OAuth credentials with a refresh token auto-renew on first API call,
so the doctor should not warn about access token expiration when a
refresh token is present. This avoids unnecessary "expired" warnings
that prompt users to re-auth when no action is needed.
Fixes#3032
Co-authored-by: Ayush Ojha <ayushozha@outlook.com>
Unify style and link closing in render.ts to use LIFO order across
both element types, fixing cases where bold/italic spans containing
autolinks produced invalid HTML like <b><a></b></a>.
The react action used readStringParam for messageId and chatId, which
rejected numeric values with a misleading "messageId required" error.
Switched to readStringOrNumberParam to match the delete/edit actions.
Closes#1459
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixes#4038
The global fetch in Node.js doesn't support undici's dispatcher option,
which is required for ProxyAgent to work. This fix imports fetch from
undici directly to enable proper proxy support for Telegram API calls.
Root cause: makeProxyFetch() was using global fetch with { dispatcher: agent },
but Node.js's global fetch ignores the dispatcher option. Using undici.fetch
ensures the ProxyAgent dispatcher is properly respected.
Tested: Build passes, TypeScript compilation successful.
registerTelegramNativeCommands() calls listSkillCommandsForAgents()
without passing agentIds, causing ALL agents' skill commands to be
registered on EVERY Telegram bot. When multiple agents share skill
names (e.g. two agents both have a "butler" skill), the shared `used`
Set in listSkillCommandsForAgents causes de-duplication suffixes
(_2, _3) and all commands appear on every bot regardless of agent
binding.
This fix uses the existing resolveAgentRoute() (already imported) to
find the bound agent for the current Telegram accountId, then passes
that agentId to listSkillCommandsForAgents(). The function already
accepts an optional agentIds parameter — it just wasn't wired from
the Telegram registration path.
Before: All agents' skill commands registered on every Telegram bot,
causing /butler_2, /housekeeper_2 dedup suffixes and potential
BOT_COMMANDS_TOO_MUCH errors when total exceeds 100.
After: Each Telegram bot only registers skill commands for its own
bound agent. No cross-agent dedup, no command limit overflow.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: add Kimi K2.5 model to synthetic catalog
Add hf:moonshotai/Kimi-K2.5 to the synthetic model catalog.
This model is available via dev.synthetic.new API.
- 256k context window
- 8192 max tokens
- Supports reasoning
* chore: fix formatting in onboard-helpers.ts
* fix: update config candidate ordering test (#4407) (thanks @manikv12)
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Replaced the static image with a responsive logo using the <picture> element for light/dark mode support. Updated contributor name from 'Clawd' to 'Molty'.
Replaces the previous ASCII art in both the CLI banner and the wizard header with a new, wider design and updates the label to 'OPENCLAW' for consistency.
- Add isKeyInCooldown() to reduce duplication in cooldown checking
- Add clearCooldownFields() to centralize cooldown field clearing
- Add applySuccessUpdates() to eliminate duplicated success update logic
- Reduce markAuthProfileUsed from ~66 to ~26 lines
- Add module-level comment in usage.ts explaining the key asymmetry:
failures create per-model keys, successes update profile-level keys
- Add explanatory comment at top of cooldown test file
- Create Serena memory (decision_auth_permodel_cooldown_design) for
future reference
This documents the design from discussion #3417 where per-model cooldowns
allow independent rate limits while keeping the store clean.
- Add tests for markAuthProfileFailure with model param
- Add tests for markAuthProfileCooldown with model param
- Add tests for clearAuthProfileCooldown with model param
- Add backward compatibility test (profile-level blocks all models)
- Add test for disabledUntil handling in per-model cooldowns
- Add edge case test for empty string model parameter
- Remove duplicate JSDoc blocks left from iterative editing
- Add @example annotations to cooldownKey() for clarity
- Handle empty/whitespace model strings in cooldownKey()
- Improve isProfileInCooldown() documentation to explain dual-check behavior
- Clarify markAuthProfileCooldown() is a convenience wrapper
When a model succeeds, also clear its per-model cooldown key so
the system doesn't think it's still rate-limited.
- Add optional `model` param to markAuthProfileUsed
- Pass modelId when marking profile used in agent runner
- Add tests for per-model cooldown clearing behavior
Allow different models from the same provider to have independent
cooldowns. When a model hits rate limit, only that specific model
is blocked, not all models using the same auth profile.
- Add cooldownKey() helper for composite key generation
- Update isProfileInCooldown to check both per-model and profile-level
- Update markAuthProfileFailure/Cooldown with optional model param
- Pass model to cooldown checks in model-fallback and agent runner
- Add comprehensive tests for per-model cooldown behavior
Ref: #3417
