Safer channel output:** QQBot strips model reasoning and thinking scaffolding before native delivery, so users see the final answer rather than raw internal markup. (#89913, #90132)
      • ·**MCP results no longer poison sessions:** `resource_link`, audio, malformed images, and future non-text blocks are normalized before provider conversion, avoiding Anthropic 400s and broken follow-up history. (#90710, #90728)
      • ·**Anthropic extended thinking recovers after restarts:** prompt-cache expiry and early-signature failures wait for a real message start, so they reach the existing retry path rather than ending a turn. (#90667, #90697)
      • ·**Parallel web search is bundled:** API-key discovery, guarded endpoint handling, cache-safe session IDs, onboarding, and documentation make it a first-class search provider. (#85158)
      • ·**Better Matrix and Vertex reliability:** Matrix voice notes and threaded conversations retain their context, while Google Vertex ADC models regain static catalog and runtime resolution. (#78016, #90415, #90506, #90609)
      • ·**Safer upgrades and restarts:** cron JSON stores migrate before runtime, service env placeholders stop masking secrets, and macOS avoids unnecessary direct-Gateway reconnect churn. (#90072, #90208, #90668, #90815)

      Changes

      • ·Search/providers: add the Parallel bundled web-search plugin, registration contracts, onboarding integration, and guarded `api.parallel.ai/v1/search` support. (#85158)
      • ·Matrix/channels: add voice-message preflight and thread-aware read/reply behavior. (#78016, #90415)
      • ·Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478)
      • ·Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.
      • ·Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, while iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, and unavailable Talk controls reachable.
      • ·Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)
      • ·QQBot: add `/bot-group-allways on|off` slash command (with named-account and default-account support) to toggle whether group messages require an `@mention` before the bot replies, and clear the runtime config snapshot after the write so the new account-level `defaultRequireMention` takes effect immediately without restart. (#91423)

      Fixes

      • ·Agents: `sessions_send` now honors an explicit `sessionKey` when stale label metadata is also present, and denied session-id sends no longer echo the resolved canonical session key. Fixes #64699; refs #74009 and #41199
      • ·Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132)
      • ·Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728)
      • ·Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until `message_start`, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319)
      • ·Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702)
      • ·Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815)
      • ·TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123)
      • ·Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, service env planning skips unresolved placeholders that would mask state-dir `.env` values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #90277, #90488)
      • ·Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep malformed operational limits bounded and explicit. (#89732, #90145)
      • ·Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on `globalThis`; Feishu streaming cards preserve full merged content; voice-call tracks Twilio streams after connect; ClickClack reply tools respect `toolsAllow`. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500)
      • ·Feishu: retry transient send rate-limit errors (HTTP 429, per-chat code 230020, tenant-level code 11232) with linear backoff, including SDK responses that fulfill with rate-limit bodies instead of throwing, and route streaming-card sends through the retry wrapper. (#89659)
      • ·Memory: keep doctor REM harness previews aligned with live REM by dropping short-term recall snippets whose source files disappeared before rendering preview output.

      Complete contribution record

      • ·**PR #89102** refactor(auth): store auth profiles in SQLite.
      • ·**PR #90028** docs: clarify legacy openai-codex auth.
      • ·**PR #89600** Fix Workboard status persistence. Related #88592.
      • ·**PR #90067** fix(workboard): isolate stale lifecycle bulk patches.
      • ·**PR #88585** Pin official npm plugin install records.
      • ·**PR #90053** fix: hide Skill Workshop revision handoff from chat.
      • ·**PR #90123** fix(auto-reply): count message tool sends as delivery.
      • ·**PR #87965** fix(whatsapp): restart channel when a per-account config field changes so disabled accounts are torn down. Related #87951.
      • ·**PR #90145** fix: protect global agent config defaults [AI].
      • ·**PR #90147** Rate limit node pairing requests [AI].
      • ·**PR #89732** fix: guard MCP HTTP redirects [AI].
      • ·**PR #90181** fix(feishu): preserve streaming card content. Related #90164.
      • ·**PR #90058** fix(docker): qualify base image refs for podman short-name mode.
      • ·**PR #89488** fix: stabilize Anthropic cache marker through tool loops.
      • ·**PR #89505** fix(acp): re-add opt-in parent commentary progress. Related #89501.
      • ·**PR #90341** fix(acp): default parent commentary in progress mode.
      • ·**PR #90351** fix(message-tool): stabilize send idempotency keys.
      • ·**PR #90375** refactor: remove Feishu runtime dedupe JSON fallback.
      • ·**PR #90385** refactor: move MS Teams state migration to doctor.
      • ·**PR #90287** fix(ci): scope PR merge diff checks to first parent.
      • ·**PR #90436** Add NVIDIA Nemotron 3 Ultra default.
      • ·**PR #90205** fix: tolerate missing streamed response content type.
      • ·**PR #90163** fix(agents): strip stale compaction thinking signatures before Anthropic replay. Related #90108.
      • ·**PR #90486** fix(whastapp): bound connection startup waits.
      • ·**PR #90488** fix service env placeholder collection.
      • ·**PR #90478** feat: install GitHub-backed ClawHub skills.
      • ·**PR #90304** feat(memory): support qmd query rerank toggle. Related #61834.
      • ·**PR #90532** Fix main CI guard drift.
      • ·**PR #90534** fix(mattermost): anchor slash state on globalThis (#68113).
      • ·**PR #89502** feat(googlechat): add native approval cards.
      • ·**PR #90317** Add Codex multi-agent config migration coverage.
      • ·**PR #90319** Add Codex session route migration coverage.
      • ·**PR #90132** fix(qqbot): sanitize outbound text to strip reasoning/thinking content. Related #89913.
      • ·**PR #89874** fix(agents): detect unsigned thinking-only stall when reasoning payload inflates payloadCount. Related #89787.
      • ·**PR #90594** fix(android): align provider readiness with available models.
      • ·**PR #90576** fix(sessions): reconcile stale terminal main transcripts. Related #60542.
      • ·**PR #90405** Fix ClickClack toolsAllow reply dispatch.
      • ·**PR #90415** feat(matrix): handle voice preflight and threads. Related #78016.
      • ·**PR #90208** fix(cron): auto-migrate legacy cron store. Related #90072.
      • ·**PR #85791** fix(gateway): dedupe probe warnings by gateway identity.
      • ·**PR #90632** fix(context-engine): forward isHeartbeat to afterTurn (fixes #89302).
      • ·**PR #90250** docs: prefer web_fetch in weather skill.
      • ·**PR #85158** feat(parallel): add Parallel as a bundled web_search provider.
      • ·**PR #86205** fix(tui): stabilize optimistic user messages across history reloads, runId reassignment, and abort.
      • ·**PR #86483** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #90601** chore(deps): bump the actions group across 1 directory with 4 updates.
      • ·**PR #81757** chore(deps): bump github.com/apple/swift-testing from 6.3.1 to 6.3.2 in /apps/swabble in the swift-deps group across 1 directory.
      • ·**PR #86481** chore(deps): bump the android-deps group across 1 directory with 9 updates.
      • ·**PR #74980** build(deps): bump docker/login-action from 3.6.0 to 4.1.0.
      • ·**PR #90717** fix(agents): re-probe single-provider primary during cooldown. Related #90702.
      • ·**PR #90609** fix(google): preserve Vertex ADC catalog auth. Related #90506.
      • ·**PR #90775** fix: refresh prompt fence after compaction writes. Related #90729.
      • ·**PR #90027** test(codex): pin completion-idle timeout thread reset.
      • ·**PR #89566** fix(telegram): suppress post-final tool error noise.
      • ·**PR #90607** fix(voice-call): track Twilio streams after connect. Related #81122.
      • ·**PR #90728** fix(agents): coerce non-text/image MCP tool-result blocks to text (fixes #90710).
      • ·**PR #90697** fix(llm): defer Anthropic stream start event until after message_start. Related #90667.
      • ·**PR #90816** fix(memory): resolve adapter default model in plain status identity check. Related #90413.
      • ·**PR #90815** fix #90668: [Bug]: macOS node mode can silently self-reconnect in a healthy direct gateway session.
      • ·**PR #90793** Fix OpenAI audio auth to use API keys.
      • ·**PR #90790** fix(codex): preserve completed replies after client close. Related #90771.
      • ·**PR #90820** fix(codex): report completion timeout diagnostics.
      • ·**PR #90845** fix(imessage): frame rpc stdout on LF only. Related #89830.
      • ·**PR #90813** fix(uninstall): refuse to remove current working directory during cleanup. Related #90806.
      • ·**PR #90336** fix(memory): fail fast when embeddings provider is unavailable. Related #89691.
      • ·**PR #90914** fix(talk): resolve realtime provider secret refs.
      • ·**PR #88771** fix(agents): stream phased text deltas incrementally.
      • ·**PR #87856** fix(agents): count streamed model deltas incrementally.
      • ·**PR #88882** test(gateway): add small model live profile.
      • ·**PR #90919** [codex] Add iOS Apple Review demo mode.
      • ·**PR #90954** fix(cron): require HTTP context for server_error retry classification. Related #90947.
      • ·**PR #90854** fix(build): copy export-html assets to dist/export-html matching runtime path (fixes #90843).
      • ·**PR #90922** docs: improve plugin inventory layout.
      • ·**PR #89652** fix(plugins): load owning plugin for configured memory embedding provider at startup. Related #89651.
      • ·**PR #90811** fix(agents): stabilize user-turn serialization across turns to preserve prompt cache. Related #90810.
      • ·**PR #90853** fix(imessage): send TTS audio as voice messages.
      • ·**PR #90995** fix(release): use monthly patch versions.
      • ·**PR #91030** fix: store device-pair notify state in sqlite.
      • ·**PR #91034** fix: store acpx process state in sqlite.
      • ·**PR #90849** feat(parallel): add free Parallel Search MCP as the zero-config default web_search provider.
      • ·**PR #91056** fix: store memory-core dreams state in sqlite.
      • ·**PR #89918** fix(vertex): route eu/us multi-region to .rep.googleapis.com host. Related #89891.
      • ·**PR #91058** fix(gemini): accept empty grounding metadata. Related #88528.
      • ·**PR #91072** refactor(memory-wiki): store source sync state in sqlite.
      • ·**PR #91073** fix(openrouter): reconcile streamed generation cost. Related #68066.
      • ·**PR #91032** docs(imessage): require DisableLibraryValidation on modern macOS; document macOS 26 injection gates.
      • ·**PR #87933** fix(agents): suppress DeepSeek thinking for Foundry aliases. Related #90520.
      • ·**PR #91037** fix(config): allow thinkingLevelMap in persisted model schema. Related #91011.
      • ·**PR #89832** fix(config): allow requiresReasoningContentOnAssistantMessages in ModelCompatSchema. Related #89660.
      • ·**PR #91088** refactor(matrix): store sync cache in sqlite.
      • ·**PR #90138** fix(minimax): exempt M3 from thinking-disabled wrapper.
      • ·**PR #91053** refactor: store Zalo hosted media in plugin state.
      • ·**PR #91098** fix(test): type overflow resolver mock.
      • ·**PR #81277** fix(google): handle compressed Vertex ADC token refresh responses.
      • ·**PR #91100** refactor(matrix): store crypto sidecars in sqlite.
      • ·**PR #90260** fix(agents): decode xai and venice tool-call arguments exactly once.
      • ·**PR #90593** fix: preserve LM Studio Responses tool arguments. Related #90585.
      • ·**PR #89109** fix(agents): block message-tool spam loops defeated by volatile message ids. Related #89090.
      • ·**PR #90429** Fix LM Studio wizard prompter binding.
      • ·**PR #90780** perf(qqbot): narrow tool discovery cold load.
      • ·**PR #90504** fix(codex): preserve post-tool reasoning liveness.
      • ·**PR #91113** fix: align Xiaomi completions replay compat. Related #91106.
      • ·**PR #91108** refactor(memory-wiki): store import runs in sqlite.
      • ·**PR #91118** fix: preserve Foundry Responses reasoning replay ids. Related #91033.
      • ·**PR #91125** fix: strip Google provider prefix from Gemini paths. Related #71932.
      • ·**PR #90056** fix(doctor): merge disjoint openai-codex model entries into canonical openai provider. Related #90047.
      • ·**PR #91127** refactor: store sandbox registry in sqlite.
      • ·**PR #91131** fix: migrate legacy agent registry schema via doctor.
      • ·**PR #91119** fix(outbound): keep Discord runtime adapters resolvable. Related #90162.
      • ·**PR #91128** fix(qqbot): migrate group tool policy config.
      • ·**PR #91133** refactor(plugin-sdk): persist dedupe state in sqlite.
      • ·**PR #90612** fix(agents): dispatch subagent spawn in process.
      • ·**PR #87323** fix(infra/agents): session-routing guard for coalesced gateway restart continuations (#86742).
      • ·**PR #91101** fix(inbound-meta): apply head+tail body truncation to ReplyChain and ReplyToBody JSON paths (fixes #91042).
      • ·**PR #91201** feat(ios): clarify talk realtime fallback.
      • ·**PR #91233** fix(agents): prevent ReDoS in background-session name derivation.
      • ·**PR #90798** fix(agents): materialize sandbox skills for rw sandboxes. Related #90410.
      • ·**PR #91248** fix: preserve live Ollama catalog metadata. Related #90315.
      • ·**PR #91041** fix(imessage): self-explaining private-API failures and dedicated send timeout.
      • ·**PR #90029** feat: add live provider model catalog helper.
      • ·**PR #90752** feat(android): add theme mode selection.
      • ·**PR #90261** fix: gate owner-only HTTP tools.
      • ·**PR #90022** fix(codex): quarantine unreadable dynamic tools.
      • ·**PR #88822** fix(agents): compact lean local tool catalogs.
      • ·**PR #89350** fix(agents): guard prompt cache tool names.
      • ·**PR #91241** fix(outbound): preserve retries for budget-deferred deliveries.
      • ·**PR #91124** fix(agents): do not refresh lastUsedAt on MCP lease release. Related #91075.
      • ·**PR #90858** fix(imessage): gate split-send coalescing on imsg metadata.
      • ·**PR #91235** fix(codex): preserve native subagent completion results. Related #91120.
      • ·**PR #91230** fix(cron): preserve isolated agent turn payload message. Related #91228.
      • ·**PR #90480** feat(whatsapp): expand live QA coverage.
      • ·**PR #89712** feat(cron): support command jobs.
      • ·**PR #90937** fix(gateway): preserve stale channel restart diagnostics. Related #90901.
      • ·**PR #91231** fix(anthropic): drop reasoning_content replay signatures. Related #91205.
      • ·**PR #90897** fix #90452: Regression: Heartbeat exec completion still shows generic fallback text instead of actual output.
      • ·**PR #91322** refactor: move session metadata to SQLite.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5-beta.2
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.2.tgz
      • ·integrity: `sha512-6Bmx2rlReO1MOEi9ehuhsVO59keQ1xQQ8/PvwbNq0CatJkNwyCX/MBlhWrscByYAmBl6JCOSr+cLejoDk1sDBA==`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.5-beta.2/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/27077488131
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27076839788
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27076840299
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27077565695
      • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/27077567167
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27077747897
      • ·npm Telegram beta E2E: not supplied
      v2026.6.5-beta.1pre-release2026-06-06

      openclaw 2026.6.5-beta.1

      GitHub ↗

      Highlights

      • ·**Safer channel output:** QQBot strips model reasoning and thinking scaffolding before native delivery, so users see the final answer rather than raw internal markup. (#89913, #90132)
      • ·**MCP results no longer poison sessions:** `resource_link`, audio, malformed images, and future non-text blocks are normalized before provider conversion, avoiding Anthropic 400s and broken follow-up history. (#90710, #90728)
      • ·**Anthropic extended thinking recovers after restarts:** prompt-cache expiry and early-signature failures wait for a real message start, so they reach the existing retry path rather than ending a turn. (#90667, #90697)
      • ·**Parallel web search is bundled:** API-key discovery, guarded endpoint handling, cache-safe session IDs, onboarding, and documentation make it a first-class search provider. (#85158)
      • ·**Better Matrix and Vertex reliability:** Matrix voice notes and threaded conversations retain their context, while Google Vertex ADC models regain static catalog and runtime resolution. (#78016, #90415, #90506, #90609)
      • ·**Safer upgrades and restarts:** cron JSON stores migrate before runtime, service env placeholders stop masking secrets, and macOS avoids unnecessary direct-Gateway reconnect churn. (#90072, #90208, #90668, #90815)

      Changes

      • ·Search/providers: add the Parallel bundled web-search plugin, registration contracts, onboarding integration, and guarded `api.parallel.ai/v1/search` support. (#85158)
      • ·Matrix/channels: add voice-message preflight and thread-aware read/reply behavior. (#78016, #90415)
      • ·Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478)
      • ·Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.
      • ·Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, while iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, and unavailable Talk controls reachable.
      • ·Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)
      • ·QQBot: add `/bot-group-allways on|off` slash command (with named-account and default-account support) to toggle whether group messages require an `@mention` before the bot replies, and clear the runtime config snapshot after the write so the new account-level `defaultRequireMention` takes effect immediately without restart. (#91423)

      Fixes

      • ·Agents: `sessions_send` now honors an explicit `sessionKey` when stale label metadata is also present, and denied session-id sends no longer echo the resolved canonical session key. Fixes #64699; refs #74009 and #41199
      • ·Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132)
      • ·Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728)
      • ·Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until `message_start`, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319)
      • ·Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702)
      • ·Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815)
      • ·TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123)
      • ·Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, service env planning skips unresolved placeholders that would mask state-dir `.env` values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #90277, #90488)
      • ·Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep malformed operational limits bounded and explicit. (#89732, #90145)
      • ·Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on `globalThis`; Feishu streaming cards preserve full merged content; voice-call tracks Twilio streams after connect; ClickClack reply tools respect `toolsAllow`. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500)
      • ·Feishu: retry transient send rate-limit errors (HTTP 429, per-chat code 230020, tenant-level code 11232) with linear backoff, including SDK responses that fulfill with rate-limit bodies instead of throwing, and route streaming-card sends through the retry wrapper. (#89659)
      • ·Memory: keep doctor REM harness previews aligned with live REM by dropping short-term recall snippets whose source files disappeared before rendering preview output.

      Complete contribution record

      • ·**PR #89102** refactor(auth): store auth profiles in SQLite.
      • ·**PR #90028** docs: clarify legacy openai-codex auth.
      • ·**PR #89600** Fix Workboard status persistence. Related #88592.
      • ·**PR #90067** fix(workboard): isolate stale lifecycle bulk patches.
      • ·**PR #88585** Pin official npm plugin install records.
      • ·**PR #90053** fix: hide Skill Workshop revision handoff from chat.
      • ·**PR #90123** fix(auto-reply): count message tool sends as delivery.
      • ·**PR #87965** fix(whatsapp): restart channel when a per-account config field changes so disabled accounts are torn down. Related #87951.
      • ·**PR #90145** fix: protect global agent config defaults [AI].
      • ·**PR #90147** Rate limit node pairing requests [AI].
      • ·**PR #89732** fix: guard MCP HTTP redirects [AI].
      • ·**PR #90181** fix(feishu): preserve streaming card content. Related #90164.
      • ·**PR #90058** fix(docker): qualify base image refs for podman short-name mode.
      • ·**PR #89488** fix: stabilize Anthropic cache marker through tool loops.
      • ·**PR #89505** fix(acp): re-add opt-in parent commentary progress. Related #89501.
      • ·**PR #90341** fix(acp): default parent commentary in progress mode.
      • ·**PR #90351** fix(message-tool): stabilize send idempotency keys.
      • ·**PR #90375** refactor: remove Feishu runtime dedupe JSON fallback.
      • ·**PR #90385** refactor: move MS Teams state migration to doctor.
      • ·**PR #90287** fix(ci): scope PR merge diff checks to first parent.
      • ·**PR #90436** Add NVIDIA Nemotron 3 Ultra default.
      • ·**PR #90205** fix: tolerate missing streamed response content type.
      • ·**PR #90163** fix(agents): strip stale compaction thinking signatures before Anthropic replay. Related #90108.
      • ·**PR #90486** fix(whastapp): bound connection startup waits.
      • ·**PR #90488** fix service env placeholder collection.
      • ·**PR #90478** feat: install GitHub-backed ClawHub skills.
      • ·**PR #90304** feat(memory): support qmd query rerank toggle. Related #61834.
      • ·**PR #90532** Fix main CI guard drift.
      • ·**PR #90534** fix(mattermost): anchor slash state on globalThis (#68113).
      • ·**PR #89502** feat(googlechat): add native approval cards.
      • ·**PR #90317** Add Codex multi-agent config migration coverage.
      • ·**PR #90319** Add Codex session route migration coverage.
      • ·**PR #90132** fix(qqbot): sanitize outbound text to strip reasoning/thinking content. Related #89913.
      • ·**PR #89874** fix(agents): detect unsigned thinking-only stall when reasoning payload inflates payloadCount. Related #89787.
      • ·**PR #90594** fix(android): align provider readiness with available models.
      • ·**PR #90576** fix(sessions): reconcile stale terminal main transcripts. Related #60542.
      • ·**PR #90405** Fix ClickClack toolsAllow reply dispatch.
      • ·**PR #90415** feat(matrix): handle voice preflight and threads. Related #78016.
      • ·**PR #90208** fix(cron): auto-migrate legacy cron store. Related #90072.
      • ·**PR #85791** fix(gateway): dedupe probe warnings by gateway identity.
      • ·**PR #90632** fix(context-engine): forward isHeartbeat to afterTurn (fixes #89302).
      • ·**PR #90250** docs: prefer web_fetch in weather skill.
      • ·**PR #85158** feat(parallel): add Parallel as a bundled web_search provider.
      • ·**PR #86205** fix(tui): stabilize optimistic user messages across history reloads, runId reassignment, and abort.
      • ·**PR #86483** chore(deps): bump the swift-deps group across 1 directory with 3 updates.
      • ·**PR #90601** chore(deps): bump the actions group across 1 directory with 4 updates.
      • ·**PR #81757** chore(deps): bump github.com/apple/swift-testing from 6.3.1 to 6.3.2 in /apps/swabble in the swift-deps group across 1 directory.
      • ·**PR #86481** chore(deps): bump the android-deps group across 1 directory with 9 updates.
      • ·**PR #74980** build(deps): bump docker/login-action from 3.6.0 to 4.1.0.
      • ·**PR #90717** fix(agents): re-probe single-provider primary during cooldown. Related #90702.
      • ·**PR #90609** fix(google): preserve Vertex ADC catalog auth. Related #90506.
      • ·**PR #90775** fix: refresh prompt fence after compaction writes. Related #90729.
      • ·**PR #90027** test(codex): pin completion-idle timeout thread reset.
      • ·**PR #89566** fix(telegram): suppress post-final tool error noise.
      • ·**PR #90607** fix(voice-call): track Twilio streams after connect. Related #81122.
      • ·**PR #90728** fix(agents): coerce non-text/image MCP tool-result blocks to text (fixes #90710).
      • ·**PR #90697** fix(llm): defer Anthropic stream start event until after message_start. Related #90667.
      • ·**PR #90816** fix(memory): resolve adapter default model in plain status identity check. Related #90413.
      • ·**PR #90815** fix #90668: [Bug]: macOS node mode can silently self-reconnect in a healthy direct gateway session.
      • ·**PR #90793** Fix OpenAI audio auth to use API keys.
      • ·**PR #90790** fix(codex): preserve completed replies after client close. Related #90771.
      • ·**PR #90820** fix(codex): report completion timeout diagnostics.
      • ·**PR #90845** fix(imessage): frame rpc stdout on LF only. Related #89830.
      • ·**PR #90813** fix(uninstall): refuse to remove current working directory during cleanup. Related #90806.
      • ·**PR #90336** fix(memory): fail fast when embeddings provider is unavailable. Related #89691.
      • ·**PR #90914** fix(talk): resolve realtime provider secret refs.
      • ·**PR #88771** fix(agents): stream phased text deltas incrementally.
      • ·**PR #87856** fix(agents): count streamed model deltas incrementally.
      • ·**PR #88882** test(gateway): add small model live profile.
      • ·**PR #90919** [codex] Add iOS Apple Review demo mode.
      • ·**PR #90954** fix(cron): require HTTP context for server_error retry classification. Related #90947.
      • ·**PR #90854** fix(build): copy export-html assets to dist/export-html matching runtime path (fixes #90843).
      • ·**PR #90922** docs: improve plugin inventory layout.
      • ·**PR #89652** fix(plugins): load owning plugin for configured memory embedding provider at startup. Related #89651.
      • ·**PR #90811** fix(agents): stabilize user-turn serialization across turns to preserve prompt cache. Related #90810.
      • ·**PR #90853** fix(imessage): send TTS audio as voice messages.
      • ·**PR #90995** fix(release): use monthly patch versions.
      • ·**PR #91030** fix: store device-pair notify state in sqlite.
      • ·**PR #91034** fix: store acpx process state in sqlite.
      • ·**PR #90849** feat(parallel): add free Parallel Search MCP as the zero-config default web_search provider.
      • ·**PR #91056** fix: store memory-core dreams state in sqlite.
      • ·**PR #89918** fix(vertex): route eu/us multi-region to .rep.googleapis.com host. Related #89891.
      • ·**PR #91058** fix(gemini): accept empty grounding metadata. Related #88528.
      • ·**PR #91072** refactor(memory-wiki): store source sync state in sqlite.
      • ·**PR #91073** fix(openrouter): reconcile streamed generation cost. Related #68066.
      • ·**PR #91032** docs(imessage): require DisableLibraryValidation on modern macOS; document macOS 26 injection gates.
      • ·**PR #87933** fix(agents): suppress DeepSeek thinking for Foundry aliases. Related #90520.
      • ·**PR #91037** fix(config): allow thinkingLevelMap in persisted model schema. Related #91011.
      • ·**PR #89832** fix(config): allow requiresReasoningContentOnAssistantMessages in ModelCompatSchema. Related #89660.
      • ·**PR #91088** refactor(matrix): store sync cache in sqlite.
      • ·**PR #90138** fix(minimax): exempt M3 from thinking-disabled wrapper.
      • ·**PR #91053** refactor: store Zalo hosted media in plugin state.
      • ·**PR #91098** fix(test): type overflow resolver mock.
      • ·**PR #81277** fix(google): handle compressed Vertex ADC token refresh responses.
      • ·**PR #91100** refactor(matrix): store crypto sidecars in sqlite.
      • ·**PR #90260** fix(agents): decode xai and venice tool-call arguments exactly once.
      • ·**PR #90593** fix: preserve LM Studio Responses tool arguments. Related #90585.
      • ·**PR #89109** fix(agents): block message-tool spam loops defeated by volatile message ids. Related #89090.
      • ·**PR #90429** Fix LM Studio wizard prompter binding.
      • ·**PR #90780** perf(qqbot): narrow tool discovery cold load.
      • ·**PR #90504** fix(codex): preserve post-tool reasoning liveness.
      • ·**PR #91113** fix: align Xiaomi completions replay compat. Related #91106.
      • ·**PR #91108** refactor(memory-wiki): store import runs in sqlite.
      • ·**PR #91118** fix: preserve Foundry Responses reasoning replay ids. Related #91033.
      • ·**PR #91125** fix: strip Google provider prefix from Gemini paths. Related #71932.
      • ·**PR #90056** fix(doctor): merge disjoint openai-codex model entries into canonical openai provider. Related #90047.
      • ·**PR #91127** refactor: store sandbox registry in sqlite.
      • ·**PR #91131** fix: migrate legacy agent registry schema via doctor.
      • ·**PR #91119** fix(outbound): keep Discord runtime adapters resolvable. Related #90162.
      • ·**PR #91128** fix(qqbot): migrate group tool policy config.
      • ·**PR #91133** refactor(plugin-sdk): persist dedupe state in sqlite.
      • ·**PR #90612** fix(agents): dispatch subagent spawn in process.
      • ·**PR #87323** fix(infra/agents): session-routing guard for coalesced gateway restart continuations (#86742).
      • ·**PR #91101** fix(inbound-meta): apply head+tail body truncation to ReplyChain and ReplyToBody JSON paths (fixes #91042).
      • ·**PR #91201** feat(ios): clarify talk realtime fallback.
      • ·**PR #91233** fix(agents): prevent ReDoS in background-session name derivation.
      • ·**PR #90798** fix(agents): materialize sandbox skills for rw sandboxes. Related #90410.
      • ·**PR #91248** fix: preserve live Ollama catalog metadata. Related #90315.
      • ·**PR #91041** fix(imessage): self-explaining private-API failures and dedicated send timeout.
      • ·**PR #90029** feat: add live provider model catalog helper.
      • ·**PR #90752** feat(android): add theme mode selection.
      • ·**PR #90261** fix: gate owner-only HTTP tools.
      • ·**PR #90022** fix(codex): quarantine unreadable dynamic tools.
      • ·**PR #88822** fix(agents): compact lean local tool catalogs.
      • ·**PR #89350** fix(agents): guard prompt cache tool names.
      • ·**PR #91241** fix(outbound): preserve retries for budget-deferred deliveries.
      • ·**PR #91124** fix(agents): do not refresh lastUsedAt on MCP lease release. Related #91075.
      • ·**PR #90858** fix(imessage): gate split-send coalescing on imsg metadata.
      • ·**PR #91235** fix(codex): preserve native subagent completion results. Related #91120.
      • ·**PR #91230** fix(cron): preserve isolated agent turn payload message. Related #91228.
      • ·**PR #90480** feat(whatsapp): expand live QA coverage.
      • ·**PR #89712** feat(cron): support command jobs.
      • ·**PR #90937** fix(gateway): preserve stale channel restart diagnostics. Related #90901.
      • ·**PR #91231** fix(anthropic): drop reasoning_content replay signatures. Related #91205.
      • ·**PR #90897** fix #90452: Regression: Heartbeat exec completion still shows generic fallback text instead of actual output.
      • ·**PR #91322** refactor: move session metadata to SQLite.
      • ·**PR #91529** Fix transcript image redaction. Related #90760.
      • ·**PR #91551** Fix config.patch explicit array replacement.
      • ·**PR #85823** fix(whatsapp): route captured replies through successor controller after restart.
      • ·**PR #89659** fix(feishu): retry on send rate-limit errors (230020/230006). Related #70879.
      • ·**PR #91547** Fix Docker store seed target packages. Related #91035.
      • ·**PR #91423** feat(qqbot): add /bot-group-allways command to toggle mention requirement.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5-beta.1
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.1.tgz
      • ·integrity: `sha512-NIQkOJbBELJhfO7G4OUapoUqPX9KaOOCQirTSVudDRXiP4BlgKNOH6VxfXY9xl+v0bLszkpkNQgKiX+f/grxpw==`
      • ·GitHub release target: `e386e60025d992ff21f73b4dae68a58a0e8ca79e`
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/27051518776
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/27051518826
      • ·standalone performance: https://github.com/openclaw/openclaw/actions/runs/27051518773
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27057329829
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27057520224
      • ·release publish parent: https://github.com/openclaw/openclaw/actions/runs/27057243331 (npm and plugin npm published; parent timed out before ClawHub approval/proof append)
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27058679788
      • ·npm postpublish verifier: `node --import tsx scripts/openclaw-npm-postpublish-verify.ts 2026.6.5-beta.1` passed
      • ·published package smoke: `npm exec --yes --package openclaw@2026.6.5-beta.1 -- openclaw --version` returned `OpenClaw 2026.6.5-beta.1 (e386e60)`; `openclaw plugins --help` loaded
      • ·plugin registry check: 34 publishable plugin packages resolved at `2026.6.5-beta.1`
      • ·ClawHub live install proof: `openclaw plugins install clawhub:@openclaw/matrix@2026.6.5-beta.1 --pin` installed `matrix`
      • ·dependency evidence asset: `openclaw-2026.6.5-beta.1-dependency-evidence.zip`
      • ·macOS app preflight: https://github.com/openclaw/releases/actions/runs/27057695610
      • ·macOS app validation: https://github.com/openclaw/releases/actions/runs/27058583792
      • ·macOS app publish: https://github.com/openclaw/releases/actions/runs/27058730659
      • ·macOS release assets: `OpenClaw-2026.6.5-beta.1.zip`, `OpenClaw-2026.6.5-beta.1.dmg`, and `OpenClaw-2026.6.5-beta.1.dSYM.zip` uploaded; stable `appcast.xml` unchanged
      • ·Parallels install/update validation: blocked locally because provider keys are not available to this shell; 1Password CLI has configured accounts but is not signed in
      • ·npm Telegram beta E2E: not supplied
      v2026.6.2-beta.1pre-release2026-06-03

      openclaw 2026.6.2-beta.1

      GitHub ↗

      Highlights

      • ·**Governed plugin and skill installs:** the old dangerous-code scanner gives way to an operator install policy with clearer doctor, CLI, ClawHub, package, archive, source, upload, and marketplace recovery paths. (#89516)
      • ·**Safer channel delivery:** Telegram, Feishu, Discord, WhatsApp, and outbound sends now handle transcript mirroring, streamed finals, admin writeback, approval allowlists, poll modifiers, and setup state without corrupting delivery. (#88973, #89626, #89812, #89035, #89814, #89813, #89601)
      • ·**Steadier chat and operator UI:** visible stream text, completed sends, Workboard keyboard navigation, dialog accessibility, lazy usage views, and Android companion flows retain their state through normal interaction. (#89801, #89777)
      • ·**Stricter safety checks:** config, policy, shell snapshots, exec prechecks, script limits, and Gateway startup reject malformed or unsafe input before it becomes runtime state. (#89701, #87074, #81488, #87056, #89480)
      • ·**More reliable Gateway and model sessions:** session locks, abandoned Codex startup, ACP handoffs, custom-provider fanout, provider aliases, prompt caching, and memory checks recover without leaving a run wedged. (#89811, #89244)

      Changes

      • ·Plugins/security: replace dangerous-code scanner enforcement with operator install policy, install-policy context, doctor checks, install/update CLI wiring, ClawHub metadata paths, and package/archive/source/upload lifecycle coverage. (#89516)
      • ·Policy: add data-handling conformance checks and reject unsupported policy keys. (#87056, #87074)
      • ·Telegram/channels: show commentary and reasoning in progress drafts, share progress draft compositors across channel plugins, and keep Telegram polling stop/reset boundaries cheaper and more reliable.
      • ·UI/mobile: add Workboard keyboard movement controls, tighten Workboard card operations, and improve Android companion-first shell UX.

      Fixes

      • ·Channels/outbound: keep channel sends durable when transcript mirroring fails, stop schema-padded poll modifiers from blocking normal sends, preserve WebChat `sessions_send` handoffs, preserve Discord channel-label suppression while hiding internal agent failure traces, match Discord libopus error shapes, and sanitize Discord tool progress scaffolding. (#89626, #89812, #89601)
      • ·Telegram/Feishu: require admin rights for Telegram target writeback, keep Telegram DM exec approval allowlists working with `ask:off`, prevent Telegram preview duplication across streaming modes, isolate verbose status after streamed finals, cancel clean restart stop timers, slow polling restart storms, and wire Feishu setup runtime setters. (#88973, #89035, #89813, #89814)
      • ·Feishu: preserve full streaming card content by sending the merged text on each update instead of only the latest delta, so card readers see complete output when intermediate frames are missed. (#90181)
      • ·Chat/UI/Gateway: preserve visible chat stream text, clear stale stream buffers before terminal commits, reconcile completed sends, scroll pending sends into view, harden Workboard dialog accessibility, stabilize WebChat prompt-cache affinity, overlap chat catalog startup, render chat history incrementally, lazy-load usage dashboard, and report gateway health auth diagnostics. (#89337)
      • ·Agents/Codex/providers/models: release session write locks when prompt-release fence reads fail, retire abandoned Codex app-server startups, keep stream-to-parent ACP spawns registered, close Codex startup clients on timeout, recover bundled provider aliases, avoid custom-provider runtime fanout, preserve provider prompt-cache boundaries, forward Gemini stop sequences, and strip Kimi-incompatible Anthropic cache markers. (#89811)
      • ·Memory/build/update: warn after startup watcher pressure checks, externalize optional Baileys image backends, restore and pin Canvas A2UI compatibility assets, keep plugin repair fetch failures nonblocking, restore Skill Workshop view switching, and keep the current chat toggle active after awaited session switches. (#89244)
      • ·Plugins/auth: keep Hermes migration reports pointed at SQLite auth-profile stores.
      • ·Plugins/CLI: avoid importing the runtime plugin loader only to clear in-process caches after short-lived plugin install, enable, disable, update, and uninstall commands refresh registry metadata.
      • ·Security/config/tooling: reject corrupt shell snapshots, suspicious gateway startup configs, malformed numeric limits, oversized audit responses, unsafe exec precheck env, and invalid pending-agent SQLite scaffold denials. (#89701, #89705, #89480, #81488)

      Complete contribution record

      • ·**PR #88922** fix(google): forward stop sequences to Gemini generationConfig.
      • ·**PR #89460** fix(models): preserve provider prompt cache boundaries. Related #89386.
      • ·**PR #89478** fix: restore Skill Workshop view switcher.
      • ·**PR #76741** fix(kimi): strip anthropic cache markers. Related #76612.
      • ·**PR #89480** fix: recover suspicious gateway startup configs. Related #89331.
      • ·**PR #87056** Policy: add data handling conformance checks.
      • ·**PR #81488** Harden node exec approval precheck env [AI].
      • ·**PR #89356** Add accessible Workboard movement controls.
      • ·**PR #87074** fix(policy): reject unsupported policy keys.
      • ·**PR #89601** fix(outbound): stop schema-padded poll modifiers from blocking send.
      • ·**PR #88963** perf(telegram): avoid broad reset-boundary scan.
      • ·**PR #89125** Suppress internal agent failure traces before channel delivery.
      • ·**PR #89701** fix(exec): reject corrupt shell snapshots.
      • ·**PR #89705** fix: allowlist pending agent sqlite scaffold.
      • ·**PR #89704** Share channel progress draft compositor.
      • ·**PR #89708** perf(control-ui): coalesce chat metadata startup.
      • ·**PR #89337** fix: report gateway health auth diagnostics. Related #89711.
      • ·**PR #88685** Render dashboard chat history incrementally. Related #87345.
      • ·**PR #89740** fix(gateway): stabilize webchat prompt cache affinity. Related #89139.
      • ·**PR #89191** fix(webchat): show sessions_send handoffs as forwarded. Related #89161.
      • ·**PR #89723** fix(auto-reply): surface fatal channel errors.
      • ·**PR #89727** fix #87699: [Bug]: [BUG] UI shows agent "running" after conversation ends — requires manual page refresh every time.
      • ·**PR #88786** fix #71992: [Bug]: Control UI webchat duplicates every assistant reply on 2026.4.21 — regression from #5964/#39469.
      • ·**PR #89530** fix(ui): preserve visible chat stream text. Related #67035.
      • ·**PR #87072** feat(telegram): opt-in interleaved progress lane.
      • ·**PR #89771** perf(ui): start chat refresh before bootstrap.
      • ·**PR #89777** perf(ui): label delayed chat sends in telemetry.
      • ·**PR #89786** perf(gateway): overlap chat catalog startup.
      • ·**PR #89793** test(ui): cover control chat send timing phases.
      • ·**PR #89801** perf(ui): surface chat ACK server timing.
      • ·**PR #89355** Harden Workboard modal and drawer accessibility.
      • ·**PR #89802** docs(web): document chat ACK timing metadata.
      • ·**PR #89391** fix(android): improve companion-first shell UX.
      • ·**PR #89811** fix(agents): release session write lock if fence read throws on prompt release.
      • ·**PR #89808** perf(ui): trace chat send server milestones.
      • ·**PR #89813** fix(telegram): isolate verbose status after streamed finals. Related #89540.
      • ·**PR #89814** fix(feishu): wire setup runtime setter. Related #88024.
      • ·**PR #85961** fix #85807: retain Telegram preview after generation race.
      • ·**PR #89035** fix #88773: [Bug]: Telegram DM exec requires approval despite allowlist + ask:off — works in webchat, not in Telegram.
      • ·**PR #88634** fix(telegram): prevent preview duplication in partial and block streaming modes. Related #87624.
      • ·**PR #89812** fix(outbound): keep channel send durable when transcript mirror fails (#89626).
      • ·**PR #88973** fix(telegram): require admin for target writeback [AI].
      • ·**PR #89449** refactor(gateway): share duplicated test helpers.
      • ·**PR #88832** fix(telegram): slow polling restart storms.
      • ·**PR #89960** test(channels): fix guardrail regex lint.
      • ·**PR #89244** fix(memory): warn after startup watcher pressure check.
      • ·**PR #89516** Add operator install policy and remove dangerous-code install scanners.
      • ·**PR #90024** chore(release): update appcast for 2026.6.1.
      • ·**PR #89613** docs: document auth profile failure policy contract.
      • ·**PR #89548** fix(agents): classify read-only shell commands as non-mutating.
      • ·**PR #89939** fix: keep stream-to-parent spawns registered.
      • ·**PR #88964** fix(agents): repair context-engine tool-result pairing. Related #88561.
      • ·**PR #82219** fix(codex): accept first-party OpenAI plugin marketplaces (bundled and primary-runtime). Related #82216.
      • ·**PR #89998** revert(codex): revert first-party marketplace allowlist.
      • ·**PR #89176** fix(browser): honor tab timeout for Chrome MCP. Related #88213.
      • ·**PR #90043** fix: restore Skill Workshop current chat toggle.
      • ·**PR #81422** fix(update): surface plugin channel fallbacks.

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.2-beta.1
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.2-beta.1.tgz
      • ·integrity: sha512-0lugviNlRNrTTK3Az+aJ/1f9bu7lo1WHwqHO2lkW4GJIV5LT58XhpoXXL3TKzosqJjAjvW4JXJstrK6nhZwpHg==
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/26918960809
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/26918964585
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/26920144100
      • ·release checks: https://github.com/openclaw/openclaw/actions/runs/26919202085
      • ·CI: https://github.com/openclaw/openclaw/actions/runs/26919201946
      • ·plugin prerelease validation: https://github.com/openclaw/openclaw/actions/runs/26919202959
      • ·performance: https://github.com/openclaw/openclaw/actions/runs/26918932463
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/26920331316
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/26920332148 (workflow ended with pixverse already-published race; all expected ClawHub versions verified live)
      • ·published package smoke: `node --import tsx scripts/openclaw-npm-postpublish-verify.ts 2026.6.2-beta.1` passed
      • ·npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/26921311123
      v2026.6.12026-06-03

      openclaw 2026.6.1

      GitHub ↗

      Highlights

      • ·**Resilient agent and Codex runs:** interrupted tool calls, stale session bindings, compaction handoffs, auth-profile failover, reasoning-tag cleanup, yielded subagents, and generated-media delivery all recover without leaving work stranded. (#85798, #87484, #88182, #89220)
      • ·**Reliable channel and mobile delivery:** WhatsApp, iMessage, Discord state, QQBot, and iOS Talk now preserve replies, typing, session state, QR-login recovery, and realtime connections across normal restart and transport failure paths. (#88183, #88866, #88948, #89015, #88231)
      • ·**Faster Control UI chat:** startup, local drafts, incremental stream rendering, transcript caching, first connect, and post-send cleanup no longer compete with the active conversation. (#88952, #88960, #88998, #89030, #89106)
      • ·**Governed skills and plugins:** Skill Workshop proposals, disabled-skill snapshots, support-file approvals, plugin contracts, and external package boundaries are clearer and safer for operators. (#79173, #82326, #89336)
      • ·**Richer operator coordination:** Workboard goals, task-backed runs, and SQLite-backed plugin state make multi-agent work and installed-plugin discovery survive reloads cleanly. (#87469, #88794)
      • ·**More dependable providers:** Google defaults, provider IDs, model catalogs, OAuth/device-code flows, media timers, and reasoning output now stay valid across hosted and local runtimes. (#88512, #88781, #89343, #89379, #89400)

      Changes

      • ·Skills: let the `skill_workshop` agent tool apply, reject, and quarantine explicit proposals through the guarded review flow.
      • ·Skills: let proposals carry approved support files under standard skill folders, with scanner, hash, and rollback safeguards.
      • ·Skills: let pending proposals be revised in place with versioned, dated proposal frontmatter before approval.
      • ·Skills: add Skill Workshop with pending proposals, CLI/Gateway review actions, rollback metadata, and the `skill_workshop` agent tool.
      • ·Skill Workshop: add the Control UI navigation, styled dashboard, proposal today view, revision dialog, file preview modal, searchable preview files, reusable session handoff, and localized strings.
      • ·Plugins: externalize Tokenjuice as the official `@openclaw/tokenjuice` plugin with npm and ClawHub publish metadata.
      • ·Plugins: externalize the GitHub Copilot agent runtime as the official `@openclaw/copilot` plugin with npm and ClawHub publish metadata.
      • ·iOS: add hosted push relay defaults, realtime Talk playback, and a guarded WebSocket ping path for more reliable mobile sessions. (#88096, #88105, #88231)
      • ·iOS: support native iPad display layouts.
      • ·Android: add installed-app inspection commands, notification picker helpers, and updated-system-app classification.
      • ·Workboard: add orchestration primitives and agent coordination tools for multi-agent planning and run tracking. (#87469)
      • ·Workboard: wire task-backed board runs and show task comments in the edit modal.
      • ·Code mode: add internal namespaces for scoped agent/global sessions and exact namespace tool dispatch. (#88043)
      • ·Gateway: support Tailscale Serve service names for local service routing.
      • ·Control UI: add a Dreaming-tab agent selector and propagate the selected agent through Dreaming status, diary, and diary actions. (#78748)
      • ·Control UI: add calmer chat composer controls, local draft typing state, and first-output latency instrumentation for active chat entry. (#88772, #88998)
      • ·Plugins: add a SecretRef provider integration manifest contract. (#82326)
      • ·Plugin SDK: add typed presentation command actions and the bounded `resolve_exec_env` hook for plugin-provided exec environment contributions. (#88721)
      • ·Plugins: persist the plugin install index in SQLite so installed package lookup survives reloads with less filesystem scanning. (#88794)
      • ·Providers: add MiniMax M3 model support. (#88860)
      • ·Tools/media: allow validated host-local text document media sends while keeping unsafe plain-text media sends blocked. (#79658)
      • ·Doctor: add disk space health checks and stabilize post-upgrade JSON probes.
      • ·Channels: store inbound queues in SQLite and migrate iMessage monitor state to SQLite-backed tracking. (#88797)
      • ·Skills: add the core skills index and centralize skills runtime loading, status, filtering, and prompt formatting.

      Fixes

      • ·Build: render independent CLI startup metadata help snapshots concurrently to cut cold build-all metadata time.
      • ·Plugins: stop timed-out package-boundary prep steps by process group so descendant TypeScript/helper processes do not survive local check cleanup.
      • ·Control UI: serve static assets asynchronously after safe-open checks so large UI files do not block Gateway request handling.
      • ·Scripts/UI: forward direct wrapper SIGHUP shutdown to child processes so terminal hangups do not leave wrapped dev commands running.
      • ·Gateway: return the post-expiration pending-work revision from node drains so reconnecting nodes do not observe stale queue revisions after expired items are pruned.
      • ·Update: keep core updates nonblocking when missing external plugin repair downloads or soft plugin repair warnings would otherwise stall, pin post-core plugin compatibility to the downgraded core version, and still block installed active plugin payload smoke failures. (#84431, #87914, #87952)
      • ·Agents/providers: keep streaming tool-call argument parsing record-shaped when providers emit valid non-object JSON such as `null` or arrays.
      • ·Talk: preserve explicit `null` payloads on controller-created turn and output-audio lifecycle events.
      • ·Agents/TUI: keep local custom provider runs from loading plugin runtime and auth alias metadata when plugins are disabled.
      • ·Agents/TUI: restore in-flight TUI run switch-back behavior, keep no-policy native hook fallback available, guard vanished workspaces, and keep lightweight isolated subagents lightweight.
      • ·Agents/media: keep async image, music, and video generation starts from ending the Codex turn, avoid duplicate generated-media fallbacks, and let mixed requests continue with summaries or other work while media renders in the background. (#89220)
      • ·Agents/Codex: keep public OpenAI API-key profiles from being treated as native Codex app-server auth while preserving persisted Codex OAuth sessions.
      • ·Agents/Codex: stream Codex app-server final-answer partials to live reply previews, preserve ACP metadata in SQLite, prefer real tool results over synthetic repair output, prevent aborted app-server turn handles from lingering, migrate legacy OpenAI Codex `lastGood` auth state, and preserve workspace/session metadata through ACP runtime refactors. (#88405, #88724, #88730)
      • ·Control UI: keep collapsed tool cards labeled with the tool name and action instead of generic output text.
      • ·Agents/Codex: surface Skill Workshop guidance in Codex app-server prompts when `skill_workshop` is available.
      • ·Skill Workshop: restore and localize the Control UI board/today view switcher so review workflows keep their intended layout toggle across locales.
      • ·Agents/auth: write auth profiles atomically, dispatch auth failures by type, add force re-login and exhausted-failover recovery, clear legacy auto fallback pins, preserve workspaces during state-only uninstall, and compact before oversized turns so recovery paths avoid partial state. (#85798, #87484, #89181)
      • ·Skills: skip disabled skill env overrides from stale persisted snapshots so disabled skill `apiKey` SecretRefs cannot abort embedded or channel turns. (#79072, #79173)
      • ·Skill Workshop: render the Control UI tab from filtered navigation state and keep filtered fallback routing stable.
      • ·CLI: avoid live catalog validation during `openclaw agents add`, so adding a secondary agent no longer depends on provider catalog availability. (#76284, #88314)
      • ·CLI: harden CLI and plugin edge cases, and keep `plugins list --json` on the snapshot-only path so plugin sweeps avoid loading the full runtime status graph. (#88896)
      • ·CLI/desktop: bridge WSL clipboard operations through the shell, recognize manual-update launchd jobs, and keep machine-readable startup output parseable during progress setup. (#88764, #88689)
      • ·Plugins: make PixVerse external-plugin ClawHub metadata explicit and keep it out of bundled dist builds.
      • ·Plugins: clarify plugin loader failure guidance and treat soft plugin repair warnings as nonfatal so missing or incompatible plugin packages point operators at the right repair path without blocking unrelated work. (#84431)
      • ·Plugins: preserve npm plugin roots after blocked installs, skip plugin-local `openclaw` peer symlinks during rollback snapshots, relink those peers after restore, isolate cached tool runtime siblings, isolate provider catalog projections and web-provider factory failures, and keep private LLM-core declarations bundled so one bad plugin does not poison sibling runtime paths. (#77237, #88767, #88807, #89336)
      • ·Cron: keep SQLite cron migrations compatible with legacy run-log tables, archived job stores, diagnostic cron names, single-job run-history names, startup cron retries, and legacy one-shot delete-after-run behavior. (#88285, #88294, #89075)
      • ·Cron: keep update delivery validation scoped, harden restart state, and retire MCP runtimes on isolated cron cleanup.
      • ·Auto-reply: guard dispatcher failure-count probes so missing optional counters do not break SDK-typed recovery paths. (#89318)
      • ·Memory: serialize QMD update/embed writes per store, reduce Linux watcher fan-out, avoid noisy gateway watcher warnings, retry transient FileProvider-backed reads, preserve phase signals on read errors, harden envelope metadata sanitization, reattach Linux native watchers when directories are recreated, and rewrite generated transcript paths on rollover so memory/search state survives concurrent gateway and CLI activity. (#66339, #85931, #89185, #89188, #89246, #85351)
      • ·Memory: keep vector-disabled FTS indexes from resolving embedding providers during sync and search.
      • ·Providers: bound generated media downloads from OpenAI, Runway, xAI, MiniMax, BytePlus, DashScope-compatible, FAL, OpenRouter, Google, Vydra, and Comfy providers.
      • ·Providers: resolve Google defaults to `google-generative-ai`, register Vertex static catalog rows and `gemini-3.1-flash-lite`, align Foundry reasoning metadata, skip DeepSeek V4 thinking params on Foundry fallback, use MiniMax account OAuth endpoints, preserve Copilot Claude 1M capabilities, suppress disabled Ollama reasoning output, forward Gemini stop sequences, switch direct Gemini reasoning to native mode, strip provider self-prefixes and Kimi-incompatible Anthropic cache markers, keep OpenAI stop-finished tool calls, and avoid replay ids when the Responses store is disabled. (#88480, #88512, #88781, #89343, #89379, #89400, #76612)
      • ·Providers: cap GitHub Copilot OAuth request timeouts before creating abort signals.
      • ·Cron: retry recurring jobs after transient model rate limits before waiting for the next scheduled slot.
      • ·Agents/Codex: keep live session locks during cleanup, recover interrupted CLI tool transcripts, preserve Codex auth and compaction session identity, clear orphan tool state, cap app-server idle timers, and keep media completion delivery retryable. (#88129, #88136, #88141, #88162, #88182)
      • ·Chat/UI: show Gateway chat failures as visible assistant messages in the Control UI instead of only setting an invisible error state.
      • ·Channels: cap Telegram, Discord, WhatsApp, Signal, Feishu, Google Chat, Microsoft Teams, QQBot, Nostr, Zalo, Zalouser, and Nextcloud-style request/retry timers; preserve SMS approval reply routes; keep iMessage typing active during tool work; allow RFC2544 benchmark ranges for QQBot token fetches; and retry WhatsApp QR login 408 timeouts. (#88183, #88948, #88984, #89015)
      • ·Security/config parsing: reject unsafe OAuth/token lifetimes, retry-after delays, inbound timestamps, response body sizes, command timeout config, sandbox observer token TTLs, corrupt shell snapshots, untrusted workspace setup-only channel loads, remote media reference overreads, trajectory export leaks, hooks-token auth reuse, and gateway WebSocket calls after close. (#86953, #87376, #88974, #89354, #89701)
      • ·Providers/media: cap local service, model, usage, queue, generated media, TTS, music, workflow polling, and provider OAuth request timers across hosted and local providers.
      • ·Backup: accept root-relative hardlink targets during backup verification. (#89328)
      • ·Agents: keep configured fallback model metadata typed so provider params, context-token caps, and media input limits do not break changed-gate typechecks.
      • ·Agents: accept hidden `sessions_send` body aliases before validation while keeping the model-facing `message` schema canonical. (#88229)
      • ·Chat/UI: preserve startup chat sends during history loading, unblock the initial Control UI chat send, stream chat deltas incrementally, skip markdown parsing while streaming, keep drafts local while typing, guard composer rerenders, cache chat transcript renders, record pending-send paint timing, show the Communication Notifications tab, and honor Chromium executable overrides. (#74715, #88952, #88960, #88998)
      • ·Channels: stop schema-padded poll modifiers from turning normal `send` actions into invalid poll sends. (#89601)
      • ·Channels: preserve long Feishu streaming replies, recover failed progress draft starts, send visible fallbacks when accepted Feishu turns produce no final reply, preserve external `sessions_send` routes, persist Discord thread bindings in SQLite, tolerate iMessage self-chat timestamp skew, preserve colon-prefixed slash commands in mention parsing, decode Nostr `npub` allowlists correctly, and suppress raw provider errors during channel delivery. (#87896, #88749, #88803, #88866)
      • ·Config/status/doctor: skip unresolved shell references in state-dir dotenv files, resolve gateway auth secrets during deep status audits, respect explicit PI runtime policy, report runtime tool-schema and gateway health credential errors, clear recovered embedded-run activity, and keep post-upgrade JSON stable. (#88820, #88288, #89731)
      • ·Gateway/session state: list commands from the Gateway plugin registry, harden MCP loopback tool schemas, hide phantom agent-store rows from `sessions.list`, make task persistence failures explicit, support Tailscale Serve service names, guard Browser/Chrome pending attach aborts, and carry session UUIDs on interactive dispatch events. (#88305)
      • ·Gateway/plugins: narrow plugin lookup memoization to the stable plugin/runtime inputs, avoiding repeated lookup work without mixing disabled or filtered plugin state.
      • ·OpenAI/TTS: handle speed directives for OpenAI TTS voices. (#74089)
      • ·Performance: prebuild QA runtime probes with generated plugin assets but without CLI startup metadata.
      • ·Performance: skip declaration bundling for runtime-only CLI startup and gateway watch build profiles.
      • ·Performance: reuse prepared provider handles, strict tool schemas, gateway runtime metadata, session maintenance config, plugin metadata, bundled skill allowlists, package-local plugin artifacts, single-entry store writes, and validated/serialized session prompt blobs.

      Complete contribution record

      • ·**PR #88995** perf(ui): guard chat composer controls.
      • ·**PR #88998** perf(ui): keep chat draft local while typing.
      • ·**PR #89012** perf(ui): trace chat first output latency.
      • ·**PR #89019** perf(ui): speed up first global chat sends.
      • ·**PR #86953** fix(plugins): block untrusted workspace setup-only channel loads.
      • ·**PR #89030** perf(control-ui): prioritize first connect startup.
      • ·**PR #89058** perf(control-ui): hydrate chat startup state.
      • ·**PR #89106** fix(ui): clear chat composer after send. Related #89108.
      • ·**PR #88974** fix: bound remote media reference reads [AI].
      • ·**PR #88966** fix: allow admins to approve dependency guard.
      • ·**PR #89169** fix(ci): restore dist cache before artifact builds.
      • ·**PR #85798** fix(agents): actionable copy for exhausted auth-profile failover.
      • ·**PR #88689** Keep JSON CLI output clean during startup. Related #88602.
      • ·**PR #85351** fix(memory): retry transient FileProvider-backed reads. Related #85252.
      • ·**PR #89188** fix(memory-core): reduce Linux watcher fan-out. Related #89182.
      • ·**PR #88734** docs: refresh ClawHub showcase cards.
      • ·**PR #89212** test: reset gateway timers at test boundaries.
      • ·**PR #89181** fix(agents): dispatch auth failures by type.
      • ·**PR #89180** enhance(slack): route plugin approvals through native UI.
      • ·**PR #89185** fix(memory): warn on gateway watcher FD risk. Related #71335.
      • ·**PR #89135** fix(ui): render skill workshop tab.
      • ·**PR #89246** Revert "fix(memory): warn on gateway watcher FD risk".
      • ·**PR #88948** Keep iMessage typing active during tool work. Related #75847.
      • ·**PR #89220** fix(agents): avoid duplicate generated media fallback.
      • ·**PR #88946** Fix live model inference edge cases. Related #44870, #63685, #74305, #83192, #83810, #84109, #84688, #84697, #84804, #85806, #85918, #86808, #87381, #87740, #87768, #88039, #88439, #88456, #88833, #88918, #89008, #89241, #89242.
      • ·**PR #89305** fix(agents): bypass stale auth for plugin harnesses. Related #85105.
      • ·**PR #89297** docs: add ClawHub CLI page.
      • ·**PR #89318** fix(auto-reply): guard missing dispatcher getFailedCounts without weakening the SDK type. Related #89116.
      • ·**PR #89321** fix: honor channel model overrides in agent ingress. Related #60078.
      • ·**PR #89328** Fix backup verifier for root-relative hardlink targets.
      • ·**PR #87907** fix(memory): validate memory index identity. Related #83333.
      • ·**PR #89347** fix: repair model provider edge cases. Related #80347, #88357, #45269.
      • ·**PR #89336** Fix private llm-core leaks in plugin SDK declarations.
      • ·**PR #89015** fix(qqbot): allow RFC2544 benchmark range for token fetch (#88984).
      • ·**PR #89046** feat(android): add installed apps node command.
      • ·**PR #88315** feat(agents): generalized native compaction ownership for CLI backends.
      • ·**PR #89075** fix(memory-core): keep startup cron retries quiet. Related #75889.
      • ·**PR #89049** fix(idle-timeout): honor provider timeout for no-timeout runs.
      • ·**PR #89047** fix: hide sessions_spawn timeout overrides.
      • ·**PR #89036** fix(cron): reject blank delivery targets.
      • ·**PR #89354** fix: redact trajectory exports consistently.
      • ·**PR #88101** fix(codex): trace app-server thread lifecycle timing. Related #84640.
      • ·**PR #89243** fix: guard in-band macOS LaunchAgent stop. Related #89174.
      • ·**PR #87339** fix(discord): accumulate reasoning progress deltas. Related #83983.
      • ·**PR #89298** fix(diagnostics): re-queue pending messages after stuck-session recovery aborts ghost run. Related #89208.
      • ·**PR #88821** trace: Correlate channel message diagnostics into one trace. Related #88811.
      • ·**PR #89411** fix: detect shrinkwrapped npm installs. Related #87732.
      • ·**PR #87749** fix(messages): preserve inbound audio for message-tool TTS. Related #87708.
      • ·**PR #84431** Treat soft plugin repair warnings as nonfatal. Related #83889.
      • ·**PR #78005** feat(status): detect externalized plugin version drift in --deep.
      • ·**PR #89050** fix(sessions): preserve corrupt-header transcripts. Related #89037.
      • ·**PR #84314** fix: QQBot credential backups bypass gateway state isolation. Related #84313.
      • ·**PR #89281** fix: repeat doctor state migration repairs.
      • ·**PR #87952** fix(update): pin post-core plugin compatibility to the downgraded core version (#87914).
      • ·**PR #89417** refactor: tighten agent harness surfaces.
      • ·**PR #89400** fix(google): add missing gemini-3.1-flash-lite to google-vertex catalog. Related #89390.
      • ·**PR #88699** fix(codex): clear stale context-engine projection after overflow retry. Related #88355.
      • ·**PR #89379** fix(providers): use native reasoning mode for Gemini instead of tagged. Related #69220.
      • ·**PR #84266** Surface unresolved OAuth sidecar auth failures. Related #84252.
      • ·**PR #88879** feat(plugin-sdk): add resolve_exec_env hook.
      • ·**PR #89432** fix(qqbot): migrate state stores to sqlite kv.
      • ·**PR #89436** fix(llm): gate OpenAI-compatible reasoning output.
      • ·**PR #87703** fix(agents): run before_agent_finalize for embedded agents. Related #87585.
      • ·**PR #89440** fix(llm): keep OpenAI-compatible reasoning streams active. Related #84384.
      • ·**PR #88976** fix(mistral): enable prompt cache key compat. Related #83709.
      • ·**PR #87379** fix: audit and repair hooks token reuse with Gateway auth. Related #87376.
      • ·**PR #89701** fix(exec): reject corrupt shell snapshots.
      • ·**PR #89601** fix(outbound): stop schema-padded poll modifiers from blocking send.
      • ·**PR #89731** fix: backport gateway health credential handling.
      • ·**PR #87484** fix(agents): clear legacy auto fallback pins. Related #87467.
      • ·**PR #88182** Fix subagent DM completion delivery after yield. Related #88042.
      • ·**PR #88183** fix(whatsapp): retry QR login 408 timeouts.
      • ·**PR #88866** Persist Discord thread bindings in SQLite.
      • ·**PR #88231** fix(ios): guard websocket ping continuation.
      • ·**PR #88952** perf(ui): cache chat transcript renders.
      • ·**PR #88960** perf(ui): record pending send paint timing.
      • ·**PR #79173** fix: skip disabled skill snapshot env overrides. Related #79072.
      • ·**PR #82326** Add plugin manifest contract for SecretRef provider integrations.
      • ·**PR #87469** feat: add core session goals.
      • ·**PR #88794** Persist plugin install index in SQLite.
      • ·**PR #88512** fix: resolve google provider default API to google-generative-ai. Related #88480.
      • ·**PR #88781** fix(models): strip remaining provider self prefixes. Related #88770.
      • ·**PR #88096** feat(ios): default to hosted push relay.
      • ·**PR #88105** feat(ios): add talk tab realtime playback.
      • ·**PR #88043** feat: add internal code mode namespaces.
      • ·**PR #78748** fix(ui): add agent selector to dreaming tab. Related #63558.
      • ·**PR #88772** feat: calm composer controls.
      • ·**PR #88721** feat(plugin-sdk): add typed presentation command actions.
      • ·**PR #88860** feat(minimax): add MiniMax M3 support.
      • ·**PR #79658** Allow validated TXT/JSON/YAML media sends.
      • ·**PR #88797** Migrate iMessage monitor state to SQLite.
      • ·**PR #88724** fix: persist ACP metadata in SQLite.
      • ·**PR #88730** fix(codex): stream final answer partials. Related #88405.
      • ·**PR #88314** fix #76284: [Bug]: openclaw agents add blocked — cannot add Jon/Atlas as separate agents.
      • ·**PR #88896** fix: harden CLI and plugin edge cases.
      • ·**PR #88764** fix(update): recognize manual-update launchd jobs. Related #88736.
      • ·**PR #77237** Preserve managed npm plugin root when install validation blocks update.
      • ·**PR #88767** fix(plugin-sdk): isolate provider catalog projection failures.
      • ·**PR #88807** fix(plugins): isolate web provider factory failures.
      • ·**PR #88285** Move cron persistence to SQLite.
      • ·**PR #88294** fix(cron): include job name when reading single-job run history.
      • ·**PR #85931** fix(memory): serialize qmd update writes across processes to stop SQLITE_BUSY. Related #66339.
      • ·**PR #88129** fix: keep live OpenClaw session locks during cleanup.
      • ·**PR #88136** fix(agents): centralize terminal run outcome precedence. Related #87444.
      • ·**PR #88141** fix: route generated media completions through requester agent.
      • ·**PR #88162** fix(agents): extend terminal outcome projections.
      • ·**PR #88229** fix(agents): normalize sessions_send message aliases. Related #88146.
      • ·**PR #74715** fix(ui): show Communication Notifications tab.
      • ·**PR #87896** fix(feishu): fallback when accepted turns send no visible reply.
      • ·**PR #88749** fix(channels): recover failed progress draft starts. Related #83115.
      • ·**PR #88803** fix(reply): preserve sessions_send external routes. Related #88044.
      • ·**PR #88820** fix(diagnostics): clear embedded-run activity when recovery declares lane idle. Related #88660.
      • ·**PR #88288** fix(config): skip state-dir dotenv values that are unresolved shell references. Related #88274.
      • ·**PR #88305** fix(browser): isolate Chrome MCP pending attach aborts. Related #88304.
      • ·**PR #74089** fix(openai/tts): handle [[tts:speed]] directive in OpenAI speech provider (#12163).

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.1
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.1.tgz
      • ·integrity: `sha512-rGSwhIo8N37cQQ5puG8vmWZESE8q/ych5VFpzOQNcf49TF/rvCYyxiNAyot11qbUZF5wfLh8bsvofapnOEh0BQ==`
      • ·npm dist-tags: `openclaw@latest` and `openclaw@beta` both point to `2026.6.1`; GitHub latest points to `v2026.6.1`.
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/26907004505
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/26900686846
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/26900640419
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/26907235209
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/26907239724
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/26907625257
      • ·package Telegram E2E: https://github.com/openclaw/openclaw/actions/runs/26901214260
      • ·Windows Hub x64 installer: https://github.com/openclaw/openclaw/releases/download/v2026.6.1/OpenClawCompanion-Setup-x64.exe
      • ·Windows Hub arm64 installer: https://github.com/openclaw/openclaw/releases/download/v2026.6.1/OpenClawCompanion-Setup-arm64.exe
      • ·Windows Hub SHA-256 manifest: https://github.com/openclaw/openclaw/releases/download/v2026.6.1/OpenClawCompanion-SHA256SUMS.txt
      • ·Windows Hub source release: https://github.com/openclaw/openclaw-windows-node/releases/tag/v0.6.0
      • ·Windows Hub signed installer promotion: https://github.com/openclaw/openclaw/actions/runs/26914718218
      • ·Windows Hub x64 SHA-256: `f756c6537fcc06ba2da89f53bda4be953dfdcc523dc62256e49e0b0edf14dd30`
      • ·Windows Hub arm64 SHA-256: `7e91de93420de49a529033fd9c7f29c52fd143443234746dbe9e242453f74365`
      • ·verifier caveat: the release publish parent is red because its postpublish verifier expected plugin npm `beta` dist-tags to point to `2026.6.1`; stable plugin publishes succeeded on `latest` while plugin `beta` remains on `2026.6.1-beta.3`.
      v2026.6.1-beta.3pre-release2026-06-03

      openclaw 2026.6.1-beta.3

      GitHub ↗

      Highlights

      • ·**Resilient agent and Codex runs:** interrupted tool calls, stale session bindings, compaction handoffs, auth-profile failover, reasoning-tag cleanup, yielded subagents, and generated-media delivery all recover without leaving work stranded. (#85798, #87484, #88182, #89220)
      • ·**Reliable channel and mobile delivery:** WhatsApp, iMessage, Discord state, QQBot, and iOS Talk now preserve replies, typing, session state, QR-login recovery, and realtime connections across normal restart and transport failure paths. (#88183, #88866, #88948, #89015, #88231)
      • ·**Faster Control UI chat:** startup, local drafts, incremental stream rendering, transcript caching, first connect, and post-send cleanup no longer compete with the active conversation. (#88952, #88960, #88998, #89030, #89106)
      • ·**Governed skills and plugins:** Skill Workshop proposals, disabled-skill snapshots, support-file approvals, plugin contracts, and external package boundaries are clearer and safer for operators. (#79173, #82326, #89336)
      • ·**Richer operator coordination:** Workboard goals, task-backed runs, and SQLite-backed plugin state make multi-agent work and installed-plugin discovery survive reloads cleanly. (#87469, #88794)
      • ·**More dependable providers:** Google defaults, provider IDs, model catalogs, OAuth/device-code flows, media timers, and reasoning output now stay valid across hosted and local runtimes. (#88512, #88781, #89343, #89379, #89400)

      Changes

      • ·Skills: let the `skill_workshop` agent tool apply, reject, and quarantine explicit proposals through the guarded review flow.
      • ·Skills: let proposals carry approved support files under standard skill folders, with scanner, hash, and rollback safeguards.
      • ·Skills: let pending proposals be revised in place with versioned, dated proposal frontmatter before approval.
      • ·Skills: add Skill Workshop with pending proposals, CLI/Gateway review actions, rollback metadata, and the `skill_workshop` agent tool.
      • ·Skill Workshop: add the Control UI navigation, styled dashboard, proposal today view, revision dialog, file preview modal, searchable preview files, reusable session handoff, and localized strings.
      • ·Plugins: externalize Tokenjuice as the official `@openclaw/tokenjuice` plugin with npm and ClawHub publish metadata.
      • ·Plugins: externalize the GitHub Copilot agent runtime as the official `@openclaw/copilot` plugin with npm and ClawHub publish metadata.
      • ·iOS: add hosted push relay defaults, realtime Talk playback, and a guarded WebSocket ping path for more reliable mobile sessions. (#88096, #88105, #88231)
      • ·iOS: support native iPad display layouts.
      • ·Android: add installed-app inspection commands, notification picker helpers, and updated-system-app classification.
      • ·Workboard: add orchestration primitives and agent coordination tools for multi-agent planning and run tracking. (#87469)
      • ·Workboard: wire task-backed board runs and show task comments in the edit modal.
      • ·Code mode: add internal namespaces for scoped agent/global sessions and exact namespace tool dispatch. (#88043)
      • ·Gateway: support Tailscale Serve service names for local service routing.
      • ·Control UI: add a Dreaming-tab agent selector and propagate the selected agent through Dreaming status, diary, and diary actions. (#78748)
      • ·Control UI: add calmer chat composer controls, local draft typing state, and first-output latency instrumentation for active chat entry. (#88772, #88998)
      • ·Plugins: add a SecretRef provider integration manifest contract. (#82326)
      • ·Plugin SDK: add typed presentation command actions and the bounded `resolve_exec_env` hook for plugin-provided exec environment contributions. (#88721)
      • ·Plugins: persist the plugin install index in SQLite so installed package lookup survives reloads with less filesystem scanning. (#88794)
      • ·Providers: add MiniMax M3 model support. (#88860)
      • ·Tools/media: allow validated host-local text document media sends while keeping unsafe plain-text media sends blocked. (#79658)
      • ·Doctor: add disk space health checks and stabilize post-upgrade JSON probes.
      • ·Channels: store inbound queues in SQLite and migrate iMessage monitor state to SQLite-backed tracking. (#88797)
      • ·Skills: add the core skills index and centralize skills runtime loading, status, filtering, and prompt formatting.

      Fixes

      • ·Build: render independent CLI startup metadata help snapshots concurrently to cut cold build-all metadata time.
      • ·Plugins: stop timed-out package-boundary prep steps by process group so descendant TypeScript/helper processes do not survive local check cleanup.
      • ·Control UI: serve static assets asynchronously after safe-open checks so large UI files do not block Gateway request handling.
      • ·Scripts/UI: forward direct wrapper SIGHUP shutdown to child processes so terminal hangups do not leave wrapped dev commands running.
      • ·Gateway: return the post-expiration pending-work revision from node drains so reconnecting nodes do not observe stale queue revisions after expired items are pruned.
      • ·Update: keep core updates nonblocking when missing external plugin repair downloads or soft plugin repair warnings would otherwise stall, pin post-core plugin compatibility to the downgraded core version, and still block installed active plugin payload smoke failures. (#84431, #87914, #87952)
      • ·Agents/providers: keep streaming tool-call argument parsing record-shaped when providers emit valid non-object JSON such as `null` or arrays.
      • ·Talk: preserve explicit `null` payloads on controller-created turn and output-audio lifecycle events.
      • ·Agents/TUI: keep local custom provider runs from loading plugin runtime and auth alias metadata when plugins are disabled.
      • ·Agents/TUI: restore in-flight TUI run switch-back behavior, keep no-policy native hook fallback available, guard vanished workspaces, and keep lightweight isolated subagents lightweight.
      • ·Agents/media: keep async image, music, and video generation starts from ending the Codex turn, avoid duplicate generated-media fallbacks, and let mixed requests continue with summaries or other work while media renders in the background. (#89220)
      • ·Agents/Codex: keep public OpenAI API-key profiles from being treated as native Codex app-server auth while preserving persisted Codex OAuth sessions.
      • ·Agents/Codex: stream Codex app-server final-answer partials to live reply previews, preserve ACP metadata in SQLite, prefer real tool results over synthetic repair output, prevent aborted app-server turn handles from lingering, migrate legacy OpenAI Codex `lastGood` auth state, and preserve workspace/session metadata through ACP runtime refactors. (#88405, #88724, #88730)
      • ·Control UI: keep collapsed tool cards labeled with the tool name and action instead of generic output text.
      • ·Agents/Codex: surface Skill Workshop guidance in Codex app-server prompts when `skill_workshop` is available.
      • ·Skill Workshop: restore and localize the Control UI board/today view switcher so review workflows keep their intended layout toggle across locales.
      • ·Agents/auth: write auth profiles atomically, dispatch auth failures by type, add force re-login and exhausted-failover recovery, clear legacy auto fallback pins, preserve workspaces during state-only uninstall, and compact before oversized turns so recovery paths avoid partial state. (#85798, #87484, #89181)
      • ·Skills: skip disabled skill env overrides from stale persisted snapshots so disabled skill `apiKey` SecretRefs cannot abort embedded or channel turns. (#79072, #79173)
      • ·Skill Workshop: render the Control UI tab from filtered navigation state and keep filtered fallback routing stable.
      • ·CLI: avoid live catalog validation during `openclaw agents add`, so adding a secondary agent no longer depends on provider catalog availability. (#76284, #88314)
      • ·CLI: harden CLI and plugin edge cases, and keep `plugins list --json` on the snapshot-only path so plugin sweeps avoid loading the full runtime status graph. (#88896)
      • ·CLI/desktop: bridge WSL clipboard operations through the shell, recognize manual-update launchd jobs, and keep machine-readable startup output parseable during progress setup. (#88764, #88689)
      • ·Plugins: make PixVerse external-plugin ClawHub metadata explicit and keep it out of bundled dist builds.
      • ·Plugins: clarify plugin loader failure guidance and treat soft plugin repair warnings as nonfatal so missing or incompatible plugin packages point operators at the right repair path without blocking unrelated work. (#84431)
      • ·Plugins: preserve npm plugin roots after blocked installs, skip plugin-local `openclaw` peer symlinks during rollback snapshots, relink those peers after restore, isolate cached tool runtime siblings, isolate provider catalog projections and web-provider factory failures, and keep private LLM-core declarations bundled so one bad plugin does not poison sibling runtime paths. (#77237, #88767, #88807, #89336)
      • ·Cron: keep SQLite cron migrations compatible with legacy run-log tables, archived job stores, diagnostic cron names, single-job run-history names, startup cron retries, and legacy one-shot delete-after-run behavior. (#88285, #88294, #89075)
      • ·Cron: keep update delivery validation scoped, harden restart state, and retire MCP runtimes on isolated cron cleanup.
      • ·Auto-reply: guard dispatcher failure-count probes so missing optional counters do not break SDK-typed recovery paths. (#89318)
      • ·Memory: serialize QMD update/embed writes per store, reduce Linux watcher fan-out, avoid noisy gateway watcher warnings, retry transient FileProvider-backed reads, preserve phase signals on read errors, harden envelope metadata sanitization, reattach Linux native watchers when directories are recreated, and rewrite generated transcript paths on rollover so memory/search state survives concurrent gateway and CLI activity. (#66339, #85931, #89185, #89188, #89246, #85351)
      • ·Memory: keep vector-disabled FTS indexes from resolving embedding providers during sync and search.
      • ·Providers: bound generated media downloads from OpenAI, Runway, xAI, MiniMax, BytePlus, DashScope-compatible, FAL, OpenRouter, Google, Vydra, and Comfy providers.
      • ·Providers: resolve Google defaults to `google-generative-ai`, register Vertex static catalog rows and `gemini-3.1-flash-lite`, align Foundry reasoning metadata, skip DeepSeek V4 thinking params on Foundry fallback, use MiniMax account OAuth endpoints, preserve Copilot Claude 1M capabilities, suppress disabled Ollama reasoning output, forward Gemini stop sequences, switch direct Gemini reasoning to native mode, strip provider self-prefixes and Kimi-incompatible Anthropic cache markers, keep OpenAI stop-finished tool calls, and avoid replay ids when the Responses store is disabled. (#88480, #88512, #88781, #89343, #89379, #89400, #76612)
      • ·Providers: cap GitHub Copilot OAuth request timeouts before creating abort signals.
      • ·Cron: retry recurring jobs after transient model rate limits before waiting for the next scheduled slot.
      • ·Agents/Codex: keep live session locks during cleanup, recover interrupted CLI tool transcripts, preserve Codex auth and compaction session identity, clear orphan tool state, cap app-server idle timers, and keep media completion delivery retryable. (#88129, #88136, #88141, #88162, #88182)
      • ·Chat/UI: show Gateway chat failures as visible assistant messages in the Control UI instead of only setting an invisible error state.
      • ·Channels: cap Telegram, Discord, WhatsApp, Signal, Feishu, Google Chat, Microsoft Teams, QQBot, Nostr, Zalo, Zalouser, and Nextcloud-style request/retry timers; preserve SMS approval reply routes; keep iMessage typing active during tool work; allow RFC2544 benchmark ranges for QQBot token fetches; and retry WhatsApp QR login 408 timeouts. (#88183, #88948, #88984, #89015)
      • ·Security/config parsing: reject unsafe OAuth/token lifetimes, retry-after delays, inbound timestamps, response body sizes, command timeout config, sandbox observer token TTLs, corrupt shell snapshots, untrusted workspace setup-only channel loads, remote media reference overreads, trajectory export leaks, hooks-token auth reuse, and gateway WebSocket calls after close. (#86953, #87376, #88974, #89354, #89701)
      • ·Providers/media: cap local service, model, usage, queue, generated media, TTS, music, workflow polling, and provider OAuth request timers across hosted and local providers.
      • ·Backup: accept root-relative hardlink targets during backup verification. (#89328)
      • ·Agents: keep configured fallback model metadata typed so provider params, context-token caps, and media input limits do not break changed-gate typechecks.
      • ·Agents: accept hidden `sessions_send` body aliases before validation while keeping the model-facing `message` schema canonical. (#88229)
      • ·Chat/UI: preserve startup chat sends during history loading, unblock the initial Control UI chat send, stream chat deltas incrementally, skip markdown parsing while streaming, keep drafts local while typing, guard composer rerenders, cache chat transcript renders, record pending-send paint timing, show the Communication Notifications tab, and honor Chromium executable overrides. (#74715, #88952, #88960, #88998)
      • ·Channels: stop schema-padded poll modifiers from turning normal `send` actions into invalid poll sends. (#89601)
      • ·Channels: preserve long Feishu streaming replies, recover failed progress draft starts, send visible fallbacks when accepted Feishu turns produce no final reply, preserve external `sessions_send` routes, persist Discord thread bindings in SQLite, tolerate iMessage self-chat timestamp skew, preserve colon-prefixed slash commands in mention parsing, decode Nostr `npub` allowlists correctly, and suppress raw provider errors during channel delivery. (#87896, #88749, #88803, #88866)
      • ·Config/status/doctor: skip unresolved shell references in state-dir dotenv files, resolve gateway auth secrets during deep status audits, respect explicit PI runtime policy, report runtime tool-schema and gateway health credential errors, clear recovered embedded-run activity, and keep post-upgrade JSON stable. (#88820, #88288, #89731)
      • ·Gateway/session state: list commands from the Gateway plugin registry, harden MCP loopback tool schemas, hide phantom agent-store rows from `sessions.list`, make task persistence failures explicit, support Tailscale Serve service names, guard Browser/Chrome pending attach aborts, and carry session UUIDs on interactive dispatch events. (#88305)
      • ·Gateway/plugins: narrow plugin lookup memoization to the stable plugin/runtime inputs, avoiding repeated lookup work without mixing disabled or filtered plugin state.
      • ·OpenAI/TTS: handle speed directives for OpenAI TTS voices. (#74089)
      • ·Performance: prebuild QA runtime probes with generated plugin assets but without CLI startup metadata.
      • ·Performance: skip declaration bundling for runtime-only CLI startup and gateway watch build profiles.
      • ·Performance: reuse prepared provider handles, strict tool schemas, gateway runtime metadata, session maintenance config, plugin metadata, bundled skill allowlists, package-local plugin artifacts, single-entry store writes, and validated/serialized session prompt blobs.

      Complete contribution record

      • ·**PR #88995** perf(ui): guard chat composer controls.
      • ·**PR #88998** perf(ui): keep chat draft local while typing.
      • ·**PR #89012** perf(ui): trace chat first output latency.
      • ·**PR #89019** perf(ui): speed up first global chat sends.
      • ·**PR #86953** fix(plugins): block untrusted workspace setup-only channel loads.
      • ·**PR #89030** perf(control-ui): prioritize first connect startup.
      • ·**PR #89058** perf(control-ui): hydrate chat startup state.
      • ·**PR #89106** fix(ui): clear chat composer after send. Related #89108.
      • ·**PR #88974** fix: bound remote media reference reads [AI].
      • ·**PR #88966** fix: allow admins to approve dependency guard.
      • ·**PR #89169** fix(ci): restore dist cache before artifact builds.
      • ·**PR #85798** fix(agents): actionable copy for exhausted auth-profile failover.
      • ·**PR #88689** Keep JSON CLI output clean during startup. Related #88602.
      • ·**PR #85351** fix(memory): retry transient FileProvider-backed reads. Related #85252.
      • ·**PR #89188** fix(memory-core): reduce Linux watcher fan-out. Related #89182.
      • ·**PR #88734** docs: refresh ClawHub showcase cards.
      • ·**PR #89212** test: reset gateway timers at test boundaries.
      • ·**PR #89181** fix(agents): dispatch auth failures by type.
      • ·**PR #89180** enhance(slack): route plugin approvals through native UI.
      • ·**PR #89185** fix(memory): warn on gateway watcher FD risk. Related #71335.
      • ·**PR #89135** fix(ui): render skill workshop tab.
      • ·**PR #89246** Revert "fix(memory): warn on gateway watcher FD risk".
      • ·**PR #88948** Keep iMessage typing active during tool work. Related #75847.
      • ·**PR #89220** fix(agents): avoid duplicate generated media fallback.
      • ·**PR #88946** Fix live model inference edge cases. Related #44870, #63685, #74305, #83192, #83810, #84109, #84688, #84697, #84804, #85806, #85918, #86808, #87381, #87740, #87768, #88039, #88439, #88456, #88833, #88918, #89008, #89241, #89242.
      • ·**PR #89305** fix(agents): bypass stale auth for plugin harnesses. Related #85105.
      • ·**PR #89297** docs: add ClawHub CLI page.
      • ·**PR #89318** fix(auto-reply): guard missing dispatcher getFailedCounts without weakening the SDK type. Related #89116.
      • ·**PR #89321** fix: honor channel model overrides in agent ingress. Related #60078.
      • ·**PR #89328** Fix backup verifier for root-relative hardlink targets.
      • ·**PR #87907** fix(memory): validate memory index identity. Related #83333.
      • ·**PR #89347** fix: repair model provider edge cases. Related #80347, #88357, #45269.
      • ·**PR #89336** Fix private llm-core leaks in plugin SDK declarations.
      • ·**PR #89015** fix(qqbot): allow RFC2544 benchmark range for token fetch (#88984).
      • ·**PR #89046** feat(android): add installed apps node command.
      • ·**PR #88315** feat(agents): generalized native compaction ownership for CLI backends.
      • ·**PR #89075** fix(memory-core): keep startup cron retries quiet. Related #75889.
      • ·**PR #89049** fix(idle-timeout): honor provider timeout for no-timeout runs.
      • ·**PR #89047** fix: hide sessions_spawn timeout overrides.
      • ·**PR #89036** fix(cron): reject blank delivery targets.
      • ·**PR #89354** fix: redact trajectory exports consistently.
      • ·**PR #88101** fix(codex): trace app-server thread lifecycle timing. Related #84640.
      • ·**PR #89243** fix: guard in-band macOS LaunchAgent stop. Related #89174.
      • ·**PR #87339** fix(discord): accumulate reasoning progress deltas. Related #83983.
      • ·**PR #89298** fix(diagnostics): re-queue pending messages after stuck-session recovery aborts ghost run. Related #89208.
      • ·**PR #88821** trace: Correlate channel message diagnostics into one trace. Related #88811.
      • ·**PR #89411** fix: detect shrinkwrapped npm installs. Related #87732.
      • ·**PR #87749** fix(messages): preserve inbound audio for message-tool TTS. Related #87708.
      • ·**PR #84431** Treat soft plugin repair warnings as nonfatal. Related #83889.
      • ·**PR #78005** feat(status): detect externalized plugin version drift in --deep.
      • ·**PR #89050** fix(sessions): preserve corrupt-header transcripts. Related #89037.
      • ·**PR #84314** fix: QQBot credential backups bypass gateway state isolation. Related #84313.
      • ·**PR #89281** fix: repeat doctor state migration repairs.
      • ·**PR #87952** fix(update): pin post-core plugin compatibility to the downgraded core version (#87914).
      • ·**PR #89417** refactor: tighten agent harness surfaces.
      • ·**PR #89400** fix(google): add missing gemini-3.1-flash-lite to google-vertex catalog. Related #89390.
      • ·**PR #88699** fix(codex): clear stale context-engine projection after overflow retry. Related #88355.
      • ·**PR #89379** fix(providers): use native reasoning mode for Gemini instead of tagged. Related #69220.
      • ·**PR #84266** Surface unresolved OAuth sidecar auth failures. Related #84252.
      • ·**PR #88879** feat(plugin-sdk): add resolve_exec_env hook.
      • ·**PR #89432** fix(qqbot): migrate state stores to sqlite kv.
      • ·**PR #89436** fix(llm): gate OpenAI-compatible reasoning output.
      • ·**PR #87703** fix(agents): run before_agent_finalize for embedded agents. Related #87585.
      • ·**PR #89440** fix(llm): keep OpenAI-compatible reasoning streams active. Related #84384.
      • ·**PR #88976** fix(mistral): enable prompt cache key compat. Related #83709.
      • ·**PR #87379** fix: audit and repair hooks token reuse with Gateway auth. Related #87376.
      • ·**PR #89701** fix(exec): reject corrupt shell snapshots.
      • ·**PR #89601** fix(outbound): stop schema-padded poll modifiers from blocking send.
      • ·**PR #89731** fix: backport gateway health credential handling.
      • ·**PR #87484** fix(agents): clear legacy auto fallback pins. Related #87467.
      • ·**PR #88182** Fix subagent DM completion delivery after yield. Related #88042.
      • ·**PR #88183** fix(whatsapp): retry QR login 408 timeouts.
      • ·**PR #88866** Persist Discord thread bindings in SQLite.
      • ·**PR #88231** fix(ios): guard websocket ping continuation.
      • ·**PR #88952** perf(ui): cache chat transcript renders.
      • ·**PR #88960** perf(ui): record pending send paint timing.
      • ·**PR #79173** fix: skip disabled skill snapshot env overrides. Related #79072.
      • ·**PR #82326** Add plugin manifest contract for SecretRef provider integrations.
      • ·**PR #87469** feat: add core session goals.
      • ·**PR #88794** Persist plugin install index in SQLite.
      • ·**PR #88512** fix: resolve google provider default API to google-generative-ai. Related #88480.
      • ·**PR #88781** fix(models): strip remaining provider self prefixes. Related #88770.
      • ·**PR #88096** feat(ios): default to hosted push relay.
      • ·**PR #88105** feat(ios): add talk tab realtime playback.
      • ·**PR #88043** feat: add internal code mode namespaces.
      • ·**PR #78748** fix(ui): add agent selector to dreaming tab. Related #63558.
      • ·**PR #88772** feat: calm composer controls.
      • ·**PR #88721** feat(plugin-sdk): add typed presentation command actions.
      • ·**PR #88860** feat(minimax): add MiniMax M3 support.
      • ·**PR #79658** Allow validated TXT/JSON/YAML media sends.
      • ·**PR #88797** Migrate iMessage monitor state to SQLite.
      • ·**PR #88724** fix: persist ACP metadata in SQLite.
      • ·**PR #88730** fix(codex): stream final answer partials. Related #88405.
      • ·**PR #88314** fix #76284: [Bug]: openclaw agents add blocked — cannot add Jon/Atlas as separate agents.
      • ·**PR #88896** fix: harden CLI and plugin edge cases.
      • ·**PR #88764** fix(update): recognize manual-update launchd jobs. Related #88736.
      • ·**PR #77237** Preserve managed npm plugin root when install validation blocks update.
      • ·**PR #88767** fix(plugin-sdk): isolate provider catalog projection failures.
      • ·**PR #88807** fix(plugins): isolate web provider factory failures.
      • ·**PR #88285** Move cron persistence to SQLite.
      • ·**PR #88294** fix(cron): include job name when reading single-job run history.
      • ·**PR #85931** fix(memory): serialize qmd update writes across processes to stop SQLITE_BUSY. Related #66339.
      • ·**PR #88129** fix: keep live OpenClaw session locks during cleanup.
      • ·**PR #88136** fix(agents): centralize terminal run outcome precedence. Related #87444.
      • ·**PR #88141** fix: route generated media completions through requester agent.
      • ·**PR #88162** fix(agents): extend terminal outcome projections.
      • ·**PR #88229** fix(agents): normalize sessions_send message aliases. Related #88146.
      • ·**PR #74715** fix(ui): show Communication Notifications tab.
      • ·**PR #87896** fix(feishu): fallback when accepted turns send no visible reply.
      • ·**PR #88749** fix(channels): recover failed progress draft starts. Related #83115.
      • ·**PR #88803** fix(reply): preserve sessions_send external routes. Related #88044.
      • ·**PR #88820** fix(diagnostics): clear embedded-run activity when recovery declares lane idle. Related #88660.
      • ·**PR #88288** fix(config): skip state-dir dotenv values that are unresolved shell references. Related #88274.
      • ·**PR #88305** fix(browser): isolate Chrome MCP pending attach aborts. Related #88304.
      • ·**PR #74089** fix(openai/tts): handle [[tts:speed]] directive in OpenAI speech provider (#12163).

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.1-beta.3
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.1-beta.3.tgz
      • ·integrity: `sha512-VlbDcDKt1mSgLbMiNvf9dgOgpL3eKGfekrdZhzEkbLR8XgektCeeP+/2cGGRXZorqg+WDkLGKD90chImV75p/Q==`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.1-beta.3/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/26874190898
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/26871752130
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/26871753834
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/26874442467
      • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/26874447308
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/26874986982
      • ·npm Telegram beta E2E: not supplied
      v2026.6.1-beta.2pre-release2026-06-01

      openclaw 2026.6.1-beta.2

      GitHub ↗

      Highlights

      • ·**Resilient agent and Codex runs:** interrupted tool calls, stale session bindings, compaction handoffs, auth-profile failover, reasoning-tag cleanup, yielded subagents, and generated-media delivery all recover without leaving work stranded. (#85798, #87484, #88182, #89220)
      • ·**Reliable channel and mobile delivery:** WhatsApp, iMessage, Discord state, QQBot, and iOS Talk now preserve replies, typing, session state, QR-login recovery, and realtime connections across normal restart and transport failure paths. (#88183, #88866, #88948, #89015, #88231)
      • ·**Faster Control UI chat:** startup, local drafts, incremental stream rendering, transcript caching, first connect, and post-send cleanup no longer compete with the active conversation. (#88952, #88960, #88998, #89030, #89106)
      • ·**Governed skills and plugins:** Skill Workshop proposals, disabled-skill snapshots, support-file approvals, plugin contracts, and external package boundaries are clearer and safer for operators. (#79173, #82326, #89336)
      • ·**Richer operator coordination:** Workboard goals, task-backed runs, and SQLite-backed plugin state make multi-agent work and installed-plugin discovery survive reloads cleanly. (#87469, #88794)
      • ·**More dependable providers:** Google defaults, provider IDs, model catalogs, OAuth/device-code flows, media timers, and reasoning output now stay valid across hosted and local runtimes. (#88512, #88781, #89343, #89379, #89400)

      Changes

      • ·Skills: let the `skill_workshop` agent tool apply, reject, and quarantine explicit proposals through the guarded review flow.
      • ·Skills: let proposals carry approved support files under standard skill folders, with scanner, hash, and rollback safeguards.
      • ·Skills: let pending proposals be revised in place with versioned, dated proposal frontmatter before approval.
      • ·Skills: add Skill Workshop with pending proposals, CLI/Gateway review actions, rollback metadata, and the `skill_workshop` agent tool.
      • ·Skill Workshop: add the Control UI navigation, styled dashboard, proposal today view, revision dialog, file preview modal, searchable preview files, reusable session handoff, and localized strings.
      • ·Plugins: externalize Tokenjuice as the official `@openclaw/tokenjuice` plugin with npm and ClawHub publish metadata.
      • ·Plugins: externalize the GitHub Copilot agent runtime as the official `@openclaw/copilot` plugin with npm and ClawHub publish metadata.
      • ·iOS: add hosted push relay defaults, realtime Talk playback, and a guarded WebSocket ping path for more reliable mobile sessions. (#88096, #88105, #88231)
      • ·iOS: support native iPad display layouts.
      • ·Android: add installed-app inspection commands, notification picker helpers, and updated-system-app classification.
      • ·Workboard: add orchestration primitives and agent coordination tools for multi-agent planning and run tracking. (#87469)
      • ·Workboard: wire task-backed board runs and show task comments in the edit modal.
      • ·Code mode: add internal namespaces for scoped agent/global sessions and exact namespace tool dispatch. (#88043)
      • ·Gateway: support Tailscale Serve service names for local service routing.
      • ·Control UI: add a Dreaming-tab agent selector and propagate the selected agent through Dreaming status, diary, and diary actions. (#78748)
      • ·Control UI: add calmer chat composer controls, local draft typing state, and first-output latency instrumentation for active chat entry. (#88772, #88998)
      • ·Plugins: add a SecretRef provider integration manifest contract. (#82326)
      • ·Plugin SDK: add typed presentation command actions and the bounded `resolve_exec_env` hook for plugin-provided exec environment contributions. (#88721)
      • ·Plugins: persist the plugin install index in SQLite so installed package lookup survives reloads with less filesystem scanning. (#88794)
      • ·Providers: add MiniMax M3 model support. (#88860)
      • ·Tools/media: allow validated host-local text document media sends while keeping unsafe plain-text media sends blocked. (#79658)
      • ·Doctor: add disk space health checks and stabilize post-upgrade JSON probes.
      • ·Channels: store inbound queues in SQLite and migrate iMessage monitor state to SQLite-backed tracking. (#88797)
      • ·Skills: add the core skills index and centralize skills runtime loading, status, filtering, and prompt formatting.

      Fixes

      • ·Build: render independent CLI startup metadata help snapshots concurrently to cut cold build-all metadata time.
      • ·Plugins: stop timed-out package-boundary prep steps by process group so descendant TypeScript/helper processes do not survive local check cleanup.
      • ·Control UI: serve static assets asynchronously after safe-open checks so large UI files do not block Gateway request handling.
      • ·Scripts/UI: forward direct wrapper SIGHUP shutdown to child processes so terminal hangups do not leave wrapped dev commands running.
      • ·Gateway: return the post-expiration pending-work revision from node drains so reconnecting nodes do not observe stale queue revisions after expired items are pruned.
      • ·Update: keep core updates nonblocking when missing external plugin repair downloads or soft plugin repair warnings would otherwise stall, pin post-core plugin compatibility to the downgraded core version, and still block installed active plugin payload smoke failures. (#84431, #87914, #87952)
      • ·Agents/providers: keep streaming tool-call argument parsing record-shaped when providers emit valid non-object JSON such as `null` or arrays.
      • ·Talk: preserve explicit `null` payloads on controller-created turn and output-audio lifecycle events.
      • ·Agents/TUI: keep local custom provider runs from loading plugin runtime and auth alias metadata when plugins are disabled.
      • ·Agents/TUI: restore in-flight TUI run switch-back behavior, keep no-policy native hook fallback available, guard vanished workspaces, and keep lightweight isolated subagents lightweight.
      • ·Agents/media: keep async image, music, and video generation starts from ending the Codex turn, avoid duplicate generated-media fallbacks, and let mixed requests continue with summaries or other work while media renders in the background. (#89220)
      • ·Agents/Codex: keep public OpenAI API-key profiles from being treated as native Codex app-server auth while preserving persisted Codex OAuth sessions.
      • ·Agents/Codex: stream Codex app-server final-answer partials to live reply previews, preserve ACP metadata in SQLite, prefer real tool results over synthetic repair output, prevent aborted app-server turn handles from lingering, migrate legacy OpenAI Codex `lastGood` auth state, and preserve workspace/session metadata through ACP runtime refactors. (#88405, #88724, #88730)
      • ·Control UI: keep collapsed tool cards labeled with the tool name and action instead of generic output text.
      • ·Agents/Codex: surface Skill Workshop guidance in Codex app-server prompts when `skill_workshop` is available.
      • ·Skill Workshop: restore and localize the Control UI board/today view switcher so review workflows keep their intended layout toggle across locales.
      • ·Agents/auth: write auth profiles atomically, dispatch auth failures by type, add force re-login and exhausted-failover recovery, clear legacy auto fallback pins, preserve workspaces during state-only uninstall, and compact before oversized turns so recovery paths avoid partial state. (#85798, #87484, #89181)
      • ·Skills: skip disabled skill env overrides from stale persisted snapshots so disabled skill `apiKey` SecretRefs cannot abort embedded or channel turns. (#79072, #79173)
      • ·Skill Workshop: render the Control UI tab from filtered navigation state and keep filtered fallback routing stable.
      • ·CLI: avoid live catalog validation during `openclaw agents add`, so adding a secondary agent no longer depends on provider catalog availability. (#76284, #88314)
      • ·CLI: harden CLI and plugin edge cases, and keep `plugins list --json` on the snapshot-only path so plugin sweeps avoid loading the full runtime status graph. (#88896)
      • ·CLI/desktop: bridge WSL clipboard operations through the shell, recognize manual-update launchd jobs, and keep machine-readable startup output parseable during progress setup. (#88764, #88689)
      • ·Plugins: make PixVerse external-plugin ClawHub metadata explicit and keep it out of bundled dist builds.
      • ·Plugins: clarify plugin loader failure guidance and treat soft plugin repair warnings as nonfatal so missing or incompatible plugin packages point operators at the right repair path without blocking unrelated work. (#84431)
      • ·Plugins: preserve npm plugin roots after blocked installs, skip plugin-local `openclaw` peer symlinks during rollback snapshots, relink those peers after restore, isolate cached tool runtime siblings, isolate provider catalog projections and web-provider factory failures, and keep private LLM-core declarations bundled so one bad plugin does not poison sibling runtime paths. (#77237, #88767, #88807, #89336)
      • ·Cron: keep SQLite cron migrations compatible with legacy run-log tables, archived job stores, diagnostic cron names, single-job run-history names, startup cron retries, and legacy one-shot delete-after-run behavior. (#88285, #88294, #89075)
      • ·Cron: keep update delivery validation scoped, harden restart state, and retire MCP runtimes on isolated cron cleanup.
      • ·Auto-reply: guard dispatcher failure-count probes so missing optional counters do not break SDK-typed recovery paths. (#89318)
      • ·Memory: serialize QMD update/embed writes per store, reduce Linux watcher fan-out, avoid noisy gateway watcher warnings, retry transient FileProvider-backed reads, preserve phase signals on read errors, harden envelope metadata sanitization, reattach Linux native watchers when directories are recreated, and rewrite generated transcript paths on rollover so memory/search state survives concurrent gateway and CLI activity. (#66339, #85931, #89185, #89188, #89246, #85351)
      • ·Memory: keep vector-disabled FTS indexes from resolving embedding providers during sync and search.
      • ·Providers: bound generated media downloads from OpenAI, Runway, xAI, MiniMax, BytePlus, DashScope-compatible, FAL, OpenRouter, Google, Vydra, and Comfy providers.
      • ·Providers: resolve Google defaults to `google-generative-ai`, register Vertex static catalog rows and `gemini-3.1-flash-lite`, align Foundry reasoning metadata, skip DeepSeek V4 thinking params on Foundry fallback, use MiniMax account OAuth endpoints, preserve Copilot Claude 1M capabilities, suppress disabled Ollama reasoning output, forward Gemini stop sequences, switch direct Gemini reasoning to native mode, strip provider self-prefixes and Kimi-incompatible Anthropic cache markers, keep OpenAI stop-finished tool calls, and avoid replay ids when the Responses store is disabled. (#88480, #88512, #88781, #89343, #89379, #89400, #76612)
      • ·Providers: cap GitHub Copilot OAuth request timeouts before creating abort signals.
      • ·Cron: retry recurring jobs after transient model rate limits before waiting for the next scheduled slot.
      • ·Agents/Codex: keep live session locks during cleanup, recover interrupted CLI tool transcripts, preserve Codex auth and compaction session identity, clear orphan tool state, cap app-server idle timers, and keep media completion delivery retryable. (#88129, #88136, #88141, #88162, #88182)
      • ·Chat/UI: show Gateway chat failures as visible assistant messages in the Control UI instead of only setting an invisible error state.
      • ·Channels: cap Telegram, Discord, WhatsApp, Signal, Feishu, Google Chat, Microsoft Teams, QQBot, Nostr, Zalo, Zalouser, and Nextcloud-style request/retry timers; preserve SMS approval reply routes; keep iMessage typing active during tool work; allow RFC2544 benchmark ranges for QQBot token fetches; and retry WhatsApp QR login 408 timeouts. (#88183, #88948, #88984, #89015)
      • ·Security/config parsing: reject unsafe OAuth/token lifetimes, retry-after delays, inbound timestamps, response body sizes, command timeout config, sandbox observer token TTLs, corrupt shell snapshots, untrusted workspace setup-only channel loads, remote media reference overreads, trajectory export leaks, hooks-token auth reuse, and gateway WebSocket calls after close. (#86953, #87376, #88974, #89354, #89701)
      • ·Providers/media: cap local service, model, usage, queue, generated media, TTS, music, workflow polling, and provider OAuth request timers across hosted and local providers.
      • ·Backup: accept root-relative hardlink targets during backup verification. (#89328)
      • ·Agents: keep configured fallback model metadata typed so provider params, context-token caps, and media input limits do not break changed-gate typechecks.
      • ·Agents: accept hidden `sessions_send` body aliases before validation while keeping the model-facing `message` schema canonical. (#88229)
      • ·Chat/UI: preserve startup chat sends during history loading, unblock the initial Control UI chat send, stream chat deltas incrementally, skip markdown parsing while streaming, keep drafts local while typing, guard composer rerenders, cache chat transcript renders, record pending-send paint timing, show the Communication Notifications tab, and honor Chromium executable overrides. (#74715, #88952, #88960, #88998)
      • ·Channels: stop schema-padded poll modifiers from turning normal `send` actions into invalid poll sends. (#89601)
      • ·Channels: preserve long Feishu streaming replies, recover failed progress draft starts, send visible fallbacks when accepted Feishu turns produce no final reply, preserve external `sessions_send` routes, persist Discord thread bindings in SQLite, tolerate iMessage self-chat timestamp skew, preserve colon-prefixed slash commands in mention parsing, decode Nostr `npub` allowlists correctly, and suppress raw provider errors during channel delivery. (#87896, #88749, #88803, #88866)
      • ·Config/status/doctor: skip unresolved shell references in state-dir dotenv files, resolve gateway auth secrets during deep status audits, respect explicit PI runtime policy, report runtime tool-schema and gateway health credential errors, clear recovered embedded-run activity, and keep post-upgrade JSON stable. (#88820, #88288, #89731)
      • ·Gateway/session state: list commands from the Gateway plugin registry, harden MCP loopback tool schemas, hide phantom agent-store rows from `sessions.list`, make task persistence failures explicit, support Tailscale Serve service names, guard Browser/Chrome pending attach aborts, and carry session UUIDs on interactive dispatch events. (#88305)
      • ·Gateway/plugins: narrow plugin lookup memoization to the stable plugin/runtime inputs, avoiding repeated lookup work without mixing disabled or filtered plugin state.
      • ·OpenAI/TTS: handle speed directives for OpenAI TTS voices. (#74089)
      • ·Performance: prebuild QA runtime probes with generated plugin assets but without CLI startup metadata.
      • ·Performance: skip declaration bundling for runtime-only CLI startup and gateway watch build profiles.
      • ·Performance: reuse prepared provider handles, strict tool schemas, gateway runtime metadata, session maintenance config, plugin metadata, bundled skill allowlists, package-local plugin artifacts, single-entry store writes, and validated/serialized session prompt blobs.

      Complete contribution record

      • ·**PR #88995** perf(ui): guard chat composer controls.
      • ·**PR #88998** perf(ui): keep chat draft local while typing.
      • ·**PR #89012** perf(ui): trace chat first output latency.
      • ·**PR #89019** perf(ui): speed up first global chat sends.
      • ·**PR #86953** fix(plugins): block untrusted workspace setup-only channel loads.
      • ·**PR #89030** perf(control-ui): prioritize first connect startup.
      • ·**PR #89058** perf(control-ui): hydrate chat startup state.
      • ·**PR #89106** fix(ui): clear chat composer after send. Related #89108.
      • ·**PR #88974** fix: bound remote media reference reads [AI].
      • ·**PR #88966** fix: allow admins to approve dependency guard.
      • ·**PR #89169** fix(ci): restore dist cache before artifact builds.
      • ·**PR #85798** fix(agents): actionable copy for exhausted auth-profile failover.
      • ·**PR #88689** Keep JSON CLI output clean during startup. Related #88602.
      • ·**PR #85351** fix(memory): retry transient FileProvider-backed reads. Related #85252.
      • ·**PR #89188** fix(memory-core): reduce Linux watcher fan-out. Related #89182.
      • ·**PR #88734** docs: refresh ClawHub showcase cards.
      • ·**PR #89212** test: reset gateway timers at test boundaries.
      • ·**PR #89181** fix(agents): dispatch auth failures by type.
      • ·**PR #89180** enhance(slack): route plugin approvals through native UI.
      • ·**PR #89185** fix(memory): warn on gateway watcher FD risk. Related #71335.
      • ·**PR #89135** fix(ui): render skill workshop tab.
      • ·**PR #89246** Revert "fix(memory): warn on gateway watcher FD risk".
      • ·**PR #88948** Keep iMessage typing active during tool work. Related #75847.
      • ·**PR #89220** fix(agents): avoid duplicate generated media fallback.
      • ·**PR #88946** Fix live model inference edge cases. Related #44870, #63685, #74305, #83192, #83810, #84109, #84688, #84697, #84804, #85806, #85918, #86808, #87381, #87740, #87768, #88039, #88439, #88456, #88833, #88918, #89008, #89241, #89242.
      • ·**PR #89305** fix(agents): bypass stale auth for plugin harnesses. Related #85105.
      • ·**PR #89297** docs: add ClawHub CLI page.
      • ·**PR #89318** fix(auto-reply): guard missing dispatcher getFailedCounts without weakening the SDK type. Related #89116.
      • ·**PR #89321** fix: honor channel model overrides in agent ingress. Related #60078.
      • ·**PR #89328** Fix backup verifier for root-relative hardlink targets.
      • ·**PR #87907** fix(memory): validate memory index identity. Related #83333.
      • ·**PR #89347** fix: repair model provider edge cases. Related #80347, #88357, #45269.
      • ·**PR #89336** Fix private llm-core leaks in plugin SDK declarations.
      • ·**PR #89015** fix(qqbot): allow RFC2544 benchmark range for token fetch (#88984).
      • ·**PR #89046** feat(android): add installed apps node command.
      • ·**PR #88315** feat(agents): generalized native compaction ownership for CLI backends.
      • ·**PR #89075** fix(memory-core): keep startup cron retries quiet. Related #75889.
      • ·**PR #89049** fix(idle-timeout): honor provider timeout for no-timeout runs.
      • ·**PR #89047** fix: hide sessions_spawn timeout overrides.
      • ·**PR #89036** fix(cron): reject blank delivery targets.
      • ·**PR #89354** fix: redact trajectory exports consistently.
      • ·**PR #88101** fix(codex): trace app-server thread lifecycle timing. Related #84640.
      • ·**PR #89243** fix: guard in-band macOS LaunchAgent stop. Related #89174.
      • ·**PR #87339** fix(discord): accumulate reasoning progress deltas. Related #83983.
      • ·**PR #89298** fix(diagnostics): re-queue pending messages after stuck-session recovery aborts ghost run. Related #89208.
      • ·**PR #88821** trace: Correlate channel message diagnostics into one trace. Related #88811.
      • ·**PR #89411** fix: detect shrinkwrapped npm installs. Related #87732.
      • ·**PR #87749** fix(messages): preserve inbound audio for message-tool TTS. Related #87708.
      • ·**PR #84431** Treat soft plugin repair warnings as nonfatal. Related #83889.
      • ·**PR #78005** feat(status): detect externalized plugin version drift in --deep.
      • ·**PR #89050** fix(sessions): preserve corrupt-header transcripts. Related #89037.
      • ·**PR #84314** fix: QQBot credential backups bypass gateway state isolation. Related #84313.
      • ·**PR #89281** fix: repeat doctor state migration repairs.
      • ·**PR #87952** fix(update): pin post-core plugin compatibility to the downgraded core version (#87914).
      • ·**PR #89417** refactor: tighten agent harness surfaces.
      • ·**PR #89400** fix(google): add missing gemini-3.1-flash-lite to google-vertex catalog. Related #89390.
      • ·**PR #88699** fix(codex): clear stale context-engine projection after overflow retry. Related #88355.
      • ·**PR #89379** fix(providers): use native reasoning mode for Gemini instead of tagged. Related #69220.
      • ·**PR #84266** Surface unresolved OAuth sidecar auth failures. Related #84252.
      • ·**PR #88879** feat(plugin-sdk): add resolve_exec_env hook.
      • ·**PR #89432** fix(qqbot): migrate state stores to sqlite kv.
      • ·**PR #89436** fix(llm): gate OpenAI-compatible reasoning output.
      • ·**PR #87703** fix(agents): run before_agent_finalize for embedded agents. Related #87585.
      • ·**PR #89440** fix(llm): keep OpenAI-compatible reasoning streams active. Related #84384.
      • ·**PR #88976** fix(mistral): enable prompt cache key compat. Related #83709.
      • ·**PR #87379** fix: audit and repair hooks token reuse with Gateway auth. Related #87376.
      • ·**PR #89701** fix(exec): reject corrupt shell snapshots.
      • ·**PR #89601** fix(outbound): stop schema-padded poll modifiers from blocking send.
      • ·**PR #89731** fix: backport gateway health credential handling.
      • ·**PR #87484** fix(agents): clear legacy auto fallback pins. Related #87467.
      • ·**PR #88182** Fix subagent DM completion delivery after yield. Related #88042.
      • ·**PR #88183** fix(whatsapp): retry QR login 408 timeouts.
      • ·**PR #88866** Persist Discord thread bindings in SQLite.
      • ·**PR #88231** fix(ios): guard websocket ping continuation.
      • ·**PR #88952** perf(ui): cache chat transcript renders.
      • ·**PR #88960** perf(ui): record pending send paint timing.
      • ·**PR #79173** fix: skip disabled skill snapshot env overrides. Related #79072.
      • ·**PR #82326** Add plugin manifest contract for SecretRef provider integrations.
      • ·**PR #87469** feat: add core session goals.
      • ·**PR #88794** Persist plugin install index in SQLite.
      • ·**PR #88512** fix: resolve google provider default API to google-generative-ai. Related #88480.
      • ·**PR #88781** fix(models): strip remaining provider self prefixes. Related #88770.
      • ·**PR #88096** feat(ios): default to hosted push relay.
      • ·**PR #88105** feat(ios): add talk tab realtime playback.
      • ·**PR #88043** feat: add internal code mode namespaces.
      • ·**PR #78748** fix(ui): add agent selector to dreaming tab. Related #63558.
      • ·**PR #88772** feat: calm composer controls.
      • ·**PR #88721** feat(plugin-sdk): add typed presentation command actions.
      • ·**PR #88860** feat(minimax): add MiniMax M3 support.
      • ·**PR #79658** Allow validated TXT/JSON/YAML media sends.
      • ·**PR #88797** Migrate iMessage monitor state to SQLite.
      • ·**PR #88724** fix: persist ACP metadata in SQLite.
      • ·**PR #88730** fix(codex): stream final answer partials. Related #88405.
      • ·**PR #88314** fix #76284: [Bug]: openclaw agents add blocked — cannot add Jon/Atlas as separate agents.
      • ·**PR #88896** fix: harden CLI and plugin edge cases.
      • ·**PR #88764** fix(update): recognize manual-update launchd jobs. Related #88736.
      • ·**PR #77237** Preserve managed npm plugin root when install validation blocks update.
      • ·**PR #88767** fix(plugin-sdk): isolate provider catalog projection failures.
      • ·**PR #88807** fix(plugins): isolate web provider factory failures.
      • ·**PR #88285** Move cron persistence to SQLite.
      • ·**PR #88294** fix(cron): include job name when reading single-job run history.
      • ·**PR #85931** fix(memory): serialize qmd update writes across processes to stop SQLITE_BUSY. Related #66339.
      • ·**PR #88129** fix: keep live OpenClaw session locks during cleanup.
      • ·**PR #88136** fix(agents): centralize terminal run outcome precedence. Related #87444.
      • ·**PR #88141** fix: route generated media completions through requester agent.
      • ·**PR #88162** fix(agents): extend terminal outcome projections.
      • ·**PR #88229** fix(agents): normalize sessions_send message aliases. Related #88146.
      • ·**PR #74715** fix(ui): show Communication Notifications tab.
      • ·**PR #87896** fix(feishu): fallback when accepted turns send no visible reply.
      • ·**PR #88749** fix(channels): recover failed progress draft starts. Related #83115.
      • ·**PR #88803** fix(reply): preserve sessions_send external routes. Related #88044.
      • ·**PR #88820** fix(diagnostics): clear embedded-run activity when recovery declares lane idle. Related #88660.
      • ·**PR #88288** fix(config): skip state-dir dotenv values that are unresolved shell references. Related #88274.
      • ·**PR #88305** fix(browser): isolate Chrome MCP pending attach aborts. Related #88304.
      • ·**PR #74089** fix(openai/tts): handle [[tts:speed]] directive in OpenAI speech provider (#12163).

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.1-beta.2
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.1-beta.2.tgz
      • ·integrity: `sha512-Y/16HB3wOhW+riellKXHF+vp+ZlXAKBK20bn/54dTMQy1YSz8aoDbhTPw+wDtXqLRPJTAmEf4QvkqZ2ofHzSVQ==`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.1-beta.2/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/26827904731
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/26824750728
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/26824750752
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/26828187422
      • ·plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/26828193587
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/26828804274
      • ·npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/26825363156
      v2026.6.1-beta.1pre-release2026-06-01

      openclaw 2026.6.1-beta.1

      GitHub ↗

      Highlights

      • ·**Resilient agent and Codex runs:** interrupted tool calls, stale session bindings, compaction handoffs, auth-profile failover, reasoning-tag cleanup, yielded subagents, and generated-media delivery all recover without leaving work stranded. (#85798, #87484, #88182, #89220)
      • ·**Reliable channel and mobile delivery:** WhatsApp, iMessage, Discord state, QQBot, and iOS Talk now preserve replies, typing, session state, QR-login recovery, and realtime connections across normal restart and transport failure paths. (#88183, #88866, #88948, #89015, #88231)
      • ·**Faster Control UI chat:** startup, local drafts, incremental stream rendering, transcript caching, first connect, and post-send cleanup no longer compete with the active conversation. (#88952, #88960, #88998, #89030, #89106)
      • ·**Governed skills and plugins:** Skill Workshop proposals, disabled-skill snapshots, support-file approvals, plugin contracts, and external package boundaries are clearer and safer for operators. (#79173, #82326, #89336)
      • ·**Richer operator coordination:** Workboard goals, task-backed runs, and SQLite-backed plugin state make multi-agent work and installed-plugin discovery survive reloads cleanly. (#87469, #88794)
      • ·**More dependable providers:** Google defaults, provider IDs, model catalogs, OAuth/device-code flows, media timers, and reasoning output now stay valid across hosted and local runtimes. (#88512, #88781, #89343, #89379, #89400)

      Changes

      • ·Skills: let the `skill_workshop` agent tool apply, reject, and quarantine explicit proposals through the guarded review flow.
      • ·Skills: let proposals carry approved support files under standard skill folders, with scanner, hash, and rollback safeguards.
      • ·Skills: let pending proposals be revised in place with versioned, dated proposal frontmatter before approval.
      • ·Skills: add Skill Workshop with pending proposals, CLI/Gateway review actions, rollback metadata, and the `skill_workshop` agent tool.
      • ·Skill Workshop: add the Control UI navigation, styled dashboard, proposal today view, revision dialog, file preview modal, searchable preview files, reusable session handoff, and localized strings.
      • ·Plugins: externalize Tokenjuice as the official `@openclaw/tokenjuice` plugin with npm and ClawHub publish metadata.
      • ·Plugins: externalize the GitHub Copilot agent runtime as the official `@openclaw/copilot` plugin with npm and ClawHub publish metadata.
      • ·iOS: add hosted push relay defaults, realtime Talk playback, and a guarded WebSocket ping path for more reliable mobile sessions. (#88096, #88105, #88231)
      • ·iOS: support native iPad display layouts.
      • ·Android: add installed-app inspection commands, notification picker helpers, and updated-system-app classification.
      • ·Workboard: add orchestration primitives and agent coordination tools for multi-agent planning and run tracking. (#87469)
      • ·Workboard: wire task-backed board runs and show task comments in the edit modal.
      • ·Code mode: add internal namespaces for scoped agent/global sessions and exact namespace tool dispatch. (#88043)
      • ·Gateway: support Tailscale Serve service names for local service routing.
      • ·Control UI: add a Dreaming-tab agent selector and propagate the selected agent through Dreaming status, diary, and diary actions. (#78748)
      • ·Control UI: add calmer chat composer controls, local draft typing state, and first-output latency instrumentation for active chat entry. (#88772, #88998)
      • ·Plugins: add a SecretRef provider integration manifest contract. (#82326)
      • ·Plugin SDK: add typed presentation command actions and the bounded `resolve_exec_env` hook for plugin-provided exec environment contributions. (#88721)
      • ·Plugins: persist the plugin install index in SQLite so installed package lookup survives reloads with less filesystem scanning. (#88794)
      • ·Providers: add MiniMax M3 model support. (#88860)
      • ·Tools/media: allow validated host-local text document media sends while keeping unsafe plain-text media sends blocked. (#79658)
      • ·Doctor: add disk space health checks and stabilize post-upgrade JSON probes.
      • ·Channels: store inbound queues in SQLite and migrate iMessage monitor state to SQLite-backed tracking. (#88797)
      • ·Skills: add the core skills index and centralize skills runtime loading, status, filtering, and prompt formatting.

      Fixes

      • ·Build: render independent CLI startup metadata help snapshots concurrently to cut cold build-all metadata time.
      • ·Plugins: stop timed-out package-boundary prep steps by process group so descendant TypeScript/helper processes do not survive local check cleanup.
      • ·Control UI: serve static assets asynchronously after safe-open checks so large UI files do not block Gateway request handling.
      • ·Scripts/UI: forward direct wrapper SIGHUP shutdown to child processes so terminal hangups do not leave wrapped dev commands running.
      • ·Gateway: return the post-expiration pending-work revision from node drains so reconnecting nodes do not observe stale queue revisions after expired items are pruned.
      • ·Update: keep core updates nonblocking when missing external plugin repair downloads or soft plugin repair warnings would otherwise stall, pin post-core plugin compatibility to the downgraded core version, and still block installed active plugin payload smoke failures. (#84431, #87914, #87952)
      • ·Agents/providers: keep streaming tool-call argument parsing record-shaped when providers emit valid non-object JSON such as `null` or arrays.
      • ·Talk: preserve explicit `null` payloads on controller-created turn and output-audio lifecycle events.
      • ·Agents/TUI: keep local custom provider runs from loading plugin runtime and auth alias metadata when plugins are disabled.
      • ·Agents/TUI: restore in-flight TUI run switch-back behavior, keep no-policy native hook fallback available, guard vanished workspaces, and keep lightweight isolated subagents lightweight.
      • ·Agents/media: keep async image, music, and video generation starts from ending the Codex turn, avoid duplicate generated-media fallbacks, and let mixed requests continue with summaries or other work while media renders in the background. (#89220)
      • ·Agents/Codex: keep public OpenAI API-key profiles from being treated as native Codex app-server auth while preserving persisted Codex OAuth sessions.
      • ·Agents/Codex: stream Codex app-server final-answer partials to live reply previews, preserve ACP metadata in SQLite, prefer real tool results over synthetic repair output, prevent aborted app-server turn handles from lingering, migrate legacy OpenAI Codex `lastGood` auth state, and preserve workspace/session metadata through ACP runtime refactors. (#88405, #88724, #88730)
      • ·Control UI: keep collapsed tool cards labeled with the tool name and action instead of generic output text.
      • ·Agents/Codex: surface Skill Workshop guidance in Codex app-server prompts when `skill_workshop` is available.
      • ·Skill Workshop: restore and localize the Control UI board/today view switcher so review workflows keep their intended layout toggle across locales.
      • ·Agents/auth: write auth profiles atomically, dispatch auth failures by type, add force re-login and exhausted-failover recovery, clear legacy auto fallback pins, preserve workspaces during state-only uninstall, and compact before oversized turns so recovery paths avoid partial state. (#85798, #87484, #89181)
      • ·Skills: skip disabled skill env overrides from stale persisted snapshots so disabled skill `apiKey` SecretRefs cannot abort embedded or channel turns. (#79072, #79173)
      • ·Skill Workshop: render the Control UI tab from filtered navigation state and keep filtered fallback routing stable.
      • ·CLI: avoid live catalog validation during `openclaw agents add`, so adding a secondary agent no longer depends on provider catalog availability. (#76284, #88314)
      • ·CLI: harden CLI and plugin edge cases, and keep `plugins list --json` on the snapshot-only path so plugin sweeps avoid loading the full runtime status graph. (#88896)
      • ·CLI/desktop: bridge WSL clipboard operations through the shell, recognize manual-update launchd jobs, and keep machine-readable startup output parseable during progress setup. (#88764, #88689)
      • ·Plugins: make PixVerse external-plugin ClawHub metadata explicit and keep it out of bundled dist builds.
      • ·Plugins: clarify plugin loader failure guidance and treat soft plugin repair warnings as nonfatal so missing or incompatible plugin packages point operators at the right repair path without blocking unrelated work. (#84431)
      • ·Plugins: preserve npm plugin roots after blocked installs, skip plugin-local `openclaw` peer symlinks during rollback snapshots, relink those peers after restore, isolate cached tool runtime siblings, isolate provider catalog projections and web-provider factory failures, and keep private LLM-core declarations bundled so one bad plugin does not poison sibling runtime paths. (#77237, #88767, #88807, #89336)
      • ·Cron: keep SQLite cron migrations compatible with legacy run-log tables, archived job stores, diagnostic cron names, single-job run-history names, startup cron retries, and legacy one-shot delete-after-run behavior. (#88285, #88294, #89075)
      • ·Cron: keep update delivery validation scoped, harden restart state, and retire MCP runtimes on isolated cron cleanup.
      • ·Auto-reply: guard dispatcher failure-count probes so missing optional counters do not break SDK-typed recovery paths. (#89318)
      • ·Memory: serialize QMD update/embed writes per store, reduce Linux watcher fan-out, avoid noisy gateway watcher warnings, retry transient FileProvider-backed reads, preserve phase signals on read errors, harden envelope metadata sanitization, reattach Linux native watchers when directories are recreated, and rewrite generated transcript paths on rollover so memory/search state survives concurrent gateway and CLI activity. (#66339, #85931, #89185, #89188, #89246, #85351)
      • ·Memory: keep vector-disabled FTS indexes from resolving embedding providers during sync and search.
      • ·Providers: bound generated media downloads from OpenAI, Runway, xAI, MiniMax, BytePlus, DashScope-compatible, FAL, OpenRouter, Google, Vydra, and Comfy providers.
      • ·Providers: resolve Google defaults to `google-generative-ai`, register Vertex static catalog rows and `gemini-3.1-flash-lite`, align Foundry reasoning metadata, skip DeepSeek V4 thinking params on Foundry fallback, use MiniMax account OAuth endpoints, preserve Copilot Claude 1M capabilities, suppress disabled Ollama reasoning output, forward Gemini stop sequences, switch direct Gemini reasoning to native mode, strip provider self-prefixes and Kimi-incompatible Anthropic cache markers, keep OpenAI stop-finished tool calls, and avoid replay ids when the Responses store is disabled. (#88480, #88512, #88781, #89343, #89379, #89400, #76612)
      • ·Providers: cap GitHub Copilot OAuth request timeouts before creating abort signals.
      • ·Cron: retry recurring jobs after transient model rate limits before waiting for the next scheduled slot.
      • ·Agents/Codex: keep live session locks during cleanup, recover interrupted CLI tool transcripts, preserve Codex auth and compaction session identity, clear orphan tool state, cap app-server idle timers, and keep media completion delivery retryable. (#88129, #88136, #88141, #88162, #88182)
      • ·Chat/UI: show Gateway chat failures as visible assistant messages in the Control UI instead of only setting an invisible error state.
      • ·Channels: cap Telegram, Discord, WhatsApp, Signal, Feishu, Google Chat, Microsoft Teams, QQBot, Nostr, Zalo, Zalouser, and Nextcloud-style request/retry timers; preserve SMS approval reply routes; keep iMessage typing active during tool work; allow RFC2544 benchmark ranges for QQBot token fetches; and retry WhatsApp QR login 408 timeouts. (#88183, #88948, #88984, #89015)
      • ·Security/config parsing: reject unsafe OAuth/token lifetimes, retry-after delays, inbound timestamps, response body sizes, command timeout config, sandbox observer token TTLs, corrupt shell snapshots, untrusted workspace setup-only channel loads, remote media reference overreads, trajectory export leaks, hooks-token auth reuse, and gateway WebSocket calls after close. (#86953, #87376, #88974, #89354, #89701)
      • ·Providers/media: cap local service, model, usage, queue, generated media, TTS, music, workflow polling, and provider OAuth request timers across hosted and local providers.
      • ·Backup: accept root-relative hardlink targets during backup verification. (#89328)
      • ·Agents: keep configured fallback model metadata typed so provider params, context-token caps, and media input limits do not break changed-gate typechecks.
      • ·Agents: accept hidden `sessions_send` body aliases before validation while keeping the model-facing `message` schema canonical. (#88229)
      • ·Chat/UI: preserve startup chat sends during history loading, unblock the initial Control UI chat send, stream chat deltas incrementally, skip markdown parsing while streaming, keep drafts local while typing, guard composer rerenders, cache chat transcript renders, record pending-send paint timing, show the Communication Notifications tab, and honor Chromium executable overrides. (#74715, #88952, #88960, #88998)
      • ·Channels: stop schema-padded poll modifiers from turning normal `send` actions into invalid poll sends. (#89601)
      • ·Channels: preserve long Feishu streaming replies, recover failed progress draft starts, send visible fallbacks when accepted Feishu turns produce no final reply, preserve external `sessions_send` routes, persist Discord thread bindings in SQLite, tolerate iMessage self-chat timestamp skew, preserve colon-prefixed slash commands in mention parsing, decode Nostr `npub` allowlists correctly, and suppress raw provider errors during channel delivery. (#87896, #88749, #88803, #88866)
      • ·Config/status/doctor: skip unresolved shell references in state-dir dotenv files, resolve gateway auth secrets during deep status audits, respect explicit PI runtime policy, report runtime tool-schema and gateway health credential errors, clear recovered embedded-run activity, and keep post-upgrade JSON stable. (#88820, #88288, #89731)
      • ·Gateway/session state: list commands from the Gateway plugin registry, harden MCP loopback tool schemas, hide phantom agent-store rows from `sessions.list`, make task persistence failures explicit, support Tailscale Serve service names, guard Browser/Chrome pending attach aborts, and carry session UUIDs on interactive dispatch events. (#88305)
      • ·Gateway/plugins: narrow plugin lookup memoization to the stable plugin/runtime inputs, avoiding repeated lookup work without mixing disabled or filtered plugin state.
      • ·OpenAI/TTS: handle speed directives for OpenAI TTS voices. (#74089)
      • ·Performance: prebuild QA runtime probes with generated plugin assets but without CLI startup metadata.
      • ·Performance: skip declaration bundling for runtime-only CLI startup and gateway watch build profiles.
      • ·Performance: reuse prepared provider handles, strict tool schemas, gateway runtime metadata, session maintenance config, plugin metadata, bundled skill allowlists, package-local plugin artifacts, single-entry store writes, and validated/serialized session prompt blobs.

      Complete contribution record

      • ·**PR #88995** perf(ui): guard chat composer controls.
      • ·**PR #88998** perf(ui): keep chat draft local while typing.
      • ·**PR #89012** perf(ui): trace chat first output latency.
      • ·**PR #89019** perf(ui): speed up first global chat sends.
      • ·**PR #86953** fix(plugins): block untrusted workspace setup-only channel loads.
      • ·**PR #89030** perf(control-ui): prioritize first connect startup.
      • ·**PR #89058** perf(control-ui): hydrate chat startup state.
      • ·**PR #89106** fix(ui): clear chat composer after send. Related #89108.
      • ·**PR #88974** fix: bound remote media reference reads [AI].
      • ·**PR #88966** fix: allow admins to approve dependency guard.
      • ·**PR #89169** fix(ci): restore dist cache before artifact builds.
      • ·**PR #85798** fix(agents): actionable copy for exhausted auth-profile failover.
      • ·**PR #88689** Keep JSON CLI output clean during startup. Related #88602.
      • ·**PR #85351** fix(memory): retry transient FileProvider-backed reads. Related #85252.
      • ·**PR #89188** fix(memory-core): reduce Linux watcher fan-out. Related #89182.
      • ·**PR #88734** docs: refresh ClawHub showcase cards.
      • ·**PR #89212** test: reset gateway timers at test boundaries.
      • ·**PR #89181** fix(agents): dispatch auth failures by type.
      • ·**PR #89180** enhance(slack): route plugin approvals through native UI.
      • ·**PR #89185** fix(memory): warn on gateway watcher FD risk. Related #71335.
      • ·**PR #89135** fix(ui): render skill workshop tab.
      • ·**PR #89246** Revert "fix(memory): warn on gateway watcher FD risk".
      • ·**PR #88948** Keep iMessage typing active during tool work. Related #75847.
      • ·**PR #89220** fix(agents): avoid duplicate generated media fallback.
      • ·**PR #88946** Fix live model inference edge cases. Related #44870, #63685, #74305, #83192, #83810, #84109, #84688, #84697, #84804, #85806, #85918, #86808, #87381, #87740, #87768, #88039, #88439, #88456, #88833, #88918, #89008, #89241, #89242.
      • ·**PR #89305** fix(agents): bypass stale auth for plugin harnesses. Related #85105.
      • ·**PR #89297** docs: add ClawHub CLI page.
      • ·**PR #89318** fix(auto-reply): guard missing dispatcher getFailedCounts without weakening the SDK type. Related #89116.
      • ·**PR #89321** fix: honor channel model overrides in agent ingress. Related #60078.
      • ·**PR #89328** Fix backup verifier for root-relative hardlink targets.
      • ·**PR #87907** fix(memory): validate memory index identity. Related #83333.
      • ·**PR #89347** fix: repair model provider edge cases. Related #80347, #88357, #45269.
      • ·**PR #89336** Fix private llm-core leaks in plugin SDK declarations.
      • ·**PR #89015** fix(qqbot): allow RFC2544 benchmark range for token fetch (#88984).
      • ·**PR #89046** feat(android): add installed apps node command.
      • ·**PR #88315** feat(agents): generalized native compaction ownership for CLI backends.
      • ·**PR #89075** fix(memory-core): keep startup cron retries quiet. Related #75889.
      • ·**PR #89049** fix(idle-timeout): honor provider timeout for no-timeout runs.
      • ·**PR #89047** fix: hide sessions_spawn timeout overrides.
      • ·**PR #89036** fix(cron): reject blank delivery targets.
      • ·**PR #89354** fix: redact trajectory exports consistently.
      • ·**PR #88101** fix(codex): trace app-server thread lifecycle timing. Related #84640.
      • ·**PR #89243** fix: guard in-band macOS LaunchAgent stop. Related #89174.
      • ·**PR #87339** fix(discord): accumulate reasoning progress deltas. Related #83983.
      • ·**PR #89298** fix(diagnostics): re-queue pending messages after stuck-session recovery aborts ghost run. Related #89208.
      • ·**PR #88821** trace: Correlate channel message diagnostics into one trace. Related #88811.
      • ·**PR #89411** fix: detect shrinkwrapped npm installs. Related #87732.
      • ·**PR #87749** fix(messages): preserve inbound audio for message-tool TTS. Related #87708.
      • ·**PR #84431** Treat soft plugin repair warnings as nonfatal. Related #83889.
      • ·**PR #78005** feat(status): detect externalized plugin version drift in --deep.
      • ·**PR #89050** fix(sessions): preserve corrupt-header transcripts. Related #89037.
      • ·**PR #84314** fix: QQBot credential backups bypass gateway state isolation. Related #84313.
      • ·**PR #89281** fix: repeat doctor state migration repairs.
      • ·**PR #87952** fix(update): pin post-core plugin compatibility to the downgraded core version (#87914).
      • ·**PR #89417** refactor: tighten agent harness surfaces.
      • ·**PR #89400** fix(google): add missing gemini-3.1-flash-lite to google-vertex catalog. Related #89390.
      • ·**PR #88699** fix(codex): clear stale context-engine projection after overflow retry. Related #88355.
      • ·**PR #89379** fix(providers): use native reasoning mode for Gemini instead of tagged. Related #69220.
      • ·**PR #84266** Surface unresolved OAuth sidecar auth failures. Related #84252.
      • ·**PR #88879** feat(plugin-sdk): add resolve_exec_env hook.
      • ·**PR #89432** fix(qqbot): migrate state stores to sqlite kv.
      • ·**PR #89436** fix(llm): gate OpenAI-compatible reasoning output.
      • ·**PR #87703** fix(agents): run before_agent_finalize for embedded agents. Related #87585.
      • ·**PR #89440** fix(llm): keep OpenAI-compatible reasoning streams active. Related #84384.
      • ·**PR #88976** fix(mistral): enable prompt cache key compat. Related #83709.
      • ·**PR #87379** fix: audit and repair hooks token reuse with Gateway auth. Related #87376.
      • ·**PR #89701** fix(exec): reject corrupt shell snapshots.
      • ·**PR #89601** fix(outbound): stop schema-padded poll modifiers from blocking send.
      • ·**PR #89731** fix: backport gateway health credential handling.
      • ·**PR #87484** fix(agents): clear legacy auto fallback pins. Related #87467.
      • ·**PR #88182** Fix subagent DM completion delivery after yield. Related #88042.
      • ·**PR #88183** fix(whatsapp): retry QR login 408 timeouts.
      • ·**PR #88866** Persist Discord thread bindings in SQLite.
      • ·**PR #88231** fix(ios): guard websocket ping continuation.
      • ·**PR #88952** perf(ui): cache chat transcript renders.
      • ·**PR #88960** perf(ui): record pending send paint timing.
      • ·**PR #79173** fix: skip disabled skill snapshot env overrides. Related #79072.
      • ·**PR #82326** Add plugin manifest contract for SecretRef provider integrations.
      • ·**PR #87469** feat: add core session goals.
      • ·**PR #88794** Persist plugin install index in SQLite.
      • ·**PR #88512** fix: resolve google provider default API to google-generative-ai. Related #88480.
      • ·**PR #88781** fix(models): strip remaining provider self prefixes. Related #88770.
      • ·**PR #88096** feat(ios): default to hosted push relay.
      • ·**PR #88105** feat(ios): add talk tab realtime playback.
      • ·**PR #88043** feat: add internal code mode namespaces.
      • ·**PR #78748** fix(ui): add agent selector to dreaming tab. Related #63558.
      • ·**PR #88772** feat: calm composer controls.
      • ·**PR #88721** feat(plugin-sdk): add typed presentation command actions.
      • ·**PR #88860** feat(minimax): add MiniMax M3 support.
      • ·**PR #79658** Allow validated TXT/JSON/YAML media sends.
      • ·**PR #88797** Migrate iMessage monitor state to SQLite.
      • ·**PR #88724** fix: persist ACP metadata in SQLite.
      • ·**PR #88730** fix(codex): stream final answer partials. Related #88405.
      • ·**PR #88314** fix #76284: [Bug]: openclaw agents add blocked — cannot add Jon/Atlas as separate agents.
      • ·**PR #88896** fix: harden CLI and plugin edge cases.
      • ·**PR #88764** fix(update): recognize manual-update launchd jobs. Related #88736.
      • ·**PR #77237** Preserve managed npm plugin root when install validation blocks update.
      • ·**PR #88767** fix(plugin-sdk): isolate provider catalog projection failures.
      • ·**PR #88807** fix(plugins): isolate web provider factory failures.
      • ·**PR #88285** Move cron persistence to SQLite.
      • ·**PR #88294** fix(cron): include job name when reading single-job run history.
      • ·**PR #85931** fix(memory): serialize qmd update writes across processes to stop SQLITE_BUSY. Related #66339.
      • ·**PR #88129** fix: keep live OpenClaw session locks during cleanup.
      • ·**PR #88136** fix(agents): centralize terminal run outcome precedence. Related #87444.
      • ·**PR #88141** fix: route generated media completions through requester agent.
      • ·**PR #88162** fix(agents): extend terminal outcome projections.
      • ·**PR #88229** fix(agents): normalize sessions_send message aliases. Related #88146.
      • ·**PR #74715** fix(ui): show Communication Notifications tab.
      • ·**PR #87896** fix(feishu): fallback when accepted turns send no visible reply.
      • ·**PR #88749** fix(channels): recover failed progress draft starts. Related #83115.
      • ·**PR #88803** fix(reply): preserve sessions_send external routes. Related #88044.
      • ·**PR #88820** fix(diagnostics): clear embedded-run activity when recovery declares lane idle. Related #88660.
      • ·**PR #88288** fix(config): skip state-dir dotenv values that are unresolved shell references. Related #88274.
      • ·**PR #88305** fix(browser): isolate Chrome MCP pending attach aborts. Related #88304.
      • ·**PR #74089** fix(openai/tts): handle [[tts:speed]] directive in OpenAI speech provider (#12163).

      Release verification

      • ·npm package: https://www.npmjs.com/package/openclaw/v/2026.6.1-beta.1
      • ·registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.1-beta.1.tgz
      • ·integrity: `sha512-2wZAkSCiLgXixmKGl3NRCYS00UvnTyXwjbeiXjMBiagxJ+ToydghilAokh8hP0FlzjVLX1f1HVe02Au9lRUriQ==`
      • ·full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.1-beta.1/release-evidence.md
      • ·release publish: https://github.com/openclaw/openclaw/actions/runs/26777010214
      • ·npm preflight: https://github.com/openclaw/openclaw/actions/runs/26774075746
      • ·full release validation: https://github.com/openclaw/openclaw/actions/runs/26774077337
      • ·plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/26777235761
      • ·plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/26777240767
      • ·OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/26777728591
      • ·npm Telegram beta E2E: not supplied
      v2026.5.31-beta.4pre-release2026-06-01

      openclaw 2026.5.31-beta.4

      GitHub ↗

      Highlights

      • ·**Faster Control UI chat:** transcript rendering, draft persistence, pending-send paint, scrolling, and first-message work no longer block one another while a conversation is active. (#88952, #88960, #88998)
      • ·**More reliable agent recovery:** fallback auth state, legacy Codex app-server auth, stale bootstrap history, and streamed reasoning cleanup recover cleanly instead of carrying stale turn state forward. (#87484, #88924)
      • ·**Clearer cron and channel history:** external `sessions_send` routes, single-job history, and channel reply state retain the right destination and job context through restarts. (#88294, #88803)
      • ·**Better operator coordination:** core session goals and durable plugin-install state make long-running work easier to inspect and resume after reloads. (#87469, #88794)
      • ·**Safer mobile reconnects:** iOS realtime sessions retain their WebSocket continuation instead of failing a healthy Talk connection, with hosted push/realtime paths kept aligned. (#88231)

      Changes

      • ·Workboard task details, Android notification app selection, and Dreaming candidate scoring gained broader operator controls.
      • ·Control UI now streams stable Markdown blocks and records more chat responsiveness signals to guide first-reply performance work.

      Fixes

      • ·Chat/UI: keep first Control UI sends responsive, retain pending sends while history catches up, cache transcript renders, and avoid draft persistence or navigation churn from blocking the active conversation. (#88952, #88960, #88998)
      • ·Agents/Codex/auth: repair automatic fallback state, accept supported legacy Codex app-server auth, remove stale bootstrap history, strip streamed reasoning tags, and validate shell snapshots against trusted environment data. (#87484, #88924)
      • ·Cron/channels: preserve external `sessions_send` routes, include the job name in single-job history, keep Mattermost attachments on the upload path, and bound Telegram/installer/Parallels proof cleanup. (#88294, #88803)

      Complete contribution record

      • ·**PR #87469** feat: add core session goals.
      • ·**PR #88129** fix: keep live OpenClaw session locks during cleanup.
      • ·**PR #88133** Fix heartbeat default run timeout. Related #87438.
      • ·**PR #88132** fix: move compaction planning off the event loop. Related #86358.
      • ·**PR #88137** fix ci mainline checks.
      • ·**PR #88140** perf: centralize skills indexing and visibility.
      • ·**PR #82326** Add plugin manifest contract for SecretRef provider integrations.
      • ·**PR #88141** fix: route generated media completions through requester agent.
      • ·**PR #87770** refactor: share native approval route gates.
      • ·**PR #88156** Refactor SQLite state base and plugin migration.
      • ·**PR #87781** fix(codex): prevent false completion stalls during native streams.
      • ·**PR #88136** fix(agents): centralize terminal run outcome precedence. Related #87444.
      • ·**PR #88155** test(infra): avoid max fake-timer jumps.
      • ·**PR #88160** test(unit-fast): isolate fake-timer files.
      • ·**PR #84535** fix(gateway): resolve message actions against runtime config. Related #84530.
      • ·**PR #88107** feat: only include the current changelog section in tarball.
      • ·**PR #88130** fix(agents): preserve Codex auth for compaction fallback. Related #86820.
      • ·**PR #84814** fix(agents): classify embedded provider business denials for fallback. Related #48680.
      • ·**PR #88178** feat(workboard): add orchestration primitives.
      • ·**PR #88162** fix(agents): extend terminal outcome projections.
      • ·**PR #88182** Fix subagent DM completion delivery after yield. Related #88042.
      • ·**PR #88191** Fix Codex raw image generation media projection. Related #87948.
      • ·**PR #88134** fix(imessage): preserve SMS approval reply routes.
      • ·**PR #88161** Fix restart sentinel internal continuations. Related #87792.
      • ·**PR #88199** ci: extend platform checkout fetch timeout.
      • ·**PR #87796** feat(ci): autoscrub dependency lockfile-only PR changes.
      • ·**PR #88200** Refactor task state onto shared SQLite.
      • ·**PR #88083** fix(agent): preserve media task success on delivery miss.
      • ·**PR #88127** perf(test): fix explicit-file Vitest wrapper hangs.
      • ·**PR #88183** fix(whatsapp): retry QR login 408 timeouts.
      • ·**PR #84234** fix(cli-runner): write-side flush gate + orphan-tool-use invalidator.
      • ·**PR #88231** fix(ios): guard websocket ping continuation.
      • ·**PR #88117** refactor: extract LLM core packages.
      • ·**PR #88248** fix: show chat errors as visible messages.
      • ·**PR #88250** refactor(agents): type media completion delivery misses.
      • ·**PR #88207** Fix Codex native thread overflow rotation.
      • ·**PR #88109** refactor: extract media generation core package.
      • ·**PR #88247** feat: add hosted model providers.
      • ·**PR #88259** feat(workboard): add board ops recovery metadata.
      • ·**PR #87788** fix(codex): move skills list and memory pointer to collaboration instructions.
      • ·**PR #88262** fix(codex): stop injecting mirrored history into prompts.
      • ·**PR #88177** fix(codex): prevent post-tool edit stream timeouts.
      • ·**PR #88265** refactor: extract markdown core package.
      • ·**PR #88279** refactor: move terminal core into package.
      • ·**PR #86179** feat:Add Xiaomi Token Plan provider support. Related #86169.
      • ·**PR #88211** fix(plugins): resolve ${ENV_VAR} references in plugin config before handoff. Related #88195.
      • ·**PR #88284** fix(agents): harden autoreview Windows harness.
      • ·**PR #88260** Persist subagent registry in SQLite.
      • ·**PR #88217** refactor: unify OpenAI provider identity.
      • ·**PR #88297** refactor: extract media understanding common package.
      • ·**PR #88299** fix(gateway): recover channels after reload stop timeout.
      • ·**PR #88326** perf(cli): reduce room-event Claude cache churn.
      • ·**PR #88310** fix(test): include workflow lint target in routing expectation.
      • ·**PR #88225** fix(ui): stop pulsing completed stream segments.
      • ·**PR #88298** fix: classify ws pre-handshake close as benign. Related #88257.
      • ·**PR #88338** feat(workboard): persist orchestration metadata in sqlite.
      • ·**PR #88266** refactor: extract model catalog core package.
      • ·**PR #88235** feat(ios): refresh app store metadata.
      • ·**PR #85258** fix(qqbot): deliver partial tool progress. Related #66509.
      • ·**PR #88349** Add per-agent SQLite cache store.
      • ·**PR #88135** fix(codex): refresh stale managed runtime plugin. Related #87650.
      • ·**PR #68844** fix(outbound): pack newline-mode paragraphs up to limit.
      • ·**PR #88236** fix(plugins): ignore helper files in extension roots. Related #88198.
      • ·**PR #86089** [Fix] Deliver restart recovery replies. Related #69249.
      • ·**PR #88375** refactor: route model catalog imports to core package.
      • ·**PR #85511** feat(ui): add collapsible toggle for recent sessions in sidebar. Related #85510.
      • ·**PR #80560** fix(tui): distinguish /new and /reset command descriptions. Related #49517.
      • ·**PR #88229** fix(agents): normalize sessions_send message aliases. Related #88146.
      • ·**PR #88387** refactor(matrix): move ephemeral state to plugin sqlite.
      • ·**PR #86755** test(tasks): cover task domain view mappers.
      • ·**PR #76355** fix(install): show progress during npm install in non-interactive mode. Related #82305.
      • ·**PR #77279** fix(media): dedupe identical path/url in inbound media-note formatter (#47587).
      • ·**PR #82824** fix(gateway): explain ignored config-triggered restart when restart command is disabled.
      • ·**PR #85979** fix(discord): omit undefined component registry fields [AI].
      • ·**PR #76091** Fix Discord reply typing lifecycle.
      • ·**PR #88232** fix(models): prefer exact configured provider refs before aliases. Related #88218.
      • ·**PR #88276** fix(feishu): stream plain replies as cards.
      • ·**PR #80037** Expose resolved subagent model metadata.
      • ·**PR #78288** Agents/exec: show target node name in exec tool transparency messages. Related #77719.
      • ·**PR #88408** feat: expand workboard orchestration metadata.
      • ·**PR #87920** feat(gateway): forward OpenAI stop sequences through chat completions.
      • ·**PR #87886** fix(skill-creator): sort files for deterministic .skill package order. Related #37748.
      • ·**PR #88399** Improve MCP operability.
      • ·**PR #88398** refactor: move model catalog refs into core package.
      • ·**PR #88328** feat: add Skill Workshop and skill research.
      • ·**PR #88271** fix(export-html): guard msg.content and result.content filter/iteration paths against non-array values. Related #88255.
      • ·**PR #88429** ci: keep harness changes on fast checks.
      • ·**PR #88430** fix(scripts): quiet minimal runtime asset copies.
      • ·**PR #88321** fix(codex): keep app-server continuation turns alive. Related #88196, #88331.
      • ·**PR #88435** refactor: move model catalog normalization into core package.
      • ·**PR #88226** fix(llm): repair \u escapes that lack four hex digits in streaming JSON.
      • ·**PR #88380** fix(ui): keep chat model selected after session switch. Related #86597.
      • ·**PR #88285** Move cron persistence to SQLite.
      • ·**PR #87915** fix(build): avoid stale agent-core dts warnings.
      • ·**PR #68669** fix(agents): dedupe subagent browser session cleanup wrapper with dispatch flag. Related #68668.
      • ·**PR #88411** refactor(msteams): persist conversation and poll stores in sqlite.
      • ·**PR #88303** Skip browser cleanup when browser is disabled.
      • ·**PR #88416** Refactor subagent thread binding into core.
      • ·**PR #83956** feat(cli): add sessions tail progress view. Related #83441.
      • ·**PR #71648** fix(mcp): bound pendingClaudePermissions / pendingApprovals via TTL sweeper + close clear. Related #71646.
      • ·**PR #88346** refactor: extract web content core package.
      • ·**PR #71280** test(gateway): avoid brittle shutdown timer assertion.
      • ·**PR #80686** fix(agents): extend session-write-lock payload-less orphan grace from 5s to 30s.
      • ·**PR #88067** fix(responses): drop orphaned assistant msg_* id when reasoning is dropped (#88019).
      • ·**PR #88417** [codex] Route denied exec approval followups to sessions. Related #88167.
      • ·**PR #85996** fix #85782: surface terminal TUI lifecycle errors.
      • ·**PR #88445** refactor: source model catalog types from core.
      • ·**PR #88444** Classify release dependency ownership metadata.
      • ·**PR #82415** Fix /acp spawn cwd inheritance for target agent workspaces.
      • ·**PR #88448** refactor: simplify sqlite cron persistence.
      • ·**PR #88268** fix #88214: [Feature]: Dashboard sidebar Recent sessions should filter by currently selected agent.
      • ·**PR #86642** feat: pass structured provider error signals to hooks.
      • ·**PR #63840** fix(slack): preserve thread context for Agents & Assistants DM root messages. Related #63659.
      • ·**PR #86924** fix: scrub serialized tool-call text from replies.
      • ·**PR #87093** fix: promote serialized tool calls via repair package.
      • ·**PR #88452** chore(release): update appcast for 2026.5.28.
      • ·**PR #88043** feat: add internal code mode namespaces.
      • ·**PR #78748** fix(ui): add agent selector to dreaming tab. Related #63558.
      • ·**PR #88455** Refactor cron migrations under doctor.
      • ·**PR #87929** fix(cron): preserve plugin delivery targets. Related #87905.
      • ·**PR #87390** fix(ci): ignore fenced headings in proof parser.
      • ·**PR #85248** fix(gateway): strip spurious tool call blocks when provider signals stop. Related #85161.
      • ·**PR #83660** fix(browser): allow upload from inbound media directory. Related #83544.
      • ·**PR #88467** feat: improve MCP operator workflows.
      • ·**PR #84247** Refactor browser screenshot vision through shared media understanding.
      • ·**PR #88464** Move Workboard to relational SQLite.
      • ·**PR #88451** refactor: unify OpenAI provider identity.
      • ·**PR #88459** refactor: extract normalization core package.
      • ·**PR #84670** [codex] fix webchat full-message reader for truncated history. Related #84651.
      • ·**PR #88462** fix(heartbeat): advance stale scheduler deferrals. Related #79380.
      • ·**PR #88461** refactor(cron): split service timer helpers.
      • ·**PR #88427** fix(auth): bound inherited oauth expiry.
      • ·**PR #88458** fix: clarify generated media reply prompts.
      • ·**PR #88421** [codex] Fix Telegram DM topic session routing. Related #80212.
      • ·**PR #88113** fix(commands): make /skill load workspace skills. Related #88056.
      • ·**PR #85904** fix(slack): keep DM thread turns out of active steering.
      • ·**PR #88395** build(OpenClawKit): make ElevenLabsKit (talk/TTS) an optional package trait.
      • ·**PR #88469** refactor(telegram): persist plugin state in sqlite.
      • ·**PR #88406** Fix iMessage startup watch replay.
      • ·**PR #87179** fix(discord): deliver same-session channel replies. Related #87157.
      • ·**PR #88115** docs: remove divider comments.
      • ·**PR #88319** fix(agents): skip below-target CLI compaction failures.
      • ·**PR #88552** Remove channel test isolation hack.
      • ·**PR #86176** Fix Telegram media message edits. Related #86161.
      • ·**PR #88476** feat: add Twilio SMS channel.
      • ·**PR #83992** fix(webchat): preserve refresh-visible history and composer state. Related #83344.
      • ·**PR #88496** fix(auto-reply): redact secrets in config show output. Related #65623.
      • ·**PR #88536** feat: improve MCP operator controls.
      • ·**PR #84290** Doctor: expose UI freshness health findings.
      • ·**PR #88539** refactor(telegram): keep topic thread mapping plugin-local.
      • ·**PR #80391** fix(scripts): timeout crabbox wrapper sanity checks.
      • ·**PR #85990** Prefer Talk source-reply final text. Related #85275.
      • ·**PR #65914** fix(memory): respect qmd status timeout and skip checkpoint exports.
      • ·**PR #88555** feat(workboard): add worker dispatch CLI.
      • ·**PR #88018** fix(infra): guard against overwriting corrupt target session store during migration. Related #88017.
      • ·**PR #88185** fix(cron): accept sub-second --at datetimes resolved in a timezone.
      • ·**PR #88378** fix(xiaomi): support MiMo voicedesign TTS.
      • ·**PR #70864** feat: add scoped mention pattern policy.
      • ·**PR #87998** fix(agents): route per-turn media task hints below the cache boundary. Related #85203.
      • ·**PR #75181** test(plugins): cover Link agent wallet bundle shape.
      • ·**PR #88347** fix(agents): strip malformed arg-value suffixes. Related #48780.
      • ·**PR #88578** docs: document scoped mention patterns.
      • ·**PR #81808** chore(lint): enable object-shorthand.
      • ·**PR #70789** fix(ui): fix tool result pairing for sequential same-name tool calls. Related #70746.
      • ·**PR #88011** fix(logging): align diagnostic recovery in-flight dedup keys. Related #88010.
      • ·**PR #88574** Fix silent internal aborts after tool-use turns.
      • ·**PR #82219** fix(codex): accept first-party OpenAI plugin marketplaces (bundled and primary-runtime). Related #82216.
      • ·**PR #83719** feat(dreaming): add report-only shadow trial runner.
      • ·**PR #87772** fix(reply): deliver plugin binding replies. Related #87721.
      • ·**PR #74493** fix(cli): identity-only auth-epoch hashing for token credentials (#74312).
      • ·**PR #88534** refactor: extract media and ACP core packages.
      • ·**PR #79447** fix(model-auth): resolve per-entry apiKey profile ID references. Related #67423.
      • ·**PR #88577** fix(sms): diagnose Twilio webhook setup.
      • ·**PR #84628** [AI-assisted] fix(plugins): scope startup metadata manifest reads. Related #70533.
      • ·**PR #88582** Refactor cron SQLite runtime paths.
      • ·**PR #88595** perf: speed up chat hydration and add 3D workboard.
      • ·**PR #75005** fix(media): allow explicit synthetic auth for media providers. Related #74644.
      • ·**PR #75128** fix(boot): wrap BOOT.md in internal-runtime-context, strip from message-tool args (#53732).
      • ·**PR #88599** fix(memory): retry transient embedding failures. Related #44166, #71784.
      • ·**PR #88466** fix(gateway): guide dashboard auth after service repair. Related #88290.
      • ·**PR #88463** fix(ui): keep transient chat errors out of page headers.
      • ·**PR #88474** [AI-assisted] fix(gateway): avoid restarts for auth cooldown reloads. Related #88443.
      • ·**PR #88603** fix(media): use typed auth for no-auth media providers. Related #74644.
      • ·**PR #88605** refactor: make OpenAI Codex legacy doctor-only.
      • ·**PR #88440** Retry stale CLI sessions inside runner lifecycle. Related #77089.
      • ·**PR #88393** fix(browser): document stable tab references.
      • ·**PR #88340** fix(agents): classify expired thinking signatures. Related #88020.
      • ·**PR #88607** fix(devices): refresh paired device last-seen metadata. Related #81169.
      • ·**PR #88613** fix: queue subagent completion handoffs.
      • ·**PR #88609** refactor: move plugin state stores to SQLite.
      • ·**PR #79363** fix(exec): allow known safe shell builtins in allowlist mode. Related #46056.
      • ·**PR #88617** fix(agents): preserve reasoning replay from model metadata. Related #88068.
      • ·**PR #77953** fix(auto-reply): honor per-model thinking params.
      • ·**PR #88626** refactor(openai): confine legacy codex repair to doctor.
      • ·**PR #87887** fix(hooks): isolate slug-generator failures from shared auth profile (#71709).
      • ·**PR #88281** fix(tasks): reclaim ACP zombie runs blocking gateway restart. Related #88205.
      • ·**PR #88619** refactor: unify subagent handoffs into agent steering queue.
      • ·**PR #88004** fix(tui): skip history reload when final event has displayable output. Related #87922.
      • ·**PR #87962** fix(webchat): suppress stale active session row racing a completed turn (#87875).
      • ·**PR #88050** fix(tui): use middle truncation for paths and commands in tool display. Related #87936.
      • ·**PR #86463** fix(auto-reply): warn on substantive private message-tool finals.
      • ·**PR #88554** docs: clarify Android token comments.
      • ·**PR #87959** fix(tui): preserve pending local runs during session sync.
      • ·**PR #82224** feat(codex): add portable Codex command pickers.
      • ·**PR #88637** chore: bump OpenClaw version to 2026.5.31.
      • ·**PR #88587** fix(agents): normalize prefixed Anthropic fallback model ids (#88560).
      • ·**PR #88351** fix(doctor): diagnose malformed provider catalogs.
      • ·**PR #88618** refactor: expand acp core package.
      • ·**PR #87538** fix(agents): model-scope cooldown for transport timeout (#87462).
      • ·**PR #88623** fix(agents): release session lock on manual abort. Related #88600.
      • ·**PR #88588** fix(agents): avoid synthetic tool results during parallel races (#88168).
      • ·**PR #88636** feat: add MCP code-mode namespace.
      • ·**PR #88558** fix(gateway): enforce OpenAI tool_choice required/function contracts.
      • ·**PR #88628** fix: scope plugin tools and async media starts.
      • ·**PR #84007** fix(agents): inherit subagent thinking defaults. Related #55790.
      • ·**PR #81795** Fix Control UI agent thinking defaults. Related #81760.
      • ·**PR #74418** fix(agents): recognize params.thinking=false and "disabled"/"none" as thinking=off. Related #74374.
      • ·**PR #88583** fix(gateway): reject pre-reset run lifecycle events from clobbering the rotated session row. Related #88538.
      • ·**PR #88612** fix(models): keep auth login out of main config. Related #88565.
      • ·**PR #88655** fix(gateway): reject stale lifecycle session updates. Related #88538.
      • ·**PR #88658** fix(agents): report stale session locks without cleanup.
      • ·**PR #88661** ci: stabilize Testbox changed checks.
      • ·**PR #88641** feat: add exec shell snapshot cache.
      • ·**PR #84232** fix(messages): use best-effort for implicit tool-only source replies. Related #84078.
      • ·**PR #88381** fix(agents): preserve runtime tools in lean mode.
      • ·**PR #88527** fix(discord): ping mention-bearing final replies under live preview (#88360).
      • ·**PR #88659** refactor: clean up ACP package metadata and helpers.
      • ·**PR #88652** fix(codex): restore bounded recovery continuity. Related #88352, #88354.
      • ·**PR #82739** fix(macos): prevent duplicate menu bar icons.
      • ·**PR #87975** fix(slack): avoid forced threads for replyToMode off.
      • ·**PR #86397** fix(discord): PluralKit DM pairing identity + `direct` peer regex (#86332).
      • ·**PR #88601** fix(sms): cover native proof follow-ups.
      • ·**PR #88670** fix(agents): retry transient stale session locks.
      • ·**PR #80996** Fix Google Chat message tool thread replies. Related #80995.
      • ·**PR #88549** fix(memory-core): reclaim orphaned dreaming sessions with surviving transcripts. Related #88322.
      • ·**PR #88557** fix(terminal): clamp wide graphemes in narrow table cells. Related #88556.
      • ·**PR #87904** fix: route iMessage DM media through attachment handoff. Related #87597.
      • ·**PR #88547** feat(github-copilot): add Claude Opus 4.8 to default model catalog.
      • ·**PR #88428** fix(discord): route thread bindings to plugin owners. Related #64199.
      • ·**PR #85612** fix(slack): keep one draft message in progress mode.
      • ·**PR #88500** fix: release abandoned provider streams. Related #67461.
      • ·**PR #85691** fix(doctor): auto-repair stale session snapshot paths on --fix. Related #85689.
      • ·**PR #86737** fix(ios): subscribe to per-session transcripts so group chats update in real time (#80231).
      • ·**PR #88642** fix(whatsapp): suppress spurious typing indicator on silent tool-only runs. Related #450.
      • ·**PR #88635** fix(secrets): treat Codex app-server marker as non-secret.
      • ·**PR #88525** feat(deepseek): show provider balance in usage status.
      • ·**PR #88563** fix(agents): resolve exact static-catalog models for plugin-harness cold start (#88510).
      • ·**PR #87818** fix(ollama): yield during dense stream processing.
      • ·**PR #88665** refactor: move delivery queues to SQLite.
      • ·**PR #88676** fix(auto-reply): add memory flush failure tracking with retry exhaustion.
      • ·**PR #88672** fix(plugins): reuse current metadata snapshot in provider hot paths.
      • ·**PR #88678** feat: add typed MCP code-mode API.
      • ·**PR #77882** fix(feishu): gate bitable tools by tools config.
      • ·**PR #59172** fix(cli): extend holiday tagline dates through 2030.
      • ·**PR #88252** fix(agents): avoid full stream replay on text deltas.
      • ·**PR #59500** fix: extend CA bundle auto-injection to all 8 Node version managers. Related #59494.
      • ·**PR #87855** fix(telegram): handle ENOENT race in spool drain recovery rename. Related #87847.
      • ·**PR #88677** refactor: clean up ACP translator and manager tests.
      • ·**PR #88715** perf(plugins): avoid duplicate provider hook load probes.
      • ·**PR #88675** refactor: move plugin state slices to sqlite.
      • ·**PR #88153** fix(agents): count stream deltas incrementally.
      • ·**PR #87698** fix(gateway): emit subagent_ended hook for api.runtime.subagent.run() (#59164).
      • ·**PR #81692** fix(doctor): detect stale gateway service version metadata.
      • ·**PR #87549** fix(agents): validate context engine assemble result shape. Related #75541.
      • ·**PR #88720** refactor: extract ACP translator session updates.
      • ·**PR #85666** fix #85124: skip Anthropic API keys for usage status.
      • ·**PR #88722** refactor: make Telegram message cache SQLite-only.
      • ·**PR #88724** fix: persist ACP metadata in SQLite.
      • ·**PR #86917** fix(session-store): rewrite generated transcript paths on rollover.
      • ·**PR #84419** fix(session): prefer real tool result over synthetic error in transcript repair.
      • ·**PR #88725** refactor: extract ACP manager runtime handle cache.
      • ·**PR #88721** feat(plugin-sdk): add typed presentation command actions.
      • ·**PR #79658** Allow validated TXT/JSON/YAML media sends.
      • ·**PR #87618** fix(daemon): detect system-scope systemd gateway units on Linux (#87577).
      • ·**PR #84988** Refresh Node Docker base image digests. Related #84981.
      • ·**PR #85931** fix(memory): serialize qmd update writes across processes to stop SQLITE_BUSY. Related #66339.
      • ·**PR #78793** fix(approvals): interpolate request id into "Reply with:" line.
      • ·**PR #88730** fix(codex): stream final answer partials. Related #88405.
      • ·**PR #80801** fix(auth): force re-login flag, remediation hint, and session-scoped fallback skip cache.
      • ·**PR #88729** refactor: extract ACP runtime handle ensure flow.
      • ·**PR #79040** fix(gateway): guard buildGroupDisplayName behind group/channel chatType. Related #55354.
      • ·**PR #77952** fix(discord): bound REST entity cache to prevent unbounded Map growth. Related #77975.
      • ·**PR #88733** refactor: extract ACP runtime resume state.
      • ·**PR #77924** fix(memory-core): preserve phase signals on read errors. Related #77881.
      • ·**PR #88314** fix #76284: [Bug]: openclaw agents add blocked — cannot add Jon/Atlas as separate agents.
      • ·**PR #77394** fix(agents): sanitize raw HTTP 401 provider errors in user-visible replies (#56197).
      • ·**PR #88739** refactor: extract ACP turn runner.
      • ·**PR #77998** fix(skills): clear workspaceVersions entry when skills watcher is disabled. Related #77997.
      • ·**PR #77527** fix(gateway): rate-limit pre-auth bootstrap-token verify to prevent mutex DoS. Related #77978.
      • ·**PR #88744** refactor: extract ACP close session flow.
      • ·**PR #88731** refactor: migrate voice-call call logs through doctor.
      • ·**PR #87522** fix: force preflight compaction before oversized agent turns. Related #87234.
      • ·**PR #75061** fix: preserve workspaces during state-only uninstall. Related #75052.
      • ·**PR #79465** Fix ACP command bypass for channel text commands.
      • ·**PR #88747** refactor: extract ACP runtime option commands.
      • ·**PR #74715** fix(ui): show Communication Notifications tab.
      • ·**PR #88691** feat(gateway): support Tailscale Serve service names. Related #88629.
      • ·**PR #88749** fix(channels): recover failed progress draft starts. Related #83115.
      • ·**PR #88029** fix(agents): atomic auth.json write to prevent credential lockout on crash. Related #88028.
      • ·**PR #85277** fix(openai): avoid stale Responses message id replay.
      • ·**PR #79173** fix: skip disabled skill snapshot env overrides. Related #79072.
      • ·**PR #88752** refactor: split ACP manager session flows.
      • ·**PR #79149** fix(ci): guard workflow template injection. Related #68428.
      • ·**PR #74089** fix(openai/tts): handle [[tts:speed]] directive in OpenAI speech provider (#12163).
      • ·**PR #88763** feat: add code-mode MCP API files.
      • ·**PR #87896** fix(feishu): fallback when accepted turns send no visible reply.
      • ·**PR #88761** [codex] Surface disabled Codex plugin routes in doctor lint. Related #88751.
      • ·**PR #88759** fix: repair providerless Codex session overrides.
      • ·**PR #88740** fix(hooks): pass media metadata to internal message_received hook.
      • ·**PR #88695** fix(agents): wait for cron media completions. Related #88001.
      • ·**PR #88762** fix(ui): show Workboard comments in edit modal.
      • ·**PR #88765** fix(agents): publish owned announcement session writes. Related #88703.
      • ·**PR #59196** feat(doctor): add disk space health check for state directory.
      • ·**PR #79260** feat(doctor): add --post-upgrade --json mode for plugin-compat findings.
      • ·**PR #88486** fix(diagnostics): carry session UUID on interactive dispatch events.
      • ·**PR #84904** fix: avoid replaying Responses item ids when store is disabled.
      • ·**PR #82828** fix(daemon): preserve container service env across regen.
      • ·**PR #88755** fix(agents): expose session status route context. Related #84544.
      • ·**PR #88781** fix(models): strip remaining provider self prefixes. Related #88770.
      • ·**PR #88131** fix(logging): refresh file log hostname per write. Related #87258.
      • ·**PR #88667** fix #81214: [Bug]: OpenClaw 2026.5.7 subagent regression.
      • ·**PR #88764** fix(update): recognize manual-update launchd jobs. Related #88736.
      • ·**PR #88727** fix(feishu): preserve long streaming replies. Related #88631.
      • ·**PR #88512** fix: resolve google provider default API to google-generative-ai. Related #88480.
      • ·**PR #88756** feat: add Skill Workshop Control UI.
      • ·**PR #88610** fix: suppress raw provider errors in channel delivery. Related #69737.
      • ·**PR #88808** perf: hydrate chat history session metadata.
      • ·**PR #88735** fix(agents): harden runtime tool schema quarantine.
      • ·**PR #88221** fix(nostr): decode npub allowFrom entries to hex correctly.
      • ·**PR #88772** feat: calm composer controls.
      • ·**PR #88388** fix(agents): guard transport payload sanitizer against non-string input. Related #60113.
      • ·**PR #88149** fix(agents): cap bootstrap snapshot cache.
      • ·**PR #88545** fix(memory-core): stop dream diary fallback from leaking raw staging fragments. Related #88391.
      • ·**PR #88289** fix(microsoft-foundry): skip DeepSeek V4 thinking params on Foundry fallback.
      • ·**PR #88209** fix(subagents): roll formatTokenShort over to "m" at 1000k.
      • ·**PR #88008** fix(tasks): persist task store before in-memory mutation to prevent sqlite divergence. Related #88007.
      • ·**PR #88306** fix(gateway): hide phantom agent store rows from sessions.list. Related #57376.
      • ·**PR #88760** fix(doctor): report runtime tool schema errors.
      • ·**PR #88495** fix(imessage): tolerate sub-second self-chat reflection skew.
      • ·**PR #88797** Migrate iMessage monitor state to SQLite.
      • ·**PR #87981** fix(cron): retire MCP runtimes on isolated cron timeout and dispose. Related #87821.
      • ·**PR #88410** fix(gateway): harden MCP loopback tool schemas.
      • ·**PR #88100** fix(doctor): quiet tool policy removal audits. Related #87798.
      • ·**PR #88804** fix(agents): preserve stop-finished OpenAI tool calls. Related #88791.
      • ·**PR #88802** test(agents): cover nonfatal trajectory flush timeout. Related #88520.
      • ·**PR #88819** fix(workboard): wire task-backed board runs.
      • ·**PR #88608** fix(minimax): use account OAuth device endpoints.
      • ·**PR #88794** Persist plugin install index in SQLite.
      • ·**PR #88827** Add Vertex API key model config regression coverage. Related #88816.
      • ·**PR #77237** Preserve managed npm plugin root when install validation blocks update.
      • ·**PR #88288** fix(config): skip state-dir dotenv values that are unresolved shell references. Related #88274.
      • ·**PR #87848** fix(status): resolve gateway auth secrets for deep audit. Related #87815.
      • ·**PR #88807** fix(plugins): isolate web provider factory failures.
      • ·**PR #88518** fix(plugins): isolate cached tool runtime siblings.
      • ·**PR #88851** Persist OpenRouter model cache in SQLite.
      • ·**PR #88485** fix(agents): guard vanished workspaces. Related #88333.
      • ·**PR #88825** perf: streamline chat startup metadata.
      • ·**PR #88723** fix(doctor): respect explicit PI runtime policy. Related #88706.
      • ·**PR #88365** fix(infra): bridge WSL clipboard through shell. Related #88080.
      • ·**PR #88785** fix: restore backgrounded in-flight runs on TUI switch-back via gateway snapshot.
      • ·**PR #87992** feat(ios): support native iPad display.
      • ·**PR #88846** fix: preserve no-policy native hook fallback.
      • ·**PR #81264** fix(installer): align Node version floor with package engine.
      • ·**PR #87838** test(agents): include Ollama in small live model matrix.
      • ·**PR #88860** feat(minimax): add MiniMax M3 support.
      • ·**PR #88305** fix(browser): isolate Chrome MCP pending attach aborts. Related #88304.
      • ·**PR #88814** fix(ci): repair current main checks.
      • ·**PR #88855** fix(microsoft-foundry): satisfy extension lint.
      • ·**PR #88824** test: consolidate plugin registration contracts.
      • ·**PR #88847** test(ui): remove stylesheet grep tests.
      • ·**PR #88704** fix(memory): rehydrate daily list promotions. Related #87854.
      • ·**PR #88848** test(agents): use neutral tool schema fixtures.
      • ·**PR #88817** fix(agents): return schema lookup misses in-band. Related #88813.
      • ·**PR #88866** Persist Discord thread bindings in SQLite.
      • ·**PR #88801** fix(hooks): expose inbound reply metadata before dispatch. Related #88521.
      • ·**PR #88865** docs: clarify diffs language pack additions.
      • ·**PR #88849** docs: continue inline comment pass.
      • ·**PR #87077** fix(ui): bypass service worker for top-level navigations.
      • ·**PR #88394** fix(plugins): fail closed on trusted policy errors.
      • ·**PR #88758** docs(imessage): document SSH wrapper TCC send failure. Related #79289.
      • ·**PR #88859** fix(mattermost): route send attachments through upload. Related #87930.
      • ·**PR #88830** feat(dreaming): score candidates with shadow trial results.
      • ·**PR #88803** fix(reply): preserve sessions_send external routes. Related #88044.
      • ·**PR #88294** fix(cron): include job name when reading single-job run history.
      • ·**PR #88896** fix: harden CLI and plugin edge cases.
      • ·**PR #88767** fix(plugin-sdk): isolate provider catalog projection failures.
      • ·**PR #88892** feat(ui): improve Workboard task details.
      • ·**PR #88806** fix(memory-lancedb): reject envelope metadata sludge (incl. marker-free shapes).
      • ·**PR #88921** fix(ui): keep first control chat sends responsive.
      • ·**PR #87484** fix(agents): clear legacy auto fallback pins. Related #87467.
      • ·**PR #88904** fix(android): add notification app picker.
      • ·**PR #88820** fix(diagnostics): clear embedded-run activity when recovery declares lane idle. Related #88660.
      • ·**PR #88897** refactor(copilot): compact sessions through SDK state.
      • ·**PR #88924** fix(agents): strip streamed reasoning tags. Related #88741.
      • ·**PR #88937** fix(ui): render pending sends in chat thread.
      • ·**PR #88949** fix(ui): scroll pending sends into view.
      • ·**PR #88952** perf(ui): cache chat transcript renders.
      • ·**PR #88960** perf(ui): record pending send paint timing.
      • ·**PR #88972** perf(ui): debounce chat draft persistence.
      • ·**PR #88978** perf(ui): skip closed slash menu rerenders.
      • ·**PR #88982** fix(test): wait for telegram timer flushes.
      • ·**PR #88989** perf(ui): guard chat transcript rerenders.