This post covers what shipped in v2026.4.9.
What shipped
- Memory/dreaming: add a grounded REM backfill lane with historical
rem-harness --path, diary commit/reset flows, cleaner durable-fact extraction, and live short-term promotion integration so old daily notes can replay into Dreams and durable memory without a second memory stack. Thanks @mbelinky. - Control UI/dreaming: add a structured diary view with timeline navigation, backfill/reset controls, traceable dreaming summaries, and a grounded Scene lane with promotion hints plus a safe clear-grounded action for staged backfill signals. (#63395) Thanks @mbelinky.
- QA/lab: add character-vibes evaluation reports with model selection and parallel runs so live QA can compare candidate behavior faster.
- Plugins/provider-auth: let provider manifests declare
providerAuthAliasesso provider variants can share env vars, auth profiles, config-backed auth, and API-key onboarding choices without core-specific wiring. - iOS: pin release versioning to an explicit CalVer in
apps/ios/version.json, keep TestFlight iteration on the same short version until maintainers intentionally promote the next gateway version, and add the documentedpnpm ios:version:pin -- --from-gatewayworkflow for release trains. (#63001) Thanks @ngutman. - Browser/security: re-run blocked-destination safety checks after interaction-driven main-frame navigations from click, evaluate, hook-triggered click, and batched action flows, so browser interactions cannot bypass the SSRF quarantine when they land on forbidden URLs. (#63226) Thanks @eleqtrizit.
- Security/dotenv: block runtime-control env vars plus browser-control override and skip-server env vars from untrusted workspace
.envfiles, and reject unsafe URL-style browser control override specifiers before lazy loading. (#62660, #62663) Thanks @eleqtrizit. - Gateway/node exec events: mark remote node
exec.started,exec.finished, andexec.deniedsummaries as untrusted system events and sanitize node-provided command/output/reason text before enqueueing them, so remote node output cannot inject trustedSystem:content into later turns. (#62659) Thanks @eleqtrizit. - Plugins/onboarding auth choices: prevent untrusted workspace plugins from colliding with bundled provider auth-choice ids during non-interactive onboarding, so bundled provider setup keeps operator secrets out of untrusted workspace plugin handlers unless those plugins are explicitly trusted. (#62368) Thanks @pgondhi987.
- Security/dependency audit: force
basic-ftpto5.2.1for the CRLF command-injection fix and bump Hono plus@hono/node-serverin production resolution paths. - Android/pairing: clear stale setup-code auth on new QR scans, bootstrap operator and node sessions from fresh pairing, prefer stored device tokens after bootstrap handoff, and pause pairing auto-retry while the app is backgrounded so scan-once Android pairing recovers reliably again. (#63199) Thanks @obviyus.
- Matrix/gateway: wait for Matrix sync readiness before marking startup successful, keep Matrix background handler failures contained, and route fatal Matrix sync stops through channel-level restart handling instead of crashing the whole gateway. (#62779) Thanks @gumadeiras.
- Slack/media: preserve bearer auth across same-origin
files.slack.comredirects while still stripping it on cross-origin Slack CDN hops, sourlprivatedownloadimage attachments load again. (#62960) Thanks @vincentkoc. - Reply/doctor: use the active runtime snapshot for queued reply runs, resolve reply-run SecretRefs before preflight helpers touch config, surface gateway OAuth reauth failures to users, and make
openclaw doctorcall out exact reauth commands. (#62693, #63217) Thanks @mbelinky. - Control UI: guard stale session-history reloads during fast session switches so the selected session and rendered transcript stay in sync. (#62975) Thanks @scoootscooob.
- Gateway/chat: suppress exact and streamed
ANNOUNCESKIP/REPLYSKIPcontrol replies across live chat updates and history sanitization so internal agent-to-agent control tokens no longer leak into user-facing gateway chat surfaces. (#51739) Thanks @Pinghuachiu.