Summary

openclaw plugins update --all --dry-run is a supported option, but for npm-installed plugins it can report the target version as unknown even when npm metadata resolution succeeded and the version is available on the result object.

This makes dry-run output look suspicious/incomplete and forces operators to manually resolve package specs with npm view before trusting an update.

Observed behavior

Environment:

• OpenClaw: 2026.5.6 (c97b9f7)
• Install: global npm package install
• Plugins: npm-installed OpenClaw plugins under ~/.openclaw/npm/node_modules

Command:

openclaw plugins update --all --dry-run

Output excerpt from a real preflight before updating from 2026.5.5 to 2026.5.6:

Would update acpx: 2026.5.5 -> unknown.
Would update brave: 2026.5.5 -> unknown.
Would update discord: 2026.5.5 -> unknown.
Would update lobster: 2026.5.5 -> unknown.

Manual resolution of the tracked install specs showed the versions were known and were normal upgrades:

acpx: install record spec @openclaw/acpx resolves to 2026.5.6
brave: install record spec @openclaw/brave-plugin resolves to 2026.5.6
discord: install record spec @openclaw/discord@latest resolves to 2026.5.6
lobster: install record spec @openclaw/lobster resolves to 2026.5.6

After the update, the plugins did update/load correctly at 2026.5.6.

Expected behavior

Dry-run should report the resolved npm target version when metadata resolution succeeds:

Would update acpx: 2026.5.5 -> 2026.5.6.

Why this matters

--dry-run is documented by openclaw plugins update --help:

--dry-run  Show what would change without writing

For update guardrails, unknown is not actionable enough. A safe updater has to treat current -> unknown as suspicious because it could be a downgrade, missing metadata, stale install record, or resolver bug.

Suspected cause

In the installed 2026.5.6 dist tree, the npm dry-run installer returns metadata on npmResolution:

if (dryRun) return {
  ok: true,
  pluginId: expectedPluginId ?? parsedSpec.name,
  targetDir: installRoot,
  extensions: [],
  npmResolution,
  ...
};

But the plugin update dry-run formatter appears to use only probe.version:

const nextVersion = probe.version ?? "unknown";
...
message: `Would update ${pluginId}: ${currentLabel} -> ${nextVersion}.`

So npm dry-run results can have probe.npmResolution.version available while probe.version is undefined, producing unknown.

Relevant installed files/symbols:

• dist/install-*.js / installPluginFromNpmSpec(...)
• dist/update-*.js / dry-run branch in plugin update handling
• dist/plugins-update-command-*.js

Suggested fix

When formatting npm plugin dry-run outcomes, use a fallback like:

const resolvedVersion = probe.version ?? probe.npmResolution?.version;
const nextVersion = resolvedVersion ?? "unknown";

And set nextVersion in the outcome object from the same resolved value.

Regression test idea:

• Mock an npm plugin dry-run where installPluginFromNpmSpec({ dryRun: true }) returns { ok: true, npmResolution: { version: "2026.5.6" } } and no top-level version.
• Assert openclaw plugins update --all --dry-run prints current -> 2026.5.6, not current -> unknown.