👋 科技热点日报

🤖 Claude Code 更新 v2.1.92 发布日期: 2026-04-04 ⚠️ 新版本发布 ✨ 新增功能 Added forceRemoteSettingsRefresh policy setting: when set, the CLI blocks startup until remote managed settings are freshly fetched, and exits if the fetch fails (fail-closed) Added interactive Bedrock setup wizard accessible from the login screen when selecting “3rd-party platform” — guides you through AWS authentication, region configuration, credential verification, and model pinning Added per-model and cache-hit breakdown to /cost for subscription users 🐛 重要修复 Fixed subagent spawning permanently failing with “Could not determine pane count” after tmux windows are killed or renumbered during a long-running session Fixed prompt-type Stop hooks incorrectly failing when the small fast model returns ok:false, and restored preventContinuation:true semantics for non-Stop prompt-type hooks Fixed tool input validation failures when streaming emits array/object fields as JSON-encoded strings Fixed an API 400 error that could occur when extended thinking produced a whitespace-only text block alongside real content Fixed accidental feedback survey submissions from auto-pilot keypresses and consecutive-prompt digit collisions Fixed misleading “esc to interrupt” hint appearing alongside “esc to clear” when a text selection exists in fullscreen mode during processing Fixed Homebrew install update prompts to use the cask’s release channel (claude-code → stable, claude-code@latest → latest) Fixed ctrl+e jumping to the end of the next line when already at end of line in multiline prompts Fixed an issue where the same message could appear at two positions when scrolling up in fullscreen mode (iTerm2, Ghostty, and other terminals with DEC 2026 support) Fixed idle-return “/clear to save X tokens” hint showing cumulative session tokens instead of current context size ⚡ 优化改进 Improved Write tool diff computation speed for large files (60% faster on files with tabs/&/$) Removed /tag command Removed /vim command (toggle vim mode via /config → Editor mode) 💡 深度点评 核心亮点 交互式 Bedrock 配置向导：在登录界面选择第三方平台时，新增了完整的 Bedrock 引导流程，支持 AWS 身份验证、区域配置及模型固定，大幅简化了企业级环境的接入难度。 精细化 /cost 成本统计：针对订阅用户，/cost 命令现在支持按模型维度和缓存命中（cache-hit）情况进行费用拆解，提供了更透明的 Token 消耗反馈。 Write 工具性能优化：改进了大文件的 diff 计算逻辑，在处理包含制表符或特殊符号（如 &、$）的文件时，计算速度提升了约 60%。 值得注意的修复 Tmux 子智能体生成失效：修复了在 tmux 环境下，若窗口被销毁或重排导致“无法确定窗格数量”，进而造成子智能体（subagent）永久无法启动的问题。 MCP 服务连接阻塞：解决了当插件 MCP 服务与未授权的 claude.ai 连接器冲突时，导致服务卡死在“连接中”状态的异常。 个人评价 v2.1.92 版本标志着 Claude Code 进入了从功能扩张转向体验打磨的阶段。通过移除 /tag 和重构 /vim 指令（整合至配置项），工具链的逻辑变得更加清晰；而针对大文件 diff 速度的提升和 Bedrock 接入流程的完善，则直接回应了开发者在复杂工程场景下的核心诉求。整体而言，这是一个侧重于稳定性与工程化细节的务实更新，建议重度 CLI 用户及 AWS 环境开发者尽快升级。 ...

🔧 Openclaw 更新 2026.4.2 发布日期: 2026-04-02 ⚠️ 新版本发布 Changes Tasks/chat: add /tasks as a chat-native background task board for the current session, with recent task details and agent-local fallback counts when no linked tasks are visible. Related #54226. Thanks @vincentkoc. Web search/SearXNG: add the bundled SearXNG provider plugin for web_search with configurable host support. (#57317) Thanks @cgdusek. Amazon Bedrock/Guardrails: add Bedrock Guardrails support to the bundled provider. (#58588) Thanks @MikeORed. macOS/Voice Wake: add the Voice Wake option to trigger Talk Mode. (#58490) Thanks @SmoothExec. Feishu/comments: add a dedicated Drive comment-event flow with comment-thread context resolution, in-thread replies, and feishu_drive comment actions for document collaboration workflows. (#58497) Thanks @wittam-01. Gateway/webchat: make chat.history text truncation configurable with gateway.webchat.chatHistoryMaxChars and per-request maxChars, while preserving silent-reply filtering and existing default payload limits. (#58900) Agents/default params: add agents.defaults.params for global default provider parameters. (#58548) Thanks @lpender. Agents/failover: cap prompt-side and assistant-side same-provider auth-profile retries for rate-limit failures before cross-provider model fallback, add the auth.cooldowns.rateLimitedProfileRotations knob, and document the new fallback behavior. (#58707) Thanks @Forgely3D Cron/tools allowlist: add openclaw cron --tools for per-job tool allowlists. (#58504) Thanks @andyk-ms. Channels/session routing: move provider-specific session conversation grammar into plugin-owned session-key surfaces, preserving Telegram topic routing and Feishu scoped inheritance across bootstrap, model override, restart, and tool-policy paths. WhatsApp/reactions: add reactionLevel guidance for agent reactions. Thanks @mcaxtr. Telegram/errors: add configurable errorPolicy and errorCooldownMs controls so Telegram can suppress repeated delivery errors per account, chat, and topic without muting distinct failures. (#51914) Thanks @chinar-amrutkar Fixes Chat/error replies: stop leaking raw provider/runtime failures into external chat channels, return a friendly retry message instead, and add a specific /new hint for Bedrock toolResult/toolUse session mismatches. (#58831) Thanks @ImLukeF. Gateway/reload: ignore startup config writes by persisted hash in the config reloader so generated auth tokens and seeded Control UI origins do not trigger a restart loop, while real gateway.auth.* edits still require restart. (#58678) Thanks @yelog Tasks/gateway: keep the task registry maintenance sweep from stalling the gateway event loop under synchronous SQLite pressure, so upgraded gateways stop hanging about a minute after startup. (#58670) Thanks @openperf Tasks/status: hide stale completed background tasks from /status and session_status, prefer live task context, and show recent failures only when no active work remains. (#58661) Thanks @vincentkoc Tasks/gateway: re-check the current task record before maintenance marks runs lost or prunes them, so a task heartbeat or cleanup update that lands during a sweep no longer gets overwritten by stale snapshot state. Exec/approvals: honor exec-approvals.json security defaults when inline or configured tool policy is unset, and keep Slack and Discord native approval handling aligned with inferred approvers and real channel enablement so remote exec stops falling into false approval timeouts and disabled states. Thanks @scoootscooob and @vincentkoc. Exec/approvals: make allow-always persist as durable user-approved trust instead of behaving like allow-once, reuse exact-command trust on shell-wrapper paths that cannot safely persist an executable allowlist entry, keep static allowlist entries from silently bypassing ask:"always", and require explicit approval when Windows cannot build an allowlist execution plan instead of hard-dead-ending remote exec. Thanks @scoootscooob and @vincentkoc. Exec/cron: resolve isolated cron no-route approval dead-ends from the effective host fallback policy when trusted automation is allowed, and make openclaw doctor warn when tools.exec is broader than ~/.openclaw/exec-approvals.json so stricter host-policy conflicts are explicit. Thanks @scoootscooob and @vincentkoc. Sessions/model switching: keep /model changes queued behind busy runs instead of interrupting the active turn, and retarget queued followups so later work picks up the new model as soon as the current turn finishes. Gateway/HTTP: skip failing HTTP request stages so one broken facade no longer forces every HTTP endpoint to return 500. (#58746) Thanks @yelog Gateway/nodes: stop pinning live node commands to the approved node-pair record. Node pairing remains a trust/token flow, while per-node system.run policy stays in that node’s exec approvals config. Fixes #58824. WebChat/exec approvals: use native approval UI guidance in agent system prompts instead of telling agents to paste manual /approve commands in webchat sessions. Thanks @vincentkoc. 💡 深度点评 📝 个人评价 2026.4.2 包含多项变更，请查看上方详细列表。 ...

🤖 Claude Code 更新 v2.1.90 发布日期: 2026-04-02 ⚠️ 新版本发布 ✨ 新增功能 Added /powerup — interactive lessons teaching Claude Code features with animated demos Added CLAUDE_CODE_PLUGIN_KEEP_MARKETPLACE_ON_FAILURE env var to keep the existing marketplace cache when git pull fails, useful in offline environments Added .husky to protected directories (acceptEdits mode) 🐛 重要修复 Fixed an infinite loop where the rate-limit options dialog would repeatedly auto-open after hitting your usage limit, eventually crashing the session Fixed --resume causing a full prompt-cache miss on the first request for users with deferred tools, MCP servers, or custom agents (regression since v2.1.69) Fixed Edit/Write failing with “File content has changed” when a PostToolUse format-on-save hook rewrites the file between consecutive edits Fixed PreToolUse hooks that emit JSON to stdout and exit with code 2 not correctly blocking the tool call Fixed collapsed search/read summary badge appearing multiple times in fullscreen scrollback when a CLAUDE.md file auto-loads during a tool call Fixed auto mode not respecting explicit user boundaries (“don’t push”, “wait for X before Y”) even when the action would otherwise be allowed Fixed click-to-expand hover text being nearly invisible on light terminal themes Fixed UI crash when malformed tool input reached the permission dialog Fixed headers disappearing when scrolling /model, /config, and other selection screens ⚡ 优化改进 Improved performance: eliminated per-turn JSON.stringify of MCP tool schemas on cache-key lookup Improved performance: SSE transport now handles large streamed frames in linear time (was quadratic) Improved performance: SDK sessions with long conversations no longer slow down quadratically on transcript writes Improved /resume all-projects view to load project sessions in parallel, improving load times for users with many projects Removed Get-DnsClientCache and ipconfig /displaydns from auto-allow (DNS cache privacy) 💡 深度点评 核心亮点 /powerup 交互式教程：新增内置交互式课程，通过动画演示直观教学 Claude Code 的各项功能特性，降低了复杂指令的学习门槛。 长对话与多项目性能优化：SSE 传输处理大幅数据帧的时间复杂度由平方级优化为线性；同时 /resume 支持并行加载项目会话，显著提升了大型项目及长上下文场景下的响应速度。 PowerShell 权限校验加固：针对 Windows 环境进行了深度安全加固，修复了通过后台任务（&）绕过权限检查以及特定场景下的降级漏洞，增强了工具调用的安全性。 值得注意的修复 开发流冲突修复：解决了 PostToolUse 钩子（如 format-on-save）在连续编辑间隙改写文件导致 Edit/Write 报错“File content has changed”的竞争问题。 缓存逻辑修正：修复了自 v2.1.69 以来 --resume 导致 prompt-cache 失效的回归问题，确保在使用 MCP 或自定义 Agent 时能正确命中缓存以节省 Token。 个人评价 Claude Code v2.1.90 是一个以「稳定性」和「性能缩放」为核心的迭代版本。通过重构 SSE 传输机制和并行化加载逻辑，该版本解决了 AI 工具在处理超长对话时常见的性能衰减痛点。同时，针对 format-on-save 触发的文件改写冲突以及 prompt-cache 命中率的修复，显示出开发团队正在深度磨平 AI 代理与前端工程化工具链（如 ESLint/Prettier）之间的协作摩擦。整体来看，这使得 Claude Code 在处理复杂工程任务时更加可靠和高效。 ...

🔧 Codex 更新 rust-v0.118.0 发布日期: 2026-04-01 ⚠️ 新版本发布 New Features Windows sandbox runs can now enforce proxy-only networking with OS-level egress rules, instead of relying on environment variables alone. (#12220) App-server clients can now start ChatGPT sign-in with a device code flow, which helps when browser callback login is unreliable or unavailable. (#15525) codex exec now supports the prompt-plus-stdin workflow, so you can pipe input and still pass a separate prompt on the command line. (#15917) Custom model providers can now fetch and refresh short-lived bearer tokens dynamically, instead of being limited to static credentials from config or environment variables. (#16286, #16287, #16288) Bug Fixes Project-local .codex files are now protected even on first creation, closing a gap where the initial write could bypass normal approval checks. (#15067) Linux sandbox launches are more reliable because Codex once again finds a trusted system bwrap on normal multi-entry PATHs. (#15791, #15973) The app-server-backed TUI regained several missing workflows: hook notifications replay correctly, /copy and /resume <name> work again, /agent no longer shows stale threads, and the skills picker scrolls past the first page. (#16013, #16021, #16050, #16014, #16109, #16110) MCP startup is more robust: local servers get a longer startup window, and failed handshakes surface warnings in the TUI again instead of looking like clean startups. (#16080, #16041) On Windows, apply_patch is less likely to fail because it no longer adds redundant writable roots that could trigger unnecessary ACL churn. (#16030) Changelog #15891 [plugins] Polish tool suggest prompts. @mzeng-openai #15791 fix: resolve bwrap from trusted PATH entry @viyatb-oai #15900 skills: remove unused skill permission metadata @bolinfest #15811 app-server: Split transport module @euroelessar #15067 Protect first-time project .codex creation across Linux and macOS sandboxes @rreichel3-oai #15903 [codex] import token_data from codex-login directly @bolinfest #15897 sandboxing: use OsString for SandboxCommand.program @bolinfest #15910 docs: update AGENTS.md to discourage adding code to codex-core @bolinfest #15898 chore: move bwrap config helpers into dedicated module @viyatb-oai #15906 chore: remove skill metadata from command approval payloads @bolinfest #15909 fix(network-proxy): fail closed on network-proxy DNS lookup errors @viyatb-oai #14495 Preserve bazel repository cache in github actions @siggisim 💡 深度点评 核心亮点 安全沙箱强化（Windows）：Windows 平台的沙箱运行现在支持通过系统级出口规则（Egress Rules）强制执行仅代理网络，而非单纯依赖环境变量。这一改进显著提升了网络隔离的严密性，防止了潜在的绕过风险。 (#12220) 动态身份验证支持：自定义模型供应商现在可以动态获取并刷新短效 Bearer Token。相比此前仅支持配置文件或环境变量中的静态凭据，这一变化为集成企业级 IAM（身份访问管理）和更安全的认证流提供了可能。 (#16286, #16288) CLI 流水线能力增强：codex exec 现已支持“Prompt + Stdin”工作流。开发者可以通过管道（pipe）输入数据的同时，在命令行直接传递独立的 Prompt，大幅提升了 Codex 在自动化脚本中的灵活性。 (#15917) 值得注意的修复 首创配置文件安全保护：修复了项目本地 .codex 文件在首次创建时可能绕过审批检查的漏洞，确保从文件诞生起就受沙箱策略保护。 (#15067) MCP 启动鲁棒性提升：为本地 MCP 服务器提供了更长的启动窗口期，并修复了握手失败被误判为正常启动的问题。现在 TUI 能正确显示握手警告，便于开发者排查插件初始化故障。 (#16080, #16041) TUI 核心工作流回归：修复了基于 app-server 的 TUI 界面中的多项退化问题，包括 /copy 和 /resume 指令失效、Hook 通知回放异常以及技能选择器无法翻页等关键交互 Bug。 (#16013, #16021, #16109) 个人评价 Rust-v0.118.0 是一个侧重于“工程健壮性”的更新版本。它没有堆砌新的模型功能，而是将重心放在了沙箱安全性、认证机制动态化以及 TUI 交互的稳定性上。特别是网络代理策略从环境变量升级到系统级规则，以及对动态 Token 的支持，标志着 Codex 正在向更加严苛的生产级开发环境靠拢。对于重度依赖 CLI 自动化的用户来说，codex exec 的流水线优化也是非常实用的改进。 ...

🔧 Openclaw 更新 2026.3.31 发布日期: 2026-04-01 ⚠️ 新版本发布 Breaking Nodes/exec: remove the duplicated nodes.run shell wrapper from the CLI and agent nodes tool so node shell execution always goes through exec host=node, keeping node-specific capabilities on nodes invoke and the dedicated media/location/notify actions. Plugin SDK: deprecate the legacy provider compat subpaths plus the older bundled provider setup and channel-runtime compatibility shims, emit migration warnings, and keep the current documented openclaw/plugin-sdk/* entrypoints plus local api.ts / runtime-api.ts barrels as the forward path ahead of a future major-release removal. Skills/install and Plugins/install: built-in dangerous-code critical findings and install-time scan failures now fail closed by default, so plugin installs and gateway-backed skill dependency installs that previously succeeded may now require an explicit dangerous override such as --dangerously-force-unsafe-install to proceed. Gateway/auth: trusted-proxy now rejects mixed shared-token configs, and local-direct fallback requires the configured token instead of implicitly authenticating same-host callers. Thanks @zhangning-agent, @jacobtomlinson, and @vincentkoc. Gateway/node commands: node commands now stay disabled until node pairing is approved, so device pairing alone is no longer enough to expose declared node commands. (#57777) Thanks @jacobtomlinson. Gateway/node events: node-originated runs now stay on a reduced trusted surface, so notification-driven or node-triggered flows that previously relied on broader host/session tool access may need adjustment. (#57691) Thanks @jacobtomlinson. Changes ACP/plugins: add an explicit default-off ACPX plugin-tools MCP bridge config, document the trust boundary, and harden the built-in bridge packaging/logging path so global installs and stdio MCP sessions work reliably. (#56867) Thanks @joe2643. Agents/LLM: add a configurable idle-stream timeout for embedded runner requests so stalled model streams abort cleanly instead of hanging until the broader run timeout fires. (#55072) Thanks @liuy. Agents/MCP: materialize bundle MCP tools with provider-safe names (serverName__toolName), support optional streamable-http transport selection plus per-server connection timeouts, and preserve real tool results from aborted/error turns unless truncation explicitly drops them. (#49505) Thanks @ziomancer. Android/notifications: add notification-forwarding controls with package filtering, quiet hours, rate limiting, and safer picker behavior for forwarded notification events. (#40175) Thanks @nimbleenigma. Background tasks: turn tasks into a real shared background-run control plane instead of ACP-only bookkeeping by unifying ACP, subagent, cron, and background CLI execution under one SQLite-backed ledger, routing detached lifecycle updates through the executor seam, adding audit/maintenance/status visibility, tightening auto-cleanup and lost-run recovery, improving task awareness in internal status/tool surfaces, and clarifying the split between heartbeat/main-session automation and detached scheduled runs. Thanks @mbelinky and @vincentkoc. Background tasks: add the first linear task flow control surface with openclaw flows list|show|cancel, keep manual multi-task flows separate from one-task auto-sync flows, and surface doctor recovery hints for obviously orphaned or broken flow/task linkage. Thanks @mbelinky and @vincentkoc. Channels/QQ Bot: add QQ Bot as a bundled channel plugin with multi-account setup, SecretRef-aware credentials, slash commands, reminders, and media send/receive support. (#52986) Thanks @sliverp. Diffs: skip unused viewer-versus-file SSR preload work so diffs view-only and file-only runs do less render work while keeping mode outputs aligned. (#57909) thanks @gumadeiras. Tasks: add a minimal SQLite-backed task flow registry plus task-to-flow linkage scaffolding, so orchestrated work can start gaining a first-class parent record without changing current task delivery behavior. Thanks @mbelinky and @vincentkoc. Tasks: persist blocked state on one-task task flows and let the same flow reopen cleanly on retry, so blocked detached work can carry a parent-level reason and continue without fragmenting into a new job. Thanks @mbelinky and @vincentkoc. Tasks: route one-task ACP and subagent updates through a parent task-flow owner context, so detached work can emerge back through the intended parent thread/session instead of speaking only as a raw child task. Thanks @mbelinky and @vincentkoc. LINE/outbound media: add LINE image, video, and audio outbound sends on the LINE-specific delivery path, including explicit preview/tracking handling for videos while keeping generic media sends on the existing image-only route. (#45826) Thanks @masatohoshino. Fixes Slack: stop retry-driven duplicate replies when draft-finalization edits fail ambiguously, and log configured allowlisted users/channels by readable name instead of raw IDs. Agents/OpenAI Responses: normalize raw bundled MCP tool schemas on the WebSocket/Responses path so bare-object, object-ish, and top-level union MCP tools no longer get rejected by OpenAI during tool registration. (#58299) Thanks @yelog. ACP/security: replace ACP’s dangerous-tool name override with semantic approval classes, so only narrow readonly reads/searches can auto-approve while indirect exec-capable and control-plane tools always require explicit prompt approval. Thanks @vincentkoc. ACP/sessions_spawn: register ACP child runs for completion tracking and lifecycle cleanup, and make registration-failure cleanup explicitly best-effort so callers do not assume an already-started ACP turn was fully aborted. (#40885) Thanks @xaeon2026 and @vincentkoc. ACP/tasks: mark cleanly exited ACP runs as blocked when they end on deterministic write or authorization blockers, and wake the parent session with a follow-up instead of falsely reporting success. ACPX/runtime: derive the bundled ACPX expected version from the extension package metadata instead of hardcoding a separate literal, so plugin-local ACPX installs stop drifting out of health-check parity after version bumps. (#49089) Thanks @jiejiesks and @vincentkoc. Agents/Anthropic failover: treat Anthropic api_error payloads with An unexpected error occurred while processing the response as transient so retry/fallback can engage instead of surfacing a terminal failure. (#57441) Thanks @zijiess and @vincentkoc. Agents/compaction: keep late compaction-retry completions from double-resolving finished compaction futures, so interrupted or timed-out compactions stop surfacing spurious second-completion races. (#57796) Thanks @joshavant. Agents/disabled providers: make disabled providers disappear from default model selection and embedded provider fallback, while letting explicitly pinned disabled providers fail with a clear config error instead of silently taking traffic. (#57735) Thanks @rileybrown-dev and @vincentkoc. Agents/OAuth output: force exec-host OAuth output readers through the gateway fs policy so embedded gateway runs stop crashing when provider auth writes land outside the current sandbox workspace. (#58249) Thanks @joshavant. Agents/system prompt: fix agent.name interpolation in the embedded runtime system prompt and make provider/model fallback text reflect the effective runtime selection after start. (#57625) Thanks @StllrSvr and @vincentkoc. Android/device info: read the app’s version metadata from the package manager instead of hidden APIs so Android 15+ onboarding and device info no longer fail to compile or report placeholder values. (#58126) Thanks @L3ER0Y. 💡 深度点评 这是针对 openclaw 2026.3.31 版本的深度点评： ...

🤖 Claude Code 更新 v2.1.87 发布日期: 2026-04-01 ⚠️ 新版本发布 ✨ 新增功能 🐛 重要修复 Fixed messages in Cowork Dispatch not getting delivered ⚡ 优化改进 💡 深度点评 核心亮点 本次 v2.1.87 版本主要聚焦于底层架构的稳固，核心目标是提升 Cowork Dispatch 模式在复杂协作场景下的通信质量，确保调度逻辑的严密性。 值得注意的修复 修复 Cowork Dispatch 消息投递失效问题：解决了在多任务协同分发过程中，消息无法正确送达目标的故障，保证了协作链路的连贯性。 个人评价 v2.1.87 是一个典型的稳定性补丁版本。虽然更新日志仅包含一项修复，但其针对的是 Cowork Dispatch 这一核心协作组件，对于保障多智能体任务调度的可靠性至关重要。此次修复消除了由于通信中断导致的自动化流程卡死风险，建议依赖协作模式的开发者及时更新以维持工作流的稳定性。 数据来源: 官方 CHANGELOG Generated by OpenClaw at 2026-04-01 08:00:36

🤖 Claude Code 更新 v2.1.88 发布日期: 2026-03-31 ⚠️ 新版本发布 ✨ 新增功能 Added CLAUDE_CODE_NO_FLICKER=1 environment variable to opt into flicker-free alt-screen rendering with virtualized scrollback Added PermissionDenied hook that fires after auto mode classifier denials — return {retry: true} to tell the model it can retry Added named subagents to @ mention typeahead suggestions 🐛 重要修复 Fixed prompt cache misses in long sessions caused by tool schema bytes changing mid-session Fixed nested CLAUDE.md files being re-injected dozens of times in long sessions that read many files Fixed Edit/Write tools doubling CRLF on Windows and stripping Markdown hard line breaks (two trailing spaces) Fixed StructuredOutput schema cache bug causing ~50% failure rate in workflows with multiple schemas Fixed memory leak where large JSON inputs were retained as LRU cache keys in long-running sessions Fixed a potential out-of-memory crash when the Edit tool was used on very large files (>1 GiB) Fixed a crash when removing a message from very large session files (over 50MB) Fixed --resume crash when transcript contains a tool result from an older CLI version or interrupted write Fixed misleading “Rate limit reached” message when the API returned an entitlement error — now shows the actual error with actionable hints Fixed LSP server zombie state after crash — server now restarts on next request instead of failing until session restart ⚡ 优化改进 Improved PowerShell tool prompt with version-appropriate syntax guidance (5.1 vs 7+) 💡 深度点评 以下是关于 Claude Code v2.1.88 更新内容的深度点评： ...

🔧 Openclaw 更新 2026.3.28 发布日期: 2026-03-30 ⚠️ 新版本发布 Breaking Providers/Qwen: remove the deprecated qwen-portal-auth OAuth integration for portal.qwen.ai; migrate to Model Studio with openclaw onboard --auth-choice modelstudio-api-key. (#52709) Thanks @pomelo-nwu. Config/Doctor: drop automatic config migrations older than two months; very old legacy keys now fail validation instead of being rewritten on load or by openclaw doctor. Changes xAI/tools: move the bundled xAI provider to the Responses API, add first-class x_search, and auto-enable the xAI plugin from owned web-search and tool config so bundled Grok auth/configured search flows work without manual plugin toggles. (#56048) Thanks @huntharo. xAI/onboarding: let the bundled Grok web-search plugin offer optional x_search setup during openclaw onboard and openclaw configure --section web, including an x_search model picker with the shared xAI key. MiniMax: add image generation provider for image-01 model, supporting generate and image-to-image editing with aspect ratio control. (#54487) Thanks @liyuan97. Plugins/hooks: add async requireApproval to before_tool_call hooks, letting plugins pause tool execution and prompt the user for approval via the exec approval overlay, Telegram buttons, Discord interactions, or the /approve command on any channel. The /approve command now handles both exec and plugin approvals with automatic fallback. (#55339) Thanks @vaclavbelak and @joshavant. ACP/channels: add current-conversation ACP binds for Discord, BlueBubbles, and iMessage so /acp spawn codex --bind here can turn the current chat into a Codex-backed workspace without creating a child thread, and document the distinction between chat surface, ACP session, and runtime workspace. OpenAI/apply_patch: enable apply_patch by default for OpenAI and OpenAI Codex models, and align its sandbox policy access with write permissions. Plugins/CLI backends: move bundled Claude CLI, Codex CLI, and Gemini CLI inference defaults onto the plugin surface, add bundled Gemini CLI backend support, and replace gateway run --claude-cli-logs with generic --cli-backend-logs while keeping the old flag as a compatibility alias. Plugins/startup: auto-load bundled provider and CLI-backend plugins from explicit config refs, so bundled Claude CLI, Codex CLI, and Gemini CLI message-provider setups no longer need manual plugins.allow entries. Podman: simplify the container setup around the current rootless user, install the launch helper under ~/.local/bin, and document the host-CLI openclaw --container <name> ... workflow instead of a dedicated openclaw service user. Slack/tool actions: add an explicit upload-file Slack action that routes file uploads through the existing Slack upload transport, with optional filename/title/comment overrides for channels and DMs. Message actions/files: start unifying file-first sends on the canonical upload-file action by adding explicit support for Microsoft Teams and Google Chat, and by exposing BlueBubbles file sends through upload-file while keeping the legacy sendAttachment alias. Plugins/Matrix TTS: send auto-TTS replies as native Matrix voice bubbles instead of generic audio attachments. (#37080) thanks @Matthew19990919. Fixes Agents/Anthropic: recover unhandled provider stop reasons (e.g. sensitive) as structured assistant errors instead of crashing the agent run. (#56639) Google/models: resolve Gemini 3.1 pro, flash, and flash-lite for all Google provider aliases by passing the actual runtime provider ID and adding a template-provider fallback; fix flash-lite prefix ordering. (#56567) OpenAI Codex/image tools: register Codex for media understanding and route image prompts through Codex instructions so image analysis no longer fails on missing provider registration or missing instructions. (#54829) Thanks @neeravmakwana. Agents/image tool: restore the generic image-runtime fallback when no provider-specific media-understanding provider is registered, so image analysis works again for providers like openrouter and minimax-portal. (#54858) Thanks @MonkeyLeeT. WhatsApp: fix infinite echo loop in self-chat DM mode where the bot’s own outbound replies were re-processed as new inbound user messages. (#54570) Thanks @joelnishanth Telegram/splitting: replace proportional text estimate with verified HTML-length search so long messages split at word boundaries instead of mid-word; gracefully degrade when tag overhead exceeds the limit. (#56595) Telegram/delivery: skip whitespace-only and hook-blanked text replies in bot delivery to prevent GrammyError 400 empty-text crashes. (#56620) Telegram/send: validate replyToMessageId at all four API sinks with a shared normalizer that rejects non-numeric, NaN, and mixed-content strings. (#56587) Approvals/UI: keep the newest pending approval at the front of the Control UI queue so approving one request does not accidentally target an older expired id. Thanks @vincentkoc. Plugin approvals: accept unique short approval-id prefixes on plugin.approval.resolve, matching exec approvals and restoring /approve fallback flows on chat approval surfaces. Thanks @vincentkoc. Mistral: normalize OpenAI-compatible request flags so official Mistral API runs no longer fail with remaining 422 status code (no body) chat errors. Control UI/config: keep sensitive raw config hidden by default, replace the blank blocked editor with an explicit reveal-to-edit state, and restore raw JSON editing without auto-exposing secrets. Fixes #55322. 💡 深度点评 这是针对 openclaw 2026.3.28 版本的深度技术点评： ...

🤖 Claude Code 更新 v2.1.87 发布日期: 2026-03-30 ⚠️ 新版本发布 ✨ 新增功能 🐛 重要修复 Fixed messages in Cowork Dispatch not getting delivered ⚡ 优化改进 💡 深度点评 核心亮点 协作稳定性增强：针对 Cowork Dispatch 模式进行了底层优化，确保在多任务并发或复杂协作场景下，指令和状态消息能够稳定送达目标节点。 值得注意的修复 修复消息丢失问题：解决了 Cowork Dispatch 中消息发送失败的异常，消除了因通信中断导致的代理任务挂起或执行超时风险。 个人评价 Claude Code v2.1.87 是一个专注于系统健壮性的维护版本。本次更新精准修复了 Cowork Dispatch 这一协作核心模块的通信缺陷，对提升大规模自动化任务的成功率具有实际意义。虽然该版本未引入交互层面的新特性，但底层通信逻辑的加固，是工具走向工程化生产环境的必要保障。对于依赖多代理协作流程的用户，这是一个建议升级的稳定性补丁。 数据来源: 官方 CHANGELOG Generated by OpenClaw at 2026-03-30 08:00:30

🔧 Openclaw 更新 2026.3.28-beta.1 发布日期: 2026-03-29 ⚠️ 新版本发布 Breaking Providers/Qwen: remove the deprecated qwen-portal-auth OAuth integration for portal.qwen.ai; migrate to Model Studio with openclaw onboard --auth-choice modelstudio-api-key. (#52709) Thanks @pomelo-nwu. Config/Doctor: drop automatic config migrations older than two months; very old legacy keys now fail validation instead of being rewritten on load or by openclaw doctor. Changes xAI/tools: move the bundled xAI provider to the Responses API, add first-class x_search, and auto-enable the xAI plugin from owned web-search and tool config so bundled Grok auth/configured search flows work without manual plugin toggles. (#56048) Thanks @huntharo. MiniMax: add image generation provider for image-01 model, supporting generate and image-to-image editing with aspect ratio control. (#54487) Thanks @liyuan97. Plugins/hooks: add async requireApproval to before_tool_call hooks, letting plugins pause tool execution and prompt the user for approval via the exec approval overlay, Telegram buttons, Discord interactions, or the /approve command on any channel. The /approve command now handles both exec and plugin approvals with automatic fallback. (#55339) Thanks @vaclavbelak and @joshavant. ACP/channels: add current-conversation ACP binds for Discord, BlueBubbles, and iMessage so /acp spawn codex --bind here can turn the current chat into a Codex-backed workspace without creating a child thread, and document the distinction between chat surface, ACP session, and runtime workspace. OpenAI/apply_patch: enable apply_patch by default for OpenAI and OpenAI Codex models, and align its sandbox policy access with write permissions. Plugins/CLI backends: move bundled Claude CLI, Codex CLI, and Gemini CLI inference defaults onto the plugin surface, add bundled Gemini CLI backend support, and replace gateway run --claude-cli-logs with generic --cli-backend-logs while keeping the old flag as a compatibility alias. Plugins/startup: auto-load bundled provider and CLI-backend plugins from explicit config refs, so bundled Claude CLI, Codex CLI, and Gemini CLI message-provider setups no longer need manual plugins.allow entries. Podman: simplify the container setup around the current rootless user, install the launch helper under ~/.local/bin, and document the host-CLI openclaw --container <name> ... workflow instead of a dedicated openclaw service user. Slack/tool actions: add an explicit upload-file Slack action that routes file uploads through the existing Slack upload transport, with optional filename/title/comment overrides for channels and DMs. Message actions/files: start unifying file-first sends on the canonical upload-file action by adding explicit support for Microsoft Teams and Google Chat, and by exposing BlueBubbles file sends through upload-file while keeping the legacy sendAttachment alias. Plugins/Matrix TTS: send auto-TTS replies as native Matrix voice bubbles instead of generic audio attachments. (#37080) thanks @Matthew19990919. CLI: add openclaw config schema to print the generated JSON schema for openclaw.json. (#54523) Thanks @kvokka. Fixes Agents/Anthropic: recover unhandled provider stop reasons (e.g. sensitive) as structured assistant errors instead of crashing the agent run. (#56639) Google/models: resolve Gemini 3.1 pro, flash, and flash-lite for all Google provider aliases by passing the actual runtime provider ID and adding a template-provider fallback; fix flash-lite prefix ordering. (#56567) OpenAI Codex/image tools: register Codex for media understanding and route image prompts through Codex instructions so image analysis no longer fails on missing provider registration or missing instructions. (#54829) Thanks @neeravmakwana. Agents/image tool: restore the generic image-runtime fallback when no provider-specific media-understanding provider is registered, so image analysis works again for providers like openrouter and minimax-portal. (#54858) Thanks @MonkeyLeeT. WhatsApp: fix infinite echo loop in self-chat DM mode where the bot’s own outbound replies were re-processed as new inbound user messages. (#54570) Thanks @joelnishanth Telegram/splitting: replace proportional text estimate with verified HTML-length search so long messages split at word boundaries instead of mid-word; gracefully degrade when tag overhead exceeds the limit. (#56595) Telegram/delivery: skip whitespace-only and hook-blanked text replies in bot delivery to prevent GrammyError 400 empty-text crashes. (#56620) Telegram/send: validate replyToMessageId at all four API sinks with a shared normalizer that rejects non-numeric, NaN, and mixed-content strings. (#56587) Mistral: normalize OpenAI-compatible request flags so official Mistral API runs no longer fail with remaining 422 status code (no body) chat errors. Control UI/config: keep sensitive raw config hidden by default, replace the blank blocked editor with an explicit reveal-to-edit state, and restore raw JSON editing without auto-exposing secrets. Fixes #55322. CLI/zsh: defer compdef registration until compinit is available so zsh completion loads cleanly with plugin managers and manual setups. (#56555) BlueBubbles/debounce: guard debounce flush against null message text by sanitizing at the enqueue boundary and adding an independent combiner guard. (#56573) 💡 深度点评 OpenClaw 2026.3.28-beta.1 版本发布，这次更新在架构一致性和交互安全性上迈出了重要一步。以下是针对该版本的深度点评： ...

🤖 Claude Code 更新 v2.1.86 发布日期: 2026-03-28 ⚠️ 新版本发布 ✨ 新增功能 Added X-Claude-Code-Session-Id header to API requests so proxies can aggregate requests by session without parsing the body Added .jj and .sl to VCS directory exclusion lists so Grep and file autocomplete don’t descend into Jujutsu or Sapling metadata 🐛 重要修复 Fixed --resume failing with “tool_use ids were found without tool_result blocks” on sessions created before v2.1.85 Fixed Write/Edit/Read failing on files outside the project root (e.g., ~/.claude/CLAUDE.md) when conditional skills or rules are configured Fixed unnecessary config disk writes on every skill invocation that could cause performance issues and config corruption on Windows Fixed potential out-of-memory crash when using /feedback on very long sessions with large transcript files Fixed --bare mode dropping MCP tools in interactive sessions and silently discarding messages enqueued mid-turn Fixed the c shortcut copying only ~20 characters of the OAuth login URL instead of the full URL Fixed masked input (e.g., OAuth code paste) leaking the start of the token when wrapping across multiple lines on narrow terminals Fixed official marketplace plugin scripts failing with “Permission denied” on macOS/Linux since v2.1.83 Fixed statusline showing another session’s model when running multiple Claude Code instances and using /model in one of them Fixed scroll not following new messages after wheel scroll or click-to-select at the bottom of a long conversation ⚡ 优化改进 Improved prompt cache hit rate for Bedrock, Vertex, and Foundry users by removing dynamic content from tool descriptions [VSCode] Fixed extension incorrectly showing “Not responding” during long-running operations [VSCode] Fixed extension defaulting Max plan users to Sonnet after the OAuth token refreshes (8 hours after login) 💡 深度点评 核心亮点 Token 消耗深度优化：Read 工具通过采用紧凑行号格式及重复读取去重技术，配合 @ 文件引用改用原始字符串（取消 JSON 转义），有效降低了上下文占用。 会话聚合能力提升：API 请求新增 X-Claude-Code-Session-Id 请求头，支持代理服务器在不解析请求体的情况下，实现基于 Session 的请求聚合与监控。 云端推理兼容性改进：通过移除工具描述中的动态内容，提升了 Bedrock、Vertex 和 Foundry 用户在调用时的 Prompt 缓存命中率。 值得注意的修复 跨目录文件操作：修复了在配置特定规则时，无法编辑或读取项目根目录外文件（如 ~/.claude/CLAUDE.md）的权限限制问题。 长会话稳定性：解决了 Markdown 渲染缓存导致的内存持续增长问题，并修复了在超长会话中使用 /feedback 可能引发的内存溢出崩溃。 个人评价 v2.1.86 版本是一次侧重于「工业级稳定性」和「成本控制」的迭代。开发团队通过对 Token 序列化细节的打磨以及内存管理机制的重构，显著提升了 Claude Code 处理大规模代码库和长周期对话的效率。此外，针对 Bedrock 等云端平台缓存命中率的优化，反映了该工具正在持续加强对企业级开发环境的适配能力。 ...

🤖 Claude Code 更新 v2.1.85 发布日期: 2026-03-27 ⚠️ 新版本发布 ✨ 新增功能 Added CLAUDE_CODE_MCP_SERVER_NAME and CLAUDE_CODE_MCP_SERVER_URL environment variables to MCP headersHelper scripts, allowing one helper to serve multiple servers Added conditional if field for hooks using permission rule syntax (e.g., Bash(git *)) to filter when they run, reducing process spawning overhead Added timestamp markers in transcripts when scheduled tasks (/loop, CronCreate) fire Added trailing space after [Image #N] placeholder when pasting images 🐛 重要修复 Fixed /compact failing with “context exceeded” when the conversation has grown too large for the compact request itself to fit Fixed /plugin enable and /plugin disable failing when a plugin’s install location differs from where it’s declared in settings Fixed --worktree exiting with an error in non-git repositories before the WorktreeCreate hook could run Fixed deniedMcpServers setting not blocking claude.ai MCP servers Fixed switch_display in the computer-use tool returning “not available in this session” on multi-monitor setups Fixed crash when OTEL_LOGS_EXPORTER, OTEL_METRICS_EXPORTER, or OTEL_TRACES_EXPORTER is set to none Fixed diff syntax highlighting not working in non-native builds Fixed MCP step-up authorization failing when a refresh token exists — servers requesting elevated scopes via 403 insufficient_scope now correctly trigger the re-authorization flow Fixed memory leak in remote sessions when a streaming response is interrupted Fixed persistent ECONNRESET errors during edge connection churn by using a fresh TCP connection on retry ⚡ 优化改进 Improved @-mention file autocomplete performance on large repositories Improved PowerShell dangerous command detection Improved scroll performance with large transcripts by replacing WASM yoga-layout with a pure TypeScript implementation 💡 深度点评 核心亮点 Hook 系统灵活性提升：新增基于权限规则语法的 if 条件字段，有效降低了 Hook 运行时的进程生成开销；同时 PreToolUse hook 支持在 allow 决策时返回 updatedInput，为需要自定义 UI 收集信息的无头（headless）集成提供了底层支持。 MCP 环境感知与协议对齐：在 headersHelper 脚本中引入了服务器名称和 URL 环境变量，支持单脚本服务多个 MCP 服务端；同时 MCP OAuth 现已遵循 RFC 9728 标准进行资源元数据发现，提升了授权流程的标准性。 长会话性能表现优化：通过将滚动布局计算从 WASM 迁移至纯 TypeScript 实现，并优化了 compaction 触发时的 UI 抖动，显著提升了在大规模 transcript 场景下的滚动响应速度。 值得注意的修复 会话压缩稳定性：修复了在极端长会话中执行 /compact 因上下文超出限制而失败的问题，确保了高负载下的会话管理能力。 终端协议兼容性：解决了在 Ghostty、Kitty 等终端退出后残留增强键盘模式的 Bug，确保了 Ctrl+C/D 等原生快捷键在退出后的正常响应。 个人评价 Claude Code v2.1.85 版本并未追求视觉上的大幅变动，而是专注于 Hook 系统的精细化控制与 MCP 扩展协议的深度打磨。特别是对无头集成模式的增强和对大仓库 @-mention 性能的优化，显示出该工具正在向更复杂的工业级开发场景演进。性能层面的架构微调（如布局引擎的重构）解决了重度用户在长时会话中的痛点，整体版本价值体现在生产环境下的可靠性与可扩展性。 ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-26 📋 版本维护 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 以下是对 Codex Rust-v0.116.0 版本的技术点评： ...

🔧 Openclaw 更新 2026.3.24 发布日期: 2026-03-26 ⚠️ 新版本发布 Changes Gateway/OpenAI compatibility: add /v1/models and /v1/embeddings, and forward explicit model overrides through /v1/chat/completions and /v1/responses for broader client and RAG compatibility. Thanks @vincentkoc. Agents/tools: make /tools show the tools the current agent can actually use right now, add a compact default view with an optional detailed mode, and add a live “Available Right Now” section in the Control UI so it is easier to see what will work before you ask. Microsoft Teams: migrate to the official Teams SDK and add AI-agent UX best practices including streaming 1:1 replies, welcome cards with prompt starters, feedback/reflection, informative status updates, typing indicators, and native AI labeling. (#51808) Microsoft Teams: add message edit and delete support for sent messages, including in-thread fallbacks when no explicit target is provided. (#49925) Skills/install metadata: add one-click install recipes to bundled skills (coding-agent, gh-issues, openai-whisper-api, session-logs, tmux, trello, weather) so the CLI and Control UI can offer dependency installation when requirements are missing. (#53411) Thanks @BunsDev. Control UI/skills: add status-filter tabs (All / Ready / Needs Setup / Disabled) with counts, replace inline skill cards with a click-to-detail dialog showing requirements, toggle switch, install action, API key entry, source metadata, and homepage link. (#53411) Thanks @BunsDev. Slack/interactive replies: restore rich reply parity for direct deliveries, auto-render simple trailing Options: lines as buttons/selects, improve Slack interactive setup defaults, and isolate reply controls from plugin interactive handlers. (#53389) Thanks @vincentkoc. CLI/containers: add --container and OPENCLAW_CONTAINER to run openclaw commands inside a running Docker or Podman OpenClaw container. (#52651) Thanks @sallyom. Discord/auto threads: add optional autoThreadName: "generated" naming so new auto-created threads can be renamed asynchronously with concise LLM-generated titles while keeping the existing message-based naming as the default. (#43366) Thanks @davidguttman. Plugins/hooks: add before_dispatch with canonical inbound metadata and route handled replies through the normal final-delivery path, preserving TTS and routed delivery semantics. (#50444) Thanks @gfzhx. Control UI/agents: convert agent workspace file rows to expandable <details> with lazy-loaded inline markdown preview, and add comprehensive .sidebar-markdown styles for headings, lists, code blocks, tables, blockquotes, and details/summary elements. (#53411) Thanks @BunsDev. Control UI/markdown preview: restyle the agent workspace file preview dialog with a frosted backdrop, sized panel, and styled header, and integrate @create-markdown/preview v2 system theme for rich markdown rendering (headings, tables, code blocks, callouts, blockquotes) that auto-adapts to the app’s light/dark design tokens. (#53411) Thanks @BunsDev. Fixes Outbound media/local files: align outbound media access with the configured fs policy so host-local files and inbound-media paths keep sending when workspaceOnly is off, while strict workspace-only agents remain sandboxed. Security/sandbox media dispatch: close the mediaUrl/fileUrl alias bypass so outbound tool and message actions cannot escape media-root restrictions. (#54034) Gateway/restart sentinel: wake the interrupted agent session via heartbeat after restart instead of only sending a best-effort restart note, retry outbound delivery once on transient failure, and preserve explicit thread/topic routing through the wake path so replies land in the correct Telegram topic or Slack thread. (#53940) Thanks @VACInc. Docker/setup: avoid the pre-start openclaw-cli shared-network namespace loop by routing setup-time onboard/config writes through openclaw-gateway, so fresh Docker installs stop failing before the gateway comes up. (#53385) Thanks @amsminn. Gateway/channels: keep channel startup sequential while isolating per-channel boot failures, so one broken channel no longer blocks later channels from starting. (#54215) Thanks @JonathanJing. Embedded runs/secrets: stop unresolved SecretRef config from crashing embedded agent runs by falling back to the resolved runtime snapshot when needed. Fixes #45838. WhatsApp/groups: track recent gateway-sent message IDs and suppress only matching group echoes, preserving owner /status, /new, and /activation commands from linked-account fromMe traffic. (#53624) Thanks @w-sss. WhatsApp/reply-to-bot detection: restore implicit group reply detection by unwrapping botInvokeMessage payloads and reading selfLid from creds.json, so reply-based mentions reach the bot again in linked-account group chats. Telegram/forum topics: recover #General topic 1 routing when Telegram omits forum metadata, including native commands, interactive callbacks, inbound message context, and fallback error replies. (#53699) thanks @huntharo Discord/gateway supervision: centralize gateway error handling behind a lifetime-owned supervisor so early, active, and late-teardown Carbon gateway errors stay classified consistently and stop surfacing as process-killing teardown crashes. Discord/timeouts: send a visible timeout reply when the inbound Discord worker times out before a final reply starts, including created auto-thread targets and queued-run ordering. (#53823) Thanks @Kimbo7870. ACP/direct chats: always deliver a terminal ACP result when final TTS does not yield audio, even if block text already streamed earlier, and skip redundant empty-text final synthesis. (#53692) Thanks @w-sss. 💡 深度点评 核心亮点 OpenAI 兼容性深度扩展：网关层新增了 /v1/models 和 /v1/embeddings 接口，并支持在 /v1/chat/completions 中转发显式模型覆盖。这一改进显著提升了 OpenClaw 与现有 RAG 框架及第三方 AI 客户端的生态兼容性，使其能更无缝地作为 OpenAI API 的替代或增强网关使用。 Microsoft Teams 集成进入「原生代」：通过迁移至官方 SDK 并引入 AI 代理 UX 最佳实践（如流式回复、欢迎卡片、状态指示器及原生 AI 标签），OpenClaw 在 Teams 端的交互体验已接近原生 Copilot。同时，新增的消息编辑/删除支持及线索内回退逻辑，补齐了企业级通讯场景下的功能短板。 技能（Skills）分发与安装流程重构：引入了一键安装配方（recipes）和更直观的元数据管理。Control UI 现在的技能卡片支持按状态过滤，并提供了包含依赖检查、API Key 引导及源码链接的详情对话框。这种「从 missing 到 needs setup」的话术转变及安装自动化，大幅降低了开发者配置 coding-agent 或 trello 等技能的门槛。 值得注意的修复 安全沙箱漏洞封堵：修复了 mediaUrl 与 fileUrl 的别名绕过漏洞，防止外部工具或消息动作逃逸出预设的媒体根目录限制，强化了 workspaceOnly 策略的执行力度。 网关鲁棒性增强：改进了重启哨兵（Restart Sentinel）机制，重启后会通过心跳唤醒受损会话，并支持一次暂态失败重试，确保 Telegram Topic 或 Slack Thread 的路由信息在重启后不丢失。 通道初始化隔离：实现了通道启动的顺序化与故障隔离，单一点位的通道（如某个 IM 平台）启动失败不再会导致整个网关进程卡死或拦截后续通道的加载。 个人评价 2026.3.24 版本标志着 OpenClaw 正在从「功能堆砌」向「工程标准化」转型。通过兼容 OpenAI Embedding 规范和重构技能安装工作流，它进一步弱化了底层设施的复杂感，强化了作为 Agent 中间件的属性。同时，针对 Teams、Slack、Telegram 等主流通道的细碎修复，反映出该项目在处理跨平台长连接会话稳定性方面已进入深度打磨期。对于开发者而言，新增的 --container 模式和更完善的 Control UI 预览功能，让本地开发与生产运维的界限变得更加模糊，整体价值愈发趋向于一个成熟的生产级 AI 代理运行环境。 ...

🤖 Claude Code 更新 v2.1.84 发布日期: 2026-03-26 ⚠️ 新版本发布 ✨ 新增功能 Added PowerShell tool for Windows as an opt-in preview. Learn more at https://code.claude.com/docs/en/tools-reference#powershell-tool Added ANTHROPIC_DEFAULT_{OPUS,SONNET,HAIKU}_MODEL_SUPPORTS env vars to override effort/thinking capability detection for pinned default models for 3p (Bedrock, Vertex, Foundry), and _MODEL_NAME/_DESCRIPTION to customize the /model picker label Added CLAUDE_STREAM_IDLE_TIMEOUT_MS env var to configure the streaming idle watchdog threshold (default 90s) Added TaskCreated hook that fires when a task is created via TaskCreate Added WorktreeCreate hook support for type: "http" — return the created worktree path via hookSpecificOutput.worktreePath in the response JSON Added allowedChannelPlugins managed setting for team/enterprise admins to define a channel plugin allowlist Added x-client-request-id header to API requests for debugging timeouts Added idle-return prompt that nudges users returning after 75+ minutes to /clear, reducing unnecessary token re-caching on stale sessions 🐛 重要修复 Fixed voice push-to-talk: holding the voice key no longer leaks characters into the text input, and transcripts now insert at the correct position Fixed up/down arrow keys being unresponsive when a footer item is focused Fixed Ctrl+U (kill-to-line-start) being a no-op at line boundaries in multiline input, so repeated Ctrl+U now clears across lines Fixed null-unbinding a default chord binding (e.g. "ctrl+x ctrl+k": null) still entering chord-wait mode instead of freeing the prefix key Fixed mouse events inserting literal “mouse” text into transcript search input Fixed workflow subagents failing with API 400 when the outer session uses --json-schema and the subagent also specifies a schema Fixed missing background color behind certain emoji in user message bubbles on some terminals Fixed the “allow Claude to edit its own settings for this session” permission option not sticking for users with Edit(.claude) allow rules Fixed a hang when generating attachment snippets for large edited files Fixed MCP tool/resource cache leak on server reconnect ⚡ 优化改进 Improved detection for dangerous removals of Windows drive roots (C:\, C:\Windows, etc.) Improved interactive startup by ~30ms by running setup() in parallel with slash command and agent loading Improved startup for claude "prompt" with MCP servers — the REPL now renders immediately instead of blocking until all servers connect Improved Remote Control to show a specific reason when blocked instead of a generic “not yet enabled” message Improved p90 prompt cache rate [VSCode] Added rate limit warning banner with usage percentage and reset time 💡 深度点评 这是一篇关于 Claude Code v2.1.84 更新内容的深度点评。 ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-25 📋 版本维护 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 Opening authentication page in your browser. Do you want to continue? [Y/n]: ...

🤖 Claude Code 更新 v2.1.81 发布日期: 2026-03-25 📋 版本维护 ✨ 新增功能 Added --bare flag for scripted -p calls — skips hooks, LSP, plugin sync, and skill directory walks; requires ANTHROPIC_API_KEY or an apiKeyHelper via --settings (OAuth and keychain auth disabled); auto-memory fully disabled Added --channels permission relay — channel servers that declare the permission capability can forward tool approval prompts to your phone 🐛 重要修复 Fixed multiple concurrent Claude Code sessions requiring repeated re-authentication when one session refreshes its OAuth token Fixed voice mode silently swallowing retry failures and showing a misleading “check your network” message instead of the actual error Fixed voice mode audio not recovering when the server silently drops the WebSocket connection Fixed CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS not suppressing the structured-outputs beta header, causing 400 errors on proxy gateways forwarding to Vertex/Bedrock Fixed --channels bypass for Team/Enterprise orgs with no other managed settings configured Fixed a crash on Node.js 18 Fixed unnecessary permission prompts for Bash commands containing dashes in strings Fixed plugin hooks blocking prompt submission when the plugin directory is deleted mid-session Fixed a race condition where background agent task output could hang indefinitely when the task completed between polling intervals Fixed /btw not including pasted text when used during an active response ⚡ 优化改进 Improved MCP read/search tool calls to collapse into a single “Queried {server}” line (expand with Ctrl+O) Improved ! bash mode discoverability — Claude now suggests it when you need to run an interactive command Improved plugin freshness — ref-tracked plugins now re-clone on every load to pick up upstream changes Improved Remote Control session titles to refresh after your third message Updated MCP OAuth to support Client ID Metadata Document (CIMD / SEP-991) for servers without Dynamic Client Registration [VSCode] Fixed Windows PATH inheritance for Bash tool when using Git Bash (regression in v2.1.78) 💡 深度点评 Opening authentication page in your browser. Do you want to continue? [Y/n]: ...

🤖 Claude Code 更新 v2.1.81 发布日期: 2026-03-24 📋 版本维护 ✨ 新增功能 Added --bare flag for scripted -p calls — skips hooks, LSP, plugin sync, and skill directory walks; requires ANTHROPIC_API_KEY or an apiKeyHelper via --settings (OAuth and keychain auth disabled); auto-memory fully disabled Added --channels permission relay — channel servers that declare the permission capability can forward tool approval prompts to your phone 🐛 重要修复 Fixed multiple concurrent Claude Code sessions requiring repeated re-authentication when one session refreshes its OAuth token Fixed voice mode silently swallowing retry failures and showing a misleading “check your network” message instead of the actual error Fixed voice mode audio not recovering when the server silently drops the WebSocket connection Fixed CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS not suppressing the structured-outputs beta header, causing 400 errors on proxy gateways forwarding to Vertex/Bedrock Fixed --channels bypass for Team/Enterprise orgs with no other managed settings configured Fixed a crash on Node.js 18 Fixed unnecessary permission prompts for Bash commands containing dashes in strings Fixed plugin hooks blocking prompt submission when the plugin directory is deleted mid-session Fixed a race condition where background agent task output could hang indefinitely when the task completed between polling intervals Fixed /btw not including pasted text when used during an active response ⚡ 优化改进 Improved MCP read/search tool calls to collapse into a single “Queried {server}” line (expand with Ctrl+O) Improved ! bash mode discoverability — Claude now suggests it when you need to run an interactive command Improved plugin freshness — ref-tracked plugins now re-clone on every load to pick up upstream changes Improved Remote Control session titles to refresh after your third message Updated MCP OAuth to support Client ID Metadata Document (CIMD / SEP-991) for servers without Dynamic Client Registration [VSCode] Fixed Windows PATH inheritance for Bash tool when using Git Bash (regression in v2.1.78) 💡 深度点评 核心亮点 新增 --bare 运行模式：该模式专门为脚本化调用设计，通过禁用 LSP、插件同步、自动记忆及 Skill 目录扫描，极大地降低了自动化任务中的启动开销与侧向干扰。 --channels 权限中继：支持将工具执行的审批提示转发至移动设备，解决了远程会话或后台任务中开发者无法实时响应授权的问题。 终端交互体验优化：改进了 MCP 工具调用的显示逻辑，将冗长的读取与搜索操作折叠为单行摘要，并增强了 ! Bash 交互模式的可发现性。 值得注意的修复 多并发会话认证同步：修复了当多个 Claude Code 实例运行时，其中一个会话刷新 OAuth 令牌会导致其他会话需要重复认证的逻辑冲突。 企业网关兼容性修正：解决了在禁用实验性功能时，系统仍发送特定 Header 导致 Vertex 或 Bedrock 代理网关返回 400 错误的问题。 个人评价 v2.1.81 版本展现了 Claude Code 从「交互式助手」向「生产力工具链」演进的趋势。通过引入 --bare 标志，Claude 能够更高效地嵌入 CI/CD 等自动化流程；而对多会话认证和企业级网关错误的修复，则直接提升了其在专业开发环境中的可用性。整体而言，这是一个侧重于流程集成、多端协作与运行稳定性打磨的关键版本，为复杂工程场景下的部署提供了更扎实的基础。 ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-23 📋 版本维护 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 核心亮点 Prompt 拦截与预处理钩子（userpromptsubmit） 新版本引入了 userpromptsubmit 钩子，允许在 Prompt 正式执行以及进入历史记录之前对其进行拦截、阻断或增强。这一特性为开发者提供了极高的灵活度，可用于在输入阶段动态注入上下文、实施安全过滤或进行自定义的格式化处理。 插件生态体验闭环 插件系统的自动化程度显著提升。Codex 现在支持自动提示安装缺失的插件或连接器，并引入了远程状态同步功能（针对安装/卸载操作）。配合新支持的建议白名单（suggestion allowlist），大幅降低了多端环境下插件配置的一致性维护成本。 实时会话上下文增强与稳定性 Realtime 模式现在能够在启动时自动带入最近的线程上下文，解决了以往实时交互中“记忆”断层的问题。此外，通过优化音频播放期间的逻辑，减少了自中断现象，提升了语音交互的连贯性。 值得注意的修复 Linux 沙箱兼容性深度优化 针对 Ubuntu、AppArmor 环境以及符号链接（symlinks）路径下的启动失败问题进行了专项修复。通过优先调用系统自带的 bwrap 以及优化写权限根目录的处理，显著提升了 Linux 环境下隔离运行的稳定性。 消除首轮交互延迟 修复了由于 Websocket 预热（prewarm）导致的 turn/start 挂起问题。现在启动过程具备更清晰的超时退避机制，确保在预热失败时能快速回退，避免用户感知的卡顿。 TUI 会话管理修复 修复了 App-server TUI 在远程恢复（resume）或分支（fork）会话时丢失历史记录的 Bug，并解决了旧版流事件导致的重复转录输出，提升了命令行界面的交互精度。 个人评价 v0.116.0 版本展现了从“工具”向“平台”演进的明确趋势。通过开放 userpromptsubmit 钩子和完善插件远程同步，Codex 正在强化其作为开发工作流底层的可扩展性。同时，针对 Linux 沙箱和 Websocket 启动逻辑的重构，表明团队正致力于将 Rust 版本的底层稳定性推向生产级标准。整体来看，这是一个侧重于架构稳固与开发者控制力的关键增量版本。 ...

🔧 Openclaw 更新 2026.3.13 发布日期: 2026-03-23 📋 版本维护 Changes Android/chat settings: redesign the chat settings sheet with grouped device and media sections, refresh the Connect and Voice tabs, and tighten the chat composer/session header for a denser mobile layout. (#44894) Thanks @obviyus. iOS/onboarding: add a first-run welcome pager before gateway setup, stop auto-opening the QR scanner, and show /pair qr instructions on the connect step. (#45054) Thanks @ngutman. Browser/existing-session: add an official Chrome DevTools MCP attach mode for signed-in live Chrome sessions, with docs for chrome://inspect/#remote-debugging enablement and direct backlinks to Chrome’s own setup guides. Browser/agents: add built-in profile="user" for the logged-in host browser and profile="chrome-relay" for the extension relay, so agent browser calls can prefer the real signed-in browser without the extra browserSession selector. Browser/act automation: add batched actions, selector targeting, and delayed clicks for browser act requests with normalized batch dispatch. Thanks @vincentkoc. Docker/timezone override: add OPENCLAW_TZ so docker-setup.sh can pin gateway and CLI containers to a chosen IANA timezone instead of inheriting the daemon default. (#34119) Thanks @Lanfei. Dependencies/pi: bump @mariozechner/pi-agent-core, @mariozechner/pi-ai, @mariozechner/pi-coding-agent, and @mariozechner/pi-tui to 0.58.0. Cron/sessions: add sessionTarget: "current" and session:<id> support so cron jobs can bind to the creating session or a persistent named session instead of only main or isolated. Thanks @kkhomej33-netizen and @ImLukeF. Telegram/message send: add --force-document so Telegram image and GIF sends can upload as documents without compression. (#45111) Thanks @thepagent. Fixes Dashboard/chat UI: stop reloading full chat history on every live tool result in dashboard v2 so tool-heavy runs no longer trigger UI freeze/re-render storms while the final event still refreshes persisted history. (#45541) Thanks @BunsDev. Gateway/client requests: reject unanswered gateway RPC calls after a bounded timeout and clear their pending state, so stalled connections no longer leak hanging GatewayClient.request() promises indefinitely. Build/plugin-sdk bundling: bundle plugin-sdk subpath entries in one shared build pass so published packages stop duplicating shared chunks and avoid the recent plugin-sdk memory blow-up. (#45426) Thanks @TarasShyn. Ollama/reasoning visibility: stop promoting native thinking and reasoning fields into final assistant text so local reasoning models no longer leak internal thoughts in normal replies. (#45330) Thanks @xi7ang. Android/onboarding QR scan: switch setup QR scanning to Google Code Scanner so onboarding uses a more reliable scanner instead of the legacy embedded ZXing flow. (#45021) Thanks @obviyus. Browser/existing-session: harden driver validation and session lifecycle so transport errors trigger reconnects while tool-level errors preserve the session, and extract shared ARIA role sets to deduplicate Playwright and Chrome MCP snapshot paths. (#45682) Thanks @odysseus0. Browser/existing-session: accept text-only list_pages and new_page responses from Chrome DevTools MCP so live-session tab discovery and new-tab open flows keep working when the server omits structured page metadata. Control UI/insecure auth: preserve explicit shared token and password auth on plain-HTTP Control UI connects so LAN and reverse-proxy sessions no longer drop shared auth before the first WebSocket handshake. (#45088) Thanks @velvet-shark. Gateway/session reset: preserve lastAccountId and lastThreadId across gateway session resets so replies keep routing back to the same account and thread after /reset. (#44773) Thanks @Lanfei. macOS/onboarding: avoid self-restarting freshly bootstrapped launchd gateways and give new daemon installs longer to become healthy, so openclaw onboard --install-daemon no longer false-fails on slower Macs and fresh VM snapshots. Gateway/status: add openclaw gateway status --require-rpc and clearer Linux non-interactive daemon-install failure reporting so automation can fail hard on probe misses instead of treating a printed RPC error as green. macOS/exec approvals: respect per-agent exec approval settings in the gateway prompter, including allowlist fallback when the native prompt cannot be shown, so gateway-triggered system.run requests follow configured policy instead of always prompting or denying unexpectedly. (#13707) Thanks @sliekens. Breaking BREAKING: Agents now load at most one root memory bootstrap file. MEMORY.md wins; memory.md is only used when MEMORY.md is absent. If you intentionally kept both files and depended on both being injected, merge them before upgrade. This also fixes duplicate memory injection on case-insensitive Docker mounts. (#26054) Thanks @Lanfei. 💡 深度点评 这是一份关于 openclaw 2026.3.13 版本的深度技术点评。 ...