fix(plugins): warn on source-only installed packages instead of blocking config

(cherry picked from commit cdc00614cc)

CHANGELOG.md

@@ -41,6 +41,7 @@ Docs: https://docs.openclaw.ai
 ### Fixes
 
 - Web fetch: late-bind `web_fetch` config and provider fallback metadata from the active runtime snapshot, matching `web_search` so long-lived tools do not use stale fetch provider settings. Thanks @vincentkoc.
+- Plugins/discovery: demote the source-only TypeScript runtime check on already-installed `origin: "global"` plugin packages from a config-blocking error to a warning and let the runtime fall through to the TypeScript source via jiti, so a single broken installed package no longer blocks `plugins install` for unrelated plugins; install-time rejection of newly-installed source-only packages is unchanged. Thanks @romneyda.
 - Channels/WhatsApp: allow `@whiskeysockets/libsignal-node` in `onlyBuiltDependencies` so pnpm v9+ `blockExoticSubdeps` no longer rejects the baileys git-tarball subdep and silences all inbound agent replies. Fixes #76539. Thanks @ottodeng and @vincentkoc.
 - Gateway/systemd: preserve operator-added secrets in the Gateway env file across re-stage while clearing OpenClaw-managed keys (such as `OPENCLAW_GATEWAY_TOKEN`) so a fresh staging value is never shadowed by a stale env-file copy; operator secrets are also retained when the state-dir `.env` is empty. Fixes #76860. Thanks @hclsys.
 - Plugin updates: do not short-circuit trusted official npm updates as unchanged when the default/latest spec still resolves to an already-installed prerelease that the installer should replace with a stable fallback. Thanks @vincentkoc.

src/plugins/discovery.test.ts

@@ -333,7 +333,7 @@ async function expectRejectedPackageExtensionEntry(params: {
   if (params.expectedDiagnostic === "runtime") {
     expect(
       result.diagnostics.some(
-        (entry) => entry.level === "error" && entry.message.includes("compiled runtime output"),
+        (entry) => entry.level === "warn" && entry.message.includes("compiled runtime output"),
       ),
     ).toBe(true);
     return;
@@ -748,7 +748,7 @@ describe("discoverOpenClawPlugins", () => {
     expectCandidateIds(candidates, { includes: ["pack/one", "pack/two"] });
   });
 
-  it("rejects source-only TypeScript entries for installed package plugins", async () => {
+  it("warns but still loads source-only TypeScript entries for installed package plugins", async () => {
     const stateDir = makeTempDir();
     const pluginDir = path.join(stateDir, "extensions", "source-only-pack");
     mkdirSafe(path.join(pluginDir, "src"));
@@ -762,11 +762,11 @@ describe("discoverOpenClawPlugins", () => {
 
     const result = await discoverWithStateDir(stateDir, {});
 
-    expectCandidatePresence(result, { absent: ["source-only-pack"] });
+    expectCandidateIds(result.candidates, { includes: ["source-only-pack"] });
     expect(
       result.diagnostics.some(
         (entry) =>
-          entry.level === "error" &&
+          entry.level === "warn" &&
           entry.message.includes("requires compiled runtime output") &&
           entry.message.includes("./dist/index.js"),
       ),

src/plugins/package-entry-resolution.ts

@@ -495,7 +495,7 @@ function resolvePackageRuntimeEntrySource(params: {
       isTypeScriptPackageEntry(safeEntry.relativePath)
     ) {
       params.diagnostics.push({
-        level: "error",
+        level: "warn",
         message: missingCompiledRuntimeEntryMessage({
           label: "installed plugin package",
           entry: safeEntry.relativePath,
@@ -503,7 +503,6 @@ function resolvePackageRuntimeEntrySource(params: {
         }),
         source: params.sourceLabel,
       });
-      return null;
     }
   }