OpenClaw 2026.5.12-beta.4 turns the beta line into a runtime and channel hardening release
OpenClaw v2026.5.12-beta.4 is the newest official beta in the 2026.5.12 line. The release keeps the identity-aware safety theme from beta.1, including per-sender tool policies and memory/wiki admin or write gates, but the practical value has shifted toward runtime and channel reliability. It fixes a Codex runtime MODULE_NOT_FOUND path when the official @openclaw/codex package needs its private task-runtime SDK helper, makes Enter activate highlighted checkbox rows during Codex migration, keeps auth-profile-backed media tools such as image_generate available when OpenAI auth is stored outside environment variables, and unblocks WhatsApp/source installs by allowing Baileys' pinned libsignal git dependency under pnpm 11. It also carries a broad set of Slack, Telegram, WhatsApp, iMessage, Gateway, provider, plugin, and transcript fixes: OpenAI-compatible HTTP now forwards max_completion_tokens and max_tokens, plugin session_end hooks fire on shutdown or restart, Telegram topic/reply context is bounded more carefully, and long-session transcript scans move to streaming helpers that cut a synthetic 200 MiB transcript peak RSS delta from about 252 MiB to 27 MiB.
This release matters because it ties policy, runtime, and delivery into the same operator problem: an always-on channel agent is only trustworthy if the right person can trigger the right tool, the runtime can actually start, the reply really reaches the channel, and long sessions do not quietly exhaust memory. Beta.4 is still a beta, but it is a useful read because the fixes cluster around the boring failure modes that decide whether agent infrastructure survives real daily use.
- The official v2026.5.12-beta.4 release notes were published at 2026-05-13T05:17:07Z, after the previous aggregation window
- The release fixes Codex runtime MODULE_NOT_FOUND for the official @openclaw/codex package's private task-runtime SDK helper and improves Codex migration checkbox keyboard behavior
- Auth-profile-backed media tools such as image_generate remain available when OpenAI auth lives in the agent auth-profile store instead of environment variables
- OpenAI-compatible HTTP requests now forward max_completion_tokens and max_tokens to upstream providers, with max_completion_tokens taking precedence
- The release keeps memory-wiki admin/write gates, per-sender tool policies, uploaded-skill archive opt-in, and shutdown/restart plugin session_end hooks in the 2026.5.12 beta line
- Session transcript scanning now uses streaming helpers; the release notes cite a synthetic 200 MiB transcript peak RSS delta drop from +252 MiB to +27 MiB
- Fresh PRs during the same window also point to active hardening around Control UI request timeouts, OpenAI-compatible temperature/top_p forwarding, ClawHub trust checks before plugin installs, cron duplicate trigger prevention, and heartbeat pause credit-burn prevention
- This is a large prerelease, so operators should expect some regressions and test channel flows end to end
- Per-sender tool policies and memory gates only help if the deployment maps identities and scopes correctly
- Many related items are still PRs or reports, so a later beta may supersede the exact fixes described here