Deployments resolve a deterministic releases/download/runtime-latest/ URL
instead of the mutable /releases/latest/ pointer (which collides with the
human-facing v* release track). Keeps --latest=false so GitHub's "Latest
release" stays on the v* tags. Per-commit runtime-<sha> release retained for
traceability.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The workflow used pnpm install --frozen-lockfile against a stale pnpm-lock.yaml
while the repo migrated to npm (current package-lock.json v3), so it failed and
never published a release -> the deploy's download of
openclaw-multi-session-plugins-runtime-all.tar.gz from releases/latest 404'd.
Switch to npm ci + npm run build and trigger on package-lock.json.
