feat(extensions): add OpenAI Codex CLI auth provider#18009
Merged
steipete merged 4 commits intoopenclaw:mainfrom Feb 16, 2026
Merged
feat(extensions): add OpenAI Codex CLI auth provider#18009steipete merged 4 commits intoopenclaw:mainfrom
steipete merged 4 commits intoopenclaw:mainfrom
Conversation
Adds a new authentication provider that reads OAuth tokens from the OpenAI Codex CLI (~/.codex/auth.json) to authenticate with OpenAI's API. This allows ChatGPT Plus/Pro subscribers to use OpenAI models in OpenClaw without needing a separate API key - just authenticate with 'codex login' first, then enable this plugin. Features: - Reads existing Codex CLI credentials from ~/.codex/auth.json - Supports all Codex-available models (gpt-4.1, gpt-4o, o1, o3, etc.) - Automatic token expiry detection from JWT - Clear setup instructions and troubleshooting docs Usage: openclaw plugins enable openai-codex-auth openclaw models auth login --provider openai-codex --set-default
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| import * as path from "node:path"; | ||
| import * as os from "node:os"; | ||
|
|
||
| const PROVIDER_ID = "openai-codex"; |
Contributor
There was a problem hiding this comment.
Provider ID conflicts with built-in core provider
The provider ID "openai-codex" is already registered by the core codebase's built-in OpenAI Codex OAuth integration. The core has extensive support for this provider across src/agents/cli-credentials.ts, src/commands/auth-choice.apply.openai.ts, src/infra/provider-usage.*.ts, and model catalog/selection code.
Registering a second provider with the same ID will collide with the existing one. The core already reads ~/.codex/auth.json (via readCodexCliCredentials() in src/agents/cli-credentials.ts:452-502), handles macOS keychain storage, token refresh, and model discovery for openai-codex.
This plugin appears to duplicate functionality that already exists in the core. If the intent is to provide an alternative auth flow, it needs a distinct provider ID (e.g. "openai-codex-cli-import").
Prompt To Fix With AI
This is a comment left during a code review.
Path: extensions/openai-codex-auth/index.ts
Line: 11:11
Comment:
**Provider ID conflicts with built-in core provider**
The provider ID `"openai-codex"` is already registered by the core codebase's built-in OpenAI Codex OAuth integration. The core has extensive support for this provider across `src/agents/cli-credentials.ts`, `src/commands/auth-choice.apply.openai.ts`, `src/infra/provider-usage.*.ts`, and model catalog/selection code.
Registering a second provider with the same ID will collide with the existing one. The core already reads `~/.codex/auth.json` (via `readCodexCliCredentials()` in `src/agents/cli-credentials.ts:452-502`), handles macOS keychain storage, token refresh, and model discovery for `openai-codex`.
This plugin appears to duplicate functionality that already exists in the core. If the intent is to provide an alternative auth flow, it needs a distinct provider ID (e.g. `"openai-codex-cli-import"`).
How can I resolve this? If you propose a fix, please make it concise.
Author
There was a problem hiding this comment.
✅ Fixed in b25ea12
Changed provider ID from openai-codex to openai-codex-import to avoid conflict with the core's built-in provider. Also updated aliases to use codex-import instead of codex and chatgpt.
Comment on lines
19
to
31
| const CODEX_MODELS = [ | ||
| "openai/gpt-4.1", | ||
| "openai/gpt-4.1-mini", | ||
| "openai/gpt-4.1-nano", | ||
| "openai/gpt-4o", | ||
| "openai/gpt-4o-mini", | ||
| "openai/o1", | ||
| "openai/o1-mini", | ||
| "openai/o1-pro", | ||
| "openai/o3", | ||
| "openai/o3-mini", | ||
| "openai/o4-mini", | ||
| ] as const; |
Contributor
There was a problem hiding this comment.
Model prefix mismatch — uses openai/ instead of openai-codex/
These models use the openai/ prefix, but the existing core openai-codex provider uses the openai-codex/ prefix (e.g. openai-codex/gpt-5.3-codex — see src/commands/openai-codex-model-default.ts:4). Using openai/ here would conflict with the standard OpenAI API key-based provider's model namespace.
Additionally, none of these model IDs match the models the core openai-codex provider actually serves (the core uses gpt-5.3-codex and gpt-5.3-codex-spark). Models like gpt-4.1, o1-pro, etc. listed here are standard OpenAI API models, not Codex CLI-specific models.
Prompt To Fix With AI
This is a comment left during a code review.
Path: extensions/openai-codex-auth/index.ts
Line: 19:31
Comment:
**Model prefix mismatch — uses `openai/` instead of `openai-codex/`**
These models use the `openai/` prefix, but the existing core `openai-codex` provider uses the `openai-codex/` prefix (e.g. `openai-codex/gpt-5.3-codex` — see `src/commands/openai-codex-model-default.ts:4`). Using `openai/` here would conflict with the standard OpenAI API key-based provider's model namespace.
Additionally, none of these model IDs match the models the core `openai-codex` provider actually serves (the core uses `gpt-5.3-codex` and `gpt-5.3-codex-spark`). Models like `gpt-4.1`, `o1-pro`, etc. listed here are standard OpenAI API models, not Codex CLI-specific models.
How can I resolve this? If you propose a fix, please make it concise.
Author
There was a problem hiding this comment.
✅ Fixed in b25ea12
Updated model prefix from openai/ to openai-codex/ to match core's namespace convention. Also updated the models list to use the actual Codex models (gpt-5.3-codex, gpt-5.3-codex-spark, gpt-5.2-codex) instead of generic OpenAI API models.
|
|
||
| const PROVIDER_ID = "openai-codex"; | ||
| const PROVIDER_LABEL = "OpenAI Codex CLI"; | ||
| const AUTH_FILE = path.join(os.homedir(), ".codex", "auth.json"); |
Contributor
There was a problem hiding this comment.
Ignores CODEX_HOME environment variable
The core codebase respects the CODEX_HOME env var when resolving the auth file path (see src/agents/cli-credentials.ts:131-139). Hardcoding ~/.codex/auth.json means this will break for users who set CODEX_HOME to a custom location.
Suggested change
| const AUTH_FILE = path.join(os.homedir(), ".codex", "auth.json"); | |
| const AUTH_FILE = path.join(process.env.CODEX_HOME ? path.resolve(process.env.CODEX_HOME) : path.join(os.homedir(), ".codex"), "auth.json"); |
Prompt To Fix With AI
This is a comment left during a code review.
Path: extensions/openai-codex-auth/index.ts
Line: 13:13
Comment:
**Ignores `CODEX_HOME` environment variable**
The core codebase respects the `CODEX_HOME` env var when resolving the auth file path (see `src/agents/cli-credentials.ts:131-139`). Hardcoding `~/.codex/auth.json` means this will break for users who set `CODEX_HOME` to a custom location.
```suggestion
const AUTH_FILE = path.join(process.env.CODEX_HOME ? path.resolve(process.env.CODEX_HOME) : path.join(os.homedir(), ".codex"), "auth.json");
```
How can I resolve this? If you propose a fix, please make it concise.
Author
There was a problem hiding this comment.
✅ Fixed in b25ea12
Added getAuthFilePath() function that respects CODEX_HOME env var, matching the behavior in src/agents/cli-credentials.ts. The path is now resolved lazily to pick up env var changes at runtime.
| type: "oauth", | ||
| provider: PROVIDER_ID, | ||
| access: auth.tokens.access_token, | ||
| refresh: auth.tokens.refresh_token ?? "", |
Contributor
There was a problem hiding this comment.
Empty string for missing refresh token will cause silent failures
When refresh_token is absent, this passes "" as the refresh token. The core credential reader (src/agents/cli-credentials.ts:479-484) returns null entirely when a refresh token is missing, because an empty string is not a valid token and will cause refresh attempts to fail silently with unhelpful errors.
Consider either omitting the refresh field when missing or throwing early to inform the user that re-authentication is needed.
Prompt To Fix With AI
This is a comment left during a code review.
Path: extensions/openai-codex-auth/index.ts
Line: 130:130
Comment:
**Empty string for missing refresh token will cause silent failures**
When `refresh_token` is absent, this passes `""` as the refresh token. The core credential reader (`src/agents/cli-credentials.ts:479-484`) returns `null` entirely when a refresh token is missing, because an empty string is not a valid token and will cause refresh attempts to fail silently with unhelpful errors.
Consider either omitting the `refresh` field when missing or throwing early to inform the user that re-authentication is needed.
How can I resolve this? If you propose a fix, please make it concise.
Author
There was a problem hiding this comment.
✅ Fixed in b25ea12
Added validation that throws a clear error when refresh token is missing, prompting the user to re-authenticate with codex logout && codex login. This prevents silent failures from invalid empty-string tokens.
added 3 commits
February 16, 2026 12:35
- Change provider ID from 'openai-codex' to 'openai-codex-import' to avoid conflict with core's built-in openai-codex provider - Update model prefix from 'openai/' to 'openai-codex/' to match core's namespace convention and avoid collision with standard OpenAI API provider - Use correct Codex models (gpt-5.3-codex, gpt-5.2-codex) instead of generic OpenAI models (gpt-4.1, o1, o3) - Respect CODEX_HOME env var when resolving auth file path, matching core behavior in src/agents/cli-credentials.ts - Validate refresh token presence and throw clear error instead of using empty string which causes silent failures
ngutman
added a commit
that referenced
this pull request
Feb 17, 2026
Contributor
|
This PR was merged into It has been reverted in:
Reverted commits from this PR:
|
Author
|
Hi @ngutman and maintainers, Thank you for the feedback and explanation about the accidental merge. I understand the PR was reverted because it was merged before the review issues were fully resolved. Looking at the review comments and CONTRIBUTING.md, I realize I should have:
Questions for the maintainers:
I'm happy to rework this PR once I understand the right approach. Should I open a Discussion to hash out the design first? Thanks for your patience! |
Contributor
|
@jiteshdhamaniya as you stated openclaw already got codex cli credentials so it's not needed. |
steipete
added a commit
that referenced
this pull request
Feb 18, 2026
* Revert "fix(gateway): set explicit chat timeouts for mesh gateway calls" This reverts commit c529e60. * Revert "fix: capture init script exit codes instead of swallowing via pipe" This reverts commit 8b14052. * Revert "feat(docker): add init script support via /openclaw-init.d/" This reverts commit 53af9f7. * Revert "Agents: improve Windows scaffold helpers for venture studio" This reverts commit b6d934c. * chore: Fix types in tests 1/N. * chore: Fix types in tests 2/N. * Revert "fix: remove stderr suppression so install failures are visible in build logs" This reverts commit 717caa9. * Revert "fix(docker): ensure memory-lancedb deps installed in Docker image" This reverts commit 2ab6313. * Revert "fix: add windowsHide: true to spawn in runCommandWithTimeout" This reverts commit 32c66af. * Revert "Onboarding: fix webchat URL loopback and canonical session" This reverts commit 59e0e7e. * Revert "feat(linq): add interactive onboarding adapter" This reverts commit b91e437. * Revert "feat: add Linq channel — real iMessage via API, no Mac required" This reverts commit d4a142f. * docs: clarify discord proxy scope for startup REST calls * Revert "fix: flatten remaining anyOf/oneOf in Gemini schema cleaning" This reverts commit 06b961b. * Revert "fix: session-memory hook finds previous session file after /new/reset" This reverts commit d6acd71. * Revert "fix: respect OPENCLAW_HOME for isolated gateway instances" This reverts commit 34b18ea. * fix(process): harden graceful kill-tree cancellation semantics * fix(slack): scope attachment extraction to forwarded shares * docs(changelog): note process kill-tree hotfix * docs(changelog): note slack forwarded attachment hotfix * fix(session-memory): harden reset transcript recovery * revert(telegram): undo accidental merge of PR #18601 * fix(ui): preserve locale bootstrap and trusted-proxy overview behavior * fix(scripts): harden Windows UI spawn behavior * fix(slack): validate interaction payloads and handle malformed actions * fix(mattermost): harden react remove flag parsing * docs(changelog): record PR 18608 fixups * fix(heartbeat): bound responsePrefix strip for ack detection * chore: Fix types in tests 3/N. * chore: chore: Fix types in tests 4/N. * chore: Fix types in tests 5/N. * chore: Fix types in tests 6/N. * chore: Format files. * chore: Fix types that were broken due to reverts. * chore: Cleanup unused vars that were leftover from the reverts. * fix(actions): layer per-account gate fallback * fix(subagents): pass group context in /subagents spawn * fix(failover): align abort timeout detection and regressions * fix(models): sync auth-profiles before availability checks * fix(ui): correct usage range totals and muted styles * Revert "feat: show transcript file size in session status" This reverts commit 15dd2cd. * revert(doctor): undo accidental merge of PR #18591 * fix(agents): align session lock hold budget with run timeouts * Revert "fix: resolve #12770 - update Antigravity default model and trim leading whitespace in BlueBubbles replies" This reverts commit e179d45. * revert(tools): undo accidental merge of PR #18584 * revert(tools): finish rollback of PR #18584 * chore: Fix Slack test. * revert: remove accidentally merged video-quote-finder skill (#18550) * revert: accidental merge of OC-09 sandbox env sanitization change * fix(doctor): move forced exit to top-level command * chore: Fix types in tests 7/N. * chore: Fix types in tests 8/N. * chore: Fix types in tests 9/N. * chore: Fix types in tests 10/N. * chore: Fix types in tests 11/N. * chore: chore: Fix types in tests 12/N. * chore: Fix type errors from reverts. * fix(gateway): remove watch-mode build/start race (#18782) * fix(doctor): repair googlechat open dm wildcard auto-fix * test(extensions): cast fetch mocks to satisfy tsgo * fix(gateway): harden channel health monitor recovery * fix(reply): track messaging media aliases for dedupe * refactor(plugins): split before-agent hooks by model and prompt phases * revert(telegram): undo accidental merge of PR #18564 * fix(agents): restore multi-image image tool schema contract * chore: Format files. * fix(ui): gate sessions refresh on successful delete * revert(docs): undo accidental merge of #18516 * revert(exec): undo accidental merge of PR #18521 * docs(cron): clarify webhook posting summary condition * fix(gateway): preserve chat.history context under hard caps * chore: Fix types in tests 13/N. * chore: Fix types in tests 14/N. * chore: Fix types in tests 15/N. * chore: Fix types in tests 16/N. * chore: Fix types in tests 17/N. * chore: Fix types in tests 18/N. * chore: Format files. * revert(sandbox): revert SHA-1 slug restoration * test(session): cover stale threadId fallback * test(status): cover token summary variants * test(telegram): cover getFile file-too-big errors * test(voice-call): cover stream disconnect auto-end * chore(format): fix test import order * test(agents): cover tool result media placeholders * chore: chore: Fix types in tests 19/N. * chore: Fix types in tests 20/N. * chore: Fix types in tests 21/N. * chore: Fix types in tests 22/N. * chore: Fix types in tests 23/N. * docs(voice-call): document stale call reaper config * fix(doctor): audit env-only gateway tokens * fix(sessions): purge deleted transcript archives * test(docker): cover browser install build arg * revert(gateway): restore loopback auth setup * revert(voice-call): undo cached greeting note * revert(voice-call): undo oxfmt formatting * revert(voice-call): undo oxfmt formatting pass * revert(voice-call): remove cached inbound greeting * test: stabilize infra tests * fix(subagents): harden announce retry guards * Revert "fix(whatsapp): allow per-message link preview override\n\nWhatsApp messages default to enabling link previews for URLs. This adds\nsupport for overriding this behavior per-message via the \nparameter (e.g. from tool options), consistent with Telegram.\n\nFix: Updated internal WhatsApp Web API layers to pass option\ndown to Baileys ." This reverts commit 1bef2fc. * fix(telegram): clear offsets on token change * test(agents): cover exec non-zero exits * CI: use self-hosted for labeler/automation * Revert "channels: migrate extension account listing to factory" This reverts commit d24340d. * chore(format) * chore: wtf. * chore: Fix types. * chore: Fix types in tests 24/N. * chore: Fix types in tests 25/N. * chore: Fix types in tests 26/N. * chore: Fix types in tests 27/N. * chore: Fix types in tests 28/N. * chore: Fix types in tests 29/N. * chore: Fix types in tests 30/N. * chore: Fix types in tests 31/N. * chore: Fix types in tests 32/N. * fix(telegram): add initial message debounce for better push notifications (#18147) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 5e2285b Co-authored-by: Marvae <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * style(telegram): format dispatch files * chore: Fix types in tests 33/N. * chore: Fix types in tests 34/N. * chore: Fix types in tests 35/N. * chore: Fix types in tests 36/N. * chore: Fix types in tests 37/N. * chore: Fix types in tests 38/N. * chore: Fix types in tests 39/N. * chore: Fix types in tests 40/N. * chore: Fix types in tests 41/N. * chore: Fix types in tests 42/N. * chore: Fix types in tests 43/N. * chore: Fix types in tests 44/N. * chore: Fix types in tests 45/N. * chore: Typecheck tests. * chore: Fix broken test. * chore: Fix hanging test. * fix(telegram): avoid duplicate preview bubbles in partial stream mode (#18956) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: cf4eca7 Co-authored-by: obviyus <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * fix: before_tool_call hook double-fires with abort signal (#16852) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 6269d61 Co-authored-by: sreuter <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * Revert "Default Telegram polls to public" This reverts commit c43e95e. * Revert "Fix Telegram poll action wiring" This reverts commit 556b531. * Revert "Add Telegram polls action to config typing" This reverts commit 5cbfaf5. * Revert "fix(telegram): wire sendPollTelegram into channel action handler (#16977)" This reverts commit 7bb9a7d. * CI: remove formal models conformance workflow (#19007) * fix: preserve telegram dm topic thread ids * style: drop aidev-note prefix in telegram comments * test: pass extensionContext in abort dedupe e2e * fix: align tool execute arg parsing for hooks * test: type telegram action mock passthrough args * Configure: make model picker allowlist searchable * Configure: improve searchable model picker token matching * Docs: add screenshot showing model picker usability issue * fix: searchable model picker in configure (#19010) (thanks @bjesuiter) * fix(extensions): revert openai codex auth plugin (PR #18009) * feat(telegram): add channel_post support for bot-to-bot communication (#17857) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 27a343c Co-authored-by: theSamPadilla <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * Revert "fix: handle forum/topics in Telegram DM thread routing (#17980)" This reverts commit e20b87f. * Revert: undo #17974 README change * voice-call: harden closed-loop turn loop and transcript routing (#19140) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 14a3edb Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky * iOS onboarding: stop auth step-3 retry loop churn (#19153) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: a38ec42 Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky * Revert: fully roll back #17974 zh-cn UI README * chore(subagents): add regression coverage and changelog * fix(daemon): scope token drift warnings * test(web): fix baileys mock typing * test(cron): cover webhook session rollover overrides * docs(changelog): note webhook session reuse fix * fix(discord): normalize command allowFrom prefixes * fix(cli): honor update restart overrides * fix(cron): add spin-loop regression coverage * test(gateway): cover trusted proxy trimming * test(discord): cover audioAsVoice replies * test(feishu): cover post mentions for other users * fix(discord): preserve DM lastRoute user target * Revert "fix(browser): track original port mapping for EADDRINUSE fallback" This reverts commit 8e55503. * Revert "fix(browser): handle EADDRINUSE with automatic port fallback" This reverts commit 0e6daa2. * test(discord): fix mock call arg typing * Revert: fully roll back #17986 templates * test: add fetch mock helper and reaction coverage * CLI: approve latest pending device request * docs(readme): remove Android install link * revert(agents): remove llms.txt discovery prompt (#19192) * fix(ui): revert PR #18093 directive tags (#19188) * test(discord): cover auto-thread skip types * test(update): cover restart gating * docs(zai): document tool_stream defaults * revert: per-model thinkingDefault override (#19195) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: fe2c59e Co-authored-by: sebslight <[email protected]> Co-authored-by: sebslight <[email protected]> Reviewed-by: @sebslight * fix(gateway): make stale token cleanup non-fatal * Agents: add before_message_write persistence regression tests * fix(mattermost): surface reactions support * Tests: fix fetch mock typings for type-aware checks * revert: fix models set catalog validation (#19194) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 7e3b2ff Co-authored-by: sebslight <[email protected]> Co-authored-by: sebslight <[email protected]> Reviewed-by: @sebslight * test: cover cron telemetry and typed fetch mocks * revert(agents): revert base64 image validation (#19221) * docs(cli): add components send example * test(sessions): add delivery info regression coverage * fix(daemon): guard preferred node selection * test(auto-reply): cover sender_id metadata * revert: PR 18288 accidental merge (#19224) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 3cda315 Co-authored-by: sebslight <[email protected]> Co-authored-by: sebslight <[email protected]> Reviewed-by: @sebslight * test(telegram): cover autoSelectFamily env precedence * test(cron): add model fallback regression coverage * test(release): add appcast regression coverage * docs(changelog): remove revert entries * docs: add maintainer application section * docs: refine maintainer application guidance * docs: add vision doc and link from README * docs: add community plugins guide * Update auto-response message for third-party extensions * update my contributing list * iOS: use operator session for ChatSheet RPCs (#19320) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 0753b3a Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky * fix: sanitize native command names for Telegram API (#19257) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: b608be3 Co-authored-by: akramcodez <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * docs(slack): add assistant:write requirement for typing status * chore: document sessions_spawn response note and subagent context prefix * feat(ios): auto-select local signing team (#18421) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: bbb9c3a Co-authored-by: ngutman <[email protected]> Co-authored-by: ngutman <[email protected]> Reviewed-by: @ngutman * fix(bluebubbles): recover outbound message IDs and include sender metadata * fix cron announce routing and timeout handling * changelog: add @tyler6204 credit for today's entries * feat: share to openclaw ios app (#19424) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 0a7ab85 Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky * Docs: expand multi-agent routing * docs(changelog): add missing 2026.2.16 entries and reorder by user impact * chore(release): bump version to 2026.2.17 * fix(signal): canonicalize message targets in tool and inbound flows * docs: tighten contribution guidance and vision links * docs: tighten PR scope and review-size policy in vision * fix(gateway): block cross-session fallback in node event delivery * fix(gateway): make health monitor checks single-flight * fix(ios): harden share relay routing and delivery guards * fix(telegram): normalize topic-create targets and add regression tests * feat(cron): add default stagger controls for scheduled jobs * fix(cron): retry next-second schedule compute on undefined * docs(security): harden gateway security guidance * feat(models): support anthropic sonnet 4.6 * fix: wire agents.defaults.imageModel into media understanding auto-discovery resolveAutoEntries only checked a hardcoded list of providers (openai, anthropic, google, minimax) when looking for an image model. agents.defaults.imageModel was never consulted by the media understanding pipeline — it was only wired into the explicit `image` tool. Add resolveImageModelFromAgentDefaults that reads the imageModel config (primary + fallbacks) and inserts it into the auto-discovery chain before the hardcoded provider list. runProviderEntry already falls back to describeImageWithModel (via pi-ai) for providers not in the media understanding registry, so no additional provider registration is needed. Co-Authored-By: Claude Sonnet 4.5 <[email protected]> (cherry picked from commit b381029) * docs: update AGENTS instructions * fix(subagent): harden read-tool overflow guards and sticky reply threading (#19508) * fix(gateway): avoid premature agent.wait completion on transient errors * fix(agent): preemptively guard tool results against context overflow * fix: harden tool-result context guard and add message_id metadata * fix: use importOriginal in session-key mock to include DEFAULT_ACCOUNT_ID The run.skill-filter test was mocking ../../routing/session-key.js with only buildAgentMainSessionKey and normalizeAgentId, but the module also exports DEFAULT_ACCOUNT_ID which is required transitively by src/web/auth-store.ts. Switch to importOriginal pattern so all real exports are preserved alongside the mocked functions. * pi-runner: guard accumulated tool-result overflow in transformContext * PI runner: compact overflowing tool-result context * Subagent: harden tool-result context recovery * Enhance tool-result context handling by adding support for legacy tool outputs and improving character estimation for message truncation. This includes a new function to create legacy tool results and updates to existing functions to better manage context overflow scenarios. * Enhance iMessage handling by adding reply tag support in send functions and tests. This includes modifications to prepend or rewrite reply tags based on provided replyToId, ensuring proper message formatting for replies. * Enhance message delivery across multiple channels by implementing sticky reply context for chunked messages. This includes preserving reply references in Discord, Telegram, and iMessage, ensuring that follow-up messages maintain their intended reply targets. Additionally, improve handling of reply tags in system prompts and tests to support consistent reply behavior. * Enhance read tool functionality by implementing auto-paging across chunks when no explicit limit is provided, scaling output budget based on model context window. Additionally, add tests for adaptive reading behavior and capped continuation guidance for large outputs. Update related functions to support these features. * Refine tool-result context management by stripping oversized read-tool details payloads during compaction, ensuring repeated read calls do not bypass context limits. Introduce new utility functions for handling truncation content and enhance character estimation for tool results. Add tests to validate the removal of excessive details in context overflow scenarios. * Refine message delivery logic in Matrix and Telegram by introducing a flag to track if a text chunk was sent. This ensures that replies are only marked as delivered when a text chunk has been successfully sent, improving the accuracy of reply handling in both channels. * fix: tighten reply threading coverage and prep fixes (#19508) (thanks @tyler6204) * fix(hooks): backport internal message hook bridge with safe delivery semantics * fix(subagent): update SUBAGENT_SPAWN_ACCEPTED_NOTE for clarity on auto-announcement behavior * fix: follow-up slack streaming routing/tests (#9972) (thanks @natedenh) * fix: reduce default image dimension from 2000px to 1200px Large images (2000px) consume excessive context tokens when sent to LLMs. 1200px provides sufficient detail for most use cases while significantly reducing token usage. The 5MB byte limit remains unchanged as JPEG compression at 1200px naturally produces smaller files. (cherry picked from commit 4018212) * fix(agents): make image sanitization dimension configurable * docs(tokens): document image dimension token tradeoffs * Whatsapp/add resolve outbound target tests (#19345) * test(whatsapp): add resolveWhatsAppOutboundTarget test suite * style: auto-format files * fix(test): correct mock order for invalid allowList entry test * feat(skills): Add 'Use when / Don't use when' routing blocks (#14521) * feat(skills): add 'Use when / Don't use when' blocks to skill descriptions Based on OpenAI's Shell + Skills + Compaction best practices article. Key changes: - Added clear routing logic to skill descriptions - Added negative examples to prevent misfires - Added templates/examples to github skill - Included Blake's specific setup notes for openhue Skills updated: - apple-reminders: Clarify vs Clawdbot cron - github: Clarify vs local git operations - imsg: Clarify vs other messaging channels - openhue: Add device inventory, room layout - tmux: Clarify vs exec tool - weather: Add location defaults, format codes Reference: https://developers.openai.com/blog/skills-shell-tips * fix(skills): restore metadata and generic CLI examples --------- Co-authored-by: Peter Steinberger <[email protected]> * feat(agents): add generic provider api key rotation (#19587) * feat(skills): improve descriptions with routing logic (#14577) * feat(skills): improve descriptions with routing logic Apply OpenAI's recommended pattern for skill descriptions: - Add 'Use when' conditions for clear triggering - Add 'NOT for' negative examples to reduce misfires - Make descriptions act as routing logic, not marketing copy Based on: https://developers.openai.com/blog/skills-shell-tips/ Skills updated: - coding-agent: clarify when to delegate vs direct edit - github: add boundaries vs browser/scripting - weather: add scope limitations Glean reported 20% drop in skill triggering without negative examples, recovering after adding them. This change brings Clawdbot skills in line with that pattern. * docs(skills): clarify routing boundaries (#14577) (thanks @DylanWoodAkers) * docs(changelog): add PR 14577 release note (#14577) (thanks @DylanWoodAkers) --------- Co-authored-by: ClawdBotWolf <[email protected]> Co-authored-by: Peter Steinberger <[email protected]> * Add frontend-design skill * feat(telegram): add forum topic creation support (#10427) Add `topic-create` action to the Telegram message adapter, enabling programmatic creation of forum topics in supergroups. Changes: - Add `createForumTopicTelegram()` to `src/telegram/send.ts` - Add `createForumTopic` handler in `telegram-actions.ts` - Wire `topic-create` action in Telegram adapter - Register `topic-create` in message action names and spec The bot requires `can_manage_topics` permission in the target group. Supports optional `iconColor` and `iconCustomEmojiId` parameters. Closes #10427 * chore: fix formatting in frontend-design SKILL.md * fix: add action gate check and config type for createForumTopic Address review feedback: - Add isActionEnabled() gate in telegram-actions.ts - Add gate() check in telegram adapter listActions - Add createForumTopic to TelegramActionConfig type * fix(telegram): normalize topic-create targets and add regression tests --------- Co-authored-by: Peter Steinberger <[email protected]> Co-authored-by: Gustavo Madeira Santana <[email protected]> Co-authored-by: cpojer <[email protected]> Co-authored-by: Sebastian <[email protected]> Co-authored-by: Josh Avant <[email protected]> Co-authored-by: Shadow <[email protected]> Co-authored-by: Hongwei Ma <[email protected]> Co-authored-by: Marvae <[email protected]> Co-authored-by: obviyus <[email protected]> Co-authored-by: Ayaan Zaidi <[email protected]> Co-authored-by: Ayaan Zaidi <[email protected]> Co-authored-by: Sascha Reuter <[email protected]> Co-authored-by: sreuter <[email protected]> Co-authored-by: Nimrod Gutman <[email protected]> Co-authored-by: Vignesh <[email protected]> Co-authored-by: Benjamin Jesuiter <[email protected]> Co-authored-by: Sam Padilla <[email protected]> Co-authored-by: Muhammed Mukhthar CM <[email protected]> Co-authored-by: Mariano <[email protected]> Co-authored-by: Shakker <[email protected]> Co-authored-by: Mariano Belinky <[email protected]> Co-authored-by: Shadow <[email protected]> Co-authored-by: Sk Akram <[email protected]> Co-authored-by: akramcodez <[email protected]> Co-authored-by: Onur <[email protected]> Co-authored-by: Tyler Yust <[email protected]> Co-authored-by: ngutman <[email protected]> Co-authored-by: Pablo Nunez <[email protected]> Co-authored-by: Claude Sonnet 4.5 <[email protected]> Co-authored-by: Tyler Yust <[email protected]> Co-authored-by: Han Xiao <[email protected]> Co-authored-by: Verite Igiraneza <[email protected]> Co-authored-by: Blakeshannon <[email protected]> Co-authored-by: Peter Steinberger <[email protected]> Co-authored-by: DylanWoodAkers <[email protected]> Co-authored-by: ClawdBotWolf <[email protected]> Co-authored-by: Claw <[email protected]>
archerhpagent
pushed a commit
to howardpark/openclaw
that referenced
this pull request
Feb 18, 2026
anschmieg
pushed a commit
to anschmieg/openclaw
that referenced
this pull request
Feb 19, 2026
* Revert "fix(gateway): set explicit chat timeouts for mesh gateway calls" This reverts commit c529e60. * Revert "fix: capture init script exit codes instead of swallowing via pipe" This reverts commit 8b14052. * Revert "feat(docker): add init script support via /openclaw-init.d/" This reverts commit 53af9f7. * Revert "Agents: improve Windows scaffold helpers for venture studio" This reverts commit b6d934c. * chore: Fix types in tests 1/N. * chore: Fix types in tests 2/N. * Revert "fix: remove stderr suppression so install failures are visible in build logs" This reverts commit 717caa9. * Revert "fix(docker): ensure memory-lancedb deps installed in Docker image" This reverts commit 2ab6313. * Revert "fix: add windowsHide: true to spawn in runCommandWithTimeout" This reverts commit 32c66af. * Revert "Onboarding: fix webchat URL loopback and canonical session" This reverts commit 59e0e7e. * Revert "feat(linq): add interactive onboarding adapter" This reverts commit b91e437. * Revert "feat: add Linq channel — real iMessage via API, no Mac required" This reverts commit d4a142f. * docs: clarify discord proxy scope for startup REST calls * Revert "fix: flatten remaining anyOf/oneOf in Gemini schema cleaning" This reverts commit 06b961b. * Revert "fix: session-memory hook finds previous session file after /new/reset" This reverts commit d6acd71. * Revert "fix: respect OPENCLAW_HOME for isolated gateway instances" This reverts commit 34b18ea. * fix(process): harden graceful kill-tree cancellation semantics * fix(slack): scope attachment extraction to forwarded shares * docs(changelog): note process kill-tree hotfix * docs(changelog): note slack forwarded attachment hotfix * fix(session-memory): harden reset transcript recovery * revert(telegram): undo accidental merge of PR openclaw#18601 * fix(ui): preserve locale bootstrap and trusted-proxy overview behavior * fix(scripts): harden Windows UI spawn behavior * fix(slack): validate interaction payloads and handle malformed actions * fix(mattermost): harden react remove flag parsing * docs(changelog): record PR 18608 fixups * fix(heartbeat): bound responsePrefix strip for ack detection * chore: Fix types in tests 3/N. * chore: chore: Fix types in tests 4/N. * chore: Fix types in tests 5/N. * chore: Fix types in tests 6/N. * chore: Format files. * chore: Fix types that were broken due to reverts. * chore: Cleanup unused vars that were leftover from the reverts. * fix(actions): layer per-account gate fallback * fix(subagents): pass group context in /subagents spawn * fix(failover): align abort timeout detection and regressions * fix(models): sync auth-profiles before availability checks * fix(ui): correct usage range totals and muted styles * Revert "feat: show transcript file size in session status" This reverts commit 15dd2cd. * revert(doctor): undo accidental merge of PR openclaw#18591 * fix(agents): align session lock hold budget with run timeouts * Revert "fix: resolve openclaw#12770 - update Antigravity default model and trim leading whitespace in BlueBubbles replies" This reverts commit e179d45. * revert(tools): undo accidental merge of PR openclaw#18584 * revert(tools): finish rollback of PR openclaw#18584 * chore: Fix Slack test. * revert: remove accidentally merged video-quote-finder skill (openclaw#18550) * revert: accidental merge of OC-09 sandbox env sanitization change * fix(doctor): move forced exit to top-level command * chore: Fix types in tests 7/N. * chore: Fix types in tests 8/N. * chore: Fix types in tests 9/N. * chore: Fix types in tests 10/N. * chore: Fix types in tests 11/N. * chore: chore: Fix types in tests 12/N. * chore: Fix type errors from reverts. * fix(gateway): remove watch-mode build/start race (openclaw#18782) * fix(doctor): repair googlechat open dm wildcard auto-fix * test(extensions): cast fetch mocks to satisfy tsgo * fix(gateway): harden channel health monitor recovery * fix(reply): track messaging media aliases for dedupe * refactor(plugins): split before-agent hooks by model and prompt phases * revert(telegram): undo accidental merge of PR openclaw#18564 * fix(agents): restore multi-image image tool schema contract * chore: Format files. * fix(ui): gate sessions refresh on successful delete * revert(docs): undo accidental merge of openclaw#18516 * revert(exec): undo accidental merge of PR openclaw#18521 * docs(cron): clarify webhook posting summary condition * fix(gateway): preserve chat.history context under hard caps * chore: Fix types in tests 13/N. * chore: Fix types in tests 14/N. * chore: Fix types in tests 15/N. * chore: Fix types in tests 16/N. * chore: Fix types in tests 17/N. * chore: Fix types in tests 18/N. * chore: Format files. * revert(sandbox): revert SHA-1 slug restoration * test(session): cover stale threadId fallback * test(status): cover token summary variants * test(telegram): cover getFile file-too-big errors * test(voice-call): cover stream disconnect auto-end * chore(format): fix test import order * test(agents): cover tool result media placeholders * chore: chore: Fix types in tests 19/N. * chore: Fix types in tests 20/N. * chore: Fix types in tests 21/N. * chore: Fix types in tests 22/N. * chore: Fix types in tests 23/N. * docs(voice-call): document stale call reaper config * fix(doctor): audit env-only gateway tokens * fix(sessions): purge deleted transcript archives * test(docker): cover browser install build arg * revert(gateway): restore loopback auth setup * revert(voice-call): undo cached greeting note * revert(voice-call): undo oxfmt formatting * revert(voice-call): undo oxfmt formatting pass * revert(voice-call): remove cached inbound greeting * test: stabilize infra tests * fix(subagents): harden announce retry guards * Revert "fix(whatsapp): allow per-message link preview override\n\nWhatsApp messages default to enabling link previews for URLs. This adds\nsupport for overriding this behavior per-message via the \nparameter (e.g. from tool options), consistent with Telegram.\n\nFix: Updated internal WhatsApp Web API layers to pass option\ndown to Baileys ." This reverts commit 1bef2fc. * fix(telegram): clear offsets on token change * test(agents): cover exec non-zero exits * CI: use self-hosted for labeler/automation * Revert "channels: migrate extension account listing to factory" This reverts commit d24340d. * chore(format) * chore: wtf. * chore: Fix types. * chore: Fix types in tests 24/N. * chore: Fix types in tests 25/N. * chore: Fix types in tests 26/N. * chore: Fix types in tests 27/N. * chore: Fix types in tests 28/N. * chore: Fix types in tests 29/N. * chore: Fix types in tests 30/N. * chore: Fix types in tests 31/N. * chore: Fix types in tests 32/N. * fix(telegram): add initial message debounce for better push notifications (openclaw#18147) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 5e2285b Co-authored-by: Marvae <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * style(telegram): format dispatch files * chore: Fix types in tests 33/N. * chore: Fix types in tests 34/N. * chore: Fix types in tests 35/N. * chore: Fix types in tests 36/N. * chore: Fix types in tests 37/N. * chore: Fix types in tests 38/N. * chore: Fix types in tests 39/N. * chore: Fix types in tests 40/N. * chore: Fix types in tests 41/N. * chore: Fix types in tests 42/N. * chore: Fix types in tests 43/N. * chore: Fix types in tests 44/N. * chore: Fix types in tests 45/N. * chore: Typecheck tests. * chore: Fix broken test. * chore: Fix hanging test. * fix(telegram): avoid duplicate preview bubbles in partial stream mode (openclaw#18956) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: cf4eca7 Co-authored-by: obviyus <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * fix: before_tool_call hook double-fires with abort signal (openclaw#16852) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 6269d61 Co-authored-by: sreuter <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * Revert "Default Telegram polls to public" This reverts commit c43e95e. * Revert "Fix Telegram poll action wiring" This reverts commit 556b531. * Revert "Add Telegram polls action to config typing" This reverts commit 5cbfaf5. * Revert "fix(telegram): wire sendPollTelegram into channel action handler (openclaw#16977)" This reverts commit 7bb9a7d. * CI: remove formal models conformance workflow (openclaw#19007) * fix: preserve telegram dm topic thread ids * style: drop aidev-note prefix in telegram comments * test: pass extensionContext in abort dedupe e2e * fix: align tool execute arg parsing for hooks * test: type telegram action mock passthrough args * Configure: make model picker allowlist searchable * Configure: improve searchable model picker token matching * Docs: add screenshot showing model picker usability issue * fix: searchable model picker in configure (openclaw#19010) (thanks @bjesuiter) * fix(extensions): revert openai codex auth plugin (PR openclaw#18009) * feat(telegram): add channel_post support for bot-to-bot communication (openclaw#17857) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 27a343c Co-authored-by: theSamPadilla <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * Revert "fix: handle forum/topics in Telegram DM thread routing (openclaw#17980)" This reverts commit e20b87f. * Revert: undo openclaw#17974 README change * voice-call: harden closed-loop turn loop and transcript routing (openclaw#19140) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 14a3edb Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky * iOS onboarding: stop auth step-3 retry loop churn (openclaw#19153) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: a38ec42 Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky * Revert: fully roll back openclaw#17974 zh-cn UI README * chore(subagents): add regression coverage and changelog * fix(daemon): scope token drift warnings * test(web): fix baileys mock typing * test(cron): cover webhook session rollover overrides * docs(changelog): note webhook session reuse fix * fix(discord): normalize command allowFrom prefixes * fix(cli): honor update restart overrides * fix(cron): add spin-loop regression coverage * test(gateway): cover trusted proxy trimming * test(discord): cover audioAsVoice replies * test(feishu): cover post mentions for other users * fix(discord): preserve DM lastRoute user target * Revert "fix(browser): track original port mapping for EADDRINUSE fallback" This reverts commit 8e55503. * Revert "fix(browser): handle EADDRINUSE with automatic port fallback" This reverts commit 0e6daa2. * test(discord): fix mock call arg typing * Revert: fully roll back openclaw#17986 templates * test: add fetch mock helper and reaction coverage * CLI: approve latest pending device request * docs(readme): remove Android install link * revert(agents): remove llms.txt discovery prompt (openclaw#19192) * fix(ui): revert PR openclaw#18093 directive tags (openclaw#19188) * test(discord): cover auto-thread skip types * test(update): cover restart gating * docs(zai): document tool_stream defaults * revert: per-model thinkingDefault override (openclaw#19195) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: fe2c59e Co-authored-by: sebslight <[email protected]> Co-authored-by: sebslight <[email protected]> Reviewed-by: @sebslight * fix(gateway): make stale token cleanup non-fatal * Agents: add before_message_write persistence regression tests * fix(mattermost): surface reactions support * Tests: fix fetch mock typings for type-aware checks * revert: fix models set catalog validation (openclaw#19194) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 7e3b2ff Co-authored-by: sebslight <[email protected]> Co-authored-by: sebslight <[email protected]> Reviewed-by: @sebslight * test: cover cron telemetry and typed fetch mocks * revert(agents): revert base64 image validation (openclaw#19221) * docs(cli): add components send example * test(sessions): add delivery info regression coverage * fix(daemon): guard preferred node selection * test(auto-reply): cover sender_id metadata * revert: PR 18288 accidental merge (openclaw#19224) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 3cda315 Co-authored-by: sebslight <[email protected]> Co-authored-by: sebslight <[email protected]> Reviewed-by: @sebslight * test(telegram): cover autoSelectFamily env precedence * test(cron): add model fallback regression coverage * test(release): add appcast regression coverage * docs(changelog): remove revert entries * docs: add maintainer application section * docs: refine maintainer application guidance * docs: add vision doc and link from README * docs: add community plugins guide * Update auto-response message for third-party extensions * update my contributing list * iOS: use operator session for ChatSheet RPCs (openclaw#19320) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 0753b3a Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky * fix: sanitize native command names for Telegram API (openclaw#19257) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: b608be3 Co-authored-by: akramcodez <[email protected]> Co-authored-by: obviyus <[email protected]> Reviewed-by: @obviyus * docs(slack): add assistant:write requirement for typing status * chore: document sessions_spawn response note and subagent context prefix * feat(ios): auto-select local signing team (openclaw#18421) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: bbb9c3a Co-authored-by: ngutman <[email protected]> Co-authored-by: ngutman <[email protected]> Reviewed-by: @ngutman * fix(bluebubbles): recover outbound message IDs and include sender metadata * fix cron announce routing and timeout handling * changelog: add @tyler6204 credit for today's entries * feat: share to openclaw ios app (openclaw#19424) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 0a7ab85 Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky * Docs: expand multi-agent routing * docs(changelog): add missing 2026.2.16 entries and reorder by user impact * chore(release): bump version to 2026.2.17 * fix(signal): canonicalize message targets in tool and inbound flows * docs: tighten contribution guidance and vision links * docs: tighten PR scope and review-size policy in vision * fix(gateway): block cross-session fallback in node event delivery * fix(gateway): make health monitor checks single-flight * fix(ios): harden share relay routing and delivery guards * fix(telegram): normalize topic-create targets and add regression tests * feat(cron): add default stagger controls for scheduled jobs * fix(cron): retry next-second schedule compute on undefined * docs(security): harden gateway security guidance * feat(models): support anthropic sonnet 4.6 * fix: wire agents.defaults.imageModel into media understanding auto-discovery resolveAutoEntries only checked a hardcoded list of providers (openai, anthropic, google, minimax) when looking for an image model. agents.defaults.imageModel was never consulted by the media understanding pipeline — it was only wired into the explicit `image` tool. Add resolveImageModelFromAgentDefaults that reads the imageModel config (primary + fallbacks) and inserts it into the auto-discovery chain before the hardcoded provider list. runProviderEntry already falls back to describeImageWithModel (via pi-ai) for providers not in the media understanding registry, so no additional provider registration is needed. Co-Authored-By: Claude Sonnet 4.5 <[email protected]> (cherry picked from commit b381029) * docs: update AGENTS instructions * fix(subagent): harden read-tool overflow guards and sticky reply threading (openclaw#19508) * fix(gateway): avoid premature agent.wait completion on transient errors * fix(agent): preemptively guard tool results against context overflow * fix: harden tool-result context guard and add message_id metadata * fix: use importOriginal in session-key mock to include DEFAULT_ACCOUNT_ID The run.skill-filter test was mocking ../../routing/session-key.js with only buildAgentMainSessionKey and normalizeAgentId, but the module also exports DEFAULT_ACCOUNT_ID which is required transitively by src/web/auth-store.ts. Switch to importOriginal pattern so all real exports are preserved alongside the mocked functions. * pi-runner: guard accumulated tool-result overflow in transformContext * PI runner: compact overflowing tool-result context * Subagent: harden tool-result context recovery * Enhance tool-result context handling by adding support for legacy tool outputs and improving character estimation for message truncation. This includes a new function to create legacy tool results and updates to existing functions to better manage context overflow scenarios. * Enhance iMessage handling by adding reply tag support in send functions and tests. This includes modifications to prepend or rewrite reply tags based on provided replyToId, ensuring proper message formatting for replies. * Enhance message delivery across multiple channels by implementing sticky reply context for chunked messages. This includes preserving reply references in Discord, Telegram, and iMessage, ensuring that follow-up messages maintain their intended reply targets. Additionally, improve handling of reply tags in system prompts and tests to support consistent reply behavior. * Enhance read tool functionality by implementing auto-paging across chunks when no explicit limit is provided, scaling output budget based on model context window. Additionally, add tests for adaptive reading behavior and capped continuation guidance for large outputs. Update related functions to support these features. * Refine tool-result context management by stripping oversized read-tool details payloads during compaction, ensuring repeated read calls do not bypass context limits. Introduce new utility functions for handling truncation content and enhance character estimation for tool results. Add tests to validate the removal of excessive details in context overflow scenarios. * Refine message delivery logic in Matrix and Telegram by introducing a flag to track if a text chunk was sent. This ensures that replies are only marked as delivered when a text chunk has been successfully sent, improving the accuracy of reply handling in both channels. * fix: tighten reply threading coverage and prep fixes (openclaw#19508) (thanks @tyler6204) * fix(hooks): backport internal message hook bridge with safe delivery semantics * fix(subagent): update SUBAGENT_SPAWN_ACCEPTED_NOTE for clarity on auto-announcement behavior * fix: follow-up slack streaming routing/tests (openclaw#9972) (thanks @natedenh) * fix: reduce default image dimension from 2000px to 1200px Large images (2000px) consume excessive context tokens when sent to LLMs. 1200px provides sufficient detail for most use cases while significantly reducing token usage. The 5MB byte limit remains unchanged as JPEG compression at 1200px naturally produces smaller files. (cherry picked from commit 4018212) * fix(agents): make image sanitization dimension configurable * docs(tokens): document image dimension token tradeoffs * Whatsapp/add resolve outbound target tests (openclaw#19345) * test(whatsapp): add resolveWhatsAppOutboundTarget test suite * style: auto-format files * fix(test): correct mock order for invalid allowList entry test * feat(skills): Add 'Use when / Don't use when' routing blocks (openclaw#14521) * feat(skills): add 'Use when / Don't use when' blocks to skill descriptions Based on OpenAI's Shell + Skills + Compaction best practices article. Key changes: - Added clear routing logic to skill descriptions - Added negative examples to prevent misfires - Added templates/examples to github skill - Included Blake's specific setup notes for openhue Skills updated: - apple-reminders: Clarify vs Clawdbot cron - github: Clarify vs local git operations - imsg: Clarify vs other messaging channels - openhue: Add device inventory, room layout - tmux: Clarify vs exec tool - weather: Add location defaults, format codes Reference: https://developers.openai.com/blog/skills-shell-tips * fix(skills): restore metadata and generic CLI examples --------- Co-authored-by: Peter Steinberger <[email protected]> * feat(agents): add generic provider api key rotation (openclaw#19587) * feat(skills): improve descriptions with routing logic (openclaw#14577) * feat(skills): improve descriptions with routing logic Apply OpenAI's recommended pattern for skill descriptions: - Add 'Use when' conditions for clear triggering - Add 'NOT for' negative examples to reduce misfires - Make descriptions act as routing logic, not marketing copy Based on: https://developers.openai.com/blog/skills-shell-tips/ Skills updated: - coding-agent: clarify when to delegate vs direct edit - github: add boundaries vs browser/scripting - weather: add scope limitations Glean reported 20% drop in skill triggering without negative examples, recovering after adding them. This change brings Clawdbot skills in line with that pattern. * docs(skills): clarify routing boundaries (openclaw#14577) (thanks @DylanWoodAkers) * docs(changelog): add PR 14577 release note (openclaw#14577) (thanks @DylanWoodAkers) --------- Co-authored-by: ClawdBotWolf <[email protected]> Co-authored-by: Peter Steinberger <[email protected]> * Add frontend-design skill * feat(telegram): add forum topic creation support (openclaw#10427) Add `topic-create` action to the Telegram message adapter, enabling programmatic creation of forum topics in supergroups. Changes: - Add `createForumTopicTelegram()` to `src/telegram/send.ts` - Add `createForumTopic` handler in `telegram-actions.ts` - Wire `topic-create` action in Telegram adapter - Register `topic-create` in message action names and spec The bot requires `can_manage_topics` permission in the target group. Supports optional `iconColor` and `iconCustomEmojiId` parameters. Closes openclaw#10427 * chore: fix formatting in frontend-design SKILL.md * fix: add action gate check and config type for createForumTopic Address review feedback: - Add isActionEnabled() gate in telegram-actions.ts - Add gate() check in telegram adapter listActions - Add createForumTopic to TelegramActionConfig type * fix(telegram): normalize topic-create targets and add regression tests --------- Co-authored-by: Peter Steinberger <[email protected]> Co-authored-by: Gustavo Madeira Santana <[email protected]> Co-authored-by: cpojer <[email protected]> Co-authored-by: Sebastian <[email protected]> Co-authored-by: Josh Avant <[email protected]> Co-authored-by: Shadow <[email protected]> Co-authored-by: Hongwei Ma <[email protected]> Co-authored-by: Marvae <[email protected]> Co-authored-by: obviyus <[email protected]> Co-authored-by: Ayaan Zaidi <[email protected]> Co-authored-by: Ayaan Zaidi <[email protected]> Co-authored-by: Sascha Reuter <[email protected]> Co-authored-by: sreuter <[email protected]> Co-authored-by: Nimrod Gutman <[email protected]> Co-authored-by: Vignesh <[email protected]> Co-authored-by: Benjamin Jesuiter <[email protected]> Co-authored-by: Sam Padilla <[email protected]> Co-authored-by: Muhammed Mukhthar CM <[email protected]> Co-authored-by: Mariano <[email protected]> Co-authored-by: Shakker <[email protected]> Co-authored-by: Mariano Belinky <[email protected]> Co-authored-by: Shadow <[email protected]> Co-authored-by: Sk Akram <[email protected]> Co-authored-by: akramcodez <[email protected]> Co-authored-by: Onur <[email protected]> Co-authored-by: Tyler Yust <[email protected]> Co-authored-by: ngutman <[email protected]> Co-authored-by: Pablo Nunez <[email protected]> Co-authored-by: Claude Sonnet 4.5 <[email protected]> Co-authored-by: Tyler Yust <[email protected]> Co-authored-by: Han Xiao <[email protected]> Co-authored-by: Verite Igiraneza <[email protected]> Co-authored-by: Blakeshannon <[email protected]> Co-authored-by: Peter Steinberger <[email protected]> Co-authored-by: DylanWoodAkers <[email protected]> Co-authored-by: ClawdBotWolf <[email protected]> Co-authored-by: Claw <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a new authentication provider that reads OAuth tokens from the OpenAI Codex CLI (
~/.codex/auth.json) to authenticate with OpenAI's API.This allows ChatGPT Plus/Pro subscribers to use OpenAI models in OpenClaw without needing a separate API key — just authenticate with
codex loginfirst, then enable this plugin.Motivation
Many users already have ChatGPT Plus/Pro subscriptions but don't want to set up separate API billing. The Codex CLI (OpenAI's terminal coding assistant) uses OAuth authentication tied to ChatGPT subscriptions. This plugin bridges that authentication to OpenClaw.
Features
~/.codex/auth.jsoncreated bycodex loginUsage
Changes
extensions/openai-codex-auth/index.ts— Main plugin implementationextensions/openai-codex-auth/package.json— Package manifestextensions/openai-codex-auth/openclaw.plugin.json— Plugin metadataextensions/openai-codex-auth/README.md— User documentationPattern
Follows the same structure as
google-gemini-cli-auth— uses the provider registration API with a custom auth flow that reads local credentials.Testing
Sign-Off
Greptile Summary
This PR adds a new extension plugin to authenticate with OpenAI's API by reading OAuth tokens from the Codex CLI's
~/.codex/auth.jsonfile. While the structure follows existing extension patterns (e.g.,google-gemini-cli-auth), the plugin duplicates core functionality that already exists in the main codebase and introduces several conflicts."openai-codex", which is already an established core provider used across model selection, credential management, usage tracking, and onboarding (src/agents/cli-credentials.ts,src/commands/auth-choice.apply.openai.ts,src/infra/provider-usage.*.ts). The core already reads~/.codex/auth.jsonand handles macOS keychain-based Codex credentials.openai/prefixes (e.g.,openai/gpt-4.1), but the existingopenai-codexprovider usesopenai-codex/prefixes (e.g.,openai-codex/gpt-5.3-codex). This would conflict with the standardopenaiAPI key provider.CODEX_HOMEenv var support: The core respectsCODEX_HOMEfor locating auth files; this extension hardcodes~/.codex/auth.json.""when no refresh token exists will cause silent failures during token refresh, unlike the core which returnsnullto signal missing credentials.Confidence Score: 1/5
openai-codexprovider and model namespace conflicts.extensions/openai-codex-auth/index.tshas the provider ID collision and all implementation issues.extensions/openai-codex-auth/openclaw.plugin.jsonalso declares the conflicting provider.Last reviewed commit: 15c93e0
(2/5) Greptile learns from your feedback when you react with thumbs up/down!