Positronick
← Blog
Release

openclaw 2026.6.1

Resilient agent and Codex runs: interrupted tool calls, stale session bindings, compaction handoffs, auth-profile failover, reasoning-tag cleanup, yielded subagents, and generated-media delivery all…

by @openclaw · OpenClaw · Releases
Originally published on github.com →

2026.6.1

Highlights

  • Resilient agent and Codex runs: interrupted tool calls, stale session bindings, compaction handoffs, auth-profile failover, reasoning-tag cleanup, yielded subagents, and generated-media delivery all recover without leaving work stranded. (#85798, #87484, #88182, #89220) Thanks @RomneyDa, @neeravmakwana, @joshavant, @omarshahine, @vincentkoc, @bgmbgm94, and @ksiyuna-claw.
  • Reliable channel and mobile delivery: WhatsApp, iMessage, Discord state, QQBot, and iOS Talk now preserve replies, typing, session state, QR-login recovery, and realtime connections across normal restart and transport failure paths. (#88183, #88866, #88948, #89015, #88231) Thanks @mcaxtr, @omarshahine, @sliverp, @Jensenwgd, @ngutman, @vincentkoc, and @alfredjbclaw.
  • Faster Control UI chat: startup, local drafts, incremental stream rendering, transcript caching, first connect, and post-send cleanup no longer compete with the active conversation. (#88952, #88960, #88998, #89030, #89106) Thanks @vincentkoc and @sallyom.
  • Governed skills and plugins: Skill Workshop proposals, disabled-skill snapshots, support-file approvals, plugin contracts, and external package boundaries are clearer and safer for operators. (#79173, #82326, #89336) Thanks @zeus1959, @sallyom, @RomneyDa, @maverikva, @vincentkoc, and @shakkernerd.
  • Richer operator coordination: Workboard goals, task-backed runs, and SQLite-backed plugin state make multi-agent work and installed-plugin discovery survive reloads cleanly. (#87469, #88794) Thanks @vincentkoc.
  • More dependable providers: Google defaults, provider IDs, model catalogs, OAuth/device-code flows, media timers, and reasoning output now stay valid across hosted and local runtimes. (#88512, #88781, #89343, #89379, #89400) Thanks @1052326311, @charles-openclaw, @zz327455573, @849261680, @xzh-xydt, @azgardtek, @google, @mrbrl, @nyuDSA, @vincentkoc, and @cjalden.

Changes

  • Skills: let the skill_workshop agent tool apply, reject, and quarantine explicit proposals through the guarded review flow. Thanks @shakkernerd and @vincentkoc.
  • Skills: let proposals carry approved support files under standard skill folders, with scanner, hash, and rollback safeguards. Thanks @shakkernerd and @vincentkoc.
  • Skills: let pending proposals be revised in place with versioned, dated proposal frontmatter before approval. Thanks @shakkernerd.
  • Skills: add Skill Workshop with pending proposals, CLI/Gateway review actions, rollback metadata, and the skill_workshop agent tool. Thanks @shakkernerd and @vincentkoc.
  • Skill Workshop: add the Control UI navigation, styled dashboard, proposal today view, revision dialog, file preview modal, searchable preview files, reusable session handoff, and localized strings. Thanks @vincentkoc and @shakkernerd.
  • Plugins: externalize Tokenjuice as the official @openclaw/tokenjuice plugin with npm and ClawHub publish metadata.
  • Plugins: externalize the GitHub Copilot agent runtime as the official @openclaw/copilot plugin with npm and ClawHub publish metadata.
  • iOS: add hosted push relay defaults, realtime Talk playback, and a guarded WebSocket ping path for more reliable mobile sessions. (#88096, #88105, #88231) Thanks @ngutman.
  • iOS: support native iPad display layouts.
  • Android: add installed-app inspection commands, notification picker helpers, and updated-system-app classification.
  • Workboard: add orchestration primitives and agent coordination tools for multi-agent planning and run tracking. (#87469)
  • Workboard: wire task-backed board runs and show task comments in the edit modal.
  • Code mode: add internal namespaces for scoped agent/global sessions and exact namespace tool dispatch. (#88043)
  • Gateway: support Tailscale Serve service names for local service routing.
  • Control UI: add a Dreaming-tab agent selector and propagate the selected agent through Dreaming status, diary, and diary actions. (#78748) Thanks @stevenepalmer, @vincentkoc, and @ttomiczek.
  • Control UI: add calmer chat composer controls, local draft typing state, and first-output latency instrumentation for active chat entry. (#88772, #88998) Thanks @vincentkoc.
  • Plugins: add a SecretRef provider integration manifest contract. (#82326) Thanks @sallyom.
  • Plugin SDK: add typed presentation command actions and the bounded resolve_exec_env hook for plugin-provided exec environment contributions. (#88721) Thanks @vincentkoc.
  • Plugins: persist the plugin install index in SQLite so installed package lookup survives reloads with less filesystem scanning. (#88794) Thanks @vincentkoc.
  • Providers: add MiniMax M3 model support. (#88860)
  • Tools/media: allow validated host-local text document media sends while keeping unsafe plain-text media sends blocked. (#79658) Thanks @simplyclever914.
  • Doctor: add disk space health checks and stabilize post-upgrade JSON probes. Thanks @vincentkoc.
  • Channels: store inbound queues in SQLite and migrate iMessage monitor state to SQLite-backed tracking. (#88797) Thanks @vincentkoc.
  • Skills: add the core skills index and centralize skills runtime loading, status, filtering, and prompt formatting. Thanks @shakkernerd.

Fixes

  • Build: render independent CLI startup metadata help snapshots concurrently to cut cold build-all metadata time.
  • Plugins: stop timed-out package-boundary prep steps by process group so descendant TypeScript/helper processes do not survive local check cleanup. Thanks @vincentkoc.
  • Control UI: serve static assets asynchronously after safe-open checks so large UI files do not block Gateway request handling. Thanks @vincentkoc.
  • Scripts/UI: forward direct wrapper SIGHUP shutdown to child processes so terminal hangups do not leave wrapped dev commands running. Thanks @vincentkoc.
  • Gateway: return the post-expiration pending-work revision from node drains so reconnecting nodes do not observe stale queue revisions after expired items are pruned. Thanks @vincentkoc.
  • Update: keep core updates nonblocking when missing external plugin repair downloads or soft plugin repair warnings would otherwise stall, pin post-core plugin compatibility to the downgraded core version, and still block installed active plugin payload smoke failures. (#84431, #87914, #87952) Thanks @TurboTheTurtle, @Niriakot, @MukundaKatta, @giodl73-repo, @vincentkoc, and @davinci282828.
  • Agents/providers: keep streaming tool-call argument parsing record-shaped when providers emit valid non-object JSON such as null or arrays. Thanks @vincentkoc.
  • Talk: preserve explicit null payloads on controller-created turn and output-audio lifecycle events. Thanks @vincentkoc.
  • Agents/TUI: keep local custom provider runs from loading plugin runtime and auth alias metadata when plugins are disabled.
  • Agents/TUI: restore in-flight TUI run switch-back behavior, keep no-policy native hook fallback available, guard vanished workspaces, and keep lightweight isolated subagents lightweight.
  • Agents/media: keep async image, music, and video generation starts from ending the Codex turn, avoid duplicate generated-media fallbacks, and let mixed requests continue with summaries or other work while media renders in the background. (#89220) Thanks @omarshahine.
  • Agents/Codex: keep public OpenAI API-key profiles from being treated as native Codex app-server auth while preserving persisted Codex OAuth sessions. Thanks @vincentkoc.
  • Agents/Codex: stream Codex app-server final-answer partials to live reply previews, preserve ACP metadata in SQLite, prefer real tool results over synthetic repair output, prevent aborted app-server turn handles from lingering, migrate legacy OpenAI Codex lastGood auth state, and preserve workspace/session metadata through ACP runtime refactors. (#88405, #88724, #88730) Thanks @vincentkoc and @crash2kx.
  • Control UI: keep collapsed tool cards labeled with the tool name and action instead of generic output text. Thanks @shakkernerd and @vincentkoc.
  • Agents/Codex: surface Skill Workshop guidance in Codex app-server prompts when skill_workshop is available. Thanks @shakkernerd and @vincentkoc.
  • Skill Workshop: restore and localize the Control UI board/today view switcher so review workflows keep their intended layout toggle across locales. Thanks @shakkernerd and @vincentkoc.
  • Agents/auth: write auth profiles atomically, dispatch auth failures by type, add force re-login and exhausted-failover recovery, clear legacy auto fallback pins, preserve workspaces during state-only uninstall, and compact before oversized turns so recovery paths avoid partial state. (#85798, #87484, #89181) Thanks @RomneyDa, @neeravmakwana, @vincentkoc, and @bgmbgm94.
  • Skills: skip disabled skill env overrides from stale persisted snapshots so disabled skill apiKey SecretRefs cannot abort embedded or channel turns. (#79072, #79173) Thanks @zeus1959, @maverikva, and @shakkernerd.
  • Skill Workshop: render the Control UI tab from filtered navigation state and keep filtered fallback routing stable. Thanks @vincentkoc and @shakkernerd.
  • CLI: avoid live catalog validation during openclaw agents add, so adding a secondary agent no longer depends on provider catalog availability. (#76284, #88314) Thanks @zhangguiping-xydt and @RicardoUKMX.
  • CLI: harden CLI and plugin edge cases, and keep plugins list --json on the snapshot-only path so plugin sweeps avoid loading the full runtime status graph. (#88896) Thanks @vincentkoc.
  • CLI/desktop: bridge WSL clipboard operations through the shell, recognize manual-update launchd jobs, and keep machine-readable startup output parseable during progress setup. (#88764, #88689) Thanks @alexzhu0, @TurboTheTurtle, @toruvieI, and @deonkretch.
  • Plugins: make PixVerse external-plugin ClawHub metadata explicit and keep it out of bundled dist builds. Thanks @vincentkoc.
  • Plugins: clarify plugin loader failure guidance and treat soft plugin repair warnings as nonfatal so missing or incompatible plugin packages point operators at the right repair path without blocking unrelated work. (#84431) Thanks @TurboTheTurtle and @davinci282828.
  • Plugins: preserve npm plugin roots after blocked installs, skip plugin-local openclaw peer symlinks during rollback snapshots, relink those peers after restore, isolate cached tool runtime siblings, isolate provider catalog projections and web-provider factory failures, and keep private LLM-core declarations bundled so one bad plugin does not poison sibling runtime paths. (#77237, #88767, #88807, #89336) Thanks @vincentkoc, @RomneyDa, and @zhuisDEV.
  • Cron: keep SQLite cron migrations compatible with legacy run-log tables, archived job stores, diagnostic cron names, single-job run-history names, startup cron retries, and legacy one-shot delete-after-run behavior. (#88285, #88294, #89075) Thanks @kip-claw, @Takhoffman, @bennewell35, and @highfly-hi.
  • Cron: keep update delivery validation scoped, harden restart state, and retire MCP runtimes on isolated cron cleanup. Thanks @vincentkoc.
  • Auto-reply: guard dispatcher failure-count probes so missing optional counters do not break SDK-typed recovery paths. (#89318) Thanks @Alix-007, @takhoffman, and @Bigzhangbig.
  • Memory: serialize QMD update/embed writes per store, reduce Linux watcher fan-out, avoid noisy gateway watcher warnings, retry transient FileProvider-backed reads, preserve phase signals on read errors, harden envelope metadata sanitization, reattach Linux native watchers when directories are recreated, and rewrite generated transcript paths on rollover so memory/search state survives concurrent gateway and CLI activity. (#66339, #85931, #89185, #89188, #89246, #85351) Thanks @openperf, @amittell, @RomneyDa, @NianJiuZst, @SakenW, @vincentkoc, @chrisabad, and @richardmqq.
  • Memory: keep vector-disabled FTS indexes from resolving embedding providers during sync and search. Thanks @vincentkoc.
  • Providers: bound generated media downloads from OpenAI, Runway, xAI, MiniMax, BytePlus, DashScope-compatible, FAL, OpenRouter, Google, Vydra, and Comfy providers. Thanks @vincentkoc.
  • Providers: resolve Google defaults to google-generative-ai, register Vertex static catalog rows and gemini-3.1-flash-lite, align Foundry reasoning metadata, skip DeepSeek V4 thinking params on Foundry fallback, use MiniMax account OAuth endpoints, preserve Copilot Claude 1M capabilities, suppress disabled Ollama reasoning output, forward Gemini stop sequences, switch direct Gemini reasoning to native mode, strip provider self-prefixes and Kimi-incompatible Anthropic cache markers, keep OpenAI stop-finished tool calls, and avoid replay ids when the Responses store is disabled. (#88480, #88512, #88781, #89343, #89379, #89400, #76612) Thanks @coder999999999, @BryanTegomoh, @vliuyt, @charles-openclaw, @zz327455573, @849261680, @XuZehan-iCenter, @azgardtek, @1052326311, @google, @mrbrl, @xzh-xydt, @nyuDSA, @vincentkoc, and @cjalden.
  • Providers: cap GitHub Copilot OAuth request timeouts before creating abort signals.
  • Cron: retry recurring jobs after transient model rate limits before waiting for the next scheduled slot.
  • Agents/Codex: keep live session locks during cleanup, recover interrupted CLI tool transcripts, preserve Codex auth and compaction session identity, clear orphan tool state, cap app-server idle timers, and keep media completion delivery retryable. (#88129, #88136, #88141, #88162, #88182) Thanks @joshavant, @vincentkoc, @ssdatye, and @ksiyuna-claw.
  • Chat/UI: show Gateway chat failures as visible assistant messages in the Control UI instead of only setting an invisible error state. Thanks @vincentkoc.
  • Channels: cap Telegram, Discord, WhatsApp, Signal, Feishu, Google Chat, Microsoft Teams, QQBot, Nostr, Zalo, Zalouser, and Nextcloud-style request/retry timers; preserve SMS approval reply routes; keep iMessage typing active during tool work; allow RFC2544 benchmark ranges for QQBot token fetches; and retry WhatsApp QR login 408 timeouts. (#88183, #88948, #88984, #89015) Thanks @omarshahine, @Jensenwgd, @sliverp, @mcaxtr, @vincentkoc, and @alfredjbclaw.
  • Security/config parsing: reject unsafe OAuth/token lifetimes, retry-after delays, inbound timestamps, response body sizes, command timeout config, sandbox observer token TTLs, corrupt shell snapshots, untrusted workspace setup-only channel loads, remote media reference overreads, trajectory export leaks, hooks-token auth reuse, and gateway WebSocket calls after close. (#86953, #87376, #88974, #89354, #89701) Thanks @hxy91819, @coygeek, @pgondhi987, @RomneyDa, @SebTardif, and @vincentkoc.
  • Providers/media: cap local service, model, usage, queue, generated media, TTS, music, workflow polling, and provider OAuth request timers across hosted and local providers.
  • Backup: accept root-relative hardlink targets during backup verification. (#89328) Thanks @abnershang.
  • Agents: keep configured fallback model metadata typed so provider params, context-token caps, and media input limits do not break changed-gate typechecks.
  • Agents: accept hidden sessions_send body aliases before validation while keeping the model-facing message schema canonical. (#88229) Thanks @zhangguiping-xydt and @jsonmez.
  • Chat/UI: preserve startup chat sends during history loading, unblock the initial Control UI chat send, stream chat deltas incrementally, skip markdown parsing while streaming, keep drafts local while typing, guard composer rerenders, cache chat transcript renders, record pending-send paint timing, show the Communication Notifications tab, and honor Chromium executable overrides. (#74715, #88952, #88960, #88998) Thanks @VladyslavLevchuk and @vincentkoc.
  • Channels: stop schema-padded poll modifiers from turning normal send actions into invalid poll sends. (#89601) Thanks @codezz and @takhoffman.
  • Channels: preserve long Feishu streaming replies, recover failed progress draft starts, send visible fallbacks when accepted Feishu turns produce no final reply, preserve external sessions_send routes, persist Discord thread bindings in SQLite, tolerate iMessage self-chat timestamp skew, preserve colon-prefixed slash commands in mention parsing, decode Nostr npub allowlists correctly, and suppress raw provider errors during channel delivery. (#87896, #88749, #88803, #88866) Thanks @MonkeyLeeT, @ArthurNie, @vincentkoc, @SebTardif, and @Lvan185.
  • Config/status/doctor: skip unresolved shell references in state-dir dotenv files, resolve gateway auth secrets during deep status audits, respect explicit PI runtime policy, report runtime tool-schema and gateway health credential errors, clear recovered embedded-run activity, and keep post-upgrade JSON stable. (#88820, #88288, #89731) Thanks @openperf, @RomneyDa, @Alix-007, @vincentkoc, @Iman-Sharif, and @mathias15010.
  • Gateway/session state: list commands from the Gateway plugin registry, harden MCP loopback tool schemas, hide phantom agent-store rows from sessions.list, make task persistence failures explicit, support Tailscale Serve service names, guard Browser/Chrome pending attach aborts, and carry session UUIDs on interactive dispatch events. (#88305) Thanks @rohitjavvadi and @vincentkoc.
  • Gateway/plugins: narrow plugin lookup memoization to the stable plugin/runtime inputs, avoiding repeated lookup work without mixing disabled or filtered plugin state. Thanks @vincentkoc.
  • OpenAI/TTS: handle speed directives for OpenAI TTS voices. (#74089) Thanks @stainlu, @useramuser, and @vincentkoc.
  • Performance: prebuild QA runtime probes with generated plugin assets but without CLI startup metadata.
  • Performance: skip declaration bundling for runtime-only CLI startup and gateway watch build profiles. Thanks @vincentkoc.
  • Performance: reuse prepared provider handles, strict tool schemas, gateway runtime metadata, session maintenance config, plugin metadata, bundled skill allowlists, package-local plugin artifacts, single-entry store writes, and validated/serialized session prompt blobs. Thanks @vincentkoc and @shakkernerd.

Complete contribution record

This audited record covers the complete v2026.5.31-beta.4..v2026.6.1 history: 115 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.

Pull requests

  • PR #88995 perf(ui): guard chat composer controls. Thanks @vincentkoc.
  • PR #88998 perf(ui): keep chat draft local while typing. Thanks @vincentkoc.
  • PR #89012 perf(ui): trace chat first output latency. Thanks @vincentkoc.
  • PR #89019 perf(ui): speed up first global chat sends. Thanks @vincentkoc.
  • PR #86953 fix(plugins): block untrusted workspace setup-only channel loads. Thanks @hxy91819 and @SebTardif.
  • PR #89030 perf(control-ui): prioritize first connect startup. Thanks @vincentkoc.
  • PR #89058 perf(control-ui): hydrate chat startup state. Thanks @vincentkoc.
  • PR #89106 fix(ui): clear chat composer after send. Related #89108. Thanks @sallyom.
  • PR #88974 fix: bound remote media reference reads [AI]. Thanks @pgondhi987.
  • PR #88966 fix: allow admins to approve dependency guard. Thanks @RomneyDa.
  • PR #89169 fix(ci): restore dist cache before artifact builds. Thanks @RomneyDa.
  • PR #85798 fix(agents): actionable copy for exhausted auth-profile failover. Thanks @RomneyDa.
  • PR #88689 Keep JSON CLI output clean during startup. Related #88602. Thanks @alexzhu0 and @toruvieI.
  • PR #85351 fix(memory): retry transient FileProvider-backed reads. Related #85252. Thanks @NianJiuZst and @richardmqq.
  • PR #89188 fix(memory-core): reduce Linux watcher fan-out. Related #89182. Thanks @RomneyDa.
  • PR #88734 docs: refresh ClawHub showcase cards. Thanks @vyctorbrzezowski.
  • PR #89212 test: reset gateway timers at test boundaries. Thanks @RomneyDa.
  • PR #89181 fix(agents): dispatch auth failures by type. Thanks @RomneyDa.
  • PR #89180 enhance(slack): route plugin approvals through native UI. Thanks @kevinslin.
  • PR #89185 fix(memory): warn on gateway watcher FD risk. Related #71335. Thanks @RomneyDa and @chrisabad.
  • PR #89135 fix(ui): render skill workshop tab. Thanks @Solvely-Colin.
  • PR #89246 Revert "fix(memory): warn on gateway watcher FD risk". Thanks @RomneyDa.
  • PR #88948 Keep iMessage typing active during tool work. Related #75847. Thanks @omarshahine and @alfredjbclaw.
  • PR #89220 fix(agents): avoid duplicate generated media fallback. Thanks @omarshahine.
  • PR #88946 Fix live model inference edge cases. Related #44870, #63685, #74305, #83192, #83810, #84109, #84688, #84697, #84804, #85806, #85918, #86808, #87381, #87740, #87768, #88039, #88439, #88456, #88833, #88918, #89008, #89241, #89242. Thanks @86jkuncle and @behroozbc and @SimSef and @tassiocamara and @chac4l and @alfredpennyworthtc-netizen and @shichuzhu and @mz1009-web and @devinallen-07 and @garyd9 and @silvesterxm and @jsompis and @xiaoxuesheng123467 and @TitanBob2026 and @guzzijones and @fenglanhua and @Nassiel and @ge0el and @pigfoot and @yetval and @joshgaskin and @shadow-enthusiast.
  • PR #89305 fix(agents): bypass stale auth for plugin harnesses. Related #85105. Thanks @saphoroth.
  • PR #89297 docs: add ClawHub CLI page. Thanks @Wang-Yeah623 and @Takhoffman.
  • PR #89318 fix(auto-reply): guard missing dispatcher getFailedCounts without weakening the SDK type. Related #89116. Thanks @Takhoffman and @Alix-007 and @Bigzhangbig.
  • PR #89321 fix: honor channel model overrides in agent ingress. Related #60078. Thanks @davidbordenwi.
  • PR #89328 Fix backup verifier for root-relative hardlink targets. Thanks @abnershang.
  • PR #87907 fix(memory): validate memory index identity. Related #83333. Thanks @osolmaz and @jacka-L.
  • PR #89347 fix: repair model provider edge cases. Related #80347, #88357, #45269. Thanks @wherewolf87 and @bottenbenny and @Alfred-claw28.
  • PR #89336 Fix private llm-core leaks in plugin SDK declarations. Thanks @RomneyDa.
  • PR #89015 fix(qqbot): allow RFC2544 benchmark range for token fetch (#88984). Thanks @sliverp and @Jensenwgd.
  • PR #89046 feat(android): add installed apps node command. Thanks @Tosko4.
  • PR #88315 feat(agents): generalized native compaction ownership for CLI backends. Thanks @anagnorisis2peripeteia.
  • PR #89075 fix(memory-core): keep startup cron retries quiet. Related #75889. Thanks @Takhoffman and @bennewell35 and @highfly-hi.
  • PR #89049 fix(idle-timeout): honor provider timeout for no-timeout runs. Thanks @lanzhi-lee.
  • PR #89047 fix: hide sessions_spawn timeout overrides. Thanks @lanzhi-lee.
  • PR #89036 fix(cron): reject blank delivery targets. Thanks @lanzhi-lee.
  • PR #89354 fix: redact trajectory exports consistently. Thanks @pgondhi987.
  • PR #88101 fix(codex): trace app-server thread lifecycle timing. Related #84640. Thanks @ai-hpc and @crash2kx.
  • PR #89243 fix: guard in-band macOS LaunchAgent stop. Related #89174. Thanks @bek91.
  • PR #87339 fix(discord): accumulate reasoning progress deltas. Related #83983. Thanks @giodl73-repo and @xueqingli1.
  • PR #89298 fix(diagnostics): re-queue pending messages after stuck-session recovery aborts ghost run. Related #89208. Thanks @LiLan0125 and @ketos-jona.
  • PR #88821 trace: Correlate channel message diagnostics into one trace. Related #88811. Thanks @bek91.
  • PR #89411 fix: detect shrinkwrapped npm installs. Related #87732. Thanks @jasonftl.
  • PR #87749 fix(messages): preserve inbound audio for message-tool TTS. Related #87708. Thanks @ai-hpc and @nikodim-ai.
  • PR #84431 Treat soft plugin repair warnings as nonfatal. Related #83889. Thanks @TurboTheTurtle and @davinci282828.
  • PR #78005 feat(status): detect externalized plugin version drift in --deep. Thanks @hussein1362.
  • PR #89050 fix(sessions): preserve corrupt-header transcripts. Related #89037. Thanks @charles-openclaw and @yetval.
  • PR #84314 fix: QQBot credential backups bypass gateway state isolation. Related #84313. Thanks @coygeek.
  • PR #89281 fix: repeat doctor state migration repairs. Thanks @RomneyDa.
  • PR #87952 fix(update): pin post-core plugin compatibility to the downgraded core version (#87914). Thanks @MukundaKatta and @giodl73-repo and @Niriakot.
  • PR #89417 refactor: tighten agent harness surfaces.
  • PR #89400 fix(google): add missing gemini-3.1-flash-lite to google-vertex catalog. Related #89390. Thanks @xzh-xydt and @nyuDSA.
  • PR #88699 fix(codex): clear stale context-engine projection after overflow retry. Related #88355. Thanks @SebTardif and @100yenadmin.
  • PR #89379 fix(providers): use native reasoning mode for Gemini instead of tagged. Related #69220. Thanks @849261680 and @mrbrl.
  • PR #84266 Surface unresolved OAuth sidecar auth failures. Related #84252. Thanks @TurboTheTurtle.
  • PR #88879 feat(plugin-sdk): add resolve_exec_env hook. Thanks @lanzhi-lee.
  • PR #89432 fix(qqbot): migrate state stores to sqlite kv.
  • PR #89436 fix(llm): gate OpenAI-compatible reasoning output. Thanks @zz327455573.
  • PR #87703 fix(agents): run before_agent_finalize for embedded agents. Related #87585. Thanks @ai-hpc and @lileilei-camera.
  • PR #89440 fix(llm): keep OpenAI-compatible reasoning streams active. Related #84384. Thanks @teknolojay.
  • PR #88976 fix(mistral): enable prompt cache key compat. Related #83709. Thanks @Alix-007 and @Net-Sentinel.
  • PR #87379 fix: audit and repair hooks token reuse with Gateway auth. Related #87376. Thanks @coygeek.
  • PR #89701 fix(exec): reject corrupt shell snapshots. Thanks @RomneyDa.
  • PR #89601 fix(outbound): stop schema-padded poll modifiers from blocking send. Thanks @codezz and @Takhoffman.
  • PR #89731 fix: backport gateway health credential handling. Thanks @RomneyDa.
  • PR #87484 fix(agents): clear legacy auto fallback pins. Related #87467. Thanks @neeravmakwana and @bgmbgm94.
  • PR #88182 Fix subagent DM completion delivery after yield. Related #88042. Thanks @joshavant and @ksiyuna-claw.
  • PR #88183 fix(whatsapp): retry QR login 408 timeouts. Thanks @mcaxtr.
  • PR #88866 Persist Discord thread bindings in SQLite.
  • PR #88231 fix(ios): guard websocket ping continuation. Thanks @ngutman.
  • PR #88952 perf(ui): cache chat transcript renders. Thanks @vincentkoc.
  • PR #88960 perf(ui): record pending send paint timing. Thanks @vincentkoc.
  • PR #79173 fix: skip disabled skill snapshot env overrides. Related #79072. Thanks @zeus1959 and @maverikva.
  • PR #82326 Add plugin manifest contract for SecretRef provider integrations. Thanks @sallyom.
  • PR #87469 feat: add core session goals.
  • PR #88794 Persist plugin install index in SQLite.
  • PR #88512 fix: resolve google provider default API to google-generative-ai. Related #88480. Thanks @1052326311 and @azgardtek.
  • PR #88781 fix(models): strip remaining provider self prefixes. Related #88770. Thanks @charles-openclaw and @cjalden.
  • PR #88096 feat(ios): default to hosted push relay. Thanks @ngutman.
  • PR #88105 feat(ios): add talk tab realtime playback. Thanks @ngutman.
  • PR #88043 feat: add internal code mode namespaces.
  • PR #78748 fix(ui): add agent selector to dreaming tab. Related #63558. Thanks @stevenepalmer and @ttomiczek.
  • PR #88772 feat: calm composer controls.
  • PR #88721 feat(plugin-sdk): add typed presentation command actions.
  • PR #88860 feat(minimax): add MiniMax M3 support.
  • PR #79658 Allow validated TXT/JSON/YAML media sends. Thanks @simplyclever914.
  • PR #88797 Migrate iMessage monitor state to SQLite.
  • PR #88724 fix: persist ACP metadata in SQLite.
  • PR #88730 fix(codex): stream final answer partials. Related #88405. Thanks @crash2kx.
  • PR #88314 fix #76284: [Bug]: openclaw agents add blocked — cannot add Jon/Atlas as separate agents. Thanks @zhangguiping-xydt and @RicardoUKMX.
  • PR #88896 fix: harden CLI and plugin edge cases.
  • PR #88764 fix(update): recognize manual-update launchd jobs. Related #88736. Thanks @TurboTheTurtle and @deonkretch.
  • PR #77237 Preserve managed npm plugin root when install validation blocks update. Thanks @zhuisDEV.
  • PR #88767 fix(plugin-sdk): isolate provider catalog projection failures. Thanks @vincentkoc.
  • PR #88807 fix(plugins): isolate web provider factory failures. Thanks @vincentkoc.
  • PR #88285 Move cron persistence to SQLite.
  • PR #88294 fix(cron): include job name when reading single-job run history. Thanks @kip-claw.
  • PR #85931 fix(memory): serialize qmd update writes across processes to stop SQLITE_BUSY. Related #66339. Thanks @openperf and @SakenW.
  • PR #88129 fix: keep live OpenClaw session locks during cleanup.
  • PR #88136 fix(agents): centralize terminal run outcome precedence. Related #87444. Thanks @ssdatye.
  • PR #88141 fix: route generated media completions through requester agent.
  • PR #88162 fix(agents): extend terminal outcome projections.
  • PR #88229 fix(agents): normalize sessions_send message aliases. Related #88146. Thanks @zhangguiping-xydt and @jsonmez.
  • PR #74715 fix(ui): show Communication Notifications tab. Thanks @VladyslavLevchuk.
  • PR #87896 fix(feishu): fallback when accepted turns send no visible reply. Thanks @ArthurNie.
  • PR #88749 fix(channels): recover failed progress draft starts. Related #83115. Thanks @SebTardif.
  • PR #88803 fix(reply): preserve sessions_send external routes. Related #88044. Thanks @MonkeyLeeT and @Lvan185.
  • PR #88820 fix(diagnostics): clear embedded-run activity when recovery declares lane idle. Related #88660. Thanks @openperf and @Iman-Sharif.
  • PR #88288 fix(config): skip state-dir dotenv values that are unresolved shell references. Related #88274. Thanks @Alix-007 and @mathias15010.
  • PR #88305 fix(browser): isolate Chrome MCP pending attach aborts. Related #88304. Thanks @rohitjavvadi.
  • PR #74089 fix(openai/tts): handle [[tts:speed]] directive in OpenAI speech provider (#12163). Thanks @stainlu and @useramuser.

Release verification