traderclaw-cli 1.0.78 → 1.0.80

package/bin/installer-step-engine.mjs

@@ -400,6 +400,14 @@ function isOpenClawConfigSchemaFailure(text) {
 function runCommandWithEvents(cmd, args = [], opts = {}) {
   return new Promise((resolve, reject) => {
     const { onEvent, ...spawnOpts } = opts;
+    const isNpm = /(?:^|[\\/])npm(?:\.cmd)?$/.test(cmd) || cmd === "npm";
+    if (isNpm && !spawnOpts.env?.NODE_OPTIONS?.includes("max-old-space-size")) {
+      spawnOpts.env = {
+        ...process.env,
+        ...spawnOpts.env,
+        NODE_OPTIONS: [spawnOpts.env?.NODE_OPTIONS || process.env.NODE_OPTIONS || "", "--max-old-space-size=512"].filter(Boolean).join(" "),
+      };
+    }
     const child = spawn(cmd, args, {
       stdio: "pipe",
       shell: true,
@@ -427,14 +435,19 @@ function runCommandWithEvents(cmd, args = [], opts = {}) {
       const urls = [...new Set([...extractUrls(stdout), ...extractUrls(stderr)])];
       if (code === 0) resolve({ stdout, stderr, code, urls });
       else {
+        const isOom = code === 137 || (stderr || stdout || "").includes("Killed");
         const raw = (stderr || "").trim();
         const tailLines = raw.split("\n").filter((l) => l.length > 0).slice(-40).join("\n");
         const stderrPreview = tailLines.length > 8000 ? tailLines.slice(-8000) : tailLines;
-        const err = new Error(stderrPreview ? `command failed with exit code ${code}: ${stderrPreview}` : `command failed with exit code ${code}`);
+        const prefix = isOom
+          ? `Out of memory (exit 137 / SIGKILL): the host killed '${cmd}' — try a machine with ≥1 GB free RAM, or reduce concurrency with npm_config_maxsockets=2`
+          : `command failed with exit code ${code}`;
+        const err = new Error(stderrPreview ? `${prefix}: ${stderrPreview}` : prefix);
         err.code = code;
         err.stdout = stdout;
         err.stderr = stderr;
         err.urls = urls;
+        err.oom = isOom;
         reject(err);
       }
     });
@@ -454,6 +467,14 @@ function getGlobalOpenClawPackageDir() {
  * incomplete `node_modules` after `npm install -g` (hoisting, optional deps, or interrupted
  * installs). OpenClaw then fails at runtime with `Cannot find module 'grammy'` while loading
  * config. Installing from the package directory restores declared dependencies.
+ *
+ * `--ignore-scripts` avoids OpenClaw's postinstall (and nested installs) failing on hosts without
+ * a C toolchain: e.g. `@discordjs/opus` has no prebuild for Node 22 and falls back to `node-gyp`
+ * (`make` not found). Skipping scripts still installs declared JS deps (e.g. `grammy`). Users who
+ * need native/voice features can install build-essential and re-run `npm install` without
+ * `--ignore-scripts` in the global openclaw directory.
+ *
+ * We still run `npm install grammy @buape/carbon --no-save` with `--ignore-scripts` as a safety net.
  */
 /** Runs `npm install` in the global `openclaw` package directory (fixes missing `grammy` etc.). */
 export async function ensureOpenClawGlobalPackageDependencies() {
@@ -461,10 +482,23 @@ export async function ensureOpenClawGlobalPackageDependencies() {
   if (!dir) {
     return { skipped: true, reason: "global_openclaw_dir_not_found" };
   }
-  await runCommandWithEvents("npm", ["install", "--omit=dev", "--registry", "https://registry.npmjs.org/"], {
-    cwd: dir,
-    shell: false,
-  });
+  const registry = "https://registry.npmjs.org/";
+  const installFlags = ["install", "--omit=dev", "--ignore-scripts", "--registry", registry];
+  await runCommandWithEvents("npm", installFlags, { cwd: dir, shell: false });
+  await runCommandWithEvents(
+    "npm",
+    [
+      "install",
+      "--omit=dev",
+      "--no-save",
+      "--ignore-scripts",
+      "--registry",
+      registry,
+      "grammy",
+      "@buape/carbon",
+    ],
+    { cwd: dir, shell: false },
+  );
   return { repaired: true, dir };
 }
 
@@ -477,7 +511,7 @@ export async function ensureOpenClawGlobalPackageDependencies() {
 async function installOpenClawPlatform() {
   const hadOpenclaw = commandExists("openclaw");
   const previousVersion = hadOpenclaw ? getCommandOutput("openclaw --version") : null;
-  await runCommandWithEvents("npm", ["install", "-g", "--registry", "https://registry.npmjs.org/", "openclaw@latest"]);
+  await runCommandWithEvents("npm", ["install", "-g", "--ignore-scripts", "--registry", "https://registry.npmjs.org/", "openclaw@latest"]);
   const available = commandExists("openclaw");
   const version = available ? getCommandOutput("openclaw --version") : null;
   if (!available) {
@@ -514,7 +548,7 @@ function isNpmFilesystemPackageSpec(spec) {
  * IMPORTANT: run with `{ shell: false }` — `spawn(..., { shell: true })` can drop argv on Unix and npm then mis-resolves the package name.
  */
 function npmGlobalInstallArgs(spec, { force = false } = {}) {
-  const args = ["install", "-g"];
+  const args = ["install", "-g", "--ignore-scripts"];
   if (force) args.push("--force");
   if (!isNpmFilesystemPackageSpec(spec)) {
     args.push("--registry", "https://registry.npmjs.org/");
@@ -1604,14 +1638,14 @@ export function spawnOpenClawCodexAuthLoginChild() {
   if (process.platform === "win32") {
     return spawn("openclaw", argv, { stdio: ["pipe", "pipe", "pipe"], shell: false });
   }
-  // `unbuffer` (expect package) runs the CLI under a PTY and forwards stdin for the paste step reliably.
-  // Plain `script` often does not forward Node's stdin to the inner openclaw process, which causes hangs until timeout.
   if (commandExists("unbuffer")) {
     return spawn("unbuffer", ["openclaw", ...argv], { stdio: ["pipe", "pipe", "pipe"], shell: false });
   }
   if (commandExists("script")) {
     const cmdline = "openclaw models auth login --provider openai-codex";
-    return spawn("script", ["-q", "-c", cmdline, "/dev/null"], {
+    // --return propagates the inner command's exit code (util-linux 2.38+).
+    // Without it, script may exit 0 even if openclaw fails.
+    return spawn("script", ["--return", "-q", "-c", cmdline, "/dev/null"], {
       stdio: ["pipe", "pipe", "pipe"],
       shell: false,
     });
@@ -2093,6 +2127,20 @@ export class InstallerStepEngine {
         }
       }
 
+      const authFile = join(homedir(), ".openclaw", "agents", "main", "agent", "auth-profiles.json");
+      let hasAuth = false;
+      try {
+        hasAuth = readFileSync(authFile, "utf-8").length > 20;
+      } catch { /* file missing */ }
+      if (!hasAuth) {
+        throw new Error(
+          "No OAuth credentials found at " + authFile + ". " +
+          "The wizard OAuth flow did not save tokens (the callback may not have reached the OpenClaw CLI). " +
+          "Run 'openclaw models auth login --provider openai-codex' in a terminal, " +
+          "then re-run the wizard with the 'already logged in' option.",
+        );
+      }
+
       const selection = resolveLlmModelSelection(provider, requestedModel);
       for (const msg of selection.warnings) {
         this.emitLog("configure_llm", "warn", msg);

package/bin/openclaw-trader.mjs

@@ -3257,6 +3257,32 @@ async function cmdInstall(args) {
     }
   }
 
+  /**
+   * Release port 1455 so the OpenClaw CLI can bind its own callback server
+   * during `openclaw models auth login`. Returns a promise that resolves
+   * once the proxy is fully closed (or after a safety timeout).
+   */
+  function stopCallbackProxy() {
+    return new Promise((resolve) => {
+      if (!oauthCallbackProxy) { resolve(); return; }
+      const proxy = oauthCallbackProxy;
+      oauthCallbackProxy = null;
+      const safety = setTimeout(resolve, 2000);
+      proxy.close(() => { clearTimeout(safety); setTimeout(resolve, 150); });
+    });
+  }
+
+  function hasOpenaiCodexAuthTokens() {
+    try {
+      const authFile = join(homedir(), ".openclaw", "agents", "main", "agent", "auth-profiles.json");
+      const raw = readFileSync(authFile, "utf-8");
+      const data = JSON.parse(raw);
+      return data && typeof data === "object" && JSON.stringify(data).length > 20;
+    } catch {
+      return false;
+    }
+  }
+
   function killOauthSession(sessionId, signal = "SIGTERM") {
     const s = oauthSessions.get(sessionId);
     if (!s) return;
@@ -3388,6 +3414,13 @@ async function cmdInstall(args) {
         killOauthSession(id);
       }
 
+      // Release port 1455 so the OpenClaw CLI can bind its own callback
+      // server directly. The previous approach relied on the wizard proxy
+      // catching the callback and forwarding the code via stdin, but
+      // `script` (PTY wrapper) does not reliably forward stdin to the
+      // inner process, causing tokens to never be saved.
+      await stopCallbackProxy();
+
       const sessionId = randomUUID();
       const child = spawnOpenClawCodexAuthLoginChild();
 
@@ -3402,6 +3435,7 @@ async function cmdInstall(args) {
           /* ignore */
         }
         oauthSessions.delete(sessionId);
+        startCallbackProxy();
         respondJson(504, {
           ok: false,
           error: "oauth_url_timeout",
@@ -3440,6 +3474,7 @@ async function cmdInstall(args) {
       });
       child.on("error", (err) => {
         clearTimeout(urlTimeout);
+        startCallbackProxy();
         if (responded) return;
         responded = true;
         oauthSessions.delete(sessionId);
@@ -3447,6 +3482,7 @@ async function cmdInstall(args) {
       });
       child.on("close", (code) => {
         clearTimeout(urlTimeout);
+        startCallbackProxy();
         if (!responded) {
           responded = true;
           oauthSessions.delete(sessionId);
@@ -3466,9 +3502,15 @@ async function cmdInstall(args) {
           pending.updatedAt = Date.now();
           pending.exitCode = typeof code === "number" ? code : null;
           pending.detail = stripAnsi(combined).slice(-4000);
-          if (code === 0) {
+          if (code === 0 && hasOpenaiCodexAuthTokens()) {
             pending.status = "succeeded";
             pending.message = "ChatGPT OAuth completed successfully.";
+          } else if (code === 0) {
+            pending.status = "failed";
+            pending.message =
+              "OpenClaw exited OK but no auth tokens were saved. " +
+              "Run 'openclaw models auth login --provider openai-codex' in a terminal, " +
+              "then re-run the wizard with the already-logged-in option.";
           } else {
             pending.status = "failed";
             pending.message =
@@ -4036,7 +4078,7 @@ Commands:
   signup             Create a new account (alias for: setup --signup; run locally, not via the agent)
   precheck           Run environment checks (dry-run or allow-install)
   install            Launch installer flows (--wizard for localhost GUI)
-  repair-openclaw    Re-run npm install in the global openclaw package (fixes missing grammy after upgrade)
+  repair-openclaw    Re-run npm install in the global openclaw package (fixes missing grammy / @buape/carbon; uses --ignore-scripts so @discordjs/opus does not require build tools)
   gateway            Gateway helpers (see subcommands below)
   login              Re-authenticate (uses refresh token when valid; full challenge only if needed)
   logout             Revoke current session and clear tokens
@@ -4110,7 +4152,7 @@ Examples:
 
 async function cmdRepairOpenclaw() {
   const { ensureOpenClawGlobalPackageDependencies } = await import("./installer-step-engine.mjs");
-  printInfo("Repairing global OpenClaw npm dependencies (fixes missing grammy / MODULE_NOT_FOUND)...");
+  printInfo("Repairing global OpenClaw npm dependencies (fixes missing grammy, @buape/carbon, etc.)...");
   const r = await ensureOpenClawGlobalPackageDependencies();
   if (r.skipped) {
     printError(`Could not find global OpenClaw package (${r.reason}). Install or upgrade: npm install -g openclaw@latest`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "traderclaw-cli",
-  "version": "1.0.78",
+  "version": "1.0.80",
   "description": "Global TraderClaw CLI (install --wizard, setup, precheck). Installs solana-traderclaw as a dependency for OpenClaw plugin files.",
   "type": "module",
   "bin": {
@@ -17,7 +17,7 @@
     "node": ">=22"
   },
   "dependencies": {
-    "solana-traderclaw": "^1.0.78"
+    "solana-traderclaw": "^1.0.80"
   },
   "keywords": [
     "traderclaw",