OpenClaw 2026.2.1 Mon, 02 Feb 2026 03:53:03 -0800 https://raw.githubusercontent.com/openclaw/openclaw/main/appcast.xml 8650 2026.2.1 15.0 OpenClaw 2026.2.1

Changes

  • Docs: onboarding/install/i18n/exec-approvals/Control UI/exe.dev/cacheRetention updates + misc nav/typos. (#3050, #3461, #4064, #4675, #4729, #4763, #5003, #5402, #5446, #5474, #5663, #5689, #5694, #5967, #6270, #6300, #6311, #6416, #6487, #6550, #6789)
  • Telegram: use shared pairing store. (#6127) Thanks @obviyus.
  • Agents: add OpenRouter app attribution headers. Thanks @alexanderatallah.
  • Agents: add system prompt safety guardrails. (#5445) Thanks @joshp123.
  • Agents: update pi-ai to 0.50.9 and rename cacheControlTtl -> cacheRetention (with back-compat mapping).
  • Agents: extend CreateAgentSessionOptions with systemPrompt/skills/contextFiles.
  • Agents: add tool policy conformance snapshot (no runtime behavior change). (#6011)
  • Auth: update MiniMax OAuth hint + portal auth note copy.
  • Discord: inherit thread parent bindings for routing. (#3892) Thanks @aerolalit.
  • Gateway: inject timestamps into agent and chat.send messages. (#3705) Thanks @conroywhitney, @CashWilliams.
  • Gateway: require TLS 1.3 minimum for TLS listeners. (#5970) Thanks @loganaden.
  • Web UI: refine chat layout + extend session active duration.
  • CI: add formal conformance + alias consistency checks. (#5723, #5807)

Fixes

  • Plugins: validate plugin/hook install paths and reject traversal-like names.
  • Telegram: add download timeouts for file fetches. (#6914) Thanks @hclsys.
  • Telegram: enforce thread specs for DM vs forum sends. (#6833) Thanks @obviyus.
  • Streaming: flush block streaming on paragraph boundaries for newline chunking. (#7014)
  • Streaming: stabilize partial streaming filters.
  • Auto-reply: avoid referencing workspace files in /new greeting prompt. (#5706) Thanks @bravostation.
  • Tools: align tool execute adapters/signatures (legacy + parameter order + arg normalization).
  • Tools: treat "*" tool allowlist entries as valid to avoid spurious unknown-entry warnings.
  • Skills: update session-logs paths from .clawdbot to .openclaw. (#4502)
  • Slack: harden media fetch limits and Slack file URL validation. (#6639) Thanks @davidiach.
  • Lint: satisfy curly rule after import sorting. (#6310)
  • Process: resolve Windows spawn() failures for npm-family CLIs by appending .cmd when needed. (#5815) Thanks @thejhinvirtuoso.
  • Discord: resolve PluralKit proxied senders for allowlists and labels. (#5838) Thanks @thewilloftheshadow.
  • Tlon: add timeout to SSE client fetch calls (CWE-400). (#5926)
  • Memory search: L2-normalize local embedding vectors to fix semantic search. (#5332)
  • Agents: align embedded runner + typings with pi-coding-agent API updates (pi 0.51.0).
  • Agents: ensure OpenRouter attribution headers apply in the embedded runner.
  • Agents: cap context window resolution for compaction safeguard. (#6187) Thanks @iamEvanYT.
  • System prompt: resolve overrides and hint using session_status for current date/time. (#1897, #1928, #2108, #3677)
  • Agents: fix Pi prompt template argument syntax. (#6543)
  • Subagents: fix announce failover race (always emit lifecycle end; timeout=0 means no-timeout). (#6621)
  • Teams: gate media auth retries.
  • Telegram: restore draft streaming partials. (#5543) Thanks @obviyus.
  • Onboarding: friendlier Windows onboarding message. (#6242) Thanks @shanselman.
  • TUI: prevent crash when searching with digits in the model selector.
  • Agents: wire before_tool_call plugin hook into tool execution. (#6570, #6660) Thanks @ryancnelson.
  • Browser: secure Chrome extension relay CDP sessions.
  • Docker: use container port for gateway command instead of host port. (#5110) Thanks @mise42.
  • fix(lobster): block arbitrary exec via lobsterPath/cwd injection (GHSA-4mhr-g7xj-cg8j). (#5335) Thanks @vignesh07.
  • Security: sanitize WhatsApp accountId to prevent path traversal. (#4610)
  • Security: restrict MEDIA path extraction to prevent LFI. (#4930)
  • Security: validate message-tool filePath/path against sandbox root. (#6398)
  • Security: block LD*/DYLD* env overrides for host exec. (#4896) Thanks @HassanFleyah.
  • Security: harden web tool content wrapping + file parsing safeguards. (#4058) Thanks @VACInc.
  • Security: enforce Twitch allowFrom allowlist gating (deny non-allowlisted senders). Thanks @MegaManSec.

View full changelog

]]> 2026.1.30 Sat, 31 Jan 2026 14:29:57 +0100 https://raw.githubusercontent.com/openclaw/openclaw/main/appcast.xml 8469 2026.1.30 15.0 OpenClaw 2026.1.30

Changes

  • CLI: add completion command (Zsh/Bash/PowerShell/Fish) and auto-setup during postinstall/onboarding.
  • CLI: add per-agent models status (--agent filter). (#4780) Thanks @jlowin.
  • Agents: add Kimi K2.5 to the synthetic model catalog. (#4407) Thanks @manikv12.
  • Auth: switch Kimi Coding to built-in provider; normalize OAuth profile email.
  • Auth: add MiniMax OAuth plugin + onboarding option. (#4521) Thanks @Maosghoul.
  • Agents: update pi SDK/API usage and dependencies.
  • Web UI: refresh sessions after chat commands and improve session display names.
  • Build: move TypeScript builds to tsdown + tsgo (faster builds, CI typechecks), update tsconfig target, and clean up lint rules.
  • Build: align npm tar override and bin metadata so the openclaw CLI entrypoint is preserved in npm publishes.
  • Docs: add pi/pi-dev docs and update OpenClaw branding + install links.

Fixes

  • Security: restrict local path extraction in media parser to prevent LFI. (#4880)
  • Gateway: prevent token defaults from becoming the literal "undefined". (#4873) Thanks @Hisleren.
  • Control UI: fix assets resolution for npm global installs. (#4909) Thanks @YuriNachos.
  • macOS: avoid stderr pipe backpressure in gateway discovery. (#3304) Thanks @abhijeet117.
  • Telegram: normalize account token lookup for non-normalized IDs. (#5055) Thanks @jasonsschin.
  • Telegram: preserve delivery thread fallback and fix threadId handling in delivery context.
  • Telegram: fix HTML nesting for overlapping styles/links. (#4578) Thanks @ThanhNguyxn.
  • Telegram: accept numeric messageId/chatId in react actions. (#4533) Thanks @Ayush10.
  • Telegram: honor per-account proxy dispatcher via undici fetch. (#4456) Thanks @spiceoogway.
  • Telegram: scope skill commands to bound agent per bot. (#4360) Thanks @robhparker.
  • BlueBubbles: debounce by messageId to preserve attachments in text+image messages. (#4984)
  • Routing: prefer requesterOrigin over stale session entries for sub-agent announce delivery. (#4957)
  • Extensions: restore embedded extension discovery typings.
  • CLI: fix tui:dev port resolution.
  • LINE: fix status command TypeError. (#4651)
  • OAuth: skip expired-token warnings when refresh tokens are still valid. (#4593)
  • Build: skip redundant UI install step in Dockerfile. (#4584) Thanks @obviyus.

View full changelog

]]> 2026.1.29 Fri, 30 Jan 2026 06:24:15 +0100 https://raw.githubusercontent.com/openclaw/openclaw/main/appcast.xml 8345 2026.1.29 15.0 OpenClaw 2026.1.29 Status: stable.

Changes

  • Rebrand: rename the npm package/CLI to openclaw, add a openclaw compatibility shim, and move extensions to the @openclaw/* scope.
  • Onboarding: strengthen security warning copy for beta + access control expectations.
  • Onboarding: add Venice API key to non-interactive flow. (#1893) Thanks @jonisjongithub.
  • Config: auto-migrate legacy state/config paths and keep config resolution consistent across legacy filenames.
  • Gateway: warn on hook tokens via query params; document header auth preference. (#2200) Thanks @YuriNachos.
  • Gateway: add dangerous Control UI device auth bypass flag + audit warnings. (#2248)
  • Doctor: warn on gateway exposure without auth. (#2016) Thanks @Alex-Alaniz.
  • Web UI: keep sub-agent announce replies visible in WebChat. (#1977) Thanks @andrescardonas7.
  • Browser: route browser control via gateway/node; remove standalone browser control command and control URL config.
  • Browser: route browser.request via node proxies when available; honor proxy timeouts; derive browser ports from gateway.port.
  • Browser: fall back to URL matching for extension relay target resolution. (#1999) Thanks @jonit-dev.
  • Telegram: allow caption param for media sends. (#1888) Thanks @mguellsegarra.
  • Telegram: support plugin sendPayload channelData (media/buttons) and validate plugin commands. (#1917) Thanks @JoshuaLelon.
  • Telegram: avoid block replies when streaming is disabled. (#1885) Thanks @ivancasco.
  • Telegram: add optional silent send flag (disable notifications). (#2382) Thanks @Suksham-sharma.
  • Telegram: support editing sent messages via message(action="edit"). (#2394) Thanks @marcelomar21.
  • Telegram: support quote replies for message tool and inbound context. (#2900) Thanks @aduk059.
  • Telegram: add sticker receive/send with vision caching. (#2629) Thanks @longjos.
  • Telegram: send sticker pixels to vision models. (#2650)
  • Telegram: keep topic IDs in restart sentinel notifications. (#1807) Thanks @hsrvc.
  • Discord: add configurable privileged gateway intents for presences/members. (#2266) Thanks @kentaro.
  • Slack: clear ack reaction after streamed replies. (#2044) Thanks @fancyboi999.
  • Matrix: switch plugin SDK to @vector-im/matrix-bot-sdk.
  • Tlon: format thread reply IDs as @ud. (#1837) Thanks @wca4a.
  • Tools: add per-sender group tool policies and fix precedence. (#1757) Thanks @adam91holt.
  • Agents: summarize dropped messages during compaction safeguard pruning. (#2509) Thanks @jogi47.
  • Agents: expand cron tool description with full schema docs. (#1988) Thanks @tomascupr.
  • Agents: honor tools.exec.safeBins in exec allowlist checks. (#2281)
  • Memory Search: allow extra paths for memory indexing (ignores symlinks). (#3600) Thanks @kira-ariaki.
  • Skills: add multi-image input support to Nano Banana Pro skill. (#1958) Thanks @tyler6204.
  • Skills: add missing dependency metadata for GitHub, Notion, Slack, Discord. (#1995) Thanks @jackheuberger.
  • Commands: group /help and /commands output with Telegram paging. (#2504) Thanks @hougangdev.
  • Routing: add per-account DM session scope and document multi-account isolation. (#3095) Thanks @jarvis-sam.
  • Routing: precompile session key regexes. (#1697) Thanks @Ray0907.
  • CLI: use Node's module compile cache for faster startup. (#2808) Thanks @pi0.
  • Auth: show copyable Google auth URL after ASCII prompt. (#1787) Thanks @robbyczgw-cla.
  • TUI: avoid width overflow when rendering selection lists. (#1686) Thanks @mossein.
  • macOS: finish OpenClaw app rename for macOS sources, bundle identifiers, and shared kit paths. (#2844) Thanks @fal3.
  • Branding: update launchd labels, mobile bundle IDs, and logging subsystems to bot.molt (legacy bundle ID migrations). Thanks @thewilloftheshadow.
  • macOS: limit project-local node_modules/.bin PATH preference to debug builds (reduce PATH hijacking risk).
  • macOS: keep custom SSH usernames in remote target. (#2046) Thanks @algal.
  • macOS: avoid crash when rendering code blocks by bumping Textual to 0.3.1. (#2033) Thanks @garricn.
  • Update: ignore dist/control-ui for dirty checks and restore after ui builds. (#1976) Thanks @Glucksberg.
  • Build: bundle A2UI assets during build and stop tracking generated bundles. (#2455) Thanks @0oAstro.
  • CI: increase Node heap size for macOS checks. (#1890) Thanks @realZachi.
  • Config: apply config.env before ${VAR} substitution. (#1813) Thanks @spanishflu-est1918.
  • Gateway: prefer newest session metadata when combining stores. (#1823) Thanks @emanuelst.
  • Docs: tighten Fly private deployment steps. (#2289) Thanks @dguido.
  • Docs: add migration guide for moving to a new machine. (#2381)
  • Docs: add Northflank one-click deployment guide. (#2167) Thanks @AdeboyeDN.
  • Docs: add Vercel AI Gateway to providers sidebar. (#1901) Thanks @jerilynzheng.
  • Docs: add Render deployment guide. (#1975) Thanks @anurag.
  • Docs: add Claude Max API Proxy guide. (#1875) Thanks @atalovesyou.
  • Docs: add DigitalOcean deployment guide. (#1870) Thanks @0xJonHoldsCrypto.
  • Docs: add Oracle Cloud (OCI) platform guide + cross-links. (#2333) Thanks @hirefrank.
  • Docs: add Raspberry Pi install guide. (#1871) Thanks @0xJonHoldsCrypto.
  • Docs: add GCP Compute Engine deployment guide. (#1848) Thanks @hougangdev.
  • Docs: add LINE channel guide. Thanks @thewilloftheshadow.
  • Docs: credit both contributors for Control UI refresh. (#1852) Thanks @EnzeD.
  • Docs: keep docs header sticky so navbar stays visible while scrolling. (#2445) Thanks @chenyuan99.
  • Docs: update exe.dev install instructions. (#https://github.com/openclaw/openclaw/pull/3047) Thanks @zackerthescar.

Breaking

  • BREAKING: Gateway auth mode "none" is removed; gateway now requires token/password (Tailscale Serve identity still allowed).

Fixes

  • Telegram: avoid silent empty replies by tracking normalization skips before fallback. (#3796)
  • Mentions: honor mentionPatterns even when explicit mentions are present. (#3303) Thanks @HirokiKobayashi-R.
  • Discord: restore username directory lookup in target resolution. (#3131) Thanks @bonald.
  • Agents: align MiniMax base URL test expectation with default provider config. (#3131) Thanks @bonald.
  • Agents: prevent retries on oversized image errors and surface size limits. (#2871) Thanks @Suksham-sharma.
  • Agents: inherit provider baseUrl/api for inline models. (#2740) Thanks @lploc94.
  • Memory Search: keep auto provider model defaults and only include remote when configured. (#2576) Thanks @papago2355.
  • Telegram: include AccountId in native command context for multi-agent routing. (#2942) Thanks @Chloe-VP.
  • Telegram: handle video note attachments in media extraction. (#2905) Thanks @mylukin.
  • TTS: read OPENAI_TTS_BASE_URL at runtime instead of module load to honor config.env. (#3341) Thanks @hclsys.
  • macOS: auto-scroll to bottom when sending a new message while scrolled up. (#2471) Thanks @kennyklee.
  • Web UI: auto-expand the chat compose textarea while typing (with sensible max height). (#2950) Thanks @shivamraut101.
  • Gateway: prevent crashes on transient network errors (fetch failures, timeouts, DNS). Added fatal error detection to only exit on truly critical errors. Fixes #2895, #2879, #2873. (#2980) Thanks @elliotsecops.
  • Agents: guard channel tool listActions to avoid plugin crashes. (#2859) Thanks @mbelinky.
  • Discord: stop resolveDiscordTarget from passing directory params into messaging target parsers. Fixes #3167. Thanks @thewilloftheshadow.
  • Discord: avoid resolving bare channel names to user DMs when a username matches. Thanks @thewilloftheshadow.
  • Discord: fix directory config type import for target resolution. Thanks @thewilloftheshadow.
  • Providers: update MiniMax API endpoint and compatibility mode. (#3064) Thanks @hlbbbbbbb.
  • Telegram: treat more network errors as recoverable in polling. (#3013) Thanks @ryancontent.
  • Discord: resolve usernames to user IDs for outbound messages. (#2649) Thanks @nonggialiang.
  • Providers: update Moonshot Kimi model references to kimi-k2.5. (#2762) Thanks @MarvinCui.
  • Gateway: suppress AbortError and transient network errors in unhandled rejections. (#2451) Thanks @Glucksberg.
  • TTS: keep /tts status replies on text-only commands and avoid duplicate block-stream audio. (#2451) Thanks @Glucksberg.
  • Security: pin npm overrides to keep tar@7.5.4 for install toolchains.
  • Security: properly test Windows ACL audit for config includes. (#2403) Thanks @dominicnunez.
  • CLI: recognize versioned Node executables when parsing argv. (#2490) Thanks @David-Marsh-Photo.
  • CLI: avoid prompting for gateway runtime under the spinner. (#2874)
  • BlueBubbles: coalesce inbound URL link preview messages. (#1981) Thanks @tyler6204.
  • Cron: allow payloads containing "heartbeat" in event filter. (#2219) Thanks @dwfinkelstein.
  • CLI: avoid loading config for global help/version while registering plugin commands. (#2212) Thanks @dial481.
  • Agents: include memory.md when bootstrapping memory context. (#2318) Thanks @czekaj.
  • Agents: release session locks on process termination and cover more signals. (#2483) Thanks @janeexai.
  • Agents: skip cooldowned providers during model failover. (#2143) Thanks @YiWang24.
  • Telegram: harden polling + retry behavior for transient network errors and Node 22 transport issues. (#2420) Thanks @techboss.
  • Telegram: ignore non-forum group message_thread_id while preserving DM thread sessions. (#2731) Thanks @dylanneve1.
  • Telegram: wrap reasoning italics per line to avoid raw underscores. (#2181) Thanks @YuriNachos.
  • Telegram: centralize API error logging for delivery and bot calls. (#2492) Thanks @altryne.
  • Voice Call: enforce Twilio webhook signature verification for ngrok URLs; disable ngrok free tier bypass by default.
  • Security: harden Tailscale Serve auth by validating identity via local tailscaled before trusting headers.
  • Media: fix text attachment MIME misclassification with CSV/TSV inference and UTF-16 detection; add XML attribute escaping for file output. (#3628) Thanks @frankekn.
  • Build: align memory-core peer dependency with lockfile.
  • Security: add mDNS discovery mode with minimal default to reduce information disclosure. (#1882) Thanks @orlyjamie.
  • Security: harden URL fetches with DNS pinning to reduce rebinding risk. Thanks Chris Zheng.
  • Web UI: improve WebChat image paste previews and allow image-only sends. (#1925) Thanks @smartprogrammer93.
  • Security: wrap external hook content by default with a per-hook opt-out. (#1827) Thanks @mertcicekci0.
  • Gateway: default auth now fail-closed (token/password required; Tailscale Serve identity remains allowed).
  • Gateway: treat loopback + non-local Host connections as remote unless trusted proxy headers are present.
  • Onboarding: remove unsupported gateway auth "off" choice from onboarding/configure flows and CLI flags.

View full changelog

]]>