Update
openclaw update
Section titled “openclaw update”Safely update OpenClaw and switch between stable/beta/dev channels.
If you installed via npm/pnpm/bun (global install, no git metadata), updates happen via the package-manager flow in Updating.
openclaw updateopenclaw update statusopenclaw update wizardopenclaw update --channel betaopenclaw update --channel devopenclaw update --tag betaopenclaw update --tag mainopenclaw update --dry-runopenclaw update --no-restartopenclaw update --yesopenclaw update --jsonopenclaw --updateOptions
Section titled “Options”--no-restart: skip restarting the Gateway service after a successful update. Package-manager updates that do restart the Gateway verify the restarted service reports the expected updated version before the command succeeds.--channel <stable|beta|dev>: set the update channel (git + npm; persisted in config).--tag <dist-tag|version|spec>: override the package target for this update only. For package installs,mainmaps togithub:openclaw/openclaw#main; GitHub/git source specs are packed into a temporary tarball before the staged global npm install.--dry-run: preview planned update actions (channel/tag/target/restart flow) without writing config, installing, syncing plugins, or restarting.--json: print machine-readableUpdateRunResultJSON, includingpostUpdate.plugins.warningswhen corrupt or unloadable managed plugins need repair after the core update succeeds, beta-channel plugin fallback details when a plugin has no beta release, andpostUpdate.plugins.integrityDriftswhen npm plugin artifact drift is detected during post-update plugin sync.--timeout <seconds>: per-step timeout (default is 1800s).--yes: skip confirmation prompts (for example downgrade confirmation).
openclaw update does not have a --verbose flag. Use --dry-run to preview
the planned channel/tag/install/restart actions, --json for machine-readable
results, and openclaw update status --json when you only need channel and
availability details. If you are debugging Gateway logs around an update,
console verbosity and file log level are separate: Gateway --verbose affects
terminal/WebSocket output, while file logs require logging.level: "debug" or
"trace" in config. See Gateway logging.
update status
Section titled “update status”Show the active update channel + git tag/branch/SHA (for source checkouts), plus update availability.
openclaw update statusopenclaw update status --jsonopenclaw update status --timeout 10Options:
--json: print machine-readable status JSON.--timeout <seconds>: timeout for checks (default is 3s).
update wizard
Section titled “update wizard”Interactive flow to pick an update channel and confirm whether to restart the Gateway
after updating (default is to restart). If you select dev without a git checkout, it
offers to create one.
Options:
--timeout <seconds>: timeout for each update step (default1800)
What it does
Section titled “What it does”When you switch channels explicitly (--channel ...), OpenClaw also keeps the
install method aligned:
dev→ ensures a git checkout (default:~/openclaw, or$OPENCLAW_HOME/openclawwhenOPENCLAW_HOMEis set; override withOPENCLAW_GIT_DIR), updates it, and installs the global CLI from that checkout.stable→ installs from npm usinglatest.beta→ prefers npm dist-tagbeta, but falls back tolatestwhen beta is missing or older than the current stable release.
The Gateway core auto-updater (when enabled via config) launches the CLI update path
outside the live Gateway request handler. Control-plane update.run package-manager
updates also use a managed-service handoff instead of replacing the package tree
inside the live Gateway process. The Gateway starts a detached helper, exits,
and the helper runs the normal openclaw update --yes --json CLI path from
outside the Gateway process tree. If that handoff is unavailable, update.run
returns a structured response with the safe shell command to run manually.
For package-manager installs, openclaw update resolves the target package
version before invoking the package manager. npm global installs use a staged
install: OpenClaw installs the new package into a temporary npm prefix, verifies
the packaged dist inventory there, then swaps that clean package tree into the
real global prefix. If verification fails, post-update doctor, plugin sync, and
restart work do not run from the suspect tree. Even when the installed version
already matches the target, the command refreshes the global package install,
then runs plugin sync, a core-command completion refresh, and restart work. This
keeps packaged sidecars and channel-owned plugin records aligned with the
installed OpenClaw build while leaving full plugin-command completion rebuilds to
explicit openclaw completion --write-state runs.
When a local managed Gateway service is installed and restart is enabled,
package-manager updates stop the running service before replacing the package
tree, then refresh the service metadata from the updated install, restart the
service, and verify the restarted Gateway reports the expected version before
reporting Gateway: restarted and verified.. On macOS, the post-update check
also verifies the LaunchAgent is loaded/running for the active profile and the
configured loopback port is healthy. If the plist is installed but launchd is
not supervising it, OpenClaw re-bootstraps the LaunchAgent automatically, then
reruns the health/version/channel readiness checks. A fresh bootstrap loads the
RunAtLoad job directly, so update recovery does not immediately kickstart -k
the newly spawned Gateway. If the Gateway still does not become healthy, the
command exits non-zero and prints the restart log path plus explicit restart,
reinstall, and package rollback instructions. If restart cannot run, the command
prints Gateway: restart skipped (...) or Gateway: restart failed: ... with a
manual openclaw gateway restart hint. With --no-restart,
package replacement still runs but the managed service is not stopped or
restarted, so the running Gateway may keep old code until you restart it
manually.
Control-plane response shape
Section titled “Control-plane response shape”When update.run is invoked through the Gateway control plane on a
package-manager install, the handler reports the handoff initiation separately
from the CLI update that continues after the Gateway exits:
ok: true,result.status: "skipped",result.reason: "managed-service-handoff-started", andhandoff.status: "started"mean the Gateway created the managed-service handoff and scheduled its own restart so the detached helper can runopenclaw update --yes --jsonoutside the live service process.ok: false,result.reason: "managed-service-handoff-unavailable", andhandoff.status: "unavailable"mean OpenClaw could not find a supervising service boundary for a safe handoff. The response includeshandoff.command, the shell command to run from outside the Gateway.ok: false,result.reason: "managed-service-handoff-failed"means the Gateway tried to create the handoff but could not spawn the detached helper.
The sentinel payload is still written before the Gateway exits, and the CLI
handoff updates the same restart sentinel after the managed-service restart
health checks complete. During the handoff, the sentinel can carry
stats.reason: "restart-health-pending" with no success continuation; the
restarted Gateway keeps polling it and only fires the continuation after the CLI
has verified service health and rewritten the sentinel with the final ok
result. openclaw status and openclaw status --all show an Update restart
row while that sentinel is pending or failed, and update.status returns the
latest cached sentinel.
Git checkout flow
Section titled “Git checkout flow”Channel selection
Section titled “Channel selection”stable: checkout the latest non-beta tag, then build and doctor.beta: prefer the latest-betatag, but fall back to the latest stable tag when beta is missing or older.dev: checkoutmain, then fetch and rebase.
Update steps
Section titled “Update steps”Verify clean worktree
Requires no uncommitted changes.
Switch channel
Switches to the selected channel (tag or branch).
Fetch upstream
Dev only.
Preflight build (dev only)
Runs the TypeScript build in a temp worktree. If the tip fails, walks back up to 10 commits to find the newest buildable commit. Set
OPENCLAW_UPDATE_PREFLIGHT_LINT=1to also run lint during this preflight; lint runs in constrained serial mode because user update hosts are often smaller than CI runners.Rebase
Rebases onto the selected commit (dev only).
Install dependencies
Uses the repo package manager. For pnpm checkouts, the updater bootstraps
pnpmon demand (viacorepackfirst, then a temporarynpm install pnpm@11fallback) instead of runningnpm run buildinside a pnpm workspace.Build Control UI
Builds the gateway and the Control UI.
Run doctor
openclaw doctorruns as the final safe-update check.Sync plugins
Syncs plugins to the active channel. Dev uses bundled plugins; stable and beta use npm. Updates tracked plugin installs.
On the beta update channel, tracked npm and ClawHub plugin installs that follow
the default/latest line try a plugin @beta release first. If the plugin has no
beta release, OpenClaw falls back to the recorded default/latest spec and reports
that as a warning. For npm plugins, OpenClaw also falls back when the beta
package exists but fails install validation. These plugin fallback warnings do
not make the core update fail. Exact versions and explicit tags are not
rewritten.
--update shorthand
Section titled “--update shorthand”openclaw --update rewrites to openclaw update (useful for shells and launcher scripts).
Related
Section titled “Related”openclaw doctor(offers to run update first on git checkouts)- Development channels
- Updating
- CLI reference