@a1hvdy/cc-openclaw 0.27.2 → 0.27.4

package/dist/src/channels/telegram-mirror/card-renderer.d.ts

@@ -15,6 +15,7 @@
  */
 import type { Turn, ToolCallRecord } from './state-machine.js';
 import type { CardMeta } from './card-state.js';
+export declare function toolDiffBlock(tc: ToolCallRecord): string;
 /**
  * Format one tool-call line for inclusion in the rendered card body.
  *   "✓ Bash · ls -la"
@@ -36,28 +37,6 @@ export declare function renderToolLine(tc: ToolCallRecord): string;
  * without depending on MarkdownV2 escapes. Empty thinking returns ''.
  */
 export declare function renderThinkingBlock(thinkingText: string): string;
-/**
- * Render the full turn into a Telegram-safe message body. The mirror keeps
- * a single message per turn that gets edited in place — this function is
- * idempotent for a given turn snapshot and produces the next body string.
- *
- * Body shape (lines separated by \n):
- *
- *   ▶ Working           ← or "✓ Done" when state==='done'
- *   ✓ Bash · ls -la     ← one line per tool call, in arrival order
- *   … Read · src/x.ts
- *   <empty line>
- *   💭 Thinking         ← M6, only when thinkingText non-empty
- *   > reasoning line 1
- *   > reasoning line 2
- *   <empty line>
- *   <assistant text>    ← present only when non-empty;
- *                          ★ Insight ─ blocks preserved INLINE
- *                          at their emission position (M6).
- *
- * Lines with no content (e.g. empty tool list, empty assistant text) are
- * omitted entirely so the rendered body never has trailing whitespace.
- */
 export declare function renderTurn(turn: Turn, meta?: CardMeta): string;
 /**
  * A render action — abstraction the dispatch layer (added in a later

package/dist/src/channels/telegram-mirror/card-renderer.js

@@ -101,8 +101,13 @@ function toolResultText(tc) {
  * readable (Telegram's 4096-char message cap) while still surfacing tool output
  * the way the CLI shows it inline.
  */
-const RESULT_MAX_LINES = 3;
-const RESULT_MAX_CHARS = 200;
+// v0.27.4 M3 — CLI-parity gap #4: the prior 3-line/200-char cap was far stingier
+// than the terminal (which shows full, scrollable output). Raised to 10 lines/500
+// chars — a ~2.5× visibility gain that stays card-safe because renderTurn's
+// per-entry budget loop renders newest-first and collapses older tools to a
+// "… +N earlier" marker, so a single fat result can't starve the others.
+const RESULT_MAX_LINES = 10;
+const RESULT_MAX_CHARS = 500;
 function truncateResult(s) {
     const lines = s.split('\n');
     let cut = lines.length > RESULT_MAX_LINES;
@@ -113,6 +118,70 @@ function truncateResult(s) {
     }
     return cut ? out.replace(/\s+$/, '') + '\n…' : out;
 }
+/**
+ * v0.27.4 M2 — CLI-parity gap #3: render a compact file diff for Edit / Write /
+ * MultiEdit from the tool INPUT (the result payload is only "File updated", so
+ * the meaningful change is in old_string/new_string / content / edits[]). Mirrors
+ * the terminal's inline diff: `- removed` / `+ added` lines, capped for the card.
+ * Returns RAW text (caller wraps in a <pre> block, which HTML-escapes it). '' for
+ * non-edit tools or empty input (no-fake-data — never invents a diff).
+ */
+const DIFF_MAX_LINES = 8;
+const DIFF_MAX_CHARS = 320;
+function truncateDiff(lines) {
+    let cut = lines.length > DIFF_MAX_LINES;
+    let out = lines.slice(0, DIFF_MAX_LINES).join('\n');
+    if (out.length > DIFF_MAX_CHARS) {
+        out = out.slice(0, DIFF_MAX_CHARS);
+        cut = true;
+    }
+    return cut ? out.replace(/\s+$/, '') + '\n…' : out;
+}
+export function toolDiffBlock(tc) {
+    const n = tc.name.toLowerCase();
+    const input = tc.input;
+    if (!input || typeof input !== 'object')
+        return '';
+    const lines = [];
+    if (n === 'edit') {
+        const oldS = typeof input.old_string === 'string' ? input.old_string : '';
+        const newS = typeof input.new_string === 'string' ? input.new_string : '';
+        if (!oldS && !newS)
+            return '';
+        for (const l of oldS.split('\n'))
+            lines.push(`- ${l}`);
+        for (const l of newS.split('\n'))
+            lines.push(`+ ${l}`);
+    }
+    else if (n === 'multiedit') {
+        const edits = Array.isArray(input.edits) ? input.edits : [];
+        if (edits.length === 0)
+            return '';
+        lines.push(`~ ${edits.length} edit${edits.length === 1 ? '' : 's'}`);
+        const first = edits[0];
+        if (first) {
+            const oldS = typeof first.old_string === 'string' ? first.old_string : '';
+            const newS = typeof first.new_string === 'string' ? first.new_string : '';
+            for (const l of oldS.split('\n'))
+                lines.push(`- ${l}`);
+            for (const l of newS.split('\n'))
+                lines.push(`+ ${l}`);
+        }
+    }
+    else if (n === 'write') {
+        const content = typeof input.content === 'string' ? input.content : '';
+        if (!content)
+            return '';
+        const contentLines = content.split('\n');
+        lines.push(`+ new file (${contentLines.length} line${contentLines.length === 1 ? '' : 's'})`);
+        for (const l of contentLines)
+            lines.push(`+ ${l}`);
+    }
+    else {
+        return '';
+    }
+    return truncateDiff(lines);
+}
 /**
  * Format one tool-call line for inclusion in the rendered card body.
  *   "✓ Bash · ls -la"
@@ -199,8 +268,27 @@ export function renderThinkingBlock(thinkingText) {
  * Lines with no content (e.g. empty tool list, empty assistant text) are
  * omitted entirely so the rendered body never has trailing whitespace.
  */
+/**
+ * Telegram hard-caps a single message at 4096 chars; an edit that exceeds it is
+ * rejected outright (and editTg's fallback can't help — same oversized text).
+ * v0.27.3: budget the rendered body. v0.27.0 M2 began emitting a
+ * <pre><code> result block under every tool line, which on a heavy multi-tool
+ * turn (e.g. a 15-Bash version check) silently blew past 4096 → every edit
+ * failed → the card froze as a bare "✓ Done" with no activity. The fix renders a
+ * GUARANTEED spine (status + header + tool LINES) first, then adds the richer,
+ * droppable blocks (result previews, todos, thinking, assistant text) only while
+ * budget remains. The card therefore always shows the tool activity.
+ */
+const TG_BODY_BUDGET = 3900; // margin under the 4096 hard cap (entities + safety)
 export function renderTurn(turn, meta) {
     const lines = [];
+    // Running length tracker (string.length + the join newline). O(1) per push;
+    // avoids re-joining the array on every budget check.
+    let used = 0;
+    const push = (s) => {
+        lines.push(s);
+        used += s.length + 1;
+    };
     // v0.26.2 M1 — CC-CLI-style status line at the top (model · CC ver · ⏱ · 🔧 ·
     // bypass). Gated on `meta` presence so legacy no-meta callers (and the initial
     // pre-model inbound card) render exactly as before — no regression. Once the
@@ -210,17 +298,17 @@ export function renderTurn(turn, meta) {
         // v0.27.0 M1 — bold the status line (the card header) via HTML <b>. Content
         // HTML-escaped first ( & < > only — model/version dots & brackets are safe).
         if (status)
-            lines.push(`<b>${escapeHtml(status)}</b>`);
+            push(`<b>${escapeHtml(status)}</b>`);
         // v0.26.2 M2 — meter row (context % + quota % + reset). Same no-fake-data
         // gating: omitted unless real values are present. HTML-escaped for safety.
         const meters = renderMeters(meta);
         if (meters)
-            lines.push(escapeHtml(meters));
+            push(escapeHtml(meters));
         // v0.26.4 styling — divider between the status/telemetry block and the
         // activity block (only when a status block was actually rendered). The
         // heavy-bar glyph is not HTML-significant, so it needs no escaping.
         if (lines.length > 0)
-            lines.push('━━━━━━━━━━━━');
+            push('━━━━━━━━━━━━');
     }
     // Turn-status header. v0.27.0 M4 — a failed turn shows "❌ <reason>" so it
     // never dies as an eternal "…"; reason is HTML-escaped (it's an error message).
@@ -229,42 +317,106 @@ export function renderTurn(turn, meta) {
         : turn.state === 'done'
             ? '✓ Done'
             : '▶ Working';
-    lines.push(header);
+    push(header);
     if (turn.toolCalls.length > 0) {
-        for (const tc of turn.toolCalls) {
-            lines.push(renderToolLine(tc));
-            // v0.27.0 M2 — surface the tool's RESULT as a truncated <pre><code> block
-            // under its line (CLI-style inline output), when there's real text.
+        // Build tool ENTRIES (tool line + its optional <pre><code> result block)
+        // newest-first, keeping what fits under budget; the older overflow collapses
+        // to a "… +N earlier tools" marker. Budgeting the line AND its result block
+        // TOGETHER is the fix for the v0.27.0 regression: the prior code budgeted
+        // lines alone, then result blocks ate the remaining room and the leftover
+        // lines pushed unguarded — bursting Telegram's 4096 cap. Reserve TAIL_RESERVE
+        // so the assistant text / todos / thinking below always have somewhere to go.
+        const TAIL_RESERVE = 700;
+        const cap = TG_BODY_BUDGET - TAIL_RESERVE;
+        const entries = []; // oldest→newest display order
+        let shown = 0;
+        let acc = 0;
+        for (let i = turn.toolCalls.length - 1; i >= 0; i--) {
+            const tc = turn.toolCalls[i];
+            const line = renderToolLine(tc);
+            // v0.27.4 M2 — for Edit/Write/MultiEdit show a diff (from input) instead of
+            // the "File updated" result; other tools keep the result preview.
+            const diffText = toolDiffBlock(tc);
             const resultText = toolResultText(tc);
-            if (resultText)
-                lines.push(pre(truncateResult(resultText)));
+            const block = diffText
+                ? pre(diffText)
+                : resultText
+                    ? pre(truncateResult(resultText))
+                    : '';
+            const withBlock = block ? `${line}\n${block}` : line;
+            // Prefer line+block; if that bursts the cap, fall back to the line alone
+            // (the result preview is the droppable part, the activity line is not).
+            if (used + acc + withBlock.length + 1 <= cap) {
+                entries.unshift(withBlock);
+                acc += withBlock.length + 1;
+                shown++;
+            }
+            else if (used + acc + line.length + 1 <= cap) {
+                entries.unshift(line);
+                acc += line.length + 1;
+                shown++;
+            }
+            else {
+                break; // no room for even the bare line → stop; rest become "+N earlier"
+            }
         }
+        const hidden = turn.toolCalls.length - shown;
+        if (hidden > 0)
+            push(`… +${hidden} earlier tool${hidden === 1 ? '' : 's'}`);
+        for (const e of entries)
+            push(e);
     }
     // v0.26.2 M4 — todo checklist (real data from the agent's TodoWrite calls).
     // Escaped as a block (glyphs are safe; content + the "+N more" plus sign are
     // not, so the whole block goes through the escaper).
     const todoBlock = renderTodos(meta);
     if (todoBlock) {
-        lines.push('');
-        lines.push(escapeHtml(todoBlock));
+        const block = escapeHtml(todoBlock);
+        if (used + block.length + 2 <= TG_BODY_BUDGET) {
+            push('');
+            push(block);
+        }
     }
     // Defensive default — Turn.thinkingText is required by the interface, but
     // some test helpers and pre-M6 fixtures construct Turn-shaped objects
     // without setting it. Treat absent / undefined as empty.
     const thinking = renderThinkingBlock(turn.thinkingText ?? '');
-    if (thinking.length > 0) {
-        lines.push('');
-        lines.push(thinking);
+    if (thinking.length > 0 && used + thinking.length + 2 <= TG_BODY_BUDGET) {
+        push('');
+        push(thinking);
     }
     const text = turn.assistantText.trim();
     if (text.length > 0) {
-        lines.push('');
         // v0.27.0 M1 — render the model's markdown as Telegram HTML with structure
         // preserved (**bold**→<b>, `code`→<code>, ```bash fences→<pre><code
         // class="language-bash">). HTML-escapes all remaining content (& < >).
-        lines.push(markdownToHtml(text));
+        // Budget-aware: if the full text won't fit, render a truncated head so the
+        // card still ends with readable context rather than dropping it entirely.
+        const room = TG_BODY_BUDGET - used - 2;
+        if (room > 0) {
+            const full = markdownToHtml(text);
+            if (full.length <= room) {
+                push('');
+                push(full);
+            }
+            else if (room > 240) {
+                // Truncate the SOURCE before markdown→HTML so we never split an HTML tag
+                // mid-emit (which would break Telegram's parser). Leave slack for the "…".
+                const headSrc = text.slice(0, room - 40).replace(/\s+\S*$/, '');
+                push('');
+                push(markdownToHtml(headSrc) + '\n…');
+            }
+        }
     }
-    return lines.join('\n');
+    // Guaranteed safety net: even if the budgeted assembly above has a logic gap,
+    // a card MUST NOT exceed Telegram's 4096-char hard cap (an over-cap edit is
+    // rejected outright). A blunt slice here can split an HTML tag, but editTg's
+    // hardened plain-text fallback strips tags on rejection, so this degrades
+    // gracefully rather than freezing the card.
+    const body = lines.join('\n');
+    if (body.length <= 4096)
+        return body;
+    return body.slice(0, 4095) + '…';
 }
 /**
  * Decide whether the current turn snapshot should be sent (first render)

package/dist/src/channels/telegram-mirror/commands.d.ts

@@ -126,6 +126,22 @@ export declare function handleCancel(ctx: CommandContext): CommandResult;
  * resolver call recordLaptopCheck().
  */
 export declare function handleSoakCheck(ctx: CommandContext): CommandResult;
+/**
+ * Full user-facing command catalogue, used by /help. The TOP_7 are the
+ * phone-tier set synced to Telegram's command menu; the workflow extras
+ * (compose/send/cancel) + help round out what the mirror actually claims.
+ */
+export declare const ALL_COMMANDS: ReadonlyArray<{
+    command: string;
+    description: string;
+}>;
+/**
+ * /help — list the mirror's commands. Discoverability close for gap #6: the 11
+ * commands were previously invisible. Notes the passthrough so the user knows
+ * any other slash (custom skills like /pregoal) or plain text reaches Claude.
+ * HTML-safe content (only the intentional <b> tag); sendTg renders parse_mode:HTML.
+ */
+export declare function handleHelp(ctx: CommandContext): CommandResult;
 export type CommandHandler = (ctx: CommandContext) => CommandResult;
 export declare const COMMAND_HANDLERS: Record<string, CommandHandler>;
 /**

package/dist/src/channels/telegram-mirror/commands.js

@@ -358,6 +358,38 @@ export function handleSoakCheck(ctx) {
         ],
     };
 }
+// ── /help (v0.27.4 M7 — CLI-parity gap #6) ───────────────────────────────
+/**
+ * Full user-facing command catalogue, used by /help. The TOP_7 are the
+ * phone-tier set synced to Telegram's command menu; the workflow extras
+ * (compose/send/cancel) + help round out what the mirror actually claims.
+ */
+export const ALL_COMMANDS = [
+    { command: 'sessions', description: 'List + switch fronted Claude session' },
+    { command: 'new', description: 'Register a new session slug — /new <slug>' },
+    { command: 'stop', description: 'Stop a registered session — /stop <slug>' },
+    { command: 'status', description: 'Show active sessions and their state' },
+    { command: 'cost', description: 'Show Max 20x usage + weekly burn' },
+    { command: 'compact', description: 'Compact context (CLI-only — see note)' },
+    { command: 'rewind', description: 'Rewind a session (CLI-only — see note)' },
+    { command: 'compose', description: 'Start a multi-message draft — finish with /send' },
+    { command: 'send', description: 'Send the composed draft to Claude' },
+    { command: 'cancel', description: 'Cancel the active compose draft' },
+    { command: 'help', description: 'Show this command list' },
+];
+/**
+ * /help — list the mirror's commands. Discoverability close for gap #6: the 11
+ * commands were previously invisible. Notes the passthrough so the user knows
+ * any other slash (custom skills like /pregoal) or plain text reaches Claude.
+ * HTML-safe content (only the intentional <b> tag); sendTg renders parse_mode:HTML.
+ */
+export function handleHelp(ctx) {
+    const lines = ['<b>cc-openclaw Telegram commands</b>', ''];
+    for (const c of ALL_COMMANDS)
+        lines.push(`/${c.command} — ${c.description}`);
+    lines.push('', 'Any other slash command or message is sent straight to Claude.');
+    return { actions: [{ type: 'sendMessage', chat_id: ctx.chatId, text: lines.join('\n') }] };
+}
 export const COMMAND_HANDLERS = {
     sessions: handleSessions,
     new: handleNew,
@@ -370,6 +402,8 @@ export const COMMAND_HANDLERS = {
     send: handleSend,
     cancel: handleCancel,
     'soak-check': handleSoakCheck,
+    help: handleHelp,
+    commands: handleHelp,
 };
 /**
  * Telegram bot commands list — declarative source for M5's setMyCommands sync.

package/dist/src/channels/telegram-mirror/inbound-handler.js

@@ -392,7 +392,7 @@ export function registerInboundHandler(api, state = createHandlerState()) {
         if (parsed && MIRROR_COMMANDS.has(parsed.cmd))
             return undefined;
         const fromKey = chatIdFromSessionKey(event.sessionKey);
-        let chatId = fromKey.chatId || (event.senderId !== undefined ? String(event.senderId) : '');
+        const chatId = fromKey.chatId || (event.senderId !== undefined ? String(event.senderId) : '');
         if (!chatId)
             return undefined;
         const threadId = fromKey.threadId !== undefined ? fromKey.threadId : event.raw?.message?.message_thread_id;

package/dist/src/channels/telegram-mirror/turn-bridge.d.ts

@@ -66,6 +66,17 @@ export declare function pushToolResult(toolUseId: string | undefined, output: un
  * don't hammer Telegram with edits.
  */
 export declare function pushAssistantText(text: string): void;
+/**
+ * Record extended-thinking text on every active card (v0.27.4 M1 — CLI-parity
+ * gap #1). The streaming handler calls this from its `onThinking` callback as
+ * reasoning deltas arrive, passing the CUMULATIVE buffer (not the delta) — so
+ * the live card grows a 💭 block exactly the way the terminal streams thinking
+ * before the answer. Overwrites turn.thinkingText (same pattern as
+ * pushAssistantText), debounced repaint. Only fires while surfaceThinking is on
+ * (the handler gates the callback), so card-thinking matches the CLI's
+ * thinking-visibility setting rather than leaking reasoning unconditionally.
+ */
+export declare function pushThinking(text: string): void;
 /**
  * Finalize every active card at the END of a model turn. Flips each card's
  * turn to 'done' (so renderTurn shows "✓ Done"), repaints once, and removes

package/dist/src/channels/telegram-mirror/turn-bridge.js

@@ -113,6 +113,7 @@ export function readQuotaMeta() {
 // low-frequency, so log every call (including the cards=0 failure case, logged
 // BEFORE the early return). pushAssistantText is per-chunk, so throttle it.
 let _lastTextLogAt = 0;
+let _lastThinkLogAt = 0;
 function logPush(kind, cards, extra) {
     process.stderr.write(`[cc-openclaw/turn-bridge] ${kind} pid=${process.pid} ${cardStateDebug()}${extra}\n`);
 }
@@ -228,6 +229,36 @@ export function pushAssistantText(text) {
         void repaint(chatId, /* force */ false);
     }
 }
+/**
+ * Record extended-thinking text on every active card (v0.27.4 M1 — CLI-parity
+ * gap #1). The streaming handler calls this from its `onThinking` callback as
+ * reasoning deltas arrive, passing the CUMULATIVE buffer (not the delta) — so
+ * the live card grows a 💭 block exactly the way the terminal streams thinking
+ * before the answer. Overwrites turn.thinkingText (same pattern as
+ * pushAssistantText), debounced repaint. Only fires while surfaceThinking is on
+ * (the handler gates the callback), so card-thinking matches the CLI's
+ * thinking-visibility setting rather than leaking reasoning unconditionally.
+ */
+export function pushThinking(text) {
+    const chats = activeChatIds();
+    const now = Date.now();
+    if (chats.length === 0 || now - _lastThinkLogAt > 1500) {
+        _lastThinkLogAt = now;
+        logPush('pushThinking', chats.length, ` len=${text.length}`);
+    }
+    if (chats.length === 0)
+        return;
+    for (const chatId of chats) {
+        const card = cardState.get(chatId);
+        if (!card)
+            continue;
+        const turn = card.sm.getTurn(chatId);
+        if (!turn || turn.state !== 'working')
+            continue;
+        turn.thinkingText = text;
+        void repaint(chatId, /* force */ false);
+    }
+}
 /**
  * Finalize every active card at the END of a model turn. Flips each card's
  * turn to 'done' (so renderTurn shows "✓ Done"), repaints once, and removes

package/dist/src/constants.d.ts

@@ -36,6 +36,16 @@ export declare const TURN_TIMEOUT_MS = 900000;
 export declare const STALLED_SESSION_KILL_MS = 180000;
 /** How often the stalled-session watchdog scans the sessions Map. */
 export declare const STALLED_WATCH_INTERVAL_MS = 30000;
+/** v0.27.4 (M4/M6) — resume-freshness window for openai-compat sessions.
+ *  After a gateway restart OR a stalled-session watchdog SIGTERM, the in-process
+ *  session object is gone; without this, the next turn for the same chat spawns
+ *  a FRESH Claude conversation (no --resume) and the user loses all context.
+ *  When an openai-compat session opts in (config.resumeFreshnessMs), the next
+ *  turn resumes the prior Claude session ONLY if it was active within this
+ *  window — older sessions start fresh, preserving the anti-stale intent that
+ *  motivated skipPersistence. Default 30 min; env-overridable at the use site
+ *  via CC_OPENCLAW_RESUME_FRESHNESS_MS. */
+export declare const RESUME_FRESHNESS_MS = 1800000;
 /** Runaway-loop watchdog: max new cc-openclaw subprocess spawns within
  *  RUNAWAY_LOOP_WINDOW_MS before the next spawn is refused.
  *

package/dist/src/constants.js

@@ -39,6 +39,16 @@ export const TURN_TIMEOUT_MS = 900_000;
 export const STALLED_SESSION_KILL_MS = 180_000;
 /** How often the stalled-session watchdog scans the sessions Map. */
 export const STALLED_WATCH_INTERVAL_MS = 30_000;
+/** v0.27.4 (M4/M6) — resume-freshness window for openai-compat sessions.
+ *  After a gateway restart OR a stalled-session watchdog SIGTERM, the in-process
+ *  session object is gone; without this, the next turn for the same chat spawns
+ *  a FRESH Claude conversation (no --resume) and the user loses all context.
+ *  When an openai-compat session opts in (config.resumeFreshnessMs), the next
+ *  turn resumes the prior Claude session ONLY if it was active within this
+ *  window — older sessions start fresh, preserving the anti-stale intent that
+ *  motivated skipPersistence. Default 30 min; env-overridable at the use site
+ *  via CC_OPENCLAW_RESUME_FRESHNESS_MS. */
+export const RESUME_FRESHNESS_MS = 1_800_000;
 /** Runaway-loop watchdog: max new cc-openclaw subprocess spawns within
  *  RUNAWAY_LOOP_WINDOW_MS before the next spawn is refused.
  *

package/dist/src/lib/error-formatter.d.ts

@@ -49,7 +49,12 @@ export interface ErrorContext {
 export interface FormattedError {
     /** NDJSON-ready row */
     jsonlRow: ErrorJsonlRow;
-    /** Telegram message text (MarkdownV2-safe) */
+    /**
+     * Telegram message text (HTML parse_mode). v0.27.3 — converted from
+     * MarkdownV2 to HTML so the entire Telegram surface (live card + error
+     * alerts) renders through ONE parse mode. error-renderer sends this with
+     * parse_mode: 'HTML'.
+     */
     telegramText: string;
 }
 export interface ErrorJsonlRow {
@@ -64,7 +69,14 @@ export interface ErrorJsonlRow {
 }
 /** Extract a usable message from unknown thrown values. */
 export declare function extractMessage(error: unknown): string;
-/** Escape characters special to Telegram MarkdownV2. */
+/**
+ * Escape characters special to Telegram MarkdownV2.
+ *
+ * v0.27.3 — RETAINED for back-compat (and its own unit tests) but no longer
+ * used by formatError, which now emits HTML (see the telegramText block) so the
+ * whole Telegram surface renders through one parse mode. Kept exported in case a
+ * caller still needs MarkdownV2 escaping.
+ */
 export declare function escapeMdV2(text: string): string;
 /**
  * Pure formatter — no side effects on the return value, but DOES emit

package/dist/src/lib/error-formatter.js

@@ -80,7 +80,14 @@ function extractStack(error) {
     }
     return undefined;
 }
-/** Escape characters special to Telegram MarkdownV2. */
+/**
+ * Escape characters special to Telegram MarkdownV2.
+ *
+ * v0.27.3 — RETAINED for back-compat (and its own unit tests) but no longer
+ * used by formatError, which now emits HTML (see the telegramText block) so the
+ * whole Telegram surface renders through one parse mode. Kept exported in case a
+ * caller still needs MarkdownV2 escaping.
+ */
 export function escapeMdV2(text) {
     // Per Telegram docs, these must be escaped: _ * [ ] ( ) ~ ` > # + - = | { } . !
     return text.replace(/[_*[\]()~`>#+=|{}.!\\-]/g, (c) => `\\${c}`);
@@ -97,6 +104,7 @@ const SEVERITY_EMOJI = {
 // are unset, so the import itself has zero runtime cost.
 import { emit as emitTrajectory } from './trajectory.js';
 import { metricsRegistry } from '../health/metrics.js';
+import { escapeHtml } from './html-render.js';
 /**
  * Pure formatter — no side effects on the return value, but DOES emit
  * trajectory + metrics events for centralized observability per Pillars A+B.
@@ -128,27 +136,31 @@ export function formatError(error, context) {
         ...(stack !== undefined ? { stack } : {}),
         ...(context.details !== undefined ? { details: context.details } : {}),
     };
+    // v0.27.3 — emit Telegram HTML (sent with parse_mode: 'HTML' by
+    // error-renderer) so error alerts share the live card's single render path.
+    // <b> code, <code> message, <i> timestamp; all interpolated text is
+    // HTML-escaped (& < >) so a stray < in a message can't break the parser.
     const emoji = SEVERITY_EMOJI[severity];
-    const safeCode = escapeMdV2(context.code);
-    const safeMsg = escapeMdV2(message.length > 300 ? message.slice(0, 300) + '...' : message);
-    const safeTs = escapeMdV2(ts.slice(0, 19).replace('T', ' '));
+    const safeCode = escapeHtml(context.code);
+    const safeMsg = escapeHtml(message.length > 300 ? message.slice(0, 300) + '...' : message);
+    const safeTs = escapeHtml(ts.slice(0, 19).replace('T', ' '));
     const lines = [
-        `${emoji} *${safeCode}*`,
-        `\`${safeMsg}\``,
-        `_${safeTs}_`,
+        `${emoji} <b>${safeCode}</b>`,
+        `<code>${safeMsg}</code>`,
+        `<i>${safeTs}</i>`,
     ];
     if (context.sessionId) {
-        lines.push(`session: \`${escapeMdV2(context.sessionId)}\``);
+        lines.push(`session: <code>${escapeHtml(context.sessionId)}</code>`);
     }
     if (context.laptopId) {
-        lines.push(`laptop: \`${escapeMdV2(context.laptopId)}\``);
+        lines.push(`laptop: <code>${escapeHtml(context.laptopId)}</code>`);
     }
     if (context.details && Object.keys(context.details).length > 0) {
         const detailParts = Object.entries(context.details)
             .slice(0, 5)
-            .map(([k, v]) => `${escapeMdV2(k)}: ${escapeMdV2(String(v))}`)
+            .map(([k, v]) => `${escapeHtml(k)}: ${escapeHtml(String(v))}`)
             .join(', ');
-        lines.push(`_${detailParts}_`);
+        lines.push(`<i>${detailParts}</i>`);
     }
     const telegramText = lines.join('\n');
     return { jsonlRow, telegramText };

package/dist/src/lib/error-renderer.js

@@ -67,7 +67,9 @@ export async function renderError(formatted, opts = {}) {
     const params = {
         chat_id: chatId,
         text: telegramText,
-        parse_mode: 'MarkdownV2',
+        // v0.27.3 — HTML (formatter now emits HTML) so error alerts share the live
+        // card's single render path. The 400-fallback below sends plain text.
+        parse_mode: 'HTML',
     };
     if (opts.threadId)
         params.message_thread_id = opts.threadId;

package/dist/src/lib/html-render.d.ts

@@ -18,26 +18,18 @@
 export declare function escapeHtml(text: string | null | undefined): string;
 /** Inline monospace span: `<code>escaped</code>`. */
 export declare function code(s: string): string;
+/**
+ * Strip Telegram HTML markup back to readable plain text (v0.27.3). Used
+ * by editTg's plain-text fallback: when an HTML edit is rejected, re-sending the
+ * SAME string without parse_mode would dump literal `<b>`/`<pre>` tags into the
+ * chat. This removes the tags and decodes the basic entities so the fallback
+ * stays legible. Not a general sanitizer — scoped to the tags this module emits.
+ */
+export declare function stripHtml(input: string | null | undefined): string;
 /**
  * Fenced code block: `<pre><code class="language-LANG">escaped</code></pre>`.
  * Omits the class when no language is given. Body is HTML-escaped (the only
  * escaping Telegram requires inside pre/code).
  */
 export declare function pre(body: string, lang?: string): string;
-/**
- * Convert a subset of CommonMark Markdown to Telegram HTML with structure
- * preserved (`**bold**`→`<b>`, fenced blocks→`<pre><code>`, etc.). Returns ''
- * for null/undefined.
- *
- * Algorithm (placeholder substitution, NUL-sentinel keyed — mirrors
- * markdown-to-mdv2.ts so behaviour is auditable side-by-side):
- *   1. code fences  → <pre><code [class]>…</code></pre>
- *   2. inline code  → <code>…</code>
- *   3. bold (**…**) → <b>…</b>
- *   4. italic (*…* / _…_) → <i>…</i>
- *   5. ATX headers (#…) at line start → <b>…</b>
- *   6. links [label](url) → <a href="url">label</a>
- *   7. escape remaining text (& < >)
- *   8. restore placeholders verbatim
- */
 export declare function markdownToHtml(input: string | null | undefined): string;

package/dist/src/lib/html-render.js

@@ -14,6 +14,7 @@
  * pre+code[class=language-X], blockquote, tg-spoiler. Everything else in text
  * content must have &, <, > escaped.
  */
+/* eslint-disable no-control-regex -- NUL-byte sentinel delimiters intentionally guard placeholders through the bulk-escape step, then are restored */
 /** Escape the three HTML-significant chars for Telegram HTML text content. */
 export function escapeHtml(text) {
     if (text == null)
@@ -27,6 +28,23 @@ export function escapeHtml(text) {
 export function code(s) {
     return `<code>${escapeHtml(s)}</code>`;
 }
+/**
+ * Strip Telegram HTML markup back to readable plain text (v0.27.3). Used
+ * by editTg's plain-text fallback: when an HTML edit is rejected, re-sending the
+ * SAME string without parse_mode would dump literal `<b>`/`<pre>` tags into the
+ * chat. This removes the tags and decodes the basic entities so the fallback
+ * stays legible. Not a general sanitizer — scoped to the tags this module emits.
+ */
+export function stripHtml(input) {
+    if (input == null)
+        return '';
+    return String(input)
+        .replace(/<\/?(?:b|strong|i|em|u|s|a|code|pre|blockquote|tg-spoiler)\b[^>]*>/gi, '')
+        .replace(/&lt;/g, '<')
+        .replace(/&gt;/g, '>')
+        .replace(/&quot;/g, '"')
+        .replace(/&amp;/g, '&');
+}
 /**
  * Fenced code block: `<pre><code class="language-LANG">escaped</code></pre>`.
  * Omits the class when no language is given. Body is HTML-escaped (the only
@@ -52,16 +70,73 @@ export function pre(body, lang) {
  *   7. escape remaining text (& < >)
  *   8. restore placeholders verbatim
  */
+/** Split a GFM table row into trimmed cells, dropping the empty cells produced
+ *  by leading/trailing pipes (`| a | b |` → ['a','b']). */
+function splitTableRow(row) {
+    const cells = row.split('|').map((c) => c.trim());
+    if (cells.length && cells[0] === '')
+        cells.shift();
+    if (cells.length && cells[cells.length - 1] === '')
+        cells.pop();
+    return cells;
+}
+/** Render parsed table rows as a padded monospace block. Telegram HTML has no
+ *  <table>, so column-aligned text inside <pre> is the faithful terminal-style
+ *  rendering. Returns a ready <pre><code> string (content HTML-escaped by pre()). */
+function renderPaddedTable(rows) {
+    const cols = Math.max(...rows.map((r) => r.length));
+    const widths = [];
+    for (let c = 0; c < cols; c++) {
+        widths[c] = Math.max(...rows.map((r) => (r[c] ?? '').length));
+    }
+    const body = rows
+        .map((r) => Array.from({ length: cols }, (_v, c) => (r[c] ?? '').padEnd(widths[c]))
+        .join(' | ')
+        .replace(/\s+$/, ''))
+        .join('\n');
+    return pre(body);
+}
 export function markdownToHtml(input) {
     if (input == null)
         return '';
     let text = String(input);
     const codeBlocks = [];
-    text = text.replace(/```([a-zA-Z0-9_+\-]*)\n?([\s\S]*?)```/g, (_m, lang, body) => {
+    text = text.replace(/```([a-zA-Z0-9_+-]*)\n?([\s\S]*?)```/g, (_m, lang, body) => {
         const idx = codeBlocks.length;
         codeBlocks.push(pre(body.replace(/\n$/, ''), lang || undefined));
         return `\x00CODEBLOCK${idx}\x00`;
     });
+    // v0.27.4 M4 — GFM pipe tables → padded monospace <pre> (gap #5). Telegram HTML
+    // has no <table>; column-aligned text is the terminal-faithful rendering. A
+    // table is a row containing `|` immediately followed by a `---` separator row.
+    const tables = [];
+    {
+        const lines = text.split('\n');
+        const out = [];
+        let i = 0;
+        while (i < lines.length) {
+            const header = lines[i];
+            const sep = lines[i + 1];
+            const isSep = sep != null && sep.includes('-') && /^\s*\|?[\s:|-]+\|?\s*$/.test(sep);
+            if (header != null && header.includes('|') && isSep) {
+                const block = [splitTableRow(header)];
+                let j = i + 2;
+                while (j < lines.length && lines[j].includes('|') && lines[j].trim() !== '') {
+                    block.push(splitTableRow(lines[j]));
+                    j++;
+                }
+                const idx = tables.length;
+                tables.push(renderPaddedTable(block));
+                out.push(`\x00TABLE${idx}\x00`);
+                i = j;
+            }
+            else {
+                out.push(header);
+                i++;
+            }
+        }
+        text = out.join('\n');
+    }
     const inlineCodes = [];
     text = text.replace(/`([^`\n]+)`/g, (_m, body) => {
         const idx = inlineCodes.length;
@@ -74,6 +149,14 @@ export function markdownToHtml(input) {
         bolds.push(`<b>${escapeHtml(body)}</b>`);
         return `\x00BOLD${idx}\x00`;
     });
+    // v0.27.4 M4 — strikethrough ~~text~~ → <s> (gap #5). After bold so the `~~`
+    // pass never sees `**`-delimited spans.
+    const strikes = [];
+    text = text.replace(/~~([^~\n]+)~~/g, (_m, body) => {
+        const idx = strikes.length;
+        strikes.push(`<s>${escapeHtml(body)}</s>`);
+        return `\x00STRIKE${idx}\x00`;
+    });
     const italics = [];
     text = text.replace(/(?<![\w*])\*([^*\n]+)\*(?!\w)/g, (_m, body) => {
         const idx = italics.length;
@@ -99,10 +182,17 @@ export function markdownToHtml(input) {
         links.push(`<a href="${safeUrl}">${escapeHtml(label)}</a>`);
         return `\x00LINK${idx}\x00`;
     });
+    // v0.27.4 M4 — unordered list markers (-, *, +) at line start → "• " bullet
+    // (gap #5). Ordered lists (1. 2.) already read fine as plain text. The bullet
+    // glyph isn't HTML-significant, so it survives the escape below. Uses [ \t]
+    // (not \s) so it never consumes the line break.
+    text = text.replace(/^([ \t]*)[-*+][ \t]+/gm, (_m, indent) => `${indent}• `);
     text = escapeHtml(text);
     text = text.replace(/\x00CODEBLOCK(\d+)\x00/g, (_m, idx) => codeBlocks[Number(idx)]);
+    text = text.replace(/\x00TABLE(\d+)\x00/g, (_m, idx) => tables[Number(idx)]);
     text = text.replace(/\x00INLINECODE(\d+)\x00/g, (_m, idx) => inlineCodes[Number(idx)]);
     text = text.replace(/\x00BOLD(\d+)\x00/g, (_m, idx) => bolds[Number(idx)]);
+    text = text.replace(/\x00STRIKE(\d+)\x00/g, (_m, idx) => strikes[Number(idx)]);
     text = text.replace(/\x00ITALIC(\d+)\x00/g, (_m, idx) => italics[Number(idx)]);
     text = text.replace(/\x00HEADER(\d+)\x00/g, (_m, idx) => headers[Number(idx)]);
     text = text.replace(/\x00LINK(\d+)\x00/g, (_m, idx) => links[Number(idx)]);

package/dist/src/lib/markdown-to-mdv2.js

@@ -46,6 +46,7 @@
  *   - "CODE"/"BOLD"/etc letters are not in the special-char set
  *   So placeholders survive the bulk-escape step intact.
  */
+/* eslint-disable no-control-regex -- NUL-byte sentinel delimiters intentionally guard placeholders through the bulk-escape step, then are restored */
 /** MarkdownV2 special characters (Telegram Bot API spec). Outside code spans
  *  / pre blocks, these MUST be backslash-escaped when intended as content. */
 const MDV2_TEXT_SPECIAL = /[_*[\]()~`>#+\-=|{}.!\\]/g;
@@ -73,7 +74,7 @@ export function markdownToMdv2(input) {
     // Step 1 — extract code fences (triple-backtick blocks). Body verbatim
     // except backticks and backslashes are escaped per Telegram spec.
     const codeBlocks = [];
-    text = text.replace(/```([a-zA-Z0-9_+\-]*)\n?([\s\S]*?)```/g, (_m, lang, body) => {
+    text = text.replace(/```([a-zA-Z0-9_+-]*)\n?([\s\S]*?)```/g, (_m, lang, body) => {
         const idx = codeBlocks.length;
         const langStr = lang || '';
         const escapedBody = escapeCodeContent(body);

package/dist/src/lib/telegram-bot-api.d.ts

@@ -87,15 +87,31 @@ export interface TelegramApiResponse {
  */
 export declare function telegramApi(method: string, params: Record<string, unknown>): Promise<TelegramApiResponse>;
 /**
- * sendMessage with MarkdownV2 first + plain-text fallback. The fallback
- * is the v0.20.1 fix: prior implementation stripped punctuation on
- * MarkdownV2 parse errors; current behaviour retries with parse_mode
- * omitted so all content survives.
+ * v0.27.4 M6 — CLI-parity gap #8: split a message that exceeds Telegram's 4096
+ * char cap into ≤max-char chunks so long cc-openclaw-originated content sends as
+ * sequential messages instead of being rejected outright. Splits on newline
+ * boundaries (never mid-line) so HTML constructs mostly stay intact; a single
+ * line longer than max is hard-split. Returns [text] unchanged when ≤max (the
+ * common path — no behavior change for normal messages).
+ *
+ * Scope note: this covers cc-openclaw's OWN sends (slash/error responses). The
+ * live card is one edited message (truncated by design) and the model's final
+ * answer is delivered by the OpenClaw gateway — neither flows through here.
+ */
+export declare function splitForTelegram(text: string, max?: number): string[];
+/**
+ * sendMessage with HTML parse_mode first + plain-text fallback. The fallback
+ * is the v0.20.1 fix: prior implementation stripped punctuation on parse
+ * errors; current behaviour retries with parse_mode omitted so all content
+ * survives. (v0.27.0 switched the live mirror MarkdownV2 → HTML; v0.27.3
+ * converted the last MarkdownV2 emitter, error-formatter, so the whole
+ * Telegram surface is now one HTML render path.) v0.27.4 M6 — auto-chunks
+ * over-cap text and the plain fallback now strips HTML (was: re-sent raw tags).
  */
 export declare function sendTg(chatId: string | number, text: string, threadId?: string | number, replyMarkup?: unknown, replyToMessageId?: number | null): Promise<TelegramApiResponse>;
 /**
- * editMessageText with MarkdownV2-first + 429 retry-after handling +
- * plain-text fallback.
+ * editMessageText with HTML parse_mode + 429 retry-after handling +
+ * plain-text fallback (v0.27.3 stripHtml fallback on rejection).
  */
 export declare function editTg(chatId: string | number, messageId: number, text: string, replyMarkup?: unknown): Promise<TelegramApiResponse>;
 export interface SendDocumentOptions {

package/dist/src/lib/telegram-bot-api.js

@@ -28,6 +28,9 @@ import { readFileSync } from 'node:fs';
 import { homedir } from 'node:os';
 import { join } from 'node:path';
 import { randomBytes } from 'node:crypto';
+import { stripHtml } from './html-render.js';
+/** Telegram's hard per-message character cap. */
+const TG_MAX_CHARS = 4096;
 export const OPENCLAW_CONFIG_PATH = join(homedir(), '.openclaw', 'openclaw.json');
 const PLUGIN_TAG = '[cc-openclaw/telegram-bot-api]';
 // ─── Bot token state ───────────────────────────────────────────────────────
@@ -139,32 +142,96 @@ export function telegramApi(method, params) {
     });
 }
 /**
- * sendMessage with MarkdownV2 first + plain-text fallback. The fallback
- * is the v0.20.1 fix: prior implementation stripped punctuation on
- * MarkdownV2 parse errors; current behaviour retries with parse_mode
- * omitted so all content survives.
+ * v0.27.4 M6 — CLI-parity gap #8: split a message that exceeds Telegram's 4096
+ * char cap into ≤max-char chunks so long cc-openclaw-originated content sends as
+ * sequential messages instead of being rejected outright. Splits on newline
+ * boundaries (never mid-line) so HTML constructs mostly stay intact; a single
+ * line longer than max is hard-split. Returns [text] unchanged when ≤max (the
+ * common path — no behavior change for normal messages).
+ *
+ * Scope note: this covers cc-openclaw's OWN sends (slash/error responses). The
+ * live card is one edited message (truncated by design) and the model's final
+ * answer is delivered by the OpenClaw gateway — neither flows through here.
+ */
+export function splitForTelegram(text, max = TG_MAX_CHARS) {
+    if (text.length <= max)
+        return [text];
+    const chunks = [];
+    let current = '';
+    for (const line of text.split('\n')) {
+        if (line.length > max) {
+            if (current) {
+                chunks.push(current);
+                current = '';
+            }
+            for (let i = 0; i < line.length; i += max)
+                chunks.push(line.slice(i, i + max));
+            continue;
+        }
+        const candidate = current ? `${current}\n${line}` : line;
+        if (candidate.length > max) {
+            if (current)
+                chunks.push(current);
+            current = line;
+        }
+        else {
+            current = candidate;
+        }
+    }
+    if (current)
+        chunks.push(current);
+    return chunks;
+}
+/**
+ * sendMessage with HTML parse_mode first + plain-text fallback. The fallback
+ * is the v0.20.1 fix: prior implementation stripped punctuation on parse
+ * errors; current behaviour retries with parse_mode omitted so all content
+ * survives. (v0.27.0 switched the live mirror MarkdownV2 → HTML; v0.27.3
+ * converted the last MarkdownV2 emitter, error-formatter, so the whole
+ * Telegram surface is now one HTML render path.) v0.27.4 M6 — auto-chunks
+ * over-cap text and the plain fallback now strips HTML (was: re-sent raw tags).
  */
 export async function sendTg(chatId, text, threadId, replyMarkup, replyToMessageId) {
     try {
         const base = { chat_id: chatId, disable_web_page_preview: true };
         if (threadId)
             base.message_thread_id = Number(threadId);
-        if (replyMarkup)
-            base.reply_markup = replyMarkup;
         if (replyToMessageId)
             base.reply_to_message_id = Number(replyToMessageId);
-        const res = await telegramApi('sendMessage', { ...base, text, parse_mode: 'HTML' });
-        if (res.ok)
-            return res;
-        return telegramApi('sendMessage', { ...base, text: text || 'Session update' });
+        // Send one body with HTML first, then a stripped plain-text fallback so a
+        // chunk that split an HTML tag still lands legibly (mirrors editTg v0.27.3).
+        const sendOne = async (body, markup) => {
+            const params = { ...base, text: body, parse_mode: 'HTML' };
+            if (markup)
+                params.reply_markup = markup;
+            const res = await telegramApi('sendMessage', params);
+            if (res.ok)
+                return res;
+            const fb = { ...base, text: stripHtml(body) || 'Session update' };
+            if (markup)
+                fb.reply_markup = markup;
+            return telegramApi('sendMessage', fb);
+        };
+        if (text.length > TG_MAX_CHARS) {
+            const chunks = splitForTelegram(text, TG_MAX_CHARS);
+            let first = { ok: false };
+            for (let i = 0; i < chunks.length; i++) {
+                // Keyboard rides only the LAST chunk (actions belong with the tail).
+                const res = await sendOne(chunks[i], i === chunks.length - 1 ? replyMarkup : undefined);
+                if (i === 0)
+                    first = res;
+            }
+            return first;
+        }
+        return await sendOne(text, replyMarkup);
     }
     catch {
         return { ok: false };
     }
 }
 /**
- * editMessageText with MarkdownV2-first + 429 retry-after handling +
- * plain-text fallback.
+ * editMessageText with HTML parse_mode + 429 retry-after handling +
+ * plain-text fallback (v0.27.3 stripHtml fallback on rejection).
  */
 export async function editTg(chatId, messageId, text, replyMarkup) {
     try {
@@ -188,17 +255,30 @@ export async function editTg(chatId, messageId, text, replyMarkup) {
         }
         if (res.ok)
             return res;
+        // v0.27.3 — the HTML edit was rejected (commonly "can't parse
+        // entities" or "message is too long"). Re-sending the SAME string without
+        // parse_mode would dump literal <b>/<pre> tags into the chat AND, if the
+        // reason was length, fail identically. Strip the markup back to plain text
+        // and hard-truncate to Telegram's cap so the fallback can actually land.
+        // Log the original failure so a broken live card is never silent again
+        // (the prior swallow is exactly why the 4096-overflow regression hid).
+        process.stderr.write(`[cc-openclaw/telegram-bot-api] editTg HTML edit rejected (len=${text.length}) ` +
+            `code=${res.error_code ?? '?'} desc=${JSON.stringify(res.description ?? '')} — plain-text fallback\n`);
+        let plain = stripHtml(text) || 'Session update';
+        if (plain.length > TG_MAX_CHARS)
+            plain = plain.slice(0, TG_MAX_CHARS - 1) + '…';
         const fallback = {
             chat_id: chatId,
             message_id: messageId,
-            text: text || 'Session update',
+            text: plain,
             disable_web_page_preview: true,
         };
         if (replyMarkup)
             fallback.reply_markup = replyMarkup;
         return telegramApi('editMessageText', fallback);
     }
-    catch {
+    catch (err) {
+        process.stderr.write(`[cc-openclaw/telegram-bot-api] editTg threw: ${err.message}\n`);
         return { ok: false };
     }
 }

package/dist/src/openai-compat/openai-compat.js

@@ -10,7 +10,7 @@ import * as path from 'node:path';
 import * as os from 'node:os';
 import { randomUUID } from 'node:crypto';
 import { resolveEngineAndModel } from '../models.js';
-import { OPENAI_COMPAT_DEFAULT_MODEL, OPENAI_COMPAT_AUTO_COMPACT_THRESHOLD, } from '../constants.js';
+import { OPENAI_COMPAT_DEFAULT_MODEL, OPENAI_COMPAT_AUTO_COMPACT_THRESHOLD, RESUME_FRESHNESS_MS, } from '../constants.js';
 import { isToolsPerMessageModeEnabled, isToolStreamMode } from './mode-flags.js';
 import { resolveSessionKey, sessionNameFromKey } from './session-key-resolver.js';
 import { buildSessionSystemPrompt, buildToolPromptBlock } from './prompts.js';
@@ -272,6 +272,17 @@ export async function handleChatCompletion(manager, body, headers, res) {
             // Note: noSessionPersistence (--no-session-persistence) is NOT set
             // because some CLI forks don't support this flag.
             skipPersistence: true,
+            // v0.27.4 (M4/M6): opt this session into freshness-windowed --resume so a
+            // gateway restart or stalled-session watchdog SIGTERM doesn't wipe the
+            // conversation. Persists the claudeSessionId (despite skipPersistence) and
+            // the next turn for this chat resumes it iff it was active within the
+            // window — older sessions still start fresh (anti-stale). Env override
+            // CC_OPENCLAW_RESUME_FRESHNESS_MS; default RESUME_FRESHNESS_MS (30 min).
+            resumeFreshnessMs: (() => {
+                const v = process.env.CC_OPENCLAW_RESUME_FRESHNESS_MS;
+                const n = v !== undefined ? parseInt(v, 10) : NaN;
+                return Number.isFinite(n) && n > 0 ? n : RESUME_FRESHNESS_MS;
+            })(),
             // v0.7.4 EMERGENCY RESTORE: re-enable --include-partial-messages for
             // openai-compat sessions. v0.6.0 made this opt-in (default OFF) for
             // a 10-100× JSON overhead drop, but the engine never grew the

package/dist/src/openai-compat/streaming-handler.js

@@ -43,7 +43,7 @@ import { emit as emitTrajectory, emitTurnTrace } from '../lib/trajectory.js';
 import { formatError, ERROR_CODES } from '../lib/error-formatter.js';
 import { getSurfaceThinkingEnabled, getTtsAutoMode } from '../lib/config.js';
 import { applyVoiceRecovery, detectVoiceIntent, hasTtsMarkers, _logVoiceDebug } from './voice-recovery.js';
-import { pushToolUse as mirrorPushToolUse, pushToolResult as mirrorPushToolResult, pushAssistantText as mirrorPushAssistantText, finalizeActiveCards as mirrorFinalizeActiveCards, failActiveCards as mirrorFailActiveCards, classifyFailure, setCardMeta as mirrorSetCardMeta, readQuotaMeta as mirrorReadQuotaMeta, } from '../channels/telegram-mirror/turn-bridge.js';
+import { pushToolUse as mirrorPushToolUse, pushToolResult as mirrorPushToolResult, pushAssistantText as mirrorPushAssistantText, pushThinking as mirrorPushThinking, finalizeActiveCards as mirrorFinalizeActiveCards, failActiveCards as mirrorFailActiveCards, classifyFailure, setCardMeta as mirrorSetCardMeta, readQuotaMeta as mirrorReadQuotaMeta, } from '../channels/telegram-mirror/turn-bridge.js';
 import { cardStateDebug as mirrorCardStateDebug } from '../channels/telegram-mirror/card-state.js';
 import { writePerfEvent } from '../observability/perf-telemetry.js';
 /** Coerce a userMessage (string | UserMessageBlock[]) to a flat string
@@ -327,6 +327,12 @@ slashCommand) {
                     if (!text)
                         return;
                     thinkingBuffer += text;
+                    // v0.27.4 M1 — surface thinking on the live Telegram card too (gap
+                    // #1). Pass the cumulative buffer; pushThinking overwrites
+                    // turn.thinkingText so the 💭 block grows in place. Same surfacing
+                    // gate as the SSE reasoning emit below (this callback only exists
+                    // when surfaceThinking is on).
+                    mirrorPushThinking(thinkingBuffer);
                     const chunk = {
                         id: completionId,
                         object: 'chat.completion.chunk',

package/dist/src/session/persisted-sessions.d.ts

@@ -21,6 +21,17 @@ export interface PersistedSession {
     lastResumed: string;
     lastActivity: number;
 }
+/**
+ * v0.27.4 (M4/M6) — resume-freshness gate. A persisted Claude session is
+ * eligible for --resume only if its last activity is within `freshnessMs`.
+ * This restores cross-restart / post-watchdog-kill conversation continuity for
+ * openai-compat sessions WITHOUT reintroducing the stale-resume hazard that
+ * motivated skipPersistence: a session idle longer than the window starts
+ * fresh. Returns false for a missing entry, a non-numeric lastActivity, or a
+ * non-positive/non-finite window (resume disabled). Pure + side-effect-free so
+ * the decision is unit-testable independent of the disk layer.
+ */
+export declare function isPersistedSessionFresh(persisted: Pick<PersistedSession, 'lastActivity'> | undefined, now: number, freshnessMs: number): boolean;
 export declare function loadPersistedSessions(): Map<string, PersistedSession>;
 export declare function savePersistedSessions(sessions: Map<string, PersistedSession>, logger?: Logger): void;
 export declare function savePersistedSessionsAsync(sessions: Map<string, PersistedSession>, logger?: Logger): void;

package/dist/src/session/persisted-sessions.js

@@ -14,6 +14,23 @@ import { createConsoleLogger } from '../logger.js';
 import { PERSIST_DISK_TTL_MS } from '../constants.js';
 export const PERSIST_DIR = path.join(os.homedir(), '.openclaw');
 export const PERSIST_FILE = path.join(PERSIST_DIR, 'claude-sessions.json');
+/**
+ * v0.27.4 (M4/M6) — resume-freshness gate. A persisted Claude session is
+ * eligible for --resume only if its last activity is within `freshnessMs`.
+ * This restores cross-restart / post-watchdog-kill conversation continuity for
+ * openai-compat sessions WITHOUT reintroducing the stale-resume hazard that
+ * motivated skipPersistence: a session idle longer than the window starts
+ * fresh. Returns false for a missing entry, a non-numeric lastActivity, or a
+ * non-positive/non-finite window (resume disabled). Pure + side-effect-free so
+ * the decision is unit-testable independent of the disk layer.
+ */
+export function isPersistedSessionFresh(persisted, now, freshnessMs) {
+    if (!persisted || typeof persisted.lastActivity !== 'number')
+        return false;
+    if (!Number.isFinite(freshnessMs) || freshnessMs <= 0)
+        return false;
+    return now - persisted.lastActivity <= freshnessMs;
+}
 export function loadPersistedSessions() {
     try {
         if (!fs.existsSync(PERSIST_FILE))

package/dist/src/session/session-manager.js

@@ -33,7 +33,7 @@ function getPluginVersion() {
 // ─── Persistence ─────────────────────────────────────────────────────────────
 // Extracted to `./persisted-sessions.ts` 2026-05-13 — coherent persistence
 // layer (load + sync atomic-write + async-write + types + constants).
-import { loadPersistedSessions, savePersistedSessions, savePersistedSessionsAsync, } from './persisted-sessions.js';
+import { loadPersistedSessions, savePersistedSessions, savePersistedSessionsAsync, isPersistedSessionFresh, } from './persisted-sessions.js';
 // Debounce helper — coalesces rapid writes into one
 // `makeDebounced` extracted to `../lib/debounce.ts` 2026-05-13 —
 // pure-function hot-path decomposition.
@@ -158,10 +158,21 @@ export class SessionManager {
         }
         this._recordSpawn();
         // Auto-resume: if we have a persisted claudeSessionId for this name, inject it.
-        // Skip when config.skipPersistence is set (e.g. openai-compat bridge sessions
-        // that must NOT resume stale CLI state from a previous server run).
+        // Normal (non-skipPersistence) sessions resume unconditionally as before.
+        // skipPersistence sessions normally must NOT resume stale CLI state from a
+        // previous server run — EXCEPT v0.27.4 (M4/M6): when they opt into
+        // freshness-windowed resume (config.resumeFreshnessMs, set by the
+        // openai-compat bridge), resume the prior session iff it's still fresh, so
+        // Savvy keeps context across a gateway restart / watchdog-kill while a
+        // long-idle session still starts fresh.
         const skipPersist = !!config.skipPersistence;
-        const persisted = skipPersist ? undefined : this.persistedSessions.get(name);
+        let persisted = skipPersist ? undefined : this.persistedSessions.get(name);
+        if (skipPersist && typeof config.resumeFreshnessMs === 'number') {
+            const candidate = this.persistedSessions.get(name);
+            if (isPersistedSessionFresh(candidate, Date.now(), config.resumeFreshnessMs)) {
+                persisted = candidate;
+            }
+        }
         // Unified: only use resumeSessionId (claudeResumeId is an internal alias, not exposed)
         const resumeId = config.resumeSessionId ?? persisted?.claudeSessionId;
         const fullConfig = {
@@ -349,10 +360,15 @@ export class SessionManager {
             }
             const result = await managed.session.send(message, sendOpts);
             // Update session ID if available (skip disk persist for ephemeral
-            // sessions that were started with skipPersistence)
+            // sessions that were started with skipPersistence) — EXCEPT v0.27.4
+            // (M4/M6): a session that opted into freshness-windowed resume must be
+            // persisted (even though skipPersistence is true) so its claudeSessionId
+            // is on disk for the next turn / a post-restart resume.
             if (managed.session.sessionId) {
                 managed.claudeSessionId = managed.session.sessionId;
-                if (this.persistedSessions.has(name)) {
+                const optedIntoFreshResume = typeof managed.config.resumeFreshnessMs === 'number' &&
+                    managed.config.resumeFreshnessMs > 0;
+                if (this.persistedSessions.has(name) || optedIntoFreshResume) {
                     this._persistSession(name, managed);
                 }
             }

package/dist/src/session-bootstrap/cwd-patch.js

@@ -84,8 +84,6 @@ const PATHS = {
 const DEPS_STUB_PATH = join(PATHS.openclawDist, 'commands-status-deps.runtime.js');
 const STATUS_STUB_PATH = join(PATHS.openclawRoot, 'status.runtime.js');
 const AUTO_REPLY_STATUS_PATH = join(PATHS.autoReplyDir, 'commands-status.runtime.js');
-const SAVVY_REGISTRY_PATH = join(HOME, '.openclaw/savvy-resume-registry.json');
-const CLAUDE_SESSIONS_PATH = join(HOME, '.openclaw/claude-sessions.json');
 const CACHE_PARITY_REGISTRY_PATH = join(HOME, '.openclaw/openclaw-cache-parity-registry.json');
 // Patch identity symbols (module-scoped, stable across re-imports within a process)
 const PATCH_MARKER = Symbol.for('claude-local-enhancer:patched');
@@ -166,6 +164,7 @@ function _setToolDumpCacheEntry(key, val) {
 let _lastToolDumpHash = null;
 // ── sessionId capture state ───────────────────────────────────────────────
 let _lastCapturedJson = '';
+// ── Resume registry helpers ───────────────────────────────────────────────
 // `restoreClaudeSessionsFromBackup` + `writeBackupRegistry` extracted to
 // `./resume-registry.ts` 2026-05-13. The wrapper preserves the caller-less
 // call signature locally by closing over the module `logger`.

package/dist/src/types.d.ts

@@ -137,6 +137,13 @@ export interface SessionConfig {
     sessionName?: string;
     claudeResumeId?: string;
     resumeSessionId?: string;
+    /** v0.27.4 (M4/M6) — opt a skipPersistence session into freshness-windowed
+     *  --resume across restart / watchdog-kill. When set (ms), the SessionManager
+     *  persists this session's claudeSessionId and, on the next start for the same
+     *  name, resumes it iff its last activity is within this window. Used by the
+     *  openai-compat bridge so Savvy keeps context across a gateway restart while
+     *  still starting fresh after a long idle gap. */
+    resumeFreshnessMs?: number;
     forkSession?: boolean;
     addDir?: string[];
     effort?: EffortLevel;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@a1hvdy/cc-openclaw",
-  "version": "0.27.2",
+  "version": "0.27.4",
   "description": "A1xAI's Anthropic CLI bridge plugin for OpenClaw",
   "author": "@a1cy",
   "license": "MIT",