@syengup/friday-channel-next 0.1.40 → 1.0.1

package/dist/src/sse/emitter.d.ts

@@ -1,5 +1,5 @@
 import type { ServerResponse } from "node:http";
-export type SseEventType = "connected" | "agent" | "deliver" | "tool-hook" | "outbound" | "ping" | "subagent";
+export type SseEventType = "connected" | "agent" | "deliver" | "tool-hook" | "outbound" | "ping" | "subagent" | "approval";
 export interface SseEvent {
     type: SseEventType;
     data: Record<string, unknown>;

package/index.ts

@@ -15,6 +15,7 @@ import { sseEmitter } from "./src/sse/emitter.js";
 import {
   forwardAgentEventRaw,
   getLastRegisteredFridayDeviceId,
+  isCodexRun,
   resolveFridayDeviceIdForSessionKey,
 } from "./src/friday-session.js";
 import { setFridayAgentForwardRuntime } from "./src/agent-forward-runtime.js";
@@ -22,6 +23,7 @@ import { setUpgradeRuntime } from "./src/upgrade-runtime.js";
 import { getOpenClawAgentRunContext } from "./src/agent-run-context-bridge.js";
 import { accumulateRunUsage } from "./src/agent/run-usage-accumulator.js";
 import { createFridayNextLogger } from "./src/logging.js";
+import { ensureCodexReasoningSummary } from "./src/codex-reasoning-config.js";
 
 const hookLogger = createFridayNextLogger("hook");
 
@@ -63,6 +65,38 @@ function isFridaySessionKey(sk: string): boolean {
   return /^friday-next-/i.test(sk) || /^agent:main:friday-next-/i.test(sk);
 }
 
+/** Shell/exec-style tools whose stdout the app renders as a `command_output` row (A3). */
+const COMMAND_TOOL_NAMES = new Set([
+  "exec",
+  "bash",
+  "shell",
+  "local_shell",
+  "command",
+  "process",
+  "run_terminal_cmd",
+]);
+
+function isCommandTool(toolName: unknown): boolean {
+  return typeof toolName === "string" && COMMAND_TOOL_NAMES.has(toolName.trim().toLowerCase());
+}
+
+/** Best-effort flatten of an after-hook tool result into the stdout string the app expects. */
+function coerceCommandOutput(result: unknown): string {
+  if (typeof result === "string") return result;
+  if (result && typeof result === "object") {
+    const r = result as Record<string, unknown>;
+    for (const key of ["output", "stdout", "text"]) {
+      if (typeof r[key] === "string") return r[key] as string;
+    }
+    try {
+      return JSON.stringify(result);
+    } catch {
+      return "";
+    }
+  }
+  return result == null ? "" : String(result);
+}
+
 function shouldForwardToolEventToFriday(ctx: PluginHookToolContext): boolean {
   if (ctx.runId) {
     if (sseEmitter.getDeviceIdByRunId(ctx.runId)) return true;
@@ -134,6 +168,10 @@ export default defineChannelPluginEntry({
     }
     fridayNextToolHooksRegistered = true;
 
+    // Make Codex (ChatGPT/OAuth) models emit reasoning summary text so the app can stream
+    // "thinking". OpenClaw never sets this; we assert it on the plugin side. Best-effort.
+    ensureCodexReasoningSummary((msg) => hookLogger.info(msg));
+
     api.on("subagent_delivery_target", (event: any) => {
       if (!event.expectsCompletionMessage) return;
       const ch = event.requesterOrigin?.channel?.trim().toLowerCase();
@@ -219,6 +257,29 @@ export default defineChannelPluginEntry({
           ts: Date.now(),
         },
       });
+
+      // A3: the Codex app-server backend never puts exec stdout on the `command_output` stream
+      // (its tool result carries only exitCode/duration), so the app shows the command row with no
+      // output. The after-hook DOES carry the full stdout — synthesize a `command_output` end event
+      // keyed by toolCallId (== the forwarded `item kind:command` itemId) so the app attaches it.
+      // Codex-only: embedded runs already stream `command_output` on the bus.
+      if (isCodexRun(runId) && event.toolCallId && isCommandTool(event.toolName)) {
+        const output = coerceCommandOutput(event.result);
+        if (output) {
+          forwardAgentEventRaw({
+            runId,
+            stream: "command_output",
+            data: {
+              itemId: event.toolCallId,
+              phase: "end",
+              output,
+              status: event.error ? "failed" : "completed",
+              durationMs: event.durationMs ?? null,
+            },
+            sessionKey: ctx.sessionKey,
+          });
+        }
+      }
     });
   },
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@syengup/friday-channel-next",
-  "version": "0.1.40",
+  "version": "1.0.1",
   "description": "OpenClaw Friday Next Apple channel plugin",
   "license": "MIT",
   "type": "module",
@@ -12,6 +12,19 @@
     "tsconfig.json",
     "openclaw.plugin.json"
   ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "lint": "eslint .",
+    "lint:fix": "eslint . --fix",
+    "format": "prettier --write .",
+    "format:check": "prettier --check .",
+    "prepublishOnly": "pnpm build && rm -rf dist/attachments",
+    "test": "npm run test:unit && npm run test:e2e",
+    "test:unit": "vitest run",
+    "test:e2e": "vitest run --config vitest.e2e.config.ts",
+    "test:smoke": "node scripts/e2e-smoke.mjs",
+    "test:msg-live": "node scripts/message-roundtrip-live.mjs"
+  },
   "bin": {
     "friday-channel-next": "install.js"
   },
@@ -62,17 +75,5 @@
     "typescript-eslint": "^8.61.1",
     "vitest": "^4.1.5",
     "zod": "^4.3.6"
-  },
-  "scripts": {
-    "build": "tsc -p tsconfig.json",
-    "lint": "eslint .",
-    "lint:fix": "eslint . --fix",
-    "format": "prettier --write .",
-    "format:check": "prettier --check .",
-    "test": "npm run test:unit && npm run test:e2e",
-    "test:unit": "vitest run",
-    "test:e2e": "vitest run --config vitest.e2e.config.ts",
-    "test:smoke": "node scripts/e2e-smoke.mjs",
-    "test:msg-live": "node scripts/message-roundtrip-live.mjs"
   }
-}
+}

package/src/approval/friday-approval-capability.test.ts

@@ -0,0 +1,78 @@
+import { describe, expect, it } from "vitest";
+import { buildPayload } from "./friday-approval-capability.js";
+
+const execView = {
+  approvalId: "exec:abc",
+  approvalKind: "exec",
+  title: "Codex command approval",
+  commandText: "curl -sS https://example.com",
+  commandPreview: "curl ...",
+  cwd: "/ws",
+  host: "sandbox",
+  metadata: [{ label: "Severity", value: "Warning" }],
+  actions: [
+    { decision: "allow-once", label: "Allow Once", style: "primary" },
+    { decision: "deny", label: "Deny", style: "danger" },
+  ],
+  expiresAtMs: 123,
+};
+
+const pluginView = {
+  approvalId: "plugin:xyz",
+  approvalKind: "plugin",
+  title: "Codex app-server command approval",
+  description: "Command: curl ...",
+  toolName: "codex_command_approval",
+  severity: "warning",
+  metadata: [{ label: "Tool", value: "codex_command_approval" }],
+  actions: [{ decision: "allow-always", label: "Allow Always", style: "secondary" }],
+  expiresAtMs: 456,
+};
+
+const reqWith = (sessionKey: string) => ({ request: { sessionKey } });
+
+describe("buildPayload", () => {
+  it("maps an exec approval view (command/cwd/host + actions)", () => {
+    const p = buildPayload({
+      op: "request",
+      view: execView,
+      request: reqWith("agent:main:fridaynext:s1"),
+      deviceId: "DEV1",
+    });
+    expect(p.op).toBe("request");
+    expect(p.kind).toBe("exec");
+    expect(p.approvalId).toBe("exec:abc");
+    expect(p.commandText).toBe("curl -sS https://example.com");
+    expect(p.cwd).toBe("/ws");
+    expect(p.host).toBe("sandbox");
+    expect(p.actions.map((a) => a.decision)).toEqual(["allow-once", "deny"]);
+    expect(p.sessionKey).toBe("agent:main:fridaynext:s1");
+    expect(p.deviceId).toBe("DEV1");
+    expect(p.expiresAtMs).toBe(123);
+  });
+
+  it("maps a plugin approval view (toolName/severity/description)", () => {
+    const p = buildPayload({
+      op: "request",
+      view: pluginView,
+      request: reqWith("agent:main:fridaynext:s2"),
+      deviceId: "DEV2",
+    });
+    expect(p.kind).toBe("plugin");
+    expect(p.toolName).toBe("codex_command_approval");
+    expect(p.severity).toBe("warning");
+    expect(p.description).toBe("Command: curl ...");
+    expect(p.actions[0].decision).toBe("allow-always");
+    expect(p.commandText).toBeNull();
+  });
+
+  it("defaults missing fields without throwing", () => {
+    const p = buildPayload({ op: "expired", view: {}, request: {}, deviceId: "D" });
+    expect(p.op).toBe("expired");
+    expect(p.kind).toBe("exec");
+    expect(p.approvalId).toBe("");
+    expect(p.actions).toEqual([]);
+    expect(p.metadata).toEqual([]);
+    expect(p.sessionKey).toBeNull();
+  });
+});

package/src/approval/friday-approval-capability.ts

@@ -0,0 +1,227 @@
+// Friday Next exec/plugin approval capability.
+//
+// Lets the Friday app receive tool-execution approval REQUESTS (e.g. a Codex model wanting to run a
+// shell command that needs confirmation) and submit allow/deny DECISIONS — instead of those
+// approvals only reaching the gateway's built-in ControlUI.
+//
+// Model: unlike Slack (a separate approver list authorized per-account), friday-next uses a
+// device-owner model — the device that owns the originating session is the approver. HTTP requests
+// already carry the channel bearer token, so per-sender authorization happens at the route layer;
+// here we only resolve WHICH device a request belongs to (its session's device) and deliver the
+// prompt there over SSE. The decision round-trips via POST /friday-next/approvals/{id}.
+//
+// We intentionally do NOT set a `delivery.shouldSuppressForwardingFallback` adapter, so enabling
+// this stays additive: ControlUI keeps working as a fallback while the app surface is the primary.
+
+import { createChannelApprovalNativeRuntimeAdapter } from "openclaw/plugin-sdk/approval-handler-runtime";
+import type { ChannelApprovalCapability } from "openclaw/plugin-sdk/channel-contract";
+import { sseEmitter } from "../sse/emitter.js";
+import { resolveFridayDeviceIdForSessionKey } from "../friday-session.js";
+import { createFridayNextLogger } from "../logging.js";
+
+const logger = createFridayNextLogger("approval");
+
+/** SSE payload the app receives for an approval lifecycle event. `op` is the phase. */
+export interface FridayApprovalPayload {
+  op: "request" | "resolved" | "expired";
+  approvalId: string;
+  kind: "exec" | "plugin";
+  title: string;
+  description?: string | null;
+  // exec
+  commandText?: string | null;
+  commandPreview?: string | null;
+  cwd?: string | null;
+  host?: string | null;
+  // plugin
+  toolName?: string | null;
+  severity?: string | null;
+  metadata: { label: string; value: string }[];
+  actions: { decision: string; label: string; style: string }[];
+  expiresAtMs?: number | null;
+  decision?: string | null;
+  resolvedBy?: string | null;
+  sessionKey?: string | null;
+  runId?: string | null;
+  deviceId: string;
+  ts: number;
+}
+
+interface PreparedTarget {
+  deviceId: string;
+}
+interface PendingEntry {
+  deviceId: string;
+  approvalId: string;
+}
+
+/** Pull the originating sessionKey out of an exec/plugin approval request (`request.request.*`). */
+function sessionKeyOf(request: unknown): string | undefined {
+  const inner = (request as { request?: { sessionKey?: unknown } } | undefined)?.request;
+  const sk = inner?.sessionKey;
+  return typeof sk === "string" && sk.trim() ? sk.trim() : undefined;
+}
+
+/** Resolve the friday device that owns this approval's session, if any. */
+function deviceForRequest(request: unknown): string | undefined {
+  const sk = sessionKeyOf(request);
+  if (!sk) return undefined;
+  const dev = resolveFridayDeviceIdForSessionKey(sk);
+  return dev ? dev.toUpperCase() : undefined;
+}
+
+/** Build the normalized app payload from a pending/resolved/expired approval view. */
+export function buildPayload(params: {
+  op: FridayApprovalPayload["op"];
+  view: Record<string, unknown>;
+  request: unknown;
+  deviceId: string;
+}): FridayApprovalPayload {
+  const { op, view, request, deviceId } = params;
+  const str = (v: unknown): string | null => (typeof v === "string" ? v : null);
+  const num = (v: unknown): number | null => (typeof v === "number" ? v : null);
+  const actionsRaw = Array.isArray(view.actions) ? (view.actions as Record<string, unknown>[]) : [];
+  const metaRaw = Array.isArray(view.metadata) ? (view.metadata as Record<string, unknown>[]) : [];
+  return {
+    op,
+    approvalId: str(view.approvalId) ?? "",
+    kind: view.approvalKind === "plugin" ? "plugin" : "exec",
+    title: str(view.title) ?? "",
+    description: str(view.description),
+    commandText: str(view.commandText),
+    commandPreview: str(view.commandPreview),
+    cwd: str(view.cwd),
+    host: str(view.host),
+    toolName: str(view.toolName),
+    severity: str(view.severity),
+    metadata: metaRaw.map((m) => ({ label: str(m.label) ?? "", value: str(m.value) ?? "" })),
+    actions: actionsRaw.map((a) => ({
+      decision: str(a.decision) ?? "",
+      label: str(a.label) ?? "",
+      style: str(a.style) ?? "secondary",
+    })),
+    expiresAtMs: num(view.expiresAtMs),
+    decision: str(view.decision),
+    resolvedBy: str(view.resolvedBy),
+    sessionKey: sessionKeyOf(request) ?? null,
+    runId: sseEmitter.getLastRunIdForDevice(deviceId),
+    deviceId,
+    ts: Date.now(),
+  };
+}
+
+function emitApproval(deviceId: string, payload: FridayApprovalPayload): void {
+  sseEmitter.broadcast({ type: "approval", data: { ...payload } }, deviceId, true);
+}
+
+const fridayApprovalNativeRuntime = createChannelApprovalNativeRuntimeAdapter<
+  FridayApprovalPayload,
+  PreparedTarget,
+  PendingEntry,
+  never,
+  FridayApprovalPayload
+>({
+  eventKinds: ["exec", "plugin"],
+  availability: {
+    isConfigured: () => true,
+    shouldHandle: ({ request }) => deviceForRequest(request) !== undefined,
+  },
+  presentation: {
+    buildPendingPayload: ({ request, view }) => {
+      const deviceId = deviceForRequest(request) ?? "";
+      return buildPayload({
+        op: "request",
+        view: view as unknown as Record<string, unknown>,
+        request,
+        deviceId,
+      });
+    },
+    buildResolvedResult: ({ request, view }) => {
+      const deviceId = deviceForRequest(request) ?? "";
+      return {
+        kind: "update",
+        payload: buildPayload({
+          op: "resolved",
+          view: view as unknown as Record<string, unknown>,
+          request,
+          deviceId,
+        }),
+      };
+    },
+    buildExpiredResult: ({ request, view }) => {
+      const deviceId = deviceForRequest(request) ?? "";
+      return {
+        kind: "update",
+        payload: buildPayload({
+          op: "expired",
+          view: view as unknown as Record<string, unknown>,
+          request,
+          deviceId,
+        }),
+      };
+    },
+  },
+  transport: {
+    prepareTarget: ({ plannedTarget, request }) => {
+      const planned =
+        typeof plannedTarget?.target?.to === "string" && plannedTarget.target.to.trim()
+          ? plannedTarget.target.to.trim().toUpperCase()
+          : undefined;
+      const deviceId = planned ?? deviceForRequest(request);
+      if (!deviceId) return null;
+      return { dedupeKey: `friday-approval:${deviceId}`, target: { deviceId } };
+    },
+    deliverPending: ({ preparedTarget, pendingPayload }) => {
+      const deviceId = preparedTarget.deviceId;
+      logger.info(`deliver approval ${pendingPayload.approvalId} kind=${pendingPayload.kind} -> ${deviceId}`);
+      emitApproval(deviceId, { ...pendingPayload, deviceId });
+      return { deviceId, approvalId: pendingPayload.approvalId };
+    },
+    updateEntry: async ({ entry, payload }) => {
+      emitApproval(entry.deviceId, { ...payload, deviceId: entry.deviceId });
+    },
+    deleteEntry: async ({ entry, phase }) => {
+      emitApproval(entry.deviceId, {
+        op: phase === "resolved" ? "resolved" : "expired",
+        approvalId: entry.approvalId,
+        kind: "exec",
+        title: "",
+        metadata: [],
+        actions: [],
+        deviceId: entry.deviceId,
+        ts: Date.now(),
+      });
+    },
+  },
+  observe: {
+    onDeliveryError: ({ error }) => {
+      logger.warn(`approval delivery failed: ${String(error)}`);
+    },
+  },
+});
+
+/**
+ * friday-next approval capability. `native` declares delivery to the originating device's session;
+ * `nativeRuntime` builds the app payload and ferries it over SSE. No `delivery` suppressor → additive
+ * with ControlUI.
+ */
+export const fridayApprovalCapability: ChannelApprovalCapability = {
+  native: {
+    describeDeliveryCapabilities: ({ request }) => {
+      const enabled = deviceForRequest(request) !== undefined;
+      return {
+        enabled,
+        preferredSurface: "origin",
+        supportsOriginSurface: true,
+        supportsApproverDmSurface: false,
+      };
+    },
+    resolveOriginTarget: ({ request }) => {
+      const deviceId = deviceForRequest(request);
+      return deviceId ? { to: deviceId } : null;
+    },
+  },
+  // Cast widens the parameterized adapter to the field's `unknown`-typed shape (function-param
+  // contravariance). Same escape hatch Slack uses for its lazy runtime adapter.
+  nativeRuntime: fridayApprovalNativeRuntime as unknown as ChannelApprovalCapability["nativeRuntime"],
+};

package/src/channel.ts

@@ -10,6 +10,9 @@ import os from "node:os";
 import path from "node:path";
 import { createChatChannelPlugin } from "openclaw/plugin-sdk/core";
 import { waitUntilAbort } from "openclaw/plugin-sdk/channel-lifecycle";
+import { registerChannelRuntimeContext } from "openclaw/plugin-sdk/channel-runtime-context";
+import { CHANNEL_APPROVAL_NATIVE_RUNTIME_CONTEXT_CAPABILITY } from "openclaw/plugin-sdk/approval-handler-adapter-runtime";
+import type { ChannelGatewayContext } from "openclaw/plugin-sdk/channel-contract";
 import { createFridayNextLogger } from "./logging.js";
 import type { ChannelAccountSnapshot } from "openclaw/plugin-sdk/status-helpers";
 import { saveMediaBuffer } from "openclaw/plugin-sdk/media-store";
@@ -24,6 +27,7 @@ import {
 } from "./friday-session.js";
 import { getRunRoute } from "./run-metadata.js";
 import { getLastFridayInboundAt } from "./friday-inbound-stats.js";
+import { fridayApprovalCapability } from "./approval/friday-approval-capability.js";
 
 const logger = createFridayNextLogger("channel");
 const CHANNEL_ID = "friday-next" as const;
@@ -113,7 +117,22 @@ const fridayLifecycle = {
  * (reload/shutdown) so the channel stays `running:true` and continuously deliverable.
  */
 const fridayGateway = {
-  startAccount: async (ctx: { abortSignal: AbortSignal }): Promise<void> => {
+  startAccount: async (ctx: ChannelGatewayContext): Promise<void> => {
+    // Activate exec/plugin approval delivery to the app. The gateway's approval-handler bootstrap
+    // only wires up our `approvalCapability` once the channel registers an "approval.native" runtime
+    // context (the registration event is the gate — without it approvals silently skip friday-next
+    // and only reach ControlUI). friday-next's nativeRuntime needs no per-account state — it resolves
+    // the target device from each request's sessionKey via global singletons — so context is empty.
+    if (ctx.channelRuntime) {
+      registerChannelRuntimeContext({
+        channelRuntime: ctx.channelRuntime,
+        channelId: CHANNEL_ID,
+        accountId: ctx.accountId,
+        capability: CHANNEL_APPROVAL_NATIVE_RUNTIME_CONTEXT_CAPABILITY,
+        context: {},
+        abortSignal: ctx.abortSignal,
+      });
+    }
     await waitUntilAbort(ctx.abortSignal);
   },
 };
@@ -342,3 +361,8 @@ export const fridayNextChannelPlugin = createChatChannelPlugin({
     },
   },
 });
+
+// Attach exec/plugin approval delivery to the app. `createChatChannelPlugin` has no config slot for
+// it, so it's set on the returned plugin object; setting it auto-registers the native approval
+// handler via the gateway's approval bootstrap. Additive with ControlUI (no forwarding suppressor).
+fridayNextChannelPlugin.approvalCapability = fridayApprovalCapability;

package/src/codex-reasoning-config.test.ts

@@ -0,0 +1,28 @@
+import { describe, expect, it } from "vitest";
+import { hasTopLevelSummaryKey } from "./codex-reasoning-config.js";
+
+describe("hasTopLevelSummaryKey", () => {
+  it("returns true when the key is a top-level entry", () => {
+    expect(hasTopLevelSummaryKey('model_reasoning_summary = "detailed"\n')).toBe(true);
+    expect(
+      hasTopLevelSummaryKey('model_reasoning_summary = "auto"\n\n[projects."/x"]\ntrust_level = "trusted"\n'),
+    ).toBe(true);
+  });
+
+  it("returns false when the file has no key", () => {
+    expect(hasTopLevelSummaryKey("")).toBe(false);
+    expect(hasTopLevelSummaryKey('[projects."/x"]\ntrust_level = "trusted"\n')).toBe(false);
+  });
+
+  it("treats a key nested under a [section] as NOT top-level (TOML scoping)", () => {
+    // This is the trap: appended after a table header the key belongs to that table, so Codex
+    // ignores it. Must be reported as absent so the caller prepends a real top-level key.
+    const nested = '[projects."/x"]\ntrust_level = "trusted"\nmodel_reasoning_summary = "detailed"\n';
+    expect(hasTopLevelSummaryKey(nested)).toBe(false);
+  });
+
+  it("ignores commented or partial matches", () => {
+    expect(hasTopLevelSummaryKey('# model_reasoning_summary = "detailed"\n')).toBe(false);
+    expect(hasTopLevelSummaryKey("model_reasoning_summary_extra = 1\n")).toBe(false);
+  });
+});

package/src/codex-reasoning-config.ts

@@ -0,0 +1,82 @@
+// Ensures the Codex app-server backend emits reasoning *summary* text so Friday can stream it.
+//
+// Background: OpenAI models authenticated via ChatGPT/OAuth run through OpenClaw's Codex
+// app-server backend. That backend sends `reasoning_effort` per turn but never requests a
+// reasoning summary, and OpenClaw exposes no `openclaw.json` lever for it. Without a summary the
+// model's reasoning stays encrypted (`encrypted_content`) and no reasoning text reaches the
+// channel — so the Friday app shows no streaming "thinking" for Codex models.
+//
+// The only switch that makes Codex return summary text is the Codex CLI's own
+// `model_reasoning_summary` key in `~/.openclaw/agents/<id>/agent/codex-home/config.toml`.
+// We keep the fix on the plugin side by asserting that key on activation (idempotently, for every
+// agent that has a codex-home), so it survives OpenClaw rewrites of that file across restarts.
+
+import { existsSync, mkdirSync, readFileSync, readdirSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+
+const CONFIG_KEY = "model_reasoning_summary";
+// "detailed" is the value verified end-to-end (reasoning streamed to the app). Codex also accepts
+// "auto"/"concise"; tune here if the summaries feel too verbose.
+const SUMMARY_VALUE = "detailed";
+
+function resolveOpenClawHome(): string {
+  const env = process.env.OPENCLAW_HOME?.trim();
+  return env && env.length > 0 ? env : join(homedir(), ".openclaw");
+}
+
+/**
+ * True if a top-level `model_reasoning_summary` key already exists. TOML scoping matters: a key is
+ * only top-level (and thus honored by Codex) if it appears before the first `[section]` header, so
+ * we stop scanning at the first table header.
+ */
+export function hasTopLevelSummaryKey(content: string): boolean {
+  for (const raw of content.split(/\r?\n/)) {
+    const line = raw.trim();
+    if (line.startsWith("[")) break;
+    if (new RegExp(`^${CONFIG_KEY}\\s*=`).test(line)) return true;
+  }
+  return false;
+}
+
+function ensureKeyInCodexHome(codexHome: string): "added" | "present" | "skip" {
+  const configPath = join(codexHome, "config.toml");
+  const header = `${CONFIG_KEY} = "${SUMMARY_VALUE}"\n`;
+  if (!existsSync(configPath)) {
+    writeFileSync(configPath, header, "utf8");
+    return "added";
+  }
+  const content = readFileSync(configPath, "utf8");
+  if (hasTopLevelSummaryKey(content)) return "present";
+  // Prepend so the key stays top-level even if the file starts with a `[section]` table.
+  writeFileSync(configPath, `${header}\n${content}`, "utf8");
+  return "added";
+}
+
+/**
+ * Best-effort: ensure every agent's Codex config requests a reasoning summary. Never throws —
+ * activation must not fail because of a config write. `log` receives a one-line summary per change.
+ */
+export function ensureCodexReasoningSummary(log: (msg: string) => void): void {
+  try {
+    const agentsDir = join(resolveOpenClawHome(), "agents");
+    if (!existsSync(agentsDir)) return;
+    for (const agentId of readdirSync(agentsDir)) {
+      const codexHome = join(agentsDir, agentId, "agent", "codex-home");
+      // Only touch agents Codex has actually initialized (codex-home exists). New agents are
+      // picked up on the next activation/restart.
+      if (!existsSync(codexHome)) continue;
+      try {
+        mkdirSync(codexHome, { recursive: true });
+        const result = ensureKeyInCodexHome(codexHome);
+        if (result === "added") {
+          log(`codex reasoning summary enabled (agent=${agentId})`);
+        }
+      } catch (err) {
+        log(`codex reasoning summary write failed (agent=${agentId}): ${String(err)}`);
+      }
+    }
+  } catch (err) {
+    log(`codex reasoning summary ensure failed: ${String(err)}`);
+  }
+}

package/src/friday-session.forward-agent.test.ts

@@ -139,6 +139,56 @@ describe("forwardAgentEventRaw (thinking delta rewrite)", () => {
     expect(third.delta).toBe(t1);
   });
 
+  it("translates a Codex preamble item (progressText) into streamed thinking deltas", () => {
+    // Newer OpenClaw cores stopped invoking dispatch onReasoningStream for Codex and instead
+    // stream the reasoning summary on the agent-event bus as item/preamble with cumulative
+    // progressText. We translate it back into stream:"thinking" so the app renders it.
+    forwardAgentEventRaw({
+      runId,
+      seq: 1,
+      stream: "item",
+      sessionKey,
+      data: { kind: "preamble", source: "codex-app-server", phase: "update", progressText: "先把" },
+    });
+    forwardAgentEventRaw({
+      runId,
+      seq: 2,
+      stream: "item",
+      sessionKey,
+      data: {
+        kind: "preamble",
+        source: "codex-app-server",
+        phase: "update",
+        progressText: "先把标准",
+      },
+    });
+
+    const thinking = (sseEmitter.broadcastToRun as ReturnType<typeof vi.fn>).mock.calls
+      .map((c) => c[1].data)
+      .filter((d: { stream?: string }) => d.stream === "thinking");
+    expect(thinking).toHaveLength(2);
+    expect(thinking[0].data.text).toBe("先把");
+    expect(thinking[0].data.delta).toBe("先把");
+    expect(thinking[0].data.reasoningPrefixChars).toBe(0);
+    expect(thinking[1].data.text).toBe("先把标准");
+    expect(thinking[1].data.delta).toBe("标准");
+    expect(thinking[1].data.reasoningPrefixChars).toBe(2);
+  });
+
+  it("does not translate preamble items from a non-Codex source", () => {
+    forwardAgentEventRaw({
+      runId,
+      seq: 1,
+      stream: "item",
+      sessionKey,
+      data: { kind: "preamble", source: "something-else", progressText: "x" },
+    });
+    const thinking = (sseEmitter.broadcastToRun as ReturnType<typeof vi.fn>).mock.calls
+      .map((c) => c[1].data)
+      .filter((d: { stream?: string }) => d.stream === "thinking");
+    expect(thinking).toHaveLength(0);
+  });
+
   it("merges run metadata into lifecycle.end (model, tokens, context usage)", () => {
     forwardAgentEventRaw({
       runId,