


























@@ -34,34 +34,36 @@ OpenClaw owns only the plugin lifecycle:
34343535OpenClaw uses stable per-source roots:
363637-- npm packages install under `~/.openclaw/npm`
37+- npm packages install into per-plugin projects under
38+`~/.openclaw/npm/projects/<encoded-package>`
3839- git packages clone under `~/.openclaw/git`
3940- local/path/archive installs are copied or referenced without dependency repair
404141-npm installs run in the npm root with:
42+npm installs run in that per-plugin project root with:
42434344```bash
44-cd ~/.openclaw/npm
45+cd ~/.openclaw/npm/projects/<encoded-package>
4546npm install --omit=dev --omit=peer --legacy-peer-deps --ignore-scripts --no-audit --no-fund
4647```
474848-`openclaw plugins install npm-pack:<path.tgz>` uses that same managed npm root
49-for a local npm-pack tarball. OpenClaw reads the tarball's npm metadata, adds it
50-to the managed root as a copied `file:` dependency, runs the normal npm install,
51-and then verifies the installed lockfile metadata before trusting the plugin.
49+`openclaw plugins install npm-pack:<path.tgz>` uses that same per-plugin npm
50+project root for a local npm-pack tarball. OpenClaw reads the tarball's npm
51+metadata, adds it to the managed project as a copied `file:` dependency, runs
52+the normal npm install, and then verifies the installed lockfile metadata before
53+trusting the plugin.
5254This is intended for package-acceptance and release-candidate proof where a
5355local pack artifact should behave like the registry artifact it simulates.
545655-npm may hoist transitive dependencies to `~/.openclaw/npm/node_modules` beside
56-the plugin package. OpenClaw scans the managed npm root before trusting the
57-install and uses npm to remove npm-managed packages during uninstall, so hoisted
58-runtime dependencies stay inside the managed cleanup boundary.
57+npm may hoist transitive dependencies to the per-plugin project's
58+`node_modules` beside the plugin package. OpenClaw scans the managed project
59+root before trusting the install and removes that project during uninstall, so
60+hoisted runtime dependencies stay inside that plugin's cleanup boundary.
59616062Published npm plugin packages can ship `npm-shrinkwrap.json`. npm uses that
61-publishable lockfile during install, and OpenClaw's managed npm root supports it
62-through the normal npm install path. OpenClaw-owned publishable plugin packages
63-must include a package-local shrinkwrap generated from that plugin package's
64-published dependency graph:
63+publishable lockfile during install, and OpenClaw's managed npm project root
64+supports it through the normal npm install path. OpenClaw-owned publishable
65+plugin packages must include a package-local shrinkwrap generated from that
66+plugin package's published dependency graph:
65676668```bash
6769pnpm deps:shrinkwrap:generate
@@ -87,11 +89,11 @@ instead of embedding every platform binary in the plugin tarball. The root
87898890Plugins that import `openclaw/plugin-sdk/*` declare `openclaw` as a peer
8991dependency. OpenClaw does not let npm install a separate registry copy of the
90-host package into the managed root, because stale host packages can affect npm
91-peer resolution during later plugin installs. Managed npm installs skip npm peer
92-resolution/materialization for the shared root and OpenClaw reasserts
93-plugin-local `node_modules/openclaw` links for installed packages that declare
94-the host peer after install, update, or uninstall.
92+host package into a managed project, because stale host packages can affect npm
93+peer resolution inside that plugin. Managed npm installs skip npm peer
94+resolution/materialization and OpenClaw reasserts plugin-local
95+`node_modules/openclaw` links for installed packages that declare the host peer
96+after install or update.
95979698git installs clone or refresh the repository, then run:
9799@@ -155,7 +157,7 @@ not a supported way to prepare bundled plugin dependencies.
155157| -------------------------------- | ------------------------------------- | -------------------------------------------------------------------- |
156158| `npm install -g openclaw` | Built runtime tree inside the package | OpenClaw package and explicit plugin install/update/doctor flows |
157159| Git checkout plus `pnpm install` | `extensions/<id>` workspace packages | The pnpm workspace, including each plugin package's own dependencies |
158-| `openclaw plugins install ...` | Managed npm/git/ClawHub plugin root | The plugin install/update flow |
160+| `openclaw plugins install ...` | Managed npm project/git/ClawHub root | The plugin install/update flow |
159161160162## Legacy cleanup
161163@@ -168,4 +170,7 @@ stage directories, and package-local pnpm stores. Packaged postinstall also
168170removes those global symlinks before pruning the legacy target roots so upgrades
169171do not leave dangling ESM package imports.
170172171-These paths are legacy debris only. New installs should not create them.
173+Older npm installs also used a shared `~/.openclaw/npm/node_modules` root.
174+Current install, update, uninstall, and doctor flows still recognize that legacy
175+flat root only for recovery and cleanup. New npm installs should create
176+per-plugin project roots instead.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。