Releases: contextablemark/clawg-ui
Releases · contextablemark/clawg-ui
Release list
v0.6.4
0.6.4 (2026-04-17)
Changed
- Compat with OpenClaw 2026.4.16 plugin-sdk API:
upsertPairingRequestnow requiresaccountId— pass"default"to matchsrc/channel.ts.ChatTypeliteral"dm"renamed to"direct"forresolveAgentRoutepeer kinds.ReplyDispatchergained requiredgetFailedCountsandmarkCompletemembers (no-op stubs — clawg-ui doesn't track retries or typing indicators).openclaw/plugin-sdk/plugin-runtimeis now a typed public subpath; removed the@ts-expect-errorsuppression inindex.ts.
Fixed
- Two
src/integration.test.tscases (rejects missing user message with 400,rejects empty messages array with 400) expected HTTP 400 but the handler has returned200with an empty SSE run since commite3a88c8(AG-UI protocol compliance for init/sync). Tests now match the current protocol-compliant behavior.
v0.5.4
Fixed
- Use
registerPluginHttpRoute()fromopenclaw/plugin-sdk/plugin-runtime(dynamic import) to write directly to the pinned HTTP route registry. Fixes 404 on OpenClaw 2026.3.23+ whereapi.registerHttpRoute()writes to the loader's private registry which the HTTP handler never reads.
Changed (since 0.4.5)
- Breaking: Peer ID now uses the stable device UUID instead of per-thread ID, enabling identity linking across channels
- Session keys include
:thread:<threadId>suffix for per-thread session separation
Migration
- Device UUIDs can now be added to
session.identityLinksinopenclaw.json - Existing session histories keyed on old format won't be matched; devices start new sessions after upgrade
v0.4.5
What's New
Added
- Agent routing via
X-OpenClaw-Agent-Idheader — pass the header value asaccountIdtoresolveAgentRoute, enabling agent selection via bindings (e.g.{ "agentId": "auditor", "match": { "channel": "clawg-ui", "accountId": "auditor" } }) - AG-UI
contextforwarding —RunAgentInput.contextentries are now forwarded to the LLM prompt as structured markdown sections
v0.3.2
Fixed
- Pass
{ channel: "clawg-ui" }object toreadAllowFromStore— API changed in OpenClaw 2026.3.7 (fixes #17) - Keep
auth: "plugin"onregisterHttpRoutewith a type cast — required at runtime but not yet in SDK typings (fixes #16) - Compile TypeScript to
dist/and pointopenclaw.extensionsto./dist/index.jsinstead of./index.ts— fixes "loaded without install/load-path provenance" warning in OpenClaw 3.7 - Remove
onToolResultfrom reply options — property now explicitly omitted from the type - Use
EventTypeenum instead of plainstringinEventWritertype
Changed
- Add
main,build,files, andprepublishOnlyfields topackage.jsonfor proper npm packaging - Add
declaration: trueandexclude: ["**/*.test.ts"]totsconfig.json
Full changelog: https://github.com/contextablemark/clawg-ui/blob/main/CHANGELOG.md
v0.2.9
Fixed
- Route 404: Added
auth: "plugin"toregisterHttpRoute— required by OpenClaw 2026.3.2; omitting it silently dropped the/v1/clawg-uiroute - Approved device 403: Fixed
readAllowFromStorecall to pass{ channel, accountId }object instead of a bare string — pairing API change in 2026.3.2 caused approved devices to keep receiving 403s - Kotlin client pairing: Added flat
pairing_codeandbearer_tokenfields at the root of the 403 pairing response, restoring compatibility withClawgUIPairingResponseclients expecting flat fields - Diagnostics: Added
console.logfor 400 responses to log message roles/content for debugging
Compatibility
Requires OpenClaw 2026.3.2 or later.
v0.2.8
Fixed
- Remove literal
process.envfrom a code comment inhttp-handler.tsthat was itself triggering the security scanner — the comment documenting the v0.2.5/v0.2.6 fix contained the exact pattern the scanner flags (#8)
See CHANGELOG.md for full history.
v0.2.7
Fixed
- Close open text messages before emitting
RUN_FINISHEDinsplitRunIfToolFired()— fixesAGUIError: Cannot send 'RUN_FINISHED' while text messages are still activewhen text streaming is followed by a server-side tool call and then more text
Installation
npm install @contextableai/clawg-ui@0.2.7Full Changelog
v0.2.4
v0.2.1
Fixed
- Return HTTP 429
rate_limiterror when max pending pairing requests (3) is reached, instead of returning an empty pairing code
🤖 Generated with Claude Code
v0.2.0
Added
- Device pairing authentication - Secure per-device access control
- HMAC-signed device tokens (no master token exposure)
- Pairing approval workflow (
openclaw pairing approve clawg-ui <code>) - New CLI command:
openclaw clawg-ui devices- List approved devices
Changed
- Breaking: Direct bearer token authentication using
OPENCLAW_GATEWAY_TOKENis now deprecated and no longer supported. All clients must use device pairing.
Security
- Device tokens are HMAC-signed and do not expose the gateway's master secret
- Pending pairing requests expire after 10 minutes (max 3 per channel)
- Each device requires explicit approval by the gateway owner