3473 Commits

Author SHA1 Message Date
Tak Hoffman
3c6a49b27e
feishu: harden media support and align capability docs (#47968)
* feishu: harden media support and action surface

* feishu: format media action changes

* feishu: fix review follow-ups

* fix: scope Feishu target aliases to Feishu (#47968) (thanks @Takhoffman)
2026-03-16 02:02:48 -05:00
Vincent Koc
476d948732
!refactor(browser): remove Chrome extension path and add MCP doctor migration (#47893)
* Browser: replace extension path with Chrome MCP

* Browser: clarify relay stub and doctor checks

* Docs: mark browser MCP migration as breaking

* Browser: reject unsupported profile drivers

* Browser: accept clawd alias on profile create

* Doctor: narrow legacy browser driver migration
2026-03-15 23:56:08 -07:00
Peter Steinberger
2054cb9431
refactor: move remaining channel seams into plugins 2026-03-15 23:47:30 -07:00
Vincent Koc
4cb46f223c Security: trim audit policy import surfaces 2026-03-15 22:55:26 -07:00
Peter Steinberger
680eff63fb fix: land SIGUSR1 orphan recovery regressions (#47719) (thanks @joeykrug) 2026-03-15 22:32:36 -07:00
bot_apk
98f6ec50aa fix: address 6 review comments on PR #47719
1. [P1] Treat remap failures as resume failures — if replaceSubagentRunAfterSteer
   returns false, do NOT clear abortedLastRun, increment failed count.

2. [P2] Count scan-level exceptions as retryable failures — set result.failed > 0
   in the outer catch block so scheduleOrphanRecovery retry logic triggers.

3. [P2] Persist resumed-session dedupe across recovery retries — accept
   resumedSessionKeys as a parameter; scheduleOrphanRecovery lifts the Set to
   its own scope and passes it through retries.

4. [Greptile] Use typed config accessors instead of raw structural cast for TLS
   check in lifecycle.ts.

5. [Greptile] Forward gateway.reload.deferralTimeoutMs to deferGatewayRestartUntilIdle
   in scheduleGatewaySigusr1Restart so user-configured value is not silently ignored.

6. [Greptile] Same as #4 — already addressed by the typed config fix.

Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
2026-03-15 22:32:36 -07:00
Joey Krug
c780b6a6ab fix: address all review comments on PR #47719 + implement resume context and config idempotency guard 2026-03-15 22:32:36 -07:00
Joey Krug
44304ba24a fix: add retry with exponential backoff for orphan recovery
Addresses Codex review feedback — if recovery fails (e.g. gateway
still booting), retries up to 3 times with exponential backoff
(5s → 10s → 20s) before giving up.
2026-03-15 22:32:36 -07:00
Joey Krug
0311ff05d7 fix: address Greptile review feedback
- Remove unrelated pnpm-lock.yaml changes
- Move abortedLastRun flag clearing to AFTER successful resume
  (prevents permanent session loss on transient gateway failures)
- Use dynamic import for orphan recovery module to avoid startup
  memory overhead
- Add test assertion that flag is preserved on resume failure
2026-03-15 22:32:36 -07:00
Joey Krug
304703f165 fix: resume orphaned subagent sessions after SIGUSR1 reload
Closes #47711

After a SIGUSR1 gateway reload aborts in-flight subagent LLM calls, the gateway now scans for orphaned sessions and sends a synthetic resume message to restart their work. Also makes the deferral timeout configurable via gateway.reload.deferralTimeoutMs (default: 5 minutes, up from 90s).
2026-03-15 22:32:36 -07:00
Peter Steinberger
e627a5069f
refactor(plugins): move auth profile hooks into providers 2026-03-15 22:23:55 -07:00
Vincent Koc
92bea9704e Channels: add message action capabilities 2026-03-15 21:55:45 -07:00
Vincent Koc
c1846000dd Message Tool: add shared interactive schema 2026-03-15 21:55:45 -07:00
Peter Steinberger
7a6be3d531
refactor(plugins): move auth and model policy to providers 2026-03-15 21:52:29 -07:00
Peter Steinberger
656848dcd7
refactor: rename setup wizard surfaces 2026-03-15 21:40:31 -07:00
Peter Steinberger
0a2f95916b
test: expand ssh sandbox coverage and docs 2026-03-15 21:38:22 -07:00
Peter Steinberger
b8bb8510a2
feat: move ssh sandboxing into core 2026-03-15 21:35:30 -07:00
Peter Steinberger
0f43dc4680
test: fix fetch mock typing 2026-03-15 21:07:05 -07:00
Peter Steinberger
a33caab280
refactor(plugins): move auth and model policy to providers 2026-03-15 20:59:06 -07:00
Vincent Koc
1f50fed3b2 Agents: skip eager context warmup for status commands 2026-03-15 20:52:31 -07:00
Peter Steinberger
aa28d1c711 feat: add firecrawl onboarding search plugin 2026-03-16 03:38:58 +00:00
Peter Steinberger
ae7f18e503
feat: add remote openshell sandbox mode 2026-03-15 20:28:19 -07:00
Peter Steinberger
8ab01c5c93
refactor(core): land plugin auth and startup cleanup 2026-03-15 20:12:37 -07:00
Peter Steinberger
d8b927ee6a
feat: add openshell sandbox backend 2026-03-15 20:03:22 -07:00
Josh Avant
a2cb81199e
secrets: harden read-only SecretRef command paths and diagnostics (#47794)
* secrets: harden read-only SecretRef resolution for status and audit

* CLI: add SecretRef degrade-safe regression coverage

* Docs: align SecretRef status and daemon probe semantics

* Security audit: close SecretRef review gaps

* Security audit: preserve source auth SecretRef configuredness

* changelog

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>

---------

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-03-15 21:55:24 -05:00
Ayaan Zaidi
a516141bda feat(telegram): add topic-edit action 2026-03-16 08:03:22 +05:30
Peter Steinberger
74a57ace10
refactor(plugins): lazy load provider runtime shims 2026-03-15 18:20:52 -07:00
Peter Steinberger
b54e37c71f
feat(plugins): merge openai vendor seams into one plugin 2026-03-15 18:20:52 -07:00
Peter Steinberger
d56559bad7 fix: repair node24 ci type drift 2026-03-16 01:15:31 +00:00
Peter Steinberger
3aa5f2703c fix(web-search): restore build after plugin rebase 2026-03-16 01:07:45 +00:00
Peter Steinberger
e8156c8281 feat(web-search): add plugin-backed search providers 2026-03-16 01:07:44 +00:00
Peter Steinberger
ee7ecb2dd4
feat(plugins): move anthropic and openai vendors to plugins 2026-03-15 17:07:28 -07:00
Peter Steinberger
8e2a1d0941
feat(plugins): move bundled providers behind plugin hooks 2026-03-15 16:57:24 -07:00
Peter Steinberger
a058bf918d
feat(plugins): test bundle MCP end to end 2026-03-15 16:51:13 -07:00
Peter Steinberger
9eed6e674b
fix(plugins): restore provider compatibility fallbacks 2026-03-15 16:09:40 -07:00
Peter Steinberger
4adcfa3256
feat(plugins): move provider runtimes into bundled plugins 2026-03-15 16:09:40 -07:00
Peter Steinberger
dd40741e18
feat(plugins): add compatible bundle support 2026-03-15 16:08:50 -07:00
Peter Steinberger
4a0f72866b
feat(plugins): move provider runtimes into bundled plugins 2026-03-15 15:18:32 -07:00
peizhe.chen
42837a04bf
fix(models): preserve stream usage compat opt-ins (#45733)
Preserves explicit `supportsUsageInStreaming` overrides from built-in provider
catalogs and user config instead of unconditionally forcing `false` on non-native
openai-completions endpoints.

Adds `applyNativeStreamingUsageCompat()` to set `supportsUsageInStreaming: true`
on ModelStudio (DashScope) and Moonshot models at config build time so their
native streaming usage works out of the box.

Closes #46142

Co-authored-by: pezy <peizhe.chen@vbot.cn>
2026-03-15 20:21:11 +01:00
Vincent Koc
8e97b752d0
Tools: revalidate workspace-only patch targets (#46803)
* Tools: revalidate workspace-only patch targets

* Tests: narrow apply-patch delete-path assertion
2026-03-15 09:45:58 -07:00
Vincent Koc
7679eb3752
Subagents: restrict follow-up messaging scope (#46801)
* Subagents: restrict follow-up messaging scope

* Subagents: cover foreign-session follow-up sends

* Update CHANGELOG.md
2026-03-15 09:44:51 -07:00
Peter Steinberger
0c7ae04262
style: format imported model helpers 2026-03-15 09:05:45 -07:00
Aditya Chaudhary
f5cd7c390d
added a fix for memory leak on 2gb ram (#46522) 2026-03-15 09:01:31 -07:00
助爪
5c5c64b612
Deduplicate repeated tool call IDs for OpenAI-compatible APIs (#40996)
Merged via squash.

Prepared head SHA: 38d80483592de63866b07cd61edc7f41ffd56021
Co-authored-by: xaeon2026 <264572156+xaeon2026@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
2026-03-15 19:46:07 +08:00
Sahan
9616d1e8ba
fix: Disable strict mode tools for non-native openai-completions compatible APIs (#45497)
Merged via squash.

Prepared head SHA: 20fe05fe747821455c020521e5c2072b368713d8
Co-authored-by: sahancava <57447079+sahancava@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
2026-03-15 16:36:52 +08:00
Ayaan Zaidi
6a458ef29e
fix: harden compaction timeout follow-ups 2026-03-15 12:13:23 +05:30
Jason
f77a684131
feat: make compaction timeout configurable via agents.defaults.compaction.timeoutSeconds (#46889)
* feat: make compaction timeout configurable via agents.defaults.compaction.timeoutSeconds

The hardcoded 5-minute (300s) compaction timeout causes large sessions
to enter a death spiral where compaction repeatedly fails and the
session grows indefinitely. This adds agents.defaults.compaction.timeoutSeconds
to allow operators to override the compaction safety timeout.

Default raised to 900s (15min) which is sufficient for sessions up to
~400k tokens. The resolved timeout is also used for the session write
lock duration so locks don't expire before compaction completes.

Fixes #38233

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: add resolveCompactionTimeoutMs tests

Cover config resolution edge cases: undefined config, missing
compaction section, valid seconds, fractional values, zero,
negative, NaN, and Infinity.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: add timeoutSeconds to compaction Zod schema

The compaction object schema uses .strict(), so setting the new
timeoutSeconds config option would fail validation at startup.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: enforce integer constraint on compaction timeoutSeconds schema

Prevents sub-second values like 0.5 which would floor to 0ms and
cause immediate compaction timeout. Matches pattern of other
integer timeout fields in the schema.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: clamp compaction timeout to Node timer-safe maximum

Values above ~2.1B ms overflow Node's setTimeout to 1ms, causing
immediate timeout. Clamp to MAX_SAFE_TIMEOUT_MS matching the
pattern in agents/timeout.ts.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: add FIELD_LABELS entry for compaction timeoutSeconds

Maintains label/help parity invariant enforced by
schema.help.quality.test.ts.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: align compaction timeouts with abort handling

* fix: land compaction timeout handling (#46889) (thanks @asyncjason)

---------

Co-authored-by: Jason Separovic <jason@wilma.dog>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-03-15 12:04:48 +05:30
Vincent Koc
d1e4ee03ff fix(context): skip eager warmup for non-model CLI commands 2026-03-14 23:20:15 -07:00
Jinhao Dong
8e4a1d87e2
fix(openrouter): silently dropped images for new OpenRouter models — runtime capability detection (#45824)
* fix: fetch OpenRouter model capabilities at runtime for unknown models

When an OpenRouter model is not in the built-in static snapshot from
pi-ai, the fallback hardcodes input: ["text"], silently dropping images.

Query the OpenRouter API at runtime to detect actual capabilities
(image support, reasoning, context window) for models not in the
built-in list. Results are cached in memory for 1 hour. On API
failure/timeout, falls back to text-only (no regression).

* feat(openrouter): add disk cache for OpenRouter model capabilities

Persist the OpenRouter model catalog to ~/.openclaw/cache/openrouter-models.json
so it survives process restarts. Cache lookup order:

1. In-memory Map (instant)
2. On-disk JSON file (avoids network on restart)
3. OpenRouter API fetch (populates both layers)

Also triggers a background refresh when a model is not found in the cache,
in case it was newly added to OpenRouter.

* refactor(openrouter): remove pre-warm, use pure lazy-load with disk cache

- Remove eager ensureOpenRouterModelCache() from run.ts
- Remove TTL — model capabilities are stable, no periodic re-fetching
- Cache lookup: in-memory → disk → API fetch (only when needed)
- API is only called when no cache exists or a model is not found
- Disk cache persists across gateway restarts

* fix(openrouter): address review feedback

- Fix timer leak: move clearTimeout to finally block
- Fix modality check: only check input side of "->" separator to avoid
  matching image-generation models (text->image)
- Use resolveStateDir() instead of hardcoded homedir()/.openclaw
- Separate cache dir and filename constants
- Add utf-8 encoding to writeFileSync for consistency
- Add data validation when reading disk cache

* ci: retrigger checks

* fix: preload unknown OpenRouter model capabilities before resolve

* fix: accept top-level OpenRouter max token metadata

* fix: update changelog for OpenRouter runtime capability lookup (#45824) (thanks @DJjjjhao)

* fix: avoid redundant OpenRouter refetches and preserve suppression guards

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-03-15 11:48:39 +05:30
Gugu-sugar
c1a0196826
Fix Codex CLI auth profile sync (#45353)
Merged via squash.

Prepared head SHA: e5432ec4e1685a78ca7251bc71f26c1f17355a15
Co-authored-by: Gugu-sugar <201366873+Gugu-sugar@users.noreply.github.com>
Co-authored-by: grp06 <1573959+grp06@users.noreply.github.com>
Reviewed-by: @grp06
2026-03-14 16:36:09 -07:00