fix(plugins): repair managed npm openclaw peers

Remove stale managed-root openclaw manifests, locks, hidden locks, and installed copies before npm plugin installs. Relink plugin-local openclaw peer symlinks after shared-root npm install, rollback, update, and uninstall mutations so SDK-using plugins keep resolving openclaw/plugin-sdk/*. Force safe npm commands out of inherited legacy/strict peer-dependency modes. Co-authored-by: Vincent Koc <vincentkoc@ieee.org> Co-authored-by: Patrick Erichsen <patrick.a.erichsen@gmail.com>
2026-05-06 12:20:44 +00:00 · 2026-05-06 07:32:25 +01:00
parent 8cc762daff
commit 8e533490ab
13 changed files with 993 additions and 6 deletions
--- a/docs/plugins/dependency-resolution.md
+++ b/docs/plugins/dependency-resolution.md
@@ -51,6 +51,14 @@ the plugin package. OpenClaw scans the managed npm root before trusting the
 install and uses npm to remove npm-managed packages during uninstall, so hoisted
 runtime dependencies stay inside the managed cleanup boundary.

+Plugins that import `openclaw/plugin-sdk/*` declare `openclaw` as a peer
+dependency. OpenClaw does not let npm install a separate registry copy of the
+host package into the managed root, because stale host packages can affect npm
+peer resolution during later plugin installs. Instead, after npm finishes
+mutating the shared root during install, update, or uninstall, OpenClaw reasserts
+plugin-local `node_modules/openclaw` links for installed packages that declare
+the host peer.
+
 git installs clone or refresh the repository, then run:

 ```bash