Changelog

Track every improvement to OpenClaw. New features, fixes, and platform updates.

v2026.6.10 feature

Fast talk mode, model routing and trusted policy fixes

  • Talk sessions can enable fast mode for short conversational turns, then return to normal mode for longer runs with bounded fallback and delivery behavior
  • Fast-mode state now survives retries, fallback transitions, progress events and embedded, CLI and ACP normalization paths
  • Zai model synthesis, GLM overload failover and native reasoning-level selection now follow the active model catalog more consistently
  • Channel switches reset stale origin fields, while cron delivery awareness stays attached to the target session
  • Composed hook registries keep the trusted tool policies required by approval-sensitive flows, and provider plugin onboarding refreshes registry metadata after setup installs
v2026.6.9 feature

Telegram delivery, Codex integration and provider plugin releases

  • Telegram now sends rich HTML, preserves rich markdown and sticker paths, renders progress drafts and command output more faithfully, and keeps mentions and spooled handlers on the right delivery path
  • Interrupted agent runs recover more reliably across retries, terminal outcomes, usage after compaction, session history repair and reply reconciliation
  • Codex gained automatic plugin approvals, GPT-5.3 Spark OAuth routing, remote-node exec as a dynamic tool, and more reliable app-server teardown and terminal outcomes
  • Official provider packages became standalone npm releases, externally installed channel plugins load at Gateway startup, and StepFun is available from npm and ClawHub
  • The Control UI added a session workspace rail and extension health, while search and skill installs gained Codex Hosted Search, deliberate key-free provider opt-ins and verified source provenance
v2026.6.8 feature

Channel delivery, model routing and state reliability

  • Telegram and WhatsApp delivery gained richer structured output, preserved line breaks, CLI-backed reply handling and configured WhatsApp ACP bindings
  • Agent runs recover more predictably across account-scoped DM sends, generated media completions, auto-reply message-tool final replies, restart shutdown aborts and yielded subagent pauses
  • Model routing added GLM-5.2 and Claude Haiku 4.5 catalog support while normalizing provider IDs, honoring SecretRef auth and quarantining unsafe OpenAI/Anthropic tool schemas
  • Usage hooks added a native full-footer renderer, default templates, per-turn usage state, credential-aware limits, fixed-decimal formatting and warnings for broken templates
  • Memory and state paths now split oversized OpenAI embedding batches, keep QMD search available in transient mode, avoid SQLite WAL on NFS volumes and preserve full-reindex recovery
v2026.6.6 feature

Security boundaries, channel recovery and provider replay fixes

  • Transcript, sandbox, host-env, MCP stdio, Codex HTTP, native search, loopback tool and channel moderation paths gained tighter security boundaries, with exec approvals now failing closed on timeout
  • Telegram, iMessage, Discord, WhatsApp, LINE, Feishu, Mattermost, Teams and Realtime delivery recovered more reliably across restarts, threads, callbacks, final replies and webhook routing
  • Browser and MCP connectivity added existing-session CDP support, discovered WebSocket validation, default-profile cdpUrl handling, safer browser-output boundaries and Streamable HTTP loopback transport
  • Provider handling expanded with OpenRouter OAuth onboarding and Claude Fable 5 adaptive thinking while preserving Codex compaction ownership, Gemma reasoning replay and local-model guardian bypasses
  • Performance and diagnostics improved through cached model metadata, lazy slash commands, first-event tracing, plugin prewarm, deduped plugin auto-enable fanout and reduced model-registry rescan storms
v2026.6.5 feature

Parallel search, install policy and recovery hardening

  • Parallel is now a bundled web_search provider with PARALLEL_API_KEY discovery, guarded endpoint handling, cache-safe session ids, onboarding picker support and docs
  • Skill and plugin installs are safer: GitHub-backed ClawHub skill installs resolve pinned repository commits, preserve install-policy checks, report install telemetry and keep trusted npm plugin pins
  • Agent recovery is steadier across MCP tool-result materialization, Anthropic extended-thinking retries, stale compaction signatures, empty completion handoffs and Codex session/thread migration edges
  • Channel boundaries tightened across QQBot reasoning stripping, Matrix voice-note preflight and thread pagination, Google Chat native approval cards, Feishu streaming-card retry and WhatsApp restart handling
  • State, config and storage paths moved further toward SQLite-owned durability while provider/model resolution, macOS node mode, cron migrations, service env planning and release proof became stricter
v2026.6.1 feature

Skill Workshop, Workboard and broad runtime reliability

  • Skill Workshop added governed skill proposals, support-file handling, review actions, revision flow, Control UI navigation, searchable previews and reusable session handoff
  • Workboard introduced orchestration primitives, task-backed board runs and task comments for multi-agent planning and run tracking
  • Provider and plugin requests now bound more timers, retries, OAuth/device-code lifetimes, media downloads, local service probes and generated-content polling paths before they can hang a run
  • Channels and mobile delivery are steadier across Telegram, WhatsApp, iMessage, Slack, Discord, Microsoft Teams, Google Chat, Google Meet and iOS realtime Talk
  • Plugin install indexes, inbound queues, iMessage monitor state, skill runtime loading, memory watchers and store writes do less repeated filesystem work on hot paths
v2026.5.28 feature

Runtime recovery, safer channel delivery and broader provider coverage

  • Agent and Codex runtime recovery is steadier: subagents keep cwd/workspace separation, hook context stays prompt-local, session locks release on timeout abort while live locks survive cleanup, and Codex app-server/helper failures no longer tear down shared runtime state
  • Channel delivery and session identity got safer across outbound plugin hooks, Matrix room ids, iMessage reactions/approvals, Slack final replies, Discord recovered tool warnings, WhatsApp profile auth roots, Telegram polling and Microsoft Teams service URL trust checks
  • Mobile and chat surfaces refreshed: the iOS Pro UI, hosted push relay default, realtime Talk tab playback, WebChat reconnect delivery and session picker now preserve more state across reconnects
  • Browser, channel and automation inputs are stricter: tool timeouts, viewport/tab indices, ports, cron retry handling and channel progress callbacks reject malformed values earlier and preserve the intended delivery context
  • Provider, media and document coverage expands with Claude Opus 4.8, Fal Krea image schemas, NVIDIA featured models, MiniMax streaming music, encrypted PDF extraction, a GitHub agent runtime and a Codex Supervisor plugin path
v2026.5.27 feature

Security boundaries, core embeddings and Codex app-server reliability

  • Stronger security and content boundaries: untrusted group prompt text is kept out of system prompts, side-effecting command wrappers and unsafe Node runtime env overrides are blocked, and node/device-role approvals now require admin authority
  • Added a core -compatible embedding provider for local and hosted -style endpoints, with config, doctor and docs support
  • More reliable Codex app-server runs: shared app-server clients survive startup and spawned-helper failures, and native hook relay generations survive restarts and rotate on fresh fallbacks
  • Broader provider coverage: DeepInfra full catalog browsing, the Pixverse video generation provider with API region selection, wired VLLM thinking params and bare direct Anthropic model ids
  • Steadier channel delivery across durable Telegram sends, Slack late-cleanup final replies, stricter Matrix mention handling and tighter Discord guild requester checks
v2026.5.26 feature

Gateway speed, transcript core and safer channel operations

  • Gateway startup avoids repeated plugin, channel, session, usage-cost, warning, scheduled-service and filesystem scans while reducing runtime/session cache churn under load
  • Transcript-backed meeting summaries, source-provider chunks, cleaned user turns, Codex mirrors, WebChat replies and CLI/TUI replay now share a more reliable transcript path
  • Telegram, iMessage, WhatsApp, Discord, Signal and approval reactions gained production-readiness fixes across progress context, media handling, voice playback and model picking
  • Realtime Talk runs can be inspected, steered, cancelled or followed up from Web UI and Discord voice, with more tolerant wake-name handling
  • Browser snapshot reads, system-event text, fetched file text, ClickClack inbound senders, stale device tokens and serialized tool-call text received safer content-boundary handling
v2026.5.22 feature

Gateway startup performance, meeting notes and locked release packages

  • Gateway startup and model-listing hot paths reuse cached channel catalogs, plugin metadata and provider auth state so /models can drop from about 20 s to about 5 ms after warmup
  • Added a source-only external meeting-notes plugin with SDK source-provider contract, auto-start capture config, manual transcript imports and read-only openclaw meeting-notes CLI access
  • Root and OpenClaw-owned npm packages now ship generated shrinkwraps and run package integrity checks before package acceptance lanes
  • Control UI chat session picker added search and Load More pagination so older conversations remain reachable without unbounded initial loads
  • Windows install, update and service paths gained safer command shims, rollback and LaunchAgent handoff fixes
v2026.5.20 feature

Policy plugin, Discord voice follow mode and xAI device login

  • Exec approvals removed the old skill-wrapper allowlist compatibility path so skill files must be loaded through the read tool
  • Discord voice sessions can follow configured Discord users into allowed voice channels with bounded reconciliation and DAVE recovery preservation
  • Realtime voice bootstrap now includes bounded IDENTITY.md, USER.md and SOUL.md profile context by default, with voice.realtime.bootstrapContextFiles available to disable it
  • Added the bundled Policy plugin for channel conformance checks, doctor lint findings and opt-in workspace repair
  • xAI device-code OAuth login supports remote and headless authorization without a localhost browser callback
v2026.5.19 fix

Startup trace attribution, image package args and runtime dependency bumps

  • Docker and Podman image builds added OPENCLAW_IMAGE_APT_PACKAGES while keeping OPENCLAW_DOCKER_APT_PACKAGES as a legacy fallback
  • Gateway/ACPX restart traces now attribute startup probe, config, runtime and resource-count costs
  • Gateway startup overlaps logging and plugin-service startup with channel sidecars while preserving /readyz sidecar gating
  • Updated @openclaw/proxyline to 0.3.3 and Pi packages to 0.75.1
  • Raised the minimum supported Node.js 22 line to 22.19
v2026.5.18 feature

Typed plugin SDK, runtime parity QA and realtime Android voice

  • Added defineToolPlugin plus openclaw plugins build, validate and init for typed simple tool plugins with generated manifest metadata
  • QA-Lab gained runtime parity suites, tool fixture coverage and release-check gates for Codex-vs-Pi drift
  • Android Talk Mode switched to realtime Gateway relay voice sessions with streaming mic input, audio playback and transcripts
  • Gateway restart traces now attribute startup probe, config, runtime and resource-count costs without changing readiness behavior
  • Proxy endpoints can use HTTPS managed forward-proxy routing with scoped proxy.tls.caFile CA trust
  • Docker/Podman added OPENCLAW_IMAGE_APT_PACKAGES while keeping OPENCLAW_DOCKER_APT_PACKAGES as a legacy fallback
v2026.5.12 feature

Telegram polling resilience and externalized provider plugins

  • Telegram ingress moved to an isolated worker with a durable local spool so polling survives main-loop stalls
  • Externalized Amazon Bedrock, Slack, OpenShell sandbox and Anthropic Vertex so installs only pull what you use
  • Sandbox blocks Windows USERPROFILE home roots so credential-bearing binds (.codex, .openclaw, .ssh) are denied
  • Added acp.fallbacks so ACP turns try backup runtime backends before any output is emitted
  • Control UI/WebChat persisted auto-scroll mode selector (follow streaming, near-bottom, or off)
  • Stale long-poll offsets discarded after Telegram bot token rotation so bots no longer silently skip messages
v2026.5.7 fix

Delivery, cron and channel reliability fixes

  • Cron list/show JSON now includes computed job status for external tooling
  • Agent delivery reports failure when an outbound send returns no adapter result
  • Telegram, Discord and WhatsApp routing and authorization fixes
  • Native commands and Active Memory toggles now require the correct admin scope
  • Plugin install/rollback uses a consistent npm lifecycle shell to avoid broken cleanup

Want the full technical details? Check out the GitHub releases.

View all releases on GitHub →