@syengup/friday-channel-next 0.1.25 → 0.1.27

package/dist/index.js

@@ -8,6 +8,7 @@ import { getFridayNextRuntime } from "./src/runtime.js";
 import { sseEmitter } from "./src/sse/emitter.js";
 import { forwardAgentEventRaw, getLastRegisteredFridayDeviceId, resolveFridayDeviceIdForSessionKey, } from "./src/friday-session.js";
 import { setFridayAgentForwardRuntime } from "./src/agent-forward-runtime.js";
+import { setUpgradeRuntime } from "./src/upgrade-runtime.js";
 import { getOpenClawAgentRunContext } from "./src/agent-run-context-bridge.js";
 import { accumulateRunUsage } from "./src/agent/run-usage-accumulator.js";
 import { createFridayNextLogger } from "./src/logging.js";
@@ -78,6 +79,7 @@ export default defineChannelPluginEntry({
     setRuntime: setFridayNextRuntime,
     registerFull: (api) => {
         setFridayAgentForwardRuntime(api);
+        setUpgradeRuntime(api);
         const sameApi = lastApiRoutesRegistered?.deref() === api;
         if (!sameApi) {
             lastApiRoutesRegistered = new WeakRef(api);

package/dist/src/http/handlers/health.d.ts

@@ -15,6 +15,7 @@ export interface HealthCheckResult {
     timestamp: number;
     deviceId: string;
     nodeDeviceId: string;
+    pluginVersion: string;
     nodePairing?: HealthComponentStatus;
     repairActions?: RepairAction[];
 }

package/dist/src/http/handlers/health.js

@@ -1,6 +1,7 @@
 import { extractBearerToken } from "../middleware/auth.js";
 import { loadNodePairingModule } from "../../agent/node-pairing-bridge.js";
 import { createFridayNextLogger } from "../../logging.js";
+import { PLUGIN_VERSION } from "../../version.js";
 const REQUIRED_NODE_CAPS = ["location", "canvas"];
 const REQUIRED_NODE_COMMANDS = [
     "location.get",
@@ -36,6 +37,7 @@ export async function handleHealth(req, res) {
         timestamp: Date.now(),
         deviceId,
         nodeDeviceId,
+        pluginVersion: PLUGIN_VERSION,
     };
     const log = createFridayNextLogger("health");
     if (nodeDeviceId) {

package/dist/src/http/handlers/history-messages.js

@@ -9,6 +9,7 @@
  * `runtime.subagent.getSessionMessages`), which already resolves the active
  * branch and compaction, then normalizes each raw message into a stable DTO.
  */
+import { fileURLToPath } from "node:url";
 import { getFridayNextRuntime } from "../../runtime.js";
 import { extractBearerToken } from "../middleware/auth.js";
 import { normalizeHistoryMessages } from "../../history/normalize-message.js";
@@ -17,6 +18,28 @@ import { resolveMediaAttachment } from "./files.js";
 import { readSessionUsageSnapshotFromStore } from "../../session-usage-store.js";
 const DEFAULT_LIMIT = 200;
 const MAX_LIMIT = 1000;
+/**
+ * For an `images[].url` produced from a `[media attached: …]` marker: returns the
+ * server-local filesystem path to resolve (`file://…` or a bare absolute path), or
+ * null to leave the image untouched. Already-served `/friday-next/files/…` URLs and
+ * remote `http(s)://` / `data:` URLs are NOT local paths — never feed them to
+ * `resolveMediaAttachment` (it would mis-treat them as paths and break valid URLs).
+ */
+function serverLocalPathForImageUrl(url) {
+    if (url.startsWith("file://")) {
+        try {
+            return fileURLToPath(url);
+        }
+        catch {
+            return url.slice("file://".length);
+        }
+    }
+    if (url.startsWith("/friday-next/files/"))
+        return null;
+    if (url.startsWith("/"))
+        return url;
+    return null;
+}
 function resolveSubagentApi() {
     try {
         const runtime = getFridayNextRuntime();
@@ -75,16 +98,34 @@ export async function handleHistoryMessages(req, res) {
     // (copies the file into the plugin's attachments/ dir — the same mechanism the
     // live deliver path uses), then drop the raw paths from the wire.
     for (const message of messages) {
-        if (!message.mediaPaths?.length)
-            continue;
-        const resolved = message.mediaPaths
-            .map((p) => resolveMediaAttachment(p))
-            .filter((r) => Boolean(r))
-            .map((r) => ({ url: r.url, filename: r.fileName }));
-        if (resolved.length) {
-            message.images = [...(message.images ?? []), ...resolved];
+        if (message.mediaPaths?.length) {
+            const resolved = message.mediaPaths
+                .map((p) => resolveMediaAttachment(p))
+                .filter((r) => Boolean(r))
+                .map((r) => ({ url: r.url, filename: r.fileName }));
+            if (resolved.length) {
+                message.images = [...(message.images ?? []), ...resolved];
+            }
+            delete message.mediaPaths;
+        }
+        // User attachments arrive as `[media attached: file://<server-path>]` markers,
+        // which normalize-message extracts into images[].url as a RAW server-local path.
+        // Unlike MEDIA: paths (resolved above), these were never copied into the file
+        // store, so the app would try to load a path that only exists on the gateway host
+        // and the attachment bubble is lost on history sync. Resolve them the same way.
+        if (message.images?.length) {
+            message.images = message.images.map((img) => {
+                if (!img.url || img.data)
+                    return img;
+                const local = serverLocalPathForImageUrl(img.url);
+                if (!local)
+                    return img;
+                const resolved = resolveMediaAttachment(local);
+                if (!resolved)
+                    return img;
+                return { ...img, url: resolved.url, filename: img.filename ?? resolved.fileName };
+            });
         }
-        delete message.mediaPaths;
     }
     const sessionId = resolveSessionId(sessionKey);
     // Cumulative session-usage snapshot (model + context window/used) read from the

package/dist/src/http/handlers/messages.d.ts

@@ -47,4 +47,9 @@ export interface FridayMessagePayload {
     reasoningLevel?: string;
     thinkingLevel?: string;
 }
+/**
+ * 把可选文本与媒体引用拼成给 agent 的最终 body。纯附件（文本为空）场景下
+ * 不能带前导空行，否则 agent 收到的是 `\n\n[media…]`——故拆成可测纯函数。
+ */
+export declare function composeBodyWithMediaRefs(text: string, mediaRefs: string[]): string;
 export declare function handleMessages(req: IncomingMessage, res: ServerResponse): Promise<boolean>;

package/dist/src/http/handlers/messages.js

@@ -262,6 +262,16 @@ async function resolveRunMetadataFromRuntimeSession(runtime, sessionKey) {
     }
     return null;
 }
+/**
+ * 把可选文本与媒体引用拼成给 agent 的最终 body。纯附件（文本为空）场景下
+ * 不能带前导空行，否则 agent 收到的是 `\n\n[media…]`——故拆成可测纯函数。
+ */
+export function composeBodyWithMediaRefs(text, mediaRefs) {
+    const trimmed = text.trim();
+    if (mediaRefs.length === 0)
+        return trimmed;
+    return trimmed ? `${trimmed}\n\n${mediaRefs.join("\n")}` : mediaRefs.join("\n");
+}
 async function buildBodyForAgentWithAttachments(text, attachmentIds) {
     if (attachmentIds.length === 0)
         return text.trim();
@@ -275,9 +285,7 @@ async function buildBodyForAgentWithAttachments(text, attachmentIds) {
             mediaRefs.push(`[media attached: file://${saved.path}]`);
         }
     }
-    if (mediaRefs.length === 0)
-        return text.trim();
-    return `${text.trim()}\n\n${mediaRefs.join("\n")}`;
+    return composeBodyWithMediaRefs(text, mediaRefs);
 }
 export async function handleMessages(req, res) {
     if (req.method !== "POST") {
@@ -320,14 +328,17 @@ export async function handleMessages(req, res) {
         res.end(JSON.stringify({ error: "Missing required field: deviceId" }));
         return true;
     }
-    if (!text || !text.trim()) {
-        log("BAD_REQUEST", normalizedDeviceId, undefined, "missing text", "warn");
+    // 允许"只发附件、不发文本"：text 与 attachments 不能同时为空，但任一非空即放行。
+    const hasText = Boolean(text && text.trim());
+    const hasAttachments = Array.isArray(attachments) && attachments.length > 0;
+    if (!hasText && !hasAttachments) {
+        log("BAD_REQUEST", normalizedDeviceId, undefined, "missing text and attachments", "warn");
         res.statusCode = 400;
         res.setHeader("Content-Type", "application/json");
-        res.end(JSON.stringify({ error: "Missing required field: text" }));
+        res.end(JSON.stringify({ error: "Missing required field: text or attachments" }));
         return true;
     }
-    const trimmedText = text.trim();
+    const trimmedText = (text ?? "").trim();
     touchFridayInbound();
     const isSlashCommand = trimmedText.startsWith("/");
     const runId = crypto.randomUUID();
@@ -363,7 +374,7 @@ export async function handleMessages(req, res) {
     registerFridaySessionDeviceMapping(appSessionKey, normalizedDeviceId);
     sseEmitter.trackDeviceForRun(normalizedDeviceId, runId);
     registerRunRoute({ runId, deviceId: normalizedDeviceId, sessionKey: baseSessionKey });
-    const bodyForAgent = await buildBodyForAgentWithAttachments(text, attachments);
+    const bodyForAgent = await buildBodyForAgentWithAttachments(trimmedText, attachments);
     const msgContext = {
         Body: trimmedText,
         BodyForAgent: bodyForAgent,

package/dist/src/http/handlers/plugin-info.d.ts

@@ -0,0 +1,11 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+export interface PluginInfoResult {
+    currentVersion: string;
+    latestVersion: string | null;
+    installSource: string;
+    /** True when the install is npm-managed (the only auto-upgradable source). */
+    canAutoUpgrade: boolean;
+    /** True when a newer version is published AND the install can be auto-upgraded. */
+    upgradable: boolean;
+}
+export declare function handlePluginInfo(req: IncomingMessage, res: ServerResponse): Promise<boolean>;

package/dist/src/http/handlers/plugin-info.js

@@ -0,0 +1,32 @@
+import { extractBearerToken } from "../middleware/auth.js";
+import { PLUGIN_VERSION } from "../../version.js";
+import { fetchLatestVersion, getInstallSource, semverGreater, } from "../../plugin-install-info.js";
+export async function handlePluginInfo(req, res) {
+    if (req.method !== "GET") {
+        res.statusCode = 405;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "Method Not Allowed" }));
+        return true;
+    }
+    if (!extractBearerToken(req)) {
+        res.statusCode = 401;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "Unauthorized: bearer token mismatch" }));
+        return true;
+    }
+    const installSource = getInstallSource();
+    const canAutoUpgrade = installSource === "npm";
+    const latestVersion = await fetchLatestVersion(Date.now());
+    const upgradable = canAutoUpgrade && semverGreater(latestVersion, PLUGIN_VERSION);
+    const result = {
+        currentVersion: PLUGIN_VERSION,
+        latestVersion,
+        installSource,
+        canAutoUpgrade,
+        upgradable,
+    };
+    res.statusCode = 200;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify(result));
+    return true;
+}

package/dist/src/http/handlers/plugin-upgrade.d.ts

@@ -0,0 +1,11 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+/**
+ * POST /friday-next/plugin/upgrade
+ *
+ * Runs `openclaw plugins install @syengup/friday-channel-next@latest --force`
+ * (registry-aware, updates the install record), responds 202, then triggers a
+ * safe gateway restart so the new version loads. Only npm-installed plugins are
+ * eligible — dev (load.paths / source==="path") installs return 409 to protect
+ * the dev environment from duplicate npm installs.
+ */
+export declare function handlePluginUpgrade(req: IncomingMessage, res: ServerResponse): Promise<boolean>;

package/dist/src/http/handlers/plugin-upgrade.js

@@ -0,0 +1,94 @@
+import { extractBearerToken } from "../middleware/auth.js";
+import { createFridayNextLogger } from "../../logging.js";
+import { PLUGIN_PACKAGE_NAME, PLUGIN_VERSION } from "../../version.js";
+import { getInstallSource } from "../../plugin-install-info.js";
+import { getUpgradeRuntime } from "../../upgrade-runtime.js";
+const UPGRADE_TIMEOUT_MS = 120_000;
+/** Give the 202 response time to flush before the restart kills the process. */
+const RESTART_DELAY_MS = 500;
+/**
+ * POST /friday-next/plugin/upgrade
+ *
+ * Runs `openclaw plugins install @syengup/friday-channel-next@latest --force`
+ * (registry-aware, updates the install record), responds 202, then triggers a
+ * safe gateway restart so the new version loads. Only npm-installed plugins are
+ * eligible — dev (load.paths / source==="path") installs return 409 to protect
+ * the dev environment from duplicate npm installs.
+ */
+export async function handlePluginUpgrade(req, res) {
+    if (req.method !== "POST") {
+        res.statusCode = 405;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "Method Not Allowed" }));
+        return true;
+    }
+    if (!extractBearerToken(req)) {
+        res.statusCode = 401;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "Unauthorized: bearer token mismatch" }));
+        return true;
+    }
+    const log = createFridayNextLogger("upgrade");
+    const installSource = getInstallSource();
+    if (installSource !== "npm") {
+        res.statusCode = 409;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({
+            error: "auto-upgrade not available",
+            detail: `install source is "${installSource}"; only npm installs can be auto-upgraded`,
+            installSource,
+        }));
+        return true;
+    }
+    const rt = getUpgradeRuntime();
+    if (!rt) {
+        res.statusCode = 500;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "upgrade runtime unavailable" }));
+        return true;
+    }
+    const spec = `${PLUGIN_PACKAGE_NAME}@latest`;
+    log.info(`Starting plugin upgrade: ${spec} (from ${PLUGIN_VERSION})`);
+    let result;
+    try {
+        result = await rt.runCommandWithTimeout(["openclaw", "plugins", "install", spec, "--force"], UPGRADE_TIMEOUT_MS);
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        log.error(`plugin upgrade command failed to spawn: ${msg}`);
+        res.statusCode = 500;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({ error: "upgrade command failed", detail: msg }));
+        return true;
+    }
+    if (result.code !== 0) {
+        const stderrTail = (result.stderr ?? "").slice(-2000);
+        log.error(`plugin upgrade exited code=${result.code}: ${stderrTail}`);
+        res.statusCode = 500;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify({
+            error: "upgrade command exited non-zero",
+            code: result.code,
+            detail: stderrTail,
+        }));
+        return true;
+    }
+    log.info("Plugin upgrade install succeeded; scheduling gateway restart");
+    // Respond first so the app receives confirmation before the restart drops the
+    // connection, then trigger the safe restart after a short flush delay.
+    res.statusCode = 202;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify({ status: "upgrading", from: PLUGIN_VERSION }));
+    setTimeout(() => {
+        void rt
+            .mutateConfigFile({
+            afterWrite: { mode: "restart", reason: "friday-next 插件自动升级后重启" },
+            mutate: () => { },
+        })
+            .catch((err) => {
+            const msg = err instanceof Error ? err.message : String(err);
+            log.error(`gateway restart trigger failed: ${msg}`);
+        });
+    }, RESTART_DELAY_MS).unref?.();
+    return true;
+}

package/dist/src/http/handlers/sse.js

@@ -3,6 +3,7 @@ import { getHostOpenClawConfigSnapshot } from "../../host-config.js";
 import { getFridayNextRuntime } from "../../runtime.js";
 import { sseEmitter } from "../../sse/emitter.js";
 import { extractBearerToken } from "../middleware/auth.js";
+import { PLUGIN_VERSION } from "../../version.js";
 function parseLastEventId(req, url) {
     const query = Number.parseInt(url.searchParams.get("lastEventId") ?? "", 10);
     if (Number.isFinite(query))
@@ -48,6 +49,7 @@ export async function handleSseStream(req, res) {
             deviceId: normalized,
             serverTime: Date.now(),
             lastSeq,
+            pluginVersion: PLUGIN_VERSION,
         },
     }, deviceId, true);
     const lastEventId = parseLastEventId(req, url);

package/dist/src/http/handlers/status.js

@@ -1,6 +1,7 @@
 import { getActiveRunIds } from "../../agent/active-runs.js";
 import { sseEmitter } from "../../sse/emitter.js";
 import { extractBearerToken } from "../middleware/auth.js";
+import { PLUGIN_VERSION } from "../../version.js";
 export async function handleStatus(req, res) {
     if (req.method !== "GET") {
         res.statusCode = 405;
@@ -21,6 +22,7 @@ export async function handleStatus(req, res) {
         ok: true,
         channel: "friday-next",
         version: "v2",
+        pluginVersion: PLUGIN_VERSION,
         connections: sseEmitter.getConnectionCount(),
         activeRuns,
         activeRunCount: activeRuns.length,

package/dist/src/http/server.js

@@ -19,6 +19,8 @@ import { handleHistoryMessages } from "./handlers/history-messages.js";
 import { handleHistorySetTitle } from "./handlers/history-set-title.js";
 import { handleStatus } from "./handlers/status.js";
 import { handleHealth } from "./handlers/health.js";
+import { handlePluginInfo } from "./handlers/plugin-info.js";
+import { handlePluginUpgrade } from "./handlers/plugin-upgrade.js";
 import { applyCorsHeaders } from "./middleware/cors.js";
 import { resolveFridayNextConfig } from "../config.js";
 import { getHostOpenClawConfigSnapshot } from "../host-config.js";
@@ -87,6 +89,14 @@ async function handleFridayNextRoute(req, res) {
     if (req.method === "GET" && pathname === "/friday-next/health") {
         return await handleHealth(req, res);
     }
+    // Route: GET /friday-next/plugin/info (current/latest version + upgradability)
+    if (req.method === "GET" && pathname === "/friday-next/plugin/info") {
+        return await handlePluginInfo(req, res);
+    }
+    // Route: POST /friday-next/plugin/upgrade (npm install @latest + safe gateway restart)
+    if (req.method === "POST" && pathname === "/friday-next/plugin/upgrade") {
+        return await handlePluginUpgrade(req, res);
+    }
     // Not found
     return false;
 }

package/dist/src/plugin-install-info.d.ts

@@ -0,0 +1,15 @@
+/** Install source from the OpenClaw config `plugins.installs[<id>].source`. */
+export type InstallSource = "npm" | "path" | "archive" | "clawhub" | "git" | "marketplace" | "unknown";
+/**
+ * Read the install source for this plugin from the live config snapshot.
+ * Returns "unknown" when the record can't be resolved (e.g. runtime not captured).
+ * Only "npm" is auto-upgradable; "path" means a dev (load.paths) install which must
+ * never be npm-upgraded (would duplicate-install and break agent media sends).
+ */
+export declare function getInstallSource(): InstallSource;
+/** Compare dotted numeric versions. Returns true if `a` is strictly greater than `b`. */
+export declare function semverGreater(a: string | null | undefined, b: string | null | undefined): boolean;
+/** Fetch the latest published version from the npm registry (cached ~10min). Null on failure. */
+export declare function fetchLatestVersion(nowMs: number): Promise<string | null>;
+/** Vitest-only */
+export declare function resetLatestVersionCacheForTest(): void;

package/dist/src/plugin-install-info.js

@@ -0,0 +1,87 @@
+/**
+ * Helpers for the plugin upgrade feature: read this plugin's install record
+ * (source: "npm" vs "path"/dev), compare semver, and look up the latest version
+ * published to the npm registry (cached).
+ */
+import { getUpgradeRuntime } from "./upgrade-runtime.js";
+import { PLUGIN_ID, PLUGIN_PACKAGE_NAME } from "./version.js";
+/**
+ * Read the install source for this plugin from the live config snapshot.
+ * Returns "unknown" when the record can't be resolved (e.g. runtime not captured).
+ * Only "npm" is auto-upgradable; "path" means a dev (load.paths) install which must
+ * never be npm-upgraded (would duplicate-install and break agent media sends).
+ */
+export function getInstallSource() {
+    const rt = getUpgradeRuntime();
+    if (!rt)
+        return "unknown";
+    try {
+        const cfg = rt.currentConfig();
+        const source = cfg?.plugins?.installs?.[PLUGIN_ID]?.source;
+        if (source === "npm" ||
+            source === "path" ||
+            source === "archive" ||
+            source === "clawhub" ||
+            source === "git" ||
+            source === "marketplace") {
+            return source;
+        }
+        return "unknown";
+    }
+    catch {
+        return "unknown";
+    }
+}
+/** Compare dotted numeric versions. Returns true if `a` is strictly greater than `b`. */
+export function semverGreater(a, b) {
+    if (!a || !b)
+        return false;
+    const pa = parseSemver(a);
+    const pb = parseSemver(b);
+    for (let i = 0; i < 3; i++) {
+        if (pa[i] > pb[i])
+            return true;
+        if (pa[i] < pb[i])
+            return false;
+    }
+    return false;
+}
+function parseSemver(v) {
+    // Strip a leading "v" and any pre-release/build suffix, keep major.minor.patch.
+    const core = v.trim().replace(/^v/i, "").split(/[-+]/)[0];
+    const parts = core.split(".").map((p) => Number.parseInt(p, 10));
+    return [parts[0] || 0, parts[1] || 0, parts[2] || 0];
+}
+let cachedLatest = null;
+const LATEST_TTL_MS = 10 * 60 * 1000;
+/** Fetch the latest published version from the npm registry (cached ~10min). Null on failure. */
+export async function fetchLatestVersion(nowMs) {
+    if (cachedLatest && nowMs - cachedLatest.fetchedAt < LATEST_TTL_MS) {
+        return cachedLatest.version;
+    }
+    let version = null;
+    try {
+        const controller = new AbortController();
+        const timer = setTimeout(() => controller.abort(), 5000);
+        try {
+            const res = await fetch(`https://registry.npmjs.org/${PLUGIN_PACKAGE_NAME}/latest`, { signal: controller.signal, headers: { Accept: "application/json" } });
+            if (res.ok) {
+                const body = (await res.json());
+                if (typeof body.version === "string" && body.version)
+                    version = body.version;
+            }
+        }
+        finally {
+            clearTimeout(timer);
+        }
+    }
+    catch {
+        version = null;
+    }
+    cachedLatest = { version, fetchedAt: nowMs };
+    return version;
+}
+/** Vitest-only */
+export function resetLatestVersionCacheForTest() {
+    cachedLatest = null;
+}

package/dist/src/upgrade-runtime.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Captures the full plugin runtime (`api.runtime`) at `registerFull` time so the
+ * plugin-info / plugin-upgrade HTTP handlers can reach `system.runCommandWithTimeout`
+ * and `config.mutateConfigFile` — capabilities the narrow `getFridayNextRuntime()`
+ * store does NOT expose (it only carries `config`/`logger`).
+ *
+ * Mirrors the `setFridayAgentForwardRuntime` capture pattern in agent-forward-runtime.ts.
+ */
+import type { OpenClawPluginApi } from "openclaw/plugin-sdk/plugin-entry";
+export type SpawnResultLike = {
+    code: number | null;
+    stdout: string;
+    stderr: string;
+    [key: string]: unknown;
+};
+export type ConfigAfterWrite = {
+    mode: "auto";
+} | {
+    mode: "restart";
+    reason: string;
+} | {
+    mode: "none";
+    reason: string;
+};
+export type UpgradeRuntime = {
+    /** Run a command (argv) with a timeout in ms; resolves with stdout/stderr/code. */
+    runCommandWithTimeout: (argv: string[], timeoutMs: number) => Promise<SpawnResultLike>;
+    /** Read the current (deep-readonly) OpenClaw config snapshot. */
+    currentConfig: () => unknown;
+    /** Mutate the config file; `afterWrite: { mode: "restart" }` triggers a safe gateway restart. */
+    mutateConfigFile: (params: {
+        afterWrite: ConfigAfterWrite;
+        mutate: (draft: unknown) => unknown | void;
+    }) => Promise<unknown>;
+};
+export declare function setUpgradeRuntime(api: OpenClawPluginApi): void;
+export declare function getUpgradeRuntime(): UpgradeRuntime | null;
+/** Vitest-only */
+export declare function resetUpgradeRuntimeForTest(): void;

package/dist/src/upgrade-runtime.js

@@ -0,0 +1,27 @@
+let upgradeRuntime = null;
+export function setUpgradeRuntime(api) {
+    const runtime = api.runtime;
+    upgradeRuntime = {
+        runCommandWithTimeout: async (argv, timeoutMs) => {
+            const run = runtime.system?.runCommandWithTimeout;
+            if (!run)
+                throw new Error("runtime.system.runCommandWithTimeout unavailable");
+            // `runCommandWithTimeout(argv, number | CommandOptions)` — pass the bare ms.
+            return run(argv, timeoutMs);
+        },
+        currentConfig: () => runtime.config.current(),
+        mutateConfigFile: async (params) => {
+            const mutate = runtime.config.mutateConfigFile;
+            if (!mutate)
+                throw new Error("runtime.config.mutateConfigFile unavailable");
+            return mutate(params);
+        },
+    };
+}
+export function getUpgradeRuntime() {
+    return upgradeRuntime;
+}
+/** Vitest-only */
+export function resetUpgradeRuntimeForTest() {
+    upgradeRuntime = null;
+}

package/dist/src/version.d.ts

@@ -0,0 +1,5 @@
+export declare const PLUGIN_VERSION: string;
+/** npm package name, used for the upgrade spec and registry lookup. */
+export declare const PLUGIN_PACKAGE_NAME = "@syengup/friday-channel-next";
+/** Plugin id as registered with OpenClaw (used to read the install record). */
+export declare const PLUGIN_ID = "friday-next";

package/dist/src/version.js

@@ -0,0 +1,37 @@
+/**
+ * Plugin self-version.
+ *
+ * Resolved at module load by reading this package's own package.json relative to
+ * the compiled module URL. `tsc` does NOT copy package.json into `dist/`, and a
+ * JSON `import` would rewrite to a non-existent `dist/package.json`, so we read
+ * the real file from disk and walk a couple of candidate paths. Falls back to a
+ * hardcoded constant if the file can't be located (keep in sync with package.json).
+ */
+import { readFileSync } from "node:fs";
+import { fileURLToPath } from "node:url";
+/** Keep in sync with package.json "version" as a last-resort fallback. */
+const FALLBACK_VERSION = "0.1.27";
+function resolvePluginVersion() {
+    // dist layout: <root>/dist/src/version.js → ../../package.json = <root>/package.json
+    // source layout (vitest/jiti): <root>/src/version.ts → ../package.json = <root>/package.json
+    const candidates = ["../../package.json", "../package.json"];
+    for (const rel of candidates) {
+        try {
+            const path = fileURLToPath(new URL(rel, import.meta.url));
+            const raw = readFileSync(path, "utf8");
+            const pkg = JSON.parse(raw);
+            if (pkg.name === "@syengup/friday-channel-next" && typeof pkg.version === "string" && pkg.version) {
+                return pkg.version;
+            }
+        }
+        catch {
+            // try next candidate
+        }
+    }
+    return FALLBACK_VERSION;
+}
+export const PLUGIN_VERSION = resolvePluginVersion();
+/** npm package name, used for the upgrade spec and registry lookup. */
+export const PLUGIN_PACKAGE_NAME = "@syengup/friday-channel-next";
+/** Plugin id as registered with OpenClaw (used to read the install record). */
+export const PLUGIN_ID = "friday-next";

package/index.ts

@@ -15,6 +15,7 @@ import {
   resolveFridayDeviceIdForSessionKey,
 } from "./src/friday-session.js";
 import { setFridayAgentForwardRuntime } from "./src/agent-forward-runtime.js";
+import { setUpgradeRuntime } from "./src/upgrade-runtime.js";
 import { getOpenClawAgentRunContext } from "./src/agent-run-context-bridge.js";
 import { accumulateRunUsage } from "./src/agent/run-usage-accumulator.js";
 import { createFridayNextLogger } from "./src/logging.js";
@@ -86,6 +87,7 @@ export default defineChannelPluginEntry({
   setRuntime: setFridayNextRuntime,
   registerFull: (api: OpenClawPluginApi) => {
     setFridayAgentForwardRuntime(api);
+    setUpgradeRuntime(api);
     const sameApi = lastApiRoutesRegistered?.deref() === api;
     if (!sameApi) {
       lastApiRoutesRegistered = new WeakRef(api);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@syengup/friday-channel-next",
-  "version": "0.1.25",
+  "version": "0.1.27",
   "description": "OpenClaw Friday Next Apple channel plugin",
   "license": "MIT",
   "type": "module",