chore: project hygiene — fix workspace:*, sandbox USER, dead config by quotentiroler · Pull Request #11289 · openclaw/openclaw

quotentiroler · 2026-02-07T17:17:18Z

Changes

Remove workspace:* from dependencies in extensions/msteams, extensions/nostr, extensions/zalo — these break external npm install. The devDependencies entry is kept per AGENTS.md guidance.
Add non-root sandbox user to Dockerfile.sandbox and Dockerfile.sandbox-browser — both were running all processes (including Chromium with --no-sandbox) as root. The main Dockerfile already correctly uses USER node.
Remove dead vitest key from package.json — vitest.config.ts takes precedence at runtime, and the two configs had conflicting values (e.g. branches threshold 70 vs 55). The package.json version was never used.
Remove redundant top-level overrides from package.json — pnpm ignores npm's overrides key and uses pnpm.overrides instead. The tar: "7.5.7" entry was duplicated between both.
Sync onlyBuiltDependencies between pnpm-workspace.yaml and package.json — node-llama-cpp was missing from pnpm-workspace.yaml. Both lists are now alphabetically sorted and identical.

Testing

Config-only / Dockerfile changes — no runtime behavior change for existing unit tests.
Extensions: openclaw was already in devDependencies in all three (it resolves via jiti at runtime); removing it from dependencies only affects external npm install.

greptile-apps

_{1 file reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

greptile-apps · 2026-02-07T17:18:57Z

Additional Comments (1)

extensions/zalo/package.json
Missing runtime dependency
@openclaw/zalo imports openclaw/plugin-sdk at runtime (e.g. extensions/zalo/index.ts:1-2), but this PR removes openclaw from dependencies and leaves it only in devDependencies. When a user installs the extension from npm without separately installing openclaw, Node will fail to resolve openclaw/plugin-sdk.

To keep external npm install working, openclaw should be declared as a runtime dependency (or as a peerDependency if you intend the host app to provide it, ideally with a clear version range). Also appears in extensions/msteams/package.json and extensions/nostr/package.json.

Prompt To Fix With AI

This is a comment left during a code review.
Path: extensions/zalo/package.json
Line: 6:11

Comment:
**Missing runtime dependency**
`@openclaw/zalo` imports `openclaw/plugin-sdk` at runtime (e.g. `extensions/zalo/index.ts:1-2`), but this PR removes `openclaw` from `dependencies` and leaves it only in `devDependencies`. When a user installs the extension from npm without separately installing `openclaw`, Node will fail to resolve `openclaw/plugin-sdk`.

To keep external `npm install` working, `openclaw` should be declared as a runtime dependency (or as a `peerDependency` if you intend the host app to provide it, ideally with a clear version range). Also appears in `extensions/msteams/package.json` and `extensions/nostr/package.json`.

How can I resolve this? If you propose a fix, please make it concise.

quotentiroler · 2026-02-07T21:21:38Z

Extensions are not published as standalone npm packages — they ship bundled inside the main openclaw package (see root package.json files array). There are no external consumers who install them independently. At runtime, openclaw/plugin-sdk resolves via jiti alias, not through node_modules.

This is documented in AGENTS.md: "Avoid workspace:* in dependencies; put openclaw in devDependencies or peerDependencies instead." 28+ other extensions already follow this pattern — these 4 were the outliers.

…penclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies (cherry picked from commit 28e1a65) # Conflicts: # CHANGELOG.md # extensions/zalouser/package.json # package.json # pnpm-workspace.yaml

@Yida-Dev

* Add baidu qianfan model provider * Add baidu qianfan model provider * Fix format * Optimize doc * optimize doc * Fix import error * Add auth choice * Optimize format * Optimize doc * Fix key resolve * Optimize import * Support ERNIE-5.0-Thinking-Preview * Resolve conflicts * Fix conflicts * Docs: add PR sign-off template (openclaw#10561) * fix: guard resolveUserPath against undefined input (openclaw#10176) * fix: guard resolveUserPath against undefined input When subagent spawner omits workspaceDir, resolveUserPath receives undefined and crashes on .trim(). Add a falsy guard that falls back to process.cwd(), matching the behavior callers already expect. Closes openclaw#10089 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: harden runner workspace fallback (openclaw#10176) (thanks @Yida-Dev) * fix: harden workspace fallback scoping (openclaw#10176) (thanks @Yida-Dev) * refactor: centralize workspace fallback classification and redaction (openclaw#10176) (thanks @Yida-Dev) * test: remove explicit any from utils mock (openclaw#10176) (thanks @Yida-Dev) * security: reject malformed agent session keys for workspace resolution (openclaw#10176) (thanks @Yida-Dev) --------- Co-authored-by: Yida-Dev <reyifeijun@gmail.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * Docs: revise PR and issue submission guides (openclaw#10617) * Docs: revise PR submission guide * Docs: revise issue submission guide * feat(memory): native Voyage AI support (openclaw#7078) * feat(memory): add native Voyage AI embedding support with batching Cherry-picked from PR openclaw#2519, resolved conflict in memory-search.ts (hasRemote -> hasRemoteConfig rename + added voyage provider) * fix(memory): optimize voyage batch memory usage with streaming and deduplicate code Cherry-picked from PR openclaw#2519. Fixed lint error: changed this.runWithConcurrency to use imported runWithConcurrency function after extraction to internal.ts * feat(memory): document Voyage embeddings + VOYAGE_API_KEY (openclaw#7078) (thanks @mcinteerj) (openclaw#10699) * feat(antigravity): update default model to Claude Opus 4.6 (openclaw#10720) * feat(antigravity): update default model to Claude Opus 4.6 Claude Opus 4.5 has been replaced by Claude Opus 4.6 on the Antigravity (Google Cloud Code Assist) platform. - Update DEFAULT_MODEL in google-antigravity-auth extension - Update testing docs to reference the new model * fix: update remaining antigravity opus 4.5 refs in zh-CN docs and tests Address review comments from Greptile: - Update zh-CN/testing.md antigravity model references - Update pi-tools-agent-config.test.ts model IDs * Antigravity: default OAuth model to Opus 4.6 (openclaw#10720) (thanks @calvin-hpnet) --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix(hooks): replace debug console.log with proper subsystem logging in session-memory (openclaw#10730) * fix: replace debug console.log with proper subsystem logging in session-memory * fix(hooks): normalize session-memory subsystem logging --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * docs(changelog): prepare 2026.2.6 * docs(changelog): include merged PRs since v2026.2.3 * chore(release): bump version to 2026.2.6 * fix(telegram): cast fetch for grammY ApiClientOptions * docs: fix markdownlint fragments + headings * docs(changelog): refresh 2026.2.6 since v2026.2.3 * docs(imessage): add macOS TCC troubleshooting * docs(imessage): improve macOS TCC troubleshooting guidance (openclaw#10781) * chore(deps): update deps * fix(agents): add Opus 4.6 forward-compat fallback * chore(deps): bump carbon beta * docs(changelog): curate 2026.2.6 * docs(changelog): highlight Opus 4.6 + Codex 5.3 first * Fix QMD CLI installation link in memory.md (openclaw#8647) Correct the installation link for the QMD CLI in the documentation. * chore(lockfile): fix pnpm-lock * fix: cron scheduler reliability, store hardening, and UX improvements (openclaw#10776) * refactor: update cron job wake mode and run mode handling - Changed default wake mode from 'next-heartbeat' to 'now' in CronJobEditor and related CLI commands. - Updated cron-tool tests to reflect changes in run mode, introducing 'due' and 'force' options. - Enhanced cron-tool logic to handle new run modes and ensure compatibility with existing job structures. - Added new tests for delivery plan consistency and job execution behavior under various conditions. - Improved normalization functions to handle wake mode and session target casing. This refactor aims to streamline cron job configurations and enhance the overall user experience with clearer defaults and improved functionality. * test: enhance cron job functionality and UI - Added tests to ensure the isolated agent correctly announces the final payload text when delivering messages via Telegram. - Implemented a new function to pick the last deliverable payload from a list of delivery payloads. - Enhanced the cron service to maintain legacy "every" jobs while minute cron jobs recompute schedules. - Updated the cron store migration tests to verify the addition of anchorMs to legacy every schedules. - Improved the UI for displaying cron job details, including job state and delivery information, with new styles and layout adjustments. These changes aim to improve the reliability and user experience of the cron job system. * test: enhance sessions thinking level handling - Added tests to verify that the correct thinking levels are applied during session spawning. - Updated the sessions-spawn-tool to include a new parameter for overriding thinking levels. - Enhanced the UI to support additional thinking levels, including "xhigh" and "full", and improved the handling of current options in dropdowns. These changes aim to improve the flexibility and accuracy of thinking level configurations in session management. * feat: enhance session management and cron job functionality - Introduced passthrough arguments in the test-parallel script to allow for flexible command-line options. - Updated session handling to hide cron run alias session keys from the sessions list, improving clarity. - Enhanced the cron service to accurately record job start times and durations, ensuring better tracking of job execution. - Added tests to verify the correct behavior of the cron service under various conditions, including zero-delay timers. These changes aim to improve the usability and reliability of session and cron job management. * feat: implement job running state checks in cron service - Added functionality to prevent manual job runs if a job is already in progress, enhancing job management. - Updated the `isJobDue` function to include checks for running jobs, ensuring accurate scheduling. - Enhanced the `run` function to return a specific reason when a job is already running. - Introduced a new test case to verify the behavior of forced manual runs during active job execution. These changes aim to improve the reliability and clarity of cron job execution and management. * feat: add session ID and key to CronRunLogEntry model - Introduced `sessionid` and `sessionkey` properties to the `CronRunLogEntry` struct for enhanced tracking of session-related information. - Updated the initializer and Codable conformance to accommodate the new properties, ensuring proper serialization and deserialization. These changes aim to improve the granularity of logging and session management within the cron job system. * fix: improve session display name resolution - Updated the `resolveSessionDisplayName` function to ensure that both label and displayName are trimmed and default to an empty string if not present. - Enhanced the logic to prevent returning the key if it matches the label or displayName, improving clarity in session naming. These changes aim to enhance the accuracy and usability of session display names in the UI. * perf: skip cron store persist when idle timer tick produces no changes recomputeNextRuns now returns a boolean indicating whether any job state was mutated. The idle path in onTimer only persists when the return value is true, eliminating unnecessary file writes every 60s for far-future or idle schedules. * fix: prep for merge - explicit delivery mode migration, docs + changelog (openclaw#10776) (thanks @tyler6204) * Docs: fix broken /plugins links (openclaw#9308) * Docs: fix broken /plugins links to /plugin The documentation linked to /plugins which doesn't exist. The correct path is /plugin (singular) which contains the plugins overview documentation. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: drop manual zh-CN doc edits from plugins link fix --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * fix(build): unblock pnpm build dts * Fix repository links in formal-verification.md (openclaw#10200) Updated repository links for formal verification models. * Revert previous change from 'Clawdbot' to 'OpenClaw' in lore (openclaw#9119) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval (openclaw#10818) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval Voyage AI recommends passing input_type='document' when indexing and input_type='query' when searching. This improves retrieval quality by optimising the embedding space for each direction. Changes: - embedQuery now passes input_type: 'query' - embedBatch now passes input_type: 'document' - Batch API request_params includes input_type: 'document' - Tests updated to verify input_type is passed correctly * Changelog: note Voyage embeddings input_type fix (openclaw#10818) (thanks @mcinteerj) --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix(dashboard): restore tokenized control ui links * chore(skills): remove bird skill * chore(onboard): move xAI up in auth list * chore(release): 2026.2.6-1 * chore(onboard): move xAI below Google * ci: add concurrency controls, consolidate macOS jobs, optimize Windows CI * ci: re-enable parallel vitest on Windows CI * docs(changelog): note CI pipeline optimization (openclaw#10784) (thanks @mcaxtr) * fix(build): support daemon-cli .mjs bundles in compat shim * fix(docker): support .mjs entrypoints in images and e2e * test(hooks): stabilize session-memory hook tests * chore(release): 2026.2.6-2 * chore(onboard): reorder xAI + Qianfan providers * chore(release): 2026.2.6-3 * fix: comprehensive BlueBubbles and channel cleanup (openclaw#11093) * feat(bluebubbles): auto-strip markdown from outbound messages (openclaw#7402) * fix(security): add timeout to webhook body reading (openclaw#6762) Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5). Merged with existing maxBytes protection in voice-call. * fix(security): unify Error objects and lint fixes in webhook timeouts (openclaw#6762) * fix: prevent plugins from auto-enabling without user consent (openclaw#3961) Changes default plugin enabled state from true to false in enablePluginEntry(). Preserves existing enabled:true values. Fixes openclaw#3932. * fix: apply hierarchical mediaMaxMb config to all channels (openclaw#8749) Generalizes resolveAttachmentMaxBytes() to use account → channel → global config resolution for all channels, not just BlueBubbles. Fixes openclaw#7847. * fix(bluebubbles): sanitize attachment filenames against header injection (openclaw#10333) Strip ", \r, \n, and \\ from filenames after path.basename() to prevent multipart Content-Disposition header injection (CWE-93, CVSS 5.4). Also adds sanitization to setGroupIconBlueBubbles which had zero filename sanitization. * fix(lint): exclude extensions/ from Oxlint preflight check (openclaw#9313) Extensions use PluginRuntime|null patterns that trigger no-redundant-type-constituents because PluginRuntime resolves to any. Excluding extensions/ from Oxlint unblocks user upgrades. Re-applies the approach from closed PR openclaw#10087. * fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (openclaw#7745) Non-Private-API mode (AppleScript) requires tempGuid in send payloads. The main sendMessageBlueBubbles already had it, but createNewChatWithMessage was missing it, causing 400 errors for new chat creation without Private API. * fix: send stop-typing signal when run ends with NO_REPLY (openclaw#8785) Adds onCleanup callback to the typing controller that fires when the controller is cleaned up while typing was active (e.g., after NO_REPLY). Channels using createTypingCallbacks automatically get stop-typing on cleanup. This prevents the typing indicator from lingering in group chats when the agent decides not to reply. * fix(telegram): deduplicate skill commands in multi-agent setup (openclaw#5717) Two fixes: 1. Skip duplicate workspace dirs when listing skill commands across agents. Multiple agents sharing the same workspace would produce duplicate commands with _2, _3 suffixes. 2. Clear stale commands via deleteMyCommands before registering new ones. Commands from deleted skills now get cleaned up on restart. * fix: add size limits to unbounded in-memory caches (openclaw#4948) Adds max-size caps with oldest-entry eviction to prevent OOM in long-running deployments: - BlueBubbles serverInfoCache: 64 entries (already has TTL) - Google Chat authCache: 32 entries - Matrix directRoomCache: 1024 entries - Discord presenceCache: 5000 entries per account * fix: address review concerns (openclaw#11093) - Chain deleteMyCommands → setMyCommands to prevent race condition (openclaw#5717) - Rename enablePluginEntry to registerPluginEntry (now sets enabled: false) - Add Slow-Loris timeout test for readJsonBody (openclaw#6023) * docs: add symptom-first troubleshooting hub and deep runbooks (openclaw#11196) * docs(troubleshooting): add symptom-first troubleshooting runbooks * docs(troubleshooting): fix approvals command examples * docs(troubleshooting): wrap symptom cases in accordions * docs(automation): clarify userTimezone missing-key behavior * docs(troubleshooting): fix first-60-seconds ladder order * docs: add missing HEARTBEAT.md and MEMORY.md to bootstrap files list (openclaw#8105) * docs: add missing HEARTBEAT.md and MEMORY.md to bootstrap files list Fixes openclaw#7928 The documentation for skipBootstrap and workspace setup was missing HEARTBEAT.md and MEMORY.md from the bootstrap files list. Changes: - docs/gateway/configuration.md: Add HEARTBEAT.md and MEMORY.md - docs/zh-CN/gateway/configuration.md: Same for Chinese version - docs/start/openclaw.md: Add HEARTBEAT.md, clarify MEMORY.md is optional - docs/zh-CN/start/openclaw.md: Same for Chinese version * fix: reference PR number instead of issue in CHANGELOG * docs(workspace): align bootstrap file docs with runtime (openclaw#8105) --------- Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * Agents: include runtime shell (openclaw#1835) * Agents: include runtime shell * Agents: fix compact runtime build * chore: fix CLAUDE.md formatting, security regex for secret --------- Co-authored-by: Tak hoffman <takayukihoffman@gmail.com> Co-authored-by: quotentiroler <max.nussbaumer@maxhealth.tech> * Web UI: show Compaction divider in chat history (openclaw#11341) * adding PR review workflow * added more explicit instructions * docs: canonicalize docs paths and align zh navigation (openclaw#11428) * docs(navigation): canonicalize paths and align zh nav * chore(docs): remove stray .DS_Store * docs(scripts): add non-mint docs link audit * docs(nav): fix zh source paths and preserve legacy redirects (openclaw#11428) (thanks @sebslight) * chore(docs): satisfy lint for docs link audit script (openclaw#11428) (thanks @sebslight) * chore: bump pi to 0.52.8 * Fix typo in FAQ regarding model configuration command (openclaw#6048) * CI: skip heavy jobs on docs-only changes (openclaw#11328) * fix: add .caf to AUDIO_FILE_EXTENSIONS (openclaw#10982) * fix: add .caf to AUDIO_FILE_EXTENSIONS for iMessage voice messages * fix: add caf audio extension regression coverage (openclaw#10982) (thanks @succ985) --------- Co-authored-by: succ985 <succ985@users.noreply.github.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * Gateway: fix multi-agent sessions.usage discovery (openclaw#11523) * Gateway: fix multi-agent sessions.usage discovery * Gateway: resolve sessions.usage keys via sessionId * feat(gateway): add agents.create/update/delete methods (openclaw#11045) * feat(gateway): add agents.create/update/delete methods * fix(lint): preserve memory-lancedb load error cause * feat(gateway): trash agent files on agents.delete * chore(protocol): regenerate Swift gateway models * fix(gateway): stabilize agents.create dirs and agentDir * feat(gateway): support avatar in agents.create * fix: prep agents.create/update/delete handlers (openclaw#11045) (thanks @advaitpaliwal) - Reuse movePathToTrash from browser/trash.ts (has ~/.Trash fallback on non-macOS) - Fix partial-failure: workspace setup now runs before config write - Always write Name to IDENTITY.md regardless of emoji/avatar - Add unit tests for agents.create, agents.update, agents.delete - Add CHANGELOG entry --------- Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM> * feat(sanitize): enhance context overflow error handling in user-facing text - Added tests to ensure proper sanitization of context overflow errors. - Introduced a new function to determine when to rewrite context overflow messages. - Updated the sanitization logic to improve user experience by providing clearer error messages while preserving conversational context. * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11448) * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11329) When gateway.bind=lan, the HTTP server correctly binds to 0.0.0.0 (all interfaces), but WebSocket connection URLs, probe targets, and Control UI links were hardcoded to 127.0.0.1. This caused CLI commands and status probes to show localhost-only URLs even in LAN mode, and made onboarding display misleading connection info. - Add pickPrimaryLanIPv4() to gateway/net.ts to detect the machine's primary LAN IPv4 address (prefers en0/eth0, falls back to any external interface) - Update pickProbeHostForBind() to use LAN IP when bind=lan - Update buildGatewayConnectionDetails() to use LAN IP and report "local lan <ip>" as the URL source - Update resolveControlUiLinks() to return LAN-accessible URLs - Update probe note in status.gather.ts to reflect new behavior - Add tests for pickPrimaryLanIPv4 and bind=lan URL resolution Closes openclaw#11329 Co-authored-by: Cursor <cursoragent@cursor.com> * test: move vi.restoreAllMocks to afterEach in pickPrimaryLanIPv4 Per review feedback: avoid calling vi.restoreAllMocks() inside individual tests as it restores all spies globally and can cause ordering issues. Use afterEach in the describe block instead. Co-authored-by: Cursor <cursoragent@cursor.com> * Changelog: note LAN bind URLs fix (openclaw#11448) (thanks @AnonO6) --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix: recover from context overflow caused by oversized tool results (openclaw#11579) * fix: gracefully handle oversized tool results causing context overflow When a subagent reads a very large file or gets a huge tool result (e.g., gh pr diff on a massive PR), it can exceed the model's context window in a single prompt. Auto-compaction can't help because there's no older history to compact — just one giant tool result. This adds two layers of defense: 1. Pre-emptive: Hard cap on tool result size (400K chars ≈ 100K tokens) applied in the session tool result guard before persistence. This prevents extremely large tool results from being stored in full, regardless of model context window size. 2. Recovery: When context overflow is detected and compaction fails, scan session messages for oversized tool results relative to the model's actual context window (30% max share). If found, truncate them in the session via branching (creating a new branch with truncated content) and retry the prompt. The truncation preserves the beginning of the content (most useful for understanding what was read) and appends a notice explaining the truncation and suggesting offset/limit parameters for targeted reads. Includes comprehensive tests for: - Text truncation with newline-boundary awareness - Context-window-proportional size calculation - In-memory message truncation - Oversized detection heuristics - Guard-level size capping during persistence * fix: prep fixes for tool result truncation PR (openclaw#11579) (thanks @tyler6204) * Memory: harden QMD startup, timeouts, and fallback recovery * Memory: queue forced QMD sync and handle sqlite busy reads * Memory: chain forced QMD queue and fail over on busy index * Memory: make QMD cache eviction callback idempotent * Memory: add SQLITE_BUSY fallback regression test * Update CHANGELOG.md for version 2026.2.6-4: Added RPC methods for agent management, fixed context overflow recovery, improved LAN IP handling, enhanced memory retrieval, and updated media understanding for audio transcription. * Tests: harden flake hotspots and consolidate provider-auth suites (openclaw#11598) * Tests: harden flake hotspots and consolidate provider-auth suites * Tests: restore env vars by deleting missing snapshot values * Tests: use real newline in memory summary filter case * Tests(memory): use fake timers for qmd timeout coverage * Changelog: add tests hardening entry for openclaw#11598 * docs: clarify onboarding instructions for beginners (openclaw#10956) * chore: updated PR review skills and workflow info on tests + fake timers * Fix Nix repository link in README (openclaw#7910) Updated Nix repository link in README. Co-authored-by: Josh <141778+bolapara@users.noreply.github.com> Co-authored-by: Seb Slight <19554889+sebslight@users.noreply.github.com> * Docs: fix cron.update param name id → jobId (openclaw#11365) (openclaw#11467) * Docs: fix cron.update param name id → jobId (openclaw#11365) * Docs: sync zh-CN cron.update param name id → jobId * docs: revert manual zh-CN generated docs edit (openclaw#11467) (thanks @lailoo) --------- Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * fix: use STATE_DIR instead of hardcoded ~/.openclaw for identity and canvas (openclaw#4824) * fix: use STATE_DIR instead of hardcoded ~/.openclaw for identity and canvas device-identity.ts and canvas-host/server.ts used hardcoded path.join(os.homedir(), '.openclaw', ...) ignoring OPENCLAW_STATE_DIR env var and the resolveStateDir() logic from config/paths.ts. This caused ~/.openclaw/identity and ~/.openclaw/canvas directories to be created even when state dir was overridden or resided elsewhere. * fix: format and remove duplicate imports * fix: scope state-dir patch + add regression tests (openclaw#4824) (thanks @kossoy) * fix: align state-dir fallbacks in hooks and agent paths (openclaw#4824) (thanks @kossoy) --------- Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * fix(cron): share isolated announce flow + harden cron scheduling/delivery (openclaw#11641) * fix(cron): comprehensive cron scheduling and delivery fixes - Fix delivery target resolution for isolated agent cron jobs - Improve schedule parsing and validation - Add job retry logic and error handling - Enhance cron ops with better state management - Add timer improvements for more reliable cron execution - Add cron event type to protocol schema - Support cron events in heartbeat runner (skip empty-heartbeat check, use dedicated CRON_EVENT_PROMPT for relay) * fix: remove cron debug test and add changelog/docs notes (openclaw#11641) (thanks @tyler6204) * fix: context overflow compaction and subagent announce improvements (openclaw#11664) (thanks @tyler6204) * initial commit * feat: implement deriveSessionTotalTokens function and update usage tests * Added deriveSessionTotalTokens function to calculate total tokens based on usage and context tokens. * Updated usage tests to include cases for derived session total tokens. * Refactored session usage calculations in multiple files to utilize the new function for improved accuracy. * fix: restore overflow truncation fallback + changelog/test hardening (openclaw#11551) (thanks @tyler6204) * fix(ui): smooth chat refresh scroll and suppress new-messages badge flash * fix(discord): support forum channel thread-create (openclaw#10062) * fix(discord): support forum channel thread-create * fix: harden discord forum thread-create (openclaw#10062) (thanks @jarvis89757) --------- Co-authored-by: Shakker <shakkerdroid@gmail.com> * feat(telegram): add spoiler tag support (openclaw#11543) * feat(telegram): add spoiler tag support Render markdown ||spoiler|| syntax as <tg-spoiler> tags in Telegram HTML output. The markdown IR already parses spoiler syntax, but the Telegram renderer was missing the style marker. This adds the spoiler marker to renderTelegramHtml(). Fixes spoiler text appearing as raw ||text|| instead of hidden text. * fix: enable Telegram spoiler rendering (openclaw#11543) (thanks @ezhikkk) --------- Co-authored-by: Параша <parasha@openclaw.local> Co-authored-by: Muhammed Mukhthar CM <mukhtharcm@gmail.com> * fix(doctor): suppress repeated legacy state migration warnings (openclaw#11709) * fix(doctor): suppress repeated state migration warning * fix: harden state-dir mirror detection + warnings (openclaw#11709) (thanks @gumadeiras) * test: cover mirror hardening edge cases (openclaw#11709) (thanks @gumadeiras) * CI: scope heavy jobs, build once, and remove duplicate validation work (openclaw#11570) * CI: scope jobs and reuse build artifacts * CI: fix scope fallback and remove unused artifact job * CI: remove setup-node pnpm cache inputs * CI: add pnpm store cache and dist artifact smoke * CI: extract pnpm cache action and consume dist artifact * chore: centralizing warning filters * chore: suppress warnings for node default output path * chore: project hygiene — fix workspace:*, sandbox USER, dead config (openclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies * docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> * Centralize date/time formatting utilities (openclaw#11831) * chore: fix vitest standalone configs and update package description (openclaw#11865) * chore: fix vitest standalone configs and update package description - vitest.live.config.ts and vitest.e2e.config.ts now extend root config - Inherits testTimeout (120s), resolve.alias, pool, setupFiles, excludes - ui/vitest.node.config.ts gets explicit 120s timeout - package.json description updated for multi-channel AI gateway - Removed unused src/utils/time-format.ts * chore: filter inherited excludes in live/e2e vitest configs * refactor: dedupe GroupPolicy/DmPolicy in extensions Import from openclaw/plugin-sdk instead of re-declaring identical types. * Add GitHub Copilot models to xhigh list (openclaw#11646) * Add GitHub Copilot models to xhigh list * fix(thinking): add xhigh copilot tests and changelog (openclaw#11646) (thanks @seans-openclawbot) --------- Co-authored-by: Sean Dai <sdai@gatech.edu> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * Exec approvals: render forwarded commands in monospace (openclaw#11937) * fix(exec-approvals): format forwarded commands as code * fix(exec-approvals): place fenced command blocks on new line (openclaw#11937) (thanks @sebslight) * docs: fix changelog PR reference Fix Exec approvals command text formatting issue for safer approval scanning. * Gateway/Plugins: device pairing + phone control plugins (openclaw#11755) * iOS: alpha node app + setup-code onboarding (openclaw#11756) * Memory/QMD: warn when scope denies search * Docs i18n: make translation prompt language-pluggable * Docs: seed ja-JP translations * Docs: use ja-jp Mintlify language code * Docs: note ja-JP docs POC in changelog (openclaw#11988) (thanks @joshp123) * Docs: fix language switcher order + Japanese locale * Docs: note language switcher ordering + JP flag fix (openclaw#12023) (thanks @joshp123) * fix(paths): respect OPENCLAW_HOME for all internal path resolution (openclaw#12091) * fix(paths): respect OPENCLAW_HOME for all internal path resolution (openclaw#11995) Add home-dir module (src/infra/home-dir.ts) that centralizes home directory resolution with precedence: OPENCLAW_HOME > HOME > USERPROFILE > os.homedir(). Migrate all path-sensitive callsites: config IO, agent dirs, session transcripts, pairing store, cron store, doctor, CLI profiles. Add envHomedir() helper in config/paths.ts to reduce lambda noise. Document OPENCLAW_HOME in docs/help/environment.md. * fix(paths): handle OPENCLAW_HOME '~' fallback (openclaw#12091) (thanks @sebslight) * docs: mention OPENCLAW_HOME in install and getting started (openclaw#12091) (thanks @sebslight) * fix(status): show OPENCLAW_HOME in shortened paths (openclaw#12091) (thanks @sebslight) * docs(changelog): clarify OPENCLAW_HOME and HOME precedence (openclaw#12091) (thanks @sebslight) * changelog: split openclaw#12091 entry into Added + Fixes * fix(config): clamp maxTokens to contextWindow to prevent invalid configurations Closes openclaw#5308 When users configure maxTokens larger than contextWindow (e.g., maxTokens: 40960 with contextWindow: 32768), the model may fail silently. This fix clamps maxTokens to be at most contextWindow, preventing such invalid configurations. * test(config): cover maxTokens clamping * chore(changelog): note maxTokens clamp (openclaw#5516) (thanks @lailoo) (openclaw#12139) * fix: more merge fixes * fix: fix gauranteed rejection when declaredCommands undefined * fix: resolve build errors and eslint warnings - Add missing parseDatedFilename function to memory/internal.ts - Remove reference to undefined thinkingWarning variable - Fix node.invoke guard to maintain backward compatibility - Rename unused runtimeConfig variable to _runtimeConfig Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> --------- Co-authored-by: ideoutrea <ideoutrea@163.com> Co-authored-by: ide-rea <30512600+ide-rea@users.noreply.github.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> Co-authored-by: Yida-Dev <92713555+Yida-Dev@users.noreply.github.com> Co-authored-by: Yida-Dev <reyifeijun@gmail.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> Co-authored-by: Jake <mcinteerj@gmail.com> Co-authored-by: calvin-hpnet <calvin@hpnet.co.uk> Co-authored-by: Shadril Hassan Shifat <63901551+shadril238@users.noreply.github.com> Co-authored-by: Peter Steinberger <steipete@gmail.com> Co-authored-by: gitpds <pds@pds.dev> Co-authored-by: Seb Slight <19554889+sebslight@users.noreply.github.com> Co-authored-by: Raymond Berger <RayBB@users.noreply.github.com> Co-authored-by: Tyler Yust <64381258+tyler6204@users.noreply.github.com> Co-authored-by: DEOKLYONG MOON <dfjk71@khu.ac.kr> Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com> Co-authored-by: Markus Buhatem Koch <markusbkoch@gmail.com> Co-authored-by: Marcus Castro <mcaxtr@gmail.com> Co-authored-by: 大猫子 <ll1042668699@gmail.com> Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Tak hoffman <takayukihoffman@gmail.com> Co-authored-by: quotentiroler <max.nussbaumer@maxhealth.tech> Co-authored-by: Abdullah <syedabdullah535@gmail.com> Co-authored-by: max <40643627+quotentiroler@users.noreply.github.com> Co-authored-by: succ985 <3186520056@qq.com> Co-authored-by: succ985 <succ985@users.noreply.github.com> Co-authored-by: Advait Paliwal <advaitspaliwal@gmail.com> Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM> Co-authored-by: Aviral <124311066+AnonO6@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Vignesh Natarajan <vigneshnatarajan92@gmail.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@users.noreply.github.com> Co-authored-by: Rohan Patil <rohanspatil801@gmail.com> Co-authored-by: danielcadenhead <danielcadenhead88@gmail.com> Co-authored-by: Josh <141778+bolapara@users.noreply.github.com> Co-authored-by: Oleg Kossoy <oleg.kossoy@gmail.com> Co-authored-by: jarvis89757 <jarvis@techflow.studio> Co-authored-by: Shakker <shakkerdroid@gmail.com> Co-authored-by: ezhikkk <105670095+ezhikkk@users.noreply.github.com> Co-authored-by: Параша <parasha@openclaw.local> Co-authored-by: Muhammed Mukhthar CM <mukhtharcm@gmail.com> Co-authored-by: theonejvo <theonejvo@users.noreply.github.com> Co-authored-by: seans-openclawbot <seandai.apps@gmail.com> Co-authored-by: Sean Dai <sdai@gatech.edu> Co-authored-by: Mariano Belinky <mbelinky@gmail.com> Co-authored-by: Josh Palmer <joshp123@users.noreply.github.com> Co-authored-by: George Pickett <gpickett00@gmail.com>

…penclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies

@Yida-Dev

* Add baidu qianfan model provider * Add baidu qianfan model provider * Fix format * Optimize doc * optimize doc * Fix import error * Add auth choice * Optimize format * Optimize doc * Fix key resolve * Optimize import * Support ERNIE-5.0-Thinking-Preview * Resolve conflicts * Fix conflicts * Docs: add PR sign-off template (openclaw#10561) * fix: guard resolveUserPath against undefined input (openclaw#10176) * fix: guard resolveUserPath against undefined input When subagent spawner omits workspaceDir, resolveUserPath receives undefined and crashes on .trim(). Add a falsy guard that falls back to process.cwd(), matching the behavior callers already expect. Closes openclaw#10089 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: harden runner workspace fallback (openclaw#10176) (thanks @Yida-Dev) * fix: harden workspace fallback scoping (openclaw#10176) (thanks @Yida-Dev) * refactor: centralize workspace fallback classification and redaction (openclaw#10176) (thanks @Yida-Dev) * test: remove explicit any from utils mock (openclaw#10176) (thanks @Yida-Dev) * security: reject malformed agent session keys for workspace resolution (openclaw#10176) (thanks @Yida-Dev) --------- Co-authored-by: Yida-Dev <reyifeijun@gmail.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * Docs: revise PR and issue submission guides (openclaw#10617) * Docs: revise PR submission guide * Docs: revise issue submission guide * feat(memory): native Voyage AI support (openclaw#7078) * feat(memory): add native Voyage AI embedding support with batching Cherry-picked from PR openclaw#2519, resolved conflict in memory-search.ts (hasRemote -> hasRemoteConfig rename + added voyage provider) * fix(memory): optimize voyage batch memory usage with streaming and deduplicate code Cherry-picked from PR openclaw#2519. Fixed lint error: changed this.runWithConcurrency to use imported runWithConcurrency function after extraction to internal.ts * feat(memory): document Voyage embeddings + VOYAGE_API_KEY (openclaw#7078) (thanks @mcinteerj) (openclaw#10699) * feat(antigravity): update default model to Claude Opus 4.6 (openclaw#10720) * feat(antigravity): update default model to Claude Opus 4.6 Claude Opus 4.5 has been replaced by Claude Opus 4.6 on the Antigravity (Google Cloud Code Assist) platform. - Update DEFAULT_MODEL in google-antigravity-auth extension - Update testing docs to reference the new model * fix: update remaining antigravity opus 4.5 refs in zh-CN docs and tests Address review comments from Greptile: - Update zh-CN/testing.md antigravity model references - Update pi-tools-agent-config.test.ts model IDs * Antigravity: default OAuth model to Opus 4.6 (openclaw#10720) (thanks @calvin-hpnet) --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix(hooks): replace debug console.log with proper subsystem logging in session-memory (openclaw#10730) * fix: replace debug console.log with proper subsystem logging in session-memory * fix(hooks): normalize session-memory subsystem logging --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * docs(changelog): prepare 2026.2.6 * docs(changelog): include merged PRs since v2026.2.3 * chore(release): bump version to 2026.2.6 * fix(telegram): cast fetch for grammY ApiClientOptions * docs: fix markdownlint fragments + headings * docs(changelog): refresh 2026.2.6 since v2026.2.3 * docs(imessage): add macOS TCC troubleshooting * docs(imessage): improve macOS TCC troubleshooting guidance (openclaw#10781) * chore(deps): update deps * fix(agents): add Opus 4.6 forward-compat fallback * chore(deps): bump carbon beta * docs(changelog): curate 2026.2.6 * docs(changelog): highlight Opus 4.6 + Codex 5.3 first * Fix QMD CLI installation link in memory.md (openclaw#8647) Correct the installation link for the QMD CLI in the documentation. * chore(lockfile): fix pnpm-lock * fix: cron scheduler reliability, store hardening, and UX improvements (openclaw#10776) * refactor: update cron job wake mode and run mode handling - Changed default wake mode from 'next-heartbeat' to 'now' in CronJobEditor and related CLI commands. - Updated cron-tool tests to reflect changes in run mode, introducing 'due' and 'force' options. - Enhanced cron-tool logic to handle new run modes and ensure compatibility with existing job structures. - Added new tests for delivery plan consistency and job execution behavior under various conditions. - Improved normalization functions to handle wake mode and session target casing. This refactor aims to streamline cron job configurations and enhance the overall user experience with clearer defaults and improved functionality. * test: enhance cron job functionality and UI - Added tests to ensure the isolated agent correctly announces the final payload text when delivering messages via Telegram. - Implemented a new function to pick the last deliverable payload from a list of delivery payloads. - Enhanced the cron service to maintain legacy "every" jobs while minute cron jobs recompute schedules. - Updated the cron store migration tests to verify the addition of anchorMs to legacy every schedules. - Improved the UI for displaying cron job details, including job state and delivery information, with new styles and layout adjustments. These changes aim to improve the reliability and user experience of the cron job system. * test: enhance sessions thinking level handling - Added tests to verify that the correct thinking levels are applied during session spawning. - Updated the sessions-spawn-tool to include a new parameter for overriding thinking levels. - Enhanced the UI to support additional thinking levels, including "xhigh" and "full", and improved the handling of current options in dropdowns. These changes aim to improve the flexibility and accuracy of thinking level configurations in session management. * feat: enhance session management and cron job functionality - Introduced passthrough arguments in the test-parallel script to allow for flexible command-line options. - Updated session handling to hide cron run alias session keys from the sessions list, improving clarity. - Enhanced the cron service to accurately record job start times and durations, ensuring better tracking of job execution. - Added tests to verify the correct behavior of the cron service under various conditions, including zero-delay timers. These changes aim to improve the usability and reliability of session and cron job management. * feat: implement job running state checks in cron service - Added functionality to prevent manual job runs if a job is already in progress, enhancing job management. - Updated the `isJobDue` function to include checks for running jobs, ensuring accurate scheduling. - Enhanced the `run` function to return a specific reason when a job is already running. - Introduced a new test case to verify the behavior of forced manual runs during active job execution. These changes aim to improve the reliability and clarity of cron job execution and management. * feat: add session ID and key to CronRunLogEntry model - Introduced `sessionid` and `sessionkey` properties to the `CronRunLogEntry` struct for enhanced tracking of session-related information. - Updated the initializer and Codable conformance to accommodate the new properties, ensuring proper serialization and deserialization. These changes aim to improve the granularity of logging and session management within the cron job system. * fix: improve session display name resolution - Updated the `resolveSessionDisplayName` function to ensure that both label and displayName are trimmed and default to an empty string if not present. - Enhanced the logic to prevent returning the key if it matches the label or displayName, improving clarity in session naming. These changes aim to enhance the accuracy and usability of session display names in the UI. * perf: skip cron store persist when idle timer tick produces no changes recomputeNextRuns now returns a boolean indicating whether any job state was mutated. The idle path in onTimer only persists when the return value is true, eliminating unnecessary file writes every 60s for far-future or idle schedules. * fix: prep for merge - explicit delivery mode migration, docs + changelog (openclaw#10776) (thanks @tyler6204) * Docs: fix broken /plugins links (openclaw#9308) * Docs: fix broken /plugins links to /plugin The documentation linked to /plugins which doesn't exist. The correct path is /plugin (singular) which contains the plugins overview documentation. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: drop manual zh-CN doc edits from plugins link fix --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * fix(build): unblock pnpm build dts * Fix repository links in formal-verification.md (openclaw#10200) Updated repository links for formal verification models. * Revert previous change from 'Clawdbot' to 'OpenClaw' in lore (openclaw#9119) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval (openclaw#10818) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval Voyage AI recommends passing input_type='document' when indexing and input_type='query' when searching. This improves retrieval quality by optimising the embedding space for each direction. Changes: - embedQuery now passes input_type: 'query' - embedBatch now passes input_type: 'document' - Batch API request_params includes input_type: 'document' - Tests updated to verify input_type is passed correctly * Changelog: note Voyage embeddings input_type fix (openclaw#10818) (thanks @mcinteerj) --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix(dashboard): restore tokenized control ui links * chore(skills): remove bird skill * chore(onboard): move xAI up in auth list * chore(release): 2026.2.6-1 * chore(onboard): move xAI below Google * ci: add concurrency controls, consolidate macOS jobs, optimize Windows CI * ci: re-enable parallel vitest on Windows CI * docs(changelog): note CI pipeline optimization (openclaw#10784) (thanks @mcaxtr) * fix(build): support daemon-cli .mjs bundles in compat shim * fix(docker): support .mjs entrypoints in images and e2e * test(hooks): stabilize session-memory hook tests * chore(release): 2026.2.6-2 * chore(onboard): reorder xAI + Qianfan providers * chore(release): 2026.2.6-3 * fix: comprehensive BlueBubbles and channel cleanup (openclaw#11093) * feat(bluebubbles): auto-strip markdown from outbound messages (openclaw#7402) * fix(security): add timeout to webhook body reading (openclaw#6762) Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5). Merged with existing maxBytes protection in voice-call. * fix(security): unify Error objects and lint fixes in webhook timeouts (openclaw#6762) * fix: prevent plugins from auto-enabling without user consent (openclaw#3961) Changes default plugin enabled state from true to false in enablePluginEntry(). Preserves existing enabled:true values. Fixes openclaw#3932. * fix: apply hierarchical mediaMaxMb config to all channels (openclaw#8749) Generalizes resolveAttachmentMaxBytes() to use account → channel → global config resolution for all channels, not just BlueBubbles. Fixes openclaw#7847. * fix(bluebubbles): sanitize attachment filenames against header injection (openclaw#10333) Strip ", \r, \n, and \\ from filenames after path.basename() to prevent multipart Content-Disposition header injection (CWE-93, CVSS 5.4). Also adds sanitization to setGroupIconBlueBubbles which had zero filename sanitization. * fix(lint): exclude extensions/ from Oxlint preflight check (openclaw#9313) Extensions use PluginRuntime|null patterns that trigger no-redundant-type-constituents because PluginRuntime resolves to any. Excluding extensions/ from Oxlint unblocks user upgrades. Re-applies the approach from closed PR openclaw#10087. * fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (openclaw#7745) Non-Private-API mode (AppleScript) requires tempGuid in send payloads. The main sendMessageBlueBubbles already had it, but createNewChatWithMessage was missing it, causing 400 errors for new chat creation without Private API. * fix: send stop-typing signal when run ends with NO_REPLY (openclaw#8785) Adds onCleanup callback to the typing controller that fires when the controller is cleaned up while typing was active (e.g., after NO_REPLY). Channels using createTypingCallbacks automatically get stop-typing on cleanup. This prevents the typing indicator from lingering in group chats when the agent decides not to reply. * fix(telegram): deduplicate skill commands in multi-agent setup (openclaw#5717) Two fixes: 1. Skip duplicate workspace dirs when listing skill commands across agents. Multiple agents sharing the same workspace would produce duplicate commands with _2, _3 suffixes. 2. Clear stale commands via deleteMyCommands before registering new ones. Commands from deleted skills now get cleaned up on restart. * fix: add size limits to unbounded in-memory caches (openclaw#4948) Adds max-size caps with oldest-entry eviction to prevent OOM in long-running deployments: - BlueBubbles serverInfoCache: 64 entries (already has TTL) - Google Chat authCache: 32 entries - Matrix directRoomCache: 1024 entries - Discord presenceCache: 5000 entries per account * fix: address review concerns (openclaw#11093) - Chain deleteMyCommands → setMyCommands to prevent race condition (openclaw#5717) - Rename enablePluginEntry to registerPluginEntry (now sets enabled: false) - Add Slow-Loris timeout test for readJsonBody (openclaw#6023) * docs: add symptom-first troubleshooting hub and deep runbooks (openclaw#11196) * docs(troubleshooting): add symptom-first troubleshooting runbooks * docs(troubleshooting): fix approvals command examples * docs(troubleshooting): wrap symptom cases in accordions * docs(automation): clarify userTimezone missing-key behavior * docs(troubleshooting): fix first-60-seconds ladder order * docs: add missing HEARTBEAT.md and MEMORY.md to bootstrap files list (openclaw#8105) * docs: add missing HEARTBEAT.md and MEMORY.md to bootstrap files list Fixes openclaw#7928 The documentation for skipBootstrap and workspace setup was missing HEARTBEAT.md and MEMORY.md from the bootstrap files list. Changes: - docs/gateway/configuration.md: Add HEARTBEAT.md and MEMORY.md - docs/zh-CN/gateway/configuration.md: Same for Chinese version - docs/start/openclaw.md: Add HEARTBEAT.md, clarify MEMORY.md is optional - docs/zh-CN/start/openclaw.md: Same for Chinese version * fix: reference PR number instead of issue in CHANGELOG * docs(workspace): align bootstrap file docs with runtime (openclaw#8105) --------- Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * Agents: include runtime shell (openclaw#1835) * Agents: include runtime shell * Agents: fix compact runtime build * chore: fix CLAUDE.md formatting, security regex for secret --------- Co-authored-by: Tak hoffman <takayukihoffman@gmail.com> Co-authored-by: quotentiroler <max.nussbaumer@maxhealth.tech> * Web UI: show Compaction divider in chat history (openclaw#11341) * adding PR review workflow * added more explicit instructions * docs: canonicalize docs paths and align zh navigation (openclaw#11428) * docs(navigation): canonicalize paths and align zh nav * chore(docs): remove stray .DS_Store * docs(scripts): add non-mint docs link audit * docs(nav): fix zh source paths and preserve legacy redirects (openclaw#11428) (thanks @sebslight) * chore(docs): satisfy lint for docs link audit script (openclaw#11428) (thanks @sebslight) * chore: bump pi to 0.52.8 * Fix typo in FAQ regarding model configuration command (openclaw#6048) * CI: skip heavy jobs on docs-only changes (openclaw#11328) * fix: add .caf to AUDIO_FILE_EXTENSIONS (openclaw#10982) * fix: add .caf to AUDIO_FILE_EXTENSIONS for iMessage voice messages * fix: add caf audio extension regression coverage (openclaw#10982) (thanks @succ985) --------- Co-authored-by: succ985 <succ985@users.noreply.github.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * Gateway: fix multi-agent sessions.usage discovery (openclaw#11523) * Gateway: fix multi-agent sessions.usage discovery * Gateway: resolve sessions.usage keys via sessionId * feat(gateway): add agents.create/update/delete methods (openclaw#11045) * feat(gateway): add agents.create/update/delete methods * fix(lint): preserve memory-lancedb load error cause * feat(gateway): trash agent files on agents.delete * chore(protocol): regenerate Swift gateway models * fix(gateway): stabilize agents.create dirs and agentDir * feat(gateway): support avatar in agents.create * fix: prep agents.create/update/delete handlers (openclaw#11045) (thanks @advaitpaliwal) - Reuse movePathToTrash from browser/trash.ts (has ~/.Trash fallback on non-macOS) - Fix partial-failure: workspace setup now runs before config write - Always write Name to IDENTITY.md regardless of emoji/avatar - Add unit tests for agents.create, agents.update, agents.delete - Add CHANGELOG entry --------- Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM> * feat(sanitize): enhance context overflow error handling in user-facing text - Added tests to ensure proper sanitization of context overflow errors. - Introduced a new function to determine when to rewrite context overflow messages. - Updated the sanitization logic to improve user experience by providing clearer error messages while preserving conversational context. * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11448) * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11329) When gateway.bind=lan, the HTTP server correctly binds to 0.0.0.0 (all interfaces), but WebSocket connection URLs, probe targets, and Control UI links were hardcoded to 127.0.0.1. This caused CLI commands and status probes to show localhost-only URLs even in LAN mode, and made onboarding display misleading connection info. - Add pickPrimaryLanIPv4() to gateway/net.ts to detect the machine's primary LAN IPv4 address (prefers en0/eth0, falls back to any external interface) - Update pickProbeHostForBind() to use LAN IP when bind=lan - Update buildGatewayConnectionDetails() to use LAN IP and report "local lan <ip>" as the URL source - Update resolveControlUiLinks() to return LAN-accessible URLs - Update probe note in status.gather.ts to reflect new behavior - Add tests for pickPrimaryLanIPv4 and bind=lan URL resolution Closes openclaw#11329 Co-authored-by: Cursor <cursoragent@cursor.com> * test: move vi.restoreAllMocks to afterEach in pickPrimaryLanIPv4 Per review feedback: avoid calling vi.restoreAllMocks() inside individual tests as it restores all spies globally and can cause ordering issues. Use afterEach in the describe block instead. Co-authored-by: Cursor <cursoragent@cursor.com> * Changelog: note LAN bind URLs fix (openclaw#11448) (thanks @AnonO6) --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix: recover from context overflow caused by oversized tool results (openclaw#11579) * fix: gracefully handle oversized tool results causing context overflow When a subagent reads a very large file or gets a huge tool result (e.g., gh pr diff on a massive PR), it can exceed the model's context window in a single prompt. Auto-compaction can't help because there's no older history to compact — just one giant tool result. This adds two layers of defense: 1. Pre-emptive: Hard cap on tool result size (400K chars ≈ 100K tokens) applied in the session tool result guard before persistence. This prevents extremely large tool results from being stored in full, regardless of model context window size. 2. Recovery: When context overflow is detected and compaction fails, scan session messages for oversized tool results relative to the model's actual context window (30% max share). If found, truncate them in the session via branching (creating a new branch with truncated content) and retry the prompt. The truncation preserves the beginning of the content (most useful for understanding what was read) and appends a notice explaining the truncation and suggesting offset/limit parameters for targeted reads. Includes comprehensive tests for: - Text truncation with newline-boundary awareness - Context-window-proportional size calculation - In-memory message truncation - Oversized detection heuristics - Guard-level size capping during persistence * fix: prep fixes for tool result truncation PR (openclaw#11579) (thanks @tyler6204) * Memory: harden QMD startup, timeouts, and fallback recovery * Memory: queue forced QMD sync and handle sqlite busy reads * Memory: chain forced QMD queue and fail over on busy index * Memory: make QMD cache eviction callback idempotent * Memory: add SQLITE_BUSY fallback regression test * Update CHANGELOG.md for version 2026.2.6-4: Added RPC methods for agent management, fixed context overflow recovery, improved LAN IP handling, enhanced memory retrieval, and updated media understanding for audio transcription. * Tests: harden flake hotspots and consolidate provider-auth suites (openclaw#11598) * Tests: harden flake hotspots and consolidate provider-auth suites * Tests: restore env vars by deleting missing snapshot values * Tests: use real newline in memory summary filter case * Tests(memory): use fake timers for qmd timeout coverage * Changelog: add tests hardening entry for openclaw#11598 * docs: clarify onboarding instructions for beginners (openclaw#10956) * chore: updated PR review skills and workflow info on tests + fake timers * Fix Nix repository link in README (openclaw#7910) Updated Nix repository link in README. Co-authored-by: Josh <141778+bolapara@users.noreply.github.com> Co-authored-by: Seb Slight <19554889+sebslight@users.noreply.github.com> * Docs: fix cron.update param name id → jobId (openclaw#11365) (openclaw#11467) * Docs: fix cron.update param name id → jobId (openclaw#11365) * Docs: sync zh-CN cron.update param name id → jobId * docs: revert manual zh-CN generated docs edit (openclaw#11467) (thanks @lailoo) --------- Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * fix: use STATE_DIR instead of hardcoded ~/.openclaw for identity and canvas (openclaw#4824) * fix: use STATE_DIR instead of hardcoded ~/.openclaw for identity and canvas device-identity.ts and canvas-host/server.ts used hardcoded path.join(os.homedir(), '.openclaw', ...) ignoring OPENCLAW_STATE_DIR env var and the resolveStateDir() logic from config/paths.ts. This caused ~/.openclaw/identity and ~/.openclaw/canvas directories to be created even when state dir was overridden or resided elsewhere. * fix: format and remove duplicate imports * fix: scope state-dir patch + add regression tests (openclaw#4824) (thanks @kossoy) * fix: align state-dir fallbacks in hooks and agent paths (openclaw#4824) (thanks @kossoy) --------- Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * fix(cron): share isolated announce flow + harden cron scheduling/delivery (openclaw#11641) * fix(cron): comprehensive cron scheduling and delivery fixes - Fix delivery target resolution for isolated agent cron jobs - Improve schedule parsing and validation - Add job retry logic and error handling - Enhance cron ops with better state management - Add timer improvements for more reliable cron execution - Add cron event type to protocol schema - Support cron events in heartbeat runner (skip empty-heartbeat check, use dedicated CRON_EVENT_PROMPT for relay) * fix: remove cron debug test and add changelog/docs notes (openclaw#11641) (thanks @tyler6204) * fix: context overflow compaction and subagent announce improvements (openclaw#11664) (thanks @tyler6204) * initial commit * feat: implement deriveSessionTotalTokens function and update usage tests * Added deriveSessionTotalTokens function to calculate total tokens based on usage and context tokens. * Updated usage tests to include cases for derived session total tokens. * Refactored session usage calculations in multiple files to utilize the new function for improved accuracy. * fix: restore overflow truncation fallback + changelog/test hardening (openclaw#11551) (thanks @tyler6204) * fix(ui): smooth chat refresh scroll and suppress new-messages badge flash * fix(discord): support forum channel thread-create (openclaw#10062) * fix(discord): support forum channel thread-create * fix: harden discord forum thread-create (openclaw#10062) (thanks @jarvis89757) --------- Co-authored-by: Shakker <shakkerdroid@gmail.com> * feat(telegram): add spoiler tag support (openclaw#11543) * feat(telegram): add spoiler tag support Render markdown ||spoiler|| syntax as <tg-spoiler> tags in Telegram HTML output. The markdown IR already parses spoiler syntax, but the Telegram renderer was missing the style marker. This adds the spoiler marker to renderTelegramHtml(). Fixes spoiler text appearing as raw ||text|| instead of hidden text. * fix: enable Telegram spoiler rendering (openclaw#11543) (thanks @ezhikkk) --------- Co-authored-by: Параша <parasha@openclaw.local> Co-authored-by: Muhammed Mukhthar CM <mukhtharcm@gmail.com> * fix(doctor): suppress repeated legacy state migration warnings (openclaw#11709) * fix(doctor): suppress repeated state migration warning * fix: harden state-dir mirror detection + warnings (openclaw#11709) (thanks @gumadeiras) * test: cover mirror hardening edge cases (openclaw#11709) (thanks @gumadeiras) * CI: scope heavy jobs, build once, and remove duplicate validation work (openclaw#11570) * CI: scope jobs and reuse build artifacts * CI: fix scope fallback and remove unused artifact job * CI: remove setup-node pnpm cache inputs * CI: add pnpm store cache and dist artifact smoke * CI: extract pnpm cache action and consume dist artifact * chore: centralizing warning filters * chore: suppress warnings for node default output path * chore: project hygiene — fix workspace:*, sandbox USER, dead config (openclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies * docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> * Centralize date/time formatting utilities (openclaw#11831) * chore: fix vitest standalone configs and update package description (openclaw#11865) * chore: fix vitest standalone configs and update package description - vitest.live.config.ts and vitest.e2e.config.ts now extend root config - Inherits testTimeout (120s), resolve.alias, pool, setupFiles, excludes - ui/vitest.node.config.ts gets explicit 120s timeout - package.json description updated for multi-channel AI gateway - Removed unused src/utils/time-format.ts * chore: filter inherited excludes in live/e2e vitest configs * refactor: dedupe GroupPolicy/DmPolicy in extensions Import from openclaw/plugin-sdk instead of re-declaring identical types. * Add GitHub Copilot models to xhigh list (openclaw#11646) * Add GitHub Copilot models to xhigh list * fix(thinking): add xhigh copilot tests and changelog (openclaw#11646) (thanks @seans-openclawbot) --------- Co-authored-by: Sean Dai <sdai@gatech.edu> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * Exec approvals: render forwarded commands in monospace (openclaw#11937) * fix(exec-approvals): format forwarded commands as code * fix(exec-approvals): place fenced command blocks on new line (openclaw#11937) (thanks @sebslight) * docs: fix changelog PR reference Fix Exec approvals command text formatting issue for safer approval scanning. * Gateway/Plugins: device pairing + phone control plugins (openclaw#11755) * iOS: alpha node app + setup-code onboarding (openclaw#11756) * Memory/QMD: warn when scope denies search * Docs i18n: make translation prompt language-pluggable * Docs: seed ja-JP translations * Docs: use ja-jp Mintlify language code * Docs: note ja-JP docs POC in changelog (openclaw#11988) (thanks @joshp123) * Docs: fix language switcher order + Japanese locale * Docs: note language switcher ordering + JP flag fix (openclaw#12023) (thanks @joshp123) * fix(paths): respect OPENCLAW_HOME for all internal path resolution (openclaw#12091) * fix(paths): respect OPENCLAW_HOME for all internal path resolution (openclaw#11995) Add home-dir module (src/infra/home-dir.ts) that centralizes home directory resolution with precedence: OPENCLAW_HOME > HOME > USERPROFILE > os.homedir(). Migrate all path-sensitive callsites: config IO, agent dirs, session transcripts, pairing store, cron store, doctor, CLI profiles. Add envHomedir() helper in config/paths.ts to reduce lambda noise. Document OPENCLAW_HOME in docs/help/environment.md. * fix(paths): handle OPENCLAW_HOME '~' fallback (openclaw#12091) (thanks @sebslight) * docs: mention OPENCLAW_HOME in install and getting started (openclaw#12091) (thanks @sebslight) * fix(status): show OPENCLAW_HOME in shortened paths (openclaw#12091) (thanks @sebslight) * docs(changelog): clarify OPENCLAW_HOME and HOME precedence (openclaw#12091) (thanks @sebslight) * changelog: split openclaw#12091 entry into Added + Fixes * fix(config): clamp maxTokens to contextWindow to prevent invalid configurations Closes openclaw#5308 When users configure maxTokens larger than contextWindow (e.g., maxTokens: 40960 with contextWindow: 32768), the model may fail silently. This fix clamps maxTokens to be at most contextWindow, preventing such invalid configurations. * test(config): cover maxTokens clamping * chore(changelog): note maxTokens clamp (openclaw#5516) (thanks @lailoo) (openclaw#12139) * fix: more merge fixes * fix: fix gauranteed rejection when declaredCommands undefined * fix: resolve build errors and eslint warnings - Add missing parseDatedFilename function to memory/internal.ts - Remove reference to undefined thinkingWarning variable - Fix node.invoke guard to maintain backward compatibility - Rename unused runtimeConfig variable to _runtimeConfig Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * chore: lancedb embedding/llm-extraction refactoring * Docs: refine LG webOS TV skill (openclaw#360) * Docs: revise PR and issue submission guides (openclaw#10617) * Docs: revise PR submission guide * Docs: revise issue submission guide * docs: fix markdownlint fragments + headings * fix: cron scheduler reliability, store hardening, and UX improvements (openclaw#10776) * refactor: update cron job wake mode and run mode handling - Changed default wake mode from 'next-heartbeat' to 'now' in CronJobEditor and related CLI commands. - Updated cron-tool tests to reflect changes in run mode, introducing 'due' and 'force' options. - Enhanced cron-tool logic to handle new run modes and ensure compatibility with existing job structures. - Added new tests for delivery plan consistency and job execution behavior under various conditions. - Improved normalization functions to handle wake mode and session target casing. This refactor aims to streamline cron job configurations and enhance the overall user experience with clearer defaults and improved functionality. * test: enhance cron job functionality and UI - Added tests to ensure the isolated agent correctly announces the final payload text when delivering messages via Telegram. - Implemented a new function to pick the last deliverable payload from a list of delivery payloads. - Enhanced the cron service to maintain legacy "every" jobs while minute cron jobs recompute schedules. - Updated the cron store migration tests to verify the addition of anchorMs to legacy every schedules. - Improved the UI for displaying cron job details, including job state and delivery information, with new styles and layout adjustments. These changes aim to improve the reliability and user experience of the cron job system. * test: enhance sessions thinking level handling - Added tests to verify that the correct thinking levels are applied during session spawning. - Updated the sessions-spawn-tool to include a new parameter for overriding thinking levels. - Enhanced the UI to support additional thinking levels, including "xhigh" and "full", and improved the handling of current options in dropdowns. These changes aim to improve the flexibility and accuracy of thinking level configurations in session management. * feat: enhance session management and cron job functionality - Introduced passthrough arguments in the test-parallel script to allow for flexible command-line options. - Updated session handling to hide cron run alias session keys from the sessions list, improving clarity. - Enhanced the cron service to accurately record job start times and durations, ensuring better tracking of job execution. - Added tests to verify the correct behavior of the cron service under various conditions, including zero-delay timers. These changes aim to improve the usability and reliability of session and cron job management. * feat: implement job running state checks in cron service - Added functionality to prevent manual job runs if a job is already in progress, enhancing job management. - Updated the `isJobDue` function to include checks for running jobs, ensuring accurate scheduling. - Enhanced the `run` function to return a specific reason when a job is already running. - Introduced a new test case to verify the behavior of forced manual runs during active job execution. These changes aim to improve the reliability and clarity of cron job execution and management. * feat: add session ID and key to CronRunLogEntry model - Introduced `sessionid` and `sessionkey` properties to the `CronRunLogEntry` struct for enhanced tracking of session-related information. - Updated the initializer and Codable conformance to accommodate the new properties, ensuring proper serialization and deserialization. These changes aim to improve the granularity of logging and session management within the cron job system. * fix: improve session display name resolution - Updated the `resolveSessionDisplayName` function to ensure that both label and displayName are trimmed and default to an empty string if not present. - Enhanced the logic to prevent returning the key if it matches the label or displayName, improving clarity in session naming. These changes aim to enhance the accuracy and usability of session display names in the UI. * perf: skip cron store persist when idle timer tick produces no changes recomputeNextRuns now returns a boolean indicating whether any job state was mutated. The idle path in onTimer only persists when the return value is true, eliminating unnecessary file writes every 60s for far-future or idle schedules. * fix: prep for merge - explicit delivery mode migration, docs + changelog (openclaw#10776) (thanks @tyler6204) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval (openclaw#10818) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval Voyage AI recommends passing input_type='document' when indexing and input_type='query' when searching. This improves retrieval quality by optimising the embedding space for each direction. Changes: - embedQuery now passes input_type: 'query' - embedBatch now passes input_type: 'document' - Batch API request_params includes input_type: 'document' - Tests updated to verify input_type is passed correctly * Changelog: note Voyage embeddings input_type fix (openclaw#10818) (thanks @mcinteerj) --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * chore(onboard): move xAI up in auth list * fix: add .caf to AUDIO_FILE_EXTENSIONS (openclaw#10982) * fix: add .caf to AUDIO_FILE_EXTENSIONS for iMessage voice messages * fix: add caf audio extension regression coverage (openclaw#10982) (thanks @succ985) --------- Co-authored-by: succ985 <succ985@users.noreply.github.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * feat(gateway): add agents.create/update/delete methods (openclaw#11045) * feat(gateway): add agents.create/update/delete methods * fix(lint): preserve memory-lancedb load error cause * feat(gateway): trash agent files on agents.delete * chore(protocol): regenerate Swift gateway models * fix(gateway): stabilize agents.create dirs and agentDir * feat(gateway): support avatar in agents.create * fix: prep agents.create/update/delete handlers (openclaw#11045) (thanks @advaitpaliwal) - Reuse movePathToTrash from browser/trash.ts (has ~/.Trash fallback on non-macOS) - Fix partial-failure: workspace setup now runs before config write - Always write Name to IDENTITY.md regardless of emoji/avatar - Add unit tests for agents.create, agents.update, agents.delete - Add CHANGELOG entry --------- Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM> * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11448) * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11329) When gateway.bind=lan, the HTTP server correctly binds to 0.0.0.0 (all interfaces), but WebSocket connection URLs, probe targets, and Control UI links were hardcoded to 127.0.0.1. This caused CLI commands and status probes to show localhost-only URLs even in LAN mode, and made onboarding display misleading connection info. - Add pickPrimaryLanIPv4() to gateway/net.ts to detect the machine's primary LAN IPv4 address (prefers en0/eth0, falls back to any external interface) - Update pickProbeHostForBind() to use LAN IP when bind=lan - Update buildGatewayConnectionDetails() to use LAN IP and report "local lan <ip>" as the URL source - Update resolveControlUiLinks() to return LAN-accessible URLs - Update probe note in status.gather.ts to reflect new behavior - Add tests for pickPrimaryLanIPv4 and bind=lan URL resolution Closes openclaw#11329 Co-authored-by: Cursor <cursoragent@cursor.com> * test: move vi.restoreAllMocks to afterEach in pickPrimaryLanIPv4 Per review feedback: avoid calling vi.restoreAllMocks() inside individual tests as it restores all spies globally and can cause ordering issues. Use afterEach in the describe block instead. Co-authored-by: Cursor <cursoragent@cursor.com> * Changelog: note LAN bind URLs fix (openclaw#11448) (thanks @AnonO6) --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix: recover from context overflow caused by oversized tool results (openclaw#11579) * fix: gracefully handle oversized tool results causing context overflow When a subagent reads a very large file or gets a huge tool result (e.g., gh pr diff on a massive PR), it can exceed the model's context window in a single prompt. Auto-compaction can't help because there's no older history to compact — just one giant tool result. This adds two layers of defense: 1. Pre-emptive: Hard cap on tool result size (400K chars ≈ 100K tokens) applied in the session tool result guard before persistence. This prevents extremely large tool results from being stored in full, regardless of model context window size. 2. Recovery: When context overflow is detected and compaction fails, scan session messages for oversized tool results relative to the model's actual context window (30% max share). If found, truncate them in the session via branching (creating a new branch with truncated content) and retry the prompt. The truncation preserves the beginning of the content (most useful for understanding what was read) and appends a notice explaining the truncation and suggesting offset/limit parameters for targeted reads. Includes comprehensive tests for: - Text truncation with newline-boundary awareness - Context-window-proportional size calculation - In-memory message truncation - Oversized detection heuristics - Guard-level size capping during persistence * fix: prep fixes for tool result truncation PR (openclaw#11579) (thanks @tyler6204) * Memory: harden QMD startup, timeouts, and fallback recovery * fix: context overflow compaction and subagent announce improvements (openclaw#11664) (thanks @tyler6204) * initial commit * feat: implement deriveSessionTotalTokens function and update usage tests * Added deriveSessionTotalTokens function to calculate total tokens based on usage and context tokens. * Updated usage tests to include cases for derived session total tokens. * Refactored session usage calculations in multiple files to utilize the new function for improved accuracy. * fix: restore overflow truncation fallback + changelog/test hardening (openclaw#11551) (thanks @tyler6204) * chore: centralizing warning filters * Docs: seed ja-JP translations * Docs: use ja-jp Mintlify language code * Docs: fix language switcher order + Japanese locale * chore: lancedb embedding/llm-extraction refactoring * fix: minor bug in lancedb refactoring --------- Co-authored-by: ideoutrea <ideoutrea@163.com> Co-authored-by: ide-rea <30512600+ide-rea@users.noreply.github.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> Co-authored-by: Yida-Dev <92713555+Yida-Dev@users.noreply.github.com> Co-authored-by: Yida-Dev <reyifeijun@gmail.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> Co-authored-by: Jake <mcinteerj@gmail.com> Co-authored-by: calvin-hpnet <calvin@hpnet.co.uk> Co-authored-by: Shadril Hassan Shifat <63901551+shadril238@users.noreply.github.com> Co-authored-by: Peter Steinberger <steipete@gmail.com> Co-authored-by: gitpds <pds@pds.dev> Co-authored-by: Seb Slight <19554889+sebslight@users.noreply.github.com> Co-authored-by: Raymond Berger <RayBB@users.noreply.github.com> Co-authored-by: Tyler Yust <64381258+tyler6204@users.noreply.github.com> Co-authored-by: DEOKLYONG MOON <dfjk71@khu.ac.kr> Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com> Co-authored-by: Markus Buhatem Koch <markusbkoch@gmail.com> Co-authored-by: Marcus Castro <mcaxtr@gmail.com> Co-authored-by: 大猫子 <ll1042668699@gmail.com> Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Tak hoffman <takayukihoffman@gmail.com> Co-authored-by: quotentiroler <max.nussbaumer@maxhealth.tech> Co-authored-by: Abdullah <syedabdullah535@gmail.com> Co-authored-by: max <40643627+quotentiroler@users.noreply.github.com> Co-authored-by: succ985 <3186520056@qq.com> Co-authored-by: succ985 <succ985@users.noreply.github.com> Co-authored-by: Advait Paliwal <advaitspaliwal@gmail.com> Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM> Co-authored-by: Aviral <124311066+AnonO6@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Vignesh Natarajan <vigneshnatarajan92@gmail.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@users.noreply.github.com> Co-authored-by: Rohan Patil <rohanspatil801@gmail.com> Co-authored-by: danielcadenhead <danielcadenhead88@gmail.com> Co-authored-by: Josh <141778+bolapara@users.noreply.github.com> Co-authored-by: Oleg Kossoy <oleg.kossoy@gmail.com> Co-authored-by: jarvis89757 <jarvis@techflow.studio> Co-authored-by: Shakker <shakkerdroid@gmail.com> Co-authored-by: ezhikkk <105670095+ezhikkk@users.noreply.github.com> Co-authored-by: Параша <parasha@openclaw.local> Co-authored-by: Muhammed Mukhthar CM <mukhtharcm@gmail.com> Co-authored-by: theonejvo <theonejvo@users.noreply.github.com> Co-authored-by: seans-openclawbot <seandai.apps@gmail.com> Co-authored-by: Sean Dai <sdai@gatech.edu> Co-authored-by: Mariano Belinky <mbelinky@gmail.com> Co-authored-by: Josh Palmer <joshp123@users.noreply.github.com> Co-authored-by: George Pickett <gpickett00@gmail.com>

@Yida-Dev

* Add baidu qianfan model provider * Add baidu qianfan model provider * Fix format * Optimize doc * optimize doc * Fix import error * Add auth choice * Optimize format * Optimize doc * Fix key resolve * Optimize import * Support ERNIE-5.0-Thinking-Preview * Resolve conflicts * Fix conflicts * Docs: add PR sign-off template (openclaw#10561) * fix: guard resolveUserPath against undefined input (openclaw#10176) * fix: guard resolveUserPath against undefined input When subagent spawner omits workspaceDir, resolveUserPath receives undefined and crashes on .trim(). Add a falsy guard that falls back to process.cwd(), matching the behavior callers already expect. Closes openclaw#10089 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: harden runner workspace fallback (openclaw#10176) (thanks @Yida-Dev) * fix: harden workspace fallback scoping (openclaw#10176) (thanks @Yida-Dev) * refactor: centralize workspace fallback classification and redaction (openclaw#10176) (thanks @Yida-Dev) * test: remove explicit any from utils mock (openclaw#10176) (thanks @Yida-Dev) * security: reject malformed agent session keys for workspace resolution (openclaw#10176) (thanks @Yida-Dev) --------- Co-authored-by: Yida-Dev <reyifeijun@gmail.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * Docs: revise PR and issue submission guides (openclaw#10617) * Docs: revise PR submission guide * Docs: revise issue submission guide * feat(memory): native Voyage AI support (openclaw#7078) * feat(memory): add native Voyage AI embedding support with batching Cherry-picked from PR openclaw#2519, resolved conflict in memory-search.ts (hasRemote -> hasRemoteConfig rename + added voyage provider) * fix(memory): optimize voyage batch memory usage with streaming and deduplicate code Cherry-picked from PR openclaw#2519. Fixed lint error: changed this.runWithConcurrency to use imported runWithConcurrency function after extraction to internal.ts * feat(memory): document Voyage embeddings + VOYAGE_API_KEY (openclaw#7078) (thanks @mcinteerj) (openclaw#10699) * feat(antigravity): update default model to Claude Opus 4.6 (openclaw#10720) * feat(antigravity): update default model to Claude Opus 4.6 Claude Opus 4.5 has been replaced by Claude Opus 4.6 on the Antigravity (Google Cloud Code Assist) platform. - Update DEFAULT_MODEL in google-antigravity-auth extension - Update testing docs to reference the new model * fix: update remaining antigravity opus 4.5 refs in zh-CN docs and tests Address review comments from Greptile: - Update zh-CN/testing.md antigravity model references - Update pi-tools-agent-config.test.ts model IDs * Antigravity: default OAuth model to Opus 4.6 (openclaw#10720) (thanks @calvin-hpnet) --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix(hooks): replace debug console.log with proper subsystem logging in session-memory (openclaw#10730) * fix: replace debug console.log with proper subsystem logging in session-memory * fix(hooks): normalize session-memory subsystem logging --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * docs(changelog): prepare 2026.2.6 * docs(changelog): include merged PRs since v2026.2.3 * chore(release): bump version to 2026.2.6 * fix(telegram): cast fetch for grammY ApiClientOptions * docs: fix markdownlint fragments + headings * docs(changelog): refresh 2026.2.6 since v2026.2.3 * docs(imessage): add macOS TCC troubleshooting * docs(imessage): improve macOS TCC troubleshooting guidance (openclaw#10781) * chore(deps): update deps * fix(agents): add Opus 4.6 forward-compat fallback * chore(deps): bump carbon beta * docs(changelog): curate 2026.2.6 * docs(changelog): highlight Opus 4.6 + Codex 5.3 first * Fix QMD CLI installation link in memory.md (openclaw#8647) Correct the installation link for the QMD CLI in the documentation. * chore(lockfile): fix pnpm-lock * fix: cron scheduler reliability, store hardening, and UX improvements (openclaw#10776) * refactor: update cron job wake mode and run mode handling - Changed default wake mode from 'next-heartbeat' to 'now' in CronJobEditor and related CLI commands. - Updated cron-tool tests to reflect changes in run mode, introducing 'due' and 'force' options. - Enhanced cron-tool logic to handle new run modes and ensure compatibility with existing job structures. - Added new tests for delivery plan consistency and job execution behavior under various conditions. - Improved normalization functions to handle wake mode and session target casing. This refactor aims to streamline cron job configurations and enhance the overall user experience with clearer defaults and improved functionality. * test: enhance cron job functionality and UI - Added tests to ensure the isolated agent correctly announces the final payload text when delivering messages via Telegram. - Implemented a new function to pick the last deliverable payload from a list of delivery payloads. - Enhanced the cron service to maintain legacy "every" jobs while minute cron jobs recompute schedules. - Updated the cron store migration tests to verify the addition of anchorMs to legacy every schedules. - Improved the UI for displaying cron job details, including job state and delivery information, with new styles and layout adjustments. These changes aim to improve the reliability and user experience of the cron job system. * test: enhance sessions thinking level handling - Added tests to verify that the correct thinking levels are applied during session spawning. - Updated the sessions-spawn-tool to include a new parameter for overriding thinking levels. - Enhanced the UI to support additional thinking levels, including "xhigh" and "full", and improved the handling of current options in dropdowns. These changes aim to improve the flexibility and accuracy of thinking level configurations in session management. * feat: enhance session management and cron job functionality - Introduced passthrough arguments in the test-parallel script to allow for flexible command-line options. - Updated session handling to hide cron run alias session keys from the sessions list, improving clarity. - Enhanced the cron service to accurately record job start times and durations, ensuring better tracking of job execution. - Added tests to verify the correct behavior of the cron service under various conditions, including zero-delay timers. These changes aim to improve the usability and reliability of session and cron job management. * feat: implement job running state checks in cron service - Added functionality to prevent manual job runs if a job is already in progress, enhancing job management. - Updated the `isJobDue` function to include checks for running jobs, ensuring accurate scheduling. - Enhanced the `run` function to return a specific reason when a job is already running. - Introduced a new test case to verify the behavior of forced manual runs during active job execution. These changes aim to improve the reliability and clarity of cron job execution and management. * feat: add session ID and key to CronRunLogEntry model - Introduced `sessionid` and `sessionkey` properties to the `CronRunLogEntry` struct for enhanced tracking of session-related information. - Updated the initializer and Codable conformance to accommodate the new properties, ensuring proper serialization and deserialization. These changes aim to improve the granularity of logging and session management within the cron job system. * fix: improve session display name resolution - Updated the `resolveSessionDisplayName` function to ensure that both label and displayName are trimmed and default to an empty string if not present. - Enhanced the logic to prevent returning the key if it matches the label or displayName, improving clarity in session naming. These changes aim to enhance the accuracy and usability of session display names in the UI. * perf: skip cron store persist when idle timer tick produces no changes recomputeNextRuns now returns a boolean indicating whether any job state was mutated. The idle path in onTimer only persists when the return value is true, eliminating unnecessary file writes every 60s for far-future or idle schedules. * fix: prep for merge - explicit delivery mode migration, docs + changelog (openclaw#10776) (thanks @tyler6204) * Docs: fix broken /plugins links (openclaw#9308) * Docs: fix broken /plugins links to /plugin The documentation linked to /plugins which doesn't exist. The correct path is /plugin (singular) which contains the plugins overview documentation. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: drop manual zh-CN doc edits from plugins link fix --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * fix(build): unblock pnpm build dts * Fix repository links in formal-verification.md (openclaw#10200) Updated repository links for formal verification models. * Revert previous change from 'Clawdbot' to 'OpenClaw' in lore (openclaw#9119) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval (openclaw#10818) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval Voyage AI recommends passing input_type='document' when indexing and input_type='query' when searching. This improves retrieval quality by optimising the embedding space for each direction. Changes: - embedQuery now passes input_type: 'query' - embedBatch now passes input_type: 'document' - Batch API request_params includes input_type: 'document' - Tests updated to verify input_type is passed correctly * Changelog: note Voyage embeddings input_type fix (openclaw#10818) (thanks @mcinteerj) --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix(dashboard): restore tokenized control ui links * chore(skills): remove bird skill * chore(onboard): move xAI up in auth list * chore(release): 2026.2.6-1 * chore(onboard): move xAI below Google * ci: add concurrency controls, consolidate macOS jobs, optimize Windows CI * ci: re-enable parallel vitest on Windows CI * docs(changelog): note CI pipeline optimization (openclaw#10784) (thanks @mcaxtr) * fix(build): support daemon-cli .mjs bundles in compat shim * fix(docker): support .mjs entrypoints in images and e2e * test(hooks): stabilize session-memory hook tests * chore(release): 2026.2.6-2 * chore(onboard): reorder xAI + Qianfan providers * chore(release): 2026.2.6-3 * fix: comprehensive BlueBubbles and channel cleanup (openclaw#11093) * feat(bluebubbles): auto-strip markdown from outbound messages (openclaw#7402) * fix(security): add timeout to webhook body reading (openclaw#6762) Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5). Merged with existing maxBytes protection in voice-call. * fix(security): unify Error objects and lint fixes in webhook timeouts (openclaw#6762) * fix: prevent plugins from auto-enabling without user consent (openclaw#3961) Changes default plugin enabled state from true to false in enablePluginEntry(). Preserves existing enabled:true values. Fixes openclaw#3932. * fix: apply hierarchical mediaMaxMb config to all channels (openclaw#8749) Generalizes resolveAttachmentMaxBytes() to use account → channel → global config resolution for all channels, not just BlueBubbles. Fixes openclaw#7847. * fix(bluebubbles): sanitize attachment filenames against header injection (openclaw#10333) Strip ", \r, \n, and \\ from filenames after path.basename() to prevent multipart Content-Disposition header injection (CWE-93, CVSS 5.4). Also adds sanitization to setGroupIconBlueBubbles which had zero filename sanitization. * fix(lint): exclude extensions/ from Oxlint preflight check (openclaw#9313) Extensions use PluginRuntime|null patterns that trigger no-redundant-type-constituents because PluginRuntime resolves to any. Excluding extensions/ from Oxlint unblocks user upgrades. Re-applies the approach from closed PR openclaw#10087. * fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (openclaw#7745) Non-Private-API mode (AppleScript) requires tempGuid in send payloads. The main sendMessageBlueBubbles already had it, but createNewChatWithMessage was missing it, causing 400 errors for new chat creation without Private API. * fix: send stop-typing signal when run ends with NO_REPLY (openclaw#8785) Adds onCleanup callback to the typing controller that fires when the controller is cleaned up while typing was active (e.g., after NO_REPLY). Channels using createTypingCallbacks automatically get stop-typing on cleanup. This prevents the typing indicator from lingering in group chats when the agent decides not to reply. * fix(telegram): deduplicate skill commands in multi-agent setup (openclaw#5717) Two fixes: 1. Skip duplicate workspace dirs when listing skill commands across agents. Multiple agents sharing the same workspace would produce duplicate commands with _2, _3 suffixes. 2. Clear stale commands via deleteMyCommands before registering new ones. Commands from deleted skills now get cleaned up on restart. * fix: add size limits to unbounded in-memory caches (openclaw#4948) Adds max-size caps with oldest-entry eviction to prevent OOM in long-running deployments: - BlueBubbles serverInfoCache: 64 entries (already has TTL) - Google Chat authCache: 32 entries - Matrix directRoomCache: 1024 entries - Discord presenceCache: 5000 entries per account * fix: address review concerns (openclaw#11093) - Chain deleteMyCommands → setMyCommands to prevent race condition (openclaw#5717) - Rename enablePluginEntry to registerPluginEntry (now sets enabled: false) - Add Slow-Loris timeout test for readJsonBody (openclaw#6023) * docs: add symptom-first troubleshooting hub and deep runbooks (openclaw#11196) * docs(troubleshooting): add symptom-first troubleshooting runbooks * docs(troubleshooting): fix approvals command examples * docs(troubleshooting): wrap symptom cases in accordions * docs(automation): clarify userTimezone missing-key behavior * docs(troubleshooting): fix first-60-seconds ladder order * docs: add missing HEARTBEAT.md and MEMORY.md to bootstrap files list (openclaw#8105) * docs: add missing HEARTBEAT.md and MEMORY.md to bootstrap files list Fixes openclaw#7928 The documentation for skipBootstrap and workspace setup was missing HEARTBEAT.md and MEMORY.md from the bootstrap files list. Changes: - docs/gateway/configuration.md: Add HEARTBEAT.md and MEMORY.md - docs/zh-CN/gateway/configuration.md: Same for Chinese version - docs/start/openclaw.md: Add HEARTBEAT.md, clarify MEMORY.md is optional - docs/zh-CN/start/openclaw.md: Same for Chinese version * fix: reference PR number instead of issue in CHANGELOG * docs(workspace): align bootstrap file docs with runtime (openclaw#8105) --------- Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * Agents: include runtime shell (openclaw#1835) * Agents: include runtime shell * Agents: fix compact runtime build * chore: fix CLAUDE.md formatting, security regex for secret --------- Co-authored-by: Tak hoffman <takayukihoffman@gmail.com> Co-authored-by: quotentiroler <max.nussbaumer@maxhealth.tech> * Web UI: show Compaction divider in chat history (openclaw#11341) * adding PR review workflow * added more explicit instructions * docs: canonicalize docs paths and align zh navigation (openclaw#11428) * docs(navigation): canonicalize paths and align zh nav * chore(docs): remove stray .DS_Store * docs(scripts): add non-mint docs link audit * docs(nav): fix zh source paths and preserve legacy redirects (openclaw#11428) (thanks @sebslight) * chore(docs): satisfy lint for docs link audit script (openclaw#11428) (thanks @sebslight) * chore: bump pi to 0.52.8 * Fix typo in FAQ regarding model configuration command (openclaw#6048) * CI: skip heavy jobs on docs-only changes (openclaw#11328) * fix: add .caf to AUDIO_FILE_EXTENSIONS (openclaw#10982) * fix: add .caf to AUDIO_FILE_EXTENSIONS for iMessage voice messages * fix: add caf audio extension regression coverage (openclaw#10982) (thanks @succ985) --------- Co-authored-by: succ985 <succ985@users.noreply.github.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * Gateway: fix multi-agent sessions.usage discovery (openclaw#11523) * Gateway: fix multi-agent sessions.usage discovery * Gateway: resolve sessions.usage keys via sessionId * feat(gateway): add agents.create/update/delete methods (openclaw#11045) * feat(gateway): add agents.create/update/delete methods * fix(lint): preserve memory-lancedb load error cause * feat(gateway): trash agent files on agents.delete * chore(protocol): regenerate Swift gateway models * fix(gateway): stabilize agents.create dirs and agentDir * feat(gateway): support avatar in agents.create * fix: prep agents.create/update/delete handlers (openclaw#11045) (thanks @advaitpaliwal) - Reuse movePathToTrash from browser/trash.ts (has ~/.Trash fallback on non-macOS) - Fix partial-failure: workspace setup now runs before config write - Always write Name to IDENTITY.md regardless of emoji/avatar - Add unit tests for agents.create, agents.update, agents.delete - Add CHANGELOG entry --------- Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM> * feat(sanitize): enhance context overflow error handling in user-facing text - Added tests to ensure proper sanitization of context overflow errors. - Introduced a new function to determine when to rewrite context overflow messages. - Updated the sanitization logic to improve user experience by providing clearer error messages while preserving conversational context. * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11448) * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11329) When gateway.bind=lan, the HTTP server correctly binds to 0.0.0.0 (all interfaces), but WebSocket connection URLs, probe targets, and Control UI links were hardcoded to 127.0.0.1. This caused CLI commands and status probes to show localhost-only URLs even in LAN mode, and made onboarding display misleading connection info. - Add pickPrimaryLanIPv4() to gateway/net.ts to detect the machine's primary LAN IPv4 address (prefers en0/eth0, falls back to any external interface) - Update pickProbeHostForBind() to use LAN IP when bind=lan - Update buildGatewayConnectionDetails() to use LAN IP and report "local lan <ip>" as the URL source - Update resolveControlUiLinks() to return LAN-accessible URLs - Update probe note in status.gather.ts to reflect new behavior - Add tests for pickPrimaryLanIPv4 and bind=lan URL resolution Closes openclaw#11329 Co-authored-by: Cursor <cursoragent@cursor.com> * test: move vi.restoreAllMocks to afterEach in pickPrimaryLanIPv4 Per review feedback: avoid calling vi.restoreAllMocks() inside individual tests as it restores all spies globally and can cause ordering issues. Use afterEach in the describe block instead. Co-authored-by: Cursor <cursoragent@cursor.com> * Changelog: note LAN bind URLs fix (openclaw#11448) (thanks @AnonO6) --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix: recover from context overflow caused by oversized tool results (openclaw#11579) * fix: gracefully handle oversized tool results causing context overflow When a subagent reads a very large file or gets a huge tool result (e.g., gh pr diff on a massive PR), it can exceed the model's context window in a single prompt. Auto-compaction can't help because there's no older history to compact — just one giant tool result. This adds two layers of defense: 1. Pre-emptive: Hard cap on tool result size (400K chars ≈ 100K tokens) applied in the session tool result guard before persistence. This prevents extremely large tool results from being stored in full, regardless of model context window size. 2. Recovery: When context overflow is detected and compaction fails, scan session messages for oversized tool results relative to the model's actual context window (30% max share). If found, truncate them in the session via branching (creating a new branch with truncated content) and retry the prompt. The truncation preserves the beginning of the content (most useful for understanding what was read) and appends a notice explaining the truncation and suggesting offset/limit parameters for targeted reads. Includes comprehensive tests for: - Text truncation with newline-boundary awareness - Context-window-proportional size calculation - In-memory message truncation - Oversized detection heuristics - Guard-level size capping during persistence * fix: prep fixes for tool result truncation PR (openclaw#11579) (thanks @tyler6204) * Memory: harden QMD startup, timeouts, and fallback recovery * Memory: queue forced QMD sync and handle sqlite busy reads * Memory: chain forced QMD queue and fail over on busy index * Memory: make QMD cache eviction callback idempotent * Memory: add SQLITE_BUSY fallback regression test * Update CHANGELOG.md for version 2026.2.6-4: Added RPC methods for agent management, fixed context overflow recovery, improved LAN IP handling, enhanced memory retrieval, and updated media understanding for audio transcription. * Tests: harden flake hotspots and consolidate provider-auth suites (openclaw#11598) * Tests: harden flake hotspots and consolidate provider-auth suites * Tests: restore env vars by deleting missing snapshot values * Tests: use real newline in memory summary filter case * Tests(memory): use fake timers for qmd timeout coverage * Changelog: add tests hardening entry for openclaw#11598 * docs: clarify onboarding instructions for beginners (openclaw#10956) * chore: updated PR review skills and workflow info on tests + fake timers * Fix Nix repository link in README (openclaw#7910) Updated Nix repository link in README. Co-authored-by: Josh <141778+bolapara@users.noreply.github.com> Co-authored-by: Seb Slight <19554889+sebslight@users.noreply.github.com> * Docs: fix cron.update param name id → jobId (openclaw#11365) (openclaw#11467) * Docs: fix cron.update param name id → jobId (openclaw#11365) * Docs: sync zh-CN cron.update param name id → jobId * docs: revert manual zh-CN generated docs edit (openclaw#11467) (thanks @lailoo) --------- Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * fix: use STATE_DIR instead of hardcoded ~/.openclaw for identity and canvas (openclaw#4824) * fix: use STATE_DIR instead of hardcoded ~/.openclaw for identity and canvas device-identity.ts and canvas-host/server.ts used hardcoded path.join(os.homedir(), '.openclaw', ...) ignoring OPENCLAW_STATE_DIR env var and the resolveStateDir() logic from config/paths.ts. This caused ~/.openclaw/identity and ~/.openclaw/canvas directories to be created even when state dir was overridden or resided elsewhere. * fix: format and remove duplicate imports * fix: scope state-dir patch + add regression tests (openclaw#4824) (thanks @kossoy) * fix: align state-dir fallbacks in hooks and agent paths (openclaw#4824) (thanks @kossoy) --------- Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * fix(cron): share isolated announce flow + harden cron scheduling/delivery (openclaw#11641) * fix(cron): comprehensive cron scheduling and delivery fixes - Fix delivery target resolution for isolated agent cron jobs - Improve schedule parsing and validation - Add job retry logic and error handling - Enhance cron ops with better state management - Add timer improvements for more reliable cron execution - Add cron event type to protocol schema - Support cron events in heartbeat runner (skip empty-heartbeat check, use dedicated CRON_EVENT_PROMPT for relay) * fix: remove cron debug test and add changelog/docs notes (openclaw#11641) (thanks @tyler6204) * fix: context overflow compaction and subagent announce improvements (openclaw#11664) (thanks @tyler6204) * initial commit * feat: implement deriveSessionTotalTokens function and update usage tests * Added deriveSessionTotalTokens function to calculate total tokens based on usage and context tokens. * Updated usage tests to include cases for derived session total tokens. * Refactored session usage calculations in multiple files to utilize the new function for improved accuracy. * fix: restore overflow truncation fallback + changelog/test hardening (openclaw#11551) (thanks @tyler6204) * fix(ui): smooth chat refresh scroll and suppress new-messages badge flash * fix(discord): support forum channel thread-create (openclaw#10062) * fix(discord): support forum channel thread-create * fix: harden discord forum thread-create (openclaw#10062) (thanks @jarvis89757) --------- Co-authored-by: Shakker <shakkerdroid@gmail.com> * feat(telegram): add spoiler tag support (openclaw#11543) * feat(telegram): add spoiler tag support Render markdown ||spoiler|| syntax as <tg-spoiler> tags in Telegram HTML output. The markdown IR already parses spoiler syntax, but the Telegram renderer was missing the style marker. This adds the spoiler marker to renderTelegramHtml(). Fixes spoiler text appearing as raw ||text|| instead of hidden text. * fix: enable Telegram spoiler rendering (openclaw#11543) (thanks @ezhikkk) --------- Co-authored-by: Параша <parasha@openclaw.local> Co-authored-by: Muhammed Mukhthar CM <mukhtharcm@gmail.com> * fix(doctor): suppress repeated legacy state migration warnings (openclaw#11709) * fix(doctor): suppress repeated state migration warning * fix: harden state-dir mirror detection + warnings (openclaw#11709) (thanks @gumadeiras) * test: cover mirror hardening edge cases (openclaw#11709) (thanks @gumadeiras) * CI: scope heavy jobs, build once, and remove duplicate validation work (openclaw#11570) * CI: scope jobs and reuse build artifacts * CI: fix scope fallback and remove unused artifact job * CI: remove setup-node pnpm cache inputs * CI: add pnpm store cache and dist artifact smoke * CI: extract pnpm cache action and consume dist artifact * chore: centralizing warning filters * chore: suppress warnings for node default output path * chore: project hygiene — fix workspace:*, sandbox USER, dead config (openclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies * docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> * Centralize date/time formatting utilities (openclaw#11831) * chore: fix vitest standalone configs and update package description (openclaw#11865) * chore: fix vitest standalone configs and update package description - vitest.live.config.ts and vitest.e2e.config.ts now extend root config - Inherits testTimeout (120s), resolve.alias, pool, setupFiles, excludes - ui/vitest.node.config.ts gets explicit 120s timeout - package.json description updated for multi-channel AI gateway - Removed unused src/utils/time-format.ts * chore: filter inherited excludes in live/e2e vitest configs * refactor: dedupe GroupPolicy/DmPolicy in extensions Import from openclaw/plugin-sdk instead of re-declaring identical types. * Add GitHub Copilot models to xhigh list (openclaw#11646) * Add GitHub Copilot models to xhigh list * fix(thinking): add xhigh copilot tests and changelog (openclaw#11646) (thanks @seans-openclawbot) --------- Co-authored-by: Sean Dai <sdai@gatech.edu> Co-authored-by: Sebastian <19554889+sebslight@users.noreply.github.com> * Exec approvals: render forwarded commands in monospace (openclaw#11937) * fix(exec-approvals): format forwarded commands as code * fix(exec-approvals): place fenced command blocks on new line (openclaw#11937) (thanks @sebslight) * docs: fix changelog PR reference Fix Exec approvals command text formatting issue for safer approval scanning. * Gateway/Plugins: device pairing + phone control plugins (openclaw#11755) * iOS: alpha node app + setup-code onboarding (openclaw#11756) * Memory/QMD: warn when scope denies search * Docs i18n: make translation prompt language-pluggable * Docs: seed ja-JP translations * Docs: use ja-jp Mintlify language code * Docs: note ja-JP docs POC in changelog (openclaw#11988) (thanks @joshp123) * Docs: fix language switcher order + Japanese locale * Docs: note language switcher ordering + JP flag fix (openclaw#12023) (thanks @joshp123) * fix(paths): respect OPENCLAW_HOME for all internal path resolution (openclaw#12091) * fix(paths): respect OPENCLAW_HOME for all internal path resolution (openclaw#11995) Add home-dir module (src/infra/home-dir.ts) that centralizes home directory resolution with precedence: OPENCLAW_HOME > HOME > USERPROFILE > os.homedir(). Migrate all path-sensitive callsites: config IO, agent dirs, session transcripts, pairing store, cron store, doctor, CLI profiles. Add envHomedir() helper in config/paths.ts to reduce lambda noise. Document OPENCLAW_HOME in docs/help/environment.md. * fix(paths): handle OPENCLAW_HOME '~' fallback (openclaw#12091) (thanks @sebslight) * docs: mention OPENCLAW_HOME in install and getting started (openclaw#12091) (thanks @sebslight) * fix(status): show OPENCLAW_HOME in shortened paths (openclaw#12091) (thanks @sebslight) * docs(changelog): clarify OPENCLAW_HOME and HOME precedence (openclaw#12091) (thanks @sebslight) * changelog: split openclaw#12091 entry into Added + Fixes * fix(config): clamp maxTokens to contextWindow to prevent invalid configurations Closes openclaw#5308 When users configure maxTokens larger than contextWindow (e.g., maxTokens: 40960 with contextWindow: 32768), the model may fail silently. This fix clamps maxTokens to be at most contextWindow, preventing such invalid configurations. * test(config): cover maxTokens clamping * chore(changelog): note maxTokens clamp (openclaw#5516) (thanks @lailoo) (openclaw#12139) * fix: more merge fixes * fix: fix gauranteed rejection when declaredCommands undefined * fix: resolve build errors and eslint warnings - Add missing parseDatedFilename function to memory/internal.ts - Remove reference to undefined thinkingWarning variable - Fix node.invoke guard to maintain backward compatibility - Rename unused runtimeConfig variable to _runtimeConfig Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * chore: lancedb embedding/llm-extraction refactoring * Docs: revise PR and issue submission guides (openclaw#10617) * Docs: revise PR submission guide * Docs: revise issue submission guide * docs: fix markdownlint fragments + headings * fix: cron scheduler reliability, store hardening, and UX improvements (openclaw#10776) * refactor: update cron job wake mode and run mode handling - Changed default wake mode from 'next-heartbeat' to 'now' in CronJobEditor and related CLI commands. - Updated cron-tool tests to reflect changes in run mode, introducing 'due' and 'force' options. - Enhanced cron-tool logic to handle new run modes and ensure compatibility with existing job structures. - Added new tests for delivery plan consistency and job execution behavior under various conditions. - Improved normalization functions to handle wake mode and session target casing. This refactor aims to streamline cron job configurations and enhance the overall user experience with clearer defaults and improved functionality. * test: enhance cron job functionality and UI - Added tests to ensure the isolated agent correctly announces the final payload text when delivering messages via Telegram. - Implemented a new function to pick the last deliverable payload from a list of delivery payloads. - Enhanced the cron service to maintain legacy "every" jobs while minute cron jobs recompute schedules. - Updated the cron store migration tests to verify the addition of anchorMs to legacy every schedules. - Improved the UI for displaying cron job details, including job state and delivery information, with new styles and layout adjustments. These changes aim to improve the reliability and user experience of the cron job system. * test: enhance sessions thinking level handling - Added tests to verify that the correct thinking levels are applied during session spawning. - Updated the sessions-spawn-tool to include a new parameter for overriding thinking levels. - Enhanced the UI to support additional thinking levels, including "xhigh" and "full", and improved the handling of current options in dropdowns. These changes aim to improve the flexibility and accuracy of thinking level configurations in session management. * feat: enhance session management and cron job functionality - Introduced passthrough arguments in the test-parallel script to allow for flexible command-line options. - Updated session handling to hide cron run alias session keys from the sessions list, improving clarity. - Enhanced the cron service to accurately record job start times and durations, ensuring better tracking of job execution. - Added tests to verify the correct behavior of the cron service under various conditions, including zero-delay timers. These changes aim to improve the usability and reliability of session and cron job management. * feat: implement job running state checks in cron service - Added functionality to prevent manual job runs if a job is already in progress, enhancing job management. - Updated the `isJobDue` function to include checks for running jobs, ensuring accurate scheduling. - Enhanced the `run` function to return a specific reason when a job is already running. - Introduced a new test case to verify the behavior of forced manual runs during active job execution. These changes aim to improve the reliability and clarity of cron job execution and management. * feat: add session ID and key to CronRunLogEntry model - Introduced `sessionid` and `sessionkey` properties to the `CronRunLogEntry` struct for enhanced tracking of session-related information. - Updated the initializer and Codable conformance to accommodate the new properties, ensuring proper serialization and deserialization. These changes aim to improve the granularity of logging and session management within the cron job system. * fix: improve session display name resolution - Updated the `resolveSessionDisplayName` function to ensure that both label and displayName are trimmed and default to an empty string if not present. - Enhanced the logic to prevent returning the key if it matches the label or displayName, improving clarity in session naming. These changes aim to enhance the accuracy and usability of session display names in the UI. * perf: skip cron store persist when idle timer tick produces no changes recomputeNextRuns now returns a boolean indicating whether any job state was mutated. The idle path in onTimer only persists when the return value is true, eliminating unnecessary file writes every 60s for far-future or idle schedules. * fix: prep for merge - explicit delivery mode migration, docs + changelog (openclaw#10776) (thanks @tyler6204) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval (openclaw#10818) * fix(memory): add input_type to Voyage AI embeddings for improved retrieval Voyage AI recommends passing input_type='document' when indexing and input_type='query' when searching. This improves retrieval quality by optimising the embedding space for each direction. Changes: - embedQuery now passes input_type: 'query' - embedBatch now passes input_type: 'document' - Batch API request_params includes input_type: 'document' - Tests updated to verify input_type is passed correctly * Changelog: note Voyage embeddings input_type fix (openclaw#10818) (thanks @mcinteerj) --------- Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * chore(onboard): move xAI up in auth list * fix: add .caf to AUDIO_FILE_EXTENSIONS (openclaw#10982) * fix: add .caf to AUDIO_FILE_EXTENSIONS for iMessage voice messages * fix: add caf audio extension regression coverage (openclaw#10982) (thanks @succ985) --------- Co-authored-by: succ985 <succ985@users.noreply.github.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> * feat(gateway): add agents.create/update/delete methods (openclaw#11045) * feat(gateway): add agents.create/update/delete methods * fix(lint): preserve memory-lancedb load error cause * feat(gateway): trash agent files on agents.delete * chore(protocol): regenerate Swift gateway models * fix(gateway): stabilize agents.create dirs and agentDir * feat(gateway): support avatar in agents.create * fix: prep agents.create/update/delete handlers (openclaw#11045) (thanks @advaitpaliwal) - Reuse movePathToTrash from browser/trash.ts (has ~/.Trash fallback on non-macOS) - Fix partial-failure: workspace setup now runs before config write - Always write Name to IDENTITY.md regardless of emoji/avatar - Add unit tests for agents.create, agents.update, agents.delete - Add CHANGELOG entry --------- Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM> * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11448) * fix(gateway): use LAN IP for WebSocket/probe URLs when bind=lan (openclaw#11329) When gateway.bind=lan, the HTTP server correctly binds to 0.0.0.0 (all interfaces), but WebSocket connection URLs, probe targets, and Control UI links were hardcoded to 127.0.0.1. This caused CLI commands and status probes to show localhost-only URLs even in LAN mode, and made onboarding display misleading connection info. - Add pickPrimaryLanIPv4() to gateway/net.ts to detect the machine's primary LAN IPv4 address (prefers en0/eth0, falls back to any external interface) - Update pickProbeHostForBind() to use LAN IP when bind=lan - Update buildGatewayConnectionDetails() to use LAN IP and report "local lan <ip>" as the URL source - Update resolveControlUiLinks() to return LAN-accessible URLs - Update probe note in status.gather.ts to reflect new behavior - Add tests for pickPrimaryLanIPv4 and bind=lan URL resolution Closes openclaw#11329 Co-authored-by: Cursor <cursoragent@cursor.com> * test: move vi.restoreAllMocks to afterEach in pickPrimaryLanIPv4 Per review feedback: avoid calling vi.restoreAllMocks() inside individual tests as it restores all spies globally and can cause ordering issues. Use afterEach in the describe block instead. Co-authored-by: Cursor <cursoragent@cursor.com> * Changelog: note LAN bind URLs fix (openclaw#11448) (thanks @AnonO6) --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> * fix: recover from context overflow caused by oversized tool results (openclaw#11579) * fix: gracefully handle oversized tool results causing context overflow When a subagent reads a very large file or gets a huge tool result (e.g., gh pr diff on a massive PR), it can exceed the model's context window in a single prompt. Auto-compaction can't help because there's no older history to compact — just one giant tool result. This adds two layers of defense: 1. Pre-emptive: Hard cap on tool result size (400K chars ≈ 100K tokens) applied in the session tool result guard before persistence. This prevents extremely large tool results from being stored in full, regardless of model context window size. 2. Recovery: When context overflow is detected and compaction fails, scan session messages for oversized tool results relative to the model's actual context window (30% max share). If found, truncate them in the session via branching (creating a new branch with truncated content) and retry the prompt. The truncation preserves the beginning of the content (most useful for understanding what was read) and appends a notice explaining the truncation and suggesting offset/limit parameters for targeted reads. Includes comprehensive tests for: - Text truncation with newline-boundary awareness - Context-window-proportional size calculation - In-memory message truncation - Oversized detection heuristics - Guard-level size capping during persistence * fix: prep fixes for tool result truncation PR (openclaw#11579) (thanks @tyler6204) * Memory: harden QMD startup, timeouts, and fallback recovery * fix: context overflow compaction and subagent announce improvements (openclaw#11664) (thanks @tyler6204) * initial commit * feat: implement deriveSessionTotalTokens function and update usage tests * Added deriveSessionTotalTokens function to calculate total tokens based on usage and context tokens. * Updated usage tests to include cases for derived session total tokens. * Refactored session usage calculations in multiple files to utilize the new function for improved accuracy. * fix: restore overflow truncation fallback + changelog/test hardening (openclaw#11551) (thanks @tyler6204) * chore: centralizing warning filters * Docs: seed ja-JP translations * Docs: use ja-jp Mintlify language code * Docs: fix language switcher order + Japanese locale * chore: lancedb embedding/llm-extraction refactoring * fix: minor bug in lancedb refactoring * additional test fixes * crap loads of lint fixes * fix: restore nullish fallback for context.outputs spread in worker.ts When context is undefined or lacks an outputs object, spreading ...context?.outputs can throw TypeError in some transpilation targets. Restores the previous ...(context?.outputs ?? {}) guard. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: guard against undefined context.outputs spread in worker.ts Extract context?.outputs into a temp variable with ?? {} fallback before spreading, avoiding potential TypeError when context or its outputs property is undefined. Uses a temp variable instead of inline ?? {} to prevent oxfmt from stripping the guard. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: ideoutrea <ideoutrea@163.com> Co-authored-by: ide-rea <30512600+ide-rea@users.noreply.github.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> Co-authored-by: Yida-Dev <92713555+Yida-Dev@users.noreply.github.com> Co-authored-by: Yida-Dev <reyifeijun@gmail.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> Co-authored-by: Jake <mcinteerj@gmail.com> Co-authored-by: calvin-hpnet <calvin@hpnet.co.uk> Co-authored-by: Shadril Hassan Shifat <63901551+shadril238@users.noreply.github.com> Co-authored-by: Peter Steinberger <steipete@gmail.com> Co-authored-by: gitpds <pds@pds.dev> Co-authored-by: Seb Slight <19554889+sebslight@users.noreply.github.com> Co-authored-by: Raymond Berger <RayBB@users.noreply.github.com> Co-authored-by: Tyler Yust <64381258+tyler6204@users.noreply.github.com> Co-authored-by: DEOKLYONG MOON <dfjk71@khu.ac.kr> Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com> Co-authored-by: Markus Buhatem Koch <markusbkoch@gmail.com> Co-authored-by: Marcus Castro <mcaxtr@gmail.com> Co-authored-by: 大猫子 <ll1042668699@gmail.com> Co-authored-by: damaozi <1811866786@qq.com> Co-authored-by: Tak hoffman <takayukihoffman@gmail.com> Co-authored-by: quotentiroler <max.nussbaumer@maxhealth.tech> Co-authored-by: Abdullah <syedabdullah535@gmail.com> Co-authored-by: max <40643627+quotentiroler@users.noreply.github.com> Co-authored-by: succ985 <3186520056@qq.com> Co-authored-by: succ985 <succ985@users.noreply.github.com> Co-authored-by: Advait Paliwal <advaitspaliwal@gmail.com> Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM> Co-authored-by: Aviral <124311066+AnonO6@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Vignesh Natarajan <vigneshnatarajan92@gmail.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@users.noreply.github.com> Co-authored-by: Rohan Patil <rohanspatil801@gmail.com> Co-authored-by: danielcadenhead <danielcadenhead88@gmail.com> Co-authored-by: Josh <141778+bolapara@users.noreply.github.com> Co-authored-by: Oleg Kossoy <oleg.kossoy@gmail.com> Co-authored-by: jarvis89757 <jarvis@techflow.studio> Co-authored-by: Shakker <shakkerdroid@gmail.com> Co-authored-by: ezhikkk <105670095+ezhikkk@users.noreply.github.com> Co-authored-by: Параша <parasha@openclaw.local> Co-authored-by: Muhammed Mukhthar CM <mukhtharcm@gmail.com> Co-authored-by: theonejvo <theonejvo@users.noreply.github.com> Co-authored-by: seans-openclawbot <seandai.apps@gmail.com> Co-authored-by: Sean Dai <sdai@gatech.edu> Co-authored-by: Mariano Belinky <mbelinky@gmail.com> Co-authored-by: Josh Palmer <joshp123@users.noreply.github.com> Co-authored-by: George Pickett <gpickett00@gmail.com>

…penclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies

The base sandbox image (Dockerfile.sandbox) was hardened in openclaw#11289 to run as non-root `USER sandbox`. The common image build script derives FROM the base image but runs apt-get, which fails with "Permission denied" because the inherited user cannot write to /var/lib/apt/lists/. Switch to root for package installation, then restore the sandbox user and working directory before the image is finalized.

…11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies

@YLChen-007

* fix(security): harden SSH target handling (openclaw#4001) Thanks @YLChen-007. Co-authored-by: Edward-x <YLChen-007@users.noreply.github.com> (cherry picked from commit 06289b3) # Conflicts: # src/plugins/config-state.ts * chore(release): bump versions to 2026.1.29 (cherry picked from commit cb4b3f7) * refactor: rename to openclaw (cherry picked from commit 9a71607) # Conflicts: # CHANGELOG.md # README.md # src/agents/bash-tools.test.ts # src/auto-reply/reply/dispatch-from-config.test.ts # src/canvas-host/server.test.ts # src/media-understanding/apply.test.ts # src/plugins/loader.ts # ui/src/ui/app-chat.ts # ui/src/ui/app-gateway.ts * chore: bump npm version (cherry picked from commit 7d03cae) * chore: bump beta (cherry picked from commit 67918dc) # Conflicts: # package.json * chore: bump beta (cherry picked from commit d9c8199) # Conflicts: # package.json * chore: update pnpm lockfile (cherry picked from commit c5d7d11) * docs: clarify security scope (cherry picked from commit 2cdfecd) * fix(security): prevent gateway token from defaulting to 'undefined' string (cherry picked from commit 201d7fa) * fix(security): restrict local path extraction in media parser to prevent LFI (openclaw#4880) * Media: restrict local path extraction to prevent LFI * Lint: remove unused variable hasValidMediaOnLine (cherry picked from commit c67df65) * Agents: update pi dependencies to 0.50.7 (cherry picked from commit c0a6e67) * chore: update deps and pi model discovery (cherry picked from commit 08ed628) # Conflicts: # docs/index.md # src/agents/pi-embedded-runner/model.test.ts # src/commands/auth-choice.apply.oauth.ts # src/commands/models.list.test.ts # src/commands/onboard-auth.credentials.ts * chore: Switch from TypeScript to build with `tsdown`, speeds up `pnpm build` by 5-10x. (cherry picked from commit 67945e8) * Switch from TypeScript to TypeScript Go. Use `pnpm tsgo` for Typechecks. (cherry picked from commit 7626522) * chore: Remove unused deps. (cherry picked from commit 88fe4de) # Conflicts: # package.json * chore: Oops, "long" is actually used + fix TypeScript error. (cherry picked from commit 86d38c2) # Conflicts: # src/imessage/send.ts * chore: `signal-utils` is actually used too. (cherry picked from commit d4ed79f) * build: add typescript for a2ui bundling (cherry picked from commit 1766cd4) * revert: Switch back to `tsc` for compiling. (cherry picked from commit 76361ae) # Conflicts: # openclaw.mjs # scripts/postinstall.js # scripts/run-node.mjs # scripts/watch-node.mjs # src/cli/browser-cli.test.ts # src/infra/control-ui-assets.ts # src/infra/gateway-lock.ts * chore: bump version to 2026.1.30 (cherry picked from commit 247fab4) # Conflicts: # CHANGELOG.md # extensions/bluebubbles/package.json # extensions/copilot-proxy/package.json # extensions/diagnostics-otel/package.json # extensions/discord/package.json # extensions/google-antigravity-auth/package.json # extensions/google-gemini-cli-auth/package.json # extensions/googlechat/package.json # extensions/imessage/package.json # extensions/line/package.json # extensions/llm-task/package.json # extensions/lobster/package.json # extensions/matrix/package.json # extensions/mattermost/package.json # extensions/memory-core/package.json # extensions/memory-lancedb/package.json # extensions/msteams/package.json # extensions/nextcloud-talk/package.json # extensions/nostr/package.json # extensions/open-prose/package.json # extensions/signal/package.json # extensions/slack/package.json # extensions/telegram/package.json # extensions/tlon/package.json # extensions/twitch/package.json # extensions/voice-call/package.json # extensions/whatsapp/package.json # extensions/zalo/package.json # extensions/zalouser/package.json # package.json * feat: add MiniMax OAuth plugin (openclaw#4521) (thanks @Maosghoul) (cherry picked from commit 1287328) # Conflicts: # README.md # src/agents/auth-profiles/external-cli-sync.ts # src/agents/model-auth.ts # src/commands/auth-choice-options.ts * chore: Add `openclaw` to `devDependencies` for all extensions so that types resolve. (cherry picked from commit aa91f6e) # Conflicts: # extensions/bluebubbles/package.json # extensions/copilot-proxy/package.json # extensions/diagnostics-otel/package.json # extensions/discord/package.json # extensions/google-antigravity-auth/package.json # extensions/google-gemini-cli-auth/package.json # extensions/imessage/package.json # extensions/llm-task/package.json # extensions/lobster/package.json # extensions/mattermost/package.json # extensions/minimax-portal-auth/package.json # extensions/msteams/package.json # extensions/nextcloud-talk/package.json # extensions/nostr/package.json # extensions/open-prose/package.json # extensions/signal/package.json # extensions/slack/package.json # extensions/telegram/package.json # extensions/tlon/package.json # extensions/whatsapp/package.json # extensions/zalo/package.json * fix: align npm publish metadata (cherry picked from commit 7d89855) * fix(security): restrict MEDIA path extraction to prevent LFI (openclaw#4930) * fix(security): restrict inbound media staging to media directory * docs: update MEDIA path guidance for security restrictions - Update agent hint to warn against absolute/~ paths - Update docs example to use https:// instead of /tmp/ --------- Co-authored-by: Evan Otero <evanotero@google.com> (cherry picked from commit 34e2425) * fix(agents): update cacheControlTtl to cacheRetention for pi-ai 0.50.9 - Update @mariozechner/pi-ai and pi-agent-core to 0.50.9 - Rename cacheControlTtl to cacheRetention with values none/short/long - Add backwards compatibility mapping: 5m->short, 1h->long - Remove dead OpenRouter check (uses openai-completions API) - Default new configs to cacheRetention: short (cherry picked from commit ba4a55f) # Conflicts: # src/agents/pi-embedded-runner/extra-params.ts # src/config/defaults.ts * security(message-tool): validate filePath/path against sandbox root (openclaw#6398) * security(message-tool): validate filePath/path against sandbox root * style: translate Polish comments to English for consistency (cherry picked from commit 9b6fffd) # Conflicts: # src/agents/tools/message-tool.ts * security(web): sanitize WhatsApp accountId to prevent path traversal (openclaw#4610) * security(web): sanitize WhatsApp accountId to prevent path traversal Apply normalizeAccountId() from routing/session-key to resolveDefaultAuthDir() so that malicious config values like "../../../etc" cannot escape the intended auth directory. Fixes openclaw#2692 * fix(web): check sanitized segment instead of full path in Windows test * style(web): fix oxfmt formatting in accounts test (cherry picked from commit 1bdd9e3) # Conflicts: # src/web/accounts.ts * fix: override vulnerable transitive deps (cherry picked from commit 2601f41) # Conflicts: # package.json * fix: override request dependency (cherry picked from commit e4d5721) * Revert "fix: override request dependency" This reverts commit e4d5721. (cherry picked from commit e550e25) * Security: harden web tools and file parsing (openclaw#4058) * feat: web content security wrapping + gkeep/simple-backup skills * fix: harden web fetch + media text detection (openclaw#4058) (thanks @VACInc) --------- Co-authored-by: VAC <vac@vacs-mac-mini.localdomain> Co-authored-by: Peter Steinberger <steipete@gmail.com> (cherry picked from commit b796f6e) # Conflicts: # CHANGELOG.md # docs/providers/moonshot.md # src/agents/tools/web-fetch.ts # src/agents/tools/web-search.ts # src/commands/onboard-non-interactive.gateway.test.ts # src/media-understanding/apply.ts * fix(security): enforce strict environment variable validation in exec tool (openclaw#4896) (cherry picked from commit 0a5821a) # Conflicts: # src/agents/bash-tools.exec.path.test.ts * fix: update pi packages to 0.51.0, remove bogus type augmentation - Update @mariozechner/pi-agent-core, pi-ai, pi-coding-agent, pi-tui to 0.51.0 - Delete src/types/pi-coding-agent.d.ts (declared additionalExtensionPaths which SDK never supported) - Fix ToolDefinition.execute signature (parameter order changed in 0.51.0) - Remove dead additionalExtensionPaths from createAgentSession calls (cherry picked from commit cf1d3f7) * chore: Update deps. (cherry picked from commit bd259ee) * fix(security): cap Slack media downloads and validate Slack file URLs (openclaw#6639) * Security: cap Slack media downloads and validate Slack file URLs * Security: relax web media fetch cap for compression * Fixes: sync pi-coding-agent options * Fixes: align system prompt override type * Slack: clarify fetchImpl assumptions * fix: respect raw media fetch cap (openclaw#6639) (thanks @davidiach) --------- Co-authored-by: Peter Steinberger <steipete@gmail.com> (cherry picked from commit 4e4ed2e) # Conflicts: # CHANGELOG.md * chore: bump to 2026.2.1 (cherry picked from commit 85cd55e) # Conflicts: # CHANGELOG.md # docs/platforms/mac/release.md # extensions/bluebubbles/package.json # extensions/copilot-proxy/package.json # extensions/diagnostics-otel/package.json # extensions/discord/package.json # extensions/google-antigravity-auth/package.json # extensions/google-gemini-cli-auth/package.json # extensions/googlechat/package.json # extensions/imessage/package.json # extensions/line/package.json # extensions/llm-task/package.json # extensions/lobster/package.json # extensions/matrix/package.json # extensions/mattermost/package.json # extensions/memory-core/package.json # extensions/memory-lancedb/package.json # extensions/minimax-portal-auth/package.json # extensions/msteams/package.json # extensions/nextcloud-talk/package.json # extensions/nostr/package.json # extensions/open-prose/package.json # extensions/signal/package.json # extensions/slack/package.json # extensions/telegram/package.json # extensions/tlon/package.json # extensions/twitch/package.json # extensions/voice-call/package.json # extensions/whatsapp/package.json # extensions/zalo/package.json # extensions/zalouser/package.json # package.json # src/agents/auth-profiles/oauth.ts * chore: Update deps. (cherry picked from commit 9e3ea26) # Conflicts: # extensions/matrix/package.json * Security: new openclaw-system-admin skill + bootstrap audit (cherry picked from commit a6afcb4) * Security: rename openclaw-system-admin skill to healthcheck (cherry picked from commit cdec53b) * Security: remove openclaw-system-admin skill path (cherry picked from commit 1523ef2) * Security: refine healthcheck workflow (cherry picked from commit e2c0384) * Security: healthcheck skill (openclaw#7641) (thanks @Takhoffman) (cherry picked from commit 578bde1) # Conflicts: # CHANGELOG.md * Security: tune bootstrap healthcheck prompt + healthcheck wording (cherry picked from commit 83715ec) # Conflicts: # docs/reference/templates/BOOTSTRAP.md # skills/healthcheck/SKILL.md * chore: Migrate to tsdown, speed up JS bundling by ~10x (thanks @hyf0). The previous migration to tsdown was reverted because it caused a ~20x slowdown when running OpenClaw from the repo. @hyf0 investigated and found that simply renaming the `dist` folder also caused the same slowdown. It turns out the Plugin script loader has a bunch of voodoo vibe logic to determine if it should load files from source and compile them, or if it should load them from dist. When building with tsdown, the filesystem layout is different (bundled), and so some files weren't in the right location, and the Plugin script loader decided to compile source files from scratch using Jiti. The new implementation uses tsdown to embed `NODE_ENV: 'production'`, which we now use to determine if we are running OpenClaw from a "production environmen" (ie. from dist). This removes the slop in favor of a deterministic toggle, and doesn't rely on directory names or similar. There is some code reaching into `dist` to load specific modules, primarily in the voice-call extension, which I simplified into loading an "officially" exported `extensionAPI.js` file. With tsdown, entry points need to be explicitly configured, so we should be able to avoid sloppy code reaching into internals from now on. This might break some existing users, but if it does, it's because they were using "private" APIs. (cherry picked from commit a03d852) # Conflicts: # package.json # scripts/postinstall.js # scripts/run-node.mjs # scripts/watch-node.mjs * Channels: finish Feishu/Lark integration (cherry picked from commit 0223416) # Conflicts: # CHANGELOG.md # src/discord/monitor.tool-result.accepts-guild-messages-mentionpatterns-match.test.ts * chore: bump version to 2026.2.2-1 (cherry picked from commit e59eb81) # Conflicts: # CHANGELOG.md # package.json * chore: bump version to 2026.2.3 (cherry picked from commit e4b084c) # Conflicts: # CHANGELOG.md # apps/android/app/build.gradle.kts # apps/ios/Sources/Info.plist # apps/ios/Tests/Info.plist # apps/ios/project.yml # apps/macos/Sources/OpenClaw/Resources/Info.plist # docs/platforms/mac/release.md # package.json * fix(security): separate untrusted channel metadata from system prompt (thanks @KonstantinMirin) (cherry picked from commit 35eb40a) # Conflicts: # CHANGELOG.md # src/discord/monitor/message-handler.process.ts # src/slack/monitor/message-handler/prepare.ts # src/slack/monitor/slash.ts * TUI/Gateway: fix pi streaming + tool routing + model display + msg updating (openclaw#8432) * TUI/Gateway: fix pi streaming + tool routing * Tests: clarify verbose tool output expectation * fix: avoid seq gaps for targeted tool events (openclaw#8432) (thanks @gumadeiras) (cherry picked from commit 38e6da1) # Conflicts: # CHANGELOG.md # src/agents/pi-embedded-subscribe.handlers.types.ts # src/agents/pi-embedded-subscribe.ts # src/gateway/server-broadcast.ts # src/gateway/server-chat.agent-events.test.ts # src/gateway/server-chat.ts # src/gateway/server-methods/agent.ts # src/gateway/server-methods/chat.ts # src/gateway/server-methods/sessions.ts # src/gateway/sessions-patch.ts # src/tui/tui-command-handlers.ts # src/tui/tui-event-handlers.test.ts # src/tui/tui-event-handlers.ts # src/tui/tui-session-actions.ts * Security: Prevent gateway credential exfiltration via URL override (openclaw#9179) * Gateway: require explicit auth for url overrides * Gateway: scope credential blocking to non-local URLs only Address review feedback: the previous fix blocked credential fallback for ALL URL overrides, which was overly strict and could break workflows that use --url to switch between loopback/tailnet without passing credentials. Now credential fallback is only blocked for non-local URLs (public IPs, external hostnames). Local addresses (127.0.0.1, localhost, private IPs like 192.168.x.x, 10.x.x.x, tailnet 100.x.x.x) still get credential fallback as before. This maintains the security fix (preventing credential exfiltration to attacker-controlled URLs) while preserving backward compatibility for legitimate local URL overrides. * Security: require explicit credentials for gateway url overrides (openclaw#8113) (thanks @victormier) * Gateway: reuse explicit auth helper for url overrides (openclaw#8113) (thanks @victormier) * Tests: format gateway chat test (openclaw#8113) (thanks @victormier) * Tests: require explicit auth for gateway url overrides (openclaw#8113) (thanks @victormier) --------- Co-authored-by: Victor Mier <victormier@gmail.com> (cherry picked from commit a13ff55) # Conflicts: # CHANGELOG.md * Security: harden sandboxed media handling (openclaw#9182) * Message: enforce sandbox for media param * fix: harden sandboxed media handling (openclaw#8780) (thanks @victormier) * chore: format message action runner (openclaw#8780) (thanks @victormier) --------- Co-authored-by: Victor Mier <victormier@gmail.com> (cherry picked from commit 4434cae) # Conflicts: # CHANGELOG.md # src/agents/tools/message-tool.ts # src/infra/outbound/message-action-runner.ts * Security: owner-only tools + command auth hardening (openclaw#9202) * Security: gate whatsapp_login by sender auth * Security: treat undefined senderAuthorized as unauthorized (opt-in) * fix: gate whatsapp_login to owner senders (openclaw#8768) (thanks @victormier) * fix: add explicit owner allowlist for tools (openclaw#8768) (thanks @victormier) * fix: normalize escaped newlines in send actions (openclaw#8768) (thanks @victormier) --------- Co-authored-by: Victor Mier <victormier@gmail.com> (cherry picked from commit 392bbdd) # Conflicts: # CHANGELOG.md # src/agents/pi-tools.ts # src/auto-reply/command-auth.ts * Tests: add test coverage for security/windows-acl.ts Adds comprehensive unit tests for Windows ACL inspection utilities: - resolveWindowsUserPrincipal: username resolution with fallback - parseIcaclsOutput: icacls output parsing - summarizeWindowsAcl: ACL entry classification (trusted/world/group) - inspectWindowsAcl: async ACL inspection with mocked exec - formatWindowsAclSummary: summary string formatting - formatIcaclsResetCommand: reset command string generation - createIcaclsResetCommand: structured reset command generation All 26 tests passing. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> (cherry picked from commit f26cc60) * chore: bump version to 2026.2.4 (cherry picked from commit 5031b28) # Conflicts: # CHANGELOG.md # appcast.xml # apps/android/app/build.gradle.kts # apps/ios/Sources/Info.plist # apps/ios/Tests/Info.plist # apps/ios/project.yml # apps/macos/Sources/OpenClaw/Resources/Info.plist # docs/platforms/mac/release.md # extensions/bluebubbles/package.json # extensions/copilot-proxy/package.json # extensions/diagnostics-otel/package.json # extensions/discord/package.json # extensions/feishu/package.json # extensions/google-antigravity-auth/package.json # extensions/google-gemini-cli-auth/package.json # extensions/googlechat/package.json # extensions/imessage/package.json # extensions/line/package.json # extensions/llm-task/package.json # extensions/lobster/package.json # extensions/matrix/CHANGELOG.md # extensions/matrix/package.json # extensions/mattermost/package.json # extensions/memory-core/package.json # extensions/memory-lancedb/package.json # extensions/minimax-portal-auth/package.json # extensions/msteams/CHANGELOG.md # extensions/msteams/package.json # extensions/nextcloud-talk/package.json # extensions/nostr/CHANGELOG.md # extensions/nostr/package.json # extensions/open-prose/package.json # extensions/signal/package.json # extensions/slack/package.json # extensions/telegram/package.json # extensions/tlon/package.json # extensions/twitch/CHANGELOG.md # extensions/twitch/package.json # extensions/voice-call/CHANGELOG.md # extensions/voice-call/package.json # extensions/whatsapp/package.json # extensions/zalo/CHANGELOG.md # extensions/zalo/package.json # extensions/zalouser/CHANGELOG.md # extensions/zalouser/package.json # package.json * Update deps. (cherry picked from commit 460808e) # Conflicts: # package.json * feat: add Claude Opus 4.6 to built-in model catalog (openclaw#9853) * feat: add Claude Opus 4.6 to built-in model catalog - Update default model from claude-opus-4-5 to claude-opus-4-6 - Add opus-4.6 model ID normalization - Add claude-opus-4-6 to live model filter prefixes - Update image tool to prefer claude-opus-4-6 for vision - Add CLI backend alias for opus-4.6 - Update onboard auth default selections to include opus-4.6 - Update model picker placeholder Closes openclaw#9811 * test: update tests for claude-opus-4-6 default - Fix model-alias-defaults test to use claude-opus-4-6 - Fix image-tool test to expect claude-opus-4-6 in fallbacks * feat: support claude-opus-4-6 * docs: update changelog for opus 4.6 (openclaw#9853) (thanks @TinyTb) * chore: bump pi to 0.52.0 --------- Co-authored-by: Slurpy <slurpy@openclaw.ai> Co-authored-by: Peter Steinberger <steipete@gmail.com> (cherry picked from commit eb80b9a) # Conflicts: # CHANGELOG.md # src/agents/model-selection.ts # src/agents/tools/image-tool.ts * fix(runtime): bump minimum Node.js version to 22.12.0 (openclaw#5370) * fix(runtime): bump minimum Node.js version to 22.12.0 Aligns the runtime guard with the declared package.json engines requirement. The Matrix plugin (and potentially others) requires Node >= 22.12.0, but the runtime guard previously allowed 22.0.0+. This caused confusing errors like 'Cannot find module @vector-im/matrix-bot-sdk' when the real issue was an unsupported Node version. - Update MIN_NODE from 22.0.0 to 22.12.0 - Update error message to reflect the correct version - Update tests to use 22.12.0 as the minimum valid version Fixes openclaw#5292 * fix: update test versions to match MIN_NODE=22.12.0 --------- Co-authored-by: Markus Glucksberg <markus@glucksberg.com> (cherry picked from commit 2ca78a8) * chore: apply local workspace updates (openclaw#9911) * chore: apply local workspace updates * fix: resolve prep findings after rebase (openclaw#9898) (thanks @gumadeiras) * refactor: centralize model allowlist normalization (openclaw#9898) (thanks @gumadeiras) * fix: guard model allowlist initialization (openclaw#9911) * docs: update changelog scope for openclaw#9911 * docs: remove model names from changelog entry (openclaw#9911) * fix: satisfy type-aware lint in model allowlist (openclaw#9911) (cherry picked from commit 4629054) # Conflicts: # README.md # docs/bedrock.md # docs/concepts/model-providers.md # docs/concepts/models.md # docs/concepts/multi-agent.md # docs/gateway/cli-backends.md # docs/gateway/configuration-examples.md # docs/gateway/configuration.md # docs/gateway/heartbeat.md # docs/gateway/local-models.md # docs/help/faq.md # docs/providers/anthropic.md # docs/providers/index.md # docs/providers/minimax.md # docs/providers/models.md # docs/providers/openai.md # docs/providers/opencode.md # docs/providers/vercel-ai-gateway.md # docs/start/wizard-cli-reference.md # scripts/docs-i18n/util.go # src/agents/model-fallback.ts # src/agents/model-selection.ts # src/commands/auth-choice.apply.openai.ts # src/commands/onboard-non-interactive/local/auth-choice.ts * docs: improve DM security guidance with concrete example Add a more prominent security warning for multi-user DM setups: - Add blockquote security warning about context leakage - Include concrete example showing the privacy risk - Add "When to enable this" checklist - Clarify that default is fine for single-user setups Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> (cherry picked from commit b8004a2) # Conflicts: # docs/concepts/session.md * Agents: bump pi-mono to 0.52.5 (openclaw#9949) * Agents: bump pi-mono to 0.52.5 * Changelog: add PR reference for pi bump (cherry picked from commit 3299aeb) # Conflicts: # CHANGELOG.md * security: add skill/plugin code safety scanner (openclaw#9806) * security: add skill/plugin code safety scanner module * security: integrate skill scanner into security audit * security: add pre-install code safety scan for plugins * style: fix curly brace lint errors in skill-scanner.ts * docs: add changelog entry for skill code safety scanner * style: append ellipsis to truncated evidence strings * fix(security): harden plugin code safety scanning * fix: scan skills on install and report code-safety details * fix: dedupe audit-extra import * fix(security): make code safety scan failures observable * fix(test): stabilize smoke + gateway timeouts (openclaw#9806) (thanks @abdelsfane) --------- Co-authored-by: Darshil <ddhameliya@mail.sfsu.edu> Co-authored-by: Darshil <81693876+dvrshil@users.noreply.github.com> Co-authored-by: George Pickett <gpickett00@gmail.com> (cherry picked from commit bc88e58) # Conflicts: # src/commands/onboard-skills.ts # src/gateway/test-helpers.server.ts # src/plugins/install.test.ts # src/plugins/install.ts # src/security/audit-extra.ts # src/security/audit.test.ts * chore: Update deps. (cherry picked from commit 6f4665d) # Conflicts: # extensions/memory-lancedb/package.json * chore: update pnpm-lock.yaml for feishu extension deps Add lockfile entries for: - @larksuiteoapi/node-sdk@^1.56.1 - @sinclair/typebox@0.34.47 - zod@^4.3.6 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> (cherry picked from commit 7e005ac) * security: redact credentials from config.get gateway responses (openclaw#9858) * security: add skill/plugin code safety scanner module * security: integrate skill scanner into security audit * security: add pre-install code safety scan for plugins * style: fix curly brace lint errors in skill-scanner.ts * docs: add changelog entry for skill code safety scanner * security: redact credentials from config.get gateway responses The config.get gateway method returned the full config snapshot including channel credentials (Discord tokens, Slack botToken/appToken, Telegram botToken, Feishu appSecret, etc.), model provider API keys, and gateway auth tokens in plaintext. Any WebSocket client—including the unauthenticated Control UI when dangerouslyDisableDeviceAuth is set—could read every secret. This adds redactConfigSnapshot() which: - Deep-walks the config object and masks any field whose key matches token, password, secret, or apiKey patterns - Uses the existing redactSensitiveText() to scrub the raw JSON5 source - Preserves the hash for change detection - Includes 15 test cases covering all channel types * security: make gateway config writes return redacted values * test: disable control UI by default in gateway server tests * fix: redact credentials in gateway config APIs (openclaw#9858) (thanks @abdelsfane) --------- Co-authored-by: George Pickett <gpickett00@gmail.com> (cherry picked from commit 0c7fa2b) # Conflicts: # CHANGELOG.md # src/gateway/server.config-patch.e2e.test.ts * chore(release): bump version to 2026.2.6 (cherry picked from commit 677450c) # Conflicts: # apps/android/app/build.gradle.kts # apps/ios/Sources/Info.plist # apps/ios/Tests/Info.plist # apps/ios/project.yml # apps/macos/Sources/OpenClaw/Resources/Info.plist # docs/platforms/mac/release.md # extensions/bluebubbles/package.json # extensions/copilot-proxy/package.json # extensions/diagnostics-otel/package.json # extensions/discord/package.json # extensions/feishu/package.json # extensions/google-antigravity-auth/package.json # extensions/google-gemini-cli-auth/package.json # extensions/googlechat/package.json # extensions/imessage/package.json # extensions/line/package.json # extensions/llm-task/package.json # extensions/lobster/package.json # extensions/matrix/CHANGELOG.md # extensions/matrix/package.json # extensions/mattermost/package.json # extensions/memory-core/package.json # extensions/memory-lancedb/package.json # extensions/minimax-portal-auth/package.json # extensions/msteams/CHANGELOG.md # extensions/msteams/package.json # extensions/nextcloud-talk/package.json # extensions/nostr/CHANGELOG.md # extensions/nostr/package.json # extensions/open-prose/package.json # extensions/signal/package.json # extensions/slack/package.json # extensions/telegram/package.json # extensions/tlon/package.json # extensions/twitch/CHANGELOG.md # extensions/twitch/package.json # extensions/voice-call/CHANGELOG.md # extensions/voice-call/package.json # extensions/whatsapp/package.json # extensions/zalo/CHANGELOG.md # extensions/zalo/package.json # extensions/zalouser/CHANGELOG.md # extensions/zalouser/package.json # package.json * chore(deps): update deps (cherry picked from commit dca8cf9) # Conflicts: # extensions/feishu/package.json # extensions/memory-lancedb/package.json # package.json * chore(deps): bump carbon beta (cherry picked from commit 94b2fc1) * chore(lockfile): fix pnpm-lock (cherry picked from commit 0dd7033) * chore: bump pi to 0.52.8 (cherry picked from commit ff80646) * chore: project hygiene — fix workspace:*, sandbox USER, dead config (openclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies (cherry picked from commit 28e1a65) # Conflicts: # CHANGELOG.md # extensions/zalouser/package.json # package.json # pnpm-workspace.yaml * docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> (cherry picked from commit 74fbbda) --------- Co-authored-by: Peter Steinberger <steipete@gmail.com> Co-authored-by: Hisleren <aytekinhisleren@gmail.com> Co-authored-by: Evan Otero <evan@evanotero.com> Co-authored-by: Mario Zechner <badlogicgames@gmail.com> Co-authored-by: cpojer <christoph.pojer@gmail.com> Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com> Co-authored-by: Evan Otero <evanotero@google.com> Co-authored-by: Leszek Szpunar <13106764+leszekszpunar@users.noreply.github.com> Co-authored-by: VACInc <hixvac@gmail.com> Co-authored-by: Hasan FLeyah <fleyah33x@gmail.com> Co-authored-by: David Iach <davidiach@gmail.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com> Co-authored-by: Josh Palmer <joshp123@users.noreply.github.com> Co-authored-by: Gustavo Madeira Santana <gumadeiras@users.noreply.github.com> Co-authored-by: M00N7682 <dfjk71@khu.ac.kr> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Michael Lee <5957298+TinyTb@users.noreply.github.com> Co-authored-by: Markus Glucksberg <markus@glucksberg.com> Co-authored-by: Shrinija Kummari <shrinija@justpaid.ai> Co-authored-by: Abdel Sy Fane <32418586+abdelsfane@users.noreply.github.com> Co-authored-by: Yifeng Wang <xuebi@liblib.ai> Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com> Co-authored-by: max <40643627+quotentiroler@users.noreply.github.com> Co-authored-by: theonejvo <theonejvo@users.noreply.github.com> Co-authored-by: hughdidit <hugh.chapman@hughdidit.com>

…penclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies (cherry picked from commit 28e1a65) # Conflicts: # CHANGELOG.md # extensions/zalouser/package.json # package.json # pnpm-lock.yaml # pnpm-workspace.yaml

…penclaw#11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies

openclaw-barnacle bot added channel: msteams Channel integration: msteams channel: nostr Channel integration: nostr channel: zalo Channel integration: zalo docker Docker and sandbox tooling labels Feb 7, 2026

greptile-apps bot reviewed Feb 7, 2026

View reviewed changes

chore: project hygiene fixes (workspace:*, sandbox USER, dead config)

b92e873

quotentiroler force-pushed the fix/project-hygiene branch from 327c30a to b92e873 Compare February 7, 2026 17:19

chore: also fix workspace:* in zalouser dependencies

5ae96cb

openclaw-barnacle bot added the channel: zalouser Channel integration: zalouser label Feb 7, 2026

Merge branch 'main' into fix/project-hygiene

0794642

quotentiroler merged commit 28e1a65 into main Feb 8, 2026
22 of 23 checks passed

quotentiroler deleted the fix/project-hygiene branch February 8, 2026 10:36

github-actions bot mentioned this pull request Feb 8, 2026

cherry-pick: upstream deps/security commits (2026-02-08-2013) hughdidit/DAISy-Agency#115

Merged

6 tasks

jxstanford mentioned this pull request Feb 14, 2026

fix: sandbox-common build fails after #11289 added USER sandbox #16068

Closed

mbelinky pushed a commit that referenced this pull request Feb 14, 2026

chore: project hygiene — fix workspace:*, sandbox USER, dead config (#…

325b586

…11289) * chore: project hygiene fixes (workspace:*, sandbox USER, dead config) * chore: also fix workspace:* in zalouser dependencies

github-actions bot mentioned this pull request Mar 3, 2026

cherry-pick: upstream deps/security commits (2026-03-02-2346) hughdidit/DAISy-Agency#144

Closed

6 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore: project hygiene — fix workspace:*, sandbox USER, dead config#11289

chore: project hygiene — fix workspace:*, sandbox USER, dead config#11289
quotentiroler merged 3 commits intomainfrom
fix/project-hygiene

quotentiroler commented Feb 7, 2026 •

edited

Loading

Uh oh!

greptile-apps bot left a comment

Uh oh!

greptile-apps bot commented Feb 7, 2026

Uh oh!

quotentiroler commented Feb 7, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

quotentiroler commented Feb 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Changes

Testing

Uh oh!

greptile-apps bot left a comment

Choose a reason for hiding this comment

Uh oh!

greptile-apps bot commented Feb 7, 2026

Uh oh!

quotentiroler commented Feb 7, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

quotentiroler commented Feb 7, 2026 •

edited

Loading