Pulled from GitHub Releases

Changelog

Every release of netclaw-dev/netclaw. Pick a version from the sidebar — this page rebuilds whenever a new release is published.

v0.8.0

Netclaw 0.8.0

0.8.0 2026-03-25

Netclaw v0.8.0 — Memory pipeline overhaul, trust context policy, Slack message delivery fix, and update signature verification

Memory

  • Overhauled memory formation, recall, and curation — stopped raw tool outputs from polluting the memory database (previously ~71% of records were junk web_search/web_fetch dumps), cached recall resolution at turn boundaries instead of re-running on every tool-loop LLM call, and added exclusion-based progressive recall so each turn surfaces different relevant memories instead of repeating the same top results. (#380)
  • Added session-level memory observer actor — a persistent child actor watches the conversation stream and distills memories when the session goes idle (90s), replacing the previous per-turn observation that produced zero proposals. Proposals flow through the existing gate/curation pipeline, and the observer journals proposed anchors so its skip list survives across actor incarnations. (#410)

Security

  • Added minisign Ed25519 signature verification to netclaw update and all background update checks — the manifest is now verified against an embedded public key before trusting its contents. Missing or invalid signatures fail closed with no fallback to unsigned manifests. Background update checks now run on a 24-hour periodic timer and emit UpdateAvailable operational alerts via webhooks. (#393)
  • Added trust context policy with channel audiences and global read roots — operators can now configure per-channel audience overrides in Slack.ChannelAudiences (resolution: explicit channel ID, then "dm" key, then heuristic fallback). Skills and identity files are always readable regardless of audience profile via GlobalReadRoots. The init wizard now generates a Security section with smart defaults derived from deployment posture, and netclaw doctor enforces that both Security and Tools config sections are present. (#387)

Slack

  • Fixed Slack sessions receiving dropped final responses and duplicate message posts — the root cause was TextDeltaOutput (streaming) and TextOutput (final) both emitting under the same OutputFilter.Text flag. Added a new OutputFilter.TextStreaming flag so Slack subscribes only to final assembled text while the TUI continues to receive both streams. Also fixed slash-command IO failures silently falling through to the LLM instead of surfacing an error. (#407)

Skills

  • Replaced keyword-based skill matching with LLM-driven description menu — the skill index context layer now presents skill descriptions directly to the LLM, which loads relevant skills via file_read. Removed the entire keyword matching pipeline including IDF scoring, keyword enrichment sidecar, keyword cache I/O, and auto-load state from LlmSessionActor. (#380)
  • Skill enrichment now runs in the background instead of blocking daemon startup, fixing startup and healthcheck timeouts on slower hardware or when multiple skills need enrichment. (#407)
  • Breaking (operators with custom skill references): System skills consolidated from 6 to 4 — netclaw-diagnostics, netclaw-identity, and netclaw-manual were removed and their content merged into netclaw-operations and the remaining skills. Operators referencing the old skill names in custom configurations or scripts will need to update those references. (#380)

CLI / TUI

  • Fixed the provider manager TUI crashing when two providers shared the same type (e.g., two openai-compatible entries with different endpoints) — the display now shows all configured instances and supports adding additional instances of any type. (#385)
  • Renamed the openai-compatible provider display from "OpenAI-Compatible" to "llama.cpp / vLLM" to better describe the actual servers it supports. No changes to config format or internal type keys. (#383)

Dependencies

  • Bumped Akka.NET to 1.5.63 — includes a critical Akka.Remote fix for stale ACKs causing irrecoverable quarantine after transient network disruptions. All users running clustered deployments should upgrade. (#397)
  • Bumped Microsoft.Extensions.AI packages to 10.4.1 and adapted to OpenAI SDK 2.9.1 breaking change where ResponsesClient no longer accepts a model parameter in its constructor. (#392)