Changes

• CLI: add completion command (Zsh/Bash/PowerShell/Fish) and auto-setup during postinstall/onboarding.
• CLI: add per-agent models status (--agent filter). (#4780) Thanks @jlowin.
• Agents: add Kimi K2.5 to the synthetic model catalog. (#4407) Thanks @manikv12.
• Auth: switch Kimi Coding to built-in provider; normalize OAuth profile email.
• Auth: add MiniMax OAuth plugin + onboarding option. (#4521) Thanks @Maosghoul.
• Agents: update pi SDK/API usage and dependencies.
• Web UI: refresh sessions after chat commands and improve session display names.
• Build: move TypeScript builds to tsdown + tsgo (faster builds, CI typechecks), update tsconfig target, and clean up lint rules.
• Build: align npm tar override and bin metadata so the openclaw CLI entrypoint is preserved in npm publishes.
• Docs: add pi/pi-dev docs and update OpenClaw branding + install links.

Fixes

• Security: restrict local path extraction in media parser to prevent LFI. (#4880)
• Gateway: prevent token defaults from becoming the literal "undefined". (#4873) Thanks @Hisleren.
• Control UI: fix assets resolution for npm global installs. (#4909) Thanks @YuriNachos.
• macOS: avoid stderr pipe backpressure in gateway discovery. (#3304) Thanks @abhijeet117.
• Telegram: normalize account token lookup for non-normalized IDs. (#5055) Thanks @jasonsschin.
• Telegram: preserve delivery thread fallback and fix threadId handling in delivery context.
• Telegram: fix HTML nesting for overlapping styles/links. (#4578) Thanks @ThanhNguyxn.
• Telegram: accept numeric messageId/chatId in react actions. (#4533) Thanks @Ayush10.
• Telegram: honor per-account proxy dispatcher via undici fetch. (#4456) Thanks @spiceoogway.
• Telegram: scope skill commands to bound agent per bot. (#4360) Thanks @robhparker.
• BlueBubbles: debounce by messageId to preserve attachments in text+image messages. (#4984)
• Routing: prefer requesterOrigin over stale session entries for sub-agent announce delivery. (#4957)
• Extensions: restore embedded extension discovery typings.
• CLI: fix tui:dev port resolution.
• LINE: fix status command TypeError. (#4651)
• OAuth: skip expired-token warnings when refresh tokens are still valid. (#4593)
• Build: skip redundant UI install step in Dockerfile. (#4584) Thanks @obviyus.

View full changelog

Changes

• Rebrand: rename the npm package/CLI to openclaw, add a openclaw compatibility shim, and move extensions to the @openclaw/* scope.
• Onboarding: strengthen security warning copy for beta + access control expectations.
• Onboarding: add Venice API key to non-interactive flow. (#1893) Thanks @jonisjongithub.
• Config: auto-migrate legacy state/config paths and keep config resolution consistent across legacy filenames.
• Gateway: warn on hook tokens via query params; document header auth preference. (#2200) Thanks @YuriNachos.
• Gateway: add dangerous Control UI device auth bypass flag + audit warnings. (#2248)
• Doctor: warn on gateway exposure without auth. (#2016) Thanks @Alex-Alaniz.
• Web UI: keep sub-agent announce replies visible in WebChat. (#1977) Thanks @andrescardonas7.
• Browser: route browser control via gateway/node; remove standalone browser control command and control URL config.
• Browser: route browser.request via node proxies when available; honor proxy timeouts; derive browser ports from gateway.port.
• Browser: fall back to URL matching for extension relay target resolution. (#1999) Thanks @jonit-dev.
• Telegram: allow caption param for media sends. (#1888) Thanks @mguellsegarra.
• Telegram: support plugin sendPayload channelData (media/buttons) and validate plugin commands. (#1917) Thanks @JoshuaLelon.
• Telegram: avoid block replies when streaming is disabled. (#1885) Thanks @ivancasco.
• Telegram: add optional silent send flag (disable notifications). (#2382) Thanks @Suksham-sharma.
• Telegram: support editing sent messages via message(action="edit"). (#2394) Thanks @marcelomar21.
• Telegram: support quote replies for message tool and inbound context. (#2900) Thanks @aduk059.
• Telegram: add sticker receive/send with vision caching. (#2629) Thanks @longjos.
• Telegram: send sticker pixels to vision models. (#2650)
• Telegram: keep topic IDs in restart sentinel notifications. (#1807) Thanks @hsrvc.
• Discord: add configurable privileged gateway intents for presences/members. (#2266) Thanks @kentaro.
• Slack: clear ack reaction after streamed replies. (#2044) Thanks @fancyboi999.
• Matrix: switch plugin SDK to @vector-im/matrix-bot-sdk.
• Tlon: format thread reply IDs as @ud. (#1837) Thanks @wca4a.
• Tools: add per-sender group tool policies and fix precedence. (#1757) Thanks @adam91holt.
• Agents: summarize dropped messages during compaction safeguard pruning. (#2509) Thanks @jogi47.
• Agents: expand cron tool description with full schema docs. (#1988) Thanks @tomascupr.
• Agents: honor tools.exec.safeBins in exec allowlist checks. (#2281)
• Memory Search: allow extra paths for memory indexing (ignores symlinks). (#3600) Thanks @kira-ariaki.
• Skills: add multi-image input support to Nano Banana Pro skill. (#1958) Thanks @tyler6204.
• Skills: add missing dependency metadata for GitHub, Notion, Slack, Discord. (#1995) Thanks @jackheuberger.
• Commands: group /help and /commands output with Telegram paging. (#2504) Thanks @hougangdev.
• Routing: add per-account DM session scope and document multi-account isolation. (#3095) Thanks @jarvis-sam.
• Routing: precompile session key regexes. (#1697) Thanks @Ray0907.
• CLI: use Node's module compile cache for faster startup. (#2808) Thanks @pi0.
• Auth: show copyable Google auth URL after ASCII prompt. (#1787) Thanks @robbyczgw-cla.
• TUI: avoid width overflow when rendering selection lists. (#1686) Thanks @mossein.
• macOS: finish OpenClaw app rename for macOS sources, bundle identifiers, and shared kit paths. (#2844) Thanks @fal3.
• Branding: update launchd labels, mobile bundle IDs, and logging subsystems to bot.molt (legacy bundle ID migrations). Thanks @thewilloftheshadow.
• macOS: limit project-local node_modules/.bin PATH preference to debug builds (reduce PATH hijacking risk).
• macOS: keep custom SSH usernames in remote target. (#2046) Thanks @algal.
• macOS: avoid crash when rendering code blocks by bumping Textual to 0.3.1. (#2033) Thanks @garricn.
• Update: ignore dist/control-ui for dirty checks and restore after ui builds. (#1976) Thanks @Glucksberg.
• Build: bundle A2UI assets during build and stop tracking generated bundles. (#2455) Thanks @0oAstro.
• CI: increase Node heap size for macOS checks. (#1890) Thanks @realZachi.
• Config: apply config.env before ${VAR} substitution. (#1813) Thanks @spanishflu-est1918.
• Gateway: prefer newest session metadata when combining stores. (#1823) Thanks @emanuelst.
• Docs: tighten Fly private deployment steps. (#2289) Thanks @dguido.
• Docs: add migration guide for moving to a new machine. (#2381)
• Docs: add Northflank one-click deployment guide. (#2167) Thanks @AdeboyeDN.
• Docs: add Vercel AI Gateway to providers sidebar. (#1901) Thanks @jerilynzheng.
• Docs: add Render deployment guide. (#1975) Thanks @anurag.
• Docs: add Claude Max API Proxy guide. (#1875) Thanks @atalovesyou.
• Docs: add DigitalOcean deployment guide. (#1870) Thanks @0xJonHoldsCrypto.
• Docs: add Oracle Cloud (OCI) platform guide + cross-links. (#2333) Thanks @hirefrank.
• Docs: add Raspberry Pi install guide. (#1871) Thanks @0xJonHoldsCrypto.
• Docs: add GCP Compute Engine deployment guide. (#1848) Thanks @hougangdev.
• Docs: add LINE channel guide. Thanks @thewilloftheshadow.
• Docs: credit both contributors for Control UI refresh. (#1852) Thanks @EnzeD.
• Docs: keep docs header sticky so navbar stays visible while scrolling. (#2445) Thanks @chenyuan99.
• Docs: update exe.dev install instructions. (#https://github.com/openclaw/openclaw/pull/3047) Thanks @zackerthescar.

Breaking

• BREAKING: Gateway auth mode "none" is removed; gateway now requires token/password (Tailscale Serve identity still allowed).

Fixes

• Telegram: avoid silent empty replies by tracking normalization skips before fallback. (#3796)
• Mentions: honor mentionPatterns even when explicit mentions are present. (#3303) Thanks @HirokiKobayashi-R.
• Discord: restore username directory lookup in target resolution. (#3131) Thanks @bonald.
• Agents: align MiniMax base URL test expectation with default provider config. (#3131) Thanks @bonald.
• Agents: prevent retries on oversized image errors and surface size limits. (#2871) Thanks @Suksham-sharma.
• Agents: inherit provider baseUrl/api for inline models. (#2740) Thanks @lploc94.
• Memory Search: keep auto provider model defaults and only include remote when configured. (#2576) Thanks @papago2355.
• Telegram: include AccountId in native command context for multi-agent routing. (#2942) Thanks @Chloe-VP.
• Telegram: handle video note attachments in media extraction. (#2905) Thanks @mylukin.
• TTS: read OPENAI_TTS_BASE_URL at runtime instead of module load to honor config.env. (#3341) Thanks @hclsys.
• macOS: auto-scroll to bottom when sending a new message while scrolled up. (#2471) Thanks @kennyklee.
• Web UI: auto-expand the chat compose textarea while typing (with sensible max height). (#2950) Thanks @shivamraut101.
• Gateway: prevent crashes on transient network errors (fetch failures, timeouts, DNS). Added fatal error detection to only exit on truly critical errors. Fixes #2895, #2879, #2873. (#2980) Thanks @elliotsecops.
• Agents: guard channel tool listActions to avoid plugin crashes. (#2859) Thanks @mbelinky.
• Discord: stop resolveDiscordTarget from passing directory params into messaging target parsers. Fixes #3167. Thanks @thewilloftheshadow.
• Discord: avoid resolving bare channel names to user DMs when a username matches. Thanks @thewilloftheshadow.
• Discord: fix directory config type import for target resolution. Thanks @thewilloftheshadow.
• Providers: update MiniMax API endpoint and compatibility mode. (#3064) Thanks @hlbbbbbbb.
• Telegram: treat more network errors as recoverable in polling. (#3013) Thanks @ryancontent.
• Discord: resolve usernames to user IDs for outbound messages. (#2649) Thanks @nonggialiang.
• Providers: update Moonshot Kimi model references to kimi-k2.5. (#2762) Thanks @MarvinCui.
• Gateway: suppress AbortError and transient network errors in unhandled rejections. (#2451) Thanks @Glucksberg.
• TTS: keep /tts status replies on text-only commands and avoid duplicate block-stream audio. (#2451) Thanks @Glucksberg.
• Security: pin npm overrides to keep tar@7.5.4 for install toolchains.
• Security: properly test Windows ACL audit for config includes. (#2403) Thanks @dominicnunez.
• CLI: recognize versioned Node executables when parsing argv. (#2490) Thanks @David-Marsh-Photo.
• CLI: avoid prompting for gateway runtime under the spinner. (#2874)
• BlueBubbles: coalesce inbound URL link preview messages. (#1981) Thanks @tyler6204.
• Cron: allow payloads containing "heartbeat" in event filter. (#2219) Thanks @dwfinkelstein.
• CLI: avoid loading config for global help/version while registering plugin commands. (#2212) Thanks @dial481.
• Agents: include memory.md when bootstrapping memory context. (#2318) Thanks @czekaj.
• Agents: release session locks on process termination and cover more signals. (#2483) Thanks @janeexai.
• Agents: skip cooldowned providers during model failover. (#2143) Thanks @YiWang24.
• Telegram: harden polling + retry behavior for transient network errors and Node 22 transport issues. (#2420) Thanks @techboss.
• Telegram: ignore non-forum group message_thread_id while preserving DM thread sessions. (#2731) Thanks @dylanneve1.
• Telegram: wrap reasoning italics per line to avoid raw underscores. (#2181) Thanks @YuriNachos.
• Telegram: centralize API error logging for delivery and bot calls. (#2492) Thanks @altryne.
• Voice Call: enforce Twilio webhook signature verification for ngrok URLs; disable ngrok free tier bypass by default.
• Security: harden Tailscale Serve auth by validating identity via local tailscaled before trusting headers.
• Media: fix text attachment MIME misclassification with CSV/TSV inference and UTF-16 detection; add XML attribute escaping for file output. (#3628) Thanks @frankekn.
• Build: align memory-core peer dependency with lockfile.
• Security: add mDNS discovery mode with minimal default to reduce information disclosure. (#1882) Thanks @orlyjamie.
• Security: harden URL fetches with DNS pinning to reduce rebinding risk. Thanks Chris Zheng.
• Web UI: improve WebChat image paste previews and allow image-only sends. (#1925) Thanks @smartprogrammer93.
• Security: wrap external hook content by default with a per-hook opt-out. (#1827) Thanks @mertcicekci0.
• Gateway: default auth now fail-closed (token/password required; Tailscale Serve identity remains allowed).
• Gateway: treat loopback + non-local Host connections as remote unless trusted proxy headers are present.
• Onboarding: remove unsupported gateway auth "off" choice from onboarding/configure flows and CLI flags.

View full changelog

Fixes

• Packaging: include dist/shared output in npm tarball (fixes missing reasoning-tags import on install).

View full changelog