v1.8.2

v1.8.2 Release Notes

What's New

Security

• Fix account takeover via username collision (#300): Prevents an attacker from creating an account with a username matching an existing SSO user's email, which could lead to unauthorized account access.
• Fix duplicate user creation on repeated SSO logins: Feishu and DingTalk SSO now correctly reuse existing accounts instead of creating duplicate users.

AgentBay — Cloud Computer & Browser Automation

• New: agentbay_file_transfer tool: Transfer files between any two environments — agent workspace, browser sandbox, cloud desktop (computer), or code sandbox — in any direction.
• Fix: Computer Take Control (TC) white screen: TC now connects to the correct environment session (computer vs. browser) based on env_type. Previously, an existing browser session could hijack the computer TC connection.
• Fix: OS-aware desktop paths: The agentbay_file_transfer tool description now automatically reflects the correct paths for the agent's configured OS type:
  • Windows: C:\Users\Administrator\Desktop\
  • Linux: /home/wuying/Desktop/
• Fix: Desktop file refresh: After uploading to the Linux desktop directory, GNOME is notified to refresh icon display.
• Multiple Take Control stability fixes: CDP polling replaced with sleep, multi-tab cleanup, 40s navigate timeout, unhashable type errors.

Feishu (Lark) — CardKit Streaming Cards

• Feishu bot responses now stream as animated typing-effect cards using the CardKit API (#287).
• Fixed SSE stream hang issues and websocket proxy bypass for system proxy conflicts.

WeCom (Enterprise WeChat) Integration

• WeCom features are currently hidden behind a prerequisites notice (pending enterprise approval setup).
• Backend: Full org sync, domain verification endpoint, dual-credential architecture for API access.
• nginx: Added WW_verify_*.txt routing for WeCom domain ownership verification.

DingTalk & Organization Sync

• Fixed DingTalk org sync permissions guide (Contact.User.Read scope).
• Fixed open_id vs employee_id user type handling in Feishu org sync.

Other Bug Fixes

• Fix: SSE stream protection — finish_reason break guard added for OpenAI and Gemini streams to prevent runaway streams.
• Fix: Duplicate tool send_feishu_message — Removed duplicate DB entry; added dedup guard in tool loading to prevent Tool names must be unique LLM errors.
• Fix: JWT token not consumed on reset-password and verify-email routes.
• Fix: NULL username/email for SSO-created users in list_users.
• Fix: Company name slug generation — Added anyascii + pypinyin for universal CJK/Latin transliteration.
• Fix: publish_page URL — Correctly generates try.clawith.ai links on source deployments.
• Fix: Agent template directory — Dynamic default for source deployments.
• Various i18n fixes (TakeControlPanel, WeCom, DingTalk guide).

---

Upgrade Guide

No database migrations required. No new environment variables.

Docker Deployment (Recommended)

git pull origin main
docker compose down && docker compose up -d --build

Important: If your server does not have Node.js/npm, the frontend must be built locally and uploaded, or installed via nvm (see note below).

Source Deployment

git pull origin main

# Install new Python dependency
pip install anyascii>=0.3.2

# Rebuild frontend
cd frontend && npm install && npm run build
cd ..

# Restart services

nginx Update Required

A new routing rule for WeCom domain verification has been added to nginx.conf. If you manage nginx separately (not via Docker), add this block inside your server {} before the WebSocket proxy section:

location ~ ^/WW_verify_[A-Za-z0-9]+\.txt$ {
    proxy_pass http://backend:8000/api/wecom-verify$request_uri;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
}

Kubernetes (Helm)

helm upgrade clawith helm/clawith/ -f values.yaml

No migration job needed.

---

Upgrade Notes — Lessons Learned (from our production upgrade)

The following issues were encountered during the v1.8.1 → v1.8.2 production upgrade and may affect other deployers:

1. Server without npm: dist.zip may be stale in git

Problem: Our production server did not have Node.js/npm installed. The frontend/dist.zip tracked in git can fall behind when frontend changes are made and committed without a corresponding build (e.g., when the build was done on a separate dev server).

Symptoms: After git pull, the dist.zip in the repo may not include the latest frontend changes, causing new features to be invisible in the UI even though the backend is updated.

Solutions:

• Option A (Recommended): Install Node.js on the deployment server via nvm (no root required):

  curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
  source ~/.nvm/nvm.sh
  nvm install 20

  Then build on the server: cd frontend && npm install && npm run build
• Option B: Build locally and upload via SCP:

  # On local machine:
  cd frontend && npm run build && cd dist && zip -r ../dist.zip .
  scp frontend/dist.zip user@server:/path/to/Clawith/frontend/dist.zip

Note: In China-based server environments, downloading from raw.githubusercontent.com may be very slow. If so, use a proxy or mirror.

2. anyascii is a new required Python dependency

Problem: Starting from this release, anyascii>=0.3.2 is required. If upgrading without rebuilding the Docker image (e.g., using docker cp to update only the app directory), this dependency must be installed separately inside the container:

docker exec clawith-backend-1 pip install anyascii>=0.3.2

For standard docker compose up --build upgrades, this is handled automatically.

v1.8.1

v1.8.1 Release Notes

Released: 2026-04-03

This is a stability and polish release built on top of v1.8.0-beta.3, covering security hardening,
Feishu reliability fixes, a redesigned tool-call visualization, new file-management tools, and
a first-class Kubernetes deployment option.

---

Highlights

Redesigned Tool-Call Visualization (AnalysisCard)

The live chat view now shows agent reasoning and tool calls in a unified AnalysisCard that
groups interleaved thinking and tool-call messages into one collapsible block. The card shows:

• A pulse LED while the agent is running, turning green on completion
• The currently-active tool name in collapsed state alongside tool-count badge
• Individual <details> rows per tool for args and result (collapsed by default)
• Italic thinking-content blocks inline for extended reasoning (deepthink) models

New File Management Tools

Three new built-in tools are available to all agents:

• edit_file — targeted line-range edits without rewriting the entire file
• search_files — substring or regex search across a workspace
• find_files — glob-pattern file lookup
• read_file now supports offset / limit for reading large files in pages

Kubernetes Deployment (Helm Chart)

A production-ready Helm chart is now included at helm/clawith/. Deploy Clawith on any
Kubernetes cluster in one command:

helm upgrade --install clawith helm/clawith/ -f values.yaml

Security Fixes

• Cross-tenant data leak — org member and department search was returning results across
  tenant boundaries. Now strictly scoped to the requesting tenant. (#security)
• Platform admin token scope — platform_admin role was not pinned to tenant_id in the
  JWT, allowing cross-tenant privilege escalation. Fixed.
• Duplicate OrgMember shell — channel users could create duplicate OrgMember rows on
  reconnect. A uniqueness guard has been added.

Feishu Integration Reliability

• feishu_doc_append intermittent failures — Markdown --- dividers were converted to
  block_type: 22 which the Feishu batch-children API rejects. They now render as a text
  separator line (────────────────────────), always accepted.
• index: -1 removed from the children API call — Feishu defaults to append-at-end when
  index is omitted, avoiding 1770001 invalid param errors.
• Stale websocket_chat import — feishu_doc_create was trying to import
  channel_feishu_sender_open_id from a deleted module, generating a visible warning. Fixed.
• Feishu streaming card stalls — ordered patch queue now correctly processes streaming
  updates for Feishu cards without stalling.
• Tool status stuck on "running" — Feishu-channel tool status now correctly transitions
  from running → done after tool completion.
• Added wiki:wiki permission to the recommended Full permission set in channel config.

Admin Chat UI

• Read-only session viewer — Admins viewing other users' sessions see a clear "Read-only ·
  username" badge at top-left (fixed overlay, never scrolls away).
• Card border — the entire chat area is now enclosed in a 12px-radius bordered card for
  visual clarity.
• Optimistic relationship deletion — relationship rows fade out immediately on delete (no wait).

Cross-Domain Tenant Switch

The ?token= query param is now consumed on app bootstrap, so users switching between tenant
instances via a generated link land directly in the correct tenant without requiring a page reload.

i18n Improvements

• All emoji removed from en.json and zh.json translation keys (project policy).
• Hardcoded "Copy", "Upload", and several status strings now properly use t().
• New i18n key agent.chat.analysing for the AnalysisCard header.
• Credential-related UI strings in zh.json completed.

---

Upgrade Guide

No breaking changes. No database migrations required.

Option A — Docker Compose

cd <clawith-dir>
git pull origin main
docker compose down && docker compose up -d --build

Or the rolling update (no downtime):

git pull origin main

# Frontend
cd frontend && npm install && npm run build
cp public/logo.png dist/ && cp public/logo.svg dist/
cd dist && zip -r ../dist.zip . && cd ../..
docker cp frontend/dist.zip clawith-frontend-1:/usr/share/nginx/html/dist.zip
docker exec clawith-frontend-1 sh -c "cd /usr/share/nginx/html && unzip -o dist.zip"
docker compose restart frontend

# Backend
docker cp backend/app clawith-backend-1:/app/
docker exec clawith-backend-1 find /app -name "__pycache__" -exec rm -rf {} + 2>/dev/null
docker compose restart backend

Option B — Source Deployment

git pull origin main
cd frontend && npm install && npm run build
cd ..
# Restart backend process (e.g. supervisorctl restart clawith-backend)

Option C — Kubernetes (Helm)

helm upgrade clawith helm/clawith/ -f values.yaml

No Alembic migration is required for this release.

---

Full Changelog

See all commits since v1.8.0-beta.3:
v1.8.0-beta.3...v1.8.1

v1.8.0-beta.3

v1.8.0-beta.3

What's Changed

New Features

• Split Code Executor into Local and E2B Cloud tools — The single "Code Executor" tool has been separated into two independent tools. The local tool shows CPU/memory/network config; the E2B Cloud tool only requires an API key. E2B errors are now surfaced explicitly instead of silently falling back to local execution.
• MCP Server credential management — New "Edit Server" UI and PUT /tools/mcp-server API endpoint for bulk-updating MCP server URLs and API keys across all tools sharing the same server.
• Feishu Wiki document creation — feishu_doc_create now supports creating documents directly inside Wiki knowledge bases, with automatic detection of Wiki node tokens.
• Feishu permission JSON UI redesign — Two-tier segmented control (Basic / Full) with i18n support for Feishu app permission configuration.
• Live Preview auto-sizing — AgentBay Live Preview panel now auto-sizes to 50% of the chat container width.

Bug Fixes

• Plaintext SMTP relay support — STARTTLS is now auto-negotiated based on server ESMTP capabilities instead of being forced on port 25/587. AUTH is skipped for unauthenticated IP-whitelisted internal relays. Password is no longer a required field in email configuration.
• Unified context window size — Introduced DEFAULT_CONTEXT_WINDOW_SIZE = 100 constant and unified all 9 communication channels (WebSocket, Feishu, Discord, WeCom, DingTalk, Teams, Slack) to use consistent fallback values.
• LLM stream retry — Added httpx.RemoteProtocolError to the stream retry logic to handle upstream connection resets.
• Tool config double-encryption — Fixed a bug where already-encrypted sensitive config fields were encrypted again on save.
• Loguru format collision — Replaced logger.error(..., exc_info=True) with logger.exception(...) across all channel handlers to prevent crashes when error messages contain special characters.
• WeCom message handler — Fixed NameError (agent vs agent_obj) and migrated user creation to channel_user_service to avoid AssociationProxy errors.
• Duplicate tool definition — Removed send_channel_message from _ALWAYS_INCLUDE_CORE to prevent "Tool names must be unique" LLM errors.
• AgentBay connection test — Fixed test image name (linux_latest) and api_key lookup in global tool config fallback.
• FastAPI route ordering — Reordered /tools/mcp-server/bulk before /tools/{tool_id} to prevent 422 validation errors on older FastAPI versions.
• Other fixes — LLM model temperature persistence, org_admin access to GitHub/ClawHub tokens, MCP tool import tenant scoping.

UI / i18n

• Context Window Size terminology — Corrected misleading "Max Rounds" / "Context Rounds" labels to industry-standard "Context Window Size" with accurate descriptions.
• MCP Server group header — Displays hostname instead of full URL for cleaner display.

Upgrade Notes

This is a drop-in upgrade from v1.8.0-beta.2. No breaking changes.

• No database migrations required
• No new dependencies
• No environment variable changes
• The new execute_code_e2b tool will be automatically created by the tool seeder on startup. It is not a default tool — agents will not have it unless explicitly added.
• The existing execute_code tool's config schema will be auto-synced (the sandbox type dropdown is removed since it's now always "subprocess").

Docker Deployment

git pull origin main
docker compose down && docker compose up -d --build

Source Deployment

git pull origin main
# Backend
pip install -r backend/requirements.txt  # no changes expected, but safe to run
# Frontend (pre-built dist.zip is included)
cd frontend && unzip -o dist.zip -d dist/
# Restart services

v1.8.0-beta.2

Learn more about the new features at: https://github.com/dataelement/Clawith/releases/tag/v1.8.0-beta

🐛 Bug Fixes

• SSO: Fixed 500 error (UnboundLocalError) when a new user scans to login via Feishu for the first time.
• SSO: Fixed SSO polling endpoint failing to redirect due to a MissingGreenlet exception during async lazy loading.
• SSO: Removed the brief No SSO providers UI flash during SSO callback processing.
• App Context: Fixed cross-session state corruption during Take Control cookie export and injection.
• App Context: Added a leading dot to cookie domains for better subdomain matching.
• Take Control: Relaxed the required agent lock permission from manage to use.

📦 Configuration

• Added PUBLIC_BASE_URL and PASSWORD_RESET_TOKEN_EXPIRE_MINUTES environment variable configurations to docker-compose.yml.

v1.8.0-beta

v1.8.0-beta Release Notes

This beta release brings major new capabilities to Clawith, including a fully redesigned identity system, AgentBay cloud computer visual control, a new email notification system, expanded Feishu integrations, platform-wide analytics, and many UX improvements.

---

What's New

1. AgentBay: Cloud Computer Visual Control

A major leap in agent-computer interaction:

• Live Preview Panel — Watch your agent in real time via a draggable sidebar that streams screenshots of the cloud browser or desktop as the agent operates.
• Vision Injection — Browser and desktop screenshots are captured ephemerally (in-memory only, no disk writes) and injected into the LLM as multimodal input, enabling visual reasoning about on-screen state.
• Take Control / Save Login State — Users can seamlessly take over the agent's remote session with keyboard and mouse for manual steps (e.g., CAPTCHA, QR code scanning). Cookie-based login state can be saved and reused by the agent.

• 16+ New AgentBay Tools — Browser extract, observe, shell commands, OTP-aware keyboard input, browser_login, agentbay_browser_screenshot, and more.
• Windows Cloud Desktop Support — Full Windows OS support for AgentBay cloud computer sessions.

2. Unified Identity System & Multi-Tenant Auth

A complete redesign of the authentication and user management architecture:

• Global Identity (cross-tenant) — A new identities table unifies credentials across organizations. One email/password works across all companies a user belongs to.
• Tenant Switcher Modal — Redesigned company switcher with inline join/create flow.
• Invitation Flow Fix — When an existing user clicks an invitation link, they are now automatically joined to the invited company after logging in.
• SSO Toggle — Per-channel SSO login enable/disable, with auto-detected subdomain and callback URL generation.

3. Platform Email System

• Password recovery via email (full reset flow with branded templates).
• Broadcast notification emails to all platform users.
• In-app SMTP configuration UI under Platform Settings → Email — no .env restart required.
• Test email button and customizable email templates.
• Auto-verify email and activate users when SMTP is not configured.

4. Feishu Integration Expansion

• **Bitable ** — List tables/fields, query/create/update/delete records, create new Bitable apps. Returns clickable links in chat.
• Drive Tools — feishu_drive_share (renamed and enhanced) + new feishu_drive_delete for automated file permission management and cleanup.
• Calendar & Approval — Full integration of Feishu Calendar scheduling and Approval submission tools.
• 403 Permission Guidance — When a Feishu API call fails due to missing permissions, the agent now provides detailed diagnostic guidance inline.

5. Platform Admin Dashboard & Analytics

• Enhanced Metrics — DAU/WAU/MAU, session counts, user retention, channel distribution, tool category breakdowns, and churn warnings.
• Token Usage Leaderboards — Per-agent, per-tenant daily/monthly token spend tracking backed by a new daily_token_usage table.
• Org Admin Email — Platform admins can view and contact organization admin email addresses.

6. LLM Engine & Tool Improvements

• Model Toggle — Enable/disable individual LLM models in Company Settings; disabled models are filtered from dropdowns and the runtime auto-falls back.
• Configurable LLM Request Timeout — New request_timeout setting for local/slow models.
• Anthropic Prompt Cache Optimization — Static and dynamic context are split to maximize cache hit rates; detailed cache metrics are logged.
• Image Generation (Multi-Provider) — generate_image tool now supports SiliconFlow, OpenAI DALL-E, and Google Vertex AI as separate configurable providers.
• Unified Tool Configuration — Secure API key management with Agent→Company priority inheritance and schema-aware decryption.
• ClawHub Integration — search_clawhub and install_skill are now seeded as built-in tools, allowing agents to self-extend from the community marketplace.
• Transliteration Search — Enterprise member search now supports pinyin input for Chinese names.

7. UX & UI Improvements

• Chat shortcut — Enter to send, Shift+Enter for newline.
• Copy Button — One-click copy on all chat messages.
• User Email Update — Users can change their own email address from Account Settings.
• org_admin Promotion/Demotion — With last-admin protection to prevent lockout.
• Collapsible Session List — Sidebars auto-collapse when the Live Preview panel is active.
• Model field — Replaced model dropdown with free-text input in LLM settings for better compatibility.

---

Upgrade Guide

Who this applies to

• Upgrading from v1.7.2 (standard release)
• Upgrading from an intermediate post-v1.7.2 state (same steps, lower risk)

Important Notes Before Upgrading

Always back up your database before upgrading.

1. Database Migrations (12 total)

This release includes 12 Alembic migrations. The most significant is user_refactor_v1, which introduces a global identities table and migrates user credentials from the users table. All migrations are idempotent — if your instance already ran some of them, they will be skipped safely.

2. Invitation Codes Reset

The multi_tenant_registration migration adds tenant_id to invitation codes and clears all legacy codes that lack this field. Existing invitation codes will be invalidated. Regenerate them from Company Settings after upgrading.

3. SMTP Configuration (for post-v1.7.2 intermediate versions only)

If you previously configured SYSTEM_SMTP_* environment variables, these are now ignored. After upgrading, go to Platform Settings → Email and re-enter your SMTP credentials via the UI. Users upgrading from v1.7.2 are unaffected (email was not available in that version).

4. New Optional Environment Variables

# Public URL used in email links and webhook callbacks.
# Recommended for production; auto-detected from request host if not set.
PUBLIC_BASE_URL=https://your-domain.com

# Password reset token lifetime in minutes (default: 30)
PASSWORD_RESET_TOKEN_EXPIRE_MINUTES=30

5. New Python Dependencies

Three new packages are required (automatically installed by Docker build):

• wuying-agentbay-sdk >= 0.18.0
• pypinyin >= 0.52.0
• Pillow >= 10.0.0

---

Option A: Docker Deployment (Recommended)

# 1. Back up your database
docker exec clawith-postgres-1 pg_dump -U clawith clawith > backup_$(date +%Y%m%d).sql

# 2. Pull the latest code
cd <your-clawith-directory>
git pull origin main

# 3. Rebuild and restart all containers
docker compose down
docker compose up -d --build

# 4. Check migration logs
docker logs clawith-backend-1 2>&1 | head -80

Post-upgrade checklist:

• Go to Platform Settings → Email and configure SMTP (if you want password recovery / broadcast emails)
• Regenerate invitation codes in Company Settings (old codes are cleared)
• Optionally set PUBLIC_BASE_URL in your .env

---

Option B: Source Deployment

# 1. Back up your database
pg_dump -U clawith clawith > backup_$(date +%Y%m%d).sql

# 2. Pull the latest code
cd <your-clawith-directory>
git pull origin main

# 3. Update Python dependencies
cd backend && pip install -e ".[dev]"

# 4. Run database migrations
alembic upgrade head

# 5. Build the frontend
cd ../frontend && npm install && npm run build

# 6. Restart your backend service

Post-upgrade checklist: Same as Option A.

---

Rollback

If something goes wrong, restore from your SQL backup:

# Docker deployment
docker compose down
docker exec clawith-postgres-1 psql -U clawith -c "DROP DATABASE clawith; CREATE DATABASE clawith;"
docker exec -i clawith-postgres-1 psql -U clawith clawith < backup_YYYYMMDD.sql
git checkout v1.7.2
docker compose up -d --build

We recommend SQL restore over alembic downgrade, as down migrations have not been fully tested.

v1.7.2

v1.7.2

Highlights

• Discord Gateway (WebSocket) — Connect Discord bots without a public IP. Configure via Channel Settings.
• Clawith Pages — Agents can publish static HTML pages with shareable /p/{short_id} URLs.
• Unified Notification System — Plaza replies, @mentions, broadcasts, and heartbeat-drain notifications with category filtering.
• Baidu (Qianfan) LLM Provider — Add Baidu models alongside OpenAI, Anthropic, and others.
• LLM Temperature Control — Set per-model temperature from the LLM management page.
• OpenClaw Settings Page — Dedicated API key management for OpenClaw integrations.
• Platform Settings Restructure — Companies page reorganized into a tabbed Platform Settings layout.
• Runtime Version Display — /api/version endpoint and sidebar footer showing the running version.

Bug Fixes

• Fix heartbeat/scheduler tool calls failing with empty arguments (empty-args guard ported from chat flow)
• Fix agent-to-agent session duplication and LLM tool confusion
• Harden A2A communication security with tenant isolation and relationship checks
• Fix A2A LLM timeout retries with jitter and error surfacing
• Fix system message always placed first for cross-model compatibility
• Fix streaming state not reset when switching sessions
• Fix trigger resurrection on restart
• Fix non-standard API streaming with JSON buffer
• Fix plaza tenant scoping and @mention navigation
• Fix OpenClaw agent replies not appearing in chat UI
• Fix chat message alignment by participant
• Improve broadcast UI and @mention dropdown (scrollable, increased limit)

Database Migrations

Three new Alembic migrations run automatically on startup:

1. add_published_pages — Creates published_pages table
2. add_notification_agent_id — Adds agent_id, sender_name columns to notifications; makes user_id nullable
3. add_llm_temperature — Adds temperature column to llm_models

All migrations are idempotent (safe to re-run).

New Dependency

• discord.py>=2.3.0 — Required for Discord Gateway mode

Infrastructure

• All Docker services now have restart: unless-stopped
• .dockerignore updated to exclude agent_data/ from build context
• entrypoint.sh removed legacy schedule-to-triggers migration (completed in v1.7.0)
• restart.sh supports external DATABASE_URL

Upgrade Instructions

Important: Users must upgrade one version at a time (e.g., v1.6.0 → v1.7.0 → v1.7.1 → v1.7.2). Skipping versions is not supported.

Option A: Docker Deployment

cd /path/to/Clawith
git pull origin main
docker compose down
docker compose up -d --build

Migrations run automatically via entrypoint.sh. The --build flag is required to install the new discord.py dependency.

Option B: Source Deployment

cd /path/to/Clawith
git pull origin main

# Install new dependency
cd backend
pip install -e .   # or: pip install .

# Run migrations
alembic upgrade head

# Restart backend
# (your restart method here)

No .env changes required.

v1.7.1

Clawith v1.7.1 Release Notes

What's New

ClawHub Skills Marketplace

• Browse and install skills directly from ClawHub (the OpenClaw skill registry)
• Import skills from any GitHub URL
• ClawHub API key configuration for authenticated access to the skill registry
• Tenant-scoped GitHub token configuration for higher API rate limits
• Skill tenant isolation — imported skills are properly scoped to the importing company

Feishu User Identity Architecture Fix

Replaced open_id (per-app, unstable) with user_id (cross-app, stable) as the primary identifier for Feishu users. This fixes:

• Duplicate user records when switching Feishu Apps or using multiple bots
• Cross-app errors when the org sync App differs from the Agent's bot App
• Session fragmentation — chat history now stays unified across App changes

All changes include open_id fallback for environments that haven't enabled user_id permissions yet.

Logging System Overhaul

• Unified logging with loguru and trace ID support for request tracing
• LLM Request ID tracking for debugging model interactions
• Improved error messages throughout the platform

Bug Fixes

• Fixed notification badge cramping for multi-digit counts
• Fixed IME composition conflict with Enter to send
• Fixed emoji-first-character handling in agent avatars
• Fixed agent creation validation error messages
• Fixed sidebar agent sorting (now by created_at descending)
• Fixed ClawHub 429 rate limit handling
• Centered agent avatars in collapsed sidebar
• Prevented ClawHub key save from clearing GitHub token

---

Upgrade Guide

Important: Users must upgrade one version at a time (e.g., v1.6.0 -> v1.7.0 -> v1.7.1). Skipping versions is not supported.

Option A: Docker Deployment (Recommended)

1. Pull the latest code:

   git pull origin main

2. Check environment variables (Optional):

   diff .env .env.example

3. Rebuild and restart services:

   docker compose down
   docker compose up -d --build

   During startup, entrypoint.sh automatically runs alembic upgrade head and data migration scripts. No manual intervention required.

4. Feishu user_id migration (Optional but recommended):

   If you use Feishu org sync, run this one-time migration to backfill user_id and clean up duplicate users:

   docker exec clawith-backend-1 python3 -m app.scripts.cleanup_duplicate_feishu_users

   Prerequisite: Your Feishu org sync App must have the contact:user.employee_id:readonly permission. Add it in the Feishu Open Platform if missing, then re-sync from Company Settings > Org Structure > Sync Now before running the script.

5. Verify: Visit the frontend and confirm the version shows 1.7.1 in the sidebar footer.

---

Option B: Source Deployment

1. Pull the latest code:

   git pull origin main

2. Run database migrations:

   cd backend
   alembic upgrade head

3. Update backend dependencies (new dependency: loguru):

   pip install -e .

4. Restart:

   bash restart.sh

5. Feishu migration (same as Docker step 4 above):

   cd backend
   python3 -m app.scripts.cleanup_duplicate_feishu_users

---

New Dependencies

Component	Dependency	Required
Backend	loguru>=0.7.0	Yes
Platform	GitHub Token (Company Settings > Skills)	Optional (raises GitHub API rate limit)
Platform	ClawHub API Key (Company Settings > Skills)	Optional (for authenticated ClawHub access)

New Database Changes (auto-applied by Alembic)

• New table: tenant_settings (per-tenant key-value configuration)
• New migration: df3da9cf3b27 (adds missing columns from Docker entrypoint to Alembic)

v1.7.0

Clawith v1.7.0 Release Notes

🏢 Multi-Tenant Self-Registration System
Users can now create their own companies/workspaces independently, no invitation code required! Workspaces created by users can still let others join via an invitation code. A new independent "Platform Admin" management page has been added for organization oversight.
Data is now fully isolated by company — marking the transition from a single-tenant system to a true multi-tenant SaaS architecture.

🦞 OpenClaw Agent Integration
You can now connect your locally deployed OpenClaw instances! Clawith communicates with OpenClaw via Gateway. — Breaking platform boundaries and allowing Clawith to manage OpenClaw agents.

💬 DingTalk & WeChat Work Channels
Added stream integration for DingTalk, and Webhook + WebSocket for WeChat Work (WeCom). Feishu (Lark) integration has been upgraded to prioritize WebSocket. — Covering the top 3 mainstream enterprise communication platforms in China, allowing seamless agent access.

🔌 MCP SSE Transport + Auto OAuth Recovery
The MCP client now supports Server-Sent Events (SSE) transport. Added automatic re-authorization when Smithery OAuth tokens expire.

🧠 LLM Fallback Model + Per-Model Token Configuration
Automatically switches to a predefined fallback model when the primary model is unavailable. Added support for configuring max_output_tokens on a per-model basis.

🔔 Notification & Approval System
A unified notification center with a creator-level approval flow. Tool actions can now be set to auto-execute only after human approval. — A safety valve for autonomous agent actions, keeping humans the final decision-makers.

💭 Chat Experience Enhancements

• Added a "Stop Generation" button.
• Support for uploading up to 10 files at once.
• Added message timestamps.
• Optimized PDF document parsing and uploading.
• Accurate real-time tracking of token usage.

🔧 Other Optimizations
Continuous code refactoring and performance optimizations under the hood.

---

🛠️ Upgrade Guide

Option A: Docker Deployment (Recommended)

1. Pull the latest code:

   git pull origin main

2. Check environment variables (Optional):

   # Note the new AGENT_DATA_DIR in .env.example; update your .env if needed.
   diff .env .env.example

3. Rebuild and restart services:

   docker compose down
   docker compose up -d --build

   During startup, entrypoint.sh will automatically run alembic upgrade head and the new migrate_schedules_to_triggers.py script. No manual intervention is required.

4. Verify the upgrade:
   Visit the frontend page and ensure you can see the new "AdminCompanies" panel in "Enterprise Settings". This indicates a successful upgrade.

---

Option B: Source Deployment

Source deployments now also benefit from fully automated data scripts. Just pull, update dependencies, and restart.

1. Pull the latest code:

   git pull origin main

2. Run Alembic database migrations:

   cd backend
   alembic upgrade head

   Note: v1.7.0 has patched the 17 raw SQL fields that were previously missing from source deployments (only available in Docker's entrypoint.sh). Running alembic upgrade head here safely ensures your development database has the exact same stable schema as the Docker production environment using idempotent (IF NOT EXISTS) operations.

3. Update backend dependencies and restart:

   pip install -r requirements.txt
   bash restart.sh
   # Or use your custom backend restart command

   restart.sh natively calls the data compatibility script (migrate_schedules_to_triggers.py). This script is idempotent, meaning it runs safely on every restart without requiring manual execution.

4. Rebuild and deploy the frontend:

   cd ../frontend
   npm install
   rm -rf dist node_modules/.vite
   npm run build
   
   # If you use Nginx or similar to serve static files, replace your original service directory with the contents of the newly built 'dist' folder.

v1.6.0 — Feishu Deep Integration, Email Tools & Agent-to-Agent Tool Calling

Clawith v1.6.0

New Features

Feishu / Lark Deep Integration
Complete Feishu integration with calendar, document, and contacts tools — all visible and configurable in the agent's Tools page:

• feishu_calendar_create/list/update/delete — Create and manage calendar events, invite colleagues by name
• feishu_doc_read/create/append — Read, create, and append content to Feishu documents
• feishu_user_search — Search the Feishu directory by name to find colleagues' open_id, email, and department
• send_feishu_message — Message colleagues directly through Feishu
• Rich text (Post) messages — Agents process Feishu post messages with mixed image+text, including vision understanding
• File support — Receive files sent via Feishu, auto-fallback to download URL when upload permission is insufficient
• Message history — Outgoing Feishu messages are persisted to chat history with agent identity signature
• Organization sync — Feishu webhook auto-resolves sender identity and creates/links platform user accounts
• Feishu tools are only available to agents with a configured Feishu channel (automatically filtered)

Email Tools (IMAP/SMTP)
Agents can now send, read, and reply to emails directly. Supports QQ Mail, 163, Gmail, Outlook, Tencent Enterprise, Aliyun Enterprise, and custom SMTP/IMAP configurations. Includes a one-click "Test Connection" button in the tool settings panel.

• send_email — Send emails with subject, body, CC, and workspace file attachments
• read_emails — Read inbox with IMAP search criteria (FROM, SUBJECT, SINCE)
• reply_email — Reply to a specific email maintaining thread headers

Agent-to-Agent Tool Calling
When one agent sends a message to another agent via send_message_to_agent, the target agent now has full access to all its tools (search, code execution, file operations, etc.). Previously, agent-to-agent communication was limited to a single text-only LLM call with no tool support. The target agent can now execute up to 5 rounds of tool calls before responding.

Token Usage Tracking

• Added lazy daily/monthly token counter reset — counters automatically reset on the first API call of a new day or month
• Added tokens_used_total (lifetime counter) that never resets
• Token numbers now display with K/M suffixes (e.g., 142.5K, 3.1M) instead of raw numbers
• New "Total Token" card on the Agent Status page

Multi-Session Web Chat
Complete redesign of the Chat tab with a session sidebar. Users can create multiple chat sessions with the same agent, and admins can view all users' sessions via the "All Users" tab with a user filter dropdown.

Agent Expiry Management
Admins can now set, extend, shrink, or remove agent expiration dates via a modal editor. Expired agents reject WebSocket connections, channel messages receive an "unavailable" reply, and scheduled triggers are automatically skipped.

Jina AI Search & Reader
Replaced the old bing_search and read_webpage tools with superior Jina AI alternatives:

• jina_search — High-quality internet search via s.jina.ai
• jina_read — Clean markdown extraction from any URL via r.jina.ai
• System prompt now explicitly lists web search capabilities so agents proactively use search tools

Document Parsing
Added read_document tool supporting PDF, Word (.docx), Excel (.xlsx), and PowerPoint (.pptx) file parsing. Enhanced DOCX reader extracts tables, text boxes, and headers (critical for resume-style documents).

Channel File Support
Agents can now receive files sent through Feishu, Slack, and Discord channels. The send_channel_file tool enables agents to send workspace files back to users through any connected channel.

Per-Agent Tool Configuration
Agents now have individual tool configurations. Admins can scope which MCP tools are available to each agent, configure tool-specific settings (API keys, limits), and view all agent-installed tools in a unified admin panel.

Improvements

• Tool UI Visibility — All tools (including Feishu, email, pulse, social, code, discovery) now show proper category labels in the Tools page
• Chat Overflow Fix — Long tool call arguments no longer cause horizontal scrollbars in the chat window
• Approval System — Approvals now show the agent name, and admins can see all pending approvals across agents
• WebSocket Performance — WebSocket connections now accept immediately before DB setup, reducing onopen latency from ~5s to <100ms
• Tool Result Display — Full tool results shown in chat (removed 500-char truncation, expanded to 3000 chars in WebSocket, 240px height in UI)
• Channel Session Tracking — Unified session management across Feishu, Slack, and Discord with proper sender attribution and channel badges
• Heartbeat Default — Changed default heartbeat interval from 30 to 120 minutes
• Markdown Rendering — Improved markdown table borders, code blocks, and overall formatting in chat
• Branding — Updated login hero to "Clawith — OpenClaw for Teams" with new crab claw logo
• Docker Builds — Added Tsinghua/npmmirror mirrors for faster builds in China
• README Updates — All 5 language versions updated with Slack/Discord/Jina highlights and new core concepts

Full Changelog

v1.5.1...v1.6.0

v1.5.1 — Thinking Indicator & Microsoft Teams

Clawith v1.5.1

New Features

Agent Thinking Indicator
When chatting with an agent in the web interface, a "Thinking..." indicator with animated pulsing dots now appears immediately after sending a message. The indicator persists throughout the entire agent processing pipeline — thinking, tool calls, and content generation — until the final response arrives. This provides clear visual feedback so users know the agent is actively working.

• Animated pulsing dots with localized text ("Thinking..." / "思考中...")
• Covers both the AgentDetail chat panel and standalone Chat page
• chatWaiting state ensures the indicator is visible from message send through done event

Microsoft Teams Integration
Added support for Microsoft Teams as a communication channel. Agents can now be connected to Teams via Azure Bot Service, enabling direct messaging through the Teams client.

• Single-tenant Azure AD app registration support
• Localtunnel support for local development testing
• Step-by-step setup guide in all 5 languages (EN, 中文, 日本語, 한국어, Español)

Improvements

• README: Updated all 5 language versions to highlight Aware as the primary differentiator
• i18n: Added agent.chat.thinking key for EN and Chinese

Full Changelog

v1.5.0...v1.5.1