x402-claw v2026.3.24.daydreams.1

Changes since v2026.3.2.daydreams.1

• move files to package, fix auth
• docs: format changelog for release
• build: prepare 2026.3.24 release
• feat(minimax): add image generation provider and trim model catalog to M2.7 (openclaw#54487)
• fix(release): add plugin-sdk:check-exports to release:check (openclaw#54283)
• Fix local copied package installs honoring staged project .npmrc (openclaw#54543)
• fix(feishu): use message create_time for inbound timestamps (openclaw#52809)
• fix(feishu): close WebSocket connections on monitor stop (openclaw#52844)
• fix(sandbox): honor sandbox alsoAllow and explicit re-allows (openclaw#54492)
• docs: prepare 2026.3.24-beta.2 release
• Tests: isolate security audit home skill resolution (openclaw#54473)
• test(media): make local roots fixture windows-safe
• fix(runtime): support Node 22.14 installs
• Discord: log rejected native command deploy failures (openclaw#54118)
• test(release): sync llama peer fixture
• fix(ci): restore e2e docker cache boundary
• fix(update): preflight npm target node engine
• fix(media): align outbound media access with fs policy
• test: add Open WebUI docker smoke
• fix(config): ignore same-base correction publish warnings
• test: fix clobbered config snapshot expectation
• refactor: unify whatsapp identity handling
• fix: copy openclaw bin before docker install
• build: prepare 2026.3.24-beta.1
• test: isolate voice-call temp stores
• refactor(openai): extract codex auth identity helper
• refactor(auth): separate profile ids from email metadata
• fix(whatsapp): use async fs.promises.readFile for selfLid creds read
• fix(whatsapp): read selfLid from creds.json for reply-to-bot detection
• fix(whatsapp): compare selfLid for reply-to-bot implicit mention in groups
• fix(whatsapp): unwrap FutureProofMessage (botInvokeMessage) to restore reply-to-bot detection
• test: collapse telegram transport and status suites
• test: collapse telegram button and access suites
• refactor: align pairing replies, daemon hints, and feishu mention policy
• docs: add missing changelog items
• test: collapse telegram context and transport suites
• test: collapse telegram helper suites
• docs: sort changelog by user impact
• test: harden parallels npm update runner
• fix: normalize before_dispatch conversation id
• fix(whatsapp): avoid eager login tool runtime access
• fix: preserve before_dispatch delivery semantics (openclaw#50444) (thanks @gfzhx)
• fix: skip session:patch hook clone without listeners
• fix: unify log timestamp offsets (openclaw#38904) (thanks @sahilsatralkar)
• fix: isolate session:patch hook payload (openclaw#53880) (thanks @graciegould)
• fix: fail loud when PTY cursor mode is unknown (openclaw#51490) (thanks @liuy)
• fix: cover macOS Edge osascript fallback path (openclaw#48561) (thanks @zoherghadyali)
• fix: add changelog for macOS Edge default browser detection (openclaw#48561) (thanks @zoherghadyali)
• fix(browser): add Edge LaunchServices bundle IDs for macOS default browser detection
• cron: queue isolated delivery awareness

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.3.2.daydreams.1...v2026.3.24.daydreams.1

x402-claw v2026.3.2.daydreams.1

Changes since v2026.3.1.daydreams.2

• chore(release): cut 2026.3.2
• CI: disable flaky sticky disk mount for Windows pnpm setup
• CI: start push test lanes earlier and drop check gating
• fix(feishu): guard against false-positive @mentions in multi-app groups (openclaw#30315)
• fix: add session-memory hook support for Feishu provider (openclaw#31437)
• fix(feishu): non-blocking WS ACK and preserve full streaming card content (openclaw#29616)
• CI: reduce critical path for check build and windows jobs
• CI: make node deps install optional in setup action
• CI: speed up Windows dependency warmup
• docs(changelog): remove docs-only 2026.3.2 entries
• feishu, line: pass per-group systemPrompt to inbound context (openclaw#31713)
• docs: add dedicated pdf tool docs page
• fix(feishu): correct invalid scope name in permission grant URL (openclaw#32509)
• chore(release): update appcast for 2026.3.2-beta.1
• CI: shard Windows tests into sixths and skip cache restore
• CI: add toggle to skip pnpm actions cache restore
• fix(gateway): skip google rate limits in live suite
• refactor(feishu): unify Lark SDK error handling with LarkApiError (openclaw#31450)
• Delete changelog/fragments directory
• fix(ci): complete feishu route mock typing in broadcast tests
• chore(release): prepare 2026.3.2-beta.1
• feat(feishu): add broadcast support for multi-agent groups (openclaw#29575)
• fix(gateway): retry exec-read live tool probe
• test(ci): add changed-scope shell-injection regression
• fix(ci): avoid shell interpolation in changed-scope git diff
• docs(feishu): Feishu docs – add verificationToken and align zh-CN with EN (openclaw#31555) thanks @xbsheng
• CI: increase checks-windows test shards to 4
• CI: increase checks-windows test shards to 3
• CI: reduce pre-test Windows setup latency
• CI: add exact-key mode for pnpm cache restore
• fix(feishu): preserve block streaming text when final payload is missing (openclaw#30663)
• fix(venice): retry model discovery on transient fetch failures
• docs(changelog): add SecretRef note for openclaw#29580
• fix(ci): restore scope-test require import and sync host policy
• chore(gitignore): ignore android kotlin cache
• CI: allow blacksmith 32 vCPU Windows runner in actionlint
• CI: gate Windows checks by windows-relevant scope (openclaw#32456)
• style(swift): apply lint and format cleanup
• refactor(macos): simplify pairing alert and host helper paths
• fix(swift): align async helper callsites across iOS and macOS
• test: load ci changed-scope script via esm import
• test: fix strict runtime mock types in channel tests
• fix(telegram): move unchanged command-sync log to verbose
• fix(ci): tighten type signatures in gateway params validation
• fix(e2e): include shared tool display resource in onboard docker build
• docs: reorder unreleased changelog by user interest
• CI: optimize Windows lane by splitting bundle and dropping duplicate lanes
• feat(secrets): expand SecretRef coverage across user-supplied credentials (openclaw#29580)
• refactor(telegram): dedupe monitor retry test helpers
• refactor(agents): dedupe steer restart test replacement flow

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.3.1.daydreams.2...v2026.3.2.daydreams.1

x402-claw v2026.3.1.daydreams.2

Changes since v2026.3.1.daydreams.1

• Update: support fork gitRepo stable/dev update flow

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.3.1.daydreams.1...v2026.3.1.daydreams.2

x402-claw v2026.3.1.daydreams.1

Changes since v2026.2.25.daydreams.1

• chore: update installer default ref to v2026.3.1.daydreams.1
• chore: remove upstream sync pending marker
• docs: update appcast for 2026.3.1
• build: prepare 2026.3.1-beta.1 release
• Gateway: add healthz/readyz probe endpoints for container checks (openclaw#31272)
• fix(ios): eliminate voice wake and xcode build warnings
• fix(ios): enforce main-actor device status APIs
• fix: resolve i18n merge conflict and test hoist failure
• CLI: add config path subcommand to print active config file path (openclaw#26256)
• fix(ci): drop redundant env assertions in daemon status
• fix(discord): prefer names in allowlist resolution logs
• Exec/ACP: inject OPENCLAW_SHELL into child shell env (openclaw#31271)
• style(changelog): apply oxfmt
• fix(ci): resolve i18n typing and generated-policy drift
• fix(android): align lint gates and photo permission handling
• fix(thinking): default Claude 4.6 to adaptive
• fix(cron): guard against year-rollback in croner nextRun (openclaw#30777)
• chore(deps): bump workspace dependencies
• docs: reorder unreleased changelog by user impact
• fix(discord): enrich allowlist resolution logs
• chore: fix gate formatting and raw-fetch allowlist lines
• style(swift): apply swiftformat and swiftlint fixes
• refactor: split telegram delivery and unify media/frontmatter/i18n pipelines
• fix: isolate docker onboard e2e config env
• refactor(feishu): split monitor startup and transport concerns
• refactor: centralize delivery/path/media/version lifecycle
• test(mattermost): cover defaultAccount resolution
• fix(channels): add optional defaultAccount routing
• fix(gateway): raise health-monitor restart cap
• fix(agents): prioritize per-model thinking defaults (openclaw#30439)
• fix: harden feishu startup probe sequencing (openclaw#29941) (thanks @bmendonca3)
• Feishu: skip duplicate bot-info retries after preflight
• Feishu: serialize startup bot-info probes
• fix(feishu): suppress stale replay typing indicators (openclaw#30709) (thanks @arkyu2077)
• fix(feishu): skip typing indicator on old messages after context compaction (openclaw#30418)
• fix(config): normalize gateway bind host aliases during migration (openclaw#30855)
• feat(agents): support thinkingDefault: "adaptive" for Anthropic models (openclaw#31227)
• fix(telegram): land openclaw#31067 first-chunk voice-fallback reply refs (@xdanger)
• docs(gateway): document Docker bridge networking and loopback bind caveat (openclaw#28001)
• fix(agents): unblock gpt-5.3-codex API-key routing and replay (openclaw#31083)
• fix(web-tools): land openclaw#31176 allow RFC2544 trusted fetch range (@sunkinux)
• fix(feishu): harden target routing, dedupe, and reply fallback
• Fix onboard ignoring OPENCLAW_GATEWAY_TOKEN env var (openclaw#22658)
• Gateway: harden control-ui vs plugin HTTP precedence
• Diffs: add viewer payload validation and presentation defaults
• fix(inbound-meta): land openclaw#30984 include account_id context (@Stxle2)
• feat(telegram): improve DM topics support (openclaw#30579) (thanks @kesor)
• docs(changelog): credit fixes from PRs openclaw#31058 openclaw#31211 openclaw#30941 openclaw#31047 openclaw#31205
• test(fs-safe): assert directory-read errors never leak EISDIR text
• fix(infra): avoid EISDIR leak to messaging when Read targets directory (Closes openclaw#31186)

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.2.25.daydreams.1...v2026.3.1.daydreams.1

x402-claw v2026.2.25.daydreams.1

Changes since v2026.2.24.daydreams.1

• docs: finalize 2026.2.25 release notes and appcast
• test(session): make fork parent path assertion cross-platform
• fix(ci): allow legacy patch tags to publish docker latest
• fix(ci): gate docker latest tag to stable release format
• fix(ci): publish latest tag for stable docker release
• fix: document telegram group allowlist hardening (openclaw#25988) (thanks @bmendonca3)
• refactor(telegram): remove dmPolicy from group allow context helper
• security(telegram): fail closed group allowlist against DM pairing store
• chore(protocol): regenerate Swift gateway models
• docs: reorder unreleased changelog by user impact
• refactor: unify monitor abort lifecycle handling
• test(discord): fix monitor test typings
• refactor: centralize message-provider tool filtering
• Discord: handle early gateway startup errors
• fix: add changelog note for LINE lifecycle fix (openclaw#26528) (thanks @Sid-Qin)
• fix(line): keep startAccount pending until abort signal to prevent restart loop
• chore: remove accidental PR_STATUS.md from repo
• test: expand voice provider tts regression coverage
• fix(security): harden approval-bound node exec cwd handling
• fix: disable tts tool for voice provider
• fix(agents): normalize malformed tool results in adapter (openclaw#27007)
• fix(cron): suppress fallback summary after attempted announce delivery
• refactor(slack): share system-event ingress and test harness
• docs(heartbeat): add directPolicy to config examples
• refactor(security): unify path alias guard policies
• feat(heartbeat): add directPolicy and restore default direct delivery
• fix(telegram): webhook hang - tests and fix (openclaw#26933) thanks @huntharo
• fix(routing): preserve explicit cron account and bound message defaults
• refactor(security): unify exec approval request matching
• fix(slack): gate pin/reaction system events by sender auth
• fix(ssrf): unify ipv6 special-use blocking
• fix(security): block workspace hardlink alias escapes
• fix(telegram): preserve finalized previews on mixed text+voice turns
• fix(security): bind system.run approvals to argv identity
• fix: block IPv6 multicast SSRF bypass
• fix: add changelog for chat compose mobile layout (openclaw#11167) (thanks @junyiz)
• style(chat): UI: add mobile layout for chat compose actions
• refactor(telegram): simplify polling restart flow
• fix(slack): land openclaw#26878 allowlist channel ID case-insensitive match (thanks @lbo728)
• fix: add changelog note for android startup perf (openclaw#26659) (thanks @obviyus)
• fix(android): hydrate gateway token state on init
• docs(android): add perf CLI workflow docs
• perf(android): tighten startup path and add perf tooling
• perf(android): make gateway token writes async
• perf(android): cache device identity and speed hex encoding
• perf(android): remove startup bc provider registration
• docs: clarify personal-by-default onboarding security notice
• fix(msteams): bind file consent invokes to conversation
• refactor(tmp): simplify trusted tmp dir state checks
• fix(agents): comprehensive quota fallback fixes - session overrides + surgical cooldown logic (openclaw#23816)

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.2.24.daydreams.1...v2026.2.25.daydreams.1

x402-claw v2026.2.24.daydreams.1

Changes since v2026.2.22.daydreams.1

• release ssync
• Delete .upstream-sync-pending
• upstream release sync
• build: switch 2026.2.24 appcast enclosure to stable tag
• build: update 2026.2.24 appcast enclosure to beta tag
• build: update appcast for 2026.2.24 beta
• docs: clarify pairing commands in faq and troubleshooting
• test: cap docker live model sweeps and harden timeouts
• test: stabilize no-output timeout exec test
• docs: fix configure section example
• docs: expand doctor and devices CLI references
• docs: refresh CLI and trusted-proxy docs
• docs(changelog): reorder and backfill 2026.2.24 release notes
• test: fix TS2742 in telegram media test utils
• test: fix CI failures in heartbeat and typing tests
• refactor: consolidate typing lifecycle and queue policy
• refactor(heartbeat): harden dm delivery classification
• refactor(sandbox): centralize dangerous docker override key handling
• fix: fail-closed shared-session reply routing (openclaw#24571) (thanks @brandonwise)
• fix: add sandbox bind-override regression coverage (openclaw#25410) (thanks @skyer-jian)
• fix(heartbeat): block dm targets and internalize blocked prompts
• fix: keep channel typing active during long inference (openclaw#25886, thanks @stakeswky)
• refactor(telegram-tests): split media suites and decouple store mock
• refactor(sandbox): unify tmp alias checks and dedupe hardlink tests
• refactor(sandbox): share container-path utils and tighten fs bridge tests
• fix: drop active heartbeat followups from queue (openclaw#25610, thanks @mcaxtr)
• fix: add changelog thanks for openclaw#25820 (thanks @bmendonca3)
• fix(sandbox): reject hardlinked tmp media aliases
• test(telegram): cover triple-dash inbound media path regression
• fix(shell): prefer PowerShell 7 on Windows with tested fallbacks (openclaw#25684)
• fix(agents): keep fallback chain reachable on configured fallback models (openclaw#25922)
• fix(cli): support --query in memory search command (openclaw#25904)
• fix: remove unused DeliverableMessageChannel import
• fix(security): prevent cross-channel reply routing in shared sessions
• fix: harden sandbox fs dash-path regression coverage (openclaw#25891) (thanks @albertlieyingadrian)
• fix(sandbox): prevent shell option interpretation for paths with leading hyphens
• fix: sanitize Gemini 3.1 Google reasoning payloads
• fix: suppress reasoning payload leakage in whatsapp replies
• test(windows): normalize risky-path assertions
• fix(heartbeat): default target none and internalize relay prompts
• fix(ui): inherit default model fallbacks in agents overview (openclaw#25729)
• fix(agents): reduce billing false positives on long text (openclaw#25680)
• fix(synology-chat): land @bmendonca3 fail-closed allowlist follow-up (openclaw#25827)
• fix(telegram): refresh global undici dispatcher for autoSelectFamily (openclaw#25682)
• fix(agents): normalize SiliconFlow Pro thinking=off payload (openclaw#25435)
• chore(deps): update dependencies except carbon
• test: normalize tmp media path assertion for windows
• refactor: extract iMessage echo cache and unify suppression guards
• test(media): add win32 dev=0 local media regression
• fix: harden iMessage echo dedupe and reasoning suppression (openclaw#25897)

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.2.22.daydreams.1...v2026.2.24.daydreams.1

x402-claw v2026.2.22.daydreams.1

Changes since v2026.2.19.daydreams.1

• Cron: suppress fallback main summary for delivery-target errors (openclaw#24074) thanks @Takhoffman
• Compaction: count only completed auto-compactions (openclaw#24056)
• Compaction: ignore tool result details in oversized checks (openclaw#24057)
• Agent runner: align compaction floor guidance (openclaw#24059)
• Compaction: sanitize token split accounting (openclaw#24058)
• Gateway: harden cron.runs jobId path handling (openclaw#24038) thanks @Takhoffman
• fix(exec): keep implicit sandbox default and restore no-alert baseline
• Cron: preserve due jobs after manual runs (openclaw#23994)
• chore(release): bump version to 2026.2.22-1
• Gateway/Chat UI: sanitize untrusted wrapper markup in final payloads
• chore: update appcast for 2026.2.22 beta.1
• fix(daemon): extend restart health timeout and improve restart errors
• fix(exec): restore sandbox as implicit host default
• Cron: persist manual run marker before unlock (openclaw#23993)
• security(cli): redact sensitive values in config get output (openclaw#23654)
• Docker: precreate identity dir in docker setup
• chore(synology-chat): allow npm publish for plugin package
• docs(changelog): move mistral to top and add synology chat
• fix(synology-chat): align docs metadata and declare runtime deps
• test: fix msteams shared attachment fetch mock typing
• test: tighten mistral media and onboarding coverage
• doctor: clean up legacy Linux gateway services (openclaw#21188)
• docs: add synology channel docs and fix unreleased changelog
• fix(models): synthesize antigravity Gemini 3.1 pro high/low models (openclaw#22899)
• Agents: infer auth-profile unavailable failover reason
• fix(tui): add OSC 8 hyperlinks for wrapped URLs (openclaw#17814)
• feat: Provider/Mistral full support for Mistral on OpenClaw 🇫🇷 (openclaw#23845)
• fix(plugins): hook systemPrompt gets collected then thrown away (openclaw#14583) (openclaw#14602)
• chore: remove deprecated npm allow-build-scripts config
• fix(reasoning): persist off override for discord directives
• fix(agents): remove synthetic done fallback reply
• fix(memory): hard-cap embedding inputs before batch
• fix(security): OC-07 redact session history credentials and enforce webhook secret (openclaw#16928)
• Cron: respect aborts in main wake-now retries (openclaw#23967)
• Cron: clean run-log write queue entries (openclaw#23968)
• WhatsApp: enforce allowFrom for explicit outbound sends (openclaw#20921)
• fix(memory): reindex when sources change
• security(web_fetch): strip hidden content to prevent indirect prompt injection (openclaw#21074)
• Cron: apply timeout to startup catch-up runs (openclaw#23966)
• fix(msteams): add SSRF protection to attachment downloads via redirect and DNS validation (openclaw#23598)
• chore(test): stabilize mcporter assertions on Windows
• fix(memory): harden qmd collection recovery
• docs: reorder 2026.2.22 changelog by user impact
• fix: make windows CI path handling deterministic
• fix(doctor): warn that approvals.exec.enabled only disables forwarding
• fix(sandbox): fallback docker user to workspace owner uid/gid
• fix(exec): apply per-agent exec defaults for opaque session keys
• build: update deps and stabilize tests
• test(exec): resolve rebase artifact in bash-tools test
• fix(voice-call): harden media stream pre-start websocket handling

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.2.19.daydreams.1...v2026.2.22.daydreams.1

x402-claw v2026.2.19.daydreams.1

Changes since v2026.2.17.daydreams.2

• fix(ci): fix changelog generation in release workflow
• fix lint
• fix(ci): use versioned actionlint checksum asset
• ci: move blacksmith runners to 8 vcpu
• docs: trim refactor-only and duplicate changelog entries
• fix(ci): verify actionlint release checksum before install
• fix(ui): unblock docker onboarding build
• fix(ci): tighten test typing for browser and cron cli
• fix(ci): normalize path assertions across platforms
• refactor(daemon): extract windows cmd argv helpers
• test: dedupe and optimize test suites
• chore: bump release metadata to 2026.2.19
• fix(daemon): harden windows schtasks script quoting
• fix(ci): add explicit mock export types for harnesses
• fix(ci): format cron tool imports
• fix(ci): resolve format drift and acp mock typing
• refactor(runtime): split runtime builders and stabilize cron tool seam
• test: cover plugin status helper branches
• test: harden mock order and shell path coverage
• test: cover npm pack install drift branches
• refactor: eliminate jscpd clones and boost tests
• test: share channels command mock harness
• test: share temp home env harness
• refactor: share npm integrity drift handling
• test: reuse isolated agent mock module
• refactor(daemon): extract schtasks cmd-set codec helpers
• refactor(security): unify safe-bin argv parsing and harden regressions
• fix(security): restore trusted plugin runtime exec default
• docs(changelog): add Windows schtasks injection fix note
• fix(daemon): escape schtasks environment assignments
• fix(gateway): harden canvas auth with session capabilities
• chore: fix formatting drift and stabilize cron tool mocks
• fix(security): harden ACP prompt size guardrails
• fix(security): OC-53 validate prompt size before string concatenation to prevent memory exhaustion — Aether AI Agent
• fix(security): OC-53 enforce 2MB prompt size limit to prevent ACP DoS — Aether AI Agent
• refactor(security): centralize trusted sender checks for discord moderation
• fix(security): enforce plugin and hook path containment
• fix: harden voice-call tts deep merge
• fix: harden ACP secret handling and exec preflight boundaries
• fix(security): centralize owner-only tool gating and scope maps
• ci: harden workflow action input handling
• test: share cron tool mock harness
• test: share memory manager bootstrap helper
• refactor: share exec approval request helper
• refactor: dedupe redact snapshot restore prelude
• refactor: share allow-from merge and sender-id checks
• refactor: share plain object guard across config and utils
• refactor: dedupe gateway session guards and agent test fixtures
• refactor: reuse daemon action response type in lifecycle core
• refactor: dedupe slack monitor mrkdwn and modal event base

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.2.17.daydreams.2...v2026.2.19.daydreams.1

x402-claw v2026.2.17.daydreams.2

Changes since v2026.2.17.daydreams.1

• update lockfile

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash

Full diff: v2026.2.17.daydreams.1...v2026.2.17.daydreams.2

x402-claw v2026.2.15.daydreams.4

Changes since v2026.2.15.daydreams.3

• Show wallet address and funding step during x402 onboarding
• Resolve address from SAW daemon or private key and prompt user to fund with USDC

Install

curl -fsSL https://raw.githubusercontent.com/daydreamsai/dreaming-claw/main/scripts/install-openclaw-fork.sh | bash