3.13 is a recovery release. The original Git tag was broken, so this ships as v2026.3.13-1. No dashboard rewrite, no new model integration, no headline feature. What 3.13 is: 70+ patches that make the existing platform more solid.
Here's what matters.
Performance: Plugin-SDK Memory Regression
The biggest single fix in this release. A chunk deduplication bug in the Plugin-SDK was causing ~2x memory usage compared to 3.12. If you noticed your OpenClaw instance eating more RAM after upgrading, this was why.
PR #45426 fixes the deduplication logic. Memory usage should return to 3.11-era levels. If you're running on a constrained VPS or Raspberry Pi, this one matters a lot.
Android & iOS: Mobile Getting Serious
Three Android fixes and one iOS improvement signal that mobile is getting real attention:
- •Chat Settings Redesign (#44894): The Android chat settings UI got a full visual overhaul—cleaner layout, better navigation, more consistent with the web experience
- •Google Code Scanner (#45021): Onboarding QR scanning now uses Google's Code Scanner API instead of the previous camera-based approach. More reliable, especially in low-light conditions
- •HttpURLConnection Leak (#43780): A connection leak in the HTTP client was causing gradual memory growth on long-running Android sessions. Fixed with proper connection cleanup
- •Welcome Pager (#45054): The onboarding flow now has a proper welcome pager that introduces new users to core concepts before dropping them into the app
These aren't flashy, but they're the kind of fixes that separate "it works on mobile" from "it works well on mobile."
Agent Reliability: 5 Fixes
Agents got noticeably more predictable in 3.13:
- 1.Drop thinking blocks on replay (#44843): When replaying agent sessions, thinking blocks were being re-injected into context, consuming tokens and occasionally confusing the model. Now they're stripped on replay
- 2.No double memory injection (#26054): Memory files were being injected twice in certain multi-turn flows. This caused context pollution and wasted tokens
- 3.Respect user compat overrides (#44432): User-specified compatibility overrides were being silently ignored in some provider paths. Now they're respected everywhere
- 4.Preserve blank custom-provider API keys (#45631): If you intentionally left a custom provider's API key blank (for providers that don't need one), the system was treating it as an error. Fixed
- 5.Cross-agent workspace resolution (#40176): When agents referenced files across workspace boundaries, path resolution could fail silently. Now resolved correctly
Individually small. Together, they mean agents are less likely to produce garbage output or silently fail mid-conversation.
UI Polish
A cluster of UI fixes that make the daily experience smoother:
- •Mobile nav drawer & theme variants (#45107): The mobile navigation drawer now respects theme variants properly, and the animation is smoother
- •Sidebar status/agent skills/chat rendering (#45451): Multiple rendering fixes for the sidebar—agent skill badges display correctly, status indicators update in real time, and chat previews don't truncate mid-word
- •Chat context notice icon sizing (#45533): The context-limit warning icon was oversized on some displays. Now it scales properly
- •Oversized chat replies (#45559): Long replies were breaking the chat layout on narrow screens. Text now wraps correctly with proper padding
- •Dashboard chat history reload storm (#45541): Opening the dashboard could trigger a cascade of chat history reloads. Now it loads once and caches
Compaction & Sessions
Context management got smarter:
- •Full-session token count (#28347): A sanity-check token counter now runs across the full session, catching cases where compaction was silently losing context
- •Persona/language continuity (#10456): After compaction, the agent's persona and language settings could drift. Now they're explicitly preserved through the compaction boundary
- •Preserve lastAccountId/lastThreadId (#44773): Session metadata was being dropped during certain compaction paths, causing the agent to "forget" which account and thread it was operating in
- •Create transcript on chat.inject (#36645): Injected chat messages now properly create transcripts, so they appear in session history
Docker & Infrastructure
- •OPENCLAW_TZ timezone support (#34119): You can now set the timezone for your OpenClaw container via the
OPENCLAW_TZenvironment variable. No more UTC-only cron jobs - •apt-get upgrade in Dockerfiles (#45384): Base images now run
apt-get upgradeduring build, pulling in the latest security patches for system packages - •Gateway token leak prevention (#44956): A Docker build context issue could accidentally include gateway tokens in the image layer cache. The
.dockerignorenow explicitly excludes sensitive credential files
Platform Fixes
The long tail of platform-specific fixes:
- •SSRF mitigation with IPv4 fallback (#44639, #45327): Telegram webhook handling now validates URLs and falls back to IPv4 when IPv6 causes connectivity issues
- •Gateway metadata improvements (#44397): Better handling of Discord gateway metadata for more reliable bot connections
- •Non-ASCII filename handling (#34262): File uploads with Chinese, Japanese, or other non-ASCII characters in filenames no longer fail silently
- •Message deduplication (#43762): Duplicate message delivery from Feishu webhooks is now handled gracefully
- •Groups configuration (#27199): Signal group support now works with the updated config schema
- •Interactive reply directives (#44607): Slack interactive components (buttons, menus) now correctly propagate reply directives back to the agent
macOS & Windows
- •macOS PortGuard Docker Desktop fix (#13798): PortGuard was incorrectly flagging Docker Desktop's port bindings as conflicts. Fixed with proper process detection
- •macOS exec-approvals.json (#13707): The execution approval persistence file is now properly created and maintained on macOS
- •Windows suppress console windows (#44842): Spawned subprocesses on Windows no longer flash console windows. A small thing that was driving people crazy
Security
Three security-related changes:
- •Docker token leak prevention (#44956): Prevents gateway tokens from being cached in Docker image layers
- •Keep shared auth on insecure control-ui connects (#45088): Shared authentication tokens are now preserved even when connecting to control-ui over non-HTTPS connections (common in local dev)
- •Restore control-ui auth bypass (#45512): A regression in 3.12 broke the auth bypass for local-only control-ui instances. Restored
The Rest
| Area | Notable Changes |
|---|---|
| Plugins | Fail fast on channel/binding collisions (#45628), various config schema fixes |
| Browser Agent | Batch act dispatch normalization (#45457), session lifecycle hardening (#45682) |
| Anthropic | Startup crash fix (#45520) |
| Gemini | Model-id normalization for google-vertex (#42435) |
| Tests | Default model updated to gpt-5.4 (#44367) |
New Contributors
Welcome to everyone who landed their first PR in 3.13. The contributor count just crossed 1,260 and every fix matters—whether it's a typo in docs or a critical memory leak.
---
3.13 is a stabilization release. No glamour, just discipline. If you're on 3.12, the memory fix alone is worth the upgrade. If you're on anything older, the agent reliability improvements compound with everything from 3.11 and 3.12.
Update now.
