fix(plugins): reject incompatible package plugin API installs

[rohitjavvadi]

Summary

• reject package installs when package.json#openclaw.compat.pluginApi requires a newer OpenClaw runtime than the current host
• reject malformed present openclaw.compat.pluginApi package metadata instead of treating it as absent
• preflight npm package metadata before mutating the managed npm root, so incompatible updates do not remove an existing installed plugin
• skip already-persisted non-bundled plugins at discovery/manifest-registry load time when their package openclaw.compat.pluginApi no longer matches the current host
• keep the direct package install path aligned with ClawHub's plugin API compatibility check, including OpenClaw alpha/beta/rc CalVer host labels on the same stable API floor
• preserve explicit prerelease API floor ordering, so beta.1 does not satisfy a beta.2 plugin API requirement
• document openclaw.compat.pluginApi as the OpenClaw-owned install compatibility contract and release-sync process

Fixes #85869

Compatibility model

This PR uses openclaw.compat.pluginApi as the contract that answers whether a given OpenClaw runtime can safely install and load a plugin package. The host exposes a compatibility API version, and the plugin package declares the supported range. If the range does not include the host version, OpenClaw now fails before install mutation, dependency linking, package copying, or later runtime load.

This is intentionally separate from package version equality. OpenClaw and official plugins usually share CalVer release numbers, but version numbers alone are not enough: a plugin can be newer than the installed host, prerelease floors need exact SemVer-style ordering, and package metadata is the place where the plugin can say which OpenClaw plugin API it needs. openclaw.install.minHostVersion remains a separate install UX floor, while peerDependencies.openclaw remains npm metadata and is not the OpenClaw install blocker.

Malformed present openclaw.compat.pluginApi metadata now fails closed. A missing field means no package API floor; a present non-string or empty value is invalid package metadata and is rejected/skipped at install, discovery, and manifest-registry load boundaries.

Selection behavior

This PR does not yet implement best-compatible plugin version selection. For an npm spec such as npm:@openclaw/whatsapp, the resolver can still pick the registry's latest package; this patch makes that resolved package fail closed if its openclaw.compat.pluginApi is too new. That is the safe first step because it prevents older hosts from persisting a package that will crash later during plugin load.

The follow-up that makes most sense is a compatibility-aware resolver:

• ClawHub should answer latest-compatible for this host plugin API server-side, using the same openclaw.compat.pluginApi metadata.
• npm fallback can walk package versions and read package metadata when ClawHub cannot provide a catalog answer.
• The selector should prefer the newest package whose plugin API range includes the host version, rather than assuming matching package/OpenClaw version numbers.
• openclaw.build.openclawVersion can remain provenance/debug metadata, not the primary compatibility contract.

Release sync

The docs now describe the existing release-sync process: plugins:sync updates official plugin package versions and bumps existing openclaw.compat.pluginApi floors to the OpenClaw release version by default. Plugin-only releases can intentionally keep a lower API floor when the package still supports older OpenClaw hosts, but that lower floor needs explicit proof. This avoids a separate release process while making the compatibility contract explicit.

Real behavior proof

Behavior addressed: Direct package installs, npm package installs, bundle package installs, persisted external discovery, and manifest-registry load now fail closed when package plugin API metadata is incompatible or malformed.

Real environment tested: Local source checkout on macOS, Blacksmith Testbox-through-Crabbox Linux proof, and AWS Crabbox Linux live proof against the real npm registry.

Exact steps or command run after this patch:

CI=true OPENCLAW_HOME=<temp-openclaw-home> OPENCLAW_COMPATIBILITY_HOST_VERSION=2026.5.10-beta.1 node --import tsx src/index.ts plugins install npm:@openclaw/whatsapp
node scripts/run-vitest.mjs src/plugins/install.test.ts src/plugins/discovery.test.ts src/plugins/manifest-registry.test.ts src/agents/live-model-dynamic-candidates.test.ts src/infra/clawhub.test.ts
node scripts/run-vitest.mjs src/plugins/install.npm-spec.test.ts
node scripts/run-vitest.mjs src/plugin-sdk/fetch-runtime.test.ts
node scripts/run-tsgo.mjs -p tsconfig.core.json --incremental --tsBuildInfoFile .artifacts/tsgo-cache/core.tsbuildinfo
./node_modules/.bin/oxfmt --check --threads=1 src/plugins/package-compat.ts src/plugins/install.ts src/plugins/discovery.ts src/plugins/manifest-registry.ts src/plugins/install.test.ts src/plugins/discovery.test.ts src/plugins/manifest-registry.test.ts src/agents/live-model-dynamic-candidates.test.ts
node scripts/format-docs.mjs --check docs/reference/RELEASING.md docs/plugins/manifest.md
node scripts/check-docs-mdx.mjs docs/reference/RELEASING.md docs/plugins/manifest.md
git diff --check
.agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main

Evidence after fix: AWS Crabbox run run_e0c2d1ab3025 downloaded the current @openclaw/whatsapp@2026.5.27 package from npm and rejected it on the older host before persistence:

plugin "whatsapp" requires plugin API >=2026.5.27, but this OpenClaw runtime exposes 2026.5.10-beta.1. Upgrade OpenClaw or install a compatible plugin version and retry.

Focused regression proof passed locally: plugin install/discovery/registry/clawhub tests passed with 313 tests across 6 files, install.npm-spec passed 39 tests, core tsgo passed, docs checks passed, and final autoreview reported no accepted/actionable findings. Blacksmith Testbox-through-Crabbox proof tbx_01ksqz9p7n2s8g06f4s21c87r9 verified the Linux Node 24.16 plugin SDK guard test after the main rebase.

Observed result after fix: Older hosts now get an actionable compatibility error instead of persisting a package that can fail later during plugin load. Incompatible npm updates leave an existing package directory and managed-root dependency unchanged, persisted non-bundled plugins with incompatible or malformed package API metadata are skipped before package entry validation, and bundle-style package installs with future openclaw.compat.pluginApi metadata fail before copying.

What was not tested: A clean same-floor live registry install was not claimed; same-floor acceptance is covered by fixture proof. The full test suite was not run.

User-visible behavior

Operators get a clear install-time compatibility error that suggests upgrading OpenClaw or installing a compatible plugin version. Existing persisted plugins with incompatible or malformed package API metadata are skipped at load instead of failing later inside runtime code.

[clawsweeper]

Codex review: needs changes before merge. Reviewed May 28, 2026, 3:11 PM ET / 19:11 UTC.

Summary
The PR adds openclaw.compat.pluginApi package metadata checks across npm/path/bundle installs, discovery, manifest-registry loading, ClawHub range comparison, docs, and focused tests.

PR surface: Source +227, Tests +454, Docs +18. Total +699 across 17 files.

Reproducibility: yes. by source and supplied proof: current main only enforces minHostVersion, while the linked issue and PR live proof show an older host resolving a newer WhatsApp package and failing later. I did not rerun the live npm scenario; the stale fallback bug is source-reproducible from Object.assign retaining absent metadata fields.

Review metrics: 1 noteworthy metric.

• Package compatibility contract: 1 added. The PR adds openclaw.compat.pluginApi as package metadata used at install and load time, so maintainers need to review upgrade behavior before merge.

Merge readiness
Overall: 🦐 gold shrimp
Proof: 🦞 diamond lobster
Patch quality: 🦐 gold shrimp
Result: needs maintainer review before merge.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P2] Clear the stale fallback packageOpenClaw metadata bug and add the focused npm fallback regression.
• [P1] Get maintainer acceptance for the fail-closed compatibility behavior while compatible-version selection is deferred.
• Refresh after overlapping plugin-install PRs land or confirm the final merge result still preserves this behavior.

Risk before merge

• [P1] The PR intentionally turns openclaw.compat.pluginApi into a fail-closed install and load gate; older hosts with floating official package installs, downgrades, or restored incompatible non-bundled plugins may reject or skip plugins until operators upgrade OpenClaw or pin a compatible version.
• [P2] The trusted official prerelease fallback can still carry stale packageOpenClaw metadata from the rejected prerelease and reject a compatible stable fallback that lacks the new metadata.
• [P1] A codegraph comment reports overlapping edits with fix(codex): expose bound conversation dynamic tools #85213, fix(plugins): recover managed npm root after corrupt install failure (#85113) #86122, fix(update): fail closed on managed plugin pin conflicts #87304, and Repair active npm host after plugin installs #87573, so merge order may require a final refresh.

Maintainer options:

1. Fix stale fallback metadata first (recommended)
   Clear packageOpenClaw and any other fallback-absent resolution fields when trusted official fallback replaces an incompatible prerelease, then add the focused regression before merge.
2. Accept fail-closed rollout after repair
   Maintainers can decide the operator-facing upgrade/pin requirement is acceptable as the first step before compatible-version selection exists.
3. Pause for compatible selection
   If rejecting floating installs on older hosts is too disruptive, pause this PR and make the resolver choose the latest compatible plugin version before enforcing the gate broadly.

Copy recommended automerge instruction

@clawsweeper automerge

Special instructions:
Fix the stale npm resolution metadata bug in `src/plugins/install.ts`: when `installPluginFromNpmSpec` replaces an initial prerelease `npmResolution` with `trustedResolution.resolution`, do not let fields absent from the fallback metadata, especially `packageOpenClaw`, survive from the rejected prerelease. Preserve `resolvedAt`. Add a regression in `src/plugins/install.npm-spec.test.ts` where an official package resolves first to an incompatible prerelease with `openclaw.compat.pluginApi`, falls back to an older stable package without `openclaw` metadata, and installs successfully without stale compat rejection. Run `node scripts/run-vitest.mjs src/plugins/install.npm-spec.test.ts`, `./node_modules/.bin/oxfmt --check --threads=1 src/plugins/install.ts src/plugins/install.npm-spec.test.ts`, and `git diff --check`. Do not edit `CHANGELOG.md` or change the broader compatibility policy.

Next step before merge

• [P2] A focused automated repair can fix the stale fallback metadata bug and add the missing regression; broader compatibility acceptance remains a maintainer decision after that repair.

Security
Cleared: No concrete security or supply-chain regression was found; the PR adds npm metadata reads and fail-closed compatibility checks without new dependencies, workflow permissions, lockfiles, or code execution sources.

Review findings

• [P2] Clear fallback-only compat metadata before checking it — src/plugins/install.ts:1968-1970

Review details

Best possible solution:

Land the compatibility gate only after clearing stale fallback metadata, keeping the documented package contract/tests aligned, and having maintainers explicitly accept the fail-closed behavior while compatible-version selection remains future work.

Do we have a high-confidence way to reproduce the issue?

Yes, by source and supplied proof: current main only enforces minHostVersion, while the linked issue and PR live proof show an older host resolving a newer WhatsApp package and failing later. I did not rerun the live npm scenario; the stale fallback bug is source-reproducible from Object.assign retaining absent metadata fields.

Is this the best way to solve the issue?

No, not yet. The package API contract is a narrow maintainable first step, but the stale fallback metadata defect needs a focused fix and maintainers still need to accept the fail-closed rollout before compatible-version selection exists.

Full review comments:

• [P2] Clear fallback-only compat metadata before checking it — src/plugins/install.ts:1968-1970
  When an official install first resolves to an incompatible prerelease and trusted fallback selects a stable package whose npm metadata has no openclaw object, this Object.assign keeps the prerelease packageOpenClaw on npmResolution. The compatibility check below then rejects the stable fallback even though that is the package being installed, so clear or replace fallback-absent fields and cover this case with a regression.
  Confidence: 0.91

Overall correctness: patch is incorrect
Overall confidence: 0.86

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against a0fcb9167012.

Label changes

Label changes:

• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes structured after-fix real behavior proof with AWS Crabbox live npm-registry output and focused regression results; the latest head's additional change is test-only and does not invalidate that runtime proof.

Label justifications:

• P2: This is a normal-priority plugin install compatibility bugfix with limited blast radius, but it affects real recovery/update paths.
• merge-risk: 🚨 compatibility: Merging this PR can intentionally reject or skip plugins on existing older-host installs, downgrades, and restored package states.
• rating: 🦐 gold shrimp: Overall readiness is 🦐 gold shrimp; proof is 🦞 diamond lobster and patch quality is 🦐 gold shrimp.
• status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Sufficient (live_output): The PR body includes structured after-fix real behavior proof with AWS Crabbox live npm-registry output and focused regression results; the latest head's additional change is test-only and does not invalidate that runtime proof.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes structured after-fix real behavior proof with AWS Crabbox live npm-registry output and focused regression results; the latest head's additional change is test-only and does not invalidate that runtime proof.

Evidence reviewed

PR surface:

Source +227, Tests +454, Docs +18. Total +699 across 17 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	7	280	53	+227
Tests	8	470	16	+454
Docs	2	18	0	+18
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	17	768	69	+699

Acceptance criteria:

• [P1] node scripts/run-vitest.mjs src/plugins/install.npm-spec.test.ts.
• [P1] ./node_modules/.bin/oxfmt --check --threads=1 src/plugins/install.ts src/plugins/install.npm-spec.test.ts.
• [P1] git diff --check.

What I checked:

• PR head metadata: Live GitHub API reports the PR open at head a71361c with 17 changed files and maintainer edits allowed. (a71361c85f66)
• Current main lacks the new package API gate: Current main's installPluginFromNpmSpec resolves npm metadata and handles official prerelease fallback, but it has no packageOpenClaw / plugin API compatibility check before calling installPluginFromManagedNpmRoot. (src/plugins/install.ts:1856, a0fcb9167012)
• PR adds install-time compatibility validation: The PR adds validateOpenClawPackageCompatibility, returning incompatible_plugin_api when a package's openclaw.compat.pluginApi range does not include the host compatibility version. (src/plugins/install.ts:142, a71361c85f66)
• PR gates persisted plugin load/discovery: The PR skips non-bundled persisted package plugins during discovery and manifest-registry load when their package plugin API range is incompatible with the current host. (src/plugins/manifest-registry.ts:1044, a71361c85f66)
• Blocking source finding: When fallback metadata replaces an incompatible official prerelease, Object.assign can keep packageOpenClaw from the rejected prerelease because absent fallback fields do not clear existing properties; the later compatibility check reads that stale field. (src/plugins/install.ts:1968, a71361c85f66)
• Metadata absence path: normalizeNpmViewMetadata only includes packageOpenClaw when the npm metadata response has an openclaw object, so older stable fallback packages without that object will not overwrite the prerelease field. (src/infra/install-source-utils.ts:69, a71361c85f66)

Likely related people:

• steipete: Authored multiple follow-up commits on this PR and has recent current-main work in plugin registry, ClawHub, package install, and SDK-boundary surfaces related to this compatibility path. (role: recent area contributor and PR branch follow-up owner; confidence: high; commits: f4e47f9ff75c, fbae7333e5ac, 991aaf47d430; files: src/plugins/install.ts, src/plugins/manifest-registry.ts, src/infra/clawhub.ts)
• vincentkoc: Current-main blame and recent path history show work around installPluginFromNpmSpec and linked source checkout/plugin install behavior. (role: recent plugin install contributor; confidence: medium; commits: bbc9a7d3fa, 793e300cc5; files: src/plugins/install.ts)
• shakkernerd: Recent current-main commits changed managed plugin peer recovery and dependency preservation in the same install area this PR extends. (role: adjacent managed plugin install contributor; confidence: medium; commits: 402b0df3b6, f4cb20300f, 6e5042cd62; files: src/plugins/install.ts, src/infra/npm-managed-root.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

ClawSweeper PR egg: ✨ hatched 🌱 uncommon Frosted Patch Peep. Rarity: 🌱 uncommon. Trait: collects tiny proofs.

Details

Share on X: post this hatch
Copy: My PR egg hatched a 🌱 uncommon Frosted Patch Peep in ClawSweeper.
Hatchability:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

About:

• Eggs appear after real-behavior proof passes. They are collectible flavor only.
• Review momentum changes the shell state: follow-up work warms it, re-review makes it wobble, and a clean final review lets it hatch.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[rohitjavvadi]

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26550422467
• Updated: 2026-05-28T02:18:32.955Z

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 43ddf3c809

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Preserve prerelease floors in plugin API checks

When a package declares a prerelease API floor, e.g. the documented openclaw.compat.pluginApi: ">=2026.3.24-beta.2" in docs/plugins/building-plugins.md:69, this pattern now normalizes a 2026.3.24-beta.1 host to stable 2026.3.24 before range comparison. That makes satisfiesPluginApiRange("2026.3.24-beta.1", ">=2026.3.24-beta.2") pass even though the host predates the required SDK/API cut, so the new install-time guard can still persist plugins on older prerelease runtimes that may be missing the required API.

Useful? React with 👍 / 👎.

[rohitjavvadi]

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26554302524
• Updated: 2026-05-28T04:23:09.390Z