chore(deps): update dependency openclaw to v2026.6.8

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
openclaw	2026.6.1 → 2026.6.8

---

Release Notes

openclaw/openclaw (openclaw)

v2026.6.8

Compare Source

Highlights

• Telegram and WhatsApp channel delivery are richer and less brittle: Telegram can send structured rich text with tables, lists, expandable blockquotes, preserved intentional line breaks, prompt-preserving CLI backend delivery, retired native draft migration, and safer rich-media boundaries, while WhatsApp now honors configured ACP bindings. (#​92679, #​93164, #​84082, #​89421, #​92513) Thanks @​obviyus, @​jzakirov, @​spacegeologist, and @​TurboTheTurtle.
• Agent and Gateway recovery is sharper across account-scoped DM sends, generated media completions, auto-reply message-tool final replies, reset archive fallback reads, restart shutdown aborts, yielded subagent pauses, trusted subagent thinking override fallback, yielded cron media, heartbeat dedupe, session identity prompts, and unknown OpenAI agent selector rejection. (#​92788, #​91246, #​92879, #​91357, #​92631, #​92412, #​92146, #​91287, #​92468, #​92510) Thanks @​yetval, @​TurboTheTurtle, @​masatohoshino, @​CadanHu, @​ooiuuii, @​openperf, @​IWhatsskill, @​ZengWen-DT, and @​zhangguiping-xydt.
• Provider/model handling expands and tightens with GLM-5.2, Claude Haiku 4.5 catalog rows, OpenRouter and Google Vertex provider-prefix normalization, managed SecretRef auth, OAuth image-default routing through Codex, bounded model browse discovery, LM Studio binary thinking-off delivery, storeless OpenAI Responses replay gating, invalid OpenAI reasoning-signature and genericized Anthropic thinking-signature recovery, Claude 4.5 Copilot tool-streaming safety, and OpenAI/Anthropic-family payload quarantine for unreadable or post-hook tool schemas. (#​92796, #​90116, #​92627, #​91218, #​90686, #​92824, #​92247, #​92002, #​90706, #​92941, #​92201, #​92916, #​75393, #​92908, #​92921, #​92928) Thanks @​arkyu2077, @​liuhao1024, @​bymle, @​rohitjavvadi, @​nxmxbbd, @​bek91, @​samson910022, @​mmyzwl, @​CarlCapital, @​snowzlm, @​Kailigithub, and @​vincentkoc.
• /usage and reply payload hooks now have a native full footer renderer, default template, fixed-decimal formatting, credential-aware limits, better partial-count handling, and warnings for broken templates instead of silent bad output. (#​92657, #​89835, #​89629) Thanks @​Marvinthebored.
• UI and mobile flows are steadier: workspace files can collapse and start collapsed, WebChat backscroll survives streaming, the sidebar session picker remains interactive above the desktop workbench, reset soft args survive UI dispatch, stale dashboard session parent lineage is preserved, and iOS reconnects stale foreground gateways. (#​92779, #​92622, #​92705, #​91353, #​90658, #​92552) Thanks @​shakkernerd, @​TurboTheTurtle, @​NianJiuZst, @​zhouhe-xydt, @​luoyanglang, and @​Solvely-Colin.
• Memory, state, and diagnostics recover cleaner: oversized OpenAI embedding batches split before 431s, QMD memory search stays available in transient mode, SQLite avoids WAL on NFS state volumes, stuck-session recovery scheduling no longer resets warning backoff, full memory reindexes preserve rollback/cache recovery, raw Memory Wiki source pages stop looking malformed, and Infinity chunk limits stay genuinely unbounded. (#​92650, #​92618, #​92639, #​91247, #​92752, #​92881, #​59137, #​92876, #​69700, #​92735) Thanks @​mushuiyu886, @​TurboTheTurtle, @​849261680, @​gnanam1990, @​TSHOGX, @​arlen8411, and @​yhterrance.

Changes

• Providers/models: add GLM-5.2 support and Claude Haiku 4.5 catalog entries while keeping provider-qualified model IDs normalized across OpenRouter and Google Vertex paths. (#​92796, #​90116, #​92627, #​91218) Thanks @​arkyu2077, @​liuhao1024, and @​bymle.
• Web search: keep key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search as explicit opt-ins instead of selecting them automatically when no API-backed provider is configured. (#​93616) Thanks @​davemorin and @​vincentkoc.
• Channel plugins: ship Telegram rich-message delivery and WhatsApp ACP binding support, including preserved intentional line breaks, rich prompt handoff to CLI backends, and transport fixtures for richer drafts. (#​92679, #​93164, #​92513) Thanks @​obviyus and @​TurboTheTurtle.
• Agent commands: support /btw in CLI-backed sessions and keep CLI usage-error exits classified as usage failures instead of successful runs. (#​92669, #​92162) Thanks @​joshavant and @​Pandah97.
• Usage hooks: add built-in full footer rendering, default footer templates, per-turn usage state, credential-aware limits, and fixed-decimal formatting for usage-bar templates. (#​92657, #​89835, #​89629) Thanks @​Marvinthebored.
• Docs and operator guidance: document node config examples, clarify before-install hook scope, correct agent default concurrency comments, refresh ZAI provider docs, and update channel/group docs for current Telegram and WhatsApp behavior. (#​92677, #​92766, #​92695) Thanks @​liuhao1024, @​sallyom, and @​ArielSmoliar.

Fixes

• Channels and delivery: preserve account-scoped DM channel send policy, intentional rich-message line breaks in Telegram and status output, rich Telegram final replies, rich Telegram tables and lists, Telegram thread-create CLI remapping, Feishu dynamic-agent routes after persisted binding reuse, Slack outbound message_sent hooks, contributed message-tool schema optionality, same-channel generated media completions, and channel chunking around surrogate pairs and Infinity limits. (#​92788, #​93164, #​92679, #​89421, #​89943, #​42837, #​92814, #​91137, #​91246, #​92735) Thanks @​yetval, @​obviyus, @​spacegeologist, @​rishitamrakar, @​liuhao1024, @​lundog, @​TurboTheTurtle, and @​yhterrance.
• Gemini CLI: use the selected OpenClaw OAuth/API-key auth profile in an isolated Gemini CLI runtime home, preventing ambient Google machine credentials from overriding the chosen profile. (#​88748) Thanks @​jason-allen-oneal and @​shakkernerd.
• Feishu: fetch quoted/replied message content before the empty-message guard so a mention-only reply that quotes a message with meaningful content is no longer dropped. (#​90192) Thanks @​bladin.
• Discord: give generated auto-thread titles a 60-second timeout and 4,096-token reasoning-model output budget, clamped to the selected model output cap. (#​64734) Thanks @​hanamizuki.
• Agent, cron, and Gateway runtime: mark active main sessions before restart shutdown aborts, pause yielded subagent runs whose terminal also signals abort, clamp trusted subagent thinking overrides through provider/model fallback, preserve yielded media completions, deliver channel message-tool final replies through auto-reply while hiding internal delivery hints, restore reset archive fallback reads when active async transcripts are missing, de-duplicate main-session heartbeat events, expose session identity in runtime prompts, reject unknown OpenAI agent selectors, keep generated media completions, slash-command block replies, and trajectory export commands in WebChat, and require admin privileges for HTTP session/model override surfaces. (#​91357, #​92631, #​92412, #​92146, #​92879, #​91287, #​92468, #​92510, #​91246, #​92651, #​92646) Thanks @​ooiuuii, @​openperf, @​IWhatsskill, @​masatohoshino, @​CadanHu, @​ZengWen-DT, @​zhangguiping-xydt, and @​TurboTheTurtle.
• Providers and model replay: preserve storeless OpenAI Responses replay compatibility, recover invalid OpenAI reasoning signatures and genericized Anthropic thinking-signature replay errors, route OAuth image defaults through Codex for eligible OpenAI profiles, avoid eager tool streaming for Claude 4.5 in Copilot, quarantine unreadable and post-hook OpenAI/Anthropic-family tool schemas without broadening allowed tool choices, deliver explicit thinking-off requests to LM Studio binary-thinking models, honor profile auth for SecretRef model entries, bound model browsing, strip provider prefixes where runtimes need bare IDs, and surface nested embedding fetch failures. (#​90706, #​92941, #​92201, #​92916, #​92824, #​75393, #​92908, #​92921, #​92928, #​92002, #​90686, #​92247, #​92627, #​91218, #​92628) Thanks @​snowzlm, @​mmyzwl, @​CarlCapital, @​bek91, @​Kailigithub, @​vincentkoc, @​rohitjavvadi, @​samson910022, @​nxmxbbd, @​liuhao1024, @​bymle, and @​mushuiyu886.
• Memory, state, diagnostics, and config: split header-too-large embedding batches, keep QMD memory search enabled in transient mode, avoid SQLite WAL on NFS volumes, preserve recovery scheduling outside stuck-session warning backoff, preserve full-reindex rollback/cache recovery, treat raw Memory Wiki source pages as source evidence, and keep shell environment fallbacks contained in config write tests. (#​92650, #​92618, #​92639, #​91247, #​92752, #​92881, #​59137, #​92876, #​69700) Thanks @​mushuiyu886, @​TurboTheTurtle, @​849261680, @​gnanam1990, @​TSHOGX, and @​arlen8411.
• UI/mobile/TUI: preserve dashboard session parent lineage, WebChat backscroll, reset soft command args, sidebar session picker interactivity, collapsed workspace files, resolved /model confirmation refs, stale foreground iOS Gateway reconnects, and paused setup-parent stdin after inherited-stdio child exit. (#​90658, #​92622, #​91353, #​92705, #​92779, #​92773, #​92552, #​93159) Thanks @​luoyanglang, @​TurboTheTurtle, @​zhouhe-xydt, @​NianJiuZst, @​shakkernerd, @​NarahariRaghava, @​Solvely-Colin, and @​fuller-stack-dev.
• Plugins and updates: repair missing required platform packages during managed plugin installs and updates, including omitted Codex platform binaries.
• Dependencies: update Hono to 4.12.25 so published OpenClaw and ACPX packages use the patched runtime.
• Release and test reliability: extend slow Gateway/full-suite watchdogs, split local full-suite shards when throttled, stabilize plugin auth marker fixtures, avoid brittle provider-ref error text, fold Telegram RTT sampling into live QA evidence, simplify QA scorecard mappings around canonical coverage IDs, keep QA Lab bootstrap selection assertions aligned with flow-only scenarios, skip QA coverage artifact consumers when runtime parity producer status is not green, keep Feishu lifecycle release checks pointed at the active fixture config, isolate trajectory-export live seed turns from Codex-native shell approvals, preserve release-check child refs while pinning expected SHAs, widen live OpenAI TTS budgets for slower provider responses, and avoid false downgrade prompts for unresolved latest-tag updates. (#​92652, #​92550, #​92558, #​92911) Thanks @​RomneyDa and @​Andy312432.

Complete contribution ledger

This audited record covers the complete v2026.6.6..v2026.6.8 history: 167 PRs and 67 linked issues. The grouped notes above prioritize user impact; this ledger preserves every contribution reference and eligible human credit.

Pull requests

• fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json (#​92144). Thanks @​liuhao1024.
• fix(channel): harden local setup trust (#​92175). Thanks @​hxy91819.
• fix: handle explicit silent assistant replies (#​92073). Thanks @​sallyom.
• fix(docker): bundle QA Lab runtime in the image (#​92087). Thanks @​jesse-merhi.
• fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads (#​92387). Thanks @​openperf and @​Takhoffman.
• Fix doctor preview channel SecretRef resolution (#​92229). Thanks @​joshavant.
• Fix disabled heartbeat one-shot cron retries (#​92225). Thanks @​joshavant.
• Fix configured DeepSeek model transport inheritance (#​92265). Thanks @​joshavant.
• Fail closed for CLI-backed /btw fallback (#​92226). Thanks @​joshavant.
• Fix suppressed heartbeat commitment delivery (#​92231). Thanks @​joshavant.
• fix(agents): classify structured unsupported model errors (#​92280). Thanks @​joshavant.
• Fix OTLP log trace correlation (#​92276). Thanks @​joshavant.
• fix(update): hand off Linux service auto-updates (#​92282). Thanks @​joshavant.
• fix: resolve managed SecretRef provider auth (#​92235). Thanks @​joshavant.
• Fix provider static model fallback resolution (#​92293). Thanks @​joshavant.
• fix(agent): continue after source message tool replies (#​92343). Thanks @​joshavant.
• fix(codex): preserve memory prompt registration (#​92350). Thanks @​rubencu.
• fix: clarify gateway SecretRef auth diagnostics (#​92290). Thanks @​joshavant.
• fix: repair rejected Anthropic thinking replay (#​92286). Thanks @​joshavant.
• Fix Telegram spooled buffered replay (#​92281). Thanks @​joshavant.
• fix(outbound): honor top-level image param as send media source (issue 92407) (#​92416). Thanks @​xydigit-sj.
• fix(sandbox): render CLI skill prompts from materialized paths (#​92508). Thanks @​brokemac79.
• chore: fix esbuild production audit failure (#​92540). Thanks @​RomneyDa.
• Add QA evidence artifact output (#​91484). Thanks @​RomneyDa.
• Add QA scorecard taxonomy validation (#​91500). Thanks @​RomneyDa.
• feat(moonshot): add Kimi K2.7 Code support (#​92554).
• fix(moonshot): backfill reasoning_content on assistant tool-call replay messages (#​92396). Thanks @​xialonglee.
• Fix lifecycle timeout cleanup after leader exit (#​92566). Thanks @​RomneyDa.
• Expose paged channel action results (#​88993). Thanks @​fuller-stack-dev.
• fix(fireworks): resolve catalog model params from plugin.json via core (#​90326). Thanks @​obuchowski.
• fix(doctor): warn for untrusted external Discord plugin (#​86629). Thanks @​brokemac79.
• fix(providers): skip unreadable Mistral tool schemas (#​90242). Thanks @​vincentkoc.
• fix(reply): mirror same-channel Slack final replies (#​92498). Thanks @​TurboTheTurtle.
• fix(channels): default boundary logger for swallowed progress-draft start errors (#​92083). Thanks @​hansraj316.
• fix(channels): make timer-fired progress-draft start errors observable (#​92031). Thanks @​hansraj316.
• fix(agents): isolate invalid plugin model catalogs [AI-assisted] (#​92564). Thanks @​tangtaizong666.
• docs: UX-013 — design system documentation (#​89827). Thanks @​BunsDev.
• feat(ui): hide empty workboard columns (#​89615). Thanks @​BunsDev.
• fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes (#​89822). Thanks @​BunsDev.
• fix issue 92218: memory_search tool disabled with QMD backend (#​92618). Thanks @​mushuiyu886.
• docs(gateway): add uptime monitoring guidance to health check docs (fixes issue 55768) (#​92608). Thanks @​liuhao1024.
• fix(docs): pin Windows Hub download links to v2026.6.5 (#​92605). Thanks @​lzyyzznl.
• issue 92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters (#​92593). Thanks @​zhangqueping.
• Run Vitest and Playwright scenarios from qa suite (#​92606). Thanks @​RomneyDa.
• feat(hooks): per-turn usageState on reply_payload_sending (#​89629). Thanks @​Marvinthebored.
• feat(usage): native templated /usage full footer renderer (#​89835). Thanks @​Marvinthebored.
• fix(models): bound /models and models list catalog loading (#​92247). Thanks @​samson910022.
• fix(gateway): honor profile auth for SecretRef model entries (#​90686). Thanks @​rohitjavvadi.
• fix: require admin for HTTP session kills (#​92651). Thanks @​steipete-oai.
• test(models): stabilize plugin auth marker fixtures (#​92652).
• fix(slack): warn when channels map is keyed by name instead of channel ID (#​89438). Thanks @​Alix-007.
• fix(agents): pause yielded subagent runs whose terminal also signals abort (#​92631). Thanks @​openperf.
• fix(ui): preserve WebChat backscroll during streaming (#​92622). Thanks @​TurboTheTurtle.
• fix(openrouter): strip openrouter/ prefix from model ID in normalizeResolvedModel hook (fixes issue 92611) (#​92627). Thanks @​liuhao1024.
• fix(cron): preserve yielded media completions (#​92146). Thanks @​IWhatsskill.
• fix: add Claude Haiku 4.5 static catalog entries (#​90116). Thanks @​arkyu2077.
• fix(channels): keep contributed message-tool schema properties optional (#​91137). Thanks @​lundog.
• fix(copilot): disable eager tool streaming for Claude 4.5 (#​75393). Thanks @​Kailigithub.
• fix issue 73713: surface nested embedding fetch failures (#​92628). Thanks @​mushuiyu886.
• fix(slack): emit message_sent hook on outbound delivery (mirror Telegram) (#​89943). Thanks @​rishitamrakar.
• fix(docs): finalize i18n postprocess before skip (#​92668). Thanks @​hxy91819.
• fix: split image setup and request timeout semantics (#​92673). Thanks @​hxy91819.
• fix(memory): keep memory_search in transient qmd mode (#​92639). Thanks @​TurboTheTurtle and @​Takhoffman.
• fix(ui): restore sidebar session picker interactivity above desktop workbench (#​92705). Thanks @​NianJiuZst.
• feat: support /btw in CLI-backed sessions (#​92669). Thanks @​joshavant.
• fix(gateway): mark active main sessions before restart shutdown aborts (#​91357). Thanks @​ooiuuii.
• fix(ios): force stale foreground gateway reconnects (#​92552). Thanks @​Solvely-Colin.
• fix(diagnostics): keep recovery scheduling out of the stuck-session warning backoff (#​92752). Thanks @​gnanam1990 and @​Takhoffman.
• clarify before_install hook scope (#​92766). Thanks @​sallyom.
• Honor WhatsApp configured ACP bindings (#​92513). Thanks @​TurboTheTurtle and @​mcaxtr.
• feat(providers): add GLM-5.2 support (#​92796).
• fix(heartbeat): route outbound mirror to isolated session key (#​92807). Thanks @​agent-merkava.
• fix(memory): explain skipped short-term recall hits (#​92745). Thanks @​mushuiyu886.
• fix(gateway): forward image-only input on /v1/responses (parity with chat completions) (#​92488). Thanks @​s554097550.
• fix(status): avoid cumulative usage for context percent (#​92604). Thanks @​ashishpatel26.
• fix(nodes): surface pending reapproval diagnostics (#​92547). Thanks @​fuller-stack-dev.
• fix(doctor): avoid false-positive legacy cron store warning when store was already migrated (fixes issue 92683) (#​92690). Thanks @​liuhao1024.
• fix(telegram): skip IPv4 fallback when user explicitly configures non-ipv4first dnsResultOrder (fixes issue 41671) (#​92806). Thanks @​liuhao1024 and @​vincentkoc.
• fix(macos): defer isOverflowing mutation to break SwiftUI render loop (fixes issue 43480) (#​92778). Thanks @​liuhao1024 and @​vincentkoc.
• fix(gateway): use resolveNonNegativeNumber for totalTokens to display 0 instead of ? (fixes issue 43009) (#​92795). Thanks @​liuhao1024 and @​vincentkoc.
• fix(gateway): preserve active runs during plugin finalization (#​92746). Thanks @​scotthuang and @​vincentkoc.
• UI: localize Logs tab labels (#​92820). Thanks @​rubensfox20.
• UI: localize logs hardcoded labels (#​61080). Thanks @​rubensfox20.
• fix(telegram): preserve command callbacks while prefixing generic callback data (#​92825). Thanks @​hnshah.
• fix(telegram): add 'callback_data:' prefix to inline button callbacks (#​54962). Thanks @​hnshah.
• fix(copilot): drop thinking blocks from replay (#​87060). Thanks @​giodl73-repo.
• fix(github-copilot): strip thinking blocks from latest assistant turn (issue 81520) (#​81534). Thanks @​SymbolStar.
• feat(browser): extend --labels overlay to full-page and element captures (#​92834). Thanks @​hxy91819.
• fix issue 92039: [Bug]: WhatsApp login reports success before auth is durably persisted, so Docker rebuilds/upgrades can force relink (#​92095). Thanks @​zhangguiping-xydt.
• fix(stale): exempt ClawSweeper actionable labels from stale lifecycle (fixes issue 89564) (#​92801). Thanks @​liuhao1024.
• fix(status): render sub-1000 token counts as plain integers (#​89736). Thanks @​jbetala7 and @​vincentkoc.
• fix(agents): catch malformed image blocks in sanitizeContentBlocksImages (#​92792). Thanks @​LowCode191 and @​vincentkoc.
• ci: gate stable releases on Windows companion assets (#​92555). Thanks @​fuller-stack-dev.
• fix(agents): add usage guidance to sessions_spawn tool description (fixes issue 91814) (#​91824). Thanks @​zenglingbiao.
• fix(qqbot): surface failed media sends (#​92823). Thanks @​zhangguiping-xydt.
• Fix diagnostics OTEL runtime install trust (#​92045). Thanks @​efpiva.
• fix(update): continue after package doctor warnings (#​91586). Thanks @​fuller-stack-dev.
• fix(feishu): target typing reaction on inbound (#​67783). Thanks @​huiwen01.
• fix(feishu): preserve root_id thread routing without thread_id forcing (#​73958). Thanks @​huiwen01.
• fix(lobster): surface workflow path errors (#​68106). Thanks @​vvitovec.
• fix(openai): preserve opaque reasoning transcript fields (#​90682). Thanks @​toruvieI.
• fix(anthropic): strip thinking blocks from history when thinking is disabled (fixes issue 92360) (#​92373). Thanks @​liuhao1024.
• fix(anthropic): merge consecutive assistant turns in turn validation (#​87346). Thanks @​Jefsky.
• fix(anthropic): quarantine invalid direct tool schemas (#​92896).
• fix(anthropic): quarantine invalid projected tools (#​89418). Thanks @​vincentkoc.
• fix(agents): guard Anthropic tool descriptors (#​89221). Thanks @​vincentkoc.
• fix(agents): guard Anthropic tool schema conversion (#​90228). Thanks @​vincentkoc.
• fix(agents): skip unreadable Anthropic tool schemas (#​89622). Thanks @​vincentkoc.
• fix(llm): guard Anthropic provider tool descriptors (#​89229). Thanks @​vincentkoc.
• fix(providers): skip unreadable Anthropic tool schemas (#​90278). Thanks @​vincentkoc.
• fix(active-memory): preserve verbose recall summaries (#​90739). Thanks @​brokemac79.
• Simplify QA scorecard mapping shape (#​92558). Thanks @​RomneyDa.
• fix(memory-wiki): stop flagging raw source pages as malformed (#​92876). Thanks @​vincentkoc.
• fix(providers): quarantine unreadable Anthropic payload tools (#​92908).
• fix(memory): preserve reindex rollback recovery (#​92881). Thanks @​TSHOGX and @​vincentkoc.
• fix(openai): quarantine unreadable tool schemas (#​92921).
• fix(openai): quarantine unreadable projected tools (#​89413). Thanks @​vincentkoc.
• fix(agents): materialize OpenAI tool schemas (#​89013). Thanks @​vincentkoc.
• fix(agents): guard OpenAI transport tool descriptors (#​89016). Thanks @​vincentkoc.
• fix(agents): guard OpenAI tool schema conversion (#​89378). Thanks @​vincentkoc.
• fix(agents): harden OpenAI strict schema inspection (#​89543). Thanks @​vincentkoc.
• fix(agents): guard OpenAI strict tool diagnostics (#​90200). Thanks @​vincentkoc.
• fix(providers): skip unreadable OpenAI completion tool schemas (#​90283). Thanks @​vincentkoc.
• fix(providers): skip unreadable OpenAI responses tool schemas (#​90286). Thanks @​vincentkoc.
• fix(openai): skip unreadable responses tool schemas (#​90397). Thanks @​vincentkoc.
• Fold Telegram RTT sampling into live QA evidence (#​92550). Thanks @​RomneyDa.
• fix(media): route OAuth image defaults through Codex (#​92824). Thanks @​bek91.
• fix(cli): avoid false downgrade prompt for latest tag (#​92911). Thanks @​Andy312432 and @​vincentkoc.
• fix(openai): guard post-hook tool payloads (#​92928).
• fix(openai): guard responses tool payload names (#​89703). Thanks @​vincentkoc.
• fix(sessions): fall back to reset archive for missing async transcripts (#​92879). Thanks @​masatohoshino and @​CadanHu and @​vincentkoc.
• fix(feishu): re-resolve route when dynamic agent binding already exists in runtime config (fixes issue 42837) (#​92814). Thanks @​liuhao1024 and @​vincentkoc.
• fix(openai): omit gpt-5.5 tool reasoning effort (#​90574). Thanks @​BSG2000.
• fix(openai): recover invalid reasoning signatures (#​92941).
• fix(lmstudio): deliver thinking "off" to binary-thinking models (#​92002). Thanks @​nxmxbbd.
• issue 92201: Embedded runner: freshly streamed thinking signatures intermittently invalid on replay (Anthropic); recovery wrapper never fires because error text is genericized (#​92916). Thanks @​mmyzwl.
• fix(agents): do not misclassify client-disconnect abort as run timeout (#​90936). Thanks @​openperf.
• fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes issue 92973) (#​93009). Thanks @​zenglingbiao.
• fix(cron): require explicit message target proof (#​92318). Thanks @​hxy91819.
• fix(gateway): repair usage cost aggregation across agents (#​93022). Thanks @​luke-skywalker-open-claw and @​stablegenius49.
• fix(tui): keep parent stdin paused after exit (#​93159). Thanks @​fuller-stack-dev.
• Keep key-free web search providers opt-in (#​93616). Thanks @​davemorin and @​vincentkoc.
• feat(telegram): send rich message text (#​92679). Thanks @​obviyus.
• fix(telegram): preserve rich markdown line breaks (#​93164). Thanks @​vincentkoc.
• fix(telegram): allow expandable blockquotes (#​84082). Thanks @​jzakirov.
• fix(telegram): expose thread create CLI remap (#​89421). Thanks @​spacegeologist.
• fix(sessions): derive channel from account-scoped DM session keys in send-policy (#​92788). Thanks @​yetval.
• Fix webchat media completion handoff (#​91246). Thanks @​TurboTheTurtle.
• fix(cron): de-duplicate main-session systemEvent in heartbeat model input (#​91287). Thanks @​ZengWen-DT.
• fix issue 92453: add session identity to runtime prompt (#​92468). Thanks @​zhangguiping-xydt.
• fix(gateway): reject unknown OpenAI agent selectors ([#​92510](https://redirect.github.com/openclaw/openclaw/issues/9

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ COPYPASTE	jscpd	yes		no	no	1.82s
✅ EDITORCONFIG	editorconfig-checker	1		0	0	0.22s
✅ JSON	jsonlint	1		0	0	0.4s
✅ JSON	npm-package-json-lint	yes		no	no	0.33s
✅ JSON	v8r	1		0	0	6.89s
✅ REPOSITORY	git_diff	yes		no	no	0.22s
✅ REPOSITORY	secretlint	yes		no	no	0.72s
✅ REPOSITORY	syft	yes		no	no	3.66s
✅ REPOSITORY	trivy	yes		no	no	8.7s
✅ REPOSITORY	trivy-sbom	yes		no	no	1.22s
✅ REPOSITORY	trufflehog	yes		no	no	23.06s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff