Seven releases across two projects, a memory subsystem that quietly stopped remembering anything, and one repo where the only activity is Dependabot talking to itself.
openclaw gets a memory that actually remembers — if the reflection bug doesn't eat it first
Active Memory, dreaming backfill, and a memory-wiki stack all landed this week — right alongside a filed issue that embedded reflection has been completely broken since April 3.
Seven days, seven releases, and the centerpiece is a new Active Memory plugin that spins up a dedicated memory sub-agent before every reply, pulling in preferences and past context without the user having to say "remember this." Pair that with the REM backfill lane that replays old daily notes into Dreams and durable memory, and @steipete's openclaw now has something approaching autobiographical continuity. The irony: issue reports confirm that memory-core embedded reflection generation has been falling back to minimal pointers since April 3, producing zero reflection files since April 8. The plumbing is beautiful; it's just been running dry. The v2026.4.10 and v2026.4.11-beta.1 releases shipped the Active Memory plugin, dreaming diary UI with timeline navigation, and a restored memory-wiki stack complete with claim-health linting and contradiction clustering — a genuinely ambitious knowledge graph, assuming the reflection pipeline gets unkilled.
summarize learns to extract slides from local video files — not just URLs
The `--slides` flag now works on files sitting on your disk, not just remote URLs, closing a gap that made the feature useless for offline workflows.
The slide extraction pipeline in summarize was URL-only, which meant if you had a conference talk as an .mp4 on disk, you had to upload it somewhere first just to get the slides out. The v0.13.0 release (#149) routes local video files through the shared slide-aware flow, transcribes them directly, and kills the fake "Downloading audio" progress phase that made no sense for local files. The release also adds GitHub Copilot as a model provider (shorthand IDs like github-copilot/gpt-5.4, backed by GITHUB_TOKEN auth), OpenClaw as a configurable CLI backend (#165, thanks @yqf-ai), and configurable default summary length via output.length (#178, thanks @maciej). Forty-five commits across the week — @steipete was not idle here.
browser clicks could bypass the SSRF quarantine — until now
Interaction-driven navigations from click, evaluate, and hook flows weren't re-running blocked-destination checks, letting the browser land on forbidden URLs.
The browser safety model assumed that if a navigation started from a user interaction, it was trustworthy. It wasn't. Click, evaluate, hook-triggered click, and batched action flows could all land on forbidden URLs without tripping the SSRF quarantine, because blocked-destination checks only ran on the initial request, not after interaction-driven main-frame navigations. The v2026.4.9 release (#63226, thanks @eleqtrizit) re-runs those safety checks post-navigation. A companion fix (#62660, #62663) also blocks runtime-control and browser-control override env vars from untrusted workspace .env files — because letting an untrusted dotenv override your sandbox policy is the kind of thing that sounds obvious in retrospect and terrifying in a postmortem.
codexbar v0.20 stops double-counting your Claude bill (and adds Perplexity before you ask)
Cross-file subagent JSONL logs were inflating Claude token counts and costs — meanwhile Perplexity and multi-workspace Codex support quietly showed up.
If your Claude usage in codexbar looked suspiciously high, it was. Subagent JSONL logs were being counted across files, and streaming chunk deduplication wasn't catching duplicates, so token and cost figures were inflated — sometimes significantly. The v0.20 release (thanks @enzonaute for the investigation) fixes the double-counting and adds claude-sonnet-4-6 pricing. On the new-provider front, Perplexity lands with recurring, bonus, and purchased-credit tracking, Pro/Max plan detection, and browser-cookie auto-import (#449, thanks @BeelixGit). Codex itself gets multi-workspace account support with proper canonical identity reconciliation — meaning @steipete can finally switch between system accounts without the logout-login dance. Nineteen commits, five open PRs, and a filed issue noting that login state is "completely broken and persists across reinstalls." The menu bar giveth, the menu bar taketh away.
every bundled channel broke on npm install — Telegram was just the canary
Packaged builds tried to import missing `dist/extensions/*/src/*` files during gateway startup; the fix had to touch every single bundled channel.
The v2026.4.8 release reads like a patch note for one bug copy-pasted twelve times. Telegram's setup and secret contracts were loading through paths that didn't exist in packaged npm builds — dist/extensions/telegram/src/* was simply missing. The fix moves contract loading to packaged top-level sidecars. Then someone looked sideways and realized the same bug existed in BlueBubbles, Feishu, Google Chat, IRC, Matrix, Mattermost, Microsoft Teams, Nextcloud Talk, Slack, and Zalo. Every single bundled channel, broken on install, fixed in one release. The kind of bug where the root cause is trivial and the blast radius is embarrassing.
openclaw ships video and music generation — and breaks its own config in the same release
Built-in `video_generate` and `music_generate` tools with bundled Google Lyria and ComfyUI providers arrived alongside a breaking config migration that removes legacy aliases.
The v2026.4.5 release is the kind of drop that makes you read the changelog twice. On one hand: agents can now generate video and music natively, with auto-fallback across providers, intent preservation during provider switches, and aspect-ratio remapping. ComfyUI gets a bundled workflow media plugin. Qwen, Fireworks AI, StepFun, MiniMax TTS, and Amazon Bedrock all land as first-class providers (#61296, thanks @wirjo). On the other hand: legacy config aliases like talk.voiceId, browser.ssrfPolicy.allowPrivateNetwork, and channel allow toggles are gone (#60726, thanks @vincentkoc). There's openclaw doctor --fix migration support, but if you're running openclaw in production and you auto-update — well, hope you read the breaking section first. Narrator: they didn't.
the new `openclaw infer` CLI wants to be your inference Swiss Army knife
A first-class inference hub for model, media, web, and embedding tasks landed in v2026.4.7 — alongside pluggable compaction and session branch/restore.
Rather than bolting inference workflows onto existing subcommands, the v2026.4.7 release (thanks @Takhoffman) adds openclaw infer as a dedicated hub for provider-backed inference across model, media, web, and embedding tasks. The same release ships pluggable compaction providers (#56224, thanks @DhruvBhatia0) — meaning you can swap out the built-in LLM summarization pipeline entirely, with automatic fallback if your replacement fails — and persisted compaction checkpoints with session branch/restore actions (#62146, thanks @scoootscooob) so operators can inspect and recover pre-compaction state. For a project pushing 100 commits this week, @steipete's openclaw is accumulating surface area at a rate that makes the config-breaking migration in v2026.4.5 look almost inevitable.
-
CodexBar
Show usage stats for OpenAI Codex and Claude Code, without having to login.19 commits · 1 release · ★ 10463
-
summarize
Point at any URL/YouTube/Podcast or file. Get the gist. CLI and Chrome Extension.45 commits · 1 release · ★ 5546
-
SOUL.md
Website for SOUL.md1 commits · 0 releases · ★ 21
-
homebrew-tap
Homebrew tap for steipete's tools1 commits · 0 releases · ★ 71
-
birdclaw
Stores all your tweets nicely claw-able for agents.1 commits · 0 releases · ★ 160
-
openclaw
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞100 commits · 7 releases · ★ 354799
-
opendaw
100 commits · 0 releases · ★ 0
-
openclaw
100 commits · 0 releases · ★ 0