chore(openclaw): 升级 OpenClaw 至 2026.4.21

[xzq-xu]

OpenClaw 版本更新

项目	值
当前版本	2026.4.8
最新版本	2026.4.21
Release	https://github.com/openclaw/openclaw/releases/tag/v2026.4.21

CHANGELOG 摘要

展开查看

2026.4.21

Changes

• OpenAI/images: default the bundled image-generation provider and live media smoke tests to gpt-image-2, and advertise the newer 2K/4K OpenAI size hints in image-generation docs and tool metadata.

Fixes

• Plugins/doctor: repair bundled plugin runtime dependencies from doctor paths so packaged installs can recover missing channel/provider dependencies without broad core dependency installs.
• Image generation: log failed provider/model candidates at warn level before automatic provider fallback, so OpenAI image failures are visible in the gateway log even when a later provider succeeds.
• Auth/commands: require owner identity (an owner-candidate match or internal operator.admin) for owner-enforced commands instead of treating wildcard channel allowFrom or empty owner-candidate lists as sufficient, so non-owner senders can no longer reach owner-only commands through a permissive fallback when enforceOwnerForCommands=true and commands.ownerAllowFrom is unset. (#69774) Thanks @drobison00.
• Slack: preserve thread aliases in runtime outbound sends so generic runtime sends stay in the intended Slack thread when the caller supplies threadTs. (#62947) Thanks @bek91.
• Browser: reject invalid ax<N> accessibility refs in act paths immediately instead of waiting for the browser action timeout. (#69924) Thanks @Patrick-Erichsen.
• npm/install: mirror the node-domexception alias into root package.json overrides, so npm installs stop surfacing the deprecated google-auth-library -> gaxios -> node-fetch -> fetch-blob -> node-domexception chain pulled through Pi/Google runtime deps. Thanks @vincentkoc.

集成面检查清单

对照 ee/docs/OpenClaw集成面清单.md，逐项确认新版本兼容性：

• 配置 Schema — openclaw.json Zod strict schema 是否接受我们写入的全部字段
• 文件系统路径 — /root/.openclaw/ 目录结构是否变更
• Session 文件格式 — sessions.json / .jsonl 结构是否变更
• Channel Plugin SDK — openclaw/plugin-sdk API 是否有 breaking change
• Gateway 协议 — 端口 (18789/9721)、/healthz、认证方式是否变更
• CLI 行为 — openclaw gateway 参数是否变更
• Gene/Skill 注入 — SKILL.md 格式、extraDirs 机制是否变更
• 安全管道 — tools.exec.* 配置项、Security WebSocket 协议是否变更
• 镜像验证 — ./verify.sh <image:tag> 全部 PASS

---

此 PR 由 GitHub Actions 自动创建。

合并后请：

1. 构建新镜像：./build.sh openclaw --version 2026.4.21
2. 运行验证：./verify.sh <image:tag>
3. 在引擎版本管理中发布新版本

[Xy718]

Superseded by #246, which tracks the latest OpenClaw target version (2026.5.7). Closing this older upgrade PR to keep the queue focused.