QQBot schema validation relaxed for extensions

fix(qqbot): allow extension fields in channel config schema

Use passthrough() on QQBotConfigSchema, QQBotAccountSchema, and QQBotStreamingSchema so third-party builds that share the qqbot channel id can add custom fields without triggering "must NOT have additional properties" validation errors.

tts and stt sub-schemas remain strict to preserve typo detection for those sensitive fields.

<img width="1609" height="321" alt="image" src="https://github.com/user-attachments/assets/962da85c-0d85-472b-8944-f14240618e8b" />

Summary

• Problem: @tencent-connect/openclaw-qqbot build that extends channels.qqbot with custom fields, fails gateway startup with invalid config: must NOT have additional properties since v2026.4.7, when ensureChannelSchemas() was changed to load GENERATED_BUNDLED_CHANNEL_CONFIG_METADATA as the primary schema source instead of the runtime plugin registry.
• Why it matters: @tencent-connect/openclaw-qqbot shares the same qqbot channel id as the bundled plugin and cannot change it; any field not declared in the bundled schema blocks startup even if plugins.entries.qqbot.enabled = false.
• What changed: QQBotAccountSchema, QQBotStreamingSchema object branch, and top-level QQBotConfigSchema switched from .strict() to .passthrough(); generated.ts regenerated; openclaw.plugin.json top-level and account additionalProperties set to true.
• What did NOT change: QQBotTtsSchema and QQBotSttSchema remain .strict() to preserve field-name typo detection for TTS/STT configuration.

Change Type

• Bug fix

Scope

• Integrations
• API / contracts

Linked Issue/PR

• Closes #
• This PR fixes a bug or regression

Root Cause

• Root cause: 1a63f5b972 (v2026.4.7, "fix: preserve plugin auto-enable activation context") changed ensureChannelSchemas() in src/config/validation.ts to load GENERATED_BUNDLED_CHANNEL_CONFIG_METADATA as the primary schema source before the runtime plugin registry. As a result, the bundled qqbot schema (which uses additionalProperties: false) is always applied regardless of whether the qqbot plugin is enabled or overridden by a third-party build. Before v2026.4.7, channel schemas were sourced exclusively from the runtime registry, so a disabled or absent qqbot plugin meant no schema existed and validation was skipped.
• Missing detection / guardrail: No test covered the case where a third-party build shares a bundled channel id and adds fields not declared in the bundled schema.
• Contributing context: qqbot was added as a bundled channel plugin (bf6f506dfa, 2026-03-31) with additionalProperties: false on all schema levels. The schema change in 1a63f5b972 was aimed at a different problem (plugin auto-enable context) and the qqbot extensibility impact was not anticipated.

Regression Test Plan

• Coverage level that should have caught this:
  • Unit test
• Target test or file: src/config/validation.channel-passthrough.test.ts
• Scenario the test should lock in: config containing channels.qqbot with an unknown top-level field passes validation without errors
• Why this is the smallest reliable guardrail: directly exercises the JSON Schema validation path in validateConfigObjectWithPlugins
• Existing test that already covers this (if any): None
• If no new test is added, why not: The fix is in schema definition; behavior is covered by existing channel config validation tests that verify additionalProperties: {} allows extra fields

User-visible / Behavior Changes

• channels.qqbot, channels.qqbot.accounts.*, and channels.qqbot.*.streaming now accept unknown fields without validation errors. This is required for @tencent-connect/openclaw-qqbot users who configure additional fields in these sections.
• channels.qqbot.tts and channels.qqbot.stt (and nested sub-objects) still reject unknown fields.

Diagram

Before (v2026.4.7+):
channels.qqbot: { myCustomField: "x" }
  -> GENERATED_BUNDLED schema (additionalProperties: false)
  -> validation error
  -> gateway fails to start

After:
channels.qqbot: { myCustomField: "x" }
  -> GENERATED_BUNDLED schema (additionalProperties: true / passthrough)
  -> validation passes
  -> gateway starts

Security Impact

• New permissions/capabilities? No
• Secrets/tokens handling changed? No
• New/changed network calls? No
• Command/tool execution surface changed? No
• Data access scope changed? No

Repro + Verification

Environment

• OS: Linux (server)
• Runtime/container: Node 22
• Integration/channel: qqbot (@tencent-connect/openclaw-qqbot)
• Relevant config:

  {
    "channels": {
      "qqbot": {
        "appId": "xxx",
        "accounts": {
          "bot2": {
            "appId": "yyy",
            "customField": "zzz"
          }
        }
      }
    }
  }
  

Steps

1. Install openclaw >= v2026.4.7 with qqbot bundled
2. Install @tencent-connect/openclaw-qqbot and configure it with custom fields in channels.qqbot.accounts.<id>
3. Run openclaw gateway run

Expected

• Gateway starts successfully

Actual (before fix)

• Config invalid: channels.qqbot: invalid config: must NOT have additional properties

Evidence

• Failing test/log before + passing after

Human Verification

• Verified scenarios: gateway starts with extra fields in channels.qqbot and channels.qqbot.accounts.*
• Edge cases checked: tts/stt typo detection still works; streaming object mode enum still validated
• What you did not verify: behavior on Windows; behavior when qqbot plugin is fully uninstalled

Compatibility / Migration

• Backward compatible? Yes
• Config/env changes? No
• Migration needed? No

Risks and Mitigations

• Risk: Loosening schema allows typos in channels.qqbot top-level fields to pass silently (e.g. appld instead of appId)
  • Mitigation: Only top-level, account, and streaming object are passthrough; tts/stt remain strict. Core account fields (appId, clientSecret) are consumed by the runtime which will surface missing-value errors at connection time rather than config load time.