feat(kiloclaw): bump openclaw to 2026.3.23

[evanjacobson]

Important Note

2026.03.22 was the initial target for this update, but it does not ship with the Control UI (it is broken).

Summary

• Bump OpenClaw from 2026.3.13 to 2026.3.23 (covers v2026.3.13-1, v2026.3.22, and v2026.3.23)
• Remove dead CLAWDBOT_STATE_DIR env fallback (removed upstream in v2026.3.22)
• Add streamchat to detectChannels() for telemetry completeness
• Correct MCP migration TODO to reflect actual blocker (HTTP transport, not schema version)
• Update version references in .dev.vars.example and e2e/docker-image-testing.md
• Expand default Fly region list

Upstream release notes reviewed

Full setup/onboarding impact analysis performed across all three releases (~200 changes flagged, ~136 setup-related). Key findings:

Breaking changes (upstream)

• Env vars: CLAWDBOT_* / MOLTBOT_* removed — must use OPENCLAW_* (cleaned up in this PR)
• Plugin SDK: openclaw/extension-api removed, new surface is openclaw/plugin-sdk/*
• Plugin install: now prefers ClawHub before npm
• Exec sandbox: blocks JVM/glibc/.NET env vars from host exec
• jq removed from safe-bin: agents now get prompted before running jq (we're accepting this behavior — jq is still installed in the container, exec security is allowlist + on-miss so it's a prompt, not a block)

Verified safe

• streamchat plugin: verified compatible — already uses openclaw/plugin-sdk, unique channel ID, peerDependencies: openclaw >=2026.2.13
• mcporter: not bundled with OpenClaw — still an external package we pin at 0.7.3 in our Dockerfile, unaffected by the bump

Benefits from upgrade (no code changes needed)

• Gateway cold start ~10x faster (compiled dist/extensions)
• Model prewarm before channel startup (no more Unknown model on first message)
• openclaw configure no longer stalls
• Config validation crash fix (memory-core implicit slot)
• WS handshake timeout raised to 10s
• ~2x memory regression fix from v2026.3.13-1
• Bundled plugin sidecars restored in npm package (v2026.3.23)
• Stale plugins.allow IDs now warnings instead of fatal errors (v2026.3.23)

Deferred

• MCP migration to config.mcp.servers: schema exists but OpenClaw's Pi MCP bridge only supports StdioClientTransport — no HTTP/SSE transport for remote servers (AgentCard, Linear). mcporter stays until upstream adds HTTP transport. TODO comment updated.

Test plan

• Build Docker image and verify openclaw --version reports 2026.3.23
• Identify breaking changes
• Identify changes to default onboarding
• Start instance with telegram + streamchat channels, confirm gateway boots cleanly
• Verify MCP servers (AgentCard, Linear) still work via mcporter
• Confirm agent can use jq after approval prompt

[evanjacobson]

Telemetry-only addition: streamchat was already configured as a channel in config-writer.ts but was missing from detectChannels(), so it wasn't being counted in the enabledChannels telemetry payload. This adds it alongside the existing telegram/discord/slack detection using the same pattern (enabled && apiKey). No runtime behavior change.

[evanjacobson]

mcporter is not bundled with OpenClaw — it's a separate npm package we pin at 0.7.3 in our Dockerfile (npm install -g mcporter@0.7.3). The config.mcp.servers schema exists in openclaw.json since v2026.3.14, but OpenClaw's embedded Pi MCP runtime only supports StdioClientTransport (no HTTP/SSE). Since AgentCard and Linear are remote HTTP endpoints, mcporter stays until OpenClaw adds HTTP transport. Config file lives at /root/.openclaw/workspace/config/mcporter.json.

[evanjacobson]

Upstream v2026.3.22 removed jq from the safe-bin allowlist. With our exec config (security: 'allowlist', ask: 'on-miss'), agents will now be prompted before running jq instead of it executing automatically. jq is still installed in the container — this is a UX change, not a breakage. We're accepting the new behavior rather than overriding the allowlist.

[evanjacobson]

THis needs to be removed

[evanjacobson]

this needs to be removed