chore(deps-dev): bump openclaw from 2026.3.24 to 2026.6.8

[dependabot]

Bumps openclaw from 2026.3.24 to 2026.6.8.

Release notes

Sourced from openclaw's releases.

openclaw 2026.6.8

2026.6.8

Highlights

• Richer channel delivery: Telegram and WhatsApp are less brittle: Telegram renders structured text with tables, lists, expandable blockquotes, preserved intentional line breaks, and CLI-backed replies, while WhatsApp now honors configured ACP bindings. (#92679, #93164, #84082, #89421, #92513) Thanks @​obviyus, @​vincentkoc, @​jzakirov, @​spacegeologist, @​TurboTheTurtle, @​mcaxtr, @​myrzka, and @​dmorn.
• More reliable agent runs: account-scoped DM sends, generated media completions, auto-reply message-tool final replies, reset archive fallback reads, restart shutdown aborts, yielded subagent pauses, and session identity prompts all stay on the correct recovery path. (#92788, #91246, #92879, #91357, #92631, #92468) Thanks @​yetval, @​TurboTheTurtle, @​masatohoshino, @​CadanHu, @​vincentkoc, @​ooiuuii, @​openperf, @​zhangguiping-xydt, @​QQSHI13, @​kumaxs, and @​aleps001.
• Safer model routing: new GLM-5.2 and Claude Haiku 4.5 catalog support arrives with normalized provider IDs, managed SecretRef auth, bounded model browsing, and safer OpenAI/Anthropic tool-schema recovery. (#92796, #90116, #92627, #90686, #92247, #92941) Thanks @​arkyu2077, @​liuhao1024, @​lijenhsin, @​rohitjavvadi, @​samson910022, @​maaron34, @​syfvb, and @​samson1357924.
• Useful usage footers: /usage and reply payload hooks now have a native full footer renderer, default template, fixed-decimal formatting, credential-aware limits, better partial-count handling, and warnings for broken templates instead of silent bad output. (#92657, #89835, #89629) Thanks @​Marvinthebored.
• Predictable web search defaults: key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search remain explicit opt-ins rather than surprising automatic fallbacks. (#93616) Thanks @​davemorin and @​vincentkoc.
• Calmer UI and mobile sessions: workspace files start collapsed, WebChat backscroll survives streaming, the desktop session picker remains interactive, reset arguments survive dispatch, and iOS reconnects stale foreground Gateways. (#92779, #92622, #92705, #91353, #92552) Thanks @​shakkernerd, @​TurboTheTurtle, @​NianJiuZst, @​zhouhe-xydt, @​Solvely-Colin, @​MaBeitian, @​vincentkoc, @​Chang2020618, and @​DrtyMorty.
• Resilient memory and state: oversized OpenAI embedding batches split before 431s, QMD search stays available in transient mode, SQLite avoids WAL on NFS volumes, and full reindexes preserve rollback/cache recovery. (#92650, #92618, #92639, #91247, #92881) Thanks @​mushuiyu886, @​BrettHamlin, @​zhbcher, @​TurboTheTurtle, @​Takhoffman, @​849261680, @​TSHOGX, @​vincentkoc, and @​AFabyTWE.

Changes

• Providers/models: add GLM-5.2 support and Claude Haiku 4.5 catalog entries while keeping provider-qualified model IDs normalized across OpenRouter and Google Vertex paths. (#92796, #90116, #92627, #91218) Thanks @​arkyu2077, @​liuhao1024, @​bymle, @​maaron34, @​lijenhsin, @​davemorin, and @​vincentkoc.
• Web search: keep key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search as explicit opt-ins instead of selecting them automatically when no API-backed provider is configured. (#93616) Thanks @​davemorin and @​vincentkoc.
• Channel plugins: ship Telegram rich-message delivery and WhatsApp ACP binding support, including preserved intentional line breaks, rich prompt handoff to CLI backends, and transport fixtures for richer drafts. (#92679, #93164, #92513) Thanks @​obviyus, @​TurboTheTurtle, @​vincentkoc, @​mcaxtr, and @​dmorn.
• Agent commands: support /btw in CLI-backed sessions and keep CLI usage-error exits classified as usage failures instead of successful runs. (#92669, #92162) Thanks @​joshavant, @​Pandah97, @​marcospaulo, @​davemorin, and @​vincentkoc.
• Usage hooks: add built-in full footer rendering, default footer templates, per-turn usage state, credential-aware limits, and fixed-decimal formatting for usage-bar templates. (#92657, #89835, #89629) Thanks @​Marvinthebored.

Fixes

• Channels and delivery: preserve account-scoped DM channel send policy, intentional rich-message line breaks in Telegram and status output, rich Telegram final replies, rich Telegram tables and lists, Telegram thread-create CLI remapping, Feishu dynamic-agent routes after persisted binding reuse, Slack outbound message_sent hooks, contributed message-tool schema optionality, same-channel generated media completions, and channel chunking around surrogate pairs and Infinity limits. (#92788, #93164, #92679, #89421, #89943, #42837, #92814, #91137, #91246, #92735) Thanks @​yetval, @​obviyus, @​spacegeologist, @​rishitamrakar, @​liuhao1024, @​lundog, @​TurboTheTurtle, @​yhterrance, @​vincentkoc, @​myrzka, @​cwlong163-afk, @​kumaxs, @​shakkernerd, and @​RewardsPal.
• Gemini CLI: use the selected OpenClaw OAuth/API-key auth profile in an isolated Gemini CLI runtime home, preventing ambient Google machine credentials from overriding the chosen profile. (#88748) Thanks @​jason-allen-oneal and @​shakkernerd.
• Discord: give generated auto-thread titles a 60-second timeout and 4,096-token reasoning-model output budget, clamped to the selected model output cap. (#64734) Thanks @​hanamizuki.
• Agent, cron, and Gateway runtime: mark active main sessions before restart shutdown aborts, pause yielded subagent runs whose terminal also signals abort, clamp trusted subagent thinking overrides through provider/model fallback, preserve yielded media completions, deliver channel message-tool final replies through auto-reply while hiding internal delivery hints, restore reset archive fallback reads when active async transcripts are missing, de-duplicate main-session heartbeat events, expose session identity in runtime prompts, reject unknown OpenAI agent selectors, keep generated media completions, slash-command block replies, and trajectory export commands in WebChat, and require admin privileges for HTTP session/model override surfaces. (#91357, #92631, #92412, #92146, #92879, #91287, #92468, #92510, #91246, #92651, #92646) Thanks @​ooiuuii, @​openperf, @​IWhatsskill, @​masatohoshino, @​CadanHu, @​ZengWen-DT, @​zhangguiping-xydt, @​TurboTheTurtle, @​oiGaDio, @​aleps001, @​vincentkoc, @​GSL-R, @​QQSHI13, @​ryanhelms, @​kumaxs, @​steipete-oai, @​hxy91819, @​davemorin, and @​nailujac.
• Providers and model replay: preserve storeless OpenAI Responses replay compatibility, recover invalid OpenAI reasoning signatures and genericized Anthropic thinking-signature replay errors, route OAuth image defaults through Codex for eligible OpenAI profiles, avoid eager tool streaming for Claude 4.5 in Copilot, quarantine unreadable and post-hook OpenAI/Anthropic-family tool schemas without broadening allowed tool choices, deliver explicit thinking-off requests to LM Studio binary-thinking models, honor profile auth for SecretRef model entries, bound model browsing, strip provider prefixes where runtimes need bare IDs, and surface nested embedding fetch failures. (#90706, #92941, #92201, #92916, #92824, #75393, #92908, #92921, #92928, #92002, #90686, #92247, #92627, #91218, #92628) Thanks @​snowzlm, @​mmyzwl, @​CarlCapital, @​bek91, @​Kailigithub, @​vincentkoc, @​rohitjavvadi, @​samson910022, @​nxmxbbd, @​liuhao1024, @​bymle, @​mushuiyu886, @​finchinslc, @​syfvb, @​lijenhsin, @​crsnpalmer-art, @​samson1357924, @​shakkernerd, and @​mlaihk.
• Memory, state, diagnostics, and config: split header-too-large embedding batches, keep QMD memory search enabled in transient mode, avoid SQLite WAL on NFS volumes, preserve recovery scheduling outside stuck-session warning backoff, preserve full-reindex rollback/cache recovery, and treat raw Memory Wiki source pages as source evidence. (#92650, #92618, #92639, #91247, #92752, #92881, #59137, #92876) Thanks @​mushuiyu886, @​TurboTheTurtle, @​849261680, @​gnanam1990, @​TSHOGX, @​vincentkoc, @​arlen8411, @​BrettHamlin, @​zhbcher, @​Takhoffman, @​AFabyTWE, @​davemorin, and @​zhuyankarl.
• UI/mobile/TUI: preserve dashboard session parent lineage, WebChat backscroll, reset soft command args, sidebar session picker interactivity, collapsed workspace files, resolved /model confirmation refs, stale foreground iOS Gateway reconnects, and paused setup-parent stdin after inherited-stdio child exit. (#90658, #92622, #91353, #92705, #92779, #92773, #92552, #93159) Thanks @​luoyanglang, @​TurboTheTurtle, @​zhouhe-xydt, @​NianJiuZst, @​shakkernerd, @​NarahariRaghava, @​Solvely-Colin, @​fuller-stack-dev, @​lily-oc, @​MaBeitian, @​vincentkoc, @​obviyus, @​DrtyMorty, and @​Chang2020618.
• Plugins and updates: repair missing required platform packages during managed plugin installs and updates, including omitted Codex platform binaries. Thanks @​vincentkoc.
• Dependencies: update Hono to 4.12.25 so published OpenClaw and ACPX packages use the patched runtime. Thanks @​vincentkoc.
• Updates: avoid a false downgrade prompt when the latest tag cannot resolve. (#92911) Thanks @​Andy312432 and @​vincentkoc.

Complete contribution record

This audited record covers the complete v2026.6.6..v2026.6.8 history: 192 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.

Pull requests

• PR #92144 fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766. Thanks @​liuhao1024 and @​AaronFaby.
• PR #92175 fix(channel): harden local setup trust. Thanks @​hxy91819.
• PR #91528 fix #73837: stop after failed Node package installs. Thanks @​mushuiyu886 and @​ItsMeForLua.
• PR #91561 fix(wizard): report keyless web_search providers as ready, not missing a key. Thanks @​NormallyGaussian.
• PR #92073 fix: handle explicit silent assistant replies. Related #92038. Thanks @​sallyom and @​vultusv.
• PR #91311 Allow Skill Workshop apply through trusted skill symlinks. Thanks @​abnershang.
• PR #88245 refactor(whatsapp): introduce inbound message contexts. Thanks @​mcaxtr.
• PR #92212 refactor: move workspace skill writes to lifecycle. Thanks @​shakkernerd.
• PR #92248 Remove ClawHub owner preflight. Thanks @​Patrick-Erichsen.
• PR #91617 test(sqlite): add state perf query plan harness. Related #91616. Thanks @​galiniliev.

... (truncated)

Commits

• 844f405 docs(changelog): note patched Hono runtime
• 71fbd3e fix(deps): update Hono security pin
• 6a49346 docs(changelog): refresh 2026.6.8 notes
• 94c72ac Keep key-free web search providers opt-in (#93616)
• 6af6e1e fix(ci): require billable Anthropic release key
• 6c375c7 fix(ci): prefer Anthropic OAuth in live validation
• b1e925f fix(ci): support Anthropic OAuth release validation
• cf9dea7 fix(release): satisfy retry delay lint
• 780373f chore(release): prepare 2026.6.8 stable
• 11af11a fix(release): tolerate npm propagation after publish
• Additional commits viewable in compare view

Install script changes

This version adds preinstall, postinstall scripts and modifies prepare script that run during installation. Review the package contents before updating.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	openclaw@​2026.3.24 ⏵ 2026.6.8	+5	+80	+1	+2	+31

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm openclaw is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package-lock.json → npm/openclaw@2026.6.8 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/openclaw@2026.6.8. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm tree-sitter-bash is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package-lock.json → npm/openclaw@2026.6.8 → npm/tree-sitter-bash@0.25.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tree-sitter-bash@0.25.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm typebox is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package-lock.json → npm/openclaw@2026.6.8 → npm/typebox@1.1.39 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typebox@1.1.39. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report