OpenClaw 2026.1.10 — What Shipped (Operator Guide)

This post covers what shipped in v2026.1.10 and what it means for OpenClaw VPS operators.

What shipped

Highlights

• CLI: clawdbot status now table-based + shows OS/update/gateway/daemon/agents/sessions; status --all adds a full read-only debug report (tables, log tails, Tailscale summary, and scan progress via OSC-9 + spinner).
• CLI Backends: add Codex CLI fallback with resume support (text output) and JSONL parsing for new runs, plus a live CLI resume probe.
• CLI: add clawdbot update (safe-ish git checkout update) + --update shorthand. (#673) — thanks @fm1randa.
• Gateway: add OpenAI-compatible /v1/chat/completions HTTP endpoint (auth, SSE streaming, per-agent routing). (#680) — thanks @steipete.

Changes

• Onboarding/Models: add first-class Z.AI (GLM) auth choice (zai-api-key) + --zai-api-key flag.
• CLI/Onboarding: add OpenRouter API key auth option in configure/onboard. (#703) — thanks @mteam88.
• Agents: add human-delay pacing between block replies (modes: off/natural/custom, per-agent configurable). (#446) — thanks @tony-freedomology.
• Agents/Browser: add browser.target (sandbox/host/custom) with sandbox host-control gating via agents.defaults.sandbox.browser.allowHostControl, allowlists for custom control URLs/hosts/ports, and expand browser tool docs (remote control, profiles, internals).
• Onboarding/Models: add catalog-backed default model picker to onboarding + configure. (#611) — thanks @jonasjancarik.
• Agents/OpenCode Zen: update fallback models + defaults, keep legacy alias mappings. (#669) — thanks @magimetal.
• Providers: unify group history context wrappers across providers with per-provider/per-account historyLimit overrides (fallback to messages.groupChat.historyLimit). Set 0 to disable. (#672) — thanks @steipete.
• Gateway/Heartbeat: optionally deliver heartbeat Reasoning: output (agents.defaults.heartbeat.includeReasoning). (#690)
• Docker: allow optional home volume + extra bind mounts in docker-setup.sh. (#679) — thanks @gabriel-trigo.

Fixes

• CLI/Status: expand tables to full terminal width; clarify provider setup vs runtime warnings; richer per-provider detail; token previews in status while keeping status --all redacted; add troubleshooting link footer; keep log tails pasteable; show gateway auth used when reachable; surface provider runtime errors (Signal/iMessage/Slack); harden tailscale status --json parsing; make status --all scan progress determinate; and replace the footer with a 3-line “Next steps” recommendation (share/debug/probe).
• CLI/Gateway: clarify that clawdbot gateway status reports RPC health (connect + RPC) and shows RPC failures separately from connect failures.
• CLI/Update: gate progress spinner on stdout TTY and align clean-check step label. (#701) — thanks @bjesuiter.
• Telegram: add /whoami + /id commands to reveal sender id for allowlists; allow @username and prefixed ids in allowFrom prompts (with stability warning).
• Control UI: stop auto-writing telegram.groups["*"] and warn/confirm before enabling wildcard groups.
• WhatsApp: send ack reactions only for handled messages and ignore legacy messages.ackReaction (doctor copies to whatsapp.ackReaction). (#629) — thanks @pasogott.
• Sandbox/Skills: mirror skills into sandbox workspaces for read-only mounts so SKILL.md stays accessible.
• Terminal/Table: ANSI-safe wrapping to prevent table clipping/color loss; add regression coverage.
• Docker: allow optional apt packages during image build and document the build arg. (#697) — thanks @gabriel-trigo.
• Gateway/Heartbeat: deliver reasoning even when the main heartbeat reply is HEARTBEAT_OK. (#694) — thanks @antons.
• macOS: clear unsigned launchd overrides on signed restarts and warn via doctor when attach-only/disable markers are set. (#695) — thanks @jeffersonwarrior.
• Agents: enforce single-writer session locks and drop orphan tool results to prevent tool-call ID failures (MiniMax/Anthropic-compatible APIs).
• Docs: make clawdbot status the first diagnostic step, clarify status --deep behavior, and document /whoami + /id.
• Docs/Testing: clarify live tool+image probes and how to list your testable provider/model ids.
• Tests/Live: make gateway bash+read probes resilient to provider formatting while still validating real tool calls.
• WhatsApp: detect @lid mentions in groups using authDir reverse mapping + resolve self JID E.164 for mention gating. (#692) — thanks @peschee.
• Gateway/Auth: default to token auth on loopback during onboarding, add doctor token generation flow, and tighten audio transcription config to Whisper-only.
• Providers: dedupe inbound messages across providers to avoid duplicate LLM runs on redeliveries/reconnects. (#689) — thanks @adam91holt.
• Agents: strip <thought>/<antthinking> tags from hidden reasoning output and cover tag variants in tests. (#688) — thanks @theglove44.
• macOS: save model picker selections as normalized provider/model IDs and keep manual entries aligned. (#683) — thanks @benithors.
• Agents: recognize "usage limit" errors as rate limits for failover. (#687) — thanks @evalexpr.
• CLI: avoid success message when daemon restart is skipped. (#685) — thanks @carlulsoe.
• Commands: disable /config + /debug by default; gate via commands.config/commands.debug and hide from native registration/help output.
• Agents/System: clarify that sub-agents remain sandboxed and cannot use elevated host access.
• Gateway: disable the OpenAI-compatible /v1/chat/completions endpoint by default; enable via gateway.http.endpoints.chatCompletions.enabled=true.
• macOS: stabilize bridge tunnels, guard invoke senders on disconnect, and drain stdout/stderr to avoid deadlocks. (#676) — thanks @ngutman.
• Agents/System: clarify sandboxed runtime in system prompt and surface elevated availability when sandboxed.
• Auto-reply: prefer RawBody for command/directive parsing (WhatsApp + Discord) and prevent fallback runs from clobbering concurrent session updates. (#643) — thanks @mcinteerj.
• WhatsApp: fix group reactions by preserving message IDs and sender JIDs in history; normalize participant phone numbers to JIDs in outbound reactions. (#640) — thanks @mcinteerj.
• WhatsApp: expose group participant IDs to the model so reactions can target the right sender.
• Cron: wakeMode: "now" waits for heartbeat completion (and retries when the main lane is busy). (#666) — thanks @roshanasingh4.
• Agents/OpenAI: fix Responses tool-only → follow-up turn handling (avoid standalone reasoning items that trigger 400 “required following item”) and replay reasoning items in Responses/Codex Responses history for tool-call-only turns.
• Sandbox: add clawdbot sandbox explain (effective policy inspector + fix-it keys); improve “sandbox jail” tool-policy/elevated errors with actionable config key paths; link to docs.
• Hooks/Gmail: keep Tailscale serve path at / while preserving the public path. (#668) — thanks @antons.
• Hooks/Gmail: allow Tailscale target URLs to preserve internal serve paths.
• Auth: update Claude Code keychain credentials in-place during refresh sync; share JSON file helpers; add CLI fallback coverage.
• Auth: throttle external CLI credential syncs (Claude/Codex), reduce Keychain reads, and skip sync when cached credentials are still fresh.
• CLI: respect CLAWDBOTSTATEDIR for node pairing + voice wake settings storage. (#664) — thanks @azade-c.
• Onboarding/Gateway: persist non-interactive gateway token auth in config; add WS wizard + gateway tool-calling regression coverage.
• Gateway/Control UI: make chat.send non-blocking, wire Stop to chat.abort, and treat /stop as an out-of-band abort. (#653)
• Gateway/Control UI: allow chat.abort without runId (abort active runs), suppress post-abort chat streaming, and prune stuck chat runs. (#653)
• Gateway/Control UI: sniff image attachments for chat.send, drop non-images, and log mismatches. (#670) — thanks @cristip73.
• macOS: force restart-mac.sh --sign to require identities and keep bundled Node signed for relay verification. (#580) — thanks @jeffersonwarrior.
• Gateway/Agent: accept image attachments on agent (multimodal message) and add live gateway image probe (CLAWDBOTLIVEGATEWAYIMAGEPROBE=1).
• CLI: clawdbot sessions now includes elev: + usage: flags in the table output.
• CLI/Pairing: accept positional provider for pairing list|approve (npm-run compatible); update docs/bot hints.
• Branding: normalize user-facing “ClawdBot”/“CLAWDBOT” → “Clawdbot” (CLI, status, docs).
• Auto-reply: fix native /model not updating the actual chat session (Telegram/Slack/Discord). (#646)
• Doctor: offer to run clawdbot update first on git installs (keeps doctor output aligned with latest).
• Doctor: avoid false legacy workspace warning when install dir is ~/clawdbot. (#660)
• iMessage: fix reasoning persistence across DMs; avoid partial/duplicate replies when reasoning is enabled. (#655) — thanks @antons.
• Models/Auth: allow MiniMax API configs without models.providers.minimax.apiKey (auth profiles / MINIMAXAPIKEY). (#656) — thanks @mneves75.
• Agents: avoid duplicate replies when the message tool sends. (#659) — thanks @mickahouan.
• Agents: harden Cloud Code Assist tool ID sanitization (toolUse/toolCall/toolResult) and scrub extra JSON Schema constraints. (#665) — thanks @sebslight.
• Agents: sanitize tool results + Cloud Code Assist tool IDs at context-build time (prevents mid-run strict-provider request rejects).
• Agents/Tools: resolve workspace-relative Read/Write/Edit paths; align bash default cwd. (#642) — thanks @mukhtharcm.
• Discord: include forwarded message snapshots in agent session context. (#667) — thanks @rubyrunsstuff.
• Telegram: add telegram.draftChunk to tune draft streaming chunking for streamMode: "block". (#667) — thanks @rubyrunsstuff.
• Tests/Agents: add regression coverage for workspace tool path resolution and bash cwd defaults.
• iOS/Android: enable stricter concurrency/lint checks; fix Swift 6 strict concurrency issues + Android lint errors (ExifInterface, obsolete SDK check). (#662) — thanks @KristijanJovanovski.
• iOS/macOS: share AsyncTimeout, require explicit bridgeStableID on connect, and harden tool display defaults (avoids missing-resource label fallbacks).
• Telegram: serialize media-group processing to avoid missed albums under load.
• Signal: handle dataMessage.reaction events (signal-cli SSE) to avoid broken attachment errors. (#637) — thanks @neist.
• Docs: showcase entries for ParentPay, R2 Upload, iOS TestFlight, and Oura Health. (#650) — thanks @henrino3.
• Agents: repair session transcripts by dropping duplicate tool results across the whole history (unblocks Anthropic-compatible APIs after retries).
• Tests/Live: reset the gateway session between model runs to avoid cross-provider transcript incompatibilities (notably OpenAI Responses reasoning replay rules).

What matters for hosted operators

• Validate channel delivery behavior (web chat + Telegram).
• Verify model/provider settings and fallback behavior.
• Run a smoke test after deploy: message flow, tool call, and response quality.

Post-upgrade checklist

1. Send/receive test messages in active channels.
2. Confirm bot settings and auth paths still behave as expected.
3. Check billing/usage visibility and dashboard status.
4. Log regressions immediately and keep rollback notes.

Related reading

• OpenClaw Release Notes Hub (2026)
• Best OpenClaw Hosting in 2026
• Pricing · Why OpenClaw VPS · FAQ

Start your free 7-day Pro trial

• Start your free 7-day Pro trial

Source

• https://github.com/openclaw/openclaw/releases/tag/v2026.1.10