Back to News
openclaw release self-hosted ai-agents plugins security devops

OpenClaw 2026.3.23-2: Plugin SDK Stabilization and Upgrade Checklist for Self-Hosters

OpenClaw has a fresh March 2026 update cycle worth acting on now if you self-host. The latest release line (v2026.3.23 on GitHub, 2026.3.23-2 on npm) ships several reliability and security-relevant fixes, especially around plugins, auth flows, and channel/runtime behavior.

Why this update matters

Three practical reasons this release is more than a routine patch:

  1. Plugin ecosystem stability improved

    • Release notes call out restored bundled runtime sidecars (including WhatsApp/Matrix runtime entries) so global installs don’t fail due to missing plugin runtime files.
    • ClawHub plugin compatibility checks were fixed to evaluate against the active runtime version correctly.

  2. Authentication and channel flows are safer and less brittle

    • Channel login/logout auto-select behavior for single-channel setups was improved.
    • Hardening landed for channel ID handling (prototype-chain/control-character abuse protections).
    • Token persistence regressions (OpenAI auth profile writebacks) were fixed.

  3. Operational quality-of-life fixes for agent builders

    • Web search provider selection now follows active runtime config.
    • Browser attach/start reliability improved in Chrome MCP and CDP paths.
    • openclaw doctor --fix includes repair paths for stale model/provider settings.

Source cross-check

  • GitHub release confirms v2026.3.23 publication date and patch details in release notes.
  • npm registry latest shows the current package as [email protected], validating the release is live for installs/upgrades and exposing current package exports (including ./plugin-sdk).

Upgrade playbook (10–15 minutes)

# 1) Check current version
openclaw --version

# 2) Upgrade global install
npm i -g openclaw@latest

# 3) Validate runtime health and auto-repair known config issues
openclaw doctor --fix

# 4) Restart gateway cleanly
openclaw gateway restart

# 5) Confirm service state
openclaw gateway status

Post-upgrade validation checklist

  • Plugin installs/uninstalls work (openclaw plugins install ..., openclaw plugins uninstall ...)
  • Channel auth still succeeds in your configured channels
  • Browser relay / attach flow works without repeated timeouts
  • Your normal agent web search flow uses your intended provider

Who should prioritize this first

Upgrade sooner if any of these apply:

  • You rely on ClawHub-delivered plugins or runtime sidecars
  • You run single-channel auth flows and saw flaky login/logout behavior
  • You had token persistence issues or auth settings reverting
  • You use browser-driven automation and noticed attach/start instability

For most self-hosted operators, this is a high-value maintenance update: low migration risk, real reliability gains, and meaningful hardening in everyday paths.

References

Protect your AI agent with Clawly

Deploy your OpenClaw agent in an isolated, hardened container with encrypted credentials and managed updates. No DevOps required.

Deploy Your Agent