OpenClaw beta.8 trims core dependencies and hardens Telegram ingress, child-model defaults, credentials, and rich replies
OpenClaw v2026.5.12-beta.8 is another broad operator release, but the center of gravity has shifted from one-off channel bugs to runtime shape. Bedrock, Bedrock Mantle, Slack, OpenShell sandbox, and Anthropic Vertex move out of core so default installs no longer drag in those dependency cones unless the matching providers or plugins are installed. Telegram Bot API polling moves to an isolated worker with a durable local spool so main event-loop stalls do not stop inbound message collection. The release also adds ACP backend fallbacks before output is emitted, a persisted Control UI auto-scroll selector, monotonic transcript sequence repair for stale SSE history, Windows `USERPROFILE` coverage in sandbox blocked home roots, stricter provider credential resolution through structured SecretRefs, bodyless media-fetch heap avoidance, onboarding flag forwarding for provider-specific API keys, plugin-provider discovery from setup env vars, auth-profile stale-lock reclaim, Codex OAuth refresh error classification, browser scope-loop reduction, plugin SDK subpath compatibility, rich/card-only outbound content recognition, and WebChat/TUI mirroring for Codex `tools.message` replies.
The useful pattern is dependency and event-loop isolation. A smaller core reduces install and supply-chain surface, while isolated Telegram ingress and stricter credential resolution address failures that only appear when agents are left running on real channels.
- The beta.8 release notes say Bedrock, Bedrock Mantle, Slack, OpenShell sandbox, and Anthropic Vertex are externalized from core installs
- Telegram polling is moved to an isolated worker with durable local spool to survive main event-loop stalls
- The release adds Windows `USERPROFILE` to sandbox blocked home roots so `.codex`, `.openclaw`, and `.ssh` binds are denied even when `HOME` differs
- Provider config now resolves apiKey values only through structured env SecretRefs instead of broad uppercase-string inference
- Gateway/session history carries monotonic transcript message sequence and refreshes stale SSE history rather than appending bad incremental state
- Rich presentation, interactive controls, and channel-native payloads now count as outbound content across follow-up, heartbeat, cron, ACP, and block-streaming paths
- This is still a beta prerelease, so dependency externalization should be tested with existing plugin/provider setups before production rollout
- Moving Telegram ingress into a worker and spool changes failure modes; operators should inspect spool cleanup and duplicate-delivery behavior
- Credential-resolution tightening can break configs that accidentally relied on loose env-var marker inference