Bump tar and openclaw

[dependabot]

Bumps tar to 7.5.11 and updates ancestor dependency openclaw. These dependencies need to be updated together.

Updates tar from 6.2.1 to 7.5.11

Changelog

Sourced from tar's changelog.

Changelog

7.5

• Added zstd compression support.
• Consistent TOCTOU behavior in sync t.list
• Only read from ustar block if not specified in Pax
• Fix sync tar.list when file size reduces while reading
• Sanitize absolute linkpaths properly
• Prevent writing hardlink entries to the archive ahead of their file target

7.4

• Deprecate onentry in favor of onReadEntry for clarity.

7.3

• Add onWriteEntry option

7.2

• DRY the command definitions into a single makeCommand method, and update the type signatures to more appropriately infer the return type from the options and arguments provided.

7.1

• Update minipass to v7.1.0
• Update the type definitions of write() and end() methods on Unpack and Parser classes to be compatible with the NodeJS.WritableStream type in the latest versions of @types/node.

7.0

• Drop support for node <18
• Rewrite in TypeScript, provide ESM and CommonJS hybrid interface
• Add tree-shake friendly exports, like import('tar/create') and import('tar/read-entry') to get individual functions or classes.
• Add chmod option that defaults to false, and deprecate noChmod. That is, reverse the default option regarding explicitly setting file system modes to match tar entry settings.
• Add processUmask option to avoid having to call process.umask() when chmod: true (or noChmod: false) is set.

... (truncated)

Commits

• bf776f6 7.5.11
• f48b5fa prevent escaping symlinks with drive-relative paths
• 97cff15 docs: more security info
• 2b72abc 7.5.10
• 7bc755d parse root off paths before sanitizing .. parts
• c8cb846 update deps
• 1f0c2c9 7.5.9
• fbb0851 build minified version as default export
• 6b8eba0 7.5.8
• 2cb1120 fix(unpack): improve UnpackSync symlink error "into" path accuracy
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for tar since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates openclaw from 2026.3.1 to 2026.3.8

Release notes

Sourced from openclaw's releases.

openclaw 2026.3.8

Mac assets on this release reuse the beta artifact line from v2026.3.8-beta.1.

Changes

• CLI/backup: add openclaw backup create and openclaw backup verify for local state archives, including --only-config, --no-include-workspace, manifest/payload validation, and backup guidance in destructive flows. (#40163) thanks @​shichangs.
• macOS/onboarding: add a remote gateway token field for remote mode, preserve existing non-plaintext gateway.remote.token config values until explicitly replaced, and warn when the loaded token shape cannot be used directly from the macOS app. (#40187, supersedes #34614) Thanks @​cgdusek.
• Talk mode: add top-level talk.silenceTimeoutMs config so Talk waits a configurable amount of silence before auto-sending the current transcript, while keeping each platform's existing default pause window when unset. (#39607) Thanks @​danodoesdesign. Fixes #17147.
• TUI: infer the active agent from the current workspace when launched inside a configured agent workspace, while preserving explicit agent: session targets. (#39591) thanks @​arceus77-7.
• Tools/Brave web search: add opt-in tools.web.search.brave.mode: "llm-context" so web_search can call Brave's LLM Context endpoint and return extracted grounding snippets with source metadata, plus config/docs/test coverage. (#33383) Thanks @​thirumaleshp.
• CLI/install: include the short git commit hash in openclaw --version output when metadata is available, and keep installer version checks compatible with the decorated format. (#39712) thanks @​sourman.
• CLI/backup: improve archive naming for date sorting, add config-only backup mode, and harden backup planning, publication, and verification edge cases. (#40163) Thanks @​gumadeiras.
• ACP/Provenance: add optional ACP ingress provenance metadata and visible receipt injection (openclaw acp --provenance off|meta|meta+receipt) so OpenClaw agents can retain and report ACP-origin context with session trace IDs. (#40473) thanks @​mbelinky.
• Tools/web search: alphabetize provider ordering across runtime selection, onboarding/configure pickers, and config metadata, so provider lists stay neutral and multi-key auto-detect now prefers Grok before Kimi. (#40259) thanks @​kesku.
• Docs/Web search: restore $5/month free-credit details, replace defunct "Data for Search"/"Data for AI" plan names with current "Search" plan, and note legacy subscription validity in Brave setup docs. Follows up on #26860. (#40111) Thanks @​remusao.
• Extensions/ACPX tests: move the shared runtime fixture helper from src/runtime-internals/ to src/test-utils/ so the test-only helper no longer looks like shipped runtime code.

Fixes

• Update/macOS launchd restart: re-enable disabled LaunchAgent services before updater bootstrap so openclaw update can recover from a disabled gateway service instead of leaving the restart step stuck.
• macOS app/chat UI: route browser proxy through the local node browser service, preserve plain-text paste semantics, strip completed assistant trace/debug wrapper noise from transcripts, refresh permission state after returning from System Settings, and tolerate malformed cron rows in the macOS tab. (#39516) Thanks @​Imhermes1.
• Android/Play distribution: remove self-update, background location, screen.record, and background mic capture from the Android app, narrow the foreground service to dataSync only, and clean up the legacy location.enabledMode=always preference migration. (#39660) Thanks @​obviyus.
• Telegram/DM routing: dedupe inbound Telegram DMs per agent instead of per session key so the same DM cannot trigger duplicate replies when both agent:main:main and agent:main:telegram:direct:<id> resolve for one agent. Fixes #40005. Supersedes #40116. (#40519) thanks @​obviyus.
• Cron/Telegram announce delivery: route text-only announce jobs through the real outbound adapters after finalizing descendant output so plain Telegram targets no longer report delivered: true when no message actually reached Telegram. (#40575) thanks @​obviyus.
• Matrix/DM routing: add safer fallback detection for broken m.direct homeservers, honor explicit room bindings over DM classification, and preserve room-bound agent selection for Matrix DM rooms. (#19736) Thanks @​derbronko.
• Feishu/plugin onboarding: clear the short-lived plugin discovery cache before reloading the registry after installing a channel plugin, so onboarding no longer re-prompts to download Feishu immediately after a successful install. Fixes #39642. (#39752) Thanks @​GazeKingNuWu.
• Plugins/channel onboarding: prefer bundled channel plugins over duplicate npm-installed copies during onboarding and release-channel sync, preventing bundled plugins from being shadowed by npm installs with the same plugin ID. (#40092)
• Config/runtime snapshots: keep secrets-runtime-resolved config and auth-profile snapshots intact after config writes so follow-up reads still see file-backed secret values while picking up the persisted config update. (#37313) thanks @​bbblending.
• Gateway/Control UI: resolve bundled dashboard assets through symlinked global wrappers and auto-detected package roots, while keeping configured and custom roots on the strict hardlink boundary. (#40385) Thanks @​LarytheLord.
• Browser/extension relay: add browser.relayBindHost so the Chrome relay can bind to an explicit non-loopback address for WSL2 and other cross-namespace setups, while preserving loopback-only defaults. (#39364) Thanks @​mvanhorn.
• Browser/CDP: normalize loopback direct WebSocket CDP URLs back to HTTP(S) for /json/* tab operations so local ws:// / wss:// profiles can still list, focus, open, and close tabs after the new direct-WS support lands. (#31085) Thanks @​shrey150.
• Browser/CDP: rewrite wildcard ws://0.0.0.0 and ws://[::] debugger URLs from remote /json/version responses back to the external CDP host/port, fixing Browserless-style container endpoints. (#17760) Thanks @​joeharouni.
• Browser/extension relay: wait briefly for a previously attached Chrome tab to reappear after transient relay drops before failing with tab not found, reducing noisy reconnect flakes. (#32461) Thanks @​AaronWander.
• macOS/Tailscale gateway discovery: keep Tailscale Serve probing alive when other remote gateways are already discovered, prefer direct transport for resolved .ts.net and Tailscale Serve gateways, and set TERM=dumb for GUI-launched Tailscale CLI discovery. (#40167) thanks @​ngutman.
• TUI/theme: detect light terminal backgrounds via COLORFGBG and pick a WCAG AA-compliant light palette, with OPENCLAW_THEME=light|dark override for terminals without auto-detection. (#38636) Thanks @​ademczuk and @​vincentkoc.
• Agents/openai-codex: normalize gpt-5.4 fallback transport back to openai-codex-responses on chatgpt.com/backend-api when config drifts to the generic OpenAI responses endpoint. (#38736) Thanks @​0xsline.
• Models/openai-codex GPT-5.4 forward-compat: use the GPT-5.4 1,050,000-token context window and 128,000 max tokens for openai-codex/gpt-5.4 instead of inheriting stale legacy Codex limits in resolver fallbacks and model listing. (#37876) thanks @​yuweuii.
• Tools/web search: restore Perplexity OpenRouter/Sonar compatibility for legacy OPENROUTER_API_KEY, sk-or-..., and explicit perplexity.baseUrl / model setups while keeping direct Perplexity keys on the native Search API path. (#39937) Thanks @​obviyus.
• Agents/failover: detect Amazon Bedrock Too many tokens per day quota errors as rate limits across fallback, cron retry, and memory embeddings while keeping context-window too many tokens per request errors out of the rate-limit lane. (#39377) Thanks @​gambletan.
• Mattermost replies: keep root_id pinned to the existing thread root when an agent replies inside a thread, while still using reply-target threading for top-level posts. (#27744) thanks @​hnykda.
• Telegram/DM partial streaming: keep DM preview lanes on real message edits instead of native draft materialization so final replies no longer flash a second duplicate copy before collapsing back to one.
• macOS overlays: fix VoiceWake, Talk, and Notify overlay exclusivity crashes by removing shared inout visibility mutation from OverlayPanelFactory.present, and add a repeated Talk overlay smoke test. (#39275, #39321) Thanks @​fellanH.
• macOS Talk Mode: set the speech recognition request taskHint to .dictation for mic capture, and add regression coverage for the request defaults. (#38445) Thanks @​dmiv.
• macOS release packaging: default scripts/package-mac-app.sh to universal binaries for BUILD_CONFIG=release, and clarify that scripts/package-mac-dist.sh already produces the release zip + DMG. (#33891) Thanks @​cgdusek.
• Hooks/session-memory: keep /new and /reset memory artifacts in the bound agent workspace and align saved reset session keys with that workspace when stale main-agent keys leak into the hook path. (#39875) thanks @​rbutera.
• Sessions/model switch: clear stale cached contextTokens when a session changes models so status and runtime paths recompute against the active model window. (#38044) thanks @​yuweuii.
• ACP/session history: persist transcripts for successful ACP child runs, preserve exact transcript text, record ACP spawned-session lineage, and keep spawn-time transcript-path persistence best-effort so history storage failures do not block execution. (#40137) thanks @​mbelinky.
• Docs/browser: add a layered WSL2 + Windows remote Chrome CDP troubleshooting guide, including Control UI origin pitfalls and extension-relay bind-address guidance. (#39407) Thanks @​Owlock.
• Context engine registry/bundled builds: share the registry state through a globalThis singleton so duplicated bundled module copies can resolve engines registered by each other at runtime, with regression coverage for duplicate-module imports. (#40115) thanks @​jalehman.

... (truncated)

Changelog

Sourced from openclaw's changelog.

2026.3.8

Changes

• CLI/backup: add openclaw backup create and openclaw backup verify for local state archives, including --only-config, --no-include-workspace, manifest/payload validation, and backup guidance in destructive flows. (#40163) thanks @​shichangs.
• macOS/onboarding: add a remote gateway token field for remote mode, preserve existing non-plaintext gateway.remote.token config values until explicitly replaced, and warn when the loaded token shape cannot be used directly from the macOS app. (#40187, supersedes #34614) Thanks @​cgdusek.
• Talk mode: add top-level talk.silenceTimeoutMs config so Talk waits a configurable amount of silence before auto-sending the current transcript, while keeping each platform's existing default pause window when unset. (#39607) Thanks @​danodoesdesign. Fixes #17147.
• TUI: infer the active agent from the current workspace when launched inside a configured agent workspace, while preserving explicit agent: session targets. (#39591) thanks @​arceus77-7.
• Tools/Brave web search: add opt-in tools.web.search.brave.mode: "llm-context" so web_search can call Brave's LLM Context endpoint and return extracted grounding snippets with source metadata, plus config/docs/test coverage. (#33383) Thanks @​thirumaleshp.
• CLI/install: include the short git commit hash in openclaw --version output when metadata is available, and keep installer version checks compatible with the decorated format. (#39712) thanks @​sourman.
• CLI/backup: improve archive naming for date sorting, add config-only backup mode, and harden backup planning, publication, and verification edge cases. (#40163) Thanks @​gumadeiras.
• ACP/Provenance: add optional ACP ingress provenance metadata and visible receipt injection (openclaw acp --provenance off|meta|meta+receipt) so OpenClaw agents can retain and report ACP-origin context with session trace IDs. (#40473) thanks @​mbelinky.
• Tools/web search: alphabetize provider ordering across runtime selection, onboarding/configure pickers, and config metadata, so provider lists stay neutral and multi-key auto-detect now prefers Grok before Kimi. (#40259) thanks @​kesku.
• Docs/Web search: restore $5/month free-credit details, replace defunct "Data for Search"/"Data for AI" plan names with current "Search" plan, and note legacy subscription validity in Brave setup docs. Follows up on #26860. (#40111) Thanks @​remusao.
• Extensions/ACPX tests: move the shared runtime fixture helper from src/runtime-internals/ to src/test-utils/ so the test-only helper no longer looks like shipped runtime code.

Fixes

• Update/macOS launchd restart: re-enable disabled LaunchAgent services before updater bootstrap so openclaw update can recover from a disabled gateway service instead of leaving the restart step stuck.
• macOS app/chat UI: route browser proxy through the local node browser service, preserve plain-text paste semantics, strip completed assistant trace/debug wrapper noise from transcripts, refresh permission state after returning from System Settings, and tolerate malformed cron rows in the macOS tab. (#39516) Thanks @​Imhermes1.
• Android/Play distribution: remove self-update, background location, screen.record, and background mic capture from the Android app, narrow the foreground service to dataSync only, and clean up the legacy location.enabledMode=always preference migration. (#39660) Thanks @​obviyus.
• Telegram/DM routing: dedupe inbound Telegram DMs per agent instead of per session key so the same DM cannot trigger duplicate replies when both agent:main:main and agent:main:telegram:direct:<id> resolve for one agent. Fixes #40005. Supersedes #40116. (#40519) thanks @​obviyus.
• Cron/Telegram announce delivery: route text-only announce jobs through the real outbound adapters after finalizing descendant output so plain Telegram targets no longer report delivered: true when no message actually reached Telegram. (#40575) thanks @​obviyus.
• Matrix/DM routing: add safer fallback detection for broken m.direct homeservers, honor explicit room bindings over DM classification, and preserve room-bound agent selection for Matrix DM rooms. (#19736) Thanks @​derbronko.
• Feishu/plugin onboarding: clear the short-lived plugin discovery cache before reloading the registry after installing a channel plugin, so onboarding no longer re-prompts to download Feishu immediately after a successful install. Fixes #39642. (#39752) Thanks @​GazeKingNuWu.
• Plugins/channel onboarding: prefer bundled channel plugins over duplicate npm-installed copies during onboarding and release-channel sync, preventing bundled plugins from being shadowed by npm installs with the same plugin ID. (#40092)
• Config/runtime snapshots: keep secrets-runtime-resolved config and auth-profile snapshots intact after config writes so follow-up reads still see file-backed secret values while picking up the persisted config update. (#37313) thanks @​bbblending.
• Gateway/Control UI: resolve bundled dashboard assets through symlinked global wrappers and auto-detected package roots, while keeping configured and custom roots on the strict hardlink boundary. (#40385) Thanks @​LarytheLord.
• Browser/extension relay: add browser.relayBindHost so the Chrome relay can bind to an explicit non-loopback address for WSL2 and other cross-namespace setups, while preserving loopback-only defaults. (#39364) Thanks @​mvanhorn.
• Browser/CDP: normalize loopback direct WebSocket CDP URLs back to HTTP(S) for /json/* tab operations so local ws:// / wss:// profiles can still list, focus, open, and close tabs after the new direct-WS support lands. (#31085) Thanks @​shrey150.
• Browser/CDP: rewrite wildcard ws://0.0.0.0 and ws://[::] debugger URLs from remote /json/version responses back to the external CDP host/port, fixing Browserless-style container endpoints. (#17760) Thanks @​joeharouni.
• Browser/extension relay: wait briefly for a previously attached Chrome tab to reappear after transient relay drops before failing with tab not found, reducing noisy reconnect flakes. (#32461) Thanks @​AaronWander.
• macOS/Tailscale gateway discovery: keep Tailscale Serve probing alive when other remote gateways are already discovered, prefer direct transport for resolved .ts.net and Tailscale Serve gateways, and set TERM=dumb for GUI-launched Tailscale CLI discovery. (#40167) thanks @​ngutman.
• TUI/theme: detect light terminal backgrounds via COLORFGBG and pick a WCAG AA-compliant light palette, with OPENCLAW_THEME=light|dark override for terminals without auto-detection. (#38636) Thanks @​ademczuk and @​vincentkoc.
• Agents/openai-codex: normalize gpt-5.4 fallback transport back to openai-codex-responses on chatgpt.com/backend-api when config drifts to the generic OpenAI responses endpoint. (#38736) Thanks @​0xsline.
• Models/openai-codex GPT-5.4 forward-compat: use the GPT-5.4 1,050,000-token context window and 128,000 max tokens for openai-codex/gpt-5.4 instead of inheriting stale legacy Codex limits in resolver fallbacks and model listing. (#37876) thanks @​yuweuii.
• Tools/web search: restore Perplexity OpenRouter/Sonar compatibility for legacy OPENROUTER_API_KEY, sk-or-..., and explicit perplexity.baseUrl / model setups while keeping direct Perplexity keys on the native Search API path. (#39937) Thanks @​obviyus.
• Agents/failover: detect Amazon Bedrock Too many tokens per day quota errors as rate limits across fallback, cron retry, and memory embeddings while keeping context-window too many tokens per request errors out of the rate-limit lane. (#39377) Thanks @​gambletan.
• Mattermost replies: keep root_id pinned to the existing thread root when an agent replies inside a thread, while still using reply-target threading for top-level posts. (#27744) thanks @​hnykda.
• Telegram/DM partial streaming: keep DM preview lanes on real message edits instead of native draft materialization so final replies no longer flash a second duplicate copy before collapsing back to one.
• macOS overlays: fix VoiceWake, Talk, and Notify overlay exclusivity crashes by removing shared inout visibility mutation from OverlayPanelFactory.present, and add a repeated Talk overlay smoke test. (#39275, #39321) Thanks @​fellanH.
• macOS Talk Mode: set the speech recognition request taskHint to .dictation for mic capture, and add regression coverage for the request defaults. (#38445) Thanks @​dmiv.
• macOS release packaging: default scripts/package-mac-app.sh to universal binaries for BUILD_CONFIG=release, and clarify that scripts/package-mac-dist.sh already produces the release zip + DMG. (#33891) Thanks @​cgdusek.
• Hooks/session-memory: keep /new and /reset memory artifacts in the bound agent workspace and align saved reset session keys with that workspace when stale main-agent keys leak into the hook path. (#39875) thanks @​rbutera.
• Sessions/model switch: clear stale cached contextTokens when a session changes models so status and runtime paths recompute against the active model window. (#38044) thanks @​yuweuii.
• ACP/session history: persist transcripts for successful ACP child runs, preserve exact transcript text, record ACP spawned-session lineage, and keep spawn-time transcript-path persistence best-effort so history storage failures do not block execution. (#40137) thanks @​mbelinky.
• Docs/browser: add a layered WSL2 + Windows remote Chrome CDP troubleshooting guide, including Control UI origin pitfalls and extension-relay bind-address guidance. (#39407) Thanks @​Owlock.
• Context engine registry/bundled builds: share the registry state through a globalThis singleton so duplicated bundled module copies can resolve engines registered by each other at runtime, with regression coverage for duplicate-module imports. (#40115) thanks @​jalehman.
• Podman/setup: fix cannot chdir: Permission denied in run_as_user when setup-podman.sh is invoked from a directory the target user cannot access, by wrapping user-switch calls in a subshell that cd's to /tmp with / fallback. (#39435) Thanks @​langdon and @​jlcbk.
• Podman/SELinux: auto-detect SELinux enforcing/permissive mode and add :Z relabel to bind mounts in run-openclaw-podman.sh and the Quadlet template, fixing EACCES on Fedora/RHEL hosts. Supports OPENCLAW_BIND_MOUNT_OPTIONS override. (#39449) Thanks @​langdon and @​githubbzxs.

... (truncated)

Commits

• 3caab92 test: narrow gateway loop signal harness
• d0847ee chore: prepare 2026.3.8 npm release
• 1d3dde8 fix(update): re-enable launchd service before updater bootstrap
• cc0f30f test: fix windows runtime and restart loop harnesses
• 250d3c9 chore: update appcast for 2026.3.8-beta.1
• 5fca4c0 chore: prepare 2026.3.8-beta.1 release
• 66c581c fix: normalize windows runtime shim executables
• 912aa87 test: fix Windows fake runtime bin fixtures
• 8d2d6db test: fix Node 24+ test runner and subagent registry mocks
• 2d55ad0 docs: move 2026.3.8 entries back to unreleased
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.