OpenClaw 1.3.0 — What Shipped (Operator Guide)

This post covers what shipped in v1.3.0 and what it means for OpenClaw VPS operators.

What shipped

warelay 1.3.0 (2025-12-02)

Highlights

• Pluggable agents (Claude, Pi, Codex, Opencode): New inbound.reply.agent block chooses the CLI and parser per command reply; per-agent argv builders inject the right flags/identity/prompt handling and parse NDJSON streams, enabling Pi/Codex swaps without changing templates.
• Safety stop words for agents: If an inbound message is exactly stop, esc, abort, wait, or exit, warelay immediately replies “Agent was aborted.”, kills the pending agent run, and marks the session so the next prompt is prefixed with a reminder that the previous run was aborted.
• Agent session reliability: Only Claude currently returns a session_id that warelay persists; other agents (Gemini, Opencode, Codex, Pi) don’t emit stable session identifiers, so multi-turn continuity may reset between runs for those harnesses.

Bug Fixes

• Empty result field handling: Fixed bug where Claude CLI returning result: "" (empty string) would cause raw JSON to be sent to WhatsApp instead of being treated as valid empty output. Changed truthy check to explicit type check in command-reply.ts.
• Response prefix on heartbeat replies: Fixed responsePrefix (e.g., 🦞) not being applied to heartbeat alert messages. The prefix was only applied in the regular message handler, not in runReplyHeartbeat.
• User-visible error messages: Command failures (non-zero exit, killed processes, exceptions) now return user-friendly error messages to WhatsApp instead of silently failing with empty responses.
• Test session isolation: Fixed tests corrupting production sessions.json by mocking session persistence in all test files.
• Signal session corruption prevention: Added IPC mechanism so warelay send and warelay heartbeat reuse the running relay's WhatsApp connection instead of creating new Baileys sockets. Previously, using these commands while the relay was running could corrupt the Signal session ratchet (both connections wrote to the same auth state), causing the relay's subsequent sends to fail silently.
• Web send media kinds: sendMessageWeb now honors media kind when sending via WhatsApp Web: audio → PTT with correct opus mimetype, video → video, image → image, other → document with filename. Previously all media were sent as images, breaking audio/video/doc sends.

Changes

• IPC server for relay: The web relay now starts a Unix socket server at ~/.warelay/relay.sock. Commands like warelay send --provider web automatically connect via IPC when the relay is running, falling back to direct connection otherwise.
• Batched inbound messaging with timestamps: When multiple WhatsApp messages queue up, they’re sent to the agent in one combined batch, each line timestamped consistently to preserve ordering and context.
• Typing indicator after IPC send: After sending a message via IPC (e.g., warelay send), the relay now automatically shows the typing indicator ("composing") to signal that more messages may be coming.
• Auto-recovery from stuck WhatsApp sessions: Added watchdog timer that detects when WhatsApp event emitter stops firing (e.g., after Bad MAC decryption errors) and automatically restarts the connection after 30 minutes of no message activity. Heartbeat logging now includes minutesSinceLastMessage and warns when >30 minutes without messages. The 30-minute timeout is intentionally longer than typical heartbeatMinutes configs to avoid false positives.
• Early allowFrom filtering: Unauthorized senders are now blocked in inbound.ts BEFORE encryption/decryption attempts, preventing Bad MAC errors from corrupting session state. Previously, messages from unauthorized senders would trigger decryption failures that could silently kill the event emitter.
• Test isolation improvements: Mock loadConfig() in all test files to prevent loading real user config (with emojis/prefixes) during tests. Default test config now has no prefixes/timestamps for cleaner assertions.
• Same-phone mode (self-messaging): warelay now supports running on the same phone number you message from. This enables setups where you chat with yourself to control an AI assistant. Same-phone mode (from === to) is always allowed, even without configuring allowFrom. Echo detection prevents infinite loops by tracking recently sent message text and skipping auto-replies when incoming messages match.
• Echo detection: The fromMe filter in inbound.ts is deliberately removed for same-phone setups; instead, text-based echo detection in auto-reply.ts tracks sent messages in a bounded Set (max 100 entries) and skips processing when a match is found.
• Same-phone detection logging: Verbose mode now logs 📱 Same-phone mode detected when from === to.
• Configurable same-phone marker: New inbound.samePhoneMarker config option to customize the prefix added to messages in same-phone mode (default: [same-phone]). Set it to something cute like [🦞 same-phone] to help distinguish bot replies.

Contributors

• @RealSid08 (Sidhaarth Krishnan)

Testing

• pnpm lint
• pnpm test
• pnpm build

What matters for hosted operators

• Validate channel delivery behavior (web chat + Telegram).
• Verify model/provider settings and fallback behavior.
• Run a smoke test after deploy: message flow, tool call, and response quality.

Post-upgrade checklist

1. Send/receive test messages in active channels.
2. Confirm bot settings and auth paths still behave as expected.
3. Check billing/usage visibility and dashboard status.
4. Log regressions immediately and keep rollback notes.

Related reading

• OpenClaw Release Notes Hub (2026)
• Best OpenClaw Hosting in 2026
• Pricing · Why OpenClaw VPS · FAQ

Start your free 7-day Pro trial

• Start your free 7-day Pro trial

Source

• https://github.com/openclaw/openclaw/releases/tag/v1.3.0