Skip to content

fix(agents): bound provider JSON response reads#95218

Merged
openclaw-clownfish[bot] merged 1 commit into
openclaw:mainfrom
Alix-007:fix/bound-provider-http-json-error
Jun 23, 2026
Merged

fix(agents): bound provider JSON response reads#95218
openclaw-clownfish[bot] merged 1 commit into
openclaw:mainfrom
Alix-007:fix/bound-provider-http-json-error

Conversation

@Alix-007

Copy link
Copy Markdown
Contributor

Summary

readProviderJsonResponse parsed provider success bodies with an unbounded await response.json(). The sibling binary path (readProviderBinaryResponse) already caps reads at 16 MiB via readResponseWithLimit, and readResponseTextLimited bounds error bodies, so the JSON success path was the one remaining unbounded reader in this module — a malicious or malfunctioning provider streaming an endless JSON body could force the runtime to buffer the entire payload before failing. This is the symmetric success-path complement to the error-stream hardening in #95108.

This change reads the JSON body through the same bounded reader (readResponseWithLimit) the binary path uses, then JSON.parses the bounded text. Behavior for well-formed and malformed JSON is unchanged; only the unbounded-size case now throws a clear overflow error instead of buffering without limit.

Changes

  • src/agents/provider-http-errors.ts: add PROVIDER_JSON_RESPONSE_MAX_BYTES (16 MiB, matching the binary cap) and route readProviderJsonResponse through readResponseWithLimit, with an optional opts.maxBytes override and an onOverflow that throws <label>: JSON response exceeds <n> bytes. Malformed JSON still throws <label>: malformed JSON response (now from the bounded text via JSON.parse).
  • src/agents/provider-http-errors.test.ts: add a streaming JSON fixture plus regression tests that (a) still parse well-formed JSON under the cap and (b) cancel and reject oversized streamed JSON bodies before fully buffering them — mirroring the existing binary cap test.

Real behavior proof

A standalone tsx harness imported and drove the real readProviderJsonResponse against a ReadableStream that offers a 64 MiB JSON string body, with a 16 MiB cap, instrumenting how many 1 MiB chunks the reader actually pulled.

Behavior addressed: Unbounded buffering of provider JSON success responses; an oversized streamed JSON body should be cancelled at the byte cap and rejected, not fully buffered.

Real environment tested: Node v22.22.0, tsx 4.22.3, real source imported (no mocks of the function under test); vitest 4.1.7 via scripts/run-vitest.mjs.

Exact steps or command run after this patch:

  • node --import tsx proof-json-bound.mts (drives the real readProviderJsonResponse with a 64 MiB streamed JSON body, 16 MiB cap)
  • node scripts/run-vitest.mjs src/agents/provider-http-errors.test.ts --run
  • oxlint src/agents/provider-http-errors.ts src/agents/provider-http-errors.test.ts

Evidence after fix:

=== readProviderJsonResponse oversized-body readback ===
total body offered : 64 chunks (64 MiB)
byte cap           : 16777216 bytes (16 MiB)
chunks pulled       : 17
approx bytes read   : 17825792 (~17 MiB)
observed error      : Provider catalog failed: JSON response exceeds 16777216 bytes
parsed string length: (n/a)
RESULT: BOUNDED — stream cancelled before reading the full 64 MiB body.

vitest: Test Files 1 passed (1) / Tests 12 passed (12). oxlint: exit 0, no findings.

Observed result after fix: The reader pulled only 17 of 64 chunks (~17 MiB, stopping at the 16 MiB cap), cancelled the stream, and threw Provider catalog failed: JSON response exceeds 16777216 bytes. Negative control (temporarily reverting the source to await response.json() and re-running the same harness) read all 64 chunks (~64 MiB) and fully parsed the body — confirming the unbounded behavior and that the fix is what bounds it.

What was not tested: Real network responses from live providers (the harness uses an in-process ReadableStream fixture); the idle-timeout dimension (this change only adds the byte cap, matching the existing binary path which also relies on readResponseWithLimit's default behavior).

AI-assisted (human-run real behavior proof included). This is the symmetric success-path complement to the #95108 error-stream hardening for the same module family.

@openclaw-barnacle openclaw-barnacle Bot added agents Agent runtime and tooling size: S labels Jun 20, 2026
@clawsweeper

clawsweeper Bot commented Jun 20, 2026

Copy link
Copy Markdown
Contributor

Codex review: needs maintainer review before merge. Reviewed June 21, 2026, 2:44 AM ET / 06:44 UTC.

Summary
The PR routes readProviderJsonResponse through readResponseWithLimit with a 16 MiB default cap and optional override, then adds streaming JSON regression coverage.

PR surface: Source +15, Tests +52. Total +67 across 2 files.

Reproducibility: yes. Source inspection shows current main and v2026.6.9 still call unbounded response.json(), and the PR body includes a negative-control stream harness showing the old path reads the full 64 MiB body.

Review metrics: 1 noteworthy metric.

  • Exported helper default: 1 changed default. The default behavior of a published provider HTTP SDK helper changes from unbounded JSON parsing to a 16 MiB rejection cap.

Stored data model
Persistent data-model change detected: serialized state: src/agents/provider-http-errors.test.ts, serialized state: src/agents/provider-http-errors.ts. Confirm migration or upgrade compatibility proof before merge.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • Confirm whether 16 MiB is the intended default cap for the exported plugin SDK helper.

Risk before merge

  • [P1] Existing plugin SDK callers that currently parse successful JSON payloads over 16 MiB will start receiving overflow errors unless maintainers accept that as the public contract.

Maintainer options:

  1. Accept the exported cap
    Maintainers can land the PR as-is if 16 MiB is the intended maximum for successful provider JSON payloads across core and plugin SDK callers.
  2. Adjust the SDK contract first
    If external plugin callers need a different compatibility path, update the helper contract, docs, or focused compatibility tests before merge.

Next step before merge

  • [P2] Maintainer review is needed to accept or adjust the exported SDK default cap; there is no narrow code defect for automation to repair without choosing the API contract.

Security
Cleared: The diff narrows an unbounded provider-response memory exposure and does not change dependencies, workflows, package metadata, secrets, permissions, or artifact execution paths.

Review details

Best possible solution:

Land the bounded JSON reader after maintainers intentionally accept the 16 MiB exported-helper default, or adjust the SDK contract and compatibility coverage before merge.

Do we have a high-confidence way to reproduce the issue?

Yes. Source inspection shows current main and v2026.6.9 still call unbounded response.json(), and the PR body includes a negative-control stream harness showing the old path reads the full 64 MiB body.

Is this the best way to solve the issue?

Yes, with one maintainer-owned compatibility choice. The shared provider HTTP helper is the right owner boundary because callers already funnel through it and the binary sibling uses the same bounded reader; maintainers should confirm the exported SDK default cap.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 06574920dd2d.

Label changes

Label justifications:

  • P2: This is a normal-priority provider runtime hardening fix with limited blast radius and no active outage evidence.
  • merge-risk: 🚨 compatibility: The PR makes an exported plugin SDK JSON helper reject successful responses over the new default byte cap.
  • rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
  • status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (terminal): The PR body includes terminal output from a real-source tsx harness showing an oversized streamed JSON body is cancelled near the cap, plus a negative control and targeted test/lint output.
  • proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes terminal output from a real-source tsx harness showing an oversized streamed JSON body is cancelled near the cap, plus a negative control and targeted test/lint output.
Evidence reviewed

PR surface:

Source +15, Tests +52. Total +67 across 2 files.

View PR surface stats
Area Files Added Removed Net
Source 1 18 3 +15
Tests 1 52 0 +52
Docs 0 0 0 0
Config 0 0 0 0
Generated 0 0 0 0
Other 0 0 0 0
Total 2 70 3 +67

What I checked:

Likely related people:

  • vincentkoc: Added readProviderJsonResponse and its SDK export, added the sibling binary response cap, and recently maintained provider error body reader behavior. (role: recent area contributor; confidence: high; commits: d16f79f49d24, 79691d485847, e802fb8a9fbb; files: src/agents/provider-http-errors.ts, src/agents/provider-http-errors.test.ts, src/plugin-sdk/provider-http.ts)
  • steipete: Moved and shared the provider HTTP error helpers, documented provider HTTP SDK surfaces, and carried package-boundary work around this public subpath. (role: adjacent SDK and provider HTTP contributor; confidence: medium; commits: 70f5c26a71ec, 2c516fe5169c, 059277f83b63; files: src/agents/provider-http-errors.ts, src/plugin-sdk/provider-http.ts, docs/plugins/sdk-subpaths.md)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

@clawsweeper clawsweeper Bot added proof: sufficient ClawSweeper judged the real behavior proof convincing. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. P2 Normal backlog priority with limited blast radius. merge-risk: 🚨 compatibility 🚨 May break existing users, config, migrations, defaults, or upgrade paths. labels Jun 20, 2026
@openclaw-clownfish openclaw-clownfish Bot merged commit 2592f8a into openclaw:main Jun 23, 2026
217 of 227 checks passed
github-actions Bot pushed a commit to Desicool/openclaw that referenced this pull request Jun 23, 2026
Alix-007 added a commit to Alix-007/openclaw that referenced this pull request Jun 23, 2026
Replace the PR-specific 'openclaw#95218' annotation with a neutral description of
the shared provider JSON cap so the comment stays accurate independent of
upstream PR numbering.
wangmiao0668000666 added a commit to wangmiao0668000666/openclaw that referenced this pull request Jun 24, 2026
Replace two raw response.json() calls in pollDashscopeVideoTaskUntilComplete
and runDashscopeVideoGenerationTask with the canonical
readProviderJsonResponse helper (default 16 MiB cap) so a faulty or hostile
DashScope endpoint streaming an unbounded body cannot force the runtime to
buffer the whole payload before parsing. The download path already used
readResponseWithLimit; this aligns the JSON paths with the same byte-cap
invariant.

Sibling of Alix-007's bounded-stream work (openclaw#95108, openclaw#95218, openclaw#95417, openclaw#95418,
openclaw#95420, openclaw#95246); this PR applies the same pattern to the video-generation
call sites in src/video-generation/dashscope-compatible.ts.

Tests: 3 unit tests in src/video-generation/dashscope-compatible.bounded-json.test.ts
covering well-formed parse, oversize body stop-early, and submit-task routing.
Real-environment proof: scripts/repro/issue-dashscope-response-cap.mjs
demonstrates a 32 MiB streaming body stops after 17/32 chunks via the bounded
helper, while raw response.json() on a 2 MiB body buffers the whole payload
before failing on JSON parse.
wangmiao0668000666 added a commit to wangmiao0668000666/openclaw that referenced this pull request Jun 24, 2026
Route the success-path JSON body of `createOpenAiCompatibleImageGenerationProvider`
through `readProviderJsonResponse` instead of `await response.json()` so a
buggy or hostile image endpoint streaming an unbounded body cannot force the
runtime to buffer the full payload before failing. Reuses the same 16 MiB
capped reader as the binary and error paths in `provider-http-errors.ts`,
matching the symmetric bound-stream work in openclaw#95218 (provider JSON), openclaw#95417
(Google prompt cache), openclaw#95418 (OpenRouter model scan), openclaw#95420 (OpenRouter
model capabilities), and openclaw#95246 (live model catalog).

Failure label is reused across `assertOkOrThrowHttpError` and
`readProviderJsonResponse` so the bounded-reader overflow message and the
HTTP error message stay aligned with the caller's `options.failureLabels`.

Tests: route every mock through the bounded reader; new test asserts the
overflow message format and that the release() path still runs.
wangmiao0668000666 added a commit to wangmiao0668000666/openclaw that referenced this pull request Jun 24, 2026
Switches extensions/openai/video-generation-provider.ts:427 from a raw
`await response.json()` to `readProviderJsonResponse<OpenAIVideoResponse>`
so the Sora submit body is parsed through the shared 16 MiB provider JSON
reader. Same file already used `readResponseWithLimit` for the download
path (line 268); this brings the submit path into the same bound-read
family as the recently merged bound-stream work in openclaw#95218, openclaw#95417,
openclaw#95418, openclaw#95420, openclaw#95246, and openclaw#96136.

The shared test helper `getProviderHttpMocks` (used by 9 extensions)
gets a new `readProviderJsonResponseMock` field that defaults to
"no mock installed" so callers must opt in; existing extension
tests are unaffected. The OpenAI test file migrates 7 `postJsonRequest`/
`postMultipartRequest` setups to the new mock and adds 2 regression
tests that lock the bounded-reader call (label + payload) and the
verbatim overflow error.
QiuYuang pushed a commit to QiuYuang/openclaw that referenced this pull request Jul 1, 2026
…law#96035)

* fix(parallel): bound successful web-search JSON response reads

The Parallel web_search provider parsed its /v1/search success body with an
unbounded await res.json(). The body comes from an external web-search
upstream, so a hostile or malfunctioning endpoint streaming an unbounded JSON
payload could force the runtime to buffer the whole response before parsing,
creating memory pressure or a hang on the provider path.

Read the success body through the shared readProviderJsonResponse helper with a
16 MiB cap (matching the provider JSON cap from openclaw#95218); on overflow the stream
is cancelled and a bounded error is thrown. The error-body path was already
bounded (readResponseTextLimited, 8 KiB). Symmetric follow-up to the
openclaw#95103/openclaw#95108 response-limit campaign.

* docs(parallel): drop upstream PR ref from response-cap comment

Replace the PR-specific 'openclaw#95218' annotation with a neutral description of
the shared provider JSON cap so the comment stays accurate independent of
upstream PR numbering.
eleboucher pushed a commit to eleboucher/homelab that referenced this pull request Jul 1, 2026
…026.6.11) (#1344)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/openclaw/openclaw](https://openclaw.ai) ([source](https://github.com/openclaw/openclaw)) | patch | `2026.6.10` → `2026.6.11` |

---

### Release Notes

<details>
<summary>openclaw/openclaw (ghcr.io/openclaw/openclaw)</summary>

### [`v2026.6.11`](https://github.com/openclaw/openclaw/blob/HEAD/CHANGELOG.md#2026611)

[Compare Source](https://github.com/openclaw/openclaw/compare/v2026.6.10...v2026.6.11)

We heard the feedback. v2026.6.11 focuses on the rough edges that make OpenClaw feel less dependable, with fixes for misplaced replies, stuck sends, reconnects, model setup failures, and safer admin defaults.

[Full release notes](https://docs.openclaw.ai/releases/2026.6.11)

##### Highlights

##### Channel delivery reliability

Delivery and reconnect fixes span [Telegram](https://docs.openclaw.ai/channels/telegram), [WhatsApp](https://docs.openclaw.ai/channels/whatsapp), [Matrix](https://docs.openclaw.ai/channels/matrix), [Google Chat](https://docs.openclaw.ai/channels/googlechat), [iMessage](https://docs.openclaw.ai/channels/imessage), [Feishu](https://docs.openclaw.ai/channels/feishu), [Mattermost](https://docs.openclaw.ai/channels/mattermost), [WebChat](https://docs.openclaw.ai/web/webchat), the [Control UI](https://docs.openclaw.ai/web/control-ui), and the [terminal UI](https://docs.openclaw.ai/cli/tui).

- Fixes newer Google Chat direct messages sometimes being treated like group conversations, so they reach the correct one-to-one chat while Space and group-chat messages keep their existing routing. [#&#8203;58993](https://github.com/openclaw/openclaw/pull/58993) Thanks [@&#8203;starhappysh](https://github.com/starhappysh), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Feishu voice replies from OpenClaw now show their duration in the chat bubble, so recipients can see how long the audio is before playing it. [#&#8203;89172](https://github.com/openclaw/openclaw/pull/89172) Related [#&#8203;53798](https://github.com/openclaw/openclaw/issues/53798). Thanks [@&#8203;areslp](https://github.com/areslp), [@&#8203;fxz26284407](https://github.com/fxz26284407), [@&#8203;kinrocw](https://github.com/kinrocw).
- Discord and Telegram replies and mirrored chat history stay tied to the intended conversation more consistently, including across repeated Telegram replies and session changes. [#&#8203;89911](https://github.com/openclaw/openclaw/pull/89911) Thanks [@&#8203;jalehman](https://github.com/jalehman).
- Background image, video, and music results now return to the chat that requested them when the task starts without a full conversation target, instead of appearing to fail after creation or being sent to the wrong peer as the session moves. [#&#8203;89949](https://github.com/openclaw/openclaw/pull/89949) Related [#&#8203;86034](https://github.com/openclaw/openclaw/issues/86034). Thanks [@&#8203;tianxiaochannel-oss88](https://github.com/tianxiaochannel-oss88), [@&#8203;wangwllu](https://github.com/wangwllu).
- Telegram answers now stay attached to the user's current question when they quote an earlier bot message, while quotes of other people's messages still reply to the selected quote. [#&#8203;90475](https://github.com/openclaw/openclaw/pull/90475) Thanks [@&#8203;moeedahmed](https://github.com/moeedahmed).
- QQBot group admins can choose how broadly slash commands are available, and private-only commands now direct users to a private chat instead of being exposed or silently ignored in groups. [#&#8203;92154](https://github.com/openclaw/openclaw/pull/92154) Thanks [@&#8203;sliverp](https://github.com/sliverp).
- Heartbeat checks using reasoning-capable models now show the assistant's intended reply instead of exposing internal reasoning in Telegram, WhatsApp, and other channels, while opt-in Thinking messages still work. [#&#8203;92356](https://github.com/openclaw/openclaw/pull/92356) Related [#&#8203;92260](https://github.com/openclaw/openclaw/issues/92260). Thanks [@&#8203;jmpei](https://github.com/jmpei), [@&#8203;tangtaizong666](https://github.com/tangtaizong666), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Telegram progress-mode chats now clear an old progress bubble before newer tool output or artifacts appear, keeping the conversation in a clean, readable order. [#&#8203;93002](https://github.com/openclaw/openclaw/pull/93002) Related [#&#8203;90753](https://github.com/openclaw/openclaw/issues/90753). Thanks [@&#8203;shadow-enthusiast](https://github.com/shadow-enthusiast), [@&#8203;zhangguiping-xydt](https://github.com/zhangguiping-xydt).
- iMessage command-and-link messages now stay together as one OpenClaw turn when delayed link previews arrive, while unrelated quick messages remain separate for users who enabled same-sender DM coalescing. [#&#8203;93143](https://github.com/openclaw/openclaw/pull/93143) Thanks [@&#8203;omarshahine](https://github.com/omarshahine).
- Successful Discord replies sent through the message tool no longer trigger a misleading failure warning in affected `message_tool_only` source-channel turns. [#&#8203;94072](https://github.com/openclaw/openclaw/pull/94072) Related [#&#8203;93875](https://github.com/openclaw/openclaw/issues/93875). Thanks [@&#8203;chenyangjun-xy](https://github.com/chenyangjun-xy), [@&#8203;hoyanhan](https://github.com/hoyanhan), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- WhatsApp group conversations now preserve the right message and group context more reliably during retries, reconnects, and group changes. [#&#8203;94338](https://github.com/openclaw/openclaw/pull/94338) Related [#&#8203;7433](https://github.com/openclaw/openclaw/issues/7433). Thanks [@&#8203;mcaxtr](https://github.com/mcaxtr), [@&#8203;octopuslabs-fl](https://github.com/octopuslabs-fl), [@&#8203;xialonglee](https://github.com/xialonglee).
- Fixes OpenClaw sometimes replying to its own delayed iMessage echoes when stray leading characters keep the sent message from being recognized. [#&#8203;94442](https://github.com/openclaw/openclaw/pull/94442) Thanks [@&#8203;ly-wang19](https://github.com/ly-wang19).
- Telegram webhook users can keep receiving DMs and group messages through brief channel restarts, configuration reloads, and recovery cycles without temporary message blackouts. [#&#8203;94506](https://github.com/openclaw/openclaw/pull/94506) Related [#&#8203;90254](https://github.com/openclaw/openclaw/issues/90254). Thanks [@&#8203;obviyus](https://github.com/obviyus), [@&#8203;travellingsoldier85](https://github.com/travellingsoldier85), [@&#8203;xialonglee](https://github.com/xialonglee).
- Matrix E2EE gateways can stay online during long-running use instead of gradually consuming memory until a crash takes channels and in-flight work down. [#&#8203;94942](https://github.com/openclaw/openclaw/pull/94942) Related [#&#8203;90455](https://github.com/openclaw/openclaw/issues/90455). Thanks [@&#8203;xzh-icenter](https://github.com/xzh-icenter), [@&#8203;yar-sh](https://github.com/yar-sh).
- Telegram users now see the intended native reaction instead of leaked instructions or a dropped reaction-only reply, with success recorded only after Telegram accepts it. [#&#8203;94977](https://github.com/openclaw/openclaw/pull/94977) Related [#&#8203;71140](https://github.com/openclaw/openclaw/issues/71140). Thanks [@&#8203;cuttingwater](https://github.com/cuttingwater), [@&#8203;hugenshen](https://github.com/hugenshen).
- Telegram progress updates for commands, searches, updates, and API activity now stay readable instead of exposing noisy HTML or code-style rows, with plain-text fallback when Telegram cannot parse the formatting. [#&#8203;95007](https://github.com/openclaw/openclaw/pull/95007) Related [#&#8203;95002](https://github.com/openclaw/openclaw/issues/95002).
- Telegram conversations continued in WebChat now show one assistant reply per turn and keep later replies with the active conversation instead of duplicating answers or sending them back to Telegram. [#&#8203;95069](https://github.com/openclaw/openclaw/pull/95069) Related [#&#8203;94930](https://github.com/openclaw/openclaw/issues/94930). Thanks [@&#8203;heichaowo](https://github.com/heichaowo).
- Google Chat now hides misleading internal failure banners when a tool result is harmless, leaving users with the completed answer while normal assistant text remains unchanged. [#&#8203;95084](https://github.com/openclaw/openclaw/pull/95084) Related [#&#8203;90684](https://github.com/openclaw/openclaw/issues/90684). Thanks [@&#8203;jailbirt](https://github.com/jailbirt), [@&#8203;studentzhou-svg](https://github.com/studentzhou-svg).
- Bound multi-agent channel conversations now load the workspace files for the configured agent instead of the default agent, though previously misfiled conversations may start fresh in the corrected agent store. [#&#8203;95118](https://github.com/openclaw/openclaw/pull/95118) Related [#&#8203;92903](https://github.com/openclaw/openclaw/issues/92903). Thanks [@&#8203;849261680](https://github.com/849261680), [@&#8203;axjing](https://github.com/axjing).
- People sharing an OpenClaw gateway can now assign different models to individual direct-message contacts across supported chat channels, while existing group and wildcard model choices keep working as before. [#&#8203;95120](https://github.com/openclaw/openclaw/pull/95120) Related [#&#8203;53638](https://github.com/openclaw/openclaw/issues/53638). Thanks [@&#8203;gandalf-at-lerian](https://github.com/gandalf-at-lerian), [@&#8203;thomaszta](https://github.com/thomaszta), [@&#8203;xydigit-zt](https://github.com/xydigit-zt).
- Telegram now shows that OpenClaw is still working during short initial previews or progress-mode replies instead of leaving the chat silent until the final message arrives. [#&#8203;95183](https://github.com/openclaw/openclaw/pull/95183) Related [#&#8203;95004](https://github.com/openclaw/openclaw/issues/95004). Thanks [@&#8203;obviyus](https://github.com/obviyus).
- Matrix users and operators now get a clear failure when a homeserver sends an oversized or stalled response, instead of OpenClaw continuing to buffer it and risking unbounded memory use. [#&#8203;95240](https://github.com/openclaw/openclaw/pull/95240) Thanks [@&#8203;alix-007](https://github.com/alix-007).
- Fixes delayed or missing Telegram and other queued channel replies in Kubernetes-style deployments with many injected environment variables, where opening the queue database could stall the gateway. [#&#8203;95278](https://github.com/openclaw/openclaw/pull/95278) Related [#&#8203;94571](https://github.com/openclaw/openclaw/issues/94571). Thanks [@&#8203;kaka-srp](https://github.com/kaka-srp).
- Telegram chats recover after one stuck message times out, allowing later messages in the same chat or topic to reach the agent without restarting the gateway. [#&#8203;95299](https://github.com/openclaw/openclaw/pull/95299) Related [#&#8203;95248](https://github.com/openclaw/openclaw/issues/95248). Thanks [@&#8203;kriegerbangerz-ship-it](https://github.com/kriegerbangerz-ship-it), [@&#8203;mikasa0818](https://github.com/mikasa0818), [@&#8203;obviyus](https://github.com/obviyus).
- When people switch between Telegram and another OpenClaw client in a shared direct conversation, short Telegram replies now follow the latest conversation instead of responding to an older, unrelated Telegram proposal. [#&#8203;95390](https://github.com/openclaw/openclaw/pull/95390) Related [#&#8203;95378](https://github.com/openclaw/openclaw/issues/95378). Thanks [@&#8203;maiduy708](https://github.com/maiduy708), [@&#8203;mikasa0818](https://github.com/mikasa0818), [@&#8203;obviyus](https://github.com/obviyus).
- Fixes completed assistant messages appearing twice in Telegram, Discord, Slack, and other streamed chats after a multi-message reply. [#&#8203;95432](https://github.com/openclaw/openclaw/pull/95432) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc), [@&#8203;yetval](https://github.com/yetval).
- WhatsApp replies now stay attached to the direct or group message being answered instead of appearing as a separate message that loses the conversation context. [#&#8203;95483](https://github.com/openclaw/openclaw/pull/95483) Thanks [@&#8203;mcaxtr](https://github.com/mcaxtr).
- Telegram rich-message replies now keep paragraphs, bullets, and status lines separated instead of collapsing multi-line content into one run-on block, with no configuration change required. [#&#8203;95532](https://github.com/openclaw/openclaw/pull/95532) Related [#&#8203;95409](https://github.com/openclaw/openclaw/issues/95409). Thanks [@&#8203;amknight](https://github.com/amknight).
- Mattermost operators who enable native slash commands can now use `/oc_queue` directly in Mattermost to tune active-run queuing, including its mode, debounce timing, cap, and drop handling. [#&#8203;95546](https://github.com/openclaw/openclaw/pull/95546) Thanks [@&#8203;amknight](https://github.com/amknight).
- Previously allowed messages keep reaching named accounts after legacy multi-account channel upgrades, with inherited DM and group access rules preserved across Mattermost, Discord, Slack, Telegram, Signal, WhatsApp, iMessage, and IRC. [#&#8203;95550](https://github.com/openclaw/openclaw/pull/95550) Thanks [@&#8203;amknight](https://github.com/amknight).
- Mattermost users can keep talking in a thread without mentioning the bot again after it replies, and that participation survives gateway restarts until the thread has been idle for seven days. [#&#8203;95552](https://github.com/openclaw/openclaw/pull/95552) Thanks [@&#8203;amknight](https://github.com/amknight).
- Inbound Telegram messages now reach the configured OpenClaw session promptly instead of sitting unanswered until the next polling interval, a gateway restart, or manual intervention. [#&#8203;95577](https://github.com/openclaw/openclaw/pull/95577) Related [#&#8203;86957](https://github.com/openclaw/openclaw/issues/86957). Thanks [@&#8203;freidrich-goldenflow](https://github.com/freidrich-goldenflow), [@&#8203;liuwqgit](https://github.com/liuwqgit).
- QQBot users now receive complete markdown tables when valid separators use one or two dashes per column, instead of losing the header and all but the final row. [#&#8203;95637](https://github.com/openclaw/openclaw/pull/95637) Thanks [@&#8203;ly-wang19](https://github.com/ly-wang19).
- Synology Chat users can now receive agent replies that take more than 120 seconds when the configured core timeout allows it, instead of having the channel reject them early. [#&#8203;95707](https://github.com/openclaw/openclaw/pull/95707) Thanks [@&#8203;sahibzada-allahyar](https://github.com/sahibzada-allahyar), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Telegram forum-topic cron jobs now keep separately configured failure alerts going to their intended destination, even when the main announcement uses a topic in the same chat. [#&#8203;95794](https://github.com/openclaw/openclaw/pull/95794) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Fixes WhatsApp group replies that could quote an older OpenClaw message instead of the user's triggering message, so final answers stay attached to the intended message when a reply target is available and avoid pointing back to stale bot context when it is not. [#&#8203;95914](https://github.com/openclaw/openclaw/pull/95914) Thanks [@&#8203;mcaxtr](https://github.com/mcaxtr).
- WhatsApp users can approve or deny prompts by reaction without the prompt staying stuck when WhatsApp identifies the same direct chat differently, while group approvals remain tied to the correct group and person. [#&#8203;95935](https://github.com/openclaw/openclaw/pull/95935) Thanks [@&#8203;mcaxtr](https://github.com/mcaxtr).
- Final reply processing now uses less CPU when OpenClaw checks whether block text was already sent, without changing which reply reaches the chat or how duplicate text is suppressed. [#&#8203;96087](https://github.com/openclaw/openclaw/pull/96087) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Exec approval results from external channel plugins now return to the channel or DM where the command started instead of falling back to WebChat or seeming to disappear after approval. [#&#8203;96140](https://github.com/openclaw/openclaw/pull/96140) Related [#&#8203;96103](https://github.com/openclaw/openclaw/issues/96103). Thanks [@&#8203;lansenger-pm](https://github.com/lansenger-pm), [@&#8203;vincentkoc](https://github.com/vincentkoc), [@&#8203;yetval](https://github.com/yetval).
- WhatsApp's final answer now stays quoted to the follow-up message a user just sent when replying to an older OpenClaw message, instead of arriving unquoted or pointing back to the older bot reply. [#&#8203;96220](https://github.com/openclaw/openclaw/pull/96220) Thanks [@&#8203;mcaxtr](https://github.com/mcaxtr).
- Nextcloud Talk bots now ignore ordinary file-share and lifecycle events without logging them as bot errors or risking disabled delivery, while malformed chat payloads still return an error. [#&#8203;96243](https://github.com/openclaw/openclaw/pull/96243) Related [#&#8203;81566](https://github.com/openclaw/openclaw/issues/81566). Thanks [@&#8203;arkyu2077](https://github.com/arkyu2077), [@&#8203;rafaelmgbh](https://github.com/rafaelmgbh), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Replies and message-tool delivery in Mattermost channels now use channel and thread guidance because the agent identifies those conversations as channels rather than group chats, while existing group-chat behavior remains unchanged. [#&#8203;96244](https://github.com/openclaw/openclaw/pull/96244) Related [#&#8203;95645](https://github.com/openclaw/openclaw/issues/95645). Thanks [@&#8203;arkyu2077](https://github.com/arkyu2077), [@&#8203;iloveleon19](https://github.com/iloveleon19), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- MCP channel integrations now keep conversation lists, message reads, event polls, and waits within predictable bounds even when a client requests excessive limits or timeouts. [a39e548](https://github.com/openclaw/openclaw/commit/a39e548ede228aa1978bf9d509613cbed6db0c99) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Long-running streamed auto-replies are less likely to stop early or abort inconsistently when an unusually large timeout is configured. [6c85b90](https://github.com/openclaw/openclaw/commit/6c85b90469f94955ef00c1609e1f1d6fd2cf4ca8) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Channel progress now shows a repeated status when work genuinely returns to it after another update, instead of hiding useful context as a duplicate. [8a75c4d](https://github.com/openclaw/openclaw/commit/8a75c4dd5f3e625a22a7a08c6e1f368798c48111)
- Completed channel replies no longer gain late progress notices, preventing stale status text from appearing after the answer is finished. [a594d2c](https://github.com/openclaw/openclaw/commit/a594d2ce73257326b7ab78adb3c4643245ec9431) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- During streaming channel replies, progress messages now keep showing the latest state instead of getting stuck on an older update. [e114001](https://github.com/openclaw/openclaw/commit/e114001ccafa83b8b366e095a9d7748dfc50c082) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Matrix forced resets now handle unavailable secret storage without a runtime error, treating recovery access as unavailable so the reset path can continue safely. [5c5a8a4](https://github.com/openclaw/openclaw/commit/5c5a8a49d76954b53fefc2463bc7b1d6b960e8fc) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Configured channels now remain visible in `openclaw channels status --json`, while scheduled announcements reject stale entries that have no active plugin to deliver them. [a641c0d](https://github.com/openclaw/openclaw/commit/a641c0d560fd15373e462829facf15fd6a466aeb)
- Discord voice conversations now keep back-to-back assistant responses moving, so a queued reply plays after the previous audio stream closes instead of remaining stuck. [88b64e4](https://github.com/openclaw/openclaw/commit/88b64e4b869e696d99de7417fb52425e9ed67cbf) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Discord progress previews are less likely to stop before the final edits when an agent response has already started arriving. [86ea382](https://github.com/openclaw/openclaw/commit/86ea382121b00e73af4b4c329d0a2447592e4071)
- Chats no longer show stray `NO_REPLY` text when the assistant means to stay silent, while legitimate media responses still arrive without the placeholder. [96c6f80](https://github.com/openclaw/openclaw/commit/96c6f8022c2420826830b11f4353ce855ab2ac5c)
- Telegram streaming replies now show each progress heading once, keeping tool and search updates easier to scan. [013e33c](https://github.com/openclaw/openclaw/commit/013e33c6d3672a980550912442bb1ac5505918aa) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Telegram messages that get stuck after a long-running task, crash, or gateway restart now resume processing automatically, so later messages no longer wait silently or require operators to repair the queue by hand. [#&#8203;97543](https://github.com/openclaw/openclaw/pull/97543) Thanks [@&#8203;romneyda](https://github.com/romneyda), [@&#8203;vincentkoc](https://github.com/vincentkoc).

##### Provider and model recovery

[Model setup](https://docs.openclaw.ai/providers/models), [OpenAI](https://docs.openclaw.ai/providers/openai), [OpenRouter](https://docs.openclaw.ai/providers/openrouter), [opencode-go](https://docs.openclaw.ai/providers/opencode-go), and [fast-mode](https://docs.openclaw.ai/tools/thinking#fast-mode-fast) follow-up behavior now recover more clearly in affected configurations.

- MiniMax text-to-speech and voice notes are less likely to fail because OpenClaw now explicitly requests the audio format it can decode instead of relying on provider defaults. [#&#8203;73079](https://github.com/openclaw/openclaw/pull/73079) Thanks [@&#8203;efe-arv](https://github.com/efe-arv).
- Gateway operators can again see provider, model, request status, and timing details in normal logs, making model-routing and transport problems easier to diagnose without enabling extra debug logging. [#&#8203;89648](https://github.com/openclaw/openclaw/pull/89648) Related [#&#8203;89300](https://github.com/openclaw/openclaw/issues/89300). Thanks [@&#8203;enominera](https://github.com/enominera), [@&#8203;xiaobao-k8s](https://github.com/xiaobao-k8s).
- Models reached through Google, Mistral, OpenAI Responses, Azure OpenAI Responses, and ChatGPT/Codex Responses now receive clean system instructions without OpenClaw's internal cache-boundary marker leaking into the prompt. [#&#8203;89716](https://github.com/openclaw/openclaw/pull/89716) Thanks [@&#8203;enominera](https://github.com/enominera), [@&#8203;masatohoshino](https://github.com/masatohoshino).
- Cron tool calls using Gemini models through OpenAI-compatible providers now run without nullable fields triggering provider schema rejections. [#&#8203;91559](https://github.com/openclaw/openclaw/pull/91559) Related [#&#8203;91542](https://github.com/openclaw/openclaw/issues/91542). Thanks [@&#8203;pick-cat](https://github.com/pick-cat), [@&#8203;qiukui666](https://github.com/qiukui666).
- Provider-qualified model IDs now honor their configured agent runtime policies and CLI aliases instead of unexpectedly falling back to OpenClaw's default runtime. [#&#8203;91724](https://github.com/openclaw/openclaw/pull/91724) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc), [@&#8203;yu-xin-c](https://github.com/yu-xin-c).
- The chat `/models` list and other plugin-aware model or provider selection paths now respond quickly instead of stalling for seconds and consuming a CPU core through repeated setup scans, while plugin changes still refresh normally. [#&#8203;93356](https://github.com/openclaw/openclaw/pull/93356) Thanks [@&#8203;obuchowski](https://github.com/obuchowski).
- Hosted Ollama Cloud users can keep only the models they explicitly configured after a restart, without the full shared catalog being added back, while automatic discovery continues for local and self-hosted Ollama servers. [#&#8203;93956](https://github.com/openclaw/openclaw/pull/93956) Thanks [@&#8203;jason-allen-oneal](https://github.com/jason-allen-oneal).
- Cron jobs can now retry or switch to a configured fallback model when a local provider returns the generic `LLM request failed.` error, instead of failing with the fallback unused. [#&#8203;94062](https://github.com/openclaw/openclaw/pull/94062) Related [#&#8203;93931](https://github.com/openclaw/openclaw/issues/93931). Thanks [@&#8203;hugenshen](https://github.com/hugenshen).
- Expired provider tokens no longer bury useful operator logs under repeated fallback warnings, while the first warning and later duplicate summaries remain available for diagnosis. [#&#8203;94233](https://github.com/openclaw/openclaw/pull/94233) Related [#&#8203;56979](https://github.com/openclaw/openclaw/issues/56979). Thanks [@&#8203;goutamadwant](https://github.com/goutamadwant), [@&#8203;yanan1991](https://github.com/yanan1991).
- Google Gemini 3.5 Flash can now be selected with its full 1,048,576-token context window, avoiding missing-model errors and needless prompt-size rejections. [#&#8203;94726](https://github.com/openclaw/openclaw/pull/94726) Related [#&#8203;94723](https://github.com/openclaw/openclaw/issues/94723). Thanks [@&#8203;ajwan8998](https://github.com/ajwan8998), [@&#8203;anguslogan01](https://github.com/anguslogan01), [@&#8203;kevinat](https://github.com/kevinat).
- Dashboard child sessions now handle allowed provider-qualified model choices consistently and give accurate recovery guidance when saved model state is stale. [#&#8203;94752](https://github.com/openclaw/openclaw/pull/94752) Related [#&#8203;94713](https://github.com/openclaw/openclaw/issues/94713). Thanks [@&#8203;gr4via](https://github.com/gr4via).
- Claude CLI users no longer get promises of completion updates that may never arrive, because OpenClaw now blocks unsupported native background work before it can strand progress. [#&#8203;95008](https://github.com/openclaw/openclaw/pull/95008) Thanks [@&#8203;anagnorisis2peripeteia](https://github.com/anagnorisis2peripeteia).
- OpenClaw now rejects oversized provider catalog or JSON responses with a clear error before buffering the entire response in memory. [#&#8203;95218](https://github.com/openclaw/openclaw/pull/95218) Thanks [@&#8203;alix-007](https://github.com/alix-007).
- OpenRouter users can now select and run the advertised short DeepSeek V4 model IDs without requests failing with `model_not_found` because OpenClaw sent a duplicated provider prefix. [#&#8203;95268](https://github.com/openclaw/openclaw/pull/95268) Related [#&#8203;95198](https://github.com/openclaw/openclaw/issues/95198). Thanks [@&#8203;daniel-alejandro-t](https://github.com/daniel-alejandro-t), [@&#8203;darren2030](https://github.com/darren2030).
- With `/reasoning on`, DeepSeek-style OpenAI-compatible models now show the final answer separately from their reasoning instead of folding it into the reasoning block, with no configuration change required. [#&#8203;95283](https://github.com/openclaw/openclaw/pull/95283) Related [#&#8203;95280](https://github.com/openclaw/openclaw/issues/95280). Thanks [@&#8203;marvinthebored](https://github.com/marvinthebored), [@&#8203;vincentkoc](https://github.com/vincentkoc), [@&#8203;zengwen-dt](https://github.com/zengwen-dt).
- When a Codex subscription reaches its usage limit, OpenClaw now moves to configured fallback models instead of stopping on the failed result, and it does not retry runs that already produced visible output. [#&#8203;95400](https://github.com/openclaw/openclaw/pull/95400) Thanks [@&#8203;jason-allen-oneal](https://github.com/jason-allen-oneal), [@&#8203;sallyom](https://github.com/sallyom).
- LM Studio users can now run quantized or multi-variant local models without false assistant-turn failures or phantom suffixed model entries caused by mismatched model keys. [#&#8203;95401](https://github.com/openclaw/openclaw/pull/95401) Thanks [@&#8203;monkeyleet](https://github.com/monkeyleet).
- Google-backed embedded-agent runs now stop reading oversized or never-ending prompt-cache responses before they can exhaust memory or leave the run stalled. [#&#8203;95417](https://github.com/openclaw/openclaw/pull/95417) Thanks [@&#8203;alix-007](https://github.com/alix-007).
- OpenRouter model scans fail safely on oversized or malformed catalogs instead of risking excessive memory use that can destabilize OpenClaw. [#&#8203;95418](https://github.com/openclaw/openclaw/pull/95418) Thanks [@&#8203;alix-007](https://github.com/alix-007).
- OpenRouter setups now reject oversized model catalogs before they can exhaust OpenClaw's memory, without caching or immediately refetching the failed response. [#&#8203;95420](https://github.com/openclaw/openclaw/pull/95420) Thanks [@&#8203;alix-007](https://github.com/alix-007), [@&#8203;sallyom](https://github.com/sallyom).
- Configured fallback models can now answer when Claude CLI runs out of credits or hits a generic runner failure, instead of leaving users with the failure message as the final response. [#&#8203;95508](https://github.com/openclaw/openclaw/pull/95508) Related [#&#8203;95489](https://github.com/openclaw/openclaw/issues/95489). Thanks [@&#8203;mikasa0818](https://github.com/mikasa0818), [@&#8203;riazrahaman](https://github.com/riazrahaman), [@&#8203;sallyom](https://github.com/sallyom).
- Gemini-backed web searches using `freshness: "day"` or `pd` now complete instead of failing with a provider 400 error, while broader freshness choices and explicit date ranges retain stricter filtering. [#&#8203;95682](https://github.com/openclaw/openclaw/pull/95682) Thanks [@&#8203;sunjae-k](https://github.com/sunjae-k), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Follow-up answers from xAI reasoning models such as Grok Composer now preserve earlier reasoning context more reliably, even when configurable reasoning effort is unsupported. [#&#8203;95686](https://github.com/openclaw/openclaw/pull/95686) Thanks [@&#8203;fuller-stack-dev](https://github.com/fuller-stack-dev), [@&#8203;geraint0923](https://github.com/geraint0923).
- Vercel AI Gateway users can now run models chosen from the live catalog, including live-only model IDs that are absent from OpenClaw's bundled list. [#&#8203;95710](https://github.com/openclaw/openclaw/pull/95710) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Fixes manifest-defined providers turning valid model IDs into broken ones when `stripPrefixes` entries have stray spaces or different casing, so operators and plugin authors get the intended provider model. [#&#8203;95744](https://github.com/openclaw/openclaw/pull/95744) Related [#&#8203;95743](https://github.com/openclaw/openclaw/issues/95743). Thanks [@&#8203;parveshsaini](https://github.com/parveshsaini).
- First-run setup now opens the credential prompt for a newly installed external provider instead of appearing to loop and leaving OpenAI selected. [#&#8203;95792](https://github.com/openclaw/openclaw/pull/95792) Related [#&#8203;95765](https://github.com/openclaw/openclaw/issues/95765).
- Oversized or stalled provider catalogs now fail quickly with a clear error instead of hanging OpenClaw or consuming unbounded memory, while normal catalogs continue to load. [#&#8203;95827](https://github.com/openclaw/openclaw/pull/95827) Thanks [@&#8203;alix-007](https://github.com/alix-007).
- Xiaomi Token Plan users can now use up to 128K output tokens with `mimo-v2.5` and `mimo-v2.5-pro` instead of being stopped at the outdated 32,000-token limit. [#&#8203;95934](https://github.com/openclaw/openclaw/pull/95934) Thanks [@&#8203;idootop](https://github.com/idootop).
- Tool-heavy model responses can stream with less overhead while repeated tool-call IDs and encrypted reasoning details stay matched to the correct call across Google and OpenAI-compatible providers. [#&#8203;95957](https://github.com/openclaw/openclaw/pull/95957) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Token-usage accounting is more reliable for bundled ACPX users because OpenClaw now includes ACPX 0.11.2's persistence fix by default, without a separate package override or manual client update. [#&#8203;96124](https://github.com/openclaw/openclaw/pull/96124) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Ollama Cloud users can now find and select `glm-5.2:cloud` with its 1,000,000-token context window, reasoning, and tool support even when it is absent from the public model list. [11484f8](https://github.com/openclaw/openclaw/commit/11484f8a1483b7c42aa2971de2d88289fcef7046)
- MiniMax image-understanding requests no longer fail before reaching the provider when a timeout is zero, negative, or extremely large; invalid values now use a normal or safe maximum wait. [4b6182e](https://github.com/openclaw/openclaw/commit/4b6182ee2a250005e0c25edfeae4db6ec59b7cb8) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Codex runs now follow the current fast-mode choice instead of carrying over an old speed tier, and the status line clearly shows when fast mode is automatic. [77012f9](https://github.com/openclaw/openclaw/commit/77012f9807851c662e064d05097497a25ab13505) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Codex-backed conversations now return to normal routing after automatic fast mode is cleared, preventing later turns or model changes from reusing a stale priority tier. [8afc1f7](https://github.com/openclaw/openclaw/commit/8afc1f770bbef30a4d2d9957ef26a685c508448c)
- Fallback agent runs now honor each model's configured automatic fast-mode cutoff even when fast mode is overridden for the run, keeping fallback behavior aligned with the selected model policy. [efd3172](https://github.com/openclaw/openclaw/commit/efd3172662ce023eb8d6568b689361536edf06dd)
- Live model-switch retries now preserve the original fast-mode cutoff for long-running sessions, while explicit fast mode avoids misleading automatic-cutoff progress messages. [d990115](https://github.com/openclaw/openclaw/commit/d990115d1972fdf4361884a29bbf8396f33e5cba) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Embedded agent runs now keep automatic fast mode working consistently through retries and progress updates without confusing it with a manually selected fast-mode setting. [cf1b6fe](https://github.com/openclaw/openclaw/commit/cf1b6fef4403bee7c206299efc4385a7fcb74375) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Fast-mode runs now keep their speed setting through model fallback retries and show the configured automatic threshold in status, avoiding inconsistent retry behavior and an unhelpful generic label. [aa3797c](https://github.com/openclaw/openclaw/commit/aa3797c8d0d74b4502d24852ce6baa70286f2f06) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Agent replies and scheduled cron runs now handle fast-mode fallback retries more reliably, keeping the state needed for the final attempt to finish or report progress correctly. [14e448e](https://github.com/openclaw/openclaw/commit/14e448e0e13db9f194ea16bb98e0f846a67769fd) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Users no longer see a fast-mode reset notice while model fallback attempts are still running; it appears only when the run reaches its final fallback attempt. [6eb72a8](https://github.com/openclaw/openclaw/commit/6eb72a830ece3e2b4c6c85e5a9c2b72b59e0dae9)
- Users and operators now get clearer handling when a configured live model becomes unavailable because OpenClaw recognizes the provider's "selected model was not found" response as a model-not-found failure instead of a generic error. [2405d02](https://github.com/openclaw/openclaw/commit/2405d029d437ee58ab94da800a5b213bc6bf4628) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Qwen and vLLM now preserve existing chat-template settings consistently when thinking is switched on or off, and provider plugins can use the same tested helper. [2ba9d6e](https://github.com/openclaw/openclaw/commit/2ba9d6eabef9427a950bacc47f077200446cb865) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- OpenAI-compatible proxy providers can handle thinking levels and legacy `reasoning_effort` fields more consistently, with plugin developers and provider maintainers using one documented normalization helper across OpenRouter, Kilocode, and the SDK. [35bafea](https://github.com/openclaw/openclaw/commit/35bafea757fab0386292951a3dc2a2d3514f370e)
- Browser and Vite builds can now load the OpenAI ChatGPT Responses provider without a server-only dependency breaking the bundle, while WebSocket failures still appear normally. [8c8eb86](https://github.com/openclaw/openclaw/commit/8c8eb86fff6e843bd391808ceee249ac8c7f5fa5) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- OpenRouter model scans now accept the same larger valid catalogs as runtime discovery while still rejecting oversized responses before they can consume unbounded memory. [ad3b2f4](https://github.com/openclaw/openclaw/commit/ad3b2f4b8827cd73b4c1a6c8288569c0966276fe) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- OpenAI Responses users, including affected Bedrock Mantle GPT-5.x reasoning setups, now get one clean final answer with aligned saved transcripts and replay context instead of dozens of repeated cumulative copies. [#&#8203;92399](https://github.com/openclaw/openclaw/pull/92399) Related [#&#8203;91959](https://github.com/openclaw/openclaw/issues/91959). Thanks [@&#8203;amersheeny](https://github.com/amersheeny), [@&#8203;daimingnj](https://github.com/daimingnj), [@&#8203;phoenixyy](https://github.com/phoenixyy), [@&#8203;pigfoot](https://github.com/pigfoot).
- Scheduled jobs and isolated sessions using opencode-go models now move stalled requests into configured timeout or fallback handling instead of hanging for minutes before ending with a generic `LLM request failed` error. [#&#8203;93965](https://github.com/openclaw/openclaw/pull/93965) Related [#&#8203;93610](https://github.com/openclaw/openclaw/issues/93610). Thanks [@&#8203;forceconstant](https://github.com/forceconstant), [@&#8203;zhangguiping-xydt](https://github.com/zhangguiping-xydt).

##### Session, memory, and trust continuity

[Sessions](https://docs.openclaw.ai/concepts/session), [compaction](https://docs.openclaw.ai/concepts/compaction), [memory](https://docs.openclaw.ai/concepts/memory), [QMD-backed memory](https://docs.openclaw.ai/concepts/memory-qmd), and [Tool Search](https://docs.openclaw.ai/tools/tool-search) retain useful state more consistently, while [Matrix](https://docs.openclaw.ai/channels/matrix) recovery, [tool policies](https://docs.openclaw.ai/gateway/sandbox-vs-tool-policy-vs-elevated), and [approvals](https://docs.openclaw.ai/cli/approvals) stay attached to the intended trust boundary.

- Affected agent conversations using OpenAI Responses can now recover and keep replying after a visible channel response leaves their saved history incomplete, instead of every later turn failing before a reply appears. [#&#8203;84708](https://github.com/openclaw/openclaw/pull/84708) Thanks [@&#8203;anyech](https://github.com/anyech).
- When a Codex-backed agent produces unusually large tool output, saved and replayed conversations now keep its text within the usual size limit while leaving non-text content unchanged. [#&#8203;87912](https://github.com/openclaw/openclaw/pull/87912) Thanks [@&#8203;adrianip0204](https://github.com/adrianip0204).
- Control UI conversations now stay visible and continue in the same session after a sleep, network drop, or Gateway reconnect instead of disappearing when the next message is sent. [#&#8203;89017](https://github.com/openclaw/openclaw/pull/89017) Related [#&#8203;87700](https://github.com/openclaw/openclaw/issues/87700). Thanks [@&#8203;zhangguiping-xydt](https://github.com/zhangguiping-xydt), [@&#8203;asicoe](https://github.com/asicoe).
- Bundled Codex and Copilot integrations now keep mirrored chat history and transcript updates tied to the correct OpenClaw session as storage evolves, while existing file-backed active transcripts continue working during the migration. [#&#8203;89518](https://github.com/openclaw/openclaw/pull/89518) Thanks [@&#8203;jalehman](https://github.com/jalehman).
- WebChat's current-session status now matches the conversation you are actually using, so the session identity, thinking level, token context, and cost details no longer come from the fallback `main` session. [#&#8203;89800](https://github.com/openclaw/openclaw/pull/89800) Related [#&#8203;89773](https://github.com/openclaw/openclaw/issues/89773). Thanks [@&#8203;killo3967](https://github.com/killo3967), [@&#8203;sweetcornna](https://github.com/sweetcornna).
- Your conversation is less likely to lose its context after you press stop during automatic compaction because the compaction request is now cancelled too. [#&#8203;89886](https://github.com/openclaw/openclaw/pull/89886) Related [#&#8203;89868](https://github.com/openclaw/openclaw/issues/89868). Thanks [@&#8203;lykeion-dev](https://github.com/lykeion-dev), [@&#8203;openperf](https://github.com/openperf), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- When cross-agent session access is blocked, OpenClaw now lists all required visibility, agent-to-agent, and allow-list settings, helping operators correct policy configuration instead of chasing a nonexistent agent failure. [#&#8203;90489](https://github.com/openclaw/openclaw/pull/90489) Related [#&#8203;90443](https://github.com/openclaw/openclaw/issues/90443). Thanks [@&#8203;ramitrkar-hash](https://github.com/ramitrkar-hash), [@&#8203;sahibzada-allahyar](https://github.com/sahibzada-allahyar), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- `openclaw memory status` now shows an active light or REM dreaming phase instead of incorrectly reporting `Dreaming: off`, so operators can see that valid memory configurations are enabled. [#&#8203;93113](https://github.com/openclaw/openclaw/pull/93113) Related [#&#8203;67868](https://github.com/openclaw/openclaw/issues/67868). Thanks [@&#8203;agentarclab](https://github.com/agentarclab), [@&#8203;mrossit](https://github.com/mrossit).
- Timed-out QMD memory searches now stop their background work when the agent moves on, preventing abandoned processes from continuing to consume CPU and memory. [#&#8203;93394](https://github.com/openclaw/openclaw/pull/93394) Thanks [@&#8203;alix-007](https://github.com/alix-007).
- Repeated instructions sent after compaction now remain in the conversation, preventing lost turns, orphaned replies, and malformed history that some providers reject. [#&#8203;94328](https://github.com/openclaw/openclaw/pull/94328) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc), [@&#8203;yetval](https://github.com/yetval).
- Memory Wiki's Stale Pages report now leaves durable concept and synthesis pages out of freshness warnings, keeping attention on source and entity pages that may actually need review. [#&#8203;94369](https://github.com/openclaw/openclaw/pull/94369) Thanks [@&#8203;sunnyshu0925](https://github.com/sunnyshu0925), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Long embedded runs with recent progress are now less likely to be interrupted by stale-session recovery, while genuinely stalled runs can still be cleared so queued work continues. [#&#8203;94701](https://github.com/openclaw/openclaw/pull/94701) Thanks [@&#8203;imadal1n](https://github.com/imadal1n), [@&#8203;mrclawfield](https://github.com/mrclawfield).
- Ollama memory search now respects a configured smaller embedding dimension and keeps indexes for different dimensions separate, avoiding incompatible vectors being mixed together. [#&#8203;94811](https://github.com/openclaw/openclaw/pull/94811) Thanks [@&#8203;mushuiyu886](https://github.com/mushuiyu886).
- Memory searches and targeted refreshes now stay connected to the correct OpenClaw session even when transcript filenames change or QMD exports use a different name. [#&#8203;95087](https://github.com/openclaw/openclaw/pull/95087) Thanks [@&#8203;jalehman](https://github.com/jalehman).
- Long-running conversations with screenshots or other images now keep their continuity more consistently when OpenClaw makes room for new messages, instead of repeatedly filling up without moving the retained conversation forward. [#&#8203;95128](https://github.com/openclaw/openclaw/pull/95128) Thanks [@&#8203;yetval](https://github.com/yetval).
- Windows users can now run QMD-backed memory indexing and search through configured absolute `memory.qmd.command` paths, including drive-letter and UNC locations, without OpenClaw stripping the path separators before launch. [#&#8203;95274](https://github.com/openclaw/openclaw/pull/95274) Related [#&#8203;92302](https://github.com/openclaw/openclaw/issues/92302). Thanks [@&#8203;ardooken](https://github.com/ardooken), [@&#8203;ly85206559](https://github.com/ly85206559).
- Usage footers selected with `/usage full` or `/usage tokens` now remain visible after daily or idle session rollover, so users do not have to turn them on again. [#&#8203;95322](https://github.com/openclaw/openclaw/pull/95322) Thanks [@&#8203;litang9](https://github.com/litang9).
- Follow-up replies, reactions, threaded messages, and status checks stay with the chat they belong to after webchat or system activity, while real channel switches still clear outdated routing details. [#&#8203;95467](https://github.com/openclaw/openclaw/pull/95467) Thanks [@&#8203;yetval](https://github.com/yetval).
- Long-running main conversations now keep their prior context when users return after an overnight or delayed follow-up, rather than silently starting over after an otherwise normal completion. [#&#8203;95472](https://github.com/openclaw/openclaw/pull/95472) Thanks [@&#8203;xydt-tanshanshan](https://github.com/xydt-tanshanshan).
- People with large session histories can list, preview, and find sessions without multi-second freezes, while older mixed-case session keys are still migrated at startup. [#&#8203;95699](https://github.com/openclaw/openclaw/pull/95699) Thanks [@&#8203;jalehman](https://github.com/jalehman), [@&#8203;jzakirov](https://github.com/jzakirov).
- Fixes delivered replies sometimes being saved to the wrong conversation history, or omitted from it, when operators use a custom or per-agent `session.store`, improving continuity and auditability for the intended session. [#&#8203;95782](https://github.com/openclaw/openclaw/pull/95782) Related [#&#8203;95781](https://github.com/openclaw/openclaw/issues/95781). Thanks [@&#8203;youngting520](https://github.com/youngting520).
- Saved session-memory summaries now leave out raw model tokens, tool-call blocks, media placeholders, role tags, and stale `NO_REPLY` markers so future conversations keep useful context. [#&#8203;95791](https://github.com/openclaw/openclaw/pull/95791) Thanks [@&#8203;sweetsophia](https://github.com/sweetsophia), [@&#8203;vincentkoc](https://github.com/vincentkoc), [@&#8203;yb0y](https://github.com/yb0y).
- Long-running OpenAI sessions using Codex/ChatGPT OAuth can now compact without a separate API key, whether `/compact` is run manually or triggered automatically. [#&#8203;95831](https://github.com/openclaw/openclaw/pull/95831) Related [#&#8203;95693](https://github.com/openclaw/openclaw/issues/95693). Thanks [@&#8203;sallyom](https://github.com/sallyom), [@&#8203;yui-tien](https://github.com/yui-tien).
- Long, tool-heavy sessions now compact oversized conversations instead of getting stuck when a large tool result appears at the end. [#&#8203;95860](https://github.com/openclaw/openclaw/pull/95860) Related [#&#8203;78478](https://github.com/openclaw/openclaw/issues/78478). Thanks [@&#8203;jw8957](https://github.com/jw8957), [@&#8203;wzhgba](https://github.com/wzhgba), [@&#8203;yetval](https://github.com/yetval).
- When `memory_search` is unavailable because the Node runtime lacks `node:sqlite`, OpenClaw now points users to a compatible runtime instead of sending them through unrelated embedding-provider troubleshooting. [#&#8203;95916](https://github.com/openclaw/openclaw/pull/95916) Thanks [@&#8203;rrrrrredy](https://github.com/rrrrrredy), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Developers and operators inspecting a compacted Copilot session now get its summary, before-and-after token counts, and session details instead of an incomplete result. [#&#8203;96049](https://github.com/openclaw/openclaw/pull/96049) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- The `/stop` and abort commands now keep stopping active runs, clearing queued followups, and ending related subagents promptly even when session keys need canonicalizing or abort metadata cannot be saved. [#&#8203;96201](https://github.com/openclaw/openclaw/pull/96201) Thanks [@&#8203;jalehman](https://github.com/jalehman).
- Voice Wake upgrades now keep existing trigger phrases and routing rules working as OpenClaw moves them from retired settings files into the shared state database. [bdf81a8](https://github.com/openclaw/openclaw/commit/bdf81a825fa3ef66ad2c535c1eeb0bb4e31b6d1b)
- Upgrades from older OpenClaw state layouts now preserve update notifications, check throttling, available-version records, and automatic-update attempt history as that state moves into SQLite. [eb00d49](https://github.com/openclaw/openclaw/commit/eb00d499d16feea600fceef92d575fa30f005649) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Plugin-channel conversations keep their intended session more reliably through startup, doctor checks, and state repairs, with older binding records migrated into OpenClaw's shared database. [9f888d9](https://github.com/openclaw/openclaw/commit/9f888d95e082d50380a66db18ee2e32683e688e0)
- Windows memory-backed session syncing now keeps using the intended transcript file even when path formatting differs. [b3b5b08](https://github.com/openclaw/openclaw/commit/b3b5b08e67a26efd648c7c7d879e5487223cd796) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Embedded agent runs with a missing or blank session key now stay attached to the intended session instead of being sent through inconsistent session routing. [911f853](https://github.com/openclaw/openclaw/commit/911f853b7fc4d819e2175b001662a01eba30453d) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- When a model guesses the wrong tool name, Tool Search and Code Mode now show how to find and retry the correct tool, reducing the risk that long-running sessions get stuck or lose durable memory during compaction. [#&#8203;93374](https://github.com/openclaw/openclaw/pull/93374) Related [#&#8203;92273](https://github.com/openclaw/openclaw/issues/92273). Thanks [@&#8203;mushuiyu886](https://github.com/mushuiyu886), [@&#8203;poison](https://github.com/poison), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Fixes assistant replies disappearing from webchat, Control UI, Feishu, and other embedded conversations after compaction, keeping refreshed chats readable and follow-up requests separate. [#&#8203;95484](https://github.com/openclaw/openclaw/pull/95484) Related [#&#8203;76729](https://github.com/openclaw/openclaw/issues/76729). Thanks [@&#8203;maweibin](https://github.com/maweibin), [@&#8203;njuboy11](https://github.com/njuboy11), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- OpenClaw memory features now keep active, reset, and deleted transcript coverage aligned with configured session stores and agent ownership, making dreaming, QMD exports, indexing, and sync less likely to miss or misattribute conversation history. [#&#8203;96162](https://github.com/openclaw/openclaw/pull/96162) Thanks [@&#8203;jalehman](https://github.com/jalehman).
- Gateway TLS setup now rejects blank certificate or key paths clearly or uses OpenClaw's defaults, avoiding confusing startup and certificate-generation failures while preserving valid paths. [#&#8203;94054](https://github.com/openclaw/openclaw/pull/94054) Thanks [@&#8203;miorbnli](https://github.com/miorbnli).
- Configured plugin policies keep blocking or rewriting sensitive tool calls after Gateway registry changes, reloads, or later hook initialization instead of being silently skipped. [#&#8203;94545](https://github.com/openclaw/openclaw/pull/94545) Thanks [@&#8203;jesse-merhi](https://github.com/jesse-merhi).
- Mobile operators with `operator.approvals` can now see and resolve chat-triggered exec approvals on the iOS device that started the request, including while the app is open, without relying only on push notifications. [#&#8203;95175](https://github.com/openclaw/openclaw/pull/95175) Thanks [@&#8203;joshavant](https://github.com/joshavant).
- Control UI users now get the patched DOMPurify release, reducing exposure to the GHSA-cmwh-pvxp-8882 sanitizer vulnerability without changing how the interface behaves. [#&#8203;95691](https://github.com/openclaw/openclaw/pull/95691) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- "Always allow" approvals for plugin conversation bindings now carry over from the old settings file and are less likely to be lost or overwritten when multiple OpenClaw processes are running. [ae41b00](https://github.com/openclaw/openclaw/commit/ae41b009224b0a8e3a990912503258d4478fb4d0) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Matrix users now see that the active recovery key is required before a forced cross-signing reset can proceed, preventing a second reset from leaving encryption recovery and room-key backups unusable. [#&#8203;95720](https://github.com/openclaw/openclaw/pull/95720) Related [#&#8203;78396](https://github.com/openclaw/openclaw/issues/78396). Thanks [@&#8203;jteddy](https://github.com/jteddy), [@&#8203;vincentkoc](https://github.com/vincentkoc), [@&#8203;xialonglee](https://github.com/xialonglee).

##### Slack router relay mode

[Slack router relay mode](https://docs.openclaw.ai/channels/slack) gives managed and multi-gateway deployments a supported way to centralize incoming Slack traffic while preserving gateway ownership of mentions, threads, and replies.

- Managed Slack deployments can now use a central router to send mentions and ongoing threads to the right OpenClaw gateway while replies still appear through Slack. [#&#8203;94707](https://github.com/openclaw/openclaw/pull/94707) Thanks [@&#8203;pash-openai](https://github.com/pash-openai), [@&#8203;sjf-oa](https://github.com/sjf-oa).

##### Raft External Agent wake bridge

The [Raft channel](https://docs.openclaw.ai/channels/raft) and [Raft plugin](https://docs.openclaw.ai/plugins/reference/raft) now support the local CLI wake path for External Agents.

- Raft External Agent operators can now wake an OpenClaw agent when a workspace has pending work through the supported local CLI bridge, with named profiles and checks for missing CLI prerequisites. [#&#8203;95497](https://github.com/openclaw/openclaw/pull/95497) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).

##### Official plugin installation and repair

[Plugin management](https://docs.openclaw.ai/plugins/manage-plugins) and the [plugin inventory](https://docs.openclaw.ai/plugins/plugin-inventory) now cover more official integrations through normal installation, update, and repair workflows.

- When `plugins.allow` uses a channel or package name instead of the real plugin id, startup guidance now identifies the unmatched entry and shows the discovered plugin ids needed to correct the configuration. [#&#8203;68389](https://github.com/openclaw/openclaw/pull/68389) Related [#&#8203;68352](https://github.com/openclaw/openclaw/issues/68352). Thanks [@&#8203;aym9999](https://github.com/aym9999), [@&#8203;jirboy](https://github.com/jirboy), [@&#8203;lyfuci](https://github.com/lyfuci), [@&#8203;pahuchi-joe](https://github.com/pahuchi-joe), [@&#8203;zmxccxy](https://github.com/zmxccxy).
- Plugin trust warnings for first-time or fresh installs now include a ready-to-copy `plugins.allow` example and commands to list or inspect plugin ids, so users can resolve the warning before trusting or reinstalling plugin code. [#&#8203;78105](https://github.com/openclaw/openclaw/pull/78105) Related [#&#8203;68780](https://github.com/openclaw/openclaw/issues/68780). Thanks [@&#8203;jirboy](https://github.com/jirboy), [@&#8203;pahuchi-joe](https://github.com/pahuchi-joe).
- Codex migrations now work with standard global plugin installs because `openclaw migrate` can find the installed provider instead of failing with `Unknown migration provider`. [#&#8203;89612](https://github.com/openclaw/openclaw/pull/89612) Related [#&#8203;89609](https://github.com/openclaw/openclaw/issues/89609). Thanks [@&#8203;mugabuga](https://github.com/mugabuga), [@&#8203;zerone0x](https://github.com/zerone0x).
- Plugin installs and updates recover from stale OpenClaw-managed dependency pins instead of failing with `npm EOVERRIDE`, without later synchronization downgrading or removing packages users installed explicitly. [#&#8203;91786](https://github.com/openclaw/openclaw/pull/91786) Related [#&#8203;91772](https://github.com/openclaw/openclaw/issues/91772). Thanks [@&#8203;amknight](https://github.com/amknight), [@&#8203;mkdelta221](https://github.com/mkdelta221).
- Channel plugin developers can now carry native sender and conversation identifiers through hooks and selected exec workflows, giving integrations more precise routing without breaking existing sender and chat fields. [#&#8203;91903](https://github.com/openclaw/openclaw/pull/91903) Thanks [@&#8203;lanzhi-lee](https://github.com/lanzhi-lee), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Plugin discovery now repeats fewer blocking filesystem checks during startup, reducing avoidable cold-start work for bundled plugin trees, especially on slower Windows filesystems, without changing bundle discovery behavior. [#&#8203;93919](https://github.com/openclaw/openclaw/pull/93919) Related [#&#8203;76209](https://github.com/openclaw/openclaw/issues/76209). Thanks [@&#8203;ml12580](https://github.com/ml12580), [@&#8203;shenhonglong456-ai](https://github.com/shenhonglong456-ai).
- Plugin Gateway methods now work through `openclaw gateway call` after registration, so plugin authors can use them from scripts and cron jobs instead of hitting an `unknown method` error. [#&#8203;94154](https://github.com/openclaw/openclaw/pull/94154) Related [#&#8203;94127](https://github.com/openclaw/openclaw/issues/94127). Thanks [@&#8203;brycemurray](https://github.com/brycemurray), [@&#8203;pick-cat](https://github.com/pick-cat), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- ClawHub skill discovery and install checks are less likely to stall or crash OpenClaw because oversized or stalled marketplace responses are now stopped before they can exhaust memory. [#&#8203;95226](https://github.com/openclaw/openclaw/pull/95226) Thanks [@&#8203;alix-007](https://github.com/alix-007).
- Pinned official plugins no longer stay on an old release when operators follow the repair advice from `openclaw doctor` or deep gateway status after an upgrade. [#&#8203;95541](https://github.com/openclaw/openclaw/pull/95541) Thanks [@&#8203;ooiuuii](https://github.com/ooiuuii), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Managed npm plugin updates are less likely to break work on a running gateway with missing-module errors, because the older plugin files remain available until a later gateway start cleans them up. [#&#8203;95589](https://github.com/openclaw/openclaw/pull/95589) Thanks [@&#8203;ooiuuii](https://github.com/ooiuuii), [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Official plugin cards for supported brands now show recognizable icons in ClawHub and other catalogs, and plugin authors can provide marketplace artwork through the documented manifest field. [#&#8203;95845](https://github.com/openclaw/openclaw/pull/95845) Thanks [@&#8203;patrick-erichsen](https://github.com/patrick-erichsen).
- Official plugin icons in ClawHub and other catalogs are no longer forced into the same hard-coded color, allowing Simple Icons to use its default artwork instead. [#&#8203;95987](https://github.com/openclaw/openclaw/pull/95987) Thanks [@&#8203;patrick-erichsen](https://github.com/patrick-erichsen).
- Docker users now have an official `openclaw/openclaw` Docker Hub mirror alongside GHCR, with versioned beta releases kept from moving the stable `latest` and `main` aliases. [#&#8203;97122](https://github.com/openclaw/openclaw/pull/97122) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Git-based OpenClaw installs now use the repository's pinned pnpm version even when another global pnpm or surrounding project package manager is present, so setup commands no longer run against the wrong package-manager environment. [bd74a62](https://github.com/openclaw/openclaw/commit/bd74a62118aa4774706359d9494116ded8c1f6e3) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- ClawHub skill-card and update requests now complete or time out predictably even when they receive an unusually large timeout value. [8cd0c11](https://github.com/openclaw/openclaw/commit/8cd0c11227f6f4096d089cd6108d6f2ae31252b7) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Windows users can complete source installs without a llama.cpp setup step blocking or slowing them, and the installer restores their existing shell setting afterward. [ea9065b](https://github.com/openclaw/openclaw/commit/ea9065bc68dd4ff94495b85a7dcb4491cf41b67a) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- More official channel, provider, and web-search plugins can now be installed or repaired through normal external package catalogs while still being recognized from their existing credentials. [#&#8203;95683](https://github.com/openclaw/openclaw/pull/95683) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).

##### Channels and Messaging

##### Additional channel fixes

Additional [Telegram](https://docs.openclaw.ai/channels/telegram) and channel configuration fixes cover narrower delivery and setup problems.

- Telegram reply chains keep cached replies attached after context changes instead of failing when those cached replies are reused. [#&#8203;82909](https://github.com/openclaw/openclaw/pull/82909) Thanks [@&#8203;lidge-jun](https://github.com/lidge-jun).
- Fixes Discord dropping an entire long reply with fenced code blocks when a closing code fence lands near the 2,000-character message limit. [#&#8203;95661](https://github.com/openclaw/openclaw/pull/95661) Thanks [@&#8203;ly-wang19](https://github.com/ly-wang19).
- Slack operators can now store tokens and signing secrets as supported SecretRef inputs, while reads, writes, allowlist and target lookups, and setup checks use the resolved credentials instead of rejecting or misreading the references. [7da955f](https://github.com/openclaw/openclaw/commit/7da955fae4ca2083599aa33a1f93dbfff53cb187) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).
- Channel capability checks now return a clear timeout when an integration stops responding, keeping troubleshooting from hanging in a terminal or automation run. [8ecdb97](https://github.com/openclaw/openclaw/commit/8ecdb97b636e4c3fcc6d142d217327404ae06581) Thanks [@&#8203;vincentkoc](https://github.com/vincentkoc).

##### Providers and Models

##### Additional provider and model fixes

Additional [model configuration](https://docs.openclaw.ai/providers/models) fixes improve selection, usage reporting, status output, and streaming.

- After changing the default model, starting a fresh channel session with `/new` or `/reset` now uses the new default instead of silently reusing the previous cached model, while explicit `/model` overrides remain unchanged. [#&#8203;77339](https://github.com/openclaw/openclaw/pull/77339) Related [#&#8203;77322](https://github.com/openclaw/openclaw/issues/77322). Thanks [@&#8203;mjamiv](https://github.com/mjamiv), [@&#8203;zaynl](https://github.com/zaynl).
- Behind HTTP or HTTPS proxies, Codex/OpenAI usage and quota checks in `openclaw status --usage --json` and the Control UI now retrieve usage windows instead of failing when chatgpt.com is unreachable directly. [#&#8203;93943](https://github.com/openclaw/openclaw/pull/93943) Related [#&#8203;78714](https://github.com/openclaw/openclaw/issues/78714). Thanks [@&#8203;tnzgit](https://github.com/tnzgit), [@&#8203;turbotheturtle](https://github.com/turbotheturtle).
- `/status` now keeps the active model and how to clear a pinned choice on one compact line, so Discord and other chat users can scan model status without a multi-line explanation. [#&#8203;95797](https://github.com/openclaw/openclaw/pull/95797) Thanks [@&#8203;solvely-colin](https://github.com/solvely-colin).
- Anthropic streaming responses now keep interleaved text, thinking, and tool-call updates …
LeonidasLux added a commit to LeonidasLux/openclaw that referenced this pull request Jul 7, 2026
… OOM

Replace unbounded `response.json()` in `callUserTokenService` with
`readProviderJsonResponse(response, "msteams.sso-user-token")` —
the same shared bounded reader already deployed across the codebase
(openclaw#95218, openclaw#96322, openclaw#96495, openclaw#96889). Enforces a 16 MiB default cap
and cancels the underlying stream on overflow.

Closes the last unbounded JSON read on the MSTeams SSO token-exchange
path. Error responses were already bounded via `extractProviderErrorDetail`.

Co-Authored-By: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

agents Agent runtime and tooling merge-risk: 🚨 compatibility 🚨 May break existing users, config, migrations, defaults, or upgrade paths. P2 Normal backlog priority with limited blast radius. proof: sufficient ClawSweeper judged the real behavior proof convincing. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. size: S status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant