fix(imessage): skip idle approval discovery scans by colmbrogan · Pull Request #88530 · openclaw/openclaw

colmbrogan · 2026-05-31T05:45:35Z

Summary

bound no-target iMessage approval recent-chat discovery to one pass per account
preserve restart recovery for observed approval prompts found in recent Messages history
keep recurring fast polling idle when no approval targets exist, avoiding repeated broad chat/history scans

Why

The iMessage approval discovery timer can run with allowRecentChatDiscovery: true even when OpenClaw has no pending iMessage approval targets. The old behavior repeatedly listed recent chats and fetched history every discovery interval. On large Messages databases this can make imsg spend CPU in messages.history/reaction lookup work despite having no actionable in-memory target.

The fix keeps the useful no-target discovery path for process startup/restart recovery, but records that the no-target discovery pass has already run for the account. Subsequent no-target discovery ticks return before calling chats.list.

Real behavior proof

Behavior or issue addressed: iMessage approval discovery no longer produces recurring idle imsg CPU spikes when no approval targets are pending, while the gateway remains running.

Real environment tested: real OpenClaw gateway on macOS using /Users/colm/clawdbot/dist/index.js gateway --port 18789 and real imsg rpc --json --db /Users/colm/Library/Messages/chat.db against the local Messages database.

Exact steps or command run after this patch: deployed the local no-target idle guard, restarted the gateway, watched the process through the morning, checked the live gateway/imsg process state, and checked the Messages database for new self-DM approval prompt echoes since the restart window.

Evidence after fix: copied live output from the real setup after the fix had been running overnight:

$ ps -axo pid,ppid,%cpu,lstart,command | rg '(/Users/colm/clawdbot/dist/index.js gateway|imsg)'
37893     1   7.3 Sat May 30 22:39:08 2026     /opt/homebrew/opt/node/bin/node /Users/colm/clawdbot/dist/index.js gateway --port 18789
37942 37893   0.0 Sat May 30 22:39:16 2026     /opt/homebrew/Cellar/imsg/0.8.1/libexec/imsg rpc --json --db /Users/colm/Library/Messages/chat.db

$ sqlite3 ~/Library/Messages/chat.db "select count(*) from message where date/1000000000 + 978307200 > strftime('%s','2026-05-31 05:39:08') and is_from_me=1 and text like '%Exec approval required%';"
0

Observed result after fix: no new self-DM echo texts and no recurring imsg spike during the morning watch window after restart; spot check showed the live imsg rpc child at 0.0% CPU.

What was not tested: I did not restart the live gateway onto this exact cleaned commit because the cleaned commit intentionally preserves one startup no-target discovery pass; the deployed local guard tested the same recurring idle no-target path that this PR bounds after that first pass.

Tests

pnpm test -- extensions/imessage/src/approval-reaction-poller.test.ts
- 1 file passed, 9 tests passed
pnpm oxlint extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts
git diff --check -- extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts

clawsweeper · 2026-05-31T05:48:00Z

Codex review: needs maintainer review before merge. Reviewed June 9, 2026, 1:58 AM ET / 05:58 UTC.

Summary
The PR adds process-local per-account completion state to iMessage approval discovery, extends approval reaction handling with stop reasons, and adds regression tests for bounded no-target discovery and retry paths.

PR surface: Source +25, Tests +219. Total +244 across 3 files.

Reproducibility: yes. from source: current main schedules discovery immediately and every 60 seconds, and the poller lists recent chats whenever no targets exist and discovery is allowed. I did not run a live gateway in this read-only review.

Review metrics: 1 noteworthy metric.

Discovery cadence: 60s recurring no-target scan changed to 1 successful pass per account/process. This is the compatibility and approval-recovery behavior maintainers need to notice before merge.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🐚 platinum hermit
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

[P2] Maintainers should decide whether one-pass no-target recovery is acceptable, or request a bounded backoff/recovery-trigger design before merge.

Risk before merge

[P2] Merging changes existing recurring no-target observed-prompt discovery to one successful pass per process/account; prompts that only become recoverable from recent Messages history later in the same running process may wait for process restart or a new explicit in-memory target.
[P1] The supplied live proof covers the idle CPU/no-target path, but it does not prove the long-running reconnect or multi-process recovery tradeoff that maintainers must accept before merge.

Maintainer options:

Accept One-Pass Idle Recovery
Maintainers can merge the branch if they explicitly accept one clean no-target discovery pass per process/account as the compatibility tradeoff for avoiding idle imsg scans.
Use Bounded Periodic Recovery
Revise the guard to use a bounded backoff, TTL, or explicit recovery trigger if recurring no-target observed-prompt recovery must remain available in long-running processes.
Hold For Live Recovery Proof
Pause the PR if maintainers want proof of reconnect or multi-process recovery behavior before accepting the one-pass policy.

Next step before merge

[P2] The remaining blocker is maintainer acceptance of the one-pass recovery policy; I found no narrow mechanical defect for an automated repair lane.

Security
Cleared: The diff only changes iMessage poller process-local state, approval reaction return typing, and tests; it does not touch dependencies, workflows, secrets, permissions, package scripts, or other supply-chain surfaces.

Review details

Best possible solution:

Land the one-pass poller guard only if maintainers accept the reduced recurring recovery behavior; otherwise replace it with a bounded backoff, TTL, or explicit recovery trigger that avoids idle scans without permanently completing the account.

Do we have a high-confidence way to reproduce the issue?

Yes from source: current main schedules discovery immediately and every 60 seconds, and the poller lists recent chats whenever no targets exist and discovery is allowed. I did not run a live gateway in this read-only review.

Is this the best way to solve the issue?

Unclear until maintainer acceptance: the poller-local guard is a narrow and well-tested mitigation, but it is only the best fix if maintainers accept dropping recurring no-target recovery within a process instead of using bounded backoff or freshness.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against e1978cf73cbd.

Label changes

Label changes:

add proof: sufficient: Contributor real behavior proof is sufficient. Sufficient: the PR body includes copied live macOS gateway/imsg output after the idle guard ran overnight, showing the imsg child at 0.0% CPU and no new self-DM approval echoes; later edge-case repairs are covered by focused tests.

Label justifications:

P2: This is a focused iMessage approval-reaction performance fix with limited channel-specific blast radius.
merge-risk: 🚨 compatibility: The PR changes existing recurring no-target discovery semantics for already-running iMessage setups.
merge-risk: 🚨 message-delivery: The changed recovery policy can affect whether observed approval prompts in Messages history are rediscovered for tapback approval handling.
rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): Sufficient: the PR body includes copied live macOS gateway/imsg output after the idle guard ran overnight, showing the imsg child at 0.0% CPU and no new self-DM approval echoes; later edge-case repairs are covered by focused tests.
proof: sufficient: Contributor real behavior proof is sufficient. Sufficient: the PR body includes copied live macOS gateway/imsg output after the idle guard ran overnight, showing the imsg child at 0.0% CPU and no new self-DM approval echoes; later edge-case repairs are covered by focused tests.

Evidence reviewed

PR surface:

Source +25, Tests +219. Total +244 across 3 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	2	31	6	+25
Tests	1	220	1	+219
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	3	251	7	+244

What I checked:

Current main recurring no-target discovery: Current main only returns early when there are no targets and recent-chat discovery is not allowed; with allowRecentChatDiscovery true, the no-target path can still call chats.list and messages.history. (extensions/imessage/src/approval-reaction-poller.ts:231, e1978cf73cbd)
Runtime discovery cadence: The iMessage monitor runs normal approval polling every 2 seconds, discovery polling every 60 seconds, and starts one discovery pass immediately. (extensions/imessage/src/monitor/monitor-provider.ts:1478, e1978cf73cbd)
PR head no-target guard: The PR records account completion for no-target discovery and skips future no-target discovery for that account after a successful pass. (extensions/imessage/src/approval-reaction-poller.ts:237, acbd319645d6)
PR head stop reason contract: The PR changes approval reaction handling to distinguish resolved, not-found, and resolver-error stop reasons so the poller can complete no-target discovery only on safe stop paths. (extensions/imessage/src/approval-reactions.ts:33, acbd319645d6)
PR regression coverage: The PR tests one-pass no-target discovery, completion after a recovered reaction, resolver-error retry, chats.list retry, and messages.history retry behavior. (extensions/imessage/src/approval-reaction-poller.test.ts:123, acbd319645d6)
User-visible recovery context: The iMessage docs describe persistent approval reaction bindings so a tapback shortly after gateway restart can resolve an approval; this PR preserves startup recovery but changes recurring no-target recovery. Public docs: docs/channels/imessage.md. (docs/channels/imessage.md:623, e1978cf73cbd)

Likely related people:

omarshahine: Authored the merged iMessage thumb approval reaction feature that introduced the approval reaction surfaces and monitor integration this PR changes. (role: feature owner; confidence: high; commits: 5c7980fa1132; files: extensions/imessage/src/approval-reactions.ts, extensions/imessage/src/monitor/monitor-provider.ts, extensions/imessage/src/approval-reaction-poller.ts)
steipete: Recent merged commits changed the approval poller and approval reaction behavior shortly before this PR, including poll expiry and denied-reaction polling behavior. (role: recent area contributor; confidence: high; commits: f4d461bbff62, 59c3ee7c4507; files: extensions/imessage/src/approval-reaction-poller.ts, extensions/imessage/src/approval-reaction-poller.test.ts, extensions/imessage/src/approval-reactions.ts)
kevinslin: Authored merged adjacent work around iMessage native exec approval routing, sent GUID binding, and local chat.db GUID recovery that this no-target discovery path builds on. (role: adjacent recovery contributor; confidence: medium; commits: 40bca6d8bbfc; files: extensions/imessage/src/approval-reaction-poller.ts, extensions/imessage/src/monitor/monitor-provider.ts)
colmbrogan: Besides authoring this PR, has recent merged iMessage monitor-provider work on self-chat echo/dedupe behavior, so they are a relevant adjacent implementation contact. (role: recent adjacent contributor; confidence: medium; commits: 7e3100a12022; files: extensions/imessage/src/monitor/monitor-provider.ts)

What the crustacean ranks mean

🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

ClawSweeper keeps one durable marker-backed review comment per issue or PR.
Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
Maintainers can also comment @clawsweeper review to request a fresh review only.
Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

colmbrogan · 2026-06-02T17:51:01Z

Rebased this PR onto current upstream/main and force-with-lease pushed the refreshed branch.

Scope remains limited to the approval poller:

extensions/imessage/src/approval-reaction-poller.ts
extensions/imessage/src/approval-reaction-poller.test.ts

Local verification after rebase:

node scripts/run-vitest.mjs extensions/imessage/src/approval-reaction-poller.test.ts: passed, 1 file / 9 tests.
pnpm oxlint extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts: passed.
git diff --check upstream/main...HEAD -- extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts: passed.

The previous build-artifacts failure was from unrelated scripts/plugin-prerelease-test-plan.test.ts matrix ordering on the old CI run; this push should give the PR fresh CI on the current base.

colmbrogan · 2026-06-02T18:02:57Z

Repaired the retry bug from the ClawSweeper review and force-with-lease pushed the updated branch.

Change made:

Moved the no-target discovery completion marker until after listRecentChatIds(...) succeeds, so a transient first chats.list failure does not permanently suppress later no-target discovery in the same process.
Added a regression test where the first no-target chats.list rejects, the second poll retries, and messages.history is reached.

Local verification after repair:

node scripts/run-vitest.mjs extensions/imessage/src/approval-reaction-poller.test.ts: passed, 1 file / 10 tests.
pnpm oxlint extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts: passed.
git diff --check -- extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts: passed.

@clawsweeper re-review

clawsweeper · 2026-06-02T18:03:00Z

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

State: Complete
Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
Run: https://github.com/openclaw/clawsweeper/actions/runs/26838576475
Updated: 2026-06-02T18:11:32.191Z

colmbrogan · 2026-06-02T18:16:49Z

Repaired the remaining ClawSweeper history-failure retry finding and force-with-lease pushed the updated branch.

Change made:

No-target discovery now marks an account complete only after chats.list succeeds and all bounded messages.history fetches complete without error.
Empty recent-chat lists still complete the no-target pass.
Any messages.history fetch error leaves the account retryable for the next discovery tick.
Added a regression test where the first no-target messages.history call fails, the next poll retries, and the following poll is skipped after the successful retry completes the one-pass scan.

Local verification after repair:

node scripts/run-vitest.mjs extensions/imessage/src/approval-reaction-poller.test.ts: passed, 1 file / 11 tests.
pnpm oxlint extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts: passed.
git diff --check -- extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts: passed.

@clawsweeper re-review

clawsweeper · 2026-06-02T18:16:52Z

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

State: Complete
Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
Run: https://github.com/openclaw/clawsweeper/actions/runs/26839304328
Updated: 2026-06-02T18:24:01.379Z

omarshahine

This change is close, but the one-pass guard is bypassed on the recovered-reaction path.

Finding:

extensions/imessage/src/approval-reaction-poller.ts:298 returns immediately when handleIMessageApprovalReaction reports stopPolling. For no-target discovery, shouldAttemptNoTargetDiscovery is true and the completion marker is only written after the outer scan finishes at the bottom of the function. handleIMessageApprovalReaction returns stopPolling: true after a resolved approval, NotFound, or resolver failure in extensions/imessage/src/approval-reactions.ts, so a startup/restart recovery scan that actually finds a reacted approval prompt exits before accountIdsWithCompletedNoTargetDiscovery.add(params.accountId) runs. After the successful path unregisters the recovered binding, later discovery timer ticks still have no targets and will keep calling chats.list / messages.history for that account until the old prompt leaves the history window.

Best fix: mark the no-target discovery attempt complete before that early return when shouldAttemptNoTargetDiscovery is true and no history fetch has failed, or centralize the completion write in a single completion path that also covers stopPolling.

Verification I ran after rebasing locally on current origin/main:

pnpm test -- extensions/imessage/src/approval-reaction-poller.test.ts -- --reporter=verbose passed, 11 tests.
.agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main reported the same actionable finding.

colmbrogan · 2026-06-09T05:49:41Z

Repaired the recovered-reaction early-return finding and pushed the updated branch.

Change made:

When no-target recent-chat discovery finds and handles a recovered approval reaction, the stopPolling path now records the account as having completed no-target discovery before returning, provided no messages.history fetch failed.
Added a regression test covering that exact path: first no-target discovery finds a reacted approval prompt and stops polling; a later no-target discovery tick does not call chats.list / messages.history again.

Local verification on the clean PR branch:

node scripts/run-vitest.mjs extensions/imessage/src/approval-reaction-poller.test.ts: passed, 1 file / 12 tests.
pnpm oxlint extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts: passed.
git diff --check -- extensions/imessage/src/approval-reaction-poller.ts extensions/imessage/src/approval-reaction-poller.test.ts: passed.

@clawsweeper re-review

clawsweeper · 2026-06-09T05:49:44Z

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

State: Superseded
Detail: A newer re-review for this item started before this run finished, so GitHub cancelled this older run. Check the latest ClawSweeper run for the current result.
Run: https://github.com/openclaw/clawsweeper/actions/runs/27186666041
Updated: 2026-06-09T05:52:38.481Z

omarshahine · 2026-06-09T05:52:25Z

@clawsweeper re-review

clawsweeper · 2026-06-09T05:52:28Z

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

State: Complete
Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
Run: https://github.com/openclaw/clawsweeper/actions/runs/27186767068
Updated: 2026-06-09T05:58:50.984Z

omarshahine

Maintainer review accepted for the current head.

I reviewed the iMessage approval recovery path and spot-checked sibling channel approval implementations. The remaining tradeoff is intentional: no-target recent-chat discovery is now bounded to one clean pass per account/process, preserving startup/restart recovery while removing the indefinite 60s broad history scan. Other channels either resolve from native interaction callbacks or inbound reaction events with target identifiers, so they do not keep polling broad history while idle.

Verification:

Current PR CI: green.
Local focused check: node scripts/run-vitest.mjs extensions/imessage/src/approval-reaction-poller.test.ts passed, 13 tests.
Cross-channel spot check covered Slack, Discord, Telegram, Google Chat, Mattermost, WhatsApp, Signal, and Matrix approval paths.

* fix(imessage): bound idle approval discovery scans * fix(imessage): complete bounded approval discovery --------- Co-authored-by: Omar Shahine <10343873+omarshahine@users.noreply.github.com>

…26.6.6) (#1040) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/openclaw/openclaw](https://openclaw.ai) ([source](https://github.com/openclaw/openclaw)) | patch | `2026.6.5` → `2026.6.6` | --- ### Release Notes <details> <summary>openclaw/openclaw (ghcr.io/openclaw/openclaw)</summary> ### [`v2026.6.6`](https://github.com/openclaw/openclaw/blob/HEAD/CHANGELOG.md#202666) [Compare Source](openclaw/openclaw@v2026.6.5...v2026.6.6) ##### Highlights - Security boundaries are substantially tighter across transcripts, sandbox binds, host environment inheritance, MCP stdio, Codex HTTP access, native search policy, elevated sender checks, deleted-agent ACP bypasses, loopback tools, Discord moderation, and Teams group actions; exec approvals now fail closed on timeout. ([#91529](openclaw/openclaw#91529), [#91618](openclaw/openclaw#91618), [#91615](openclaw/openclaw#91615), [#91619](openclaw/openclaw#91619), [#91741](openclaw/openclaw#91741), [#91745](openclaw/openclaw#91745), [#91746](openclaw/openclaw#91746), [#91748](openclaw/openclaw#91748), [#91749](openclaw/openclaw#91749), [#91750](openclaw/openclaw#91750), [#91751](openclaw/openclaw#91751), [#91752](openclaw/openclaw#91752), [#91763](openclaw/openclaw#91763), [#89938](openclaw/openclaw#89938)) Thanks [@joshavant](https://github.com/joshavant), [@pgondhi987](https://github.com/pgondhi987), [@mmaps](https://github.com/mmaps), [@eleqtrizit](https://github.com/eleqtrizit), [@shakkernerd](https://github.com/shakkernerd), and [@drobison00](https://github.com/drobison00). - Telegram delivery is safer and more coherent: account-scoped topics route to the right agent, streamed text survives tool calls, `/compact` works on generic ingress, callback handling uses concrete APIs, draft chunking is shared, durable dispatch dedupe moved into the SDK, and unauthorized DM text stays out of cache and prompt context. ([#91189](openclaw/openclaw#91189), [#88682](openclaw/openclaw#88682), [#89588](openclaw/openclaw#89588), [#90212](openclaw/openclaw#90212), [#91876](openclaw/openclaw#91876), [#91874](openclaw/openclaw#91874), [#91904](openclaw/openclaw#91904), [#91478](openclaw/openclaw#91478), [#91915](openclaw/openclaw#91915)) Thanks [@codysai001](https://github.com/codysai001), [@alexzhu0](https://github.com/alexzhu0), [@joelnishanth](https://github.com/joelnishanth), [@snowzlm](https://github.com/snowzlm), [@obviyus](https://github.com/obviyus), and [@sallyom](https://github.com/sallyom). - iMessage recovery and delivery now cover always-on inbound restart, durable echo markers, block streaming, idle approval discovery, hardened outbound transport, and actionable inbound startup diagnostics. ([#91335](openclaw/openclaw#91335), [#91449](openclaw/openclaw#91449), [#88969](openclaw/openclaw#88969), [#88530](openclaw/openclaw#88530), [#91783](openclaw/openclaw#91783), [#91785](openclaw/openclaw#91785)) Thanks [@omarshahine](https://github.com/omarshahine), [@jmissig](https://github.com/jmissig), and [@colmbrogan](https://github.com/colmbrogan). - Browser and MCP connectivity gained existing-session CDP support, discovered WebSocket validation, default-profile `cdpUrl` handling, safer browser-output boundaries, Streamable HTTP loopback transport, corrected OAuth/SSE authorization handling, and broader schema compatibility. ([#91422](openclaw/openclaw#91422), [#89851](openclaw/openclaw#89851), [#91736](openclaw/openclaw#91736), [#91747](openclaw/openclaw#91747), [#91451](openclaw/openclaw#91451), [#80143](openclaw/openclaw#80143)) Thanks [@pgondhi987](https://github.com/pgondhi987), [@anagnorisis2peripeteia](https://github.com/anagnorisis2peripeteia), [@lifuyue](https://github.com/lifuyue), [@eleqtrizit](https://github.com/eleqtrizit), [@LiuwqGit](https://github.com/LiuwqGit), and [@HemantSudarshan](https://github.com/HemantSudarshan). - Control UI startup and first-reply latency are lower through cached model metadata, removal of the startup catalog wait, lazy slash-command loading, and first-event tracing with slow-reply diagnostics. ([#91531](openclaw/openclaw#91531), [#91538](openclaw/openclaw#91538), [#91568](openclaw/openclaw#91568), [#91583](openclaw/openclaw#91583), [#91598](openclaw/openclaw#91598)) - Provider support expands with OpenRouter OAuth onboarding and Claude Fable 5 adaptive thinking, while Codex sessions keep correct compaction ownership, local models skip guardian review, dynamic tool progress normalizes cleanly, and Gemma 4 reasoning replay is preserved. ([#91830](openclaw/openclaw#91830), [#91882](openclaw/openclaw#91882), [#91590](openclaw/openclaw#91590), [#88630](openclaw/openclaw#88630), [#88768](openclaw/openclaw#88768), [#91696](openclaw/openclaw#91696)) Thanks [@Patrick-Erichsen](https://github.com/Patrick-Erichsen), [@joshavant](https://github.com/joshavant), [@bdjben](https://github.com/bdjben), and [@Coder-Wangyankun](https://github.com/Coder-Wangyankun). ##### Changes - CLI progress: emit Claude CLI commentary progress events and bridge inter-tool commentary into channel progress without exposing internal protocol scaffolding. ([#89834](openclaw/openclaw#89834), [#90883](openclaw/openclaw#90883)) Thanks [@anagnorisis2peripeteia](https://github.com/anagnorisis2peripeteia). - Observability: allow trusted diagnostics channels to capture tool input/output content, add first-assistant-event traces, and warn on slow initial replies. ([#91256](openclaw/openclaw#91256), [#91568](openclaw/openclaw#91568), [#91583](openclaw/openclaw#91583)) Thanks [@amknight](https://github.com/amknight). - Plugins/ClawHub: dogfood reusable package publishing, let dry runs skip publish approval, allow declared installed trusted hooks, report managed plugin version drift, and warn instead of failing on retired Skill Workshop configuration. ([#91574](openclaw/openclaw#91574), [#91591](openclaw/openclaw#91591), [#90004](openclaw/openclaw#90004), [#90927](openclaw/openclaw#90927), [#90838](openclaw/openclaw#90838)) Thanks [@Patrick-Erichsen](https://github.com/Patrick-Erichsen), [@brokemac79](https://github.com/brokemac79), and [@lonexreb](https://github.com/lonexreb). - Memory/providers: move the local llama.cpp runtime into its provider plugin, batch embeddings across files, persist the agent model catalog cache, and keep QMD JSON search one-shot while filtering stale REM recall previews. ([#91324](openclaw/openclaw#91324), [#89138](openclaw/openclaw#89138), [#90457](openclaw/openclaw#90457), [#91837](openclaw/openclaw#91837), [#91851](openclaw/openclaw#91851)) Thanks [@osolmaz](https://github.com/osolmaz), [@mushuiyu886](https://github.com/mushuiyu886), [@ai-hpc](https://github.com/ai-hpc), and [@TurboTheTurtle](https://github.com/TurboTheTurtle). - Channels/mobile: add the QQBot group mention toggle, improve iPad and iPhone control surfaces, and expose the active connection host in the TUI footer. ([#91423](openclaw/openclaw#91423), [#91557](openclaw/openclaw#91557), [#89909](openclaw/openclaw#89909)) Thanks [@cxyhhhhh](https://github.com/cxyhhhhh), [@Solvely-Colin](https://github.com/Solvely-Colin), and [@baskduf](https://github.com/baskduf). - Performance: prewarm TUI runtime plugins, deduplicate plugin auto-enable fanout, trim dense text-delta snapshots, and reuse prepared startup model metadata. ([#90782](openclaw/openclaw#90782), [#89978](openclaw/openclaw#89978), [#91580](openclaw/openclaw#91580), [#91531](openclaw/openclaw#91531)) Thanks [@RomneyDa](https://github.com/RomneyDa) and [@ai-hpc](https://github.com/ai-hpc). ##### Fixes - Agent/session recovery: drop stale approval follow-ups after session rebind, remove drained reply-queue items by identity, recover stale main and visible replies, preserve Codex context-engine compaction ownership, lower the default compaction timeout to 180 seconds while respecting explicit configuration, and keep provider-failure terminal lifecycle state correct. ([#85679](openclaw/openclaw#85679), [#91450](openclaw/openclaw#91450), [#91566](openclaw/openclaw#91566), [#91840](openclaw/openclaw#91840), [#91590](openclaw/openclaw#91590), [#91361](openclaw/openclaw#91361), [#91895](openclaw/openclaw#91895)) Thanks [@openperf](https://github.com/openperf), [@yetval](https://github.com/yetval), [@joshavant](https://github.com/joshavant), [@wangmiao0668000666](https://github.com/wangmiao0668000666), and [@TurboTheTurtle](https://github.com/TurboTheTurtle). - User-visible content boundaries: suppress Codex/Harmony protocol artifacts, neutralize browser and LanceDB memory media directives, redact transcript images, and preserve native `/compact` replies through source suppression. ([#89151](openclaw/openclaw#89151), [#91422](openclaw/openclaw#91422), [#91425](openclaw/openclaw#91425), [#91529](openclaw/openclaw#91529), [#90212](openclaw/openclaw#90212)) Thanks [@joelnishanth](https://github.com/joelnishanth), [@pgondhi987](https://github.com/pgondhi987), [@joshavant](https://github.com/joshavant), and [@snowzlm](https://github.com/snowzlm). - Channel delivery: keep WhatsApp captured replies attached to the successor controller after restart, retry Feishu rate limits, preserve Mattermost thread replies, canonicalize LINE webhook paths, restore Discord reply hydration and runtime timeout exports, and show OpenAI Realtime WebRTC assistant transcripts. ([#85823](openclaw/openclaw#85823), [#89659](openclaw/openclaw#89659), [#91684](openclaw/openclaw#91684), [#91649](openclaw/openclaw#91649), [#90263](openclaw/openclaw#90263), [#91686](openclaw/openclaw#91686), [#90426](openclaw/openclaw#90426)) Thanks [@itsuzef](https://github.com/itsuzef), [@ladygege](https://github.com/ladygege), [@jacobtomlinson](https://github.com/jacobtomlinson), [@fuller-stack-dev](https://github.com/fuller-stack-dev), and [@shushushv](https://github.com/shushushv). - Cron: cancel active task runs cleanly, preserve terminal timeout/cancel state, and recover no-deliver tool warnings instead of silently losing the outcome. ([#90666](openclaw/openclaw#90666), [#90678](openclaw/openclaw#90678)) Thanks [@ai-hpc](https://github.com/ai-hpc). - Gateway/config/auth: share the approval runtime socket token, replace arrays explicitly in `config.patch`, skip the deleted-agent guard only for valid ACP harness sessions, surface headless LaunchAgent state, verify SQLite auth migration before cleanup, and arm QMD startup maintenance. ([#87105](openclaw/openclaw#87105), [#91551](openclaw/openclaw#91551), [#91219](openclaw/openclaw#91219), [#91614](openclaw/openclaw#91614), [#91740](openclaw/openclaw#91740), [#91978](openclaw/openclaw#91978)) Thanks [@fuller-stack-dev](https://github.com/fuller-stack-dev) and [@scotthuang](https://github.com/scotthuang). - Providers/Codex: clarify quota errors, restore the Codex synthetic usage line, canonicalize Codex protocol assets, require API-key auth for realtime voice, normalize ACP model refs, preserve Gemma 4 `reasoning_content`, and avoid guardian review for local models. ([#91390](openclaw/openclaw#91390), [#91709](openclaw/openclaw#91709), [#91507](openclaw/openclaw#91507), [#91567](openclaw/openclaw#91567), [#88630](openclaw/openclaw#88630), [#91696](openclaw/openclaw#91696)) Thanks [@hxy91819](https://github.com/hxy91819), [@brokemac79](https://github.com/brokemac79), [@RomneyDa](https://github.com/RomneyDa), [@joshavant](https://github.com/joshavant), and [@Coder-Wangyankun](https://github.com/Coder-Wangyankun). - Updates/builds: recover package Gateway restarts after refresh failure, expose plugin convergence repair, fall back to Corepack in PATH-less pnpm environments, seed the correct Docker store packages, and keep ClawHub dry-run and publish paths reusable. ([#91581](openclaw/openclaw#91581), [#91599](openclaw/openclaw#91599), [#91547](openclaw/openclaw#91547), [#91591](openclaw/openclaw#91591)) Thanks [@fuller-stack-dev](https://github.com/fuller-stack-dev), [@sallyom](https://github.com/sallyom), and [@Patrick-Erichsen](https://github.com/Patrick-Erichsen). - UI: require explicit user intent before opening chat sessions and drain restored chat queues after session switches. ([#91480](openclaw/openclaw#91480)) Thanks [@TurboTheTurtle](https://github.com/TurboTheTurtle). - Android: avoid the `dataSync` foreground-service type for persistent nodes. ([#80082](openclaw/openclaw#80082)) Thanks [@davelutztx](https://github.com/davelutztx). - Native hooks: bound relay lifetimes so abandoned native hook connections cannot linger indefinitely. ([#91550](openclaw/openclaw#91550)) Thanks [@joshavant](https://github.com/joshavant). </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).  Reviewed-on: https://git.erwanleboucher.dev/eleboucher/homelab/pulls/1040

openclaw-barnacle Bot added channel: imessage Channel integration: imessage size: S triage: needs-real-behavior-proof Candidate: external PR needs after-fix proof from a real setup. labels May 31, 2026

colmbrogan force-pushed the fix-imessage-approval-discovery-idle-scan branch 4 times, most recently from a44c048 to 44c256b Compare May 31, 2026 19:59

openclaw-barnacle Bot added proof: supplied External PR includes structured after-fix real behavior proof. and removed triage: needs-real-behavior-proof Candidate: external PR needs after-fix proof from a real setup. labels May 31, 2026

colmbrogan force-pushed the fix-imessage-approval-discovery-idle-scan branch from 44c256b to d0ce407 Compare June 2, 2026 17:50

openclaw-barnacle Bot removed the proof: sufficient ClawSweeper judged the real behavior proof convincing. label Jun 2, 2026

clawsweeper Bot added the proof: sufficient ClawSweeper judged the real behavior proof convincing. label Jun 2, 2026

colmbrogan force-pushed the fix-imessage-approval-discovery-idle-scan branch from d0ce407 to e69dded Compare June 2, 2026 18:02

openclaw-barnacle Bot removed the proof: sufficient ClawSweeper judged the real behavior proof convincing. label Jun 2, 2026

clawsweeper Bot added proof: sufficient ClawSweeper judged the real behavior proof convincing. and removed rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. labels Jun 2, 2026

clawsweeper Bot added the rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. label Jun 2, 2026

colmbrogan force-pushed the fix-imessage-approval-discovery-idle-scan branch from e69dded to 5098fbf Compare June 2, 2026 18:16

openclaw-barnacle Bot removed the proof: sufficient ClawSweeper judged the real behavior proof convincing. label Jun 2, 2026

fix(imessage): bound idle approval discovery scans

47b1b8a

omarshahine requested changes Jun 9, 2026

View reviewed changes

openclaw-barnacle Bot removed the proof: sufficient ClawSweeper judged the real behavior proof convincing. label Jun 9, 2026

fix(imessage): complete bounded approval discovery

acbd319

omarshahine force-pushed the fix-imessage-approval-discovery-idle-scan branch from 0ee53e7 to acbd319 Compare June 9, 2026 05:52

openclaw-barnacle Bot added size: M and removed size: S labels Jun 9, 2026

clawsweeper Bot added the proof: sufficient ClawSweeper judged the real behavior proof convincing. label Jun 9, 2026

omarshahine self-assigned this Jun 9, 2026

omarshahine approved these changes Jun 9, 2026

View reviewed changes

omarshahine merged commit 3a9ea1d into openclaw:main Jun 9, 2026
168 of 170 checks passed

github-actions Bot mentioned this pull request Jun 9, 2026

📡 Upstream Digest — 2026-06-09 23:13 UTC curtismercier/openclaw-mods#1049

Open

Haderach-Ram mentioned this pull request Jun 10, 2026

Ecosystem Digest — 2026-06-10 Haderach-Ram/openclaw-radar#35

Open

Uh oh!

Conversation

colmbrogan commented May 31, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Why

Real behavior proof

Tests

Uh oh!

clawsweeper Bot commented May 31, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

colmbrogan commented Jun 2, 2026

Uh oh!

colmbrogan commented Jun 2, 2026

Uh oh!

clawsweeper Bot commented Jun 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

colmbrogan commented Jun 2, 2026

Uh oh!

clawsweeper Bot commented Jun 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

omarshahine left a comment

Choose a reason for hiding this comment

Uh oh!

colmbrogan commented Jun 9, 2026

Uh oh!

clawsweeper Bot commented Jun 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

omarshahine commented Jun 9, 2026

Uh oh!

clawsweeper Bot commented Jun 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

omarshahine left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

colmbrogan commented May 31, 2026 •

edited

Loading

clawsweeper Bot commented May 31, 2026 •

edited

Loading

clawsweeper Bot commented Jun 2, 2026 •

edited

Loading

clawsweeper Bot commented Jun 2, 2026 •

edited

Loading

clawsweeper Bot commented Jun 9, 2026 •

edited

Loading

clawsweeper Bot commented Jun 9, 2026 •

edited

Loading