chore(deps): update 1panel/openclaw docker tag to v2026.5.12

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Update	Change
1panel/openclaw (source)	patch	2026.5.7 → 2026.5.12

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

openclaw/openclaw (1panel/openclaw)

v2026.5.12

Compare Source

Changes

• Amazon Bedrock: externalize the Bedrock and Bedrock Mantle provider packages so core installs no longer pull AWS SDK dependencies unless those providers are installed.
• Plugins: externalize Slack, OpenShell sandbox, and Anthropic Vertex so their runtime dependency cones install only when those plugins are installed.
• Control UI/WebChat: add a persisted auto-scroll mode selector so users can keep the current near-bottom behavior, always follow streaming output, or turn automatic streaming scroll off and use the New messages button manually. Fixes #​7648 and #​81287. Thanks @​BunsDev.
• ACP: add acp.fallbacks so ACP turns can try configured backup runtime backends when the primary backend is unavailable before any output is emitted. (#​69542) Thanks @​kaseonedge.
• Gateway/OpenAI HTTP: honor max_completion_tokens and max_tokens on inbound /v1/chat/completions requests so client-provided token caps reach the upstream provider via streamParams.maxTokens, with max_completion_tokens taking precedence when both are sent. Thanks @​Lellansin.
• Models/OpenAI CLI auth: make openclaw models auth login --provider openai start the ChatGPT/Codex account login by default, while --method api-key remains the explicit OpenAI API-key setup path.
• Google/Gemini: normalize retired Gemini 3 Pro Preview ids inside explicit SDK OAuth auth-result config patches, so provider helpers emit google/gemini-3.1-pro-preview for Gemini 3.1 testing.
• Google/Gemini: normalize retired Gemini 3 Pro Preview ids inside SDK OAuth auth-result default config patches, so helper-built provider auth flows emit google/gemini-3.1-pro-preview for Gemini 3.1 testing.
• Google/Gemini: normalize retired Gemini 3 Pro Preview ids returned by direct openclaw models auth login --set-default provider auth flows before writing config, so Gemini testing targets google/gemini-3.1-pro-preview.
• Google/Gemini: normalize retired Gemini 3 Pro Preview ids in per-agent config defaults and auth patches, so agent-specific emitted config keeps targeting google/gemini-3.1-pro-preview.
• Google/Gemini: normalize retired Gemini 3 Pro Preview ids in provider catalog rows when API-key onboarding only reapplies the agent default, so emitted config keeps testing google/gemini-3.1-pro-preview.
• Google/Gemini: normalize retired Gemini 3 Pro Preview ids in config set mutation output for agent overrides and provider catalog rows, so current config emits google/gemini-3.1-pro-preview.
• Google/Gemini: canonicalize provider-qualified retired Gemini 3 Pro Preview refs during Google forward-compatible model resolution, so emitted config uses google/gemini-3.1-pro-preview for Gemini 3.1 testing.
• Google/Gemini: normalize proxy-prefixed retired Gemini 3 Pro Preview catalog rows, so emitted configs use google/gemini-3.1-pro-preview for Gemini 3.1 testing.
• Google/Gemini: normalize retired Gemini 3 Pro Preview ids inside per-agent model overrides before writing config, so agent-specific config emits google/gemini-3.1-pro-preview for Gemini 3.1 testing.
• Google/Gemini: normalize retired Gemini 3 Pro Preview ids in subagent, heartbeat, compaction, and subagent-tool model config during writes, so current config keeps emitting google/gemini-3.1-pro-preview.
• Docs/subagents: document agents.defaults.subagents.announceTimeoutMs in the sub-agent and configuration references. (#​75509) Thanks @​akrimm702.
• Cron: add direct cron.get, openclaw cron get <id>, and agent-tool get support for inspecting one stored cron job by id. (#​75117) Thanks @​samzong.
• Agents/tools: add per-sender tool policies with canonical channel-scoped sender keys, so operators can restrict dangerous tools by requester identity across global, agent, group, core, bundled, and plugin tool surfaces. (#​66933) Thanks @​JerranC.
• ACP: expose Gateway session lineage metadata through ACP session listings and session info snapshots so clients can render subagent graphs without private Gateway side channels. (#​73458) Thanks @​samzong.
• Channels/iMessage: add openclaw channels status --channel <name> filtering and document the BlueBubbles-to-imsg cutover path so operators can probe iMessage without starting both channel monitors. (#​80706) Thanks @​omarshahine.
• CI: add a non-blocking plugin-inspector-advisory artifact to Plugin Prerelease so release runs capture bundled plugin compatibility triage without changing the blocking gate.
• Runtime/Fly: detect Fly Machines as container environments from their runtime env vars, so gateway bind and Bonjour defaults match remote container launches. (#​80209) Thanks @​liorb-mountapps.
• Providers/fal: route GPT Image 2 and Nano Banana 2 reference-image edit requests to /edit with image_urls array, enforce NB2 edit geometry using aspect_ratio and resolution params, lift Fal edit mode input-image caps to 10 for GPT Image 2 and 14 for Nano Banana 2, and allow aspect-ratio hints in edit mode. (#​77295) Thanks @​leoge007.
• Control UI: show a plain HTML recovery panel when the app module never registers, giving blank dashboard pages a retry path and browser-extension troubleshooting link. Fixes #​44107. Thanks @​BunsDev.
• Docs: rename the broad tools nav to Capabilities, keep automation and agent coordination as sections, and keep the tools overview focused on tools, skills, and plugins. https://docs.openclaw.ai/tools
• Build: enable additional low-churn oxlint rules for promise, TypeScript, and runtime footgun checks.
• Build: enable stricter Vitest lint rules for focused, disabled, conditional, hook, matcher, and expectation hazards.
• Build: pin explicit oxfmt defaults in the shared formatter config to keep formatting behavior stable across upgrades.
• TypeScript: enable stricter compiler checks for implicit returns, side-effect imports, overrides, and unused production code.
• Logging: add targeted model transport, payload, SSE, and code-mode diagnostics with redacted URL handling.
• Agents/code mode: add opt-in generic QuickJS-WASI code mode that exposes exec/wait while hiding enabled tools behind a catalog bridge.
• Agents: allow session.agentToAgent.maxPingPongTurns up to 20 while keeping the default at 5 for longer agent-to-agent reply chains. Fixes #​52382. (#​52400) Thanks @​thirumaleshp.
• Agents: add per-agent tools.message.crossContext overrides so sandboxed/public agents can restrict message sends to the current conversation without changing the global bot policy.
• Agents: add per-agent tools.message.actions.allow overrides so sandboxed/public agents can expose and enforce send-only message tools.
• Agents: omit the sandbox workspace marker from compact command progress previews while keeping internal sandbox diagnostics unchanged.
• Agents: widen progress draft command preview lines by 50% so Discord inline tool updates preserve more useful command context.
• Codex app-server: retire timed-out app-server clients after bounded turn interrupts so Discord agents do not reuse a CPU-spinning Codex process after an attempt timeout.
• Codex app-server: default migrated native plugin destructive-action policy to enabled while preserving explicit global and per-plugin false overrides.
• Build: upgrade workspace package management to pnpm 11 and keep Docker, install, update, and release workflows on the pnpm 11 config surface. (#​79414) Thanks @​altaywtf.
• Build: align Telegram QA workflows and git source installs with the pnpm 11 workspace build allowlist surface. (#​80588) Thanks @​altaywtf.
• Models: add provider-level localService startup for on-demand local model servers before OpenAI-compatible requests, including one-shot model probes.
• Agents: trim default system prompt guidance and send-only message tool schemas to reduce prompt tokens while preserving GPT-5 personality guidance.
• Context: add /context map to send a treemap image of the current session context contributors. (#​79867)
• Slack: add unfurlLinks and unfurlMedia config for bot chat.postMessage replies, including per-account overrides, so Slack link and media previews can be suppressed without workspace-wide settings. Fixes #​48435. (#​80145) Thanks @​esegev1 and @​HemantSudarshan.
• Slack: add explicit replyBroadcast support for text and Block Kit thread replies so agents can opt into Slack's parent-channel reply_broadcast behavior. (#​64365) Thanks @​tony88331.
• Slack: preserve mention target/source metadata in inbound prompt context so agents can distinguish direct bot mentions from implicit thread wakes that mention someone else. Fixes #​79025. (#​75356) Thanks @​tmimmanuel.
• Slack: canonicalize outbound delivery-mirror routes for native DM channel IDs to the peer user session so message.send calls to D... targets do not split the same Slack DM thread into a channel session. Fixes #​80091. (#​80111) Thanks @​bek91.
• Plugin SDK: deprecate public subpaths that existed for at least one month and have no bundled extension production imports, keep legacy barrel/test/zod subpath package exports for backwards compatibility, and track both sets in the SDK surface report.
• Plugin SDK: deprecate public subpaths currently used by only one or two bundled plugin owners, keeping them importable while steering new plugin code to focused shared SDK seams or plugin-owned APIs.
• Plugin SDK: remove the owner-specific provider-auth-login public subpath after moving Chutes, GitHub Copilot, and OpenAI Codex auth flows back to provider-owned modules.
• Plugin SDK: remove provider-specific model, stream, and xAI compatibility helpers from public exports after moving bundled callers to provider-owned modules.
• Plugin SDK: expose runtime-supplied active model metadata to native plugin tool factories for diagnostics and plugin-owned policy decisions. Fixes #​77857. Thanks @​jamiezigelbaum.
• QA/Mantis: add Telegram live PR evidence automation with Convex-leased credentials, Crabbox transcript capture, motion GIF previews, and inline PR comments.
• QA/Mantis: add a Telegram desktop scenario builder that leases Crabbox, installs native Telegram Desktop, configures an OpenClaw Telegram gateway with leased bot credentials, and records VNC screenshot/video artifacts.
• Discord/voice: add realtime voice diagnostics for speaker turns, playback resets, barge-in detection, and audio cutoff analysis.
• Talk: add talk.realtime.instructions so operators can append realtime voice style instructions while preserving OpenClaw's built-in agent-consult guidance. (#​79081) Thanks @​VACInc.
• Discord/voice: default test and source installs to the pure-JS opusscript decoder by ignoring optional native @discordjs/opus builds, avoiding slow native addon compiles outside dedicated voice-performance lanes.
• Discord/voice: add an opt-in native @discordjs/opus install script and decoder preference for live voice-performance lanes without charging unrelated Docker/tests for native addon builds.
• Discord/voice: add voice.allowedChannels to restrict voice joins and bot voice-state moves to configured channels while preserving open voice behavior when unset.
• Gateway/skills: add an opt-in private skill archive upload install path gated by skills.install.allowUploadedArchives, so trusted Gateway clients can stage and install zip-backed skills only when operators explicitly enable the code-install surface. (#​74430) Thanks @​samzong.
• Codex app-server: enable Codex native code-mode-only for harness threads so deferred OpenClaw dynamic tools run through Codex's own searchable code execution surface instead of a PI-style wrapper.
• Dependencies: refresh workspace pins and patch targets, including ACPX @agentclientprotocol/claude-agent-acp 0.33.1, Codex ACP 0.14.0, Baileys 7.0.0-rc10, Google GenAI 2.0.1, OpenAI 6.37.0, AWS SDK 3.1045.0, Kysely 0.29.0, Tlon skill 0.3.6, Aimock 1.19.5, and tsdown 0.22.0.
• Dependencies: refresh workspace pins for Anthropic SDK, Smithy shared ini loading, Playwright, YAML, Aimock, TypeScript native preview, Vitest, Oxlint/Oxfmt, Vite, and pnpm 11.1.0.
• Dependencies: hard-pin non-peer direct dependency specs across bundled packages and add a changed-check guard so runtime installs resolve the exact versions tested by maintainers.
• Dependencies: move embedded Pi packages to the @earendil-works namespace, refresh Twitch Twurple packages, and move @openclaw/fs-safe from the GitHub release pin to the published npm package.
• Build: route Testbox changed-check delegation through Crabbox and remove the OpenClaw-specific Blacksmith Testbox helper scripts.
• Agents/compaction: preserve scoped background exec/process session references across embedded compaction and after-turn runtime contexts without exposing sessions from unrelated scopes. Fixes #​79284. (#​79307) Thanks @​TurboTheTurtle.
• Agents/process: tell agents to inspect background sessions with process log before sending interactive input and to use waitingForInput/stdinWritable hints from log/poll.
• CLI/onboarding: improve setup, onboarding, configure, and channel command wayfinding so terminal flows explain the next useful command instead of relying on terse setup labels.
• Agents/Codex: remove the configurable Codex dynamic-tools profile so Codex app-server always owns workspace, edit, patch, exec, process, and plan tools while OpenClaw integration tools remain available.
• macOS app: update the Peekaboo bridge dependency to Peekaboo 3.0.0.
• Dependencies: refresh workspace pins and move the WhatsApp plugin from @whiskeysockets/baileys to baileys while keeping the 7.0.0-rc10 runtime.
• Plugin SDK: add bundled-plugin session actions, sendSessionAttachment, and Cron-backed scheduleSessionTurn/tag cleanup under the grouped session namespace. Replaces #​75578/#​75581/#​75588 and part of #​73384/#​74483. Thanks @​100yenadmin.
• Plugin SDK/media-understanding: add extractStructuredWithModel(...) plus the optional provider-side extractStructured(...) seam so trusted plugins can run bounded image-first structured extraction with optional supplemental text context through provider-owned runtimes such as Codex.
• Exec approvals: add tools.exec.commandHighlighting so parser-derived command highlighting in approval prompts can be enabled globally or per agent. (#​79348) Thanks @​jesse-merhi.
• Codex app-server: mirror native Codex subagent spawn lifecycle events into Task Registry so app-server child agents appear in task/status surfaces without relying on transcript text. (#​79512) Thanks @​mbelinky.
• Skills: add skills.load.allowSymlinkTargets so intentional symlinked skill folders can resolve into trusted sibling repos without disabling root containment.
• Agents/tools: add core Tool Search so agents can search and call large OpenClaw, MCP, and client tool catalogs through one compact PI bridge.
• Doctor: warn when a per-agent model config omits the fallbacks key and agents.defaults.model.fallbacks is non-empty. Covers both string-form ("model": "...") and partial-object form ("model": { "primary": "..." }) — both silently clobber the defaults chain at runtime. Use "fallbacks": [] to explicitly opt out of fallbacks, or add "fallbacks": [...] to inherit or override. Fixes #​79369.
• Chat commands: add /think default and /fast default to clear session overrides and inherit configured/provider defaults. (#​79385) Thanks @​VACInc.
• Dependencies: refresh workspace dependency pins and lockfile, including @openai/codex 0.130.0, acpx 0.7.0, AWS SDK 3.1044.0, OpenTelemetry 0.217.0, typebox 1.1.38, vite 8.0.11, oxfmt 0.48.0, and oxlint 1.63.0, and update the Codex harness model snapshot for the new bundled app-server catalog.
• Plugins/install: add guarded plugin install overrides so onboarding and repair tests can route specific plugins to registry specs or local npm pack artifacts via environment variables.
• Tests/Docker: add Codex on-demand install and live plugin-tool dependency E2E lanes for packaged onboarding and npm-pack plugin proof.
• Plugins/ACPX: accept an optional args array in agents.<name> config so paths and flag values containing spaces stay intact when spawning ACP agent processes. Thanks @​TheArchitectit and @​BunsDev.
• Agents: inject the current provider/model identity into system prompts, including configured prompt overrides and CLI hook prompt replacements, so agents can answer model-identity questions from the actual runtime selection.
• Agents/subagents: add prompt-only agents.defaults.subagents.delegationMode and per-agent overrides with suggest/prefer modes, and centralize config-backed system prompt resolution across embedded, CLI, compaction, and command-export prompt surfaces.
• Agents/subagents: add stronger delegation orchestration guidance, sessions_yield wait guidance, stable taskName aliases, and active-child runtime prompt context for spawned sub-agent work.
• Plugins/CLI: add the optional bundled oc-path plugin, providing openclaw path for surgical oc:// access to markdown, JSONC, and JSONL workspace files.
• Plugins/SDK: add unified model catalog registration for text, image, video, and music providers, including providerCatalogEntry manifests, shared media list help, live catalog caching, and per-model video capability overlays.
• Plugin SDK: add presentation helpers for controls-only interactive rendering and opt-in empty fallback text so rich channel renderers can share MessagePresentation semantics without duplicating native cards or components.
• CLI: make parser, startup, config, guardrail, channel, agent, task, session, and MCP failures explain what happened and point to the next recovery command.
• GitHub Copilot: refresh the model catalog from ${baseUrl}/models so per-account entitlement and accurate context windows surface at runtime; static manifest catalog (now including gpt-5.5) remains the fallback when discovery is disabled or the API is unreachable.
• Active Memory: support concrete plugins.entries.active-memory.config.toolsAllow recall tool names for custom memory plugins while keeping the built-in memory-core default on memory_search/memory_get and preserving memory_recall automatically for plugins.slots.memory: "memory-lancedb".
• Active Memory: report normal NONE recall decisions as status=no_relevant_memory, keep unavailable and failed recall paths distinct, and avoid caching no-summary recall results so ordinary no-context turns no longer look like broken status=empty memory. Fixes #​79812. (#​80015) Thanks @​TurboTheTurtle.
• Telegram: share the grammY API throttler across polling and ad hoc send clients for the same bot token, so visible draft previews and CLI sends use one quota gate. Thanks @​anagnorisis2peripeteia.
• Feishu: resolve group policy/tool context from the trusted chat target for group turns while keeping the speaker in From, so @​mention replies do not drop the configured group id. Fixes #​79457. Thanks @​greyxiong.
• Telegram/Feishu: honor configured per-agent and global reasoningDefault values when deciding whether channel reasoning previews should stream or stay hidden, addressing the preview-default part of #​73182. Thanks @​anagnorisis2peripeteia.
• QQBot: mark recognized framework slash commands as text-command turns before reply dispatch so /models, /status, and /new responses stay visible in QQ Bot C2C conversations. Fixes #​79310. Thanks @​rollingshmily.
• Docker: run the runtime image under tini so long-lived containers reap orphaned child processes and forward signals correctly. (#​77885) Thanks @​VintageAyu.
• Logging/redaction: redact quoted HTTP client secret fields and auth/cookie headers in shared log and formatted error output. Related #​71211 and #​65623. (#​75033) Thanks @​liaoandi.
• Gateway/SDK: document and stabilize the task ledger RPC surface for tasks.list, tasks.get, and tasks.cancel, including generated Swift model typing for optional task summaries. Thanks @​BunsDev.
• Google/Gemini: normalize retired google/gemini-3-pro-preview and google-gemini-cli/gemini-3-pro-preview selections to google/gemini-3.1-pro-preview before they are written to model config.
• Google/Gemini: emit canonical google/gemini-3.1-pro-preview ids from configured provider catalog rows so model list and selection paths can test Gemini 3.1 instead of retired Gemini 3 Pro.
• Google/Gemini: normalize nested proxy-provider catalog ids like google/gemini-3-pro-preview to google/gemini-3.1-pro-preview, so Kilo-style configured catalogs test Gemini 3.1 instead of the retired Gemini 3 Pro id.
• Google/Gemini: canonicalize provider-onboarding model alias maps so setup flows preserve settings under google/gemini-3.1-pro-preview instead of re-emitting retired Gemini 3 Pro config keys.
• Google/Gemini: canonicalize retired Gemini 3 Pro Preview ids inside Google dynamic model resolution so runtime clones also use google/gemini-3.1-pro-preview.
• Google/Gemini: canonicalize provider-auth default model results before setup hooks and picker returns so auth flows do not re-emit retired google/gemini-3-pro-preview selections.
• Amazon Bedrock: support serviceTier parameter for Bedrock models, configurable via agents.defaults.params.serviceTier or per-model in agents.defaults.models. Valid values: default, flex, priority, reserved. (#​64512) Thanks @​mobilinkd.
• Control UI: read the Quick Settings exec policy badge from tools.exec.security instead of the non-schema agents.defaults.exec.security path, so configured full/deny values render accurately. Fixes #​78311. Thanks @​FriedBack.
• Control UI/usage: add transcript-backed historical lineage rollups for rotated logical sessions, with current-instance vs historical-lineage scope controls and long-range presets so usage history stays visible after restarts and updates. Fixes #​50701. Thanks @​dev-gideon-llc and @​BunsDev.
• Agents/failover: harden state-aware lane suspension by persisting quota resume transitions, restoring configured lane concurrency, preserving non-quota failure reasons, and exporting model failover events through diagnostics OTLP. Thanks @​BunsDev.
• Control UI/Windows: add the SPA-side WebView2 bridge for native hosts so draft text can update the chat composer and the ready handshake is wired through the app lifecycle. (#​69633) Thanks @​AlexAlves87.
• Channels/streaming: make progress draft labels scroll away with other progress lines, render structured tool rows as compact emoji/title/details, show web-search queries from provider-native argument shapes, and skip empty Discord apply-patch starts until a patch summary exists. (#​79146)
• Runtime/performance: avoid full-array sorting while auto-selecting providers, resolving supported thinking levels, picking node last-seen timestamps, and extracting Codex usage-limit messages. Thanks @​shakkernerd.
• Plugins/doctor: avoid full-array sorting while selecting ClawHub search/archive results and bounded dreaming doctor entries. Thanks @​shakkernerd.
• Agents/compaction: keep contributor diagnostics to a bounded top-three selection without sorting the full history. Thanks @​shakkernerd.
• Sessions/UI: avoid full-array sorting while selecting ACPX leases, Google Meet calendar events, and latest chat sessions. Thanks @​shakkernerd.
• Plugin SDK: mark direct deliverOutboundPayloads and legacy reply-dispatch bridges as deprecated compatibility substrate, enrich sendDurableMessageBatch with explicit durable send outcomes, migrate bundled send/turn paths off deprecated APIs, and enforce the split with check:deprecated-api-usage.
• OpenAI/Talk: let browser realtime Talk, Gateway relay/Voice Call realtime bridges, and OpenAI realtime transcription use openai-codex OAuth when no direct API key is configured, make Google Meet test_speech honor mode: "bidi", expose Control UI launch options for provider/model/voice/transport/VAD/reasoning, and update the default OpenAI realtime voice model to gpt-realtime-2. Thanks @​Solvely-Colin.
• Telegram: preserve the channel-specific 10-option poll cap in the unified outbound adapter so over-limit polls are rejected before send. (#​78762) Thanks @​obviyus.
• Telegram/streaming: continue over-limit draft previews in a new message instead of stopping when rendered preview text crosses Telegram's message limit. (#​74508) Thanks @​anagnorisis2peripeteia.
• Slack: route handled top-level channel turns in implicit-conversation channels to thread-scoped sessions when Slack reply threading is enabled, keeping the root turn and later thread replies on one OpenClaw session. (#​78522) Thanks @​zeroth-blip.
• Telegram: re-probe the primary fetch transport after repeated sticky fallback success so transient IPv4 or pinned-IP fallback promotion can recover without a gateway restart. Fixes #​77088. (#​77157) Thanks @​MkDev11.
• Agents/harness: skip tool-result middleware validation when no handler is registered, and sanitize incoming tool result details (functions, symbols, bigints, cycles, oversized payloads) before middleware sees them. Tool emitters legitimately produce raw dependency payloads on details, and the harness owes any registered middleware a JSON-safe view of that payload; otherwise a no-op middleware (e.g. bundled tokenjuice on the pi runtime) causes the validator to reject every tool result and silently substitute a failure sentinel, dropping outbound Discord messages, exec output, cron results, and any other tool whose payload carries non-serializable values. Thanks @​solomonneas.
• Runtime/install: raise the supported Node 22 floor to 22.16+ so native SQLite query handling can rely on the node:sqlite statement metadata API while continuing to recommend Node 24. (#​78921)
• Discord/voice: make duplicate same-guild auto-join entries resolve to the last configured channel so moving an agent between voice channels does not keep joining the stale channel.
• Discord/voice: add realtime /vc modes so Discord voice channels can run as STT/TTS, a realtime talk buffer with the OpenClaw agent brain, or a bidi realtime session with openclaw_agent_consult.
• Discord/voice: add bounded realtime gateway logs for voice channel joins, realtime model/voice selection, transcripts, consult routing/answers, and playback start, allow OpenAI realtime Discord sessions to disable input-triggered response interruption for echo-heavy rooms while keeping explicit Discord barge-in available for new and already-active speakers, and allow voice turns to target an existing Discord channel agent session.
• Discord/voice: add voice.realtime.minBargeInAudioEndMs and let the realtime provider own playback clearing, so speaker echo no longer cuts OpenAI realtime model audio at audioEndMs=0 while low-echo rooms can opt back into immediate barge-in with 0.
• Discord/voice: make agent-proxy the default voice mode so realtime voice acts as the microphone/speaker extension of the routed OpenClaw agent session, with stt-tts remaining available as an explicit fallback.
• Discord/voice: route default agent-proxy realtime turns through the OpenClaw consult handoff with owner-level tool access and a forced-consult transcript fallback, matching the Codex-style voice front end while keeping the routed agent authoritative.
• Discord/voice: keep OpenAI realtime bidi consults quiet while the supervisor agent is still working, accept Codex-style conversation.item.done function-call events, and preserve continuing tool results through the gateway relay so the OpenAI realtime bridge reliably routes consults before speaking the final answer.
• Discord/voice: include a bounded one-line STT transcript preview in verbose voice logs so live voice debugging shows what speakers said before the agent reply.
• Codex app-server: pin the managed Codex harness and Codex CLI smoke package to @openai/codex@0.129.0, defer OpenClaw integration dynamic tools behind Codex tool search by default, and accept current Codex service-tier values so legacy fast settings survive the stable harness upgrade as priority.
• Codex app-server: annotate message-tool-only direct chat turns in the dynamic message tool spec so visible replies are sent through message(action="send") instead of staying private. (#​79704)
• Agents/PI: route explicit OpenAI Codex Responses runs through PI's native WebSocket-capable transport and remove OpenClaw's custom OpenAI Responses WebSocket stack while preserving auth injection, run abort signals, and prompt cache boundary stripping.
• Models/config: allow compat.thinkingFormat values qwen and qwen-chat-template for configured OpenAI-compatible Qwen models, preserving them through catalog normalization and mapping /think levels to enable_thinking or chat_template_kwargs.enable_thinking. Fixes #​79677. (#​79777) Thanks @​indulgeback.
• Codex app-server: default implicit local stdio app-server permissions to guardian when Codex system requirements disallow the YOLO approval, reviewer, or sandbox value, including hostname-scoped remote sandbox entries, avoiding turn-start failures on managed hosts that permit only reviewed approval or narrower sandboxes.
• Plugins/install: run managed npm-root install, uninstall, prune, and repair commands from the managed root without a redundant --prefix ., avoiding npm 10.9.3 Arborist crashes on native Windows WhatsApp plugin installs. Fixes #​78514. (#​78902) Thanks @​melihselamett-stack.
• Config/schema/Windows: detect direct execution of the base config schema generator with pathToFileURL so Windows paths with backslashes still run the --check and --write command body. (#​52989) Thanks @​easyteacher.
• Discord/voice: stream ElevenLabs TTS directly into Discord playback and send ElevenLabs latency optimization as the documented query parameter so spoken replies can start sooner.
• Discord/voice: keep TTS playback running when another user starts speaking, ignore new capture during playback to avoid feedback loops, and downgrade expected receive-stream aborts to verbose diagnostics.
• iMessage: expose native private-API message actions through imsg rpc for reactions, edits, unsends, replies, rich sends, attachments, and group management when imsg status --json reports the required bridge capabilities.
• Gateway/tasks: reconcile stale CLI run-context tasks whose live run context disappeared even when a child session row remains, and apply the default bounded reload deferral timeout to channel hot reloads so stale task records cannot block Discord/Slack/Telegram reloads forever.
• Gateway/heartbeat: keep stripped HEARTBEAT_OK acknowledgements out of pending final-delivery replay and let recent ack-only pending state proceed to the next heartbeat run instead of creating a self-refreshing requests-in-flight loop. Fixes #​79258. Thanks @​haumanto.
• Gateway/sessions: keep session-store index writes atomic while skipping durable fsync inside the writer lock, reducing cron and channel-turn starvation on slow filesystems and addressing the session-store strand of #​73655. Thanks @​mmartoccia.
• Discord/voice: make openclaw channels capabilities --channel discord --target channel:<id> and channels status --probe audit voice-channel permissions, including auto-join targets, so missing Connect/Speak/Read Message History permissions show up before /vc join.
• Gateway/restart: expose skipDeferral on the gateway.restart.request RPC and add openclaw gateway restart --safe --skip-deferral so operators can bypass the safe-restart deferral gate when a pinned task run prevents the OpenClaw-aware restart from draining. Surfaces the existing internal scheduleGatewaySigusr1Restart({ skipDeferral }) semantics added in #​71637 to a public surface, complementing gateway.reload.deferralTimeoutMs. Refs #​76162. Thanks @​solomonneas.
• Discord/streaming: default Discord replies to progress draft previews so tool/work activity appears in one edited Discord message unless channels.discord.streaming.mode is set to off.
• OpenAI/realtime: default realtime voice to gpt-realtime-2, use the GA Realtime WebSocket session shape for backend OpenAI bridges, and cover backend, WebRTC, Google Live, and Gateway relay paths in the live Talk smoke. (#​79130)
• Update/Windows: spawn the post-core-update child process with stdio:"pipe" on Windows so PowerShell/CMD console handles are not inherited, preventing the terminal from hanging after openclaw update completes. Fixes #​78445. (#​78483) Thanks @​Beandon13.
• Plugins/install: add npm-pack:<path.tgz> installs so local npm pack artifacts run through the same managed npm-root install, lockfile verification, dependency scan, and install-record path as registry npm plugins.
• Channels/plugins: show configured official external channels as missing-plugin status rows and send errors with exact install/doctor repair commands after raw package-manager upgrades leave Feishu or WhatsApp uninstalled. Fixes #​78702 and #​78593. Thanks @​MarkMa84 and @​mkupiainen.
• Matrix: move the Matrix channel back to an official external ClawHub/npm plugin so core installs no longer need Matrix SDK runtime dependencies.
• Matrix: attach com.openclaw.presentation metadata to semantic presentation replies so OpenClaw-aware Matrix clients can render rich buttons, selects, context rows, and dividers while stock clients keep the plain text fallback. (#​73312) Thanks @​kakahu2015.
• Codex app-server: disarm the short post-tool completion watchdog after current-turn activity, expose appServer.turnCompletionIdleTimeoutMs, and include raw assistant item context in idle-timeout diagnostics so status-only post-tool stalls stop failing as idle. Fixes #​77984. Thanks @​roseware-dev and @​rubencu.
• Codex app-server: release the session lane after a completed assistant message item goes quiet without turn/completed, and stop global rate-limit notifications from keeping stuck turns alive.
• Plugin skills/Windows: publish plugin-provided skill directories as junctions on Windows so standard users without Developer Mode can register plugin skills without symlink EPERM failures. Fixes #​77958. (#​77971) Thanks @​hclsys and @​jarro.
• Process tool: show input-wait hints from log and poll for idle interactive background sessions so operators can inspect stuck CLIs and resume them with existing input actions. Fixes #​33957. Thanks @​bitloi and @​vincentkoc.
• Shell env/Windows: hide the login-shell environment probe child window so gateway startup and shell-env refreshes do not flash a console on Windows. Fixes #​78159. (#​78266) Thanks @​BradGroux.
• MS Teams: surface blocked Bot Framework egress by logging JWKS fetch network failures and adding a Bot Connector send hint for transport-level reply failures. Fixes #​77674. (#​78081) Thanks @​Beandon13.
• Windows/restart: skip duplicate scheduled-task /Run calls when the gateway task is already running, using a locale-stable PowerShell task-state probe before retrying. Fixes #​52044. (#​52487) Thanks @​andyk-ms.
• Media/host-read: allow buffer-verified ZIP archives in the host-local media validator so agents can send ZIP attachments via the message tool. Fixes #​78057. (#​78292) Thanks @​Linux2010.
• Gateway/sessions: fast-path already-qualified model refs while building session-list rows so openclaw sessions and Control UI session lists avoid heavyweight model resolution on large stores. (#​77902) Thanks @​ragesaq.
• Contributor PRs: remind external contributors to redact private information like IP addresses, API keys, phone numbers, and non-public endpoints from real behavior proof. Thanks @​pashpashpash.
• ACP bridge: relay Gateway exec approval prompts from active ACP turns to the ACP client's session/request_permission handler before resolving the Gateway approval. Thanks @​amknight.
• Codex/plugins: enable migrated source-installed openai-curated Codex plugins in the same Codex harness thread with explicit codexPlugins config, cached app readiness, and fail-closed destructive-action policy. Thanks @​kevinslin.
• Codex/plugins: enforce native plugin destructive-action policy with Codex app-level destructive_enabled config instead of OpenClaw-maintained per-tool deny lists, leave plugin app open_world_enabled on by default, and invalidate existing plugin app thread bindings so old generated app config is rebuilt. Thanks @​kevinslin.
• QQBot/Skills: translate QQBot skill descriptions surfaced in the Skills UI so English-language users no longer see Chinese metadata. Fixes #​77810. Thanks @​eabase.
• Image generation: include enabled generation providers such as fal in provider discovery even when another image provider is already active. Fixes #​78141. Thanks @​leoge007.
• Slack: keep Socket Mode's native reconnect enabled so transient ping/pong misses can recover without forcing a full provider rebuild. Fixes #​77933. Thanks @​bmoran1022 and @​brokemac79.
• Cron: preserve cron timeout results when an isolated agent turn's cron-nested lane watchdog fires, preventing internal command-lane or model-fallback timeout text from being persisted. Fixes #​77703. (#​78168) Thanks @​brokemac79 and @​transxtech.
• PR triage: mark external pull requests with proof: supplied when Barnacle finds structured real behavior proof, keep stale negative proof labels in sync across CRLF-edited PR bodies, and let ClawSweeper own the stronger proof: sufficient judgement.
• ACPX/Codex: preserve trusted Codex project declarations when launching isolated Codex ACP sessions, avoiding interactive trust prompts in headless runs. Thanks @​Stedyclaw.
• ACPX/Codex: reap stale OpenClaw-owned ACPX/Codex ACP process trees on startup and after ACP session close, preventing orphaned harness processes from slowing the Gateway. Thanks @​91wan.
• ACP bridge: implement stable session list, resume, and close handlers so ACP clients can page Gateway sessions, rebind existing sessions without replay, and close bridge sessions cleanly. Thanks @​amknight.
• ACP bridge: replay complete ledger-backed ACP sessions on load, including user prompts, tool updates, session metadata, and usage snapshots, while keeping older sessions on the existing transcript fallback. Thanks @​amknight.
• ACP sessions: allow parent agents to inspect and message their own spawned cross-agent ACP sessions without enabling broad agent-to-agent visibility. Thanks @​barronlroth.
• Talk/voice: unify realtime relay, transcription relay, managed-room handoff, Voice Call, Google Meet, VoiceClaw, and native clients around a shared Talk session controller and add the Gateway-managed talk.session.* RPC surface.
• Diagnostics/Talk: export bounded Talk lifecycle/audio metrics and session recovery metrics through OpenTelemetry and Prometheus without exposing transcripts, audio payloads, room ids, turn ids, or session ids.
• Logging/Talk: route shared Talk lifecycle events into bounded file and OTLP log records while keeping transcript text, audio payloads, turn ids, call ids, and provider item ids out of logs.
• Voice Call/realtime: add opt-in OpenClaw agent voice context capsules and consult-cadence guidance so Gemini/OpenAI realtime calls can sound like the configured agent without consulting the full agent on every ordinary turn. Thanks @​scoootscooob.
• Telegram/streaming: keep draft preview rotation from reusing a pre-tool assistant preview after visible tool or media output lands between compaction replay and the next assistant message. Thanks @​vincentkoc.
• Telegram/performance: skip non-forum topic-cache setup, defer status reaction variant work until reactions are needed, and reuse ack reaction gating during message context assembly. Thanks @​vincentkoc.
• Telegram/performance: reduce command-menu CPU and allocation work when many native, plugin, and custom commands are registered. (#​79717) Thanks @​drsolveit.
• CLI/migrate: add bulk on/off and skip controls to interactive Codex skill migration, leaving conflicting skill copies unchecked by default. (#​77597) Thanks @​kevinslin.
• CLI/migrate: show native Codex plugin names before truncated plan items and prompt for plugin activation explicitly during interactive Codex migration instead of silently keeping every planned plugin. Thanks @​kevinslin.
• CLI/migrate: leave already configured target Codex plugins unchecked in the interactive plugin selector and show a plugin exists conflict hint while keeping new plugin activations selected by default. Thanks @​kevinslin.
• CLI/migrate: return cleanly without apply confirmation when interactive Codex migration leaves both skill copies and native plugin activations unselected. Thanks @​kevinslin.
• Gateway/sessions: extend the per-call sessions-list rowContext cache with memoization for resolveSessionDisplayModelIdentityRef, thinking metadata, and resolveModelCostConfig so deterministic per-row resolvers run once per unique (provider, model[, agentId]) tuple instead of once per session. Cuts CPU on sessions.list for stores with many sessions sharing a small set of model tuples; behavior is unchanged for callers that pass no rowContext. Thanks @​rolandrscheel.
• Cron CLI: add openclaw cron list --agent <id>, normalize the requested agent id, and include jobs without a stored agent id under the configured default agent while keeping cron list unfiltered when no agent is supplied. Fixes #​77118. Thanks @​zhanggttry.
• Slack/performance: reduce message preparation, stream recipient lookup, and thread-context allocation overhead on Slack reply hot paths. Thanks @​vincentkoc.
• Control UI/chat: strip untrusted sender metadata from live streams and transcript display, preserve canvas preview anchors, and stop operator UI clients from injecting their internal client id as sender identity. Fixes #​78739. Thanks @​tmimmanuel, @​guguangxin-eng, @​hclsys, and @​BunsDev.
• Control UI/chat: collapse consecutive duplicate text messages into one bubble with a count so repeated text-only messages stay compact without hiding nearby context.
• Control UI/chat and Sessions: label inherited thinking defaults separately from explicit overrides while preserving provider-supplied option labels. Fixes #​77581. Thanks @​BunsDev and @​Beandon13.
• Agents/runtime: add prepared runtime foundation contracts for carrying provider, model, tool, TTS, and outbound runtime facts through later reply-path migrations. Thanks @​mcaxtr.
• Control UI/WhatsApp: keep Show QR available for unlinked WhatsApp accounts while switching linked accounts to the explicit Relink action and showing Wait for scan only when a QR is active. Thanks @​BunsDev.
• Gateway/performance: reuse the compatible plugin metadata snapshot across dashboard and channel agent turns so auto-enabled runtime config does not repeatedly rescan plugin metadata before provider calls. Thanks @​shakkernerd.
• Gateway/performance: reuse current plugin metadata for provider activation, auth/env candidate lookup, and bundle settings during dashboard and channel agent turns while keeping the configless secret-target cache unscoped and refusing stale unscoped reuse when plugin discovery roots differ. Thanks @​shakkernerd.
• Gateway/performance: avoid resolving plugin auto-enable metadata twice in one runtime config pass, reducing repeated dashboard turn metadata scans. Thanks @​shakkernerd.
• Control UI/performance: pre-scope config tab schemas before rendering, load Channels with cached/runtime status before manual probes, preserve channel rows through failed status summaries, and keep stale slow probes from replacing newer snapshots. Thanks @​BunsDev.
• Auth/providers: pass config and workspaceDir lookup context through to provider-id resolution so workspace-scoped auth aliases resolve correctly when no explicit alias map is supplied. Thanks @​shakkernerd.
• Gateway/diagnostics: add startup phase spans, active work labels, stale terminal bridge markers, and opt-in sync-I/O tracing in pnpm gateway:watch so slow Gateway turns are easier to attribute from logs and stability diagnostics.
• QA/Mantis: add an opt-in Discord thread attachment before/after scenario that creates a real thread, calls message.thread-reply with filePath, and captures baseline/candidate screenshot evidence.
• Discord: preserve filePath and path attachments when replying to a thread with the message tool.
• QA/Mantis: add visual desktop tasks

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[f2c-ci-robot]

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[f2c-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment