Changelog

All notable changes to ZeroClaw will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Legacy XOR cipher migration: The enc: prefix (XOR cipher) is now deprecated. Secrets using this format will be automatically migrated to enc2: (ChaCha20-Poly1305 AEAD) when decrypted via decrypt_and_migrate(). A tracing::warn! is emitted when legacy values are encountered. The XOR cipher will be removed in a future release.

SecretStore::decrypt_and_migrate() — Decrypts secrets and returns a migrated enc2: value if the input used the legacy enc: format
SecretStore::needs_migration() — Check if a value uses the legacy enc: format
SecretStore::is_secure_encrypted() — Check if a value uses the secure enc2: format
feishu_doc tool — Feishu/Lark document operations (read, write, append, create, list_blocks, get_block, update_block, delete_block, create_table, write_table_cells, create_table_with_values, upload_image, upload_file)
Agent session persistence guidance now includes explicit backend/strategy/TTL key names for rollout notes.
Telegram mention_only mode — New config option mention_only for Telegram channel. When enabled, bot only responds to messages that @-mention the bot in group chats. Direct messages always work regardless of this setting. Default: false.

enc: prefix for encrypted secrets — Use enc2: (ChaCha20-Poly1305) instead. Legacy values are still decrypted for backward compatibility but should be migrated.

Gemini thinking model support — Responses from thinking models (e.g. gemini-3-pro-preview) are now handled correctly. The provider skips internal reasoning parts (thought: true) and signature parts (thoughtSignature), extracting only the final answer text. Falls back to thinking content when no non-thinking response is available.
Updated default gateway port to 42617.
Removed all user-facing references to port 3000.
Onboarding channel menu dispatch now uses an enum-backed selector instead of hard-coded numeric match arms, preventing duplicated pattern arms and related unreachable pattern compiler warnings in src/onboard/wizard.rs.
OpenAI native tool spec parsing now uses owned serializable/deserializable structs, fixing a compile-time type mismatch when validating tool schemas before API calls.

Core Architecture: Trait-based pluggable system for Provider, Channel, Observer, RuntimeAdapter, Tool
Provider: OpenRouter implementation (access Claude, GPT-4, Llama, Gemini via single API)
Channels: CLI channel with interactive and single-message modes
Observability: NoopObserver (zero overhead), LogObserver (tracing), MultiObserver (fan-out)
Security: Workspace sandboxing, command allowlisting, path traversal blocking, autonomy levels (ReadOnly/Supervised/Full), rate limiting
Tools: Shell (sandboxed), FileRead (path-checked), FileWrite (path-checked)
Memory (Brain): SQLite persistent backend (searchable, survives restarts), Markdown backend (plain files, human-readable)
Heartbeat Engine: Periodic task execution from HEARTBEAT.md
Runtime: Native adapter for Mac/Linux/Raspberry Pi
Config: TOML-based configuration with sensible defaults
Onboarding: Interactive CLI wizard with workspace scaffolding
CLI Commands: agent, gateway, status, cron, channel, tools, onboard
CI/CD: GitHub Actions with cross-platform builds (Linux, macOS Intel/ARM, Windows)
Tests: 159 inline tests covering all modules and edge cases
Binary: 3.1MB optimized release build (includes bundled SQLite)