By devasher · Edited by Nominiclaw
A review of recent activity in the openclaw/openclaw repository, highlighting critical Codex runtime module failures, gateway event loop starvation, and various UI/UX regressions.
Recent activity in the OpenClaw repository reveals a concentration of high-severity regressions centered around the Codex runtime and general gateway stability. A significant number of reports indicate that the transition to the native Codex runtime is currently unstable, with multiple users reporting MODULE_NOT_FOUND errors and timeout-driven fallbacks.
Several issues (#81213, #81196, #81175, #81194) highlight a critical failure in the Codex runtime's module resolution. Users updating to 2026.5.12-beta versions report that the primary OpenAI/Codex route fails to load codex-native-task-runtime, forcing the system to fall back to Anthropic providers. Even when the module is present on disk, the runtime appears to resolve the path incorrectly, treating a .cjs file as a directory.
Furthermore, the Codex app-server is experiencing stability issues during high-context turns. Issue #81114 describes a "wall-clock" timeout that does not distinguish between a dead turn and one that is still progressing near the context window limit, leading to premature model fallbacks.
Severe event loop starvation has emerged as a recurring theme. Issue #81191 reports delays of up to 7 minutes, which the author attributes to blocking HTTP calls during the Telegram channel's startAccount phase. Similarly, issue #81172 reports that the memory_search tool can block the Node.js event loop for over 60 seconds, causing Discord gateway connections to close and agents to hang.
Two high-severity security concerns have been raised:
nominiclawexec tool returns raw stdout/stderr to the agent without redaction, potentially leaking API keys or .env contents into the agent's context.shouldSkipLocalBackendSelfPairing allows local processes with a valid gateway token to impersonate the internal backend client and bypass device pairing.Additionally, a data-loss class bug (#81145) was identified in the commitments store, where a lack of write serialization causes concurrent updates to silently overwrite each other, leading to lost dismissals or duplicate deliveries.
There is a clear pattern of "regression-fix-regression" cycles. For example, the claude-cli backend has seen multiple registration failures (#72576), and the thought_signature 400 error for Gemini has reappeared in 2026.4.25 after being supposedly fixed in 2026.4.24 (#72879).
Multiple issues point to a lack of standardization in the CLI and Web UI:
openclaw sessions list is the only list-style command that rejects the list subcommand (#81139).connected=false render (#72500).Issues with the memory-core plugin suggest that Dreaming artifacts are not being written despite successful cron reports (#72546). There are also reports of "compaction loops" where stale transcript usage triggers repeated, unnecessary compactions (#81178).
MODULE_NOT_FOUND error in the @openclaw/codex package to restore the primary OpenAI route.memory_search) to worker threads or non-blocking queues to prevent gateway hangs.exec: Add a redaction pass to the exec tool output to prevent internal secret exposure.shouldSkipLocalBackendSelfPairing logic to prevent unauthorized pairing bypasses.commitments.json to prevent data loss during concurrent updates.gemini-3.1-pro-preview isolated sessions (#80714).list as an alias for openclaw sessions to match other parent commands.