Commit graph

8863 commits

Author SHA1 Message Date
Peter Steinberger
f8dbd34ab8
feat(nodes): add computer use (computer.act) on macOS nodes via Peekaboo (#102776)
* feat(nodes): add computer use (computer.act) on macOS nodes via Peekaboo

* fix(nodes): release held computer.act input on node disconnect/stop/disable

* fix(nodes): release held computer.act input armed after a lifecycle release

* fix(nodes): scope computer.act lifecycle catch-up release to the arming action

* chore(nodes): register computer tool display metadata, sync native i18n, doc-comment constants

* fix(nodes): preserve caught-error cause in computer tool resolver; regen docs map
2026-07-09 15:28:09 +01:00
Peter Steinberger
b5ba0771f9
feat: carry gateway client capabilities through the CLI loopback backend (#102835)
* test: shorten loopback token fixtures below secret-scanner thresholds

* feat: carry gateway client capabilities through the CLI loopback backend

CLI-backed model runs now transport the originating client's declared
capabilities along the existing per-field loopback contract: RunCliAgentParams
gains clientCaps, prepare emits OPENCLAW_MCP_CLIENT_CAPS, the loopback header
template forwards x-openclaw-client-caps, the request context parses and
normalizes it (grant-authenticated callers keep ignoring spoofable headers),
and the loopback tool cache keys on a stable caps serialization so capless and
capped requests never share tool lists. Capability-gated tools such as
show_widget now work on CLI backends; the CLI session binding hash includes
caps, consistent with messageProvider. Cron and command-attempt runs stay
capless (fail closed).

Fixes #102577
2026-07-09 15:09:09 +01:00
Peter Steinberger
2f013382a0
feat(ui): add settings profile page with lifetime token stats, streaks, and activity heatmap (#102842)
* feat(ui): add settings profile i18n strings and regenerated locale bundles

* feat(ui): add settings profile page with token stats, streak heatmap, and top tools

* chore(ui): record intentional OpenClaw brand string in raw-copy baseline
2026-07-09 15:03:12 +01:00
Peter Steinberger
fdd19e3017
feat(ui): merge the voice level meter into the stop-voice pill and disambiguate the stop controls (#102786)
* feat(ui): merge voice level meter into the stop-voice pill and disambiguate stop controls

* docs(web): describe the live voice pill control in Talk mode

* test(ui): capture dark-mode voice control proof in talk e2e

* fix(ui): keep the live voice pill wide at phone widths

* fix(ui): show the stop glyph instead of a fake listening meter when a talk session errors

* test(ui): assemble the mock talk client secret so scanners do not flag it
2026-07-09 13:55:56 +01:00
Peter Steinberger
07a7d596ff
feat(providers): add Qwen 3.6 Flash and Gemini 3.1 Live (#102791)
* feat(providers): add current Qwen and Gemini Live models

* fix(google): align live thinking enum type

* fix(google): align live thinking enum type
2026-07-09 13:37:16 +01:00
Alix-007
64e80888d4
fix(qqbot): bound speech transcription requests (#102028)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 13:25:29 +01:00
Peter Steinberger
5f9e0e20d4
fix: scope task suggestions to supported surfaces (#102743)
* fix: make task suggestions surface-aware

* fix: honor task suggestion action scopes

* fix: align task surface compatibility types

* fix: isolate task suggestions across surfaces

* style: satisfy task selector lint

* chore: defer task suggestion release note

* test: dedupe gateway capability fixture

* test: cover combined gateway capabilities
2026-07-09 12:59:50 +01:00
mikasa
18fd6ee9e6
fix(tts-local-cli): cap local CLI speech outputs (#101510)
* fix(tts-local-cli): bound local speech output

Co-authored-by: mikasa0818 <0668001030@xydigit.com>

* chore(tts-local-cli): keep changelog release-owned

* docs(tts-local-cli): format output-limit note

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:42:41 +01:00
Peter Steinberger
e2a112a556
feat(onboard): guided CLI onboarding with live AI verification and classic fallback (#101880)
* feat(onboard): guided CLI onboarding with live AI verification and classic fallback

Interactive `openclaw onboard` (and bare `openclaw` on a fresh install) now
runs a guided flow with macOS-app parity: detect existing AI access, live-test
candidates with a real completion before persisting anything, walk down the
ladder on failure with mapped reasons, and offer verified manual API-key entry
from installed provider manifests (masked input). In-flow escapes: classic
wizard, Crestodian chat, skip-AI. Classic wizard gains an optional post-auth
live verification step. `--classic`, `--modern`, and `--non-interactive`
contracts unchanged. Docs corrected for post-#99935 routing.

Closes #101851

* improve(onboard): quiet probe diagnostics in wizard TTY, carry risk ack into classic escape

Candidate live-tests during guided setup are probes: rename their run id and
lane to the existing probe conventions (logging/subsystem.ts console
suppression, command-queue quiet probe lanes) so expected failures stop
leaking raw diagnostics into the Clack UI; file diagnostics unchanged. The
classic-wizard escape now passes the already-collected risk acknowledgement
through instead of re-prompting in the same session.

* fix(onboard): quiet the session-derived setup-inference probe lane too

The live-test run enqueues on two lanes: the explicit probe lane and one
derived from its temp session key. Extend the shared quiet-probe predicate to
cover the derived lane so a failing candidate cannot leak lane-task
diagnostics into the wizard TTY.

* improve(onboard): suppress subsystem console output during wizard live tests

Provider-transport subsystem loggers (model-fetch start/response, transport
errors) carry no run id, so probe suppression cannot catch them and a failing
candidate printed raw log lines into the Clack TTY. Reuse the TUI console
subsystem-filter seam via a finally-safe scoped helper around guided
activation and the classic live-verify; file logging is unchanged and the
gateway (macOS app) surface is unaffected.

* fix(onboard): never auto-replace a configured model when its live check fails

The re-run verification probe executes outside the configured workspace (setup
never runs workspace plugins), so a workspace-backed current model can fail
the check while working fine in the agent. Stop the auto ladder on an
existing-model failure and hand the decision to the manual stage instead of
silently persisting a different candidate as the default. Docs note the
fail-safe and the workspace caveat.

* feat(onboard): two-way switching between Crestodian chat and the menu wizards

From the chat, `open setup wizard`, `open classic wizard`, and `open channel
wizard for <channel>` hand off to the guided flow, the classic wizard, or the
masked `channels add` wizard after the chat TUI tears down (mirrors the
open-tui handoff; gateway surface gets a text pointer instead). The hosted
channel wizard no longer dead-ends at sensitive steps — it offers the switch
and remembers the channel. New read-only `channel info <channel>` operation
and ring-zero action surface label, blurb, configured state, and the real
docs URL from channel-setup discovery so the assistant can explain Slack or
Telegram prerequisites instead of guessing; both prompts instruct it to use
them. `channels add --channel <id>` now preselects the channel. Docs cover
the interchangeable flows.

* fix(onboard): avoid param reassignment in open-setup handoff

* improve(onboard): separate ask-about vs connect intent in channel prompt guidance

Live test showed the agent detouring an explicit connect request through
channel_info because the guidance said to consult it first. Both prompts now
distinguish asking about a channel (channel info + docs link) from asking to
connect (connect right away).

* fix(channels): mark channel token entry as sensitive input

The shared single-token prompt lacked sensitive:true, so terminal wizards
echoed pasted channel tokens and the Crestodian chat bridge (which refuses
plain-text secrets based on this flag) hosted the Telegram token step in
visible chat. Found live-testing the chat-to-wizard switch; pre-existing on
main but load-bearing for the masked-wizard contract this PR documents.

* fix(onboard): restore terminal state around the guided flow's TUI launch

Mirror the classic finalize handoff so the chat TUI never inherits the wizard
prompter's raw/paused terminal state on the default first-run path.

* fix(channels): type the token prompter mock for the sensitive-flag assertion

* fix(gateway): map the TUI-only open-setup action to none for app clients

Engine-side surface gating already prevents open-setup replies on the gateway
surface; this keeps the client-visible action enum stable even if that gate
ever regresses. (Reviewed with the switching round; missed in its commit.)

* docs: regenerate docs map for onboarding page changes
2026-07-09 12:40:55 +01:00
Peter Steinberger
3ccf2a0739
feat: render inline web chat widgets via capability-gated show_widget tool (#101840)
Adds client-capability-gated tool availability: gateway clients declare
capabilities at connect (new inline-widgets cap), chat.send stamps them into
the run context, and every tool assembly path (embedded runner, queued
followups, Codex app-server harness, plugin-only construction plans) drops
tools whose requiredClientCaps the originating client did not declare. The
Canvas plugin ships the first such tool, show_widget: agents pass SVG or an
HTML fragment plus a title; the plugin hosts it as a bounded, retention-scoped
Canvas document and returns the existing canvas preview handle, which web chat
renders as a sandboxed iframe fitted to the widget's reported content height.
Widget frames never get allow-same-origin (per-preview sandbox ceiling,
including the sidebar path) and the Canvas host serves widget documents with a
CSP sandbox header so direct navigation runs in an opaque origin. Verified
live end-to-end on a Testbox with gpt-5.5 (screenshots on the PR). CLI-backed
model backends do not carry client caps yet and stay fail-closed (#102577).

Closes #101790
2026-07-09 12:29:50 +01:00
Ayaan Zaidi
34d257713e fix(context): show transcript conversation in /context map 2026-07-09 16:56:13 +05:30
Peter Steinberger
c046fbd451
fix(macos): open dashboard for existing gateways (#102677)
* fix(macos): skip onboarding for existing gateways

* chore: keep changelog release-owned

* chore(macos): refresh native i18n inventory
2026-07-09 12:17:41 +01:00
Peter Steinberger
7abf1c7f85
improve(ui): calmer sessions roster with dot status and drawer-level runtime (#102664)
Feedback pass on the sessions redesign: status pills become a plain colored
dot + label (green pulse for live, green dot with neutral label for done,
muted idle, red failed) in both the roster and the drawer hero, and the
Runtime column moves out of the table into the row drawer as Runtime (agent
runtime) plus Run duration. Runtime stays searchable. Responsive breakpoints
reflow for the 7-column roster and the actions column shrinks to the chevron
and row menu that landed in #102564.

Closes #102654
2026-07-09 12:13:19 +01:00
Peter Steinberger
5154fe08fa
feat: show Codex sessions across Gateway and paired nodes (#102586)
* feat(codex): add federated session catalog

* fix(codex): align session catalog checks

* fix(ui): translate Codex session catalog

---------

Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-09 03:42:03 -07:00
Sally O'Malley
e595a8c0ac
Add Vault SecretRef plugin (#89255)
* Add Vault SecretRef plugin

Signed-off-by: sallyom <somalley@redhat.com>

* expand Vault setup to registered SecretRef targets

Signed-off-by: sallyom <somalley@redhat.com>

* fix(vault): use sdk secret target seam

* fix(vault): preserve auth profile target paths

* docs(vault): document plugin enable step

* fix(vault): make status provider-alias aware

* fix(vault): reject noncanonical secret ids

* fix(vault): separate resolver timeout deadlines

* fix(vault): forward private CA trust settings

* fix(secrets): preserve plugin policy boundaries

---------

Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-07-09 05:30:12 -05:00
Peter Steinberger
fc5a4defaf
feat(cohere): add current Command models (#102563)
* feat(cohere): add current Command models

* docs: keep release notes out of PR
2026-07-09 11:07:50 +01:00
Ayaan Zaidi
e00236d20c docs: correct cron self-hosted idle watchdog wording 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
215be4e4ee fix(agents): keep finite LLM idle watchdog under unlimited run budgets 2026-07-09 14:26:05 +05:30
Peter Steinberger
ecc2cffad8
improve(ui): keep sidebar sessions inline and draggable (#102558)
* feat(ui): add drag-managed sidebar session groups

* chore: keep release notes in PR body
2026-07-09 09:40:53 +01:00
Peter Steinberger
5c3c5c0ee4
feat(ui): redesign sessions page with overview tiles, kind avatars, and context meters (#102523)
The Control UI sessions roster now leads with operator telemetry: overview
tiles (sessions / live / unread / tokens), per-kind row avatars with a live-run
dot, compact token values with context-usage meters (ok/warn/danger at
65%/85%), initial-load skeleton rows, and icon-led empty states. Stale token
snapshots render as ~approximations with a neutral meter and never drive
warning tones, matching the chat composer convention; the overview token sum
counts only known snapshots (~ when partial, n/a when none). Label chips
ellipsize instead of overflowing sticky columns; <=500px drops the avatar to
preserve the key column budget.

Closes #102517
2026-07-09 09:19:03 +01:00
Peter Steinberger
9566aded5c
fix(openai): correct Realtime auth and transcription secrets (#102518)
* fix(openai): correct Realtime auth and transcription secrets

* chore: leave release notes to release automation
2026-07-09 08:55:31 +01:00
Peter Steinberger
ea4e005008
fix(ui): unify split-view controls in one toolbar row (#102492)
* fix(ui): unify split-view toolbar

* chore: remove release-owned changelog entry
2026-07-09 08:17:35 +01:00
Peter Steinberger
e7492c6fca
feat(providers): refresh Qwen, Cohere, and Mistral catalogs (#102489)
* feat(providers): refresh popular model catalogs

* chore: leave release changelog to release automation

* docs: refresh provider docs map
2026-07-09 08:16:50 +01:00
kevinlin-openai
245b91b83d
feat(slack): support Enterprise Grid org installs (#102372)
* feat(slack): support Enterprise Grid org installs

* docs: refresh generated docs map

* fix(slack): satisfy enterprise routing CI

* fix(slack): accept org auth without app id

* docs(plugin-sdk): document channel policy hooks

* fix(slack): reuse canonical sender for enterprise replies

* test(slack): fix enterprise sender lint

---------

Co-authored-by: Kevin Lin <kevin@dendron.so>
2026-07-08 23:53:19 -07:00
Tianning Li
583ca34bf8
feat(stepfun): add step-3.7-flash model (#88082)
* feat(stepfun): add step-3.7-flash model and make it default

* fix(stepfun): set step-3.7-flash cacheRead cost to 0.04

* fix(stepfun): raise step-3.7-flash maxTokens to context limit

Output was artificially capped at 65536; StepFun docs set max_tokens
default to INF, bounded only by the 256K context window. Raise
step-3.7-flash maxTokens to 262144 on both stepfun and stepfun-plan,
matching contextWindow. Per models.dev anomalyco/models.dev#1903.
step-3.5-flash entries unchanged.

* fix(stepfun): zero step-plan step-3.7-flash cost for plan billing

Step Plan endpoint bills per subscription plan, not per token, matching
the sibling stepfun-plan/step-3.5-flash and step-3.5-flash-2603 entries
which already carry zero cost. Standard stepfun/step-3.7-flash keeps its
per-token rate. Per models.dev anomalyco/models.dev#1903, whose step-plan
providers omit cost entirely.

* docs(changelog): note StepFun 3.7 support

* style(stepfun): format provider table

* fix(stepfun): forward reasoning effort

* fix(stepfun): scope reasoning compat to 3.7

* test(stepfun): keep 3.5 reasoning compat unchanged

* fix(stepfun): carry off fallback through agent turns

* fix(stepfun): use documented token limit field

* fix(stepfun): match chat completions contract

* chore(stepfun): keep changelog release-owned

---------

Co-authored-by: Tianning Li <litianning@stepfun.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:14:46 +01:00
Vincent Koc
9bb946acc5 docs(codex): refresh harness compatibility snapshot 2026-07-08 23:07:20 -07:00
Peter Steinberger
5533d979d4
feat: add follow-up task suggestions (#102422)
* feat(tools): add follow-up task suggestions

* chore: leave changelog to release flow

* fix(tools): add task suggestion display metadata

* fix(tools): update task suggestion display snapshot

* docs: format task suggestion tool table

* test(gateway): expect compaction worktree workspace

* test(gateway): preserve configured compaction workspace

* fix(ui): translate task suggestions
2026-07-09 06:30:01 +01:00
Peter Steinberger
e2a4973edf
docs(slack): explain voice input and audio clips (#102410)
* docs(slack): document voice input support

* docs: refresh generated map

---------

Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-08 21:28:49 -07:00
Jacob Tomlinson
9c86529e44
fix(comfy): allow private service hostnames (#99065)
* fix(comfy): allow private service hostnames

* fix(comfy): scope private hostname trust to origin

* test(comfy): use fetch-compatible response bodies

---------

Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-07-08 21:11:08 -05:00
Tobias Oort
0307deacfa
feat(github-copilot): support GitHub Enterprise data-residency Copilot auth (#99221)
Adds GitHub Enterprise data-residency support to the existing bundled GitHub Copilot provider.

Maintainer proof:
- GitHub CI green on head 54010a6538f1543a7fcf161f0c46169bf059213b
- `check-lint`, `check-additional-extension-bundled`, and `check-shrinkwrap` passed in CI
- local `pnpm lint:extensions:bundled`, `pnpm lint`, and focused GitHub Copilot Vitest passed
- AWS Crabbox proof passed
- live microsoft.ghe.com device-flow/token-exchange/model-catalog proof passed

Co-authored-by: Tobias Oort <tobias.oort@ict.nl>
Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-07-08 18:59:41 -07:00
Vincent Koc
6630138598
chore(plugin-sdk): refresh API baseline 2026-07-08 17:51:24 -07:00
Peter Steinberger
eae3fc1a79
feat(xai): add Grok 4.5 support (#102316)
* feat(xai): add Grok 4.5 support

* chore: leave release notes to release automation
2026-07-09 01:39:03 +01:00
Gio Della-Libera
7d82e5b658
Doctor: audit lint default selection (#100361)
Summary:
- audit Doctor lint default selection after the full lint-family backfill
- make legacy state, skills readiness, session transcripts, and session snapshots explicit-only for default lint
- document default lint vs --all/--only and keep plugin/SDK public contracts unchanged

Validation:
- Galin review: no blocking findings
- maintainer accepted the default-lint compatibility tradeoff in PR comment
- exact-head hosted gates passed for d5d88a0db14782a36f72aa1fbe5023570343f773: CI#28976811444 and Workflow Sanity#28976811343
- local broad pnpm check was blocked by a shrinkwrap guard failure that reproduces on origin/main and is unrelated to this five-file Doctor diff

Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com>
2026-07-08 14:34:57 -07:00
Sally O'Malley
b81666ca6a
Fix container image upgrade migrations before gateway readiness (#101881)
* run all 'openclaw upgrade' migrations with container image upgrades

Signed-off-by: sallyom <somalley@redhat.com>

* fix: block gateway startup on plugin repair warnings

Signed-off-by: sallyom <somalley@redhat.com>

---------

Signed-off-by: sallyom <somalley@redhat.com>
2026-07-08 14:19:05 -04:00
Gio Della-Libera
aa27ae9d9f
policy: preview review-required gateway repairs (#99776)
* policy: preview review-required gateway repairs

* docs(policy): document gateway review previews

* docs(policy): document gateway review previews

* docs(policy): document gateway review previews

* docs(policy): document gateway review previews

---------

Co-authored-by: Gio Della-Libera <giodl@microsoft.com>
2026-07-08 10:44:56 -07:00
Peter Steinberger
4bf70be01a
feat(secrets): egress-time credential injection with process-local sentinels (#102009)
* feat(secrets): resolve SecretRef model credentials at egress via process-local sentinels

SecretRef-managed model-provider credentials now travel as opaque
oc-sent-v1 sentinels through auth storage, stream options, and SDK
config; the guarded model fetch injects real values into headers and
URLs immediately before the SSRF-guarded send and fails closed on
unknown sentinels. packages/ai adapters converge on the host guarded
fetch where the SDK supports custom fetch and unwrap at construction
where it does not. Resolved values (and their percent-encoded forms)
register for exact-value log redaction. Kill switch:
OPENCLAW_SECRET_SENTINELS=off. Also fixes a pre-existing unhandled
rejection race in capNonOkResponseBodyLazily (pipeThrough writer leak).

* test(plugin-sdk): update public surface budget
2026-07-08 12:56:41 +01:00
Pavan Kumar Gondhi
5f04dc97e6
Harden jq safe-bin semantics (#102032) 2026-07-08 15:43:37 +05:30
Tran Quang
19f7b72a74
fix(voice-call): preserve per-call agent routing (#77763)
* fix(voice-call): preserve per-call agent routing

Co-authored-by: Tran Quang <randytran8800@gmail.com>

* chore: keep release notes in PR metadata

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-08 07:06:35 +01:00
Jason (Json)
4e84981402
feat(crestodian): guide providerless model setup (#101887)
* feat(crestodian): guide providerless model setup

* fix(crestodian): avoid TUI message shadowing

* fix(crestodian): tighten provider setup handoff

* fix(crestodian): simplify model setup result

* fix(crestodian): audit committed config hash

* fix(crestodian): contain embedded wizard exits

* test(crestodian): auto-clean operation temp dirs
2026-07-07 19:24:54 -06:00
Vincent Koc
c96c60d22d
chore(plugin-sdk): refresh API baseline hash 2026-07-08 02:27:34 +02:00
Jason (Json)
2fbd4cdcba
fix(installer): complete first-run onboarding (#101901)
* fix(installer): complete first-run onboarding

* docs(installer): document finalization paths

* fix(installer): honor verify without tty

* fix(installer): align config finalization
2026-07-07 18:23:56 -06:00
Omar Shahine
91a0ebbce6
Improve iMessage imsg setup and skill ownership (#101407)
Co-authored-by: Omar Shahine <10343873+omarshahine@users.noreply.github.com>
2026-07-07 14:13:37 -07:00
Peter Steinberger
6235344006
fix(ui): stop flashing the login gate on dashboard load when credentials are stored (#101849)
First connects backed by stored auth (URL/session token, password, or an
approved device token) now paint a small wiggling OpenClaw mark (delayed
fade-in, reduced-motion aware) until the hello resolves. The login gate
still owns credential-less first opens, rejected credentials, and manual
gate submissions.

Closes #101847
2026-07-07 19:40:30 +01:00
Gio Della-Libera
41425bf094
policy: repair denied gateway http endpoints (#99731)
* policy: repair denied gateway http endpoints

* docs(policy): describe gateway http repairs

---------

Co-authored-by: Gio Della-Libera <giodl@microsoft.com>
2026-07-07 11:26:54 -07:00
Peter Steinberger
a6768d9de5
feat(cron): event triggers — polled condition-watcher scripts via code mode (#101195)
* feat(cron): add headless code-mode driver and trigger-script evaluator

Part A of cron event triggers: runCodeModeScriptHeadless runs a script
to completion (exec/settle/resume, no snapshots, no session), plus the
cron-facing evaluator with per-job tool catalog cache, semaphore, 16KB
state cap, and closed failure taxonomy.

* fix(cron): correct trigger-script bootstrap flags and cache narrowing

* feat(cron): add event triggers (polled condition-watcher scripts)

Part B: trigger field on cron jobs gated by cron.triggers.enabled;
timer evaluates the script each due tick, quiet ticks leave no run
history, fired runs append the script message to the payload; once
semantics, min-interval floor, SQLite columns, RPC/CLI/agent-tool
surfaces, and docs.

* fix(cron): propagate triggerEval through startup catch-up outcomes

* fix(cron): honor cron staggering on quiet trigger ticks; fix trigger test types

* fix(cron): reject with Error reason in trigger-script abort test

* fix(cron): regenerate protocol/docs/snapshot artifacts and break madge cycle for trigger types

CI fixes for #101195: trigger evaluator result types move to the cron
types leaf (madge cycle), cron tool schema inventory gains trigger,
Swift protocol bindings + docs map + Linux prompt snapshots regenerated.

* fix(cron): drop underscore-dangle names in trigger code sync assert

* fix(cron): adopt registerHeadlessToolSearchCatalog after tool-search symbol localization

Upstream #101831 made registerToolSearchCatalog module-private; fold the
headless ref-only catalog registration into one public seam.
2026-07-07 19:12:38 +01:00
Peter Steinberger
21f251220f
feat(ui): redesign gateway connection-lost banner as floating pill (#101812) 2026-07-07 19:00:29 +01:00
Shakker
a3477eafb9 docs: update Control UI MCP settings route 2026-07-07 16:53:48 +01:00
Peter Steinberger
a7faec8ca1
fix(gateway): support native Windows exec approvals (#101669)
* fix(gateway): support native Windows exec approvals

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>

* chore: defer changelog entry to release

* test: use tracked approvals temp directories

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-07-07 14:50:59 +01:00
Peter Steinberger
7c0a7c8be2
fix(agents): keep exec visible for lean local models (#101607)
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-07-07 12:46:26 +01:00
Peter Steinberger
bd7da9decd
fix(browser): keep upload errors specific (#101465) 2026-07-07 12:35:27 +01:00