OpenClaw 2026.3.13: Long Context, Real Browser Sessions, And Gateway Hardening
· 23 min read · Views --
Last updated on

OpenClaw 2026.3.13: Long Context, Real Browser Sessions, And Gateway Hardening

Author: Alex Xiang


OpenClaw 2026.3.13: Long Context, Real Browser Sessions, And Gateway Hardening

The 2026.3.13 release line first appeared on GitHub as the prerelease v2026.3.13-beta.1, with npm v2026.3.13-beta.1, and then closed with the stable tag v2026.3.13-1, while npm remained 2026.3.13.

One delivery detail from the beta page is worth noting: the macOS installer still marked the application version as 2026.3.13, and appcast.xml intentionally did not change, so beta and later non-beta releases could share artifacts. The stable line added a small batch of finishing patches, such as bounded timeouts for unanswered gateway RPCs, early Feishu event deduplication, and treating limited probe RPC failures as degraded reachability. So when reading this release, it is better to look at beta + stable + CHANGELOG together.

Below I group the changes by theme instead of repeating every English bullet.

Long Context And Agent Runtime

Compaction remains central. PR #28347 uses the full session’s pre-compaction token count for post-compaction sanity checks, avoiding a distorted baseline when only the subset being summarized is counted. In compact.ts at v2026.3.13-1, the logic first accumulates fullSessionTokensBefore, then uses observedTokenCount ?? fullSessionTokensBefore as the baseline for checking tokensAfter. If estimation fails, it prefers to abandon a fake precise value.

// High-level idea:
// estimate full-session pre-compaction tokens
// choose provider-observed count or local estimate as baseline
// sanity-check tokensAfter
const sanityCheckBaseline = observedTokenCount ?? fullSessionTokensBefore;
if (
  sanityCheckBaseline > 0 &&
  tokensAfter >
    (observedTokenCount !== undefined ? sanityCheckBaseline : sanityCheckBaseline * 1.1)
) {
  tokensAfter = undefined;
}

In the same theme, the beta notes already mention preserving persona and language continuity in compaction summaries, loading only one of MEMORY.md / memory.md to avoid Docker case-mount duplicates, and isolating cron nested tasks into a nested lane to avoid deadlocks with compaction queues. The shared concern is predictability when long sessions, scheduled tasks, and memory files coexist.

For Azure OpenAI, rewritten /new, /reset, and post-compaction startup copy addresses false positives from cloud content filters. Respecting explicit compat for non-native openai-completions is another familiar compatibility-layer issue: frameworks should not silently turn off a capability the user asked for.

On the local-model side, Ollama no longer elevates native thinking / reasoning into user-visible body text. Anthropic replay drops thinking blocks. Both tighten the boundary between internal model channels and chat bubbles.

Cross-agent sub-session workspace resolution matters for multi-agent orchestration. If file context or workspace target drifts, debugging is painful; this kind of fix is often more valuable than a new feature.

Browser: DevTools MCP And Real Profiles

The beta line already introduced the main direction: Chrome DevTools MCP connected to a live logged-in Chrome, profile="user" / profile="chrome-relay" to reduce browserSession choice complexity, and batch actions with selectors and delayed clicks.

The stable line then added batch act scheduling normalization, failure and limit handling, existing-session driver validation and lifecycle work, and tolerance for Chrome MCP returning text-only list_pages / new_page results. Together, this moves browser automation from “can connect” toward “can keep a real session alive for longer work.”

Gateway And Control Plane

Dashboard v2 no longer reloads the whole chat history when streaming tool results arrive. For heavy tool users, this is a direct performance fix. Oversized plain text rendered as paragraphs and restored scroll-pill styling belong to the same UI debt cleanup.

In Control UI, plain HTTP deployments, such as intranet or reverse-proxy setups, now preserve shared token/password until the WebSocket handshake. Restoring operator-only device-auth bypass and separating browser connection failures from authentication failures helps self-hosted deployments avoid common misdiagnosis.

On the gateway side:

  • Unanswered RPC requests now have bounds and pending cleanup, avoiding client Promises hanging forever.
  • Scope-limited probe RPCs can be treated as degraded reachability, giving automation scripts a better expectation of half-broken states.
  • Session reset preserves lastAccountId / lastThreadId, reducing thread confusion after reset.

Windows installer, stop, status, and loopback-auth patches, plus macOS daemon restart, PortGuard not killing Docker Desktop by mistake, and exec approval alignment with gateway prompter, all point to the same goal: making the desktop gateway reliable as a long-running service.

On builds and dependencies, plugin-sdk bundle deduplication reduces a roughly 2x memory regression. Dockerfile apt-get upgrade and prevention of gateway token leakage in build context are more about supply chain and image hygiene. Pi dependencies moving to 0.58.0 and OPENCLAW_TZ for container time zone fit reproducible operations.

Channels, Delivery, And Integrations

Telegram media download now threads direct/proxied strategy through SSRF guard paths, retries IPv4 fallback, prevalidates webhook secrets, and redacts file URLs in errors. This is correctness plus token hygiene for high-traffic channels.

Discord treats gateway metadata fetch failures as transient, and allowlists still work through guild_id when the guild object is missing. Slack adds optional interactive reply commands and simplified probe paths. Feishu adds early event-level deduplication, reducing duplicate replies.

Follow-up delivery deduplication and fast failure for plugin channel/binding conflicts belong to the same consistency story when multiple plugins and channels combine.

Security, Configuration, And Miscellaneous Fixes

The beta Fixes section already included many exec approval tightenings around command families, skill path binding, one-time pairing bootstrap, external-content marker handling, and remote attachment path validation. The stable line adds more model and schema validation, Gemini / Vertex ID normalization, and Anthropic startup alias inlining to avoid configuration-level crashes.

The overall direction is: safer defaults while keeping strict validation from rejecting legitimate configuration.

Mobile-side changes include Android chat settings, Google Code Scanner for QR scanning, TalkMode connection leak fixes, and iOS first-run guidance. As the beta notes also say, Android application public release status remains documented separately.

Summary

Reading v2026.3.13-beta.1 and v2026.3.13-1 together, this release line thickens OpenClaw in several areas: long-session compaction trustworthiness, real browser-session engineering, gateway/control-plane reliability, and a large amount of channel and security cleanup for self-hosted multi-integration deployments.

References