You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,6 +15,7 @@ Docs: https://docs.openclaw.ai
15
15
- Agents/tool-result guard: use the resolved runtime context token budget for non-context-engine tool-result overflow checks, so long tool-heavy sessions no longer compact early when `contextTokens` is larger than native `contextWindow`. Fixes #74917. Thanks @kAIborg24.
16
16
- Gateway/systemd: exit with sysexits 78 for supervised lock and `EADDRINUSE` conflicts so `RestartPreventExitStatus=78` stops `Restart=always` restart loops instead of repeatedly reloading plugins against an occupied port. Fixes #75115. Thanks @yhyatt.
17
17
- Agents/runtime: skip blank visible user prompts at the embedded-runner boundary before provider submission while still allowing internal runtime-only turns and media-only prompts, so Telegram/group sessions no longer leak raw empty-input provider errors when replay history exists. Fixes #74137. Thanks @yelog, @Gracker, and @nhaener.
18
+
- Agents/Codex: isolate local Codex app-server `CODEX_HOME` and `HOME` per agent and add a deliberate Codex migration path with selectable skill copies, so personal Codex CLI skills, plugins, config, and hooks no longer leak into OpenClaw agents unless the operator migrates them into the workspace. Thanks @pashpashpash.
18
19
- Plugins/runtime-deps: replace stale symlinked mirror target roots before writing runtime-mirror temp files and skip rewriting already materialized hardlinks, so cross-version container upgrades no longer crash-loop on read-only image-layer paths while warm mirrors do less churn. Fixes #75108; refs #75069. Thanks @coletebou and @xiaohuaxi.
19
20
- Auto-reply/group chats: fall back to automatic source delivery when a channel precomputes message-tool-only replies but the `message` tool is unavailable, so Discord/Slack-style group turns do not silently complete without a visible reply. Fixes #74868. Thanks @kagura-agent.
20
21
- Browser/gateway: share one browser control runtime across the HTTP control server and `browser.request`, and refresh browser profile config from the source snapshot, so CLI status/start honors configured `browser.executablePath`, `headless`, and `noSandbox` instead of falling back to stale auto-detection. Fixes #75087; repairs #73617. Thanks @civiltox and @martingarramon.
Copy file name to clipboardExpand all lines: docs/cli/doctor.md
+1Lines changed: 1 addition & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -52,6 +52,7 @@ Notes:
52
52
- Repeat `doctor --fix` runs no longer report/apply Talk normalization when the only difference is object key order.
53
53
- Doctor includes a memory-search readiness check and can recommend `openclaw configure --section model` when embedding credentials are missing.
54
54
- Doctor warns when no command owner is configured. The command owner is the human operator account allowed to run owner-only commands and approve dangerous actions. DM pairing only lets someone talk to the bot; if you approved a sender before first-owner bootstrap existed, set `commands.ownerAllowFrom` explicitly.
55
+
- Doctor warns when Codex-mode agents are configured and personal Codex CLI assets exist in the operator's Codex home. Local Codex app-server launches use isolated per-agent homes, so use `openclaw migrate codex --dry-run` to inventory assets that should be promoted deliberately.
55
56
- If sandbox mode is enabled but Docker is unavailable, doctor reports a high-signal warning with remediation (`install Docker` or `openclaw config set agents.defaults.sandbox.mode off`).
56
57
- If `gateway.auth.token`/`gateway.auth.password` are SecretRef-managed and unavailable in the current command path, doctor reports a read-only warning and does not write plaintext fallback credentials.
57
58
- If channel SecretRef inspection fails in a fix path, doctor continues and reports a warning instead of exiting early.
Copy file name to clipboardExpand all lines: docs/cli/migrate.md
+45-1Lines changed: 45 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ title: "Migrate"
8
8
9
9
# `openclaw migrate`
10
10
11
-
Import state from another agent system through a plugin-owned migration provider. Bundled providers cover [Claude](/install/migrating-claude) and [Hermes](/install/migrating-hermes); third-party plugins can register additional providers.
11
+
Import state from another agent system through a plugin-owned migration provider. Bundled providers cover Codex CLI state, [Claude](/install/migrating-claude), and [Hermes](/install/migrating-hermes); third-party plugins can register additional providers.
12
12
13
13
<Tip>
14
14
For user-facing walkthroughs, see [Migrating from Claude](/install/migrating-claude) and [Migrating from Hermes](/install/migrating-hermes). The [migration hub](/install/migrating) lists all paths.
@@ -19,8 +19,12 @@ For user-facing walkthroughs, see [Migrating from Claude](/install/migrating-cla
Skip the confirmation prompt. Required in non-interactive mode.
49
53
</ParamField>
54
+
<ParamFieldpath="--skill <name>"type="string">
55
+
Select one skill copy item by skill name or item id. Repeat the flag to migrate multiple skills. When omitted, interactive Codex migrations show a checkbox selector and non-interactive migrations keep all planned skills.
56
+
</ParamField>
50
57
<ParamFieldpath="--no-backup"type="boolean">
51
58
Skip the pre-apply backup. Requires `--force` when local OpenClaw state exists.
52
59
</ParamField>
@@ -99,6 +106,43 @@ For a user-facing walkthrough, see [Migrating from Claude](/install/migrating-cl
99
106
100
107
Claude hooks, permissions, environment defaults, local memory, path-scoped rules, subagents, caches, plans, and project history are preserved in the migration report or reported as manual-review items. OpenClaw does not execute hooks, copy broad allowlists, or import OAuth/Desktop credential state automatically.
101
108
109
+
## Codex provider
110
+
111
+
The bundled Codex provider detects Codex CLI state at `~/.codex` by default, or
112
+
at `CODEX_HOME` when that environment variable is set. Use `--from <path>` to
113
+
inventory a specific Codex home.
114
+
115
+
Use this provider when moving to the OpenClaw Codex harness and you want to
116
+
promote useful personal Codex CLI assets deliberately. Local Codex app-server
117
+
launches use per-agent `CODEX_HOME` and `HOME` directories, so they do not read
118
+
your personal Codex CLI state by default.
119
+
120
+
Running `openclaw migrate codex` in an interactive terminal previews the full
121
+
plan, then opens a checkbox selector for skill copy items before the final
122
+
apply confirmation. All skills start selected; uncheck any skill you do not want
123
+
copied into this agent. For scripted or exact runs, pass `--skill <name>` once
|`transport`|`"stdio"`|`"stdio"` spawns Codex; `"websocket"` connects to `url`. |
559
-
|`command`| managed Codex binary | Executable for stdio transport. Leave unset to use the managed binary; set it only for an explicit override. |
560
-
|`args`|`["app-server", "--listen", "stdio://"]`| Arguments for stdio transport. |
561
-
|`url`| unset | WebSocket app-server URL. |
562
-
|`authToken`| unset | Bearer token for WebSocket transport. |
563
-
|`headers`|`{}`| Extra WebSocket headers. |
564
-
|`clearEnv`|`[]`| Extra environment variable names removed from the spawned stdio app-server process after OpenClaw builds its inherited environment. |
565
-
|`requestTimeoutMs`|`60000`| Timeout for app-server control-plane calls. |
566
-
|`mode`|`"yolo"`| Preset for YOLO or guardian-reviewed execution. |
567
-
|`approvalPolicy`|`"never"`| Native Codex approval policy sent to thread start/resume/turn. |
568
-
|`sandbox`|`"danger-full-access"`| Native Codex sandbox mode sent to thread start/resume. |
569
-
|`approvalsReviewer`|`"user"`| Use `"auto_review"` to let Codex review native approval prompts. `guardian_subagent` remains a legacy alias. |
570
-
|`serviceTier`| unset | Optional Codex app-server service tier: `"fast"`, `"flex"`, or `null`. Invalid legacy values are ignored. |
|`transport`|`"stdio"`|`"stdio"` spawns Codex; `"websocket"` connects to `url`. |
584
+
|`command`| managed Codex binary | Executable for stdio transport. Leave unset to use the managed binary; set it only for an explicit override. |
585
+
|`args`|`["app-server", "--listen", "stdio://"]`| Arguments for stdio transport. |
586
+
|`url`| unset | WebSocket app-server URL. |
587
+
|`authToken`| unset | Bearer token for WebSocket transport. |
588
+
|`headers`|`{}`| Extra WebSocket headers. |
589
+
|`clearEnv`|`[]`| Extra environment variable names removed from the spawned stdio app-server process after OpenClaw builds its inherited environment. `CODEX_HOME` and `HOME` are reserved for OpenClaw's per-agent Codex isolation on local launches. |
590
+
|`requestTimeoutMs`|`60000`| Timeout for app-server control-plane calls. |
591
+
|`mode`|`"yolo"`| Preset for YOLO or guardian-reviewed execution. |
592
+
|`approvalPolicy`|`"never"`| Native Codex approval policy sent to thread start/resume/turn. |
593
+
|`sandbox`|`"danger-full-access"`| Native Codex sandbox mode sent to thread start/resume. |
594
+
|`approvalsReviewer`|`"user"`| Use `"auto_review"` to let Codex review native approval prompts. `guardian_subagent` remains a legacy alias. |
595
+
|`serviceTier`| unset | Optional Codex app-server service tier: `"fast"`, `"flex"`, or `null`. Invalid legacy values are ignored. |
571
596
572
597
OpenClaw-owned dynamic tool calls are bounded independently from
573
598
`appServer.requestTimeoutMs`: each Codex `item/tool/call` request must receive
0 commit comments