docs: add v4.1.0 changelog, plugin deploy guide, and plugin Makefile

- README: document all 5 fixes from Issue #5 (floating widget, RHS panel
  refresh bug, browser auth fix, session cleanup goroutine, KV scan optimization)
- README: add full Mattermost Plugin section with build/deploy instructions,
  manual deploy path for servers with plugin uploads disabled, auth model docs
- plugin/Makefile: build/package/deploy/health targets for production deployment
  on any new OpenClaw+Mattermost server

Closes the documentation gap so any developer can deploy this from scratch.

plugin/Makefile

@@ -0,0 +1,101 @@
+## Makefile — OpenClaw Live Status Mattermost Plugin
+## Builds, packages, and deploys the plugin to a running Mattermost instance.
+##
+## Requirements:
+##   - Go 1.21+
+##   - Node.js 18+
+##   - curl + tar
+##
+## Usage:
+##   make all           Build server + webapp
+##   make deploy        Build and deploy to Mattermost (requires MM_URL + MM_TOKEN)
+##   make package       Create distributable tar.gz
+##   make clean         Remove build artifacts
+
+PLUGIN_ID := com.openclaw.livestatus
+PLUGIN_DIR := $(shell pwd)
+SERVER_DIR := $(PLUGIN_DIR)/server
+WEBAPP_DIR := $(PLUGIN_DIR)/webapp
+
+# Build outputs
+SERVER_BIN := $(SERVER_DIR)/dist/plugin-linux-amd64
+WEBAPP_BUNDLE := $(WEBAPP_DIR)/dist/main.js
+PACKAGE_FILE := $(PLUGIN_DIR)/dist/$(PLUGIN_ID).tar.gz
+
+# Deployment (override via env or command line)
+MM_URL ?= http://localhost:8065
+MM_TOKEN ?=
+
+.PHONY: all server webapp package deploy clean check-env
+
+all: server webapp
+
+server:
+	@echo ">> Building Go server (linux/amd64)..."
+	@mkdir -p $(SERVER_DIR)/dist
+	cd $(SERVER_DIR) && GOOS=linux GOARCH=amd64 go build -o dist/plugin-linux-amd64 .
+	@echo "   Built: $(SERVER_BIN)"
+
+webapp:
+	@echo ">> Building React webapp..."
+	cd $(WEBAPP_DIR) && npm install --legacy-peer-deps
+	cd $(WEBAPP_DIR) && npx webpack --mode production
+	@echo "   Built: $(WEBAPP_BUNDLE)"
+
+package: all
+	@echo ">> Packaging plugin..."
+	@mkdir -p $(PLUGIN_DIR)/dist
+	@rm -rf /tmp/$(PLUGIN_ID)
+	@mkdir -p /tmp/$(PLUGIN_ID)/server/dist /tmp/$(PLUGIN_ID)/webapp/dist /tmp/$(PLUGIN_ID)/assets
+	@cp $(PLUGIN_DIR)/plugin.json /tmp/$(PLUGIN_ID)/
+	@cp $(SERVER_BIN) /tmp/$(PLUGIN_ID)/server/dist/
+	@cp $(WEBAPP_BUNDLE) /tmp/$(PLUGIN_ID)/webapp/dist/
+	@[ -f $(PLUGIN_DIR)/assets/icon.svg ] && cp $(PLUGIN_DIR)/assets/icon.svg /tmp/$(PLUGIN_ID)/assets/ || true
+	@cd /tmp && tar czf $(PACKAGE_FILE) $(PLUGIN_ID)/
+	@rm -rf /tmp/$(PLUGIN_ID)
+	@echo "   Package: $(PACKAGE_FILE)"
+
+deploy: check-env package
+	@echo ">> Deploying plugin to $(MM_URL)..."
+	@# Disable existing plugin
+	@curl -sf -X POST \
+		-H "Authorization: Bearer $(MM_TOKEN)" \
+		"$(MM_URL)/api/v4/plugins/$(PLUGIN_ID)/disable" > /dev/null 2>&1 || true
+	@# Delete existing plugin
+	@curl -sf -X DELETE \
+		-H "Authorization: Bearer $(MM_TOKEN)" \
+		"$(MM_URL)/api/v4/plugins/$(PLUGIN_ID)" > /dev/null 2>&1 || true
+	@# Upload new plugin
+	@curl -sf -X POST \
+		-H "Authorization: Bearer $(MM_TOKEN)" \
+		-F "plugin=@$(PACKAGE_FILE)" \
+		-F "force=true" \
+		"$(MM_URL)/api/v4/plugins" | grep -q "id" && echo "   Uploaded." || (echo "   Upload failed (plugin uploads may be disabled)." && exit 1)
+	@# Enable plugin
+	@curl -sf -X POST \
+		-H "Authorization: Bearer $(MM_TOKEN)" \
+		"$(MM_URL)/api/v4/plugins/$(PLUGIN_ID)/enable" > /dev/null
+	@echo "   Plugin enabled. Verifying health..."
+	@sleep 2
+	@echo "   Done. Run 'make health' to verify."
+
+health:
+	@PLUGIN_SECRET=$${PLUGIN_SECRET:-}; \
+	if [ -n "$$PLUGIN_SECRET" ]; then \
+		curl -sf -H "Authorization: Bearer $$PLUGIN_SECRET" \
+			"$(MM_URL)/plugins/$(PLUGIN_ID)/api/v1/health" | python3 -m json.tool 2>/dev/null || \
+		curl -sf -H "Authorization: Bearer $$PLUGIN_SECRET" \
+			"$(MM_URL)/plugins/$(PLUGIN_ID)/api/v1/health"; \
+	else \
+		echo "Set PLUGIN_SECRET to check health"; \
+	fi
+
+check-env:
+	@if [ -z "$(MM_TOKEN)" ]; then \
+		echo "ERROR: MM_TOKEN is required. Set MM_TOKEN=your_bot_token"; \
+		exit 1; \
+	fi
+
+clean:
+	@rm -rf $(SERVER_DIR)/dist $(WEBAPP_DIR)/dist $(PLUGIN_DIR)/dist
+	@echo ">> Cleaned build artifacts."