Release Downloads

May 12, 2026 ยท View on GitHub

OpenClaw.NET's low-friction desktop path is the desktop bundle published on GitHub Releases. It bundles:

  • Companion
  • the NativeAOT gateway
  • the NativeAOT CLI

Users should start with the desktop bundle for their platform instead of GitHub Actions artifacts.

AssetAudience
openclaw-desktop-win-x64.zipWindows desktop users
openclaw-desktop-osx-arm64.zipApple Silicon macOS desktop users
openclaw-desktop-linux-x64.zipLinux desktop users
openclaw-gateway-aot-*.zipOperators who want the NativeAOT gateway with native default and optional Runtime.Orchestrator=maf
openclaw-cli-aot-*.zipCLI-only installs and scripting

Each archive has a matching .sha256 checksum file.

Gateway artifacts now include the Microsoft Agent Framework adapter in the normal build. Runtime.Orchestrator=native remains the default in every artifact; set OpenClaw:Runtime:Orchestrator=maf only when you want the supported MAF runtime path.

User First Run

  1. Download the desktop bundle from the latest GitHub Release.
  2. Extract the archive.
  3. Launch Companion from the companion folder.
  4. Use the Setup tab to enter a provider, model, workspace, and provider key.
  5. Click Set Up and Start.

Companion writes the normal local OpenClaw config, starts the bundled gateway on 127.0.0.1, and connects to it. If a config already exists, Companion can auto-start the local gateway on launch.

Current Signing State

The release workflow builds Windows and macOS archives and has optional signing/notarization hooks. Assets are unsigned unless the required repository secrets are configured.

  • Windows archives are unsigned until Authenticode signing secrets are configured. Some users may see SmartScreen warnings.
  • macOS archives are unsigned and not notarized until Apple Developer ID signing secrets are configured. Users may need to right-click Open or remove quarantine for local testing.

Release-grade onboarding requires these secrets:

SecretUsed for
WINDOWS_SIGNING_CERT_BASE64Base64-encoded Authenticode .pfx
WINDOWS_SIGNING_CERT_PASSWORDAuthenticode certificate password
APPLE_DEVELOPER_ID_CERT_BASE64Base64-encoded Apple Developer ID .p12
APPLE_DEVELOPER_ID_CERT_PASSWORDApple certificate password
APPLE_CODESIGN_IDENTITYDeveloper ID Application identity
APPLE_IDApple ID for notarization
APPLE_TEAM_IDApple team ID for notarization
APPLE_APP_SPECIFIC_PASSWORDApp-specific password for notarization

Installer polish is still a follow-up: .exe/.msix for Windows and .dmg for macOS.

Maintainer Flow

Tagged releases build and publish assets automatically:

git tag v0.1.0
git push origin v0.1.0

Maintainers can also run the Release workflow manually. Manual runs can create or update a draft release when a tag is supplied.

The workflow currently builds:

  • linux-x64 on ubuntu-latest
  • win-x64 on windows-latest
  • osx-arm64 on macos-15

The macOS runner label is intentionally ARM-native for the osx-arm64 artifact. Add an Intel macOS row only if you want to support older Intel Macs and have a runner that can NativeAOT publish that RID reliably.

Companion Release Smoke

Before publishing a public desktop release, run this manual smoke on at least one desktop bundle:

  1. Extract the desktop archive into a clean directory.
  2. Launch Companion from the companion folder.
  3. Use Setup with a temporary workspace and either a local Ollama model or a throwaway provider key.
  4. Confirm Companion writes config, starts the bundled gateway on 127.0.0.1, and shows a connected state.
  5. Stop the managed gateway, start it again, and confirm Companion reconnects.
  6. Delete or corrupt the temporary config and confirm setup surfaces a clear recoverable error.
  7. Close Companion and confirm the managed gateway process exits.

macOS NativeAOT Linker Note

The gateway project currently opts into Apple's classic linker for osx-arm64 NativeAOT publishes because the new macOS arm64 linker can fail with an ld::Fixup assertion on the gateway binary. This may print a -ld_classic is deprecated warning during gateway publish. The CLI does not use this fallback by default. Scheduled/manual CI probes the gateway with -p:OpenClawUseClassicMacLd=false; remove the gateway opt-in when the Apple/.NET toolchain links the gateway reliably without it.

CI Artifacts vs Releases

Actions artifacts are useful for validating a commit, but they are not a user-friendly distribution channel. They can expire, may require GitHub access, and are harder for users to find. GitHub Releases are the supported download surface for normal users.