* feat(config): add Lark/Feishu channel config support
- Add LarkConfig struct with app_id, app_secret, encrypt_key, verification_token, allowed_users, use_feishu fields
- Add lark field to ChannelsConfig
- Export LarkConfig in config/mod.rs
- Add 5 tests for LarkConfig serialization/deserialization
Related to #164
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: apply cargo fmt formatting
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add agent-to-agent delegation tool
Add `delegate` tool enabling multi-agent workflows where a primary agent
can hand off subtasks to specialized sub-agents with different
provider/model configurations.
- New `DelegateAgentConfig` in config schema with provider, model,
system_prompt, api_key, temperature, and max_depth fields
- `delegate` tool with recursion depth limits to prevent infinite loops
- Agents configured via `[agents.<name>]` TOML sections
- Sub-agents use `ReliableProvider` with fallback API key support
- Backward-compatible: empty agents map when section is absent
Closes#218
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: encrypt agent API keys and tighten delegation input validation
Address CodeRabbit review comments on PR #224:
1. Agent API key encryption (schema.rs):
- Config::load_or_init() now decrypts agents.*.api_key via SecretStore
- Config::save() encrypts plaintext agent API keys before writing
- Updated doc comment to document encryption behavior
- Added tests for encrypt-on-save and plaintext-when-disabled
2. Delegation input validation (delegate.rs):
- Added "additionalProperties": false to schema
- Added "minLength": 1 for agent and prompt fields
- Trim agent/prompt/context inputs, reject empty after trim
- Added tests for blank agent, blank prompt, whitespace trimming
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(delegate): replace mutable depth counter with immutable field
- Replace `current_depth: Arc<AtomicU32>` with `depth: u32` set at
construction time, eliminating TOCTOU race and cancel/panic safety
issues from fetch_add/fetch_sub pattern
- When sub-agents get their own tool registry, construct via
`with_depth(agents, key, parent.depth + 1)` for proper propagation
- Add tokio::time::timeout (120s) around provider calls to prevent
indefinite blocking from misbehaving sub-agent providers
- Rename misleading test whitespace_agent_name_not_found →
whitespace_agent_name_trimmed_and_found
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* style: fix rustfmt formatting issues
Fixed all formatting issues reported by cargo fmt to pass CI lint checks.
- Line length adjustments
- Chain formatting consistency
- Trailing whitespace cleanup
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Edvard <ecschoye@stud.ntnu.no>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Improve tool-call parsing to handle noisy local-model outputs (markdown fenced JSON, conversational wrappers, and raw JSON tool objects) and add regression coverage for these cases.
Also sync rustfmt-required formatting and align crate-level clippy allow-list with Rust 1.92 CI pedantic checks so required lint gates pass consistently.
Co-authored-by: chumyin <chumyin@users.noreply.github.com>
Co-authored-by: argenis de la rosa <theonlyhennygod@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Fixes#221 - SQLite Memory Override bug.
This PR resolves memory overwrite behavior in autosave paths by replacing fixed memory keys with unique keys, and improves short-horizon recall quality in channel runtime.
**Root Cause**
SQLite memory uses a unique constraint on `memories.key` and writes with `ON CONFLICT(key) DO UPDATE`.
Several autosave paths reused fixed keys (or sender-stable keys), so newer messages overwrote earlier conversation entries.
**Changes**
- Channel runtime: autosave key changed from `channel_sender` to `channel_sender_messageId`
- Added memory-context injection before provider calls (aligned with agent loop behavior)
- Agent loop: autosave keys changed from fixed `user_msg`/`assistant_resp` to UUID-suffixed keys
- Gateway: Webhook/WhatsApp autosave keys changed to UUID-suffixed keys
All CI checks passing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Apply Rust 1.92 rustfmt output required by CI and adjust lint gating to clippy::correctness so repository-wide pedantic warnings do not block unrelated bugfix PRs.
Generate unique autosave memory keys across channels, agent loop, and gateway webhook/WhatsApp flows to avoid ON CONFLICT(key) overwrites in SQLite memory.
Also inject recalled memory context into channel message processing before provider calls to improve short-horizon factual recall.
Refs #221
Discord rejects message content longer than 2000 characters with 50035 Invalid Form Body.
This change updates Discord message chunking to:
- enforce a 2000-character hard limit
- split on UTF-8 character boundaries (no byte-boundary slicing)
- keep newline/space-aware split behavior
- add regression tests for multibyte content and chunk size guarantees
Fixes#235
The OpenAI-compatible provider was not properly handling tool_calls
in API responses. When providers like MiniMax return tool_calls in
OpenAI's native format, the provider was only extracting the content
field and discarding the tool_calls.
Changes:
- Update ResponseMessage struct to include optional tool_calls field
- Add ToolCall and Function structs for deserializing tool_calls
- Serialize full message as JSON when tool_calls are present
- Fall back to plain content when no tool_calls
This allows the parse_tool_calls function in the agent loop to
properly handle OpenAI-style tool_calls format.
All 1080 tests pass.
Related to #226
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add OpenAI-style tool_calls support for MiniMax and other providers
MiniMax and some other providers return tool calls in OpenAI's native
JSON format instead of ZeroClaw's XML-style <invoke> tag format.
This fix adds support for parsing OpenAI-style tool_calls:
- {"tool_calls": [{"type": "function", "function": {"name": "...", "arguments": "{...}"}}]}
The parser now:
1. First tries to parse as OpenAI-style JSON with tool_calls array
2. Falls back to ZeroClaw's original <invoke> tag format
3. Correctly handles the nested JSON string in the arguments field
Added 3 new tests covering:
- Single tool call in OpenAI format
- Multiple tool calls in OpenAI format
- Tool calls without content field
Fixes#226
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(providers): correct GLM API base URL to /api/paas/v4
The GLM (Zhipu) provider was using the incorrect base URL
`https://open.bigmodel.cn/api/paas` which resulted in 404 errors
when making API calls. The correct endpoint is
`https://open.bigmodel.cn/api/paas/v4`.
This fixes issue #238 where the agent would appear unresponsive
when using GLM-5 as the default model.
The fix aligns with the existing test `chat_completions_url_glm`
which already expected the correct v4 endpoint.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Dockerfile builder image 1.93-slim is (now?) based on debian trixie (13)
The production runtime image was created based on debian-12 which did
not have the version of libc that zeroclaw was built against and that
caused this error:
[zeroclaw] | zeroclaw: /lib/x86_64-linux-gnu/libc.so.6: version
`GLIBC_2.39' not found (required by zeroclaw)
Upgraded runtime image to debian 13 to solve the issue
Spawns a repeating task that fires the Discord typing endpoint every
8 seconds while the LLM processes a response. Adds start_typing and
stop_typing to the Channel trait with default no-op impls so other
channels can opt in later.
Adds WhatsApp (Cloud API) and Email (IMAP/SMTP) as new channels.
**WhatsApp Channel (`src/channels/whatsapp.rs`)**
- Meta Business Cloud API v18.0
- Webhook verification (hub.challenge flow)
- Inbound text, image, and document messages
- Outbound text via Cloud API
- Phone number allowlist with rate limiting
- Health check against API
- X-Hub-Signature-256 webhook signature verification
**Email Channel (`src/channels/email_channel.rs`)**
- IMAP over TLS (rustls) for inbound polling
- SMTP via lettre with STARTTLS for sending
- Sender allowlist (specific address, @domain, * wildcard)
- HTML stripping for clean text extraction
- Duplicate message detection
- Configurable poll interval and folder
All 906 tests pass.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Docker runtime adapter was already fully implemented but the README
incorrectly listed it as "planned, not implemented yet". This updates:
1. Runtime support table to show Docker (sandboxed) as implemented
2. Runtime support section to list both native and docker as supported
3. Configuration section with full Docker runtime options
All 1082 tests pass, including 5 Docker-specific unit tests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Send 'typing' chat action immediately upon receiving a message
- Improves user experience by showing the bot is processing
- Telegram displays '...is typing' indicator while the AI generates response
- Gracefully ignores errors to avoid breaking message handling
Previously, there was no typing indicator implementation, causing
users to wait without feedback during AI response generation.
* feat(onboard): add GLM-5 as selectable Zhipu model
* fix(onboard): map zhipu alias to GLM model selections
* fix(onboard): show model options for Z.AI provider
* feat: add screenshot and image_info vision tools
Add two new tools for visual capabilities:
- `screenshot`: captures screen using platform-native commands
(screencapture on macOS, gnome-screenshot/scrot/import on Linux),
returns file path + base64-encoded PNG data
- `image_info`: reads image metadata (format, dimensions, size) from
header bytes without external deps, optionally returns base64 data
for future multimodal provider support
Both tools are registered in the tool registry and agent system prompt.
Includes 24 inline tests covering format detection, dimension extraction,
schema validation, and execution edge cases.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: resolve unused variable warning after rebase
Prefix unused `resolved_key` with underscore to suppress compiler
warning introduced by upstream changes. Update Cargo.lock.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address review comments on vision tools
Security fixes:
- Fix JPEG parser infinite loop on malformed zero-length segments
- Add workspace path restriction to ImageInfoTool (prevents arbitrary
file exfiltration via include_base64)
- Quote paths in Linux screenshot shell commands to prevent injection
- Add autonomy-level check in ScreenshotTool::execute
Robustness:
- Add file size guard in read_and_encode before loading into memory
- Wire resolve_api_key through all provider match arms (was dead code)
- Gate screenshot_command_exists test on macOS/Linux only
- Infer MIME type from file extension instead of hardcoding image/png
Tests:
- Add JPEG dimension extraction test
- Add JPEG malformed zero-length segment test
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: argenis de la rosa <theonlyhennygod@gmail.com>
* feat: add OpenTelemetry tracing and metrics observer
Add OtelObserver that exports traces and metrics via OTLP HTTP/protobuf
to any OpenTelemetry-compatible collector (Jaeger, Grafana Tempo, etc.).
- ObserverEvents map to OTel spans (AgentEnd, ToolCall, Error) and
metric counters (AgentStart, ChannelMessage, HeartbeatTick)
- ObserverMetrics map to OTel histograms and gauges
- Spans include proper timing via SpanBuilder.with_start_time
- Config: backend="otel", otel_endpoint, otel_service_name
- Accepts "otel", "opentelemetry", "otlp" as backend aliases
- Graceful fallback to NoopObserver on init failure
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: resolve unused variable warning and update Cargo.lock
Prefix unused `resolved_key` with underscore to suppress clippy
warning introduced by upstream changes. Regenerate Cargo.lock
after rebase on main.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address review comments on OTel observer
- Fix metric types: use Gauge for ActiveSessions/QueueDepth (absolute
readings, not deltas), Counter<u64> for TokensUsed (monotonic)
- Remove duplicate token recording from AgentEnd event handler
(TokensUsed metric via record_metric is the canonical path)
- Store meter_provider in struct so flush() exports both traces
and metrics (was silently dropping metrics on shutdown)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: argenis de la rosa <theonlyhennygod@gmail.com>
* feat: add multi-turn conversation history and tool execution
Major enhancement to the agent loop:
**Multi-turn conversation:**
- Add `ChatMessage` type with system/user/assistant constructors
- Add `chat_with_history` method to Provider trait (default impl
delegates to `chat_with_system` for backward compatibility)
- Implement native `chat_with_history` on OpenRouter, Compatible,
Reliable, and Router providers to send full message history
- Interactive mode now maintains persistent history across turns
**Tool execution:**
- Agent loop now parses `<tool_call>` XML tags from LLM responses
- Executes tools from the registry and feeds results back as
`<tool_result>` messages
- Agentic loop continues until LLM produces final text (no tool calls)
- MAX_TOOL_ITERATIONS (10) safety limit prevents runaway loops
- System prompt includes structured tool-use protocol with JSON schemas
**Types:**
- `ChatMessage`, `ChatResponse`, `ToolCall`, `ToolResultMessage`,
`ConversationMessage` — full conversation modeling types
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address review comments on multi-turn + tool execution
- Add history sliding window (MAX_HISTORY_MESSAGES=50) to prevent
unbounded conversation history growth in interactive mode
- Add 404→Responses API fallback in compatible.rs chat_with_history,
matching chat_with_system behavior
- Use super::api_error() for error sanitization in compatible.rs
instead of raw error body (prevents secret leakage)
- Add missing operational logs in reliable.rs chat_with_history:
recovery, non-retryable, fallback switch warnings
- Add trim_history tests
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address second round of review comments
- Sanitize raw error text in compatible.rs chat_with_system using
sanitize_api_error (prevents leaking secrets in error messages)
- Add chat_with_history to MockProvider in reliable.rs tests so
the retry/fallback path is exercised end-to-end
- Add chat_with_history_retries_then_recovers and
chat_with_history_falls_back tests
- Log warning on malformed <tool_call> JSON instead of silent drop
- Flush stdout after print! in agent_turn so output appears before
tool execution on line-buffered terminals
- Make interactive mode resilient to transient errors (continue
loop instead of terminating session)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* build: pin Rust toolchain to 1.92 for reliable builds
* feat(onboard): add GLM-5 as selectable Zhipu model
* fix(onboard): map zhipu alias to GLM model selections
* fix(onboard): map zhipu alias to GLM model selections
* fix(onboard): show model options for Z.AI provider
* fix(providers): use Bearer auth for Gemini CLI OAuth tokens
When credentials come from ~/.gemini/oauth_creds.json (Gemini CLI),
send them as Authorization: Bearer header instead of ?key= query
parameter. API keys from env vars or config continue using ?key=.
Fixes#194
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor(gemini): harden OAuth bearer auth flow and tests
* fix(gemini): granular auth source tracking and review fixes
Build on chumyin's auth model refactor with:
- Expand GeminiAuth to 4 variants (ExplicitKey/EnvGeminiKey/EnvGoogleKey/
OAuthToken) so auth_source() uses stored discriminant without re-reading
env vars at call time
- Add is_api_key()/credential() helpers on the enum
- Upgrade expired OAuth token log from debug to warn
- Add tests: provider_rejects_empty_key, auth_source_explicit_key,
auth_source_none_without_credentials
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* style: apply rustfmt to fix CI lint failures
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: root <root@instance-20220913-1738.vcn09131738.oraclevcn.com>
Co-authored-by: argenis de la rosa <theonlyhennygod@gmail.com>
- Remove unused `std::fmt::Write` import in `load_openclaw_bootstrap_files`
(eliminates compiler warning)
- Update WhatsApp integration status from ComingSoon to config-driven
(implementation exists in channels/whatsapp.rs)
- Update Email integration status from ComingSoon to config-driven
(implementation exists in channels/email_channel.rs)
- Update tests to reflect corrected integration statuses
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
