@syengup/friday-channel-next 0.1.30 → 0.1.37

package/src/http/handlers/cancel.ts

@@ -1,5 +1,6 @@
 import type { IncomingMessage, ServerResponse } from "node:http";
-import { abortRun } from "../../agent/abort-run.js";
+import { abortRunForSessionKey } from "../../agent/abort-run.js";
+import { getRunRoute } from "../../run-metadata.js";
 import { sseEmitter } from "../../sse/emitter.js";
 import { readJsonBody } from "../middleware/body.js";
 import { extractBearerToken } from "../middleware/auth.js";
@@ -20,16 +21,23 @@ export async function handleCancel(req: IncomingMessage, res: ServerResponse): P
   }
   const body = await readJsonBody(req);
   const runId = typeof body?.runId === "string" ? body.runId.trim() : "";
-  if (!runId) {
+  // sessionKey is the primary identifier (one active run per session); runId is a
+  // back-compat fallback for older apps — resolve it to a sessionKey via the run route.
+  const sessionKey =
+    (typeof body?.sessionKey === "string" ? body.sessionKey.trim() : "") ||
+    (runId ? (getRunRoute(runId)?.sessionKey?.trim() ?? "") : "");
+  if (!sessionKey && !runId) {
     res.statusCode = 400;
     res.setHeader("Content-Type", "application/json");
-    res.end(JSON.stringify({ error: "Missing runId" }));
+    res.end(JSON.stringify({ error: "Missing sessionKey or runId" }));
     return true;
   }
-  await abortRun(runId);
-  sseEmitter.untrackRun(runId);
+  const result = sessionKey
+    ? await abortRunForSessionKey(sessionKey)
+    : { aborted: false, drained: false };
+  if (runId) sseEmitter.untrackRun(runId);
   res.statusCode = 200;
   res.setHeader("Content-Type", "application/json");
-  res.end(JSON.stringify({ ok: true, runId, cancelled: true }));
+  res.end(JSON.stringify({ ok: true, sessionKey, runId, cancelled: true, ...result }));
   return true;
 }

package/src/http/handlers/device-approve.test.ts

@@ -28,8 +28,14 @@ class MockRes extends EventEmitter {
   }
 }
 
-function mockReq(method: string, headers: Record<string, string> = {}): PassThrough & { method: string; headers: Record<string, string> } {
-  const stream = new PassThrough() as unknown as PassThrough & { method: string; headers: Record<string, string> };
+function mockReq(
+  method: string,
+  headers: Record<string, string> = {},
+): PassThrough & { method: string; headers: Record<string, string> } {
+  const stream = new PassThrough() as unknown as PassThrough & {
+    method: string;
+    headers: Record<string, string>;
+  };
   stream.method = method;
   stream.headers = headers;
   return stream;
@@ -92,7 +98,10 @@ describe("handleDeviceApprove", () => {
   });
 
   it("returns 404 when listDevicePairing returns data without matching device", async () => {
-    mockList.mockResolvedValueOnce({ pending: [{ requestId: "x", deviceId: "UNMATCHED" }], paired: [] });
+    mockList.mockResolvedValueOnce({
+      pending: [{ requestId: "x", deviceId: "UNMATCHED" }],
+      paired: [],
+    });
 
     const req = mockReq("POST", { authorization: "Bearer test-token" });
     const res = new MockRes() as unknown as ServerResponse;

package/src/http/handlers/device-approve.ts

@@ -67,21 +67,25 @@ export async function handleDeviceApprove(
     if (pairedDevice) {
       res.statusCode = 200;
       res.setHeader("Content-Type", "application/json");
-      res.end(JSON.stringify({
-        ok: true,
-        deviceId: normalizedDeviceId,
-        alreadyApproved: true,
-        approvedAtMs: (pairedDevice as any).approvedAtMs,
-      }));
+      res.end(
+        JSON.stringify({
+          ok: true,
+          deviceId: normalizedDeviceId,
+          alreadyApproved: true,
+          approvedAtMs: (pairedDevice as any).approvedAtMs,
+        }),
+      );
       return true;
     }
 
     res.statusCode = 404;
     res.setHeader("Content-Type", "application/json");
-    res.end(JSON.stringify({
-      error: "No pending device found for this deviceId",
-      deviceId: normalizedDeviceId,
-    }));
+    res.end(
+      JSON.stringify({
+        error: "No pending device found for this deviceId",
+        deviceId: normalizedDeviceId,
+      }),
+    );
     return true;
   }
 
@@ -95,10 +99,12 @@ export async function handleDeviceApprove(
     log.error(`approveDevicePairing failed: ${err instanceof Error ? err.message : String(err)}`);
     res.statusCode = 502;
     res.setHeader("Content-Type", "application/json");
-    res.end(JSON.stringify({
-      error: "Device approval failed",
-      detail: err instanceof Error ? err.message : "Unknown error",
-    }));
+    res.end(
+      JSON.stringify({
+        error: "Device approval failed",
+        detail: err instanceof Error ? err.message : "Unknown error",
+      }),
+    );
     return true;
   }
 
@@ -112,17 +118,23 @@ export async function handleDeviceApprove(
   if (approved.status === "forbidden") {
     res.statusCode = 403;
     res.setHeader("Content-Type", "application/json");
-    res.end(JSON.stringify({ error: `Device approval forbidden: ${(approved as any).reason ?? "unknown"}` }));
+    res.end(
+      JSON.stringify({
+        error: `Device approval forbidden: ${(approved as any).reason ?? "unknown"}`,
+      }),
+    );
     return true;
   }
 
   res.statusCode = 200;
   res.setHeader("Content-Type", "application/json");
-  res.end(JSON.stringify({
-    ok: true,
-    deviceId: normalizedDeviceId,
-    requestId: approved.requestId,
-    approvedAtMs: (approved as any).device?.approvedAtMs,
-  }));
+  res.end(
+    JSON.stringify({
+      ok: true,
+      deviceId: normalizedDeviceId,
+      requestId: approved.requestId,
+      approvedAtMs: (approved as any).device?.approvedAtMs,
+    }),
+  );
   return true;
 }

package/src/http/handlers/files-download.ts

@@ -63,7 +63,10 @@ function tryDecodeURIComponent(segment: string): string | null {
  */
 function contentDispositionInline(filename: string): string {
   const base =
-    path.basename(filename).replace(/[\r\n"]/g, "_").replace(/\\/g, "_") || "file";
+    path
+      .basename(filename)
+      .replace(/[\r\n"]/g, "_")
+      .replace(/\\/g, "_") || "file";
   const ascii = /^[\x20-\x7E]*$/.test(base) ? base : "file";
   return `inline; filename="${ascii}"; filename*=UTF-8''${encodeURIComponent(base)}`;
 }
@@ -82,9 +85,7 @@ function sendBuffer(
   const disposition = contentDispositionInline(filename);
   const rangeRaw = req.headers.range;
   const range =
-    typeof rangeRaw === "string" && /^bytes=/i.test(rangeRaw.trim())
-      ? rangeRaw.trim()
-      : undefined;
+    typeof rangeRaw === "string" && /^bytes=/i.test(rangeRaw.trim()) ? rangeRaw.trim() : undefined;
 
   res.setHeader("Accept-Ranges", "bytes");
   res.setHeader("Cache-Control", "private, max-age=3600");
@@ -110,7 +111,7 @@ function sendBuffer(
   let end = total - 1;
 
   if (m[1] === "" && m[2] !== "") {
-    const suffixLen = parseInt(m[2]!, 10);
+    const suffixLen = parseInt(m[2], 10);
     if (!Number.isFinite(suffixLen) || suffixLen <= 0) {
       res.statusCode = 200;
       res.setHeader("Content-Length", String(total));
@@ -120,11 +121,11 @@ function sendBuffer(
     start = Math.max(0, total - suffixLen);
     end = total - 1;
   } else if (m[1] !== "" && m[2] === "") {
-    start = parseInt(m[1]!, 10);
+    start = parseInt(m[1], 10);
     end = total - 1;
   } else if (m[1] !== "" && m[2] !== "") {
-    start = parseInt(m[1]!, 10);
-    end = parseInt(m[2]!, 10);
+    start = parseInt(m[1], 10);
+    end = parseInt(m[2], 10);
   }
 
   if (!Number.isFinite(start) || !Number.isFinite(end) || start > end || start >= total) {
@@ -190,7 +191,13 @@ export async function handleFilesDownload(
     // 1.2 Plugin-root attachments/ (survives gateway restarts; basename = URL token)
     const fromAttachments = readAttachmentFileFromDisk(fileToken);
     if (fromAttachments) {
-      sendBuffer(req, res, fromAttachments.buffer, fromAttachments.mimeType, fromAttachments.filename);
+      sendBuffer(
+        req,
+        res,
+        fromAttachments.buffer,
+        fromAttachments.mimeType,
+        fromAttachments.filename,
+      );
       return true;
     }
 
@@ -211,10 +218,7 @@ export async function handleFilesDownload(
     // fileId may include an extension (e.g. "uuid.png") — strip it to get the base id
     const baseId = fileToken.replace(/\.[^.]+$/, "");
     const mediaDir = path.join(os.homedir(), ".openclaw", "media", "inbound");
-    const candidates = [
-      path.join(mediaDir, baseId),
-      path.join(mediaDir, fileToken),
-    ];
+    const candidates = [path.join(mediaDir, baseId), path.join(mediaDir, fileToken)];
 
     for (const filePath of candidates) {
       if (fs.existsSync(filePath)) {

package/src/http/handlers/files.test.ts

@@ -0,0 +1,120 @@
+import { afterEach, beforeEach, describe, expect, it } from "vitest";
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import {
+  clearFileIndexForTest,
+  fridayFilesPublicUrl,
+  readAttachmentFileFromDisk,
+  rememberInboundMediaName,
+  resolveMediaAttachment,
+  setAttachmentsDirForTest,
+  storeFile,
+} from "./files.js";
+
+let tmpDir: string;
+
+beforeEach(() => {
+  tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "fn-files-"));
+  setAttachmentsDirForTest(tmpDir);
+  clearFileIndexForTest();
+});
+
+afterEach(() => {
+  setAttachmentsDirForTest(null);
+  clearFileIndexForTest();
+  fs.rmSync(tmpDir, { recursive: true, force: true });
+});
+
+describe("attachment original filename survives a gateway restart", () => {
+  it("stores under a uuid token but recovers the original filename from disk", () => {
+    const stored = storeFile(
+      Buffer.from("%PDF-1.4 fake"),
+      "Quarterly Report.pdf",
+      "application/pdf",
+    );
+    expect(stored.urlToken).not.toBe("Quarterly Report.pdf");
+
+    const disk = readAttachmentFileFromDisk(stored.urlToken);
+    expect(disk).not.toBeNull();
+    // The display/download name is the original — not the on-disk uuid.
+    expect(disk!.filename).toBe("Quarterly Report.pdf");
+    expect(disk!.mimeType).toBe("application/pdf");
+    // The disk basename stays the uuid token so URLs keep pointing at the real file.
+    expect(disk!.diskName).toBe(stored.urlToken);
+  });
+
+  it("resolveMediaAttachment keeps the original name after the in-memory index is cleared", () => {
+    const stored = storeFile(Buffer.from("notes body"), "meeting-notes.txt", "text/plain");
+    const url = `/friday-next/files/${encodeURIComponent(stored.urlToken)}`;
+
+    // Simulate a gateway restart: the in-memory index is gone, only disk remains.
+    clearFileIndexForTest();
+
+    const resolved = resolveMediaAttachment(url);
+    expect(resolved).not.toBeNull();
+    expect(resolved!.fileName).toBe("meeting-notes.txt");
+    expect(resolved!.url).toBe(url);
+  });
+
+  it("fridayFilesPublicUrl still points at the on-disk token after a restart", () => {
+    const stored = storeFile(Buffer.from("x"), "doc.docx", "application/octet-stream");
+    clearFileIndexForTest();
+
+    const publicUrl = fridayFilesPublicUrl(
+      `/friday-next/files/${encodeURIComponent(stored.urlToken)}`,
+    );
+    expect(publicUrl).toBe(`/friday-next/files/${encodeURIComponent(stored.urlToken)}`);
+  });
+
+  it("falls back to the on-disk basename for legacy files that have no sidecar", () => {
+    // A file stored before this fix: raw uuid token on disk, no .fnmeta sidecar.
+    const token = "11111111-2222-3333-4444-555555555555.pdf";
+    fs.writeFileSync(path.join(tmpDir, token), Buffer.from("legacy"));
+
+    const disk = readAttachmentFileFromDisk(token);
+    expect(disk).not.toBeNull();
+    expect(disk!.filename).toBe(token);
+    expect(disk!.diskName).toBe(token);
+  });
+
+  it("never serves the sidecar file itself", () => {
+    const stored = storeFile(Buffer.from("y"), "report.pdf", "application/pdf");
+    expect(readAttachmentFileFromDisk(`${stored.urlToken}.fnmeta`)).toBeNull();
+  });
+});
+
+describe("inbound user attachments (core media-store renames to a bare uuid)", () => {
+  it("recovers the original upload name from the remembered inbound sidecar on rebuild", () => {
+    // Core copies the upload to media/inbound/<uuid> with no extension and no name;
+    // the transcript records this path. We remembered the real name at send time.
+    const inboundUuid = "c950d280-55e5-4e06-aede-9f08653362a8";
+    const inboundPath = path.join(tmpDir, "..", "media", "inbound", inboundUuid);
+    fs.mkdirSync(path.dirname(inboundPath), { recursive: true });
+    fs.writeFileSync(inboundPath, Buffer.from("%PDF body"));
+
+    rememberInboundMediaName(inboundPath, "Project Brief.pdf", "application/pdf");
+
+    // History rebuild: resolveMediaAttachment is handed the raw inbound path.
+    const resolved = resolveMediaAttachment(inboundPath);
+    expect(resolved).not.toBeNull();
+    expect(resolved!.fileName).toBe("Project Brief.pdf");
+    // The copy carries the recovered extension so downloads open correctly.
+    expect(resolved!.url).toMatch(/\.pdf$/);
+
+    fs.rmSync(path.dirname(inboundPath), { recursive: true, force: true });
+  });
+
+  it("falls back to the bare uuid when nothing was remembered (pre-fix messages)", () => {
+    const inboundUuid = "99999999-0000-1111-2222-333333333333";
+    const inboundPath = path.join(tmpDir, "..", "media", "inbound", inboundUuid);
+    fs.mkdirSync(path.dirname(inboundPath), { recursive: true });
+    fs.writeFileSync(inboundPath, Buffer.from("legacy"));
+
+    const resolved = resolveMediaAttachment(inboundPath);
+    expect(resolved).not.toBeNull();
+    expect(resolved!.fileName).toBe(inboundUuid);
+
+    fs.rmSync(path.dirname(inboundPath), { recursive: true, force: true });
+  });
+});

package/src/http/handlers/files.ts

@@ -25,7 +25,9 @@ export function setAttachmentsDirForTest(dir: string | null): void {
 /** Resolve `<historyDir>/../attachments`, mirroring the offline-queue layout. */
 function resolveAttachmentsDir(): string {
   try {
-    const cfg = resolveFridayNextConfig(getHostOpenClawConfigSnapshot(getFridayNextRuntime().config));
+    const cfg = resolveFridayNextConfig(
+      getHostOpenClawConfigSnapshot(getFridayNextRuntime().config),
+    );
     return path.join(path.dirname(cfg.historyDir), "attachments");
   } catch {
     return path.join(os.homedir(), ".openclaw", "friday-next", "attachments");
@@ -72,6 +74,74 @@ function resolveStoredFile(key: string): StoredFile | undefined {
   return fileIndex.get(key) ?? fileTokenIndex.get(key);
 }
 
+/** Clear the in-memory file index. Test-only: simulates a gateway restart. */
+export function clearFileIndexForTest(): void {
+  fileIndex.clear();
+  fileTokenIndex.clear();
+  externalFileSourceIndex.clear();
+}
+
+/**
+ * The on-disk basename is a `<uuid>.<ext>` token, and the original filename lives only in
+ * the process-local `fileIndex`. To keep the real name after a gateway restart (when the
+ * index is empty) we persist it in a sidecar JSON file next to each stored attachment.
+ */
+interface AttachmentMetaSidecar {
+  filename: string;
+  mimeType: string;
+}
+
+const META_SIDECAR_SUFFIX = ".fnmeta";
+
+function metaSidecarPath(urlToken: string): string {
+  return path.join(getAttachmentsDir(), `${urlToken}${META_SIDECAR_SUFFIX}`);
+}
+
+function writeAttachmentMetaSidecar(urlToken: string, filename: string, mimeType: string): void {
+  try {
+    fs.writeFileSync(metaSidecarPath(urlToken), JSON.stringify({ filename, mimeType }));
+  } catch (err) {
+    logger.warn(`writeAttachmentMetaSidecar failed for "${urlToken}": ${String(err)}`);
+  }
+}
+
+/**
+ * Remember the original upload filename for an inbound media file.
+ *
+ * When a user sends an attachment, core's media-store copies it to
+ * `~/.openclaw/media/inbound/<uuid>` — a bare uuid with no extension and no original
+ * name — and the transcript records THAT path. So on history rebuild the original name
+ * is unrecoverable. We stash it here (keyed by the inbound basename, reusing the sidecar
+ * scheme but inside our own attachments dir) at send time, while we still know it.
+ */
+export function rememberInboundMediaName(
+  inboundPath: string,
+  filename: string,
+  mimeType: string,
+): void {
+  const key = path.basename(inboundPath);
+  const name = filename.trim();
+  if (!key || !name) return;
+  writeAttachmentMetaSidecar(key, name, mimeType);
+}
+
+function readAttachmentMetaSidecar(urlToken: string): AttachmentMetaSidecar | null {
+  try {
+    const raw = fs.readFileSync(metaSidecarPath(urlToken), "utf8");
+    const parsed = JSON.parse(raw) as Partial<AttachmentMetaSidecar>;
+    if (parsed && typeof parsed.filename === "string" && parsed.filename) {
+      return {
+        filename: parsed.filename,
+        mimeType: typeof parsed.mimeType === "string" ? parsed.mimeType : "",
+      };
+    }
+  } catch {
+    // Missing or malformed sidecar (e.g. attachment stored before this fix) — caller
+    // falls back to the on-disk basename.
+  }
+  return null;
+}
+
 /**
  * Read a file from `attachments/` by URL path token (disk basename).
  * Used when the in-memory index was cleared after a gateway restart.
@@ -79,16 +149,26 @@ function resolveStoredFile(key: string): StoredFile | undefined {
 export function readAttachmentFileFromDisk(fileToken: string): {
   buffer: Buffer;
   mimeType: string;
+  /** Original display/download filename (from sidecar; falls back to the on-disk basename). */
   filename: string;
+  /** On-disk basename / urlToken — use this to build `/friday-next/files/{token}` URLs. */
+  diskName: string;
 } | null {
   const safe = path.basename(fileToken);
   if (!safe || safe === "." || safe === "..") return null;
+  if (safe.endsWith(META_SIDECAR_SUFFIX)) return null;
   const dir = getAttachmentsDir();
   const full = path.join(dir, safe);
   if (!fs.existsSync(full) || !fs.statSync(full).isFile()) return null;
   try {
     const buffer = fs.readFileSync(full);
-    return { buffer, mimeType: guessMimeType(safe), filename: safe };
+    const meta = readAttachmentMetaSidecar(safe);
+    return {
+      buffer,
+      mimeType: meta?.mimeType || guessMimeType(safe),
+      filename: meta?.filename || safe,
+      diskName: safe,
+    };
   } catch {
     return null;
   }
@@ -117,14 +197,20 @@ export function normalizeAgentMediaPath(raw: string): string {
   return s;
 }
 
-function copyLocalFileToAttachments(sourcePath: string): StoredFile | null {
+function copyLocalFileToAttachments(
+  sourcePath: string,
+  originalFilename?: string,
+): StoredFile | null {
   const resolvedPath = normalizeAgentMediaPath(sourcePath);
-  const filename = path.basename(resolvedPath);
+  const diskBasename = path.basename(resolvedPath);
+  // Prefer the caller-supplied original name (recovered from an inbound sidecar); fall
+  // back to the on-disk basename (which for core inbound media is a bare uuid).
+  const filename = originalFilename?.trim() || diskBasename;
   if (!filename) return null;
   try {
     if (!fs.existsSync(resolvedPath) || !fs.statSync(resolvedPath).isFile()) return null;
     const id = crypto.randomUUID();
-    const ext = path.extname(filename);
+    const ext = path.extname(filename) || path.extname(diskBasename);
     const urlToken = ext ? `${id}${ext}` : id;
     const storedPath = path.join(getAttachmentsDir(), urlToken);
     try {
@@ -134,7 +220,9 @@ function copyLocalFileToAttachments(sourcePath: string): StoredFile | null {
       // Fallback to read+write so attachment persistence still works.
       const raw = fs.readFileSync(resolvedPath);
       fs.writeFileSync(storedPath, raw);
-      logger.warn(`copyLocalFileToAttachments copy fallback used for "${resolvedPath}": ${String(copyErr)}`);
+      logger.warn(
+        `copyLocalFileToAttachments copy fallback used for "${resolvedPath}": ${String(copyErr)}`,
+      );
     }
     const stat = fs.statSync(storedPath);
     const mimeType = guessMimeType(filename);
@@ -148,6 +236,7 @@ function copyLocalFileToAttachments(sourcePath: string): StoredFile | null {
       createdAt: Date.now(),
     };
     registerStoredFile(file);
+    writeAttachmentMetaSidecar(urlToken, filename, mimeType);
     return file;
   } catch (err) {
     logger.error(`copyLocalFileToAttachments failed for "${resolvedPath}": ${String(err)}`);
@@ -168,7 +257,7 @@ export function storeFile(buffer: Buffer, filename: string, mimeType: string): S
   try {
     fs.writeFileSync(storedPath, buffer);
   } catch (err) {
-    throw new Error(`Failed to store file: ${String(err)}`);
+    throw new Error(`Failed to store file: ${String(err)}`, { cause: err });
   }
 
   const file: StoredFile = {
@@ -182,6 +271,7 @@ export function storeFile(buffer: Buffer, filename: string, mimeType: string): S
   };
 
   registerStoredFile(file);
+  writeAttachmentMetaSidecar(urlToken, safeFilename, mimeType);
   return file;
 }
 
@@ -218,7 +308,7 @@ export function fridayFilesPublicUrl(ref: string): string {
 
   const disk = readAttachmentFileFromDisk(lookupKey);
   if (disk) {
-    return `/friday-next/files/${encodeURIComponent(disk.filename)}`;
+    return `/friday-next/files/${encodeURIComponent(disk.diskName)}`;
   }
 
   const trimmed = ref.trim();
@@ -235,13 +325,17 @@ export function getExternalFileSourceByUrlToken(token: string): string | undefin
 /**
  * Read a file as a Buffer with its MIME type (by id or urlToken).
  */
-export function readFile(id: string): { buffer: Buffer | null; mimeType: string } {
+export function readFile(id: string): {
+  buffer: Buffer | null;
+  mimeType: string;
+  filename?: string;
+} {
   const file = resolveStoredFile(id);
   if (!file) return { buffer: null, mimeType: "application/octet-stream" };
   try {
-    return { buffer: fs.readFileSync(file.path), mimeType: file.mimeType };
+    return { buffer: fs.readFileSync(file.path), mimeType: file.mimeType, filename: file.filename };
   } catch {
-    return { buffer: null, mimeType: file.mimeType };
+    return { buffer: null, mimeType: file.mimeType, filename: file.filename };
   }
 }
 
@@ -294,19 +388,24 @@ export function resolveMediaAttachment(localPath: string): ResolvedAttachment |
     return { fileName: fallback, url: localPath };
   }
 
-  const filename = path.basename(localPath);
-  if (!filename) return null;
+  const basename = path.basename(localPath);
+  if (!basename) return null;
 
-  const stored = copyLocalFileToAttachments(localPath);
+  // Core inbound media is stored as a bare uuid (no name/extension). Recover the original
+  // upload name we stashed at send time, keyed by that uuid basename.
+  const remembered = readAttachmentMetaSidecar(basename)?.filename;
+  const originalName = remembered || basename;
+
+  const stored = copyLocalFileToAttachments(localPath, originalName);
   if (!stored) {
     // Best-effort fallback: still return a Friday URL so app can receive attachment event.
     // Download handler will try reading external source path lazily by token.
     const id = crypto.randomUUID();
-    const ext = path.extname(filename);
+    const ext = path.extname(originalName);
     const token = ext ? `${id}${ext}` : id;
     externalFileSourceIndex.set(token, normalizeAgentMediaPath(localPath));
     return {
-      fileName: filename,
+      fileName: originalName,
       url: `/friday-next/files/${encodeURIComponent(token)}`,
     };
   }
@@ -316,7 +415,6 @@ export function resolveMediaAttachment(localPath: string): ResolvedAttachment |
   };
 }
 
-
 /**
  * Guess MIME type from filename extension.
  */

package/src/http/handlers/health.test.ts

@@ -23,7 +23,11 @@ class MockRes extends EventEmitter {
   }
 }
 
-function mockReq(method: string, url: string, headers: Record<string, string> = {}): IncomingMessage {
+function mockReq(
+  method: string,
+  url: string,
+  headers: Record<string, string> = {},
+): IncomingMessage {
   return { method, url, headers } as IncomingMessage;
 }
 
@@ -82,7 +86,17 @@ describe("handleHealth", () => {
         {
           nodeId: NODE_ID,
           caps: ["location", "canvas"],
-          commands: ["location.get", "canvas.present", "canvas.hide", "canvas.navigate", "canvas.eval", "canvas.snapshot", "canvas.a2ui.push", "canvas.a2ui.pushJSONL", "canvas.a2ui.reset"],
+          commands: [
+            "location.get",
+            "canvas.present",
+            "canvas.hide",
+            "canvas.navigate",
+            "canvas.eval",
+            "canvas.snapshot",
+            "canvas.a2ui.push",
+            "canvas.a2ui.pushJSONL",
+            "canvas.a2ui.reset",
+          ],
         },
       ],
     });
@@ -104,9 +118,7 @@ describe("handleHealth", () => {
   it("returns degraded when node is missing required caps", async () => {
     mockListNodePairing.mockResolvedValueOnce({
       pending: [],
-      paired: [
-        { nodeId: NODE_ID, caps: ["canvas"], commands: ["canvas.present"] },
-      ],
+      paired: [{ nodeId: NODE_ID, caps: ["canvas"], commands: ["canvas.present"] }],
     });
 
     const req = mockReq("GET", `/friday-next/health?nodeDeviceId=${NODE_ID}`, {
@@ -127,7 +139,10 @@ describe("handleHealth", () => {
       pending: [{ requestId: REQUEST_ID, nodeId: NODE_ID }],
       paired: [],
     });
-    mockApproveNodePairing.mockResolvedValueOnce({ requestId: REQUEST_ID, node: { nodeId: NODE_ID } });
+    mockApproveNodePairing.mockResolvedValueOnce({
+      requestId: REQUEST_ID,
+      node: { nodeId: NODE_ID },
+    });
 
     const req = mockReq("GET", `/friday-next/health?nodeDeviceId=${NODE_ID}&selfHeal=true`, {
       authorization: "Bearer test-token",
@@ -186,7 +201,10 @@ describe("handleHealth", () => {
       pending: [{ requestId: REQUEST_ID, nodeId: NODE_ID }],
       paired: [],
     });
-    mockApproveNodePairing.mockResolvedValueOnce({ status: "forbidden", missingScope: "operator.admin" });
+    mockApproveNodePairing.mockResolvedValueOnce({
+      status: "forbidden",
+      missingScope: "operator.admin",
+    });
 
     const req = mockReq("GET", `/friday-next/health?nodeDeviceId=${NODE_ID}&selfHeal=true`, {
       authorization: "Bearer test-token",
@@ -236,14 +254,28 @@ describe("handleHealth", () => {
         {
           nodeId: NODE_ID,
           caps: ["location", "canvas"],
-          commands: ["location.get", "canvas.present", "canvas.hide", "canvas.navigate", "canvas.eval", "canvas.snapshot", "canvas.a2ui.push", "canvas.a2ui.pushJSONL", "canvas.a2ui.reset"],
+          commands: [
+            "location.get",
+            "canvas.present",
+            "canvas.hide",
+            "canvas.navigate",
+            "canvas.eval",
+            "canvas.snapshot",
+            "canvas.a2ui.push",
+            "canvas.a2ui.pushJSONL",
+            "canvas.a2ui.reset",
+          ],
         },
       ],
     });
 
-    const req = mockReq("GET", `/friday-next/health?deviceId=${DEVICE_ID}&nodeDeviceId=${NODE_ID}`, {
-      authorization: "Bearer test-token",
-    });
+    const req = mockReq(
+      "GET",
+      `/friday-next/health?deviceId=${DEVICE_ID}&nodeDeviceId=${NODE_ID}`,
+      {
+        authorization: "Bearer test-token",
+      },
+    );
     const res = new MockRes() as unknown as ServerResponse;
     await handleHealth(req, res);
     const body = JSON.parse((res as unknown as MockRes).body);