Check ClawHub trust before plugin installs (#81307)

Merged via squash. Prepared head SHA: 273fd7c20e Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com> Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com> Reviewed-by: @jesse-merhi
2026-05-21 00:04:46 +00:00 · 2026-05-13 16:31:52 +10:00
parent cf68115e6e
commit 87eb450047
23 changed files with 832 additions and 43 deletions
--- a/src/cli/plugins-cli.update.test.ts
+++ b/src/cli/plugins-cli.update.test.ts
@@ -210,6 +210,35 @@ describe("plugins cli update", () => {
    expect(updateParams.dangerouslyForceUnsafeInstall).toBe(true);
  });

+  it("passes ClawHub risk acknowledgement to plugin updates", async () => {
+    const config = createTrackedPluginConfig({
+      pluginId: "openclaw-codex-app-server",
+      spec: "openclaw-codex-app-server@beta",
+    });
+    loadConfig.mockReturnValue(config);
+    setInstalledPluginIndexInstallRecords(config.plugins?.installs ?? {});
+    updateNpmInstalledPlugins.mockResolvedValue({
+      config,
+      changed: false,
+      outcomes: [],
+    });
+
+    await runPluginsCommand([
+      "plugins",
+      "update",
+      "openclaw-codex-app-server",
+      "--acknowledge-clawhub-risk",
+    ]);
+
+    expect(updateNpmInstalledPlugins).toHaveBeenCalledWith(
+      expect.objectContaining({
+        config,
+        pluginIds: ["openclaw-codex-app-server"],
+        acknowledgeClawHubRisk: true,
+      }),
+    );
+  });
+
  it("writes updated config when updater reports changes", async () => {
    const cfg = {
      plugins: {