feat(kiloclaw): bump openclaw to version 2026.3.22#1390
Open
kilo-code-bot[bot] wants to merge 1 commit intomainfrom
Open
feat(kiloclaw): bump openclaw to version 2026.3.22#1390kilo-code-bot[bot] wants to merge 1 commit intomainfrom
kilo-code-bot[bot] wants to merge 1 commit intomainfrom
Conversation
Contributor
Author
Code Review SummaryStatus: No Issues Found | Recommendation: Merge Files Reviewed (1 files)
Reviewed by gpt-5.4-20260305 · 286,706 tokens |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
openclawinkiloclaw/Dockerfilefrom2026.3.13to2026.3.22.Verification
2026.3.13) is older than the target (2026.3.22); update is appropriate.v2026.3.22from theopenclaw/openclawrepository.Visual Changes
N/A
Reviewer Notes
The following breaking changes from the
v2026.3.22release notes warrant attention for our deployment:High priority — action likely required:
jqremoved from exec safe-bin allowlist —jqis installed in our Dockerfile (apt-get install -y ... jq). Agents that previously ranjqcommands without an explicit approval prompt will now be blocked by default. This could break automation or agent workflows that rely onjqsilently being allowed. Operators must explicitly optjqback into the trusted path if needed. The release notes also note that thejq -n envbuiltin is blocked even when opted back in, to prevent secret leakage.Browser/Chrome MCP: legacy Chrome extension relay removed —
driver: "extension", bundled extension assets, andbrowser.relayBindHostare all gone. We installchromiumin the image. If any user config or skills reference these settings, they will break. The fix path isopenclaw doctor --fixon affected instances. This is safe for container-fresh setups (new onboards), but existing volumes with old configs may need remediation.Config/env:
CLAWDBOT_*andMOLTBOT_*env var names removed — OnlyOPENCLAW_*names are accepted now. Our controller/bootstrap code should be checked to confirm no legacy env var names are used. Unlikely to affect us since KiloClaw has always usedOPENCLAW_*naming, but worth confirming.Config/state:
.moltbotstate-dir migration fallback removed — Auto-detection of~/.moltbotis gone. We use/root/.openclawalready (created explicitly in the Dockerfile), so this should have no impact on new or existing volumes.Plugins/SDK:
openclaw/extension-apiremoved — Any custom skills or plugins that import fromopenclaw/extension-apiwill fail to load. The replacement isopenclaw/plugin-sdk/*. The skills inkiloclaw/skills/should be audited to confirm they do not use the old import path.Notable improvements in this release:
dist/extensionsinstead of recompiling TypeScript on every gateway startup. WhatsApp-class cold starts are expected to drop from tens of seconds to seconds. Positive for container startup time.