@syengup/friday-channel-next 0.1.40 → 1.0.0

package/src/codex-reasoning-config.ts

@@ -0,0 +1,82 @@
+// Ensures the Codex app-server backend emits reasoning *summary* text so Friday can stream it.
+//
+// Background: OpenAI models authenticated via ChatGPT/OAuth run through OpenClaw's Codex
+// app-server backend. That backend sends `reasoning_effort` per turn but never requests a
+// reasoning summary, and OpenClaw exposes no `openclaw.json` lever for it. Without a summary the
+// model's reasoning stays encrypted (`encrypted_content`) and no reasoning text reaches the
+// channel — so the Friday app shows no streaming "thinking" for Codex models.
+//
+// The only switch that makes Codex return summary text is the Codex CLI's own
+// `model_reasoning_summary` key in `~/.openclaw/agents/<id>/agent/codex-home/config.toml`.
+// We keep the fix on the plugin side by asserting that key on activation (idempotently, for every
+// agent that has a codex-home), so it survives OpenClaw rewrites of that file across restarts.
+
+import { existsSync, mkdirSync, readFileSync, readdirSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+
+const CONFIG_KEY = "model_reasoning_summary";
+// "detailed" is the value verified end-to-end (reasoning streamed to the app). Codex also accepts
+// "auto"/"concise"; tune here if the summaries feel too verbose.
+const SUMMARY_VALUE = "detailed";
+
+function resolveOpenClawHome(): string {
+  const env = process.env.OPENCLAW_HOME?.trim();
+  return env && env.length > 0 ? env : join(homedir(), ".openclaw");
+}
+
+/**
+ * True if a top-level `model_reasoning_summary` key already exists. TOML scoping matters: a key is
+ * only top-level (and thus honored by Codex) if it appears before the first `[section]` header, so
+ * we stop scanning at the first table header.
+ */
+export function hasTopLevelSummaryKey(content: string): boolean {
+  for (const raw of content.split(/\r?\n/)) {
+    const line = raw.trim();
+    if (line.startsWith("[")) break;
+    if (new RegExp(`^${CONFIG_KEY}\\s*=`).test(line)) return true;
+  }
+  return false;
+}
+
+function ensureKeyInCodexHome(codexHome: string): "added" | "present" | "skip" {
+  const configPath = join(codexHome, "config.toml");
+  const header = `${CONFIG_KEY} = "${SUMMARY_VALUE}"\n`;
+  if (!existsSync(configPath)) {
+    writeFileSync(configPath, header, "utf8");
+    return "added";
+  }
+  const content = readFileSync(configPath, "utf8");
+  if (hasTopLevelSummaryKey(content)) return "present";
+  // Prepend so the key stays top-level even if the file starts with a `[section]` table.
+  writeFileSync(configPath, `${header}\n${content}`, "utf8");
+  return "added";
+}
+
+/**
+ * Best-effort: ensure every agent's Codex config requests a reasoning summary. Never throws —
+ * activation must not fail because of a config write. `log` receives a one-line summary per change.
+ */
+export function ensureCodexReasoningSummary(log: (msg: string) => void): void {
+  try {
+    const agentsDir = join(resolveOpenClawHome(), "agents");
+    if (!existsSync(agentsDir)) return;
+    for (const agentId of readdirSync(agentsDir)) {
+      const codexHome = join(agentsDir, agentId, "agent", "codex-home");
+      // Only touch agents Codex has actually initialized (codex-home exists). New agents are
+      // picked up on the next activation/restart.
+      if (!existsSync(codexHome)) continue;
+      try {
+        mkdirSync(codexHome, { recursive: true });
+        const result = ensureKeyInCodexHome(codexHome);
+        if (result === "added") {
+          log(`codex reasoning summary enabled (agent=${agentId})`);
+        }
+      } catch (err) {
+        log(`codex reasoning summary write failed (agent=${agentId}): ${String(err)}`);
+      }
+    }
+  } catch (err) {
+    log(`codex reasoning summary ensure failed: ${String(err)}`);
+  }
+}

package/src/friday-session.ts

@@ -33,6 +33,27 @@ export function resetThinkingStreamAccumStateForTest(): void {
   lastThinkingTextByRun.clear();
 }
 
+/**
+ * Runs backed by the OpenClaw Codex app-server backend (model api `openai-chatgpt-responses`).
+ * They emit their activity under a `codex_app_server.*` stream namespace and — unlike the embedded
+ * runner — do NOT put reasoning text on the agent-event bus (`stream: "thinking"`); that text only
+ * arrives via the dispatch `onReasoningStream` callback. Likewise exec stdout never reaches the
+ * `command_output` stream. We mark a run as Codex the first time we see any `codex_app_server.*`
+ * frame so the message handler / tool hooks know to synthesize the missing `thinking` /
+ * `command_output` events for it (and ONLY for it — embedded runs already get both via the bus).
+ */
+const codexRunIds = new Set<string>();
+
+/** True once a `codex_app_server.*` frame has been seen for this run. */
+export function isCodexRun(runId: string): boolean {
+  return codexRunIds.has(runId);
+}
+
+/** Vitest-only */
+export function resetCodexRunTrackingForTest(): void {
+  codexRunIds.clear();
+}
+
 /**
  * OpenClaw `runId` → device UUID (uppercase).
  * When `lifecycle.end` / `error` is emitted, the gateway may call `clearAgentRunContext` before this extension's
@@ -346,6 +367,12 @@ export function forwardAgentEventRaw(evt: ForwardAgentEventArgs): void {
 
   openClawRunIdToDeviceId.set(evt.runId, deviceIdRaw.toUpperCase());
 
+  // Flag Codex app-server runs so the message handler / tool hooks synthesize the `thinking` /
+  // `command_output` events that this backend never emits on the bus (see `isCodexRun`).
+  if (typeof evt.stream === "string" && evt.stream.startsWith("codex_app_server")) {
+    codexRunIds.add(evt.runId);
+  }
+
   // Register sessionKey → runId so we can resolve parentRunId
   if (sk && evt.stream === "lifecycle" && evt.data.phase === "start") {
     registerSessionKeyForRun(sk, evt.runId);
@@ -500,6 +527,7 @@ export function forwardAgentEventRaw(evt: ForwardAgentEventArgs): void {
     }
     if (phase === "end" || phase === "error") {
       lastThinkingTextByRun.delete(evt.runId);
+      codexRunIds.delete(evt.runId);
     }
   }
 

package/src/http/handlers/approvals.ts

@@ -0,0 +1,61 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+import { resolveApprovalOverGateway } from "openclaw/plugin-sdk/approval-gateway-runtime";
+import { readJsonBody } from "../middleware/body.js";
+import { extractBearerToken } from "../middleware/auth.js";
+import { getHostOpenClawConfigSnapshot } from "../../host-config.js";
+import { getFridayNextRuntime } from "../../runtime.js";
+import { createFridayNextLogger } from "../../logging.js";
+
+const VALID_DECISIONS = new Set(["allow-once", "allow-always", "deny"]);
+
+/**
+ * POST /friday-next/approvals/{approvalId}
+ * Body: { decision: "allow-once" | "allow-always" | "deny", deviceId?: string }
+ *
+ * Submits the app user's decision for a pending exec/plugin approval back to the gateway. The bearer
+ * token gates auth (the device owner is the approver); the gateway then resumes / aborts the run.
+ */
+export async function handleApprovalDecision(
+  req: IncomingMessage,
+  res: ServerResponse,
+  approvalId: string,
+): Promise<boolean> {
+  const log = createFridayNextLogger("approvals");
+  const json = (status: number, body: Record<string, unknown>) => {
+    res.statusCode = status;
+    res.setHeader("Content-Type", "application/json");
+    res.end(JSON.stringify(body));
+    return true;
+  };
+
+  if (req.method !== "POST") return json(405, { error: "Method Not Allowed" });
+  if (!extractBearerToken(req)) return json(401, { error: "Unauthorized: bearer token mismatch" });
+  if (!approvalId.trim()) return json(400, { error: "Missing approvalId" });
+
+  const body = await readJsonBody(req);
+  if (!body) return json(400, { error: "Invalid JSON body" });
+
+  const decision = typeof body.decision === "string" ? body.decision.trim() : "";
+  if (!VALID_DECISIONS.has(decision)) {
+    return json(400, { error: "decision must be allow-once | allow-always | deny" });
+  }
+  const deviceId = typeof body.deviceId === "string" ? body.deviceId.trim().toUpperCase() : "";
+
+  const cfg = getHostOpenClawConfigSnapshot(getFridayNextRuntime().config);
+  try {
+    await resolveApprovalOverGateway({
+      cfg: cfg as Parameters<typeof resolveApprovalOverGateway>[0]["cfg"],
+      approvalId: approvalId.trim(),
+      decision: decision as "allow-once" | "allow-always" | "deny",
+      senderId: deviceId || null,
+      allowPluginFallback: true,
+      clientDisplayName: deviceId ? `Friday Next (${deviceId})` : "Friday Next",
+    });
+  } catch (err) {
+    log.error(`resolveApprovalOverGateway failed: ${err instanceof Error ? err.message : String(err)}`);
+    return json(502, { error: "Approval resolution failed", detail: String(err) });
+  }
+
+  log.info(`approval ${approvalId} resolved decision=${decision} device=${deviceId || "(none)"}`);
+  return json(200, { ok: true, approvalId: approvalId.trim(), decision });
+}

package/src/http/handlers/messages.ts

@@ -37,7 +37,11 @@ import {
 import { sseEmitter } from "../../sse/emitter.js";
 import { extractBearerToken } from "../middleware/auth.js";
 import { readJsonBody } from "../middleware/body.js";
-import { registerFridaySessionDeviceMapping } from "../../friday-session.js";
+import {
+  forwardAgentEventRaw,
+  isCodexRun,
+  registerFridaySessionDeviceMapping,
+} from "../../friday-session.js";
 import { touchFridayInbound } from "../../friday-inbound-stats.js";
 import {
   fridayAttachmentLookupKey,
@@ -631,6 +635,12 @@ export async function handleMessages(req: IncomingMessage, res: ServerResponse):
           runId,
           suppressTyping: true,
           disableBlockStreaming: true,
+          // A1: feed the chosen thinking level into the run as a one-shot override so the model
+          // request asks for a reasoning summary. The session-stored `thinkingLevel` alone is NOT
+          // honored by the reply dispatch; `thinkingLevelOverride` has top priority in OpenClaw's
+          // resolution chain (get-reply-directives). Required for Codex (openai-chatgpt-responses)
+          // to emit any reasoning at all.
+          ...(thinkingLevel ? { thinkingLevelOverride: thinkingLevel } : {}),
           onModelSelected: (sel: any) => {
             const name = typeof sel.model === "string" ? sel.model.trim() : "";
             if (name) {
@@ -646,6 +656,18 @@ export async function handleMessages(req: IncomingMessage, res: ServerResponse):
                 : undefined;
             const text = typeof rawText === "string" ? rawText : "";
             log("REASONING_STREAM", normalizedDeviceId, runId, `textLen=${text.length}`);
+            // A2: the embedded runner already emits `stream: "thinking"` on the agent-event bus, so
+            // forwarding here would double it. The Codex app-server backend does NOT — reasoning text
+            // only arrives via this callback (cumulative snapshot). Forward it as a thinking event
+            // (reusing forwardAgentEventRaw's cumulative→delta rewrite) ONLY for Codex runs.
+            if (text && isCodexRun(runId)) {
+              forwardAgentEventRaw({
+                runId,
+                stream: "thinking",
+                data: { text },
+                sessionKey: baseSessionKey,
+              });
+            }
           },
           onReasoningEnd: async () => {
             log("REASONING_STREAM_END", normalizedDeviceId, runId);

package/src/http/server.ts

@@ -13,6 +13,7 @@ import { handleFilesDownload } from "./handlers/files-download.js";
 import { handleCancel } from "./handlers/cancel.js";
 import { handleDeviceApprove } from "./handlers/device-approve.js";
 import { handleNodesApprove } from "./handlers/nodes-approve.js";
+import { handleApprovalDecision } from "./handlers/approvals.js";
 import { handleSessionsSettings } from "./handlers/sessions-settings.js";
 import { handleModelsList } from "./handlers/models-list.js";
 import { handleAgentsList } from "./handlers/agents-list.js";
@@ -76,6 +77,12 @@ async function handleFridayNextRoute(req: IncomingMessage, res: ServerResponse):
     return await handleNodesApprove(req, res);
   }
 
+  // Route: POST /friday-next/approvals/{approvalId} (submit exec/plugin approval decision)
+  if (req.method === "POST" && pathname.startsWith("/friday-next/approvals/")) {
+    const approvalId = decodeURIComponent(pathname.slice("/friday-next/approvals/".length));
+    return await handleApprovalDecision(req, res, approvalId);
+  }
+
   if (
     (req.method === "PUT" || req.method === "GET") &&
     pathname === "/friday-next/sessions/settings"

package/src/sse/emitter.ts

@@ -11,7 +11,8 @@ export type SseEventType =
   | "tool-hook"
   | "outbound"
   | "ping"
-  | "subagent";
+  | "subagent"
+  | "approval";
 
 export interface SseEvent {
   type: SseEventType;

package/dist/src/health/self-health.d.ts

@@ -1,39 +0,0 @@
-export interface SelfHealthOptions {
-    enabled: boolean;
-    checkIntervalMs: number;
-    selfHeal: boolean;
-}
-interface CheckResult {
-    name: string;
-    status: "ok" | "degraded" | "failed";
-    detail: string;
-}
-interface RepairAction {
-    component: string;
-    action: string;
-    result: "ok" | "failed" | "skipped";
-    detail: string;
-}
-export interface SelfHealthReport {
-    timestamp: number;
-    checks: CheckResult[];
-    repairs: RepairAction[];
-    overallStatus: "ok" | "degraded" | "failed";
-}
-export declare class HealthCheckRunner {
-    private timer;
-    private options;
-    constructor(options?: Partial<SelfHealthOptions>);
-    updateOptions(opts: Partial<SelfHealthOptions>): void;
-    start(_api: unknown): void;
-    stop(): void;
-    runCheck(): Promise<SelfHealthReport>;
-    private checkConfig;
-    private checkSseEmitter;
-    private checkActiveRuns;
-    private repairConfig;
-    private repairSseEmitter;
-}
-export declare function getHealthCheckRunner(): HealthCheckRunner;
-export declare function resetHealthCheckRunnerForTest(): void;
-export {};

package/dist/src/health/self-health.js

@@ -1,174 +0,0 @@
-import { resolveFridayNextConfig } from "../config.js";
-import { getHostOpenClawConfigSnapshot } from "../host-config.js";
-import { getFridayNextRuntime } from "../runtime.js";
-import { sseEmitter } from "../sse/emitter.js";
-import { getActiveRunCount } from "../agent/active-runs.js";
-import { createFridayNextLogger } from "../logging.js";
-const log = createFridayNextLogger("health-runner", "info");
-export class HealthCheckRunner {
-    timer = null;
-    options;
-    constructor(options = {}) {
-        this.options = {
-            enabled: options.enabled ?? true,
-            checkIntervalMs: options.checkIntervalMs ?? 60_000,
-            selfHeal: options.selfHeal ?? true,
-        };
-    }
-    updateOptions(opts) {
-        Object.assign(this.options, opts);
-    }
-    start(_api) {
-        this.stop();
-        if (!this.options.enabled) {
-            log.info("Self-health check disabled by config");
-            return;
-        }
-        log.info(`Starting self-health checks every ${this.options.checkIntervalMs}ms`);
-        this.timer = setInterval(() => {
-            this.runCheck().catch((err) => {
-                log.error(`Self-health check error: ${err instanceof Error ? err.message : String(err)}`);
-            });
-        }, this.options.checkIntervalMs);
-        if (this.timer && typeof this.timer.unref === "function") {
-            this.timer.unref();
-        }
-    }
-    stop() {
-        if (this.timer) {
-            clearInterval(this.timer);
-            this.timer = null;
-        }
-    }
-    async runCheck() {
-        const report = {
-            timestamp: Date.now(),
-            checks: [],
-            repairs: [],
-            overallStatus: "ok",
-        };
-        report.checks.push(this.checkConfig());
-        report.checks.push(this.checkSseEmitter());
-        report.checks.push(this.checkActiveRuns());
-        if (this.options.selfHeal) {
-            const configCheck = report.checks[0];
-            if (configCheck.status === "failed") {
-                report.repairs.push(await this.repairConfig());
-            }
-            const sseCheck = report.checks[1];
-            if (sseCheck.status === "failed") {
-                report.repairs.push(await this.repairSseEmitter());
-            }
-        }
-        const statuses = report.checks.map((c) => c.status);
-        if (statuses.includes("failed")) {
-            report.overallStatus = "failed";
-        }
-        else if (statuses.includes("degraded")) {
-            report.overallStatus = "degraded";
-        }
-        if (report.overallStatus !== "ok" || report.repairs.length > 0) {
-            log.warn(`Self-health result: ${report.overallStatus}, ` +
-                `checks=${report.checks.length}, repairs=${report.repairs.length}`);
-        }
-        return report;
-    }
-    checkConfig() {
-        try {
-            const runtime = getFridayNextRuntime();
-            if (!runtime?.config) {
-                return { name: "config", status: "failed", detail: "Runtime config loader not available" };
-            }
-            const cfg = resolveFridayNextConfig(getHostOpenClawConfigSnapshot(runtime.config));
-            if (!cfg.authToken) {
-                return { name: "config", status: "degraded", detail: "authToken is empty; all requests will 401" };
-            }
-            return { name: "config", status: "ok", detail: "Config resolved with authToken" };
-        }
-        catch (err) {
-            return {
-                name: "config",
-                status: "failed",
-                detail: `Config resolution error: ${err instanceof Error ? err.message : String(err)}`,
-            };
-        }
-    }
-    checkSseEmitter() {
-        try {
-            const connCount = sseEmitter.getConnectionCount();
-            return {
-                name: "sseEmitter",
-                status: "ok",
-                detail: `Active connections: ${connCount}`,
-            };
-        }
-        catch (err) {
-            return {
-                name: "sseEmitter",
-                status: "failed",
-                detail: `Emitter check error: ${err instanceof Error ? err.message : String(err)}`,
-            };
-        }
-    }
-    checkActiveRuns() {
-        try {
-            const count = getActiveRunCount();
-            return {
-                name: "activeRuns",
-                status: "ok",
-                detail: `Active runs: ${count}`,
-            };
-        }
-        catch (err) {
-            return {
-                name: "activeRuns",
-                status: "failed",
-                detail: `Active runs check error: ${err instanceof Error ? err.message : String(err)}`,
-            };
-        }
-    }
-    async repairConfig() {
-        try {
-            const runtime = getFridayNextRuntime();
-            if (!runtime?.config) {
-                return {
-                    component: "config",
-                    action: "re-resolve config",
-                    result: "failed",
-                    detail: "Runtime config loader not available",
-                };
-            }
-            resolveFridayNextConfig(getHostOpenClawConfigSnapshot(runtime.config));
-            return { component: "config", action: "re-resolve config", result: "ok", detail: "Config re-resolved" };
-        }
-        catch (err) {
-            return {
-                component: "config",
-                action: "re-resolve config",
-                result: "failed",
-                detail: err instanceof Error ? err.message : String(err),
-            };
-        }
-    }
-    async repairSseEmitter() {
-        return {
-            component: "sseEmitter",
-            action: "verify emitter",
-            result: "ok",
-            detail: "SSE emitter singleton is accessible",
-        };
-    }
-}
-let healthCheckRunner = null;
-export function getHealthCheckRunner() {
-    if (!healthCheckRunner) {
-        healthCheckRunner = new HealthCheckRunner();
-    }
-    return healthCheckRunner;
-}
-export function resetHealthCheckRunnerForTest() {
-    if (healthCheckRunner) {
-        healthCheckRunner.stop();
-        healthCheckRunner = null;
-    }
-}

package/dist/src/http/handlers/sessions-delete.d.ts

@@ -1,2 +0,0 @@
-import type { IncomingMessage, ServerResponse } from "node:http";
-export declare function handleSessionsDelete(req: IncomingMessage, res: ServerResponse): Promise<boolean>;

package/dist/src/http/handlers/sessions-delete.js

@@ -1,49 +0,0 @@
-import { deleteFridaySession, toSessionStoreKey } from "../../session/session-manager.js";
-import { getActiveRunIds } from "../../agent/active-runs.js";
-import { abortRun } from "../../agent/abort-run.js";
-import { getRunRoute } from "../../run-metadata.js";
-import { sseEmitter } from "../../sse/emitter.js";
-import { readJsonBody } from "../middleware/body.js";
-import { extractBearerToken } from "../middleware/auth.js";
-async function cancelActiveRunsForSession(sessionKey) {
-    const storeKey = toSessionStoreKey(sessionKey);
-    const cancelled = [];
-    for (const runId of getActiveRunIds()) {
-        const route = getRunRoute(runId);
-        if (route?.sessionKey === storeKey) {
-            await abortRun(runId);
-            sseEmitter.untrackRun(runId);
-            cancelled.push(runId);
-        }
-    }
-    return cancelled;
-}
-export async function handleSessionsDelete(req, res) {
-    if (req.method !== "DELETE") {
-        res.statusCode = 405;
-        res.setHeader("Content-Type", "application/json");
-        res.end(JSON.stringify({ error: "Method Not Allowed" }));
-        return true;
-    }
-    const token = extractBearerToken(req);
-    if (!token) {
-        res.statusCode = 401;
-        res.setHeader("Content-Type", "application/json");
-        res.end(JSON.stringify({ error: "Unauthorized: bearer token mismatch" }));
-        return true;
-    }
-    const body = await readJsonBody(req);
-    const sessionKey = typeof body?.sessionKey === "string" ? body.sessionKey.trim() : "";
-    if (!sessionKey) {
-        res.statusCode = 400;
-        res.setHeader("Content-Type", "application/json");
-        res.end(JSON.stringify({ error: "Missing required field: sessionKey" }));
-        return true;
-    }
-    const cancelledRuns = await cancelActiveRunsForSession(sessionKey);
-    const result = deleteFridaySession(sessionKey);
-    res.statusCode = 200;
-    res.setHeader("Content-Type", "application/json");
-    res.end(JSON.stringify({ ok: true, ...result, cancelledRuns }));
-    return true;
-}