feat(whatsapp): add WhatsApp channel support

CHANGELOG.md

@@ -174,6 +174,44 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   `retry_after_seconds`.
 - **Login retry UX**: The login page now disables the password Sign In button
   while throttled and shows a live `Retry in Xs` countdown.
+- **WhatsApp channel support**: Add WhatsApp as a second messaging channel via
+  the `whatsapp-rust` crate. Supports QR code pairing through WhatsApp Linked
+  Devices, inbound text/slash-command handling, outbound text replies, typing
+  indicators, and real-time pairing events over WebSocket. Gated behind the
+  `whatsapp` cargo feature (enabled by default).
+- **Multi-channel architecture**: Refactored `LiveChannelService` from
+  Telegram-only to a multi-channel registry with concrete plugin fields behind
+  feature flags. Added `MultiChannelOutbound` for routing outbound messages by
+  account type.
+- **WhatsApp Web UI**: Channel type picker, QR code pairing modal, and
+  WhatsApp-specific channel card/edit views in the Channels settings page.
+- **New crate `moltis-whatsapp`**: Pure Rust WhatsApp client plugin with
+  in-memory Signal Protocol store, connection lifecycle management, event
+  handlers, and outbound adapter.
+- **WhatsApp session persistence**: Replace in-memory store with sled-backed
+  persistent storage so Signal Protocol state (keys, sessions, device info)
+  survives restarts. One sled database per account at
+  `~/.moltis/whatsapp/<account_id>/`. No more re-scanning QR codes after
+  each restart.
+- **WhatsApp access control**: DM and group access policies (Open, Allowlist,
+  Disabled), per-account allowlists, and OTP self-approval flow — matching
+  the Telegram channel's access control model. Includes gateway integration
+  for sender approve/deny and web UI for configuring policies.
+- **WhatsApp media handling**: Support for inbound image, voice/audio, video,
+  document, and location messages. Images are downloaded and optimized for
+  LLM consumption via `moltis-media`. Voice messages are transcribed via STT
+  when available. Video thumbnails are sent as image attachments. Documents
+  dispatch caption and metadata. Locations resolve pending tool requests or
+  dispatch coordinates to the LLM.
+- **WhatsApp self-chat support**: Automatically detect and process messages sent
+  to yourself via WhatsApp's "Message Yourself" feature, without requiring a
+  separate phone number. Self-chat messages bypass access control (the account
+  owner is always authorized). Dual loop prevention: sent-message-ID tracking
+  in a bounded ring buffer, plus an invisible Unicode watermark (ZWJ/ZWNJ
+  sequence) appended to all bot-sent messages as a secondary check.
+- **WhatsApp documentation**: Added `docs/src/whatsapp.md` covering setup (CLI
+  and Web UI), configuration reference, access control, session persistence,
+  self-chat, media handling, and troubleshooting.
 
 ### Changed
 
@@ -201,7 +239,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [0.6.0] - 2026-02-10
 
 ### Added
-
 - **`BeforeLLMCall` / `AfterLLMCall` hooks**: New modifying hook events that fire
   before sending prompts to the LLM provider and after receiving responses
   (before tool execution). Enables prompt injection filtering, PII redaction,
@@ -251,7 +288,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   setups (without a password) would incorrectly allow unauthenticated access
   on local connections, because the `has_password()` check returned false
   even though `is_setup_complete()` was true.
-
 ## [0.5.0] - 2026-02-09
 
 ### Added
@@ -269,7 +305,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - **API key scope enforcement**: API keys with empty/no scopes are now denied
   access instead of silently receiving full admin privileges. Keys must specify
   at least one scope explicitly (least-privilege by default).
-
 ## [0.4.1] - 2026-02-09
 
 ### Fixed
@@ -349,7 +384,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - **CodSpeed workflow zizmor audit**: Pinned `CodSpeedHQ/action@v4` to commit
   SHA to satisfy zizmor's `unpinned-uses` audit.
-
 ## [0.3.7] - 2026-02-09
 
 ### Fixed

CLAUDE.md

@@ -16,6 +16,11 @@ https://docs.openclaw.ai and its code is at https://github.com/openclaw/openclaw
 All code you write must have tests with high coverage. Always check for Security
 to make code safe.
 
+### Repo Timeout Override
+
+- If a command runs longer than 15 minutes, stop it, capture logs/context, and
+  check with the user before retrying.
+
 ## Cargo Features
 
 When adding a new feature behind a cargo feature flag, **always enable it by
@@ -938,7 +943,9 @@ integrate them together so nothing is lost.
 **Local validation:** When a PR exists, **always** run
 `./scripts/local-validate.sh <PR_NUMBER>` (e.g. `./scripts/local-validate.sh 63`)
 to check fmt, lint, and tests locally and publish commit statuses to the PR.
-Running the script without a PR number is useless — it skips status publishing.
+Never run it without a PR number.
+If the script auto-commits `Cargo.lock` (or any change), push first, then rerun
+`./scripts/local-validate.sh <PR_NUMBER>` so local `HEAD` matches the PR head.
 
 **PR description quality:** Every pull request must include a clear, reviewer-friendly
 description with at least these sections: