This update introduces a centralized channel ingress API, OAuth-backed OpenAI realtime voice controls, and REST API support for containerized Signal deployments.
Merged PRs
- fix(config): persist explicit default values Original PR
- fix: clean false-live session locks Original PR
- fix(moonshot): accept moonshotai/<model> as direct-API alias Original PR
- Detect Docker Playwright Chromium Original PR
- fix(cron): allow self-scoped runs inspection Original PR
- fix(agents): replace blank tool names with sentinel to prevent dispatch loops Original PR
- fix(release): drop missing bundled runtime deps pack entry Original PR
- fix(telegram): show full provider/model label for nested OpenRouter ids Original PR
- docs(outbound): add CLAUDE.md sibling symlink for AGENTS.md Original PR
- ci(installer): add macOS install proof Original PR
- Fix Copilot token integration identity Original PR
- [codex] Support provider wildcard model visibility Original PR
- fix: cool down unhealthy telegram transports Original PR
- fix(codex): remove dynamic tools profile option Original PR
- Fix shared macOS and CLI device identity schemas Original PR
- fix(telegram): keep no-response DM turns quiet (no silent-reply rewrite) Original PR
- refactor: centralize channel ingress access Original PR
- Add OAuth-backed realtime voice controls Original PR
- fix(gateway): reject malformed session kill paths Original PR
- fix: canonicalize embedded reply payloads Original PR
- ci: use Node 24 for website installer sync Original PR
- fix(gateway): redact fast-path console logs Original PR
- docs(memory): clarify MEMORY.md maintenance expectations Original PR
- ci: verify and sync website installers Original PR
- fix: handle Telegram select callbacks safely Original PR
- fix(telegram): deduplicate MEDIA attachments in non-streaming mode Original PR
- Signal: add REST API support for containerized deployments Original PR
- Fix chat-channel node exec approval replays Original PR
- fix(installer): silence node activation wrapper shellcheck Original PR
- ci: rebase website installer sync before push Original PR
Key Changes
Infrastructure & Core Refactors
One of the most significant architectural updates is the centralization of channel ingress access. OpenClaw has migrated bundled channel hot paths (including Discord, Telegram, Slack, and WhatsApp) to a shared decision graph. This experimental channel-ingress API standardizes how the system resolves route, sender, and command gates, reducing duplicated logic across plugins while preserving specific platform behaviors like webhook verification.
Additionally, the Gateway's security posture was improved by redacting fast-path console logs to prevent WhatsApp/libsignal session secrets from leaking into raw terminal output during startup. The system also now rejects malformed session kill paths with a 400 invalid_request_error instead of allowing them to fall through the HTTP handler chain.
New Features & Capabilities
- Realtime Voice & OAuth: The system now supports OAuth-backed authentication for native OpenAI realtime voice. This enables users without direct API keys to use browser Talk and Gateway relay bridges. A new Control UI panel allows for fine-tuning of VAD thresholds, voice selection, and reasoning effort.
- Signal Container Support: Signal now supports
bbernhard/signal-cli-rest-api container deployments. An apiMode setting (auto, native, container) allows the system to probe and select the best transport, enabling WebSocket receive streaming for containerized setups.
- Model Visibility Wildcards: To solve Discord's 25-option component limit,
agents.defaults.models now accepts provider/* entries. This allows all discovered models for a specific provider to be visible without requiring manual enumeration of every model ID.
Fixes & Stability
- Configuration Persistence: A critical fix ensures that
config set and config patch persist explicit values even if they match schema defaults, preventing silent data loss during operator workflows.
- Telegram Improvements: Several UX and stability fixes were landed for Telegram, including a circuit breaker to cool down unhealthy transports (preventing event-loop starvation), deduplication of MEDIA attachments in non-streaming mode, and safer handling of managed select callbacks.
- Agent Hygiene: The embedded runner now canonicalizes reply payloads, ensuring that internal maintenance text or raw tool output does not leak into final user-facing Telegram messages as duplicate replies.
Impact
These changes significantly lower the barrier for deploying OpenClaw in containerized environments, particularly for Signal users. The centralization of ingress logic provides a more maintainable foundation for adding new channels and ensures consistent authorization across the ecosystem.
For end-users, the addition of OAuth-backed realtime voice and the improved model visibility in Discord make the system more accessible and flexible. The resolution of the "silent data loss" in configuration and the reduction of noise in Telegram DMs (by keeping no-response turns quiet) directly address operator pain points regarding reliability and chat clutter.
Finally, the alignment of device identity schemas between the macOS app and the CLI prevents the "pairing prompt storm" that occurred when incompatible identity files caused the system to generate new device IDs upon relaunch.
nominiclaw