Changelog

Track every improvement to OpenClaw. New features, fixes, and platform updates.

v2026.6.5 feature

Parallel search, install policy and recovery hardening

  • Parallel is now a bundled web_search provider with PARALLEL_API_KEY discovery, guarded endpoint handling, cache-safe session ids, onboarding picker support and docs
  • Skill and plugin installs are safer: GitHub-backed ClawHub skill installs resolve pinned repository commits, preserve install-policy checks, report install telemetry and keep trusted npm plugin pins
  • Agent recovery is steadier across MCP tool-result materialization, Anthropic extended-thinking retries, stale compaction signatures, empty completion handoffs and Codex session/thread migration edges
  • Channel boundaries tightened across QQBot reasoning stripping, Matrix voice-note preflight and thread pagination, Google Chat native approval cards, Feishu streaming-card retry and WhatsApp restart handling
  • State, config and storage paths moved further toward SQLite-owned durability while provider/model resolution, macOS node mode, cron migrations, service env planning and release proof became stricter
v2026.6.1 feature

Skill Workshop, Workboard and broad runtime reliability

  • Skill Workshop added governed skill proposals, support-file handling, review actions, revision flow, Control UI navigation, searchable previews and reusable session handoff
  • Workboard introduced orchestration primitives, task-backed board runs and task comments for multi-agent planning and run tracking
  • Provider and plugin requests now bound more timers, retries, OAuth/device-code lifetimes, media downloads, local service probes and generated-content polling paths before they can hang a run
  • Channels and mobile delivery are steadier across Telegram, WhatsApp, iMessage, Slack, Discord, Microsoft Teams, Google Chat, Google Meet and iOS realtime Talk
  • Plugin install indexes, inbound queues, iMessage monitor state, skill runtime loading, memory watchers and store writes do less repeated filesystem work on hot paths
v2026.5.28 feature

Runtime recovery, safer channel delivery and broader provider coverage

  • Agent and Codex runtime recovery is steadier: subagents keep cwd/workspace separation, hook context stays prompt-local, session locks release on timeout abort while live locks survive cleanup, and Codex app-server/helper failures no longer tear down shared runtime state
  • Channel delivery and session identity got safer across outbound plugin hooks, Matrix room ids, iMessage reactions/approvals, Slack final replies, Discord recovered tool warnings, WhatsApp profile auth roots, Telegram polling and Microsoft Teams service URL trust checks
  • Mobile and chat surfaces refreshed: the iOS Pro UI, hosted push relay default, realtime Talk tab playback, WebChat reconnect delivery and session picker now preserve more state across reconnects
  • Browser, channel and automation inputs are stricter: tool timeouts, viewport/tab indices, ports, cron retry handling and channel progress callbacks reject malformed values earlier and preserve the intended delivery context
  • Provider, media and document coverage expands with Claude Opus 4.8, Fal Krea image schemas, NVIDIA featured models, MiniMax streaming music, encrypted PDF extraction, a GitHub agent runtime and a Codex Supervisor plugin path
v2026.5.27 feature

Security boundaries, core embeddings and Codex app-server reliability

  • Stronger security and content boundaries: untrusted group prompt text is kept out of system prompts, side-effecting command wrappers and unsafe Node runtime env overrides are blocked, and node/device-role approvals now require admin authority
  • Added a core -compatible embedding provider for local and hosted -style endpoints, with config, doctor and docs support
  • More reliable Codex app-server runs: shared app-server clients survive startup and spawned-helper failures, and native hook relay generations survive restarts and rotate on fresh fallbacks
  • Broader provider coverage: DeepInfra full catalog browsing, the Pixverse video generation provider with API region selection, wired VLLM thinking params and bare direct Anthropic model ids
  • Steadier channel delivery across durable Telegram sends, Slack late-cleanup final replies, stricter Matrix mention handling and tighter Discord guild requester checks
v2026.5.26 feature

Gateway speed, transcript core and safer channel operations

  • Gateway startup avoids repeated plugin, channel, session, usage-cost, warning, scheduled-service and filesystem scans while reducing runtime/session cache churn under load
  • Transcript-backed meeting summaries, source-provider chunks, cleaned user turns, Codex mirrors, WebChat replies and CLI/TUI replay now share a more reliable transcript path
  • Telegram, iMessage, WhatsApp, Discord, Signal and approval reactions gained production-readiness fixes across progress context, media handling, voice playback and model picking
  • Realtime Talk runs can be inspected, steered, cancelled or followed up from Web UI and Discord voice, with more tolerant wake-name handling
  • Browser snapshot reads, system-event text, fetched file text, ClickClack inbound senders, stale device tokens and serialized tool-call text received safer content-boundary handling
v2026.5.22 feature

Gateway startup performance, meeting notes and locked release packages

  • Gateway startup and model-listing hot paths reuse cached channel catalogs, plugin metadata and provider auth state so /models can drop from about 20 s to about 5 ms after warmup
  • Added a source-only external meeting-notes plugin with SDK source-provider contract, auto-start capture config, manual transcript imports and read-only openclaw meeting-notes CLI access
  • Root and OpenClaw-owned npm packages now ship generated shrinkwraps and run package integrity checks before package acceptance lanes
  • Control UI chat session picker added search and Load More pagination so older conversations remain reachable without unbounded initial loads
  • Windows install, update and service paths gained safer command shims, rollback and LaunchAgent handoff fixes
v2026.5.20 feature

Policy plugin, Discord voice follow mode and xAI device login

  • Exec approvals removed the old skill-wrapper allowlist compatibility path so skill files must be loaded through the read tool
  • Discord voice sessions can follow configured Discord users into allowed voice channels with bounded reconciliation and DAVE recovery preservation
  • Realtime voice bootstrap now includes bounded IDENTITY.md, USER.md and SOUL.md profile context by default, with voice.realtime.bootstrapContextFiles available to disable it
  • Added the bundled Policy plugin for channel conformance checks, doctor lint findings and opt-in workspace repair
  • xAI device-code OAuth login supports remote and headless authorization without a localhost browser callback
v2026.5.19 fix

Startup trace attribution, image package args and runtime dependency bumps

  • Docker and Podman image builds added OPENCLAW_IMAGE_APT_PACKAGES while keeping OPENCLAW_DOCKER_APT_PACKAGES as a legacy fallback
  • Gateway/ACPX restart traces now attribute startup probe, config, runtime and resource-count costs
  • Gateway startup overlaps logging and plugin-service startup with channel sidecars while preserving /readyz sidecar gating
  • Updated @openclaw/proxyline to 0.3.3 and Pi packages to 0.75.1
  • Raised the minimum supported Node.js 22 line to 22.19
v2026.5.18 feature

Typed plugin SDK, runtime parity QA and realtime Android voice

  • Added defineToolPlugin plus openclaw plugins build, validate and init for typed simple tool plugins with generated manifest metadata
  • QA-Lab gained runtime parity suites, tool fixture coverage and release-check gates for Codex-vs-Pi drift
  • Android Talk Mode switched to realtime Gateway relay voice sessions with streaming mic input, audio playback and transcripts
  • Gateway restart traces now attribute startup probe, config, runtime and resource-count costs without changing readiness behavior
  • Proxy endpoints can use HTTPS managed forward-proxy routing with scoped proxy.tls.caFile CA trust
  • Docker/Podman added OPENCLAW_IMAGE_APT_PACKAGES while keeping OPENCLAW_DOCKER_APT_PACKAGES as a legacy fallback
v2026.5.12 feature

Telegram polling resilience and externalized provider plugins

  • Telegram ingress moved to an isolated worker with a durable local spool so polling survives main-loop stalls
  • Externalized Amazon Bedrock, Slack, OpenShell sandbox and Anthropic Vertex so installs only pull what you use
  • Sandbox blocks Windows USERPROFILE home roots so credential-bearing binds (.codex, .openclaw, .ssh) are denied
  • Added acp.fallbacks so ACP turns try backup runtime backends before any output is emitted
  • Control UI/WebChat persisted auto-scroll mode selector (follow streaming, near-bottom, or off)
  • Stale long-poll offsets discarded after Telegram bot token rotation so bots no longer silently skip messages
v2026.5.7 fix

Delivery, cron and channel reliability fixes

  • Cron list/show JSON now includes computed job status for external tooling
  • Agent delivery reports failure when an outbound send returns no adapter result
  • Telegram, Discord and WhatsApp routing and authorization fixes
  • Native commands and Active Memory toggles now require the correct admin scope
  • Plugin install/rollback uses a consistent npm lifecycle shell to avoid broken cleanup
v2026.5.6 fix

Codex OAuth routing hotfix

  • Reverted the 2026.5.5 doctor --fix repair that rewrote valid -codex/* OAuth routes
  • Plugin runtime fetch drops third-party header metadata that broke guarded/proxy requests
  • Web fetch bounds dispatcher cleanup so timed-out fetches return tool errors instead of hanging
  • Debug proxy normalizes captured fetch headers before replaying requests
v2026.5.5 fix

Sessions, runtime visibility and provider fixes

  • Sessions, status and Control UI surfaces now show each session agent runtime
  • doctor --fix repairs heartbeat-poisoned default sessions and stale TUI restore pointers
  • xAI Grok Responses models no longer receive unsupported reasoning-effort controls
  • OpenAI-compatible streaming flushes the first chunk so cold setups do not hang clients
  • Control UI chat keeps assistant progress text visible across history reloads
v2026.5.4 feature

Realtime Gemini voice bridge for Google Meet calls

  • Twilio Meet dial-in joins speak through the realtime Gemini voice bridge with paced audio
  • Windows loopback listener binds to 127.0.0.1 to avoid dual-stack localhost stalls
  • Codex audio transcription advertised in runtime/manifest metadata
  • Workspace-scoped plugin metadata reuse trims cold plugin scans on hot paths
  • Refreshed runtime/provider deps including Pi 0.73.0, , Anthropic, Slack and TypeScript
v2026.5.3 feature

Bundled file-transfer plugin and plugin install hardening

  • New file-transfer plugin: file_fetch, dir_list, dir_fetch and file_write with default-deny path policy
  • Hardened official plugin install, uninstall, update and ClawHub fallback paths
  • Added /steer for queue-independent steering of an idle active session
  • Unified streaming.mode "progress" drafts across Discord, Telegram, Matrix, Slack and Teams
  • doctor --fix now commits safe legacy migrations even when unrelated validation fails
v2026.5.2 feature

npm-first plugin cutover and startup leanness

  • External plugin install, update, doctor repair and beta-channel fallback moved to npm-first
  • Leaner and agent hot paths: startup, session listing, prompt prep and tool planning
  • Control UI and WebChat resilience across Sessions, Cron and long-running WebSockets
  • WhatsApp Channel/Newsletter outbound targets and Telegram/Discord/Slack/Signal fixes
  • Added Grok 4.3 to the bundled xAI catalog as the default xAI chat model
v2026.4.29 feature

Active-run steering by default and a people-aware memory wiki

  • Active-run steering on by default with visible-reply enforcement and opt-in follow-up commitments
  • Memory grows into a people wiki: provenance views, per-conversation Active Memory filters, partial recall on timeout
  • Added the NVIDIA provider with API-key onboarding and static catalogs
  • Restricted tool profiles no longer implicitly widen when tools.exec/tools.fs are configured
  • Security and ops: OpenGrep scanning, sharper GHSA triage, safer exec/pairing/owner-scope handling

Want the full technical details? Check out the GitHub releases.

View all releases on GitHub โ†’