openclaw - 💡(How to fix) Fix CLI hangs in package.json walk loop before signing connect.challenge nonce (v4.24 + v4.25) [1 participants]

Summary

After the gateway upgrades from 4.24 → 4.25, every openclaw … CLI invocation hangs for ~30s and self-times-out before completing the WS auth handshake. Downgrading to 4.24 does not fix it — local state appears to remain poisoned. Gateway, cron, plugins, and Telegram channels are otherwise healthy.

Environment

• OS: Ubuntu (Linux 6.17, x86_64)
• openclaw: 4.25 (also reproduced after rollback to 4.24)
• Install: user-level systemd (openclaw-gateway.service, --user scope)

Reproduction

1. Upgrade gateway 4.24 → 4.25, restart.
2. Run any CLI command, e.g. openclaw cron list.
3. CLI hangs ~30s, exits with timeout. Gateway logs show challenge sent but no signed nonce ever arrives.

strace evidence

The CLI:

1. Opens TCP to gateway, sends 224-byte WS upgrade ✓
2. Receives 257-byte HTTP/1.1 101 Switching Protocols + connect.challenge event ✓
3. Should sign the nonce with the Ed25519 private key in ~/.openclaw/identity/device.json and send back
4. Instead enters an infinite walk over node_modules/openclaw/package.json (91KB, read in 8192-byte chunks repeatedly) — never reaches the signing step
5. Times out at ~30s

Raw nc to the same gateway port returns 101 + challenge in <1s, and a hand-rolled Node WS client completes the handshake fine — so the gateway/data plane is healthy. The hang is inside the CLI, between receiving the challenge and signing it.

What did NOT help

• Downgrade 4.25 → 4.24
• Trim sessions (commander/sessions.json 8.7MB → 8.2MB, 172 → 120 keys)
• Clear Node compile cache + explicit NODE_COMPILE_CACHE=
• Patch openclaw.json meta.lastTouchedVersion
• Run from different cwd (\$HOME vs ~/.openclaw)
• Sequential gateway stop/start cycles

Hypothesis

The CLI's pre-auth code path performs a dynamic import() (likely the plugin registry refactor in 4.25), and that import triggers ESM resolution that walks package.json indefinitely. Suspected to be related to the 4.25 plugin registry rework, but 4.24 is already polluted by the same local state.

Workaround in use

Edit ~/.openclaw/cron/jobs.json directly and systemctl --user restart openclaw-gateway — verified working.

Asks

• Is there a way to clear whatever local state the CLI is reading so 4.24 becomes usable again?
• Could you confirm whether 4.26 (Bonjour fix + plugin registry repair) addresses the dynamic-import / ESM-walk path?

I have full strace dumps if useful — happy to attach.