Discord Crashes, Agent Failover, and a Telegram Ghost: OpenClaw's Other March 26 Fixes

March 26 was a 25-PR day for OpenClaw. Thirteen of those were jacobtomlinson's security sweep. The other twelve handled everything from Discord crashing during shutdown to agent models refusing to fail over. Here's what shipped.

Takhoffman's PR #55373 fixes two race conditions in the Discord gateway supervisor. The first: the error listener was removed during dispose(), but “reconnect-exhausted” events could arrive after disposal, hitting an unhandled error and crashing the process. The fix keeps the listener active but routes post-dispose events to the logger instead of throwing.

The second: the Carbon gateway wasn't disconnected during startup cleanup if the lifecycle phase never began. A failed startup left dangling connections. The lifecycleGateway reference is now hoisted to outer scope so the finally block can always clean it up.

A companion PR (#55324, joelnishanth) suppresses the expected “reconnect-exhausted” shutdown errors from logging as failures. When Discord intentionally exhausts reconnect attempts during a graceful shutdown, that's not an error — it's the system working as designed. The logs now reflect that.

PR #55206 (cosmicnet) adds a single regex to the error classification system: \bfailed to (?:extract|parse|validate|decode)\b.*\btoken\b. The context: when the openai-codex-responses stream provider fails to extract a chatgpt_account_id claim from an OAuth token — common with ChatGPT Pro tokens and GPT-5+ models — the error wasn't recognized as an auth error, so the failover chain terminated instead of trying the next provider.

The fix is tiny (one pattern, one test), but the impact is disproportionate: any Copilot user whose token didn't include the expected claim would see their agent fail completely instead of falling back to an alternative model. Now it falls back.

PR #55173 (obviyus) fixes a bug where ACP (Automatic Code Processing) output was delivered twice on Telegram: once through the routed channel, and again as a synthetic terminal fallback. The fallback exists for channels that might not deliver visible text — but on Telegram, where delivery succeeded, it produced duplicate messages.

The fix introduces a deliveredVisibleText boolean that tracks successful delivery. The synthetic fallback is suppressed when this flag is true. It also corrects channel detection to prefer the provider field over surface metadata, ensuring Telegram is properly identified in relayed contexts.

• Discord native command allowFrom (#55212, bugkill3r) — Guild entries in the allowFrom config for native slash commands were silently ignored. Now honored.
• ACP terminal title sanitization (#55137, jacobtomlinson) — Tool titles in ACP terminal output are now sanitized to prevent escape sequence injection.
• Stale README packlist entry (#55325, rustam-mkn) — A reference to a deleted README-header.png was removed from the npm pack list. Cosmetic, but it prevented clean packaging.

• Windows test shard fanout (#55261, Takhoffman) — CI sharding optimized for Windows runners. Fewer wasted shards, better parallelism.
• Test runner help text (#55227, Takhoffman) — The test runner's --help output now actually explains what each flag does.
• Portable stderr capture (#55184, Takhoffman) — Test stderr capture was platform-dependent and leaked environment variables. Fixed for consistent cross-platform behavior.
• Beta blocker contributor guidance (#55199, Takhoffman) — New documentation for contributors on how to handle beta-blocking issues. The kind of process documentation that doesn't exist until someone writes it.

Twenty-five PRs in one day. Thirteen security patches. Two Discord race conditions. One agent failover unblock. One Telegram duplicate. Three quick fixes. Four CI/testing improvements. Six different contributors. No release notes.

This is what maintaining an open-source project at scale actually looks like. Not feature launches. Not blog posts. Just a steady stream of fixes that keep the system from accumulating the kind of debt that becomes a headline.

All fixes are live on DeployClaw. No user action required.