…@AustinEral)

openclaw#29479)

Merged via squash.

Prepared head SHA: 1416c58
Co-authored-by: akramcodez <[email protected]>
Co-authored-by: gumadeiras <[email protected]>
Reviewed-by: @gumadeiras

…l cases

… helper

@tempeste)

Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: ac41386
Co-authored-by: nico-hoff <[email protected]>
Co-authored-by: gumadeiras <[email protected]>
Reviewed-by: @gumadeiras

…aw#32379) (thanks @romeodiaz)

… loop

When a Slack bot is removed from a workspace while still configured in
OpenClaw, the gateway enters an infinite retry loop on account_inactive
or invalid_auth errors, making the entire gateway unresponsive.

Add isNonRecoverableSlackAuthError() to detect permanent credential
failures (account_inactive, invalid_auth, token_revoked, etc.) and
throw immediately instead of retrying.  This mirrors how the Telegram
provider already distinguishes recoverable network errors from fatal
auth errors via isRecoverableTelegramNetworkError().

The check is applied in both the startup catch block and the disconnect
reconnect path so stale credentials always fail fast with a clear error
message.

Closes openclaw#32366

Co-Authored-By: Claude Opus 4.6 <[email protected]>

…(thanks @scoootscooob)

…me paths

Surface a clear Node 22.12+ requirement before npm/install bootstrap work so users avoid misleading downstream errors.

- Add installer shell preflight to block active Node <22 and suggest NVM recovery commands
- Add openclaw.mjs runtime preflight for npm/npx usage with explicit Node version guidance
- Keep messaging actionable for both NVM and non-NVM environments

…utput

Tighten installer/runtime consistency so users on Node 22.0-22.11 are blocked before install/runtime drift, with cleaner CLI guidance.

- Enforce Node >=22.12 in scripts/install.sh preflight checks
- Align installer messages to the same 22.12+ runtime floor
- Replace openclaw.mjs thrown version error with stderr+exit to avoid noisy stack traces

…aw#32356) (thanks @jasonhargrove)

The parent `.chat-text` applies `overflow-wrap: anywhere; word-break: break-word;`
which forces long tokens (UUIDs, hashes) inside inline `<code>` to break across
visual lines. When copied, the browser injects spaces at those break points,
corrupting the pasted value.

Override with `overflow-wrap: normal; word-break: keep-all;` on inline `<code>`
selectors so tokens stay intact.

Fixes openclaw#32230

Signed-off-by: HCL <[email protected]>

…hanks @hclsys)

…xt after upstream throw (fixes openclaw#32333)

… feedback)

…law#32383) (thanks @polooooo)

…nclaw#29713)

Merged via squash.

Prepared head SHA: db23298
Co-authored-by: liquidhorizon88-bot <[email protected]>
Co-authored-by: grp06 <[email protected]>
Reviewed-by: @grp06

…ers (openclaw#30186)

Merged via squash.

Prepared head SHA: 0dac892
Co-authored-by: habakan <[email protected]>
Co-authored-by: grp06 <[email protected]>
Reviewed-by: @grp06

…imports (openclaw#28620)

Merged via squash.

Prepared head SHA: 8bd7d6c
Co-authored-by: hmemcpy <[email protected]>
Co-authored-by: gumadeiras <[email protected]>
Reviewed-by: @gumadeiras

…#33690)

Merged via squash.

Prepared head SHA: 38b3c23
Co-authored-by: gumadeiras <[email protected]>
Co-authored-by: gumadeiras <[email protected]>
Reviewed-by: @gumadeiras

…ver (openclaw#30903)

Merged via squash.

Prepared head SHA: d3d0a18
Co-authored-by: LiaoyuanNing <[email protected]>
Co-authored-by: joshavant <[email protected]>
Reviewed-by: @joshavant

…law#30894) (openclaw#32706)

Merged via squash.

Prepared head SHA: 1714ffe
Co-authored-by: xiwan <[email protected]>
Co-authored-by: gumadeiras <[email protected]>
Reviewed-by: @gumadeiras

…tial semantics (openclaw#33733)

Merged via squash.

Prepared head SHA: c290c2a
Co-authored-by: joshavant <[email protected]>
Co-authored-by: joshavant <[email protected]>
Reviewed-by: @joshavant

…nks @ngutman)

…ckpressure

Synthesize runtime state transition fixes for compaction tool-use integrity and long-running handler backpressure.

Sources: openclaw#33630, openclaw#33583

Co-authored-by: Kevin Shenghui <[email protected]>
Co-authored-by: Theo Tarr <[email protected]>

…dia adapters

Restore deterministic mediaLocalRoots propagation through extension sendMedia adapters and add coverage for local/remote media handling in Google Chat.

Synthesis of openclaw#33581, openclaw#33545, openclaw#33540, openclaw#33536, openclaw#33528.

Co-authored-by: bmendonca3 <[email protected]>

… probes (openclaw#33831)

* fix(gateway): correct launchctl command sequence for gateway restart (closes openclaw#20030)

* fix(restart): expand HOME and escape label in launchctl plist path

* fix(restart): poll port free after SIGKILL to prevent EADDRINUSE restart loop

When cleanStaleGatewayProcessesSync() kills a stale gateway process,
the kernel may not immediately release the TCP port. Previously the
function returned after a fixed 500ms sleep (300ms SIGTERM + 200ms
SIGKILL), allowing triggerOpenClawRestart() to hand off to systemd
before the port was actually free. The new systemd process then raced
the dying socket for port 18789, hit EADDRINUSE, and exited with
status 1, causing systemd to retry indefinitely — the zombie restart
loop reported in openclaw#33103.

Fix: add waitForPortFreeSync() that polls lsof at 50ms intervals for
up to 2 seconds after SIGKILL. cleanStaleGatewayProcessesSync() now
blocks until the port is confirmed free (or the budget expires with a
warning) before returning. The increased SIGTERM/SIGKILL wait budgets
(600ms / 400ms) also give slow processes more time to exit cleanly.

Fixes openclaw#33103
Related: openclaw#28134

* fix: add EADDRINUSE retry and TIME_WAIT port-bind checks for gateway startup

* fix(ports): treat EADDRNOTAVAIL as non-retryable and fix flaky test

* fix(gateway): hot-reload agents.defaults.models allowlist changes

The reload plan had a rule for `agents.defaults.model` (singular) but
not `agents.defaults.models` (plural — the allowlist array).  Because
`agents.defaults.models` does not prefix-match `agents.defaults.model.`,
it fell through to the catch-all `agents` tail rule (kind=none), so
allowlist edits in openclaw.json were silently ignored at runtime.

Add a dedicated reload rule so changes to the models allowlist trigger
a heartbeat restart, which re-reads the config and serves the updated
list to clients.

Fixes openclaw#33600

Co-authored-by: HCL <[email protected]>
Signed-off-by: HCL <[email protected]>

* test(restart): 100% branch coverage — audit round 2

Audit findings fixed:
- remove dead guard: terminateStaleProcessesSync pids.length===0 check was
  unreachable (only caller cleanStaleGatewayProcessesSync already guards)
- expose __testing.callSleepSyncRaw so sleepSync's real Atomics.wait path
  can be unit-tested directly without going through the override
- fix broken sleepSync Atomics.wait test: previous test set override=null
  but cleanStaleGatewayProcessesSync returned before calling sleepSync —
  replaced with direct callSleepSyncRaw calls that actually exercise L36/L42-47
- fix pid collision: two tests used process.pid+304 (EPERM + dead-at-SIGTERM);
  EPERM test changed to process.pid+305
- fix misindented tests: 'deduplicates pids' and 'lsof status 1 container
  edge case' were outside their intended describe blocks; moved to correct
  scopes (findGatewayPidsOnPortSync and pollPortOnce respectively)
- add missing branch tests:
  - status 1 + non-empty stdout with zero openclaw pids → free:true (L145)
  - mid-loop non-openclaw cmd in &&-chain (L67)
  - consecutive p-lines without c-line between them (L67)
  - invalid PID in p-line (p0 / pNaN) — ternary false branch (L67)
  - unknown lsof output line (else-if false branch L69)

Coverage: 100% stmts / 100% branch / 100% funcs / 100% lines (36 tests)

* test(restart): fix stale-pid test typing for tsgo

* fix(gateway): address lifecycle review findings

* test(update): make restart-helper path assertions windows-safe

---------

Signed-off-by: HCL <[email protected]>
Co-authored-by: Glucksberg <[email protected]>
Co-authored-by: Efe Büken <[email protected]>
Co-authored-by: Riccardo Marino <[email protected]>
Co-authored-by: HCL <[email protected]>

…sion (openclaw#33786)

* Routing: unify session delivery invariants

* Routing: address PR review feedback

* Routing: tighten topic and session-scope suppression

* fix(chat): inherit routes for per-account channel-peer sessions

…sted]

This feature allows different topics within a Telegram forum supergroup to route
to different agents, each with isolated workspace, memory, and sessions.

Key changes:
- Add agentId field to TelegramTopicConfig type for per-topic routing
- Add zod validation for agentId in topic config schema
- Implement routing logic to re-derive session key with topic's agent
- Add debug logging for topic agent overrides
- Add unit tests for routing behavior (forum topics + DM topics)
- Add config validation tests
- Document feature in docs/channels/telegram.md

This builds on the approach from PR openclaw#31513 by @Sid-Qin with additional fixes
for security (preserved account fail-closed guard) and test coverage.

Closes openclaw#31473

- Export pickFirstExistingAgentId and use it to validate topic agentId
- Properly update mainSessionKey when overriding route agent
- Fix docs example showing incorrect session key for topic 3

Fixes issue where non-existent agentId would create orphaned sessions.
Fixes issue where DM topic replies would route to wrong agent.

…) (thanks @kesor)

…eys (openclaw#33919) thanks @Takhoffman

Verified:
- pnpm build
- pnpm check
- pnpm test src/gateway/server-methods/chat.directive-tags.test.ts
- pnpm test:macmini

Co-authored-by: Takhoffman <[email protected]>
Co-authored-by: Tak Hoffman <[email protected]>

…to fix llama.cpp GBNF grammar overflow

… (thanks @anisoptera)

…aw#33939)

* extensions/googlechat: require openclaw 2026.3.2+

* extensions/memory-core: require openclaw 2026.3.2+

* deps: bump fast-xml-parser override to 5.3.8

* deps: refresh lockfile for audit vulnerability fixes

…openclaw#33932) thanks @Takhoffman

Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Takhoffman <[email protected]>
Co-authored-by: Tak Hoffman <[email protected]>

Fixes the issue where TUI replies appear in a different terminal window
instead of the one where the message was sent.

Root cause: The session key was being resolved twice:
1. Once before connecting to the gateway (using config defaults)
2. Once after connecting (using server-provided values)

If these differed, the TUI would filter out replies for the 'old' session
key, causing them to appear in other terminal windows or not at all.

Fix: Don't resolve the session key until after refreshAgents() completes,
ensuring we always use the server's mainKey/scope values consistently.

Fixes openclaw#33937

Adds <key>ProcessType</key><string>Background</string> to the
LaunchAgent plist template to prevent macOS from terminating the
gateway service during session transitions.

Without this key, macOS treats the node process as a foreground
application and may kill it for 'inefficiency' when the user
session transitions to the login screen.

Fixes openclaw#34089

- Replace hardcoded Unix paths (/tmp/demo) with platform-independent paths using os.tmpdir()
- Use path.join() for cross-platform path construction
- Tests now work correctly on both Unix and Windows systems

Fixes openclaw#30878