Issue Station
Sign In
Tools hereToolbox

openclaw - 💡(How to fix) Fix [Bug]: CLI crashes on startup — extension runtime deps not staged in npm tarball on 2026.4.21 (regression of #62749) [2 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#70351Fetched 2026-04-23 07:25:51
View on GitHub
Comments
2
Participants
2
Timeline
8
Reactions
0
Author
rmarrrmarr
Participants
rmarrrmarrsteipetesteipete
Timeline (top)
commented ×2labeled ×2closed ×1cross-referenced ×1

On 2026.4.21 installed via npm/brew, any CLI command exits immediately with Cannot find module '@larksuiteoapi/node-sdk'; installing that reveals further cascading missing-module errors, reproducing what #62749 was closed as fixed for.

Error Message

🦞 OpenClaw 2026.4.21 (f788c88) [plugins] [SecureClaw] v2.2.0 plugin registered (56 audit checks) [openclaw] Failed to start CLI: Error: Cannot find module '@larksuiteoapi/node-sdk' Require stack:

  • /opt/homebrew/lib/node_modules/openclaw/dist/extensions/feishu/client-<hash>.js at Module._resolveFilename (node:internal/modules/cjs/loader:1475:15) at /opt/homebrew/lib/node_modules/openclaw/dist/extensions/feishu/client-<hash>.js:3:36

Root Cause

Affected: All users upgrading to 2026.4.21 via npm or Homebrew tap whose config does not exclude feishu, nostr, slack, discord, and amazon-bedrock from CLI startup. Severity: Critical — CLI unusable until deps are hand-patched. plugins.allow does not help because the missing requires happen during eager module evaluation at CLI bootstrap, before plugin trust filtering. Frequency: Always, on every fresh install and every subsequent npm install that prunes manually-installed --no-save deps. Consequence: User cannot inspect or administer OpenClaw via CLI; automation depending on CLI exit codes fails.

Fix Action

Fix / Workaround

  1. Upgrade to 2026.4.21 via openclaw update or npm install -g openclaw@latest.
  2. Run openclaw status (or any CLI command).
  3. CLI exits with [openclaw] Failed to start CLI: Error: Cannot find module '@larksuiteoapi/node-sdk', require stack pointing at dist/extensions/feishu/client-*.js.
  4. cd $(npm root -g)/openclaw && npm install --no-save @larksuiteoapi/node-sdk
  5. Re-run. Now fails with Cannot find module 'nostr-tools' from dist/extensions/nostr/.
  6. Install. Re-run. Fails with Cannot find module '@slack/web-api' from dist/extensions/slack/.
  7. Scanning dist/extensions/**/*.js for external requires finds 41 packages not in node_modules.

openclaw status starts cleanly on a stock npm install -g openclaw@latest. Per #62749 (closed as fixed by #63065 with verifier coverage in d35c46d), plugin runtime dependencies for bundled extensions should be staged into the published tarball so the CLI does not crash for channels the user has not enabled.

CLI exits on startup. First missing module is @larksuiteoapi/node-sdk (feishu), reproducing #62749 exactly. After hand-patching, serial failures for nostr-tools, @slack/web-api, and more. Repo-wide scan finds 41 external packages required by bundled extensions but absent from node_modules.

Code Example

🦞 OpenClaw 2026.4.21 (f788c88)
[plugins] [SecureClaw] v2.2.0 plugin registered (56 audit checks)
[openclaw] Failed to start CLI: Error: Cannot find module '@larksuiteoapi/node-sdk'
Require stack:
- /opt/homebrew/lib/node_modules/openclaw/dist/extensions/feishu/client-<hash>.js
    at Module._resolveFilename (node:internal/modules/cjs/loader:1475:15)
    at /opt/homebrew/lib/node_modules/openclaw/dist/extensions/feishu/client-<hash>.js:3:36

---

Scanner method: grep `require('...')` in dist/extensions/**/*.js, filter builtins/relative, diff against node_modules.
Total unique external packages required by extensions: 215
Missing on fresh 2026.4.21: 41

Channel-extension runtime deps that crash the CLI:
  @aws-sdk/credential-provider-cognito-identity  [amazon-bedrock-mantle]
  @aws-sdk/credential-providers                  [amazon-bedrock-mantle]
  @aws-sdk/signature-v4-crt                      [amazon-bedrock]
  @aws-sdk/signature-v4a                         [amazon-bedrock]
  @aws-sdk/util-hex-encoding                     [amazon-bedrock]
  @buape/carbon                                  [discord]
  @discordjs/opus                                [discord]
  @larksuiteoapi/node-sdk                        [feishu]
  @slack/web-api                                 [slack]
  nostr-tools                                    [nostr]
  opusscript                                     [discord]
  playwright / playwright-core / chromium-bidi   [browser]

Additional scanner hits (some likely dev/test false positives bundled into
browser/*.js — tap, tape, electron, various has-* polyfills — reported for
completeness since they're in the published dist):
  @cfworker/json-schema, bufferutil, core-js, ejs, electron, error-cause,
  es-abstract, es-value-fixtures, for-each, functions-have-names,
  get-own-property-symbols, globalthis, has-bigints, has-override-mistake,
  has-property-descriptors, has-proto, has-strict-mode, make-arrow-function,
  make-async-function, make-async-generator-function, make-generator-function,
  mkdirp, mock-property, neostandard, re2, rimraf, string.prototype.repeat,
  tap, tape, utf-8-validate

---

cd $(npm root -g)/openclaw
npm install --no-save @larksuiteoapi/node-sdk nostr-tools @slack/web-api @buape/carbon @discordjs/opus
RAW_BUFFERClick to expand / collapse

Bug type

Crash (process/app exits or hangs)

Beta release blocker

No

Summary

On 2026.4.21 installed via npm/brew, any CLI command exits immediately with Cannot find module '@larksuiteoapi/node-sdk'; installing that reveals further cascading missing-module errors, reproducing what #62749 was closed as fixed for.

Steps to reproduce

  1. Upgrade to 2026.4.21 via openclaw update or npm install -g openclaw@latest.
  2. Run openclaw status (or any CLI command).
  3. CLI exits with [openclaw] Failed to start CLI: Error: Cannot find module '@larksuiteoapi/node-sdk', require stack pointing at dist/extensions/feishu/client-*.js.
  4. cd $(npm root -g)/openclaw && npm install --no-save @larksuiteoapi/node-sdk
  5. Re-run. Now fails with Cannot find module 'nostr-tools' from dist/extensions/nostr/.
  6. Install. Re-run. Fails with Cannot find module '@slack/web-api' from dist/extensions/slack/.
  7. Scanning dist/extensions/**/*.js for external requires finds 41 packages not in node_modules.

Expected behavior

openclaw status starts cleanly on a stock npm install -g openclaw@latest. Per #62749 (closed as fixed by #63065 with verifier coverage in d35c46d), plugin runtime dependencies for bundled extensions should be staged into the published tarball so the CLI does not crash for channels the user has not enabled.

Actual behavior

CLI exits on startup. First missing module is @larksuiteoapi/node-sdk (feishu), reproducing #62749 exactly. After hand-patching, serial failures for nostr-tools, @slack/web-api, and more. Repo-wide scan finds 41 external packages required by bundled extensions but absent from node_modules.

🦞 OpenClaw 2026.4.21 (f788c88)
[plugins] [SecureClaw] v2.2.0 plugin registered (56 audit checks)
[openclaw] Failed to start CLI: Error: Cannot find module '@larksuiteoapi/node-sdk'
Require stack:
- /opt/homebrew/lib/node_modules/openclaw/dist/extensions/feishu/client-<hash>.js
    at Module._resolveFilename (node:internal/modules/cjs/loader:1475:15)
    at /opt/homebrew/lib/node_modules/openclaw/dist/extensions/feishu/client-<hash>.js:3:36

OpenClaw version

2026.4.21

Operating system

macOS (arm64)

Install method

npm global, upgraded via openclaw update from 2026.4.20. Originally via Homebrew tap.

Model

openai-codex/gpt-5.4

Provider / routing chain

OpenClaw -> OpenAI-Codex via OAuth

Additional provider/model setup details

No response

Logs, screenshots, and evidence

Scanner method: grep `require('...')` in dist/extensions/**/*.js, filter builtins/relative, diff against node_modules.
Total unique external packages required by extensions: 215
Missing on fresh 2026.4.21: 41

Channel-extension runtime deps that crash the CLI:
  @aws-sdk/credential-provider-cognito-identity  [amazon-bedrock-mantle]
  @aws-sdk/credential-providers                  [amazon-bedrock-mantle]
  @aws-sdk/signature-v4-crt                      [amazon-bedrock]
  @aws-sdk/signature-v4a                         [amazon-bedrock]
  @aws-sdk/util-hex-encoding                     [amazon-bedrock]
  @buape/carbon                                  [discord]
  @discordjs/opus                                [discord]
  @larksuiteoapi/node-sdk                        [feishu]
  @slack/web-api                                 [slack]
  nostr-tools                                    [nostr]
  opusscript                                     [discord]
  playwright / playwright-core / chromium-bidi   [browser]

Additional scanner hits (some likely dev/test false positives bundled into
browser/*.js — tap, tape, electron, various has-* polyfills — reported for
completeness since they're in the published dist):
  @cfworker/json-schema, bufferutil, core-js, ejs, electron, error-cause,
  es-abstract, es-value-fixtures, for-each, functions-have-names,
  get-own-property-symbols, globalthis, has-bigints, has-override-mistake,
  has-property-descriptors, has-proto, has-strict-mode, make-arrow-function,
  make-async-function, make-async-generator-function, make-generator-function,
  mkdirp, mock-property, neostandard, re2, rimraf, string.prototype.repeat,
  tap, tape, utf-8-validate

Impact and severity

Affected: All users upgrading to 2026.4.21 via npm or Homebrew tap whose config does not exclude feishu, nostr, slack, discord, and amazon-bedrock from CLI startup. Severity: Critical — CLI unusable until deps are hand-patched. plugins.allow does not help because the missing requires happen during eager module evaluation at CLI bootstrap, before plugin trust filtering. Frequency: Always, on every fresh install and every subsequent npm install that prunes manually-installed --no-save deps. Consequence: User cannot inspect or administer OpenClaw via CLI; automation depending on CLI exit codes fails.

Additional information

Regression status: Last known good: 2026.4.20 after manually installing deps from #62749. First known bad: 2026.4.21 (released 2026-04-20).

Relationship to #62749, #63065, d35c46d: #62749 was closed: "Fixed on main by #63065, with follow-up verifier coverage in d35c46d. Closing as already fixed. If a newer npm release still reproduces, open a fresh issue with the exact version."

2026.4.21 is a newer npm release and still reproduces. Two possibilities worth investigating:

  1. #63065 ("release: mirror bundled channel deps at root") appears to have addressed a subset only — the problem spans at least feishu, nostr, slack, discord, and amazon-bedrock, not just @buape/carbon + @larksuiteoapi/node-sdk.
  2. The postpublish verifier added in d35c46d either did not run against 2026.4.21's publish pipeline, or its coverage does not catch these specific missing deps.

Filing fresh per the close-out instruction since #62749 is locked to collaborators.

Workaround (must be redone after every openclaw update):

cd $(npm root -g)/openclaw
npm install --no-save @larksuiteoapi/node-sdk nostr-tools @slack/web-api @buape/carbon @discordjs/opus

Disabling affected extensions via plugins.allow does NOT prevent the eager CLI-bootstrap require.

Related: #40872, #33723, #8670.

<img width="675" height="829" alt="Image" src="https://github.com/user-attachments/assets/88f13b99-7d2e-44f4-b433-adde52a71fdb" />

extent analysis

TL;DR

The most likely fix is to ensure that all required dependencies for the bundled extensions are properly included in the published tarball, addressing the regression introduced in version 2026.4.21.

Guidance

  1. Verify the dependencies: Check the node_modules directory to confirm that all required dependencies for the bundled extensions are present.
  2. Investigate the publish pipeline: Review the publish pipeline for version 2026.4.21 to determine if the postpublish verifier added in d35c46d was executed correctly and if its coverage includes the missing dependencies.
  3. Manually install dependencies: As a temporary workaround, manually install the missing dependencies using the provided command: npm install --no-save @larksuiteoapi/node-sdk nostr-tools @slack/web-api @buape/carbon @discordjs/opus.
  4. Review the code changes: Examine the code changes introduced in #63065 and d35c46d to ensure that they correctly address the issue of mirroring bundled channel dependencies at the root level.

Notes

The issue appears to be a regression introduced in version 2026.4.21, and the provided workaround may need to be reapplied after every openclaw update. The root cause of the issue is likely related to the incomplete or incorrect implementation of the fix for #62749.

Recommendation

Apply the workaround by manually installing the missing dependencies until a permanent fix is implemented and released. This will allow users to continue using the CLI while the issue is being addressed.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…

FAQ

Expected behavior

openclaw status starts cleanly on a stock npm install -g openclaw@latest. Per #62749 (closed as fixed by #63065 with verifier coverage in d35c46d), plugin runtime dependencies for bundled extensions should be staged into the published tarball so the CLI does not crash for channels the user has not enabled.

#api#model compatibility#GPU setup#container setup#orchestration issue

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

openclaw - 💡(How to fix) Fix [Bug]: CLI crashes on startup — extension runtime deps not staged in npm tarball on 2026.4.21 (regression of #62749) [2 comments, 2 participants]