Releases: nearai/ironclaw
Releases · nearai/ironclaw
0.25.0 - 2026-04-11
11 Apr 01:41
Compare
Sorry, something went wrong.
No results found
Release Notes
Added
(tools) production-grade coding tools, file history, and skills (#2025 )add extensible deployment profiles (IRONCLAW_PROFILE) (#2203 )
(skills) commitments system — active intake for personal AI assistant (#1736 )add native Composio tool for third-party app integrations (#920 )
(gateway) extract gateway frontend into ironclaw_gateway crate with widget system (#1725 )(railway) build staging target with pre-bundled WASM extensions (#2219 )(docker) pre-bundle WASM extensions in staging image (#2210 )(tui) ship TUI in default binary (#2195 )(admin) admin tool policy to disable tools for users (#2154 )(web) add scroll-to-bottom arrow in gateway chat (#2202 )unified tool dispatch + schema-validated workspace (#2049 )
(workspace) admin system prompt shared with all users (#2109 )(engine) restage skill repair learning loop on staging (#1962 )(tui) port full-featured Ratatui terminal UI onto staging (#1973 )(slack) implement on_broadcast and fix message tool hints (#2113 )(i18n) add Korean translation, fix zh-CN drift, and prevent future drift via pre-commit hook (#2065 )NEAR AI MCP server (#2009 )
(test) dual-mode live/replay test harness with LLM judge (#2039 )add AWS Bedrock embeddings provider (#1568 )
(ownership) centralized ownership model with typed identities, DB-backed pairing, and OwnershipCache (#1898 )(tools) persistent per-user tool permission system (#1911 )(engine) Unified Thread-Capability-CodeAct execution engine (v2 architecture) (#1557 )(auth) direct OAuth/social login with Google, GitHub, Apple, and NEAR wallet (#1798 )Add ACP (Agent Client Protocol) job mode for delegating to any compatible coding agent (#1600 )
(workspace) metadata-driven indexing/hygiene, document versioning, and patch (#1723 )(jobs) per-job MCP server filtering and max_iterations cap (#1243 )(config) unify all settings to DB > env > default priority (#1722 )(telegram) add sendVoice support for audio/ogg attachments (#1314 )(setup) build ironclaw-worker Docker image in setup wizard (#1757 )
Fixed
(ci) bump 5 channel versions + fix lifetime desync in panics check (#2300 )(test) case-insensitive hint matching in TraceLlm step_matches (#2292 )(v2) tool naming, auth gates, schema flatten, WASM traps, workspace race (#2209 )(ci) resolve 4 staging test failures (#2273 )(docker) copy profiles/ into build stages (#2289 )(engine) mission cron scheduling + timezone propagation (#1944 ) (#1957 )(oauth) use localhost for redirect URI when bound to 0.0.0.0 (#2247 )(bridge) sanitize auth_url on engine v2 path (#2206 ) (#2215 )(docs) explain in more details activation block & installation steps for skills (#2216 )(docker) consume CACHE_BUST arg so BuildKit invalidates cache(gateway) suppress duplicate text response during auth flow and unify extension config modal (#2172 )(agent) stop intercepting bare yes/no/always as approval when nothing pending (#2178 )(ci) resolve 3 staging test failures (#2207 )(wasm) upgrade Wasmtime to 43.0.1 and restore CI (#2224 )fix(auth) first-pass Gmail OAuth auth prompt in chat (#2038 )
(db) repair V6 migration checksum and guard against re-modification (#1328 ) (#2101 )(ci) target wasm32-wasip2 in WASM build script (#2175 )(test) use canonical extension name in setup submit test (#2158 )fix (skills) installs for invalid catalog names (#2040 )
universal engine-version tool visibility filtering (#2132 )
(ownership) remove silent cross-tenant credential fallback (#2099 )(e2e) canonicalize extension names + fix remaining test failures (#2129 )(ownership) unify ownership checks via Owned trait and fix mission visibility bug (#2126 )(web) intercept approval text input in chat (#2124 )(staging) repair 4 categories of CI test failures (#2091 )(web) emit Done after response — SSE ordering fix (#2079 ) (#2104 )(tools) gate claude_code and acp modes behind enabled flags (#2003 )(acp) propagate follow-up prompt failures as job errors (#1981 )color for tools use (#2096 )
(registry) use canonical underscore names in manifests to fix WASM install (#2029 )(safety) add credential patterns and sensitive path blocklist (#1675 )(channels) allow telegram wasm channel name (#2051 )(staging) repair broken test build and macOS-incompatible SSRF tests (#2064 )honor auto-approve tools in engine v2 (#2013 )
(bridge) sanitize orphaned tool results in v2 adapter (#1975 )(docker) ensure ironclaw runtime home exists (#1918 )(agent) prevent self-repair notification spam for stuck jobs (#1867 )(self-repair) skip built-in tools in broken tool detection and repair (#1991 )unblock bootstrap ownership on dynamic_tools (#2005 )
(llm) invert reasoning default — unknown models skip think/final tags (#1952 )(llm) add sanitize_tool_messages to OpenAiCodexProvider (#1971 )update CLI help snapshots for --auto-approve and acp command (#1966 )
(docker) switch to glibc to fix libSQL segfault on DB reopen (#1930 )(db) swap V16/V17 to match production PG (document_versions before user_identities) (#1931 )(db) keep V15=conversation_source_channel to match production PG (#1928 )(db) resolve V15 migration numbering conflict (#1923 )(routines) add bounded retry for transient lightweight failures (#1471 )(relay) thread responses under original message in Slack channels (#1848 )(worker) Improve command execution parameter validation (#1692 )(telegram) auto-generate webhook secret during setup (#1536 )(builder) accept inline-table and object-map dependency formats from LLM (#1748 )(gemini) preserve and echo thoughtSignature for Gemini 3.x function calls (#1752 )(relay) route async Slack messages to correct channel instead of DMs (#1845 )*(security...
Read more
0.24.0 - 2026-03-31
31 Mar 16:22
Compare
Sorry, something went wrong.
No results found
Release Notes
Added
(gateway) OIDC JWT authentication for reverse-proxy deployments (#1463 )support custom LLM provider configuration via web UI (#1340 )
(skills) recursive bundle directory scanning for skill discovery (#1667 )(discord) add gateway channel flow in wasm (#944 )DB-backed user management, admin secrets provisioning, and multi-tenant isolation (#1626 )
(gateway) add OpenAI Responses API endpoints (#1656 )
Fixed
(routines) clone Arc before await in web handler event cache refresh (#1756 )(slack) respond to thread replies without requiring @mention (#1405 )resolve 11 test failures from multi-tenant bootstrap and sandbox gate regressions (#1746 )
(auth) make shared Google tool status scope-aware (#1532 )(wasm) inject Content-Length: 0 for bodyless mutating HTTP requests (#1529 )(bedrock) strip tool blocks from messages when toolConfig is absent (#1630 )prevent UTF-8 panics in byte-index string truncation (#1688 )
(gemini) preserve thought signatures on all tool calls (#1565 )pin staging ci jobs to a single tested sha (#1628 )
(routines) complete full_job execution reliability overhaul (#1650 )(worker) treat empty LLM response after text output as completion (#1677 )(worker) replace script -qfc with pty-process for injection-safe PTY (#1678 )(web) redact database error details from API responses (#1711 )(oauth) tighten legacy state validation and fallback handling (#1701 )(db) add tracing warn for naive timestamp fallback and improve parse_timestamp tests (#1700 )(wasm) use typed WASM schema as advertised schema when available (#1699 )sanitize tool error results before llm injection (#1639 )
require Feishu webhook authentication (#1638 )
(llm) prevent UTF-8 panic in line_bounds() (fixes #1669 ) (#1679 )downgrade excessive debug logging in hot path (closes #1686 ) (#1694 )
Other
Stabilize MCP refresh regression tests (#1772 )
Fix hosted MCP OAuth refresh flow (#1767 )
Track routine verification state across updates (#1716 )
(e2e) align WASM reinstall expectation with uninstall cleanup (#1762 )Handle empty tool completions in autonomous jobs (#1720 )
Clarify message tool vs channel setup guidance (#1715 )
tighten contribution and PR guidance (#1704 )
Clean up extension credentials on uninstall (#1718 )
Install ironclaw 0.24.0
Install prebuilt binaries via shell script
curl --proto ' =https' | sh Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c " irm https://github.com/nearai/ironclaw/releases/download/ironclaw-v0.24.0/ironclaw-installer.ps1 | iex" Install prebuilt binaries into your npm project
npm install ironclaw@0.24.0 Download ironclaw 0.24.0
0.23.0 - 2026-03-27
27 Mar 05:59
Compare
Sorry, something went wrong.
No results found
Release Notes
Added
complete multi-tenant isolation — phases 2–4 (#1614 )
Fixed
(routines) recover delete name after failed update fallback (#1108 )(mcp) handle 202 Accepted and wire session manager for Streamable HTTP (#1437 )(extensions) channel-relay auth dead-end, observability, and URL override (#1681 )(agent) discard truncated tool calls when finish_reason == Length (#1631 ) (#1632 )(llm) filter XML tool-call recovery by context (#1641 )
Other
Support direct hosted OAuth callbacks with proxy auth token (#1684 )
Install ironclaw 0.23.0
Install prebuilt binaries via shell script
curl --proto ' =https' | sh Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c " irm https://github.com/nearai/ironclaw/releases/download/ironclaw-v0.23.0/ironclaw-installer.ps1 | iex" Install prebuilt binaries into your npm project
npm install ironclaw@0.23.0 Download ironclaw 0.23.0
0.22.0 - 2026-03-25
26 Mar 02:18
Compare
Sorry, something went wrong.
No results found
Release Notes
Added
(agent) thread per-tool reasoning through provider, session, and all surfaces (#1513 )(cli) show credential auth status in tool info (#1572 )multi-tenant auth with per-user workspace isolation (#1118 )
(cli) add ironclaw models subcommands (list/status/set/set-provider) (#1043 )(workspace) multi-scope workspace reads (#1117 )(ux) complete UX overhaul — design system, onboarding, web polish (#1277 )(gemini_oauth) full Gemini CLI OAuth integration with Cloud Code API (#1356 )(shell) add Low/Medium/High risk levels for graduated command approval (closes #172 ) (#368 )(agent) queue and merge messages during active turns (#1412 )(cli) add ironclaw hooks list subcommand (#1023 )(extensions) support text setup fields in web configure modal (#496 )(llm) add GitHub Copilot as LLM provider (#1512 )(workspace) layered memory with sensitivity-based privacy redirect (#1112 )(webhooks) add public webhook trigger endpoint for routines (#736 )(llm) Add OpenAI Codex (ChatGPT subscription) as LLM provider (#1461 )(web) add light theme with dark/light/system toggle (#1457 )(agent) activate stuck_threshold for time-based stuck job detection (#1234 )chat onboarding and routine advisor (#927 )
Fixed
ensure LLM calls always end with user message (closes #763 ) (#1259 )
restore owner-scoped gateway startup (#1625 )
remove stale stream_token gate from channel-relay activation (#1623 )
(agent) case-insensitive channel match and user_id filter for event triggers (#1211 )(routines) normalize status display across web and CLI (#1469 )(tunnel) managed tunnels target wrong port and die from SIGPIPE (#1093 )(agent) persist /model selection to .env, TOML, and DB (#1581 )post-merge review sweep — 8 fixes across security, perf, and correctness (#1550 )
generate Mistral-compatible 9-char alphanumeric tool call IDs (#1242 )
(mcp) handle empty 202 notification acknowledgements (#1539 )(tests) eliminate env mutex poison cascade (#1558 )(safety) escape tool output XML content and remove misleading sanitized attr (#1067 )(oauth) reject malformed ic2.* states in decode_hosted_oauth_state (#1441 ) (#1454 )parameter coercion and validation for oneOf/anyOf/allOf schemas (#1397 )
persist startup-loaded MCP clients in ExtensionManager (#1509 )
(deps) patch rustls-webpki vulnerability (RUSTSEC-2026-0049)(routines) add missing extension_manager field in trigger_manual EngineContext(ci) serialize env-mutating OAuth wildcard tests with ENV_MUTEX (#1280 ) (#1468 )(setup) remove redundant LLM config and API keys from bootstrap .env (#1448 )resolve wasm broadcast merge conflicts with staging (#395 ) (#1460 )
skip credential validation for Bedrock backend (#1011 )
register sandbox jobs in ContextManager for query tool visibility (#1426 )
prefer execution-local message routing metadata (#1449 )
(security) validate embedding base URLs to prevent SSRF (#1221 )f32→f64 precision artifact in temperature causes provider 400 errors (#1450 )
(routines) surface errors when sandbox unavailable for full_job routines (#769 )restore libSQL vector search with dynamic dimensions (#1393 )
staging CI triage — consolidate retry parsing, fix flaky tests, add docs (#1427 )
Other
Merge branch 'main' into staging-promote/455f543b-23329172268
Merge pull request #1655 from nearai/codex/fix-staging-promotion-1451-version-bumps
Merge pull request #1499 from nearai/staging-promote/9603fefd-23364438978
Fix libsql prompt scope regressions (#1651 )
Normalize cron schedules on routine create (#1648 )
Fix MCP lifecycle trace user scope (#1646 )
Fix REPL single-message hang and cap CI test duration (#1643 )
extract AppEvent to crates/ironclaw_common (#1615 )
Fix hosted OAuth refresh via proxy (#1602 )
(agent) optimize approval thread resolution (UUID parsing + lock contention) (#1592 )(tools) auto-compact WASM tool schemas, add descriptions, improve credential prompts (#1525 )Default new lightweight routines to tools-enabled (#1573 )
Google OAuth URL broken when initiated from Telegram channel (#1165 )
add gitcgr code graph badge (#1563 )
Fix owner-scoped message routing fallbacks (#1574 )
(tools) remove unconditional params clone in shared execution (fix #893 ) (#926 )(llm) move transcription module into src/llm/ (#1559 )(agent) avoid preview allocations for non-truncated strings (fix #894 ) (#924 )Expand AGENTS.md with coding agents guidance (#1392 )
Fix CI approval flows and stale fixtures (#1478 )
Use live owner tool scope for autonomous routines and jobs (#1453 )
use Arc in embedding cache to avoid clones on miss path (#1438 )
Add owner-scoped permissions for full-job routines (#1440 )
Install ironclaw 0.22.0
Install prebuilt binaries via shell script
curl --proto ' =https' | sh Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c " irm https://github.com/nearai/ironclaw/releases/download/ironclaw-v0.22.0/ironclaw-installer.ps1 | iex" Install prebuilt binaries into your npm project
npm install ironclaw@0.22.0 Download ironclaw 0.22.0
Read more
0.21.0 - 2026-03-20
20 Mar 19:06
Compare
Sorry, something went wrong.
No results found
Release Notes
Added
structured fallback deliverables for failed/stuck jobs (#236 )
LRU embedding cache for workspace search (#1423 )
receive relay events via webhook callbacks (#1254 )
Fixed
bump Feishu channel version for promotion
(approval) make "always" auto-approve work for credentialed HTTP requests (#1257 )skip NEAR AI session check when backend is not nearai (#1413 )
Other
Make hosted OAuth and MCP auth generic (#1375 )
Install ironclaw 0.21.0
Install prebuilt binaries via shell script
curl --proto ' =https' | sh Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c " irm https://github.com/nearai/ironclaw/releases/download/v0.21.0/ironclaw-installer.ps1 | iex" Install prebuilt binaries into your npm project
npm install ironclaw@0.21.0 Download ironclaw 0.21.0
0.20.0 - 2026-03-19
19 Mar 19:16
Compare
Sorry, something went wrong.
No results found
Release Notes
Added
(self-repair) wire stuck_threshold, store, and builder (#712 )(testing) add FaultInjector framework for StubLlm (#1233 )(gateway) unified settings page with subtabs (#1191 )upgrade MiniMax default model to M2.7 (#1357 )
Fixed
navigate telegram E2E tests to channels subtab (#1408 )
add missing builder field and update E2E extensions tab navigation (#1400 )
remove debug_assert guards that panic on valid error paths (#1385 )
address valid review comments from PR #1359 (#1380 )
full_job routine runs stay running until linked job completion (#1374 )
full_job routine concurrency tracks linked job lifetime (#1372 )
remove -x from coverage pytest to prevent suite-blocking failures (#1360 )
add debug_assert invariant guards to critical code paths (#1312 )
(mcp) retry after missing session id errors (#1355 )(telegram) preserve polling after secret-blocked updates (#1353 )(llm) cap retry-after delays (#1351 )(setup) remove nonexistent webhook secret command hint (#1349 )Rate limiter returns retry after None instead of a duration (#1269 )
Other
bump telegram channel version to 0.2.5 (#1410 )
(ci) enforce test requirement for state machine and resilience changes (#1230 ) (#1304 )Fix duplicate LLM responses for matched event routines (#1275 )
add Japanese README (#1306 )
(ci) add coverage gates via codecov.yml (#1228 ) (#1291 )Redesign routine create requests for LLMs (#1147 )
Install ironclaw 0.20.0
Install prebuilt binaries via shell script
curl --proto ' =https' | sh Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c " irm https://github.com/nearai/ironclaw/releases/download/v0.20.0/ironclaw-installer.ps1 | iex" Install prebuilt binaries into your npm project
npm install ironclaw@0.20.0 Download ironclaw 0.20.0
0.19.0 - 2026-03-17
17 Mar 05:58
Compare
Sorry, something went wrong.
No results found
Release Notes
Added
verify telegram owner during hot activation (#1157 )
(config) unify config resolution with Settings fallback (Phase 2, #1119 ) (#1203 )(sandbox) add retry logic for transient container failures (#1232 )(heartbeat) fire_at time-of-day scheduling with IANA timezone (#1029 )Reuse Codex CLI OAuth tokens for ChatGPT backend LLM calls (#693 )
add pre-push git hook with delta lint mode (#833 )
(cli) add logs command for gateway log access (#1105 )add Feishu/Lark WASM channel plugin (#1110 )
add Criterion benchmarks for safety layer hot paths (#836 )
(routines) human-readable cron schedule summaries in web UI (#1154 )(web) add follow-up suggestion chips and ghost text (#1156 )(ci) include commit history in staging promotion PRs (#952 )(tools) add reusable sensitive JSON redaction helper (#457 )configurable hybrid search fusion strategy (#234 )
(cli) add cron subcommand for managing scheduled routines (#1017 )adds context-llm tool support (#616 )
(web-chat) add hover copy button for user/assistant messages (#948 )add Slack approval buttons for tool execution in DMs (#796 )
enhance HTTP tool parameter parsing (#911 )
(routines) enable tool access in lightweight routine execution (#257 ) (#730 )add MiniMax as a built-in LLM provider (#940 )
(cli) add ironclaw channels list subcommand (#933 )(cli) add ironclaw skills list/search/info subcommands (#918 )add cargo-deny for supply chain safety (#834 )
(setup) display ASCII art banner during onboarding (#851 )(extensions) unify auth and configure into single entrypoint (#677 )(i18n) Add internationalization support with Chinese and English translations (#929 )Import OpenClaw memory, history and settings (#903 )
Fixed
jobs limit (#1274 )
misleading UI message (#1265 )
bump channel registry versions for promotion (#1264 )
cover staging CI all-features and routine batch regressions (#1256 )
resolve merge conflict fallout and missing config fields
web/CLI routine mutations do not refresh live event trigger cache (#1255 )
(jobs) make completed->completed transition idempotent to prevent race errors (#1068 )(llm) persist refreshed Anthropic OAuth token after Keychain re-read (#1213 )(worker) prevent orphaned tool_results and fix parallel merging (#1069 )Telegram bot token validation fails intermittently (HTTP 404) (#1166 )
(security) prevent metadata spoofing of internal job monitor flag (#1195 )(security) default webhook server to loopback when tunnel is configured (#1194 )(auth) avoid false success and block chat during pending auth (#1111 )(config) unify ChannelsConfig resolution to env > settings > default (#1124 )(web-chat) normalize chat copy to plain text (#1114 )(skill) treat empty url param as absent when installing skills (#1128 )preserve AuthError type in oauth_http_client cache (#1152 )
(web) prevent Safari IME composition Enter from sending message (#1140 )(mcp) handle 400 auth errors, clear auth mode after OAuth, trim tokens (#1158 )eliminate panic paths in production code (#1184 )
N+1 query pattern in event trigger loop (routine_engine) (#1163 )
(llm) add stop_sequences parity for tool completions (#1170 )(channels) use live owner binding during wasm hot activation (#1171 )Non-transactional multi-step context updates between metadata/to… (#1161 )
(webhook) avoid lock-held awaits in server lifecycle paths (#1168 )Google Sheets returns 403 PERMISSION_DENIED after completing OAuth (#1164 )
HTTP webhook secret transmitted in request body rather than via header, docs inconsistency and security concern (#1162 )
(ci) exclude ironclaw_safety from release automation (#1146 )(registry) bump versions for github, web-search, and discord extensions (#1106 )(mcp) address 14 audit findings across MCP module (#1094 )(http) replace .expect() with match in webhook handler (#1133 )(time) treat empty timezone string as absent (#1127 )5 critical/high-priority bugs (auth bypass, relay failures, unbounded recursion, context growth) (#1083 )
(ci) checkout promotion PR head for metadata refresh (#1097 )(ci) add missing attachments field and crates/ dir to Dockerfiles (#1100 )(registry) bump telegram channel version for capabilities change (#1064 )(ci) repair staging promotion workflow behavior (#1091 )(wasm) address #1086 review followups -- description hint and coercion safety (#1092 )(ci) repair staging-ci workflow parsing (#1090 )(extensions) fix lifecycle bugs + comprehensive E2E tests (#1070 )add tool_info schema discovery for WASM tools (#1086 )
resolve bug_bash UX/logging issues (#1054 #1055 #1058 ) (#1072 )
(http) fail closed when webhook secret is missing at runtime (#1075 )(service) set CLI_ENABLED=false in macOS launchd plist (#1079 )relax approval requirements for low-risk tools (#922 )
(web) make approval requests appear without page reload (#996 ) (#1073 )(routines) run cron checks immediately on ticker startup (#1066 )(web) recompute cron next_fire_at when re-enabling routines (#1080 )(memory) reject absolute filesystem paths with corrective routing (#934 )remove all inline event handlers for CSP script-src compliance (#1063 )
(mcp) include OAuth state parameter in authorization URLs (#1049 )(mcp) open MCP OAuth in same browser as gateway (#951 )(deploy) harden production container and bootstrap security (#1014 )release lock guards before awaiting channel send (#869 ) (#1003 )
(registry) use versioned artifact URLs and checksums for all WASM manifests (#1007 )(setup) preserve model selection on provider re-run (#679 ) (#987 )(mcp) attach session manager for non-OAuth HTTP clients ([#793 ](https://github.com/nearai/ironclaw/pull/ ... Read more
0.18.0 - 2026-03-11
11 Mar 18:04
Compare
Sorry, something went wrong.
No results found
Release Notes
Other
Merge pull request #907 from nearai/staging-promote/b0214fef-22930316561
promote staging to main (2026-03-10 15:19 UTC) (#865 )
Merge pull request #830 from nearai/staging-promote/3a2989d0-22888378864
update WASM artifact SHA256 checksums [skip ci] (#876 )
Install ironclaw 0.18.0
Install prebuilt binaries via shell script
curl --proto ' =https' | sh Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c " irm https://github.com/nearai/ironclaw/releases/download/v0.18.0/ironclaw-installer.ps1 | iex" Install prebuilt binaries into your npm project
npm install ironclaw@0.18.0 Download ironclaw 0.18.0
0.17.0 - 2026-03-10
10 Mar 17:08
Compare
Sorry, something went wrong.
No results found
Release Notes
Added
(llm) per-provider unsupported parameter filtering (#749 , #728 ) (#809 )persist user_id in save_job and expose job_id on routine runs (#709 )
(ci) chained promotion PRs with multi-agent Claude review (#776 )add background sandbox reaper for orphaned Docker containers (#634 )
(wasm) lazy schema injection on WASM tool errors (#638 )add AWS Bedrock LLM provider via native Converse API (#713 )
full image support across all channels (#725 )
(skills) exclude_keywords veto in skill activation scoring (#688 )(mcp) transport abstraction, stdio/UDS transports, and OAuth fixes (#721 )add PID-based gateway lock to prevent multiple instances (#717 )
configurable LLM request timeout via LLM_REQUEST_TIMEOUT_SECS (#615 ) (#630 )
(timezone) add timezone-aware session context (#671 )(setup) Anthropic OAuth onboarding with setup-token support (#384 )(llm) add Google Gemini, AWS Bedrock, io.net, Mistral, Yandex, and Cloudflare WS AI providers (#676 )unified thread model for web gateway (#607 )
WASM channel attachments with LLM pipeline integration (#596 )
enable Anthropic prompt caching via automatic cache_control injection (#660 )
(routines) approval context for autonomous job execution (#577 )(llm) declarative provider registry (#618 )(gateway) show IronClaw version in status popover [skip-regression-check] (#636 )Wire memory hygiene retention policy into heartbeat loop (#629 )
Fixed
(ci) run fmt + clippy on staging PRs, skip Windows clippy [skip-regression-check] (#802 )(ci) clean up staging pipeline — remove hacks, skip redundant checks [skip-regression-check] (#794 )(ci) secrets can't be used in step if conditions [skip-regression-check] (#787 )prevent irreversible context loss when compaction archive write fails (#754 )
button styles (#637 )
(mcp) JSON-RPC spec compliance — flexible id, correct notification format (#685 )preserve tool-call history across thread hydration (#568 ) (#670 )
CLI commands ignore runtime DATABASE_BACKEND when both features compiled (#740 )
(web) prevent fetch error when hostname is an IP address in TEE check (#672 )add timezone conversion support to time tool (#687 )
standardize libSQL timestamps as RFC 3339 UTC (#683 )
(docker) bind postgres to localhost only (#686 )(repl) skip /quit on EOF when stdin is not a TTY (#724 )(web) prevent Enter key from sending message during IME composition (#715 )(config) init_secrets no longer overwrites entire config (#726 )(cli) status command ignores config.toml and settings.json (#354 ) (#734 )(setup) preserve model name when re-running onboarding with same provider (#600 ) (#694 )(setup) initialize secrets crypto for env-var security option (#666 ) (#706 )persist /model selection across restarts (#707 )
(routines) resolve message tool channel/target from per-job metadata (#708 )sanitize HTML error bodies from MCP servers to prevent web UI white screen (#263 ) (#656 )
prevent Instant duration overflow on Windows (#657 ) (#664 )
enable libsql remote + tls features for Turso cloud sync (#587 )
(tests) replace hardcoded /tmp paths with tempdir + add 300 unit tests (#659 )(llm) nudge LLM when it expresses tool intent without calling tools (#653 )(llm) report zero cost for OpenRouter free-tier models (#463 ) (#613 )reliable network tests and improved tool error messages (#626 )
(wasm) use per-engine cache dirs on Windows to avoid file lock error (#624 )(libsql) support flexible embedding dimensions (#534 )
Other
Restructure CLAUDE.md into modular rules + add pr-shepherd command (#750 )
make src/llm/ self-contained for crate extraction (#767 )
add simplified Chinese (zh-CN) README translation (#488 )
(job) cover job tool validation and state transitions (#681 )(agent) wire TestRig job tools through the scheduler (#716 )Fix single-message mode to exit after one turn when background channels are enabled (#719 )
remove dead code (#648 ) (#703 )
add reviewer-feedback guardrails (CLAUDE.md, pre-commit hook, skill) (#665 )
update WASM artifact SHA256 checksums [skip ci] (#631 )
add explanatory comments to coverage workflow (#610 )
build system prompt once per turn, skip tools on force-text (#583 )
add comprehensive subdirectory CLAUDE.md files and update root (#589 )
Improve test infrastructure: StubChannel, gateway helpers, security tests, search edge cases (#623 )
(workspace) regression test for document_path in search results (#509 )
Added
AWS Bedrock LLM provider via native Converse API with IAM and SSO auth support (feature-gated: --features bedrock)
Install ironclaw 0.17.0
Install prebuilt binaries via shell script
curl --proto ' =https' | sh Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c " irm https://github.com/nearai/ironclaw/releases/download/v0.17.0/ironclaw-installer.ps1 | iex" Install prebuilt binaries into your npm project
npm install ironclaw@0.17.0 Download ironclaw 0.17.0
Read more
0.16.1 - 2026-03-06
06 Mar 19:58
Compare
Sorry, something went wrong.
No results found
Release Notes
Fixed
revert WASM artifact SHA256 checksums to null (#627 )
Install ironclaw 0.16.1
Install prebuilt binaries via shell script
curl --proto ' =https' | sh Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c " irm https://github.com/nearai/ironclaw/releases/download/v0.16.1/ironclaw-installer.ps1 | iex" Install prebuilt binaries into your npm project
npm install ironclaw@0.16.1 Download ironclaw 0.16.1
