All Things OpenClawAll Things OpenClaw
UPDATES • OpenClaw quick fix
Featured: @openclaw

Updated to OpenClaw 2026.5.20? Check secrets, model drift, and Codex.

OpenClaw 2026.5.20 is now a stable, signed release with useful safety work: `openclaw doctor` can warn about plaintext secret-bearing config fields, model status now explains when a session is pinned away from the configured default, xAI gets a device-code OAuth path for headless hosts, Docker images keep the bundled Codex harness through pruning, and cron/gateway diagnostics are less fragile. Treat that as a safer upgrade window, not permission to skip a rollback point: snapshot first, run doctor/status checks, and smoke-test only the integrations you actually depend on.

In simple words: Make a safe copy if the step could change your setup, try the smallest check, then confirm OpenClaw is back to normal before doing more. The source link and commands stay below for people who want the technical detail.

Checklist
Snapshot first with a verified backup and record the previous OpenClaw version, package source, and rollback label.
Stable-upgrade control sheet
openclaw --version
openclaw backup create --verify
openclaw doctor
openclaw models status
openclaw gateway status --json
# If you use scheduled agents, inspect one low-risk job before letting it run unattended.
openclaw cron show <job-id> --json
After upgrading, run `openclaw doctor`; if it flags plaintext secret-bearing fields, move deliberately instead of pasting secrets into a larger config diff.
Check model status before judging agent quality. A session may be pinned to a different model than the configured default, and 2026.5.20 gives a reason/hint instead of leaving you to guess.
If you run Codex/OpenAI agents from Docker, confirm the bundled Codex harness is still registered after image pruning or rebuilds before resuming unattended jobs.
If you use xAI on a headless or remote box, treat device-code OAuth as a canary path: test one tiny task and write down the rollback/auth-profile path before switching important agents.
For cron, gateway, Discord voice, browser screenshots, plugins, or local-model lean mode, run one tiny real task per used path and keep the rollback note until a normal agent run completes.
Write down the pass/fail surface, not just the version
- Doctor completed and any plaintext-secret warning has an owner: pass/fail
- Model status matches the model you intended to use: pass/fail
- Codex/OpenAI harness works after Docker/image pruning, if used: pass/fail/not used
- xAI device-code login path works on a tiny canary task, if used: pass/fail/not used
- Cron/gateway/Discord/browser/plugin/local-model path used by you: pass/fail/not used
- Rollback label and previous version recorded: yes/no
Success looks like
The installed version, backup label, and rollback path are known before important agents depend on 2026.5.20.
Doctor, model status, Codex/xAI auth routes, cron, gateway, and integration checks are tied to your real usage instead of a vague ‘upgrade succeeded’ feeling.
Any secret-warning, pinned-model surprise, or missing-harness failure is caught on a tiny canary task before it can burn unattended time or money.

Source: OpenClaw v2026.5.20 release note · link