OpenClaw バージョン2026.5.12-beta.7 の変更点

Changes

• Amazon Bedrock: externalize the Bedrock and Bedrock Mantle provider packages so core installs no longer pull AWS SDK dependencies unless those providers are installed.

• Plugins: externalize Slack, OpenShell sandbox, and Anthropic Vertex so their runtime dependency cones install only when those plugins are installed.

• Control UI/WebChat: add a persisted auto-scroll mode selector so users can keep the current near-bottom behavior, always follow streaming output, or turn automatic streaming scroll off and use the New messages button manually. Fixes #7648 and #81287. Thanks @BunsDev.

• ACP: add acp.fallbacks so ACP turns can try configured backup runtime backends when the primary backend is unavailable before any output is emitted. (#69542) Thanks @kaseonedge.

Fixes

• Telegram: keep Bot API polling alive during main event-loop stalls by moving ingress to an isolated worker with a durable local spool. Fixes #81132. (#81746) Thanks @joshavant.

• CLI/plugins: keep bare plugin and parent-command help on the lightweight path, avoiding plugin registry discovery before rendering help.

• Gateway/session history: carry monotonic transcript message sequence through live updates and refresh SSE history when stale sequence input would otherwise append bad incremental state. (#81474) Thanks @samzong.

• Security/sandbox: include Windows USERPROFILE in the sandbox blocked home roots so credential-bearing binds (such as .codex, .openclaw, or .ssh under the Windows user profile) are denied even when HOME points at a different shell home. (#63074) Thanks @luoyanglang.

• Models config/auth: stop inferring provider env-var markers from broad ^[A-Z_][A-Z0-9_]*$ strings, and resolve config-backed provider apiKey values only through structured env SecretRefs (secrets.providers[id] / secrets.defaults), so unrelated env vars cannot accidentally become provider credentials. Thanks @sallyom.

• Media fetch: skip allocating and buffering the response body for bodyless media responses (HEAD probes and 204-style empty bodies), avoiding wasted heap on streams that carry no payload. Thanks @shakkernerd.

• CLI/onboarding: forward provider-specific auth flags (e.g. --openai-api-key) through the onboarding wizard so they reach provider auth methods via ctx.opts, letting --openai-api-key "$OPENAI_API_KEY" skip the redundant "use existing env var?" prompt in non-interactive harnesses. (#81669) Thanks @sjf.

• CLI/migrate: drop trailing periods from Codex migrate item messages and REASON_CODE_MESSAGES strings so plan/result rows read as labels instead of sentence fragments. (#81705) Thanks @sjf.

• Slack: treat malformed private-file redirect Location headers as unfollowable redirects instead of failing Slack media downloads.

• Plugins: discover provider plugins from setup.providers[].envVars credentials during provider discovery while keeping the deprecated providerAuthEnvVars fallback. (#81542) Thanks @JARVIS-Glasses.

• Docs/Codex harness: clarify that per-agent CODEX_HOME isolates ~/.codex while inherited HOME intentionally keeps .agents discovery and subprocess user-home state available.

• Auth: reclaim dead-owner stale file locks before retrying locked writes, so crashed OAuth refreshes no longer wedge auth-profiles.json until manual cleanup.

• CLI tables: preserve muted/color styling on wrapped continuation lines after multiline cells, keeping openclaw plugins list descriptions readable.

• Process execution: collapse case-insensitive duplicate child environment keys on Windows so caller-provided overrides such as PATH cannot be shadowed by host Path.

• Gateway/diagnostics: suppress cold-start liveness warnings during the startup grace window while still sampling liveness metrics. Fixes #79915. (#81699) Thanks @joshavant.

• Codex harness: keep oauthRef-backed Codex OAuth profiles usable and stop high-confidence app-server OAuth refresh invalidation from retry-spamming raw token-refresh errors without turning entitlement or usage-limit payloads into re-auth prompts.

• Browser CLI: request the existing operator.admin gateway scope explicitly for browser control commands, avoiding unnecessary scope-upgrade approval loops. Fixes #81555. (#81716) Thanks @joshavant.

• Gateway/diagnostics: suppress cold-start liveness warnings during the startup grace window while still sampling liveness metrics. Fixes #79915. (#81699) Thanks @joshavant.

• Plugin SDK: restore the deprecated openclaw/plugin-sdk/memory-core package subpath as an alias of memory-host-core, so published memory companion plugins that still import it resolve on current hosts.

• Control UI/i18n: use the installed workspace pi runtime for locale refreshes, update the fallback package pin, prefer the Anthropic CI provider when available, and skip invalid provider credentials instead of failing main.

• Codex harness: classify native app-server token-refresh logout and relogin failures as authentication refresh errors, so users get re-authentication guidance instead of a raw runtime failure.

• Codex startup: treat selectable configured OpenAI agent models as Codex runtime requirements during plugin auto-enable, startup planning, and doctor install repair, so Anthropic-primary configs can still switch to OpenAI/Codex cleanly.

• Agents: preserve source-reply delivery metadata when merging tool-returned media into the final reply, keeping message-tool-only replies deliverable and mirrored. Thanks @pashpashpash and @vincentkoc.

• Replies: treat rich presentation, interactive controls, and channel-native payload data as outbound content across follow-up, heartbeat, cron, ACP, and block-streaming delivery paths, preventing card/button-only replies from being dropped as empty.

• WebChat/TUI: route Codex tools.message source replies to the active internal UI turn and mirror them to session history, so message-tool-only harness replies, including rich presentation and button-only replies, no longer disappear while WebChat and TUI remain non-targetable outbound channels. (#81586) Thanks @pashpashpash.

• Replies: deliver rich-only block replies even when block-streaming coalescing is enabled, keeping card and button payloads from being dropped by the text coalescer. Thanks @pashpashpash.

• macOS/companion: require system TLS trust before pinning a first-use direct wss:// gateway certificate and honor gateway.remote.tlsFingerprint as the explicit pin for remote node-mode sessions, so fresh endpoints fail closed when macOS cannot trust the certificate unless configured out of band. Fixes #50642. Thanks @BunsDev.

• Update: snapshot config before update-time repair and restart writes, preserve plugin install records through doctor cleanup, and keep update-time config size drops from blocking the update while pointing users to the pre-update backup. Fixes #80077. (#80257) Thanks @Jerry-Xin and @vincentkoc.

Sessions/status: classify ACP spawn-child sessions as kind: "spawn-child" instead of "direct" in openclaw sessions and status output; extract the duplicated session-kind classifier into a shared helper (src/sessions/classify-session-kind.ts) so both surfaces stay in sync. Fixes catalog #19. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="4409738888" data-permission-text="Title is private" data-url="https://github.com/openclaw/openclaw/issues/79544" data-hovercard-type=