fix: isolate npm plugin installs per package

[steipete]

Summary

• Install each npm plugin into its own managed npm project under npm/projects/<hash>.
• Update install-record recovery, metadata snapshots, doctor repair, post-core peer relinking, and uninstall cleanup to scan both per-plugin projects and the legacy flat root.
• Update plugin install docs and npm-spec tests for the isolated layout.

Refs npm/cli#87573.

Verification

Behavior addressed: npm plugin installs no longer share one managed npm project, so one plugin's dependency graph cannot evict or rewrite another plugin's dependencies.
Real environment tested: local macOS checkout plus Crabbox AWS Linux changed gate.
Exact steps or command run after this patch:

• node scripts/run-vitest.mjs src/plugins/install.npm-spec.test.ts src/plugins/uninstall.test.ts src/plugins/installed-plugin-index-records.test.ts src/commands/doctor-plugin-registry.test.ts src/commands/doctor/shared/missing-configured-plugin-install.test.ts src/plugins/plugin-registry-snapshot.test.ts src/plugins/status.registry-snapshot.test.ts src/plugins/plugin-peer-link.test.ts src/cli/update-cli/post-core-plugin-convergence.test.ts
• node scripts/run-vitest.mjs run --config test/vitest/vitest.e2e.config.ts src/plugins/install.npm-spec.e2e.test.ts
• pnpm docs:list
• git diff --check
• .agents/skills/autoreview/scripts/autoreview --mode local
• node scripts/crabbox-wrapper.mjs run --shell -- "pnpm check:changed"
  Evidence after fix: local focused unit set passed 9 files / 234 tests; npm-spec e2e passed 1 file / 11 tests; docs list and diff check passed; autoreview reported no accepted/actionable findings; Crabbox run run_67dbef71c0fe passed pnpm check:changed on AWS lease cbx_caf3dd61b2a2.
  Observed result after fix: managed npm installs, uninstall, recovery, doctor repair, and post-core peer repair all resolve per-plugin project roots while retaining legacy flat-root recovery/repair.
  What was not tested: live install against the public npm registry; e2e uses local static/mutable registries.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed May 28, 2026, 3:41 PM ET / 19:41 UTC.

Summary
The branch moves npm-sourced plugin installs into per-package managed npm projects and updates recovery, doctor repair, uninstall, peer relinking, Codex lookup, docs, tests, and related proof tooling for that layout.

PR surface: Source +252, Tests +338, Docs +6, Config 0, Other +90. Total +686 across 38 files.

Reproducibility: no. live conflict repro was run in this review. Source inspection shows current main uses one shared managed npm root for all npm plugin packages, which is enough to make the reported dependency-graph collision source-reproducible.

Review metrics: 1 noteworthy metric.

• Managed npm install layout: 1 default filesystem layout changed. The PR changes npm plugin installs from a shared managed root to per-package projects, which is the compatibility-sensitive surface maintainers need to accept before merge.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P2] Add one live public npm registry install/update/uninstall smoke if maintainers want to close the remaining proof gap before merge.

Risk before merge

• [P1] Existing flat-root npm plugin installs now depend on the added legacy recovery, doctor repair, peer-link, and uninstall paths during upgrade; CI cannot cover every user state in that compatibility boundary.
• [P1] The PR body explicitly says a live public npm registry install was not tested, so fixture-registry coverage may miss registry or package-manager behavior outside the local e2e setup.

Maintainer options:

1. Accept fixture-plus-Crabbox proof
   Maintainers can land with the existing recovery coverage if they accept the remaining live-registry proof gap for this compatibility-sensitive layout change.
2. Request one live registry smoke
   Before merge, ask for a public npm install/update/uninstall smoke that exercises the new project layout against the real registry.
3. Pause for upgrade-path audit
   If maintainers are not comfortable with the layout migration yet, pause until flat-root upgrade, doctor, and uninstall behavior are audited against representative existing state directories.

Next step before merge

• The remaining action is maintainer acceptance of a compatibility-sensitive install layout change and whether the current proof is enough without a live registry smoke.

Security
Cleared: The diff touches npm install and proof/automation surfaces, but I found no concrete security or supply-chain regression in the reviewed changes.

Review details

Best possible solution:

Land the isolated-project layout only after maintainers accept the upgrade compatibility boundary and either accept the fixture-plus-Crabbox proof or request one live public-registry smoke, while keeping the legacy flat-root recovery paths intact.

Do we have a high-confidence way to reproduce the issue?

No live conflict repro was run in this review. Source inspection shows current main uses one shared managed npm root for all npm plugin packages, which is enough to make the reported dependency-graph collision source-reproducible.

Is this the best way to solve the issue?

Yes, isolating each npm package into its own managed project is the right ownership boundary for shared dependency-graph conflicts. The branch also preserves legacy flat-root recovery, so the remaining question is maintainer acceptance of the upgrade risk and proof gap.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 8fbdfc0a764b.

Label changes

Label justifications:

• P2: This is a normal-priority plugin install correctness and upgrade-safety fix with meaningful but bounded blast radius.
• merge-risk: 🚨 compatibility: Changing the default npm plugin filesystem layout can affect existing installs, doctor repair, peer relinking, uninstall cleanup, and upgrades even when tests pass.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (terminal): The PR body includes exact after-patch commands, local macOS and Crabbox AWS changed-gate evidence, and observed install/recovery/uninstall behavior; live public-registry proof remains an explicit gap but not a contributor-proof blocker.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes exact after-patch commands, local macOS and Crabbox AWS changed-gate evidence, and observed install/recovery/uninstall behavior; live public-registry proof remains an explicit gap but not a contributor-proof blocker.

Evidence reviewed

PR surface:

Source +252, Tests +338, Docs +6, Config 0, Other +90. Total +686 across 38 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	12	316	64	+252
Tests	12	526	188	+338
Docs	6	46	40	+6
Config	1	1	1	0
Generated	0	0	0	0
Other	7	94	4	+90
Total	38	983	297	+686

What I checked:

• Current shared-root behavior: Current main installs npm plugins under one managed npm root, with package directories below that root's node_modules. (src/plugins/install.ts:694, 8fbdfc0a764b)
• PR isolated-project implementation: The PR computes a package-specific npm project root with resolvePluginNpmProjectDir before deriving the installed package directory. (src/plugins/install.ts:695, 322243da1f66)
• Legacy recovery remains covered: Recovered install records are built from both the legacy flat npm root and every managed npm project root, so existing flat-root installs are not orphaned by the new layout. (src/plugins/installed-plugin-index-record-reader.ts:143, 322243da1f66)
• Uninstall recognizes project roots: The PR adds project-root matching for npm install records so uninstall cleanup can run npm operations from the owning managed project root. (src/plugins/uninstall.ts:215, 322243da1f66)
• Repository policy applied: Root AGENTS.md marks plugin APIs, persisted preferences, config/defaults, setup, startup checks, and fallback behavior as compatibility/upgrade-sensitive review surfaces. (AGENTS.md:26, 8fbdfc0a764b)
• Submitted proof: The PR body reports focused unit coverage, npm-spec e2e coverage, docs:list, diff check, local autoreview, and Crabbox changed-gate proof run_67dbef71c0fe, while explicitly noting that a live public npm registry install was not tested. (322243da1f66)

Likely related people:

• steipete: Current-main blame attributes the central plugin install, uninstall, and peer-link implementation to commit 2305bca, and git history shows repeated plugin install/refactor work on the same files. (role: recent area contributor; confidence: high; commits: 2305bca7829c, 4cfa4b95c36d, 5d379f92a3c4; files: src/plugins/install.ts, src/plugins/uninstall.ts, src/plugins/plugin-peer-link.ts)
• Rohit: Recent current-main commit 376b03f changed plugin install compatibility behavior in src/plugins/install.ts, adjacent to this PR's npm install flow. (role: recent adjacent contributor; confidence: medium; commits: 376b03f8eaba; files: src/plugins/install.ts)
• JustasM: Git history shows the plugins uninstall command surface was introduced in commit 57d0f65, which is adjacent to the uninstall cleanup behavior updated here. (role: introduced adjacent uninstall surface; confidence: medium; commits: 57d0f65e7db4; files: src/plugins/uninstall.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[steipete]

Verification before merge:

Behavior addressed: npm plugins install into isolated per-plugin npm projects, with legacy flat-root recovery/cleanup retained.
Real environment tested: local macOS focused checks, GitHub Actions Linux/macOS/Windows matrix, CodeQL/Critical Quality, and prior Crabbox/Testbox install/update proof.
Exact steps or command run after this patch:

• node scripts/run-vitest.mjs test/scripts/setup-pnpm-store-cache-ensure-node.test.ts src/agents/live-model-dynamic-candidates.test.ts src/plugin-sdk/fetch-runtime.test.ts src/plugins/plugin-metadata-snapshot.memo.test.ts src/plugins/plugin-registry-snapshot.test.ts src/plugins/status.registry-snapshot.test.ts
• node scripts/run-oxlint.mjs .github/actions/setup-pnpm-store-cache/ensure-node.sh test/scripts/setup-pnpm-store-cache-ensure-node.test.ts src/agents/live-model-dynamic-candidates.ts src/agents/live-model-dynamic-candidates.test.ts src/plugins/plugin-metadata-snapshot.ts src/plugins/plugin-metadata-snapshot.memo.test.ts src/infra/net/node-proxy-agent.ts
• node scripts/run-tsgo.mjs -p test/tsconfig/tsconfig.test.src.json --incremental --tsBuildInfoFile .artifacts/tsgo-cache/test-src.tsbuildinfo
• node scripts/run-tsgo.mjs -p tsconfig.plugin-sdk.dts.json --declaration true
• /Users/steipete/Projects/agent-scripts/skills/autoreview/scripts/autoreview --mode local
  Evidence after fix: GitHub CI run 26599300820 passed; CodeQL run 26599300756 passed; Critical Quality run 26599300819 passed; OpenGrep run 26599300840 passed; Real behavior proof run 26599300266 passed.
  Observed result after fix: all required PR checks pass on head a25f1bc.
  Additional prior real-env proof: Crabbox/Testbox fresh plugin lifecycle tbx_01ksqtt67056pdwdn6t9szasrk; update from openclaw@2026.5.20 tbx_01ksqtt3zb9hvj1njeag296ewg; update from openclaw@2026.4.23 tbx_01ksqtt5rske4az4n850wzbveq.
  What was not tested: the earlier Windows AWS live attempt reached Node/pnpm setup but SSH timed out mid-install; GitHub Windows CI passed for this PR head.