@xenon-device-management/xenon 1.2.0 → 1.3.0

package/lib/src/services/AIService.js

@@ -54,6 +54,7 @@ const logger_1 = __importDefault(require("../logger"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const config_1 = require("../config");
+const CircuitBreaker_1 = require("./CircuitBreaker");
 class GeminiProvider {
     constructor(apiKey, modelName) {
         this.genAI = new generative_ai_1.GoogleGenerativeAI(apiKey.trim());
@@ -222,6 +223,29 @@ class AIService {
         this.isMock = false;
         this.initializeProvider();
     }
+    // Key the breaker by provider + resolved model name so a misbehaving model
+    // (rate-limited preview tier, deprecated snapshot) doesn't trip sibling
+    // models on the same provider. Falls back to 'default' if model unresolved.
+    breakerKey() {
+        const provider = config_1.config.aiProvider || 'unknown';
+        const model = provider === 'gemini'
+            ? config_1.config.geminiModel
+            : provider === 'openai'
+                ? config_1.config.openaiModel
+                : provider === 'anthropic'
+                    ? config_1.config.anthropicModel
+                    : provider === 'ollama'
+                        ? config_1.config.ollamaModel
+                        : config_1.config.aiModel;
+        return `ai:${provider}:${model || 'default'}`;
+    }
+    // Single choke point for every LLM call so circuit-breaker state is shared
+    // across analyzeFailure / visualFind / healLocator.
+    callProvider(prompt, screenshotBase64) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return CircuitBreaker_1.CIRCUIT_BREAKERS.execute(this.breakerKey(), () => this.provider.analyze(prompt, screenshotBase64));
+        });
+    }
     initializeProvider() {
         const providerType = config_1.config.aiProvider;
         const genericModel = config_1.config.aiModel;
@@ -281,12 +305,17 @@ Fix: Add a pre-emptive check for the location permission dialog or use the \`aut
             try {
                 const prompt = this.constructPrompt(context);
                 const screenshotBase64 = this.getScreenshotBase64(context.screenshotPath);
-                const text = yield this.provider.analyze(prompt, screenshotBase64 || undefined);
+                const text = yield this.callProvider(prompt, screenshotBase64 || undefined);
                 logger_1.default.info(`[AIService] Analysis complete for ${context.sessionId}`);
                 return text;
             }
             catch (err) {
-                logger_1.default.error(`[AIService] Analysis failed: ${err.message}`);
+                if (err instanceof CircuitBreaker_1.CircuitOpenError) {
+                    logger_1.default.debug(`[AIService] Analysis skipped: ${err.message}`);
+                }
+                else {
+                    logger_1.default.error(`[AIService] Analysis failed: ${err.message}`);
+                }
                 return null;
             }
         });
@@ -307,13 +336,16 @@ Fix: Add a pre-emptive check for the location permission dialog or use the \`aut
             Instructions: Look at the provided screenshot and find the exact center of the specified element.
         `;
             try {
-                const response = yield this.provider.analyze(prompt, screenshotBase64);
+                const response = yield this.callProvider(prompt, screenshotBase64);
                 const data = JSON.parse(response.replace(/```json|```/g, '').trim());
                 return data;
             }
             catch (err) {
-                // Log service unavailability at debug level (expected), other errors at warn level
-                if (((_a = err.message) === null || _a === void 0 ? void 0 : _a.includes('unavailable')) || ((_b = err.response) === null || _b === void 0 ? void 0 : _b.status) === 404) {
+                // Log service unavailability / tripped breaker at debug level (expected);
+                // genuine errors at warn.
+                if (err instanceof CircuitBreaker_1.CircuitOpenError ||
+                    ((_a = err.message) === null || _a === void 0 ? void 0 : _a.includes('unavailable')) ||
+                    ((_b = err.response) === null || _b === void 0 ? void 0 : _b.status) === 404) {
                     logger_1.default.debug(`[AIService] visualFind skipped: ${err.message}`);
                 }
                 else {
@@ -350,13 +382,16 @@ Fix: Add a pre-emptive check for the location permission dialog or use the \`aut
             Response Format: JSON only, strictly { "recommendedXpath": "string", "reason": "string" }.
         `;
             try {
-                const response = yield this.provider.analyze(prompt, context.screenshotBase64);
+                const response = yield this.callProvider(prompt, context.screenshotBase64);
                 const data = JSON.parse(response.replace(/```json|```/g, '').trim());
                 return data;
             }
             catch (err) {
-                // Log service unavailability at debug level (expected), other errors at warn level
-                if (((_a = err.message) === null || _a === void 0 ? void 0 : _a.includes('unavailable')) || ((_b = err.response) === null || _b === void 0 ? void 0 : _b.status) === 404) {
+                // Log service unavailability / tripped breaker at debug level (expected);
+                // genuine errors at warn.
+                if (err instanceof CircuitBreaker_1.CircuitOpenError ||
+                    ((_a = err.message) === null || _a === void 0 ? void 0 : _a.includes('unavailable')) ||
+                    ((_b = err.response) === null || _b === void 0 ? void 0 : _b.status) === 404) {
                     logger_1.default.debug(`[AIService] healLocator skipped: ${err.message}`);
                 }
                 else {

package/lib/src/services/ApiKeyService.js

@@ -0,0 +1,102 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApiKeyService = void 0;
+const typedi_1 = require("typedi");
+const crypto_1 = __importDefault(require("crypto"));
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const prisma_1 = require("../prisma");
+const logger_1 = __importDefault(require("../logger"));
+let ApiKeyService = class ApiKeyService {
+    constructor() {
+        this.log = logger_1.default.scope('ApiKey');
+    }
+    hash(raw) {
+        return crypto_1.default.createHash('sha256').update(raw).digest('hex');
+    }
+    generateRaw() {
+        return crypto_1.default.randomBytes(32).toString('hex');
+    }
+    bootstrapIfEmpty(keyFilePath) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const count = yield prisma_1.prisma.apiKey.count();
+            if (count > 0)
+                return null;
+            const raw = this.generateRaw();
+            const keyHash = this.hash(raw);
+            fs_1.default.mkdirSync(path_1.default.dirname(keyFilePath), { recursive: true });
+            fs_1.default.writeFileSync(keyFilePath, raw + '\n', { mode: 0o600 });
+            yield prisma_1.prisma.apiKey.create({
+                data: {
+                    name: 'bootstrap',
+                    keyHash,
+                    scopes: 'admin',
+                    rateLimit: 300,
+                },
+            });
+            this.log.warn(`No API keys found. Bootstrap key written to ${keyFilePath}. Rotate within 24h via POST /xenon/api/apikeys.`);
+            return raw;
+        });
+    }
+    verify(raw) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!raw)
+                return null;
+            const row = yield prisma_1.prisma.apiKey.findUnique({ where: { keyHash: this.hash(raw) } });
+            if (!row || row.revokedAt)
+                return null;
+            prisma_1.prisma.apiKey
+                .update({ where: { id: row.id }, data: { lastUsedAt: new Date() } })
+                .catch(() => undefined);
+            return row;
+        });
+    }
+    hasScope(row, required) {
+        const owned = new Set(row.scopes.split(',').map((s) => s.trim()));
+        if (owned.has('admin'))
+            return true;
+        return required.some((r) => owned.has(r));
+    }
+    create(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const raw = this.generateRaw();
+            const row = yield prisma_1.prisma.apiKey.create({
+                data: {
+                    name: params.name,
+                    keyHash: this.hash(raw),
+                    scopes: params.scopes.join(','),
+                    rateLimit: (_a = params.rateLimit) !== null && _a !== void 0 ? _a : 300,
+                },
+            });
+            return { id: row.id, raw };
+        });
+    }
+    revoke(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield prisma_1.prisma.apiKey.update({ where: { id }, data: { revokedAt: new Date() } });
+        });
+    }
+};
+exports.ApiKeyService = ApiKeyService;
+exports.ApiKeyService = ApiKeyService = __decorate([
+    (0, typedi_1.Service)()
+], ApiKeyService);

package/lib/src/services/CircuitBreaker.js

@@ -0,0 +1,158 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CIRCUIT_BREAKERS = exports.CircuitOpenError = void 0;
+exports.isTransientFailure = isTransientFailure;
+const logger_1 = __importDefault(require("../logger"));
+class CircuitOpenError extends Error {
+    constructor(key, retryAfterMs) {
+        super(`Circuit open for '${key}'; retry in ${retryAfterMs}ms`);
+        this.name = 'CircuitOpenError';
+        this.key = key;
+        this.retryAfterMs = retryAfterMs;
+    }
+}
+exports.CircuitOpenError = CircuitOpenError;
+class Breaker {
+    constructor(key, opts) {
+        this.key = key;
+        this.opts = opts;
+        this.state = 'closed';
+        this.consecutiveFailures = 0;
+        this.openedAt = 0;
+    }
+    // Returns whether the next request should go through. Transitions open ->
+    // half_open here if the cooldown has elapsed — caller gets exactly one
+    // probe attempt which then drives the closed/open decision.
+    admit() {
+        if (this.state === 'closed' || this.state === 'half_open') {
+            return { allowed: true };
+        }
+        const elapsed = Date.now() - this.openedAt;
+        if (elapsed >= this.opts.openDurationMs) {
+            this.state = 'half_open';
+            logger_1.default.info(`[CircuitBreaker] ${this.key} -> half_open (cooldown elapsed)`);
+            return { allowed: true };
+        }
+        return { allowed: false, retryAfterMs: this.opts.openDurationMs - elapsed };
+    }
+    recordSuccess() {
+        const wasRecovering = this.state !== 'closed';
+        this.state = 'closed';
+        this.consecutiveFailures = 0;
+        if (wasRecovering) {
+            logger_1.default.info(`[CircuitBreaker] ${this.key} -> closed (probe succeeded)`);
+        }
+    }
+    recordFailure() {
+        if (this.state === 'half_open') {
+            // Probe failed -> re-open immediately with a fresh cooldown window.
+            this.state = 'open';
+            this.openedAt = Date.now();
+            logger_1.default.warn(`[CircuitBreaker] ${this.key} -> open (probe failed)`);
+            return;
+        }
+        this.consecutiveFailures++;
+        if (this.state === 'closed' && this.consecutiveFailures >= this.opts.failureThreshold) {
+            this.state = 'open';
+            this.openedAt = Date.now();
+            logger_1.default.warn(`[CircuitBreaker] ${this.key} -> open after ${this.consecutiveFailures} consecutive failures (cooldown ${this.opts.openDurationMs}ms)`);
+        }
+    }
+    snapshot() {
+        return {
+            key: this.key,
+            state: this.state,
+            consecutiveFailures: this.consecutiveFailures,
+            openedAt: this.openedAt,
+        };
+    }
+}
+// Classifier: only transient / server-side failures should trip the breaker.
+// Caller-induced failures (400s, parse errors, bad API key) stay uncounted
+// so a misconfigured request doesn't take the breaker out for everyone.
+function isTransientFailure(err) {
+    var _a, _b;
+    const status = (_b = (_a = err === null || err === void 0 ? void 0 : err.response) === null || _a === void 0 ? void 0 : _a.status) !== null && _b !== void 0 ? _b : err === null || err === void 0 ? void 0 : err.status;
+    if (typeof status === 'number') {
+        if (status >= 500)
+            return true;
+        if (status === 429)
+            return true; // rate limit — back off
+        return false; // 4xx (auth, bad model, bad request) won't heal itself via retry
+    }
+    const code = String((err === null || err === void 0 ? void 0 : err.code) || '').toUpperCase();
+    const transientCodes = [
+        'ECONNRESET',
+        'ECONNREFUSED',
+        'ETIMEDOUT',
+        'ENOTFOUND',
+        'EAI_AGAIN',
+        'EPIPE',
+        'ECONNABORTED',
+        'ERR_NETWORK',
+    ];
+    if (transientCodes.includes(code))
+        return true;
+    const msg = String((err === null || err === void 0 ? void 0 : err.message) || '').toLowerCase();
+    if (msg.includes('timeout') || msg.includes('timed out'))
+        return true;
+    if (msg.includes('service unavailable') || msg.includes('unavailable'))
+        return true;
+    // SDK errors often embed HTTP status as text (Gemini/Anthropic wrap raw responses).
+    if (/\b(5\d{2}|429)\b/.test(msg))
+        return true;
+    return false;
+}
+class CircuitBreakerRegistry {
+    constructor() {
+        this.breakers = new Map();
+        this.defaults = {
+            failureThreshold: 5,
+            openDurationMs: 60000,
+        };
+    }
+    execute(key, task, opts) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const breaker = this.getOrCreate(key, opts);
+            const gate = breaker.admit();
+            if (!gate.allowed) {
+                throw new CircuitOpenError(key, gate.retryAfterMs);
+            }
+            try {
+                const result = yield task();
+                breaker.recordSuccess();
+                return result;
+            }
+            catch (err) {
+                if (isTransientFailure(err)) {
+                    breaker.recordFailure();
+                }
+                throw err;
+            }
+        });
+    }
+    snapshot() {
+        return Array.from(this.breakers.values()).map((b) => b.snapshot());
+    }
+    getOrCreate(key, opts) {
+        let breaker = this.breakers.get(key);
+        if (!breaker) {
+            breaker = new Breaker(key, Object.assign(Object.assign({}, this.defaults), opts));
+            this.breakers.set(key, breaker);
+        }
+        return breaker;
+    }
+}
+exports.CIRCUIT_BREAKERS = new CircuitBreakerRegistry();

package/lib/src/services/CleanupService.js

@@ -23,22 +23,29 @@ const prisma_1 = require("../prisma");
 const typedi_1 = require("typedi");
 const logger_1 = __importDefault(require("../logger"));
 const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const config_1 = require("../config");
 let CleanupService = class CleanupService {
     constructor() {
         this.log = logger_1.default.scope('CleanupService');
     }
     /**
-     * Orchestrates the build and session cleanup based on retention policy.
+     * Orchestrates build + session cleanup based on retention policy.
+     *
+     * Two phases:
+     *  1. Purge old builds (by age AND count cap) together with their sessions.
+     *  2. Sweep orphan sessions (no build_id) older than the retention window —
+     *     otherwise ad-hoc sessions accumulate forever.
      */
     runCleanup(pluginArgs) {
         return __awaiter(this, void 0, void 0, function* () {
             const { buildCleanupDays = 30, buildCleanupMaxCount = 100, deleteBuildAssets = true, } = pluginArgs;
             this.log.info(`Starting cleanup: Retention = ${buildCleanupDays} days, Max Builds = ${buildCleanupMaxCount}, Purge Assets = ${deleteBuildAssets}`);
+            const expirationDate = new Date();
+            expirationDate.setDate(expirationDate.getDate() - buildCleanupDays);
             try {
                 const buildIdsToPurge = new Set();
                 // 1. Identify builds to delete (by age)
-                const expirationDate = new Date();
-                expirationDate.setDate(expirationDate.getDate() - buildCleanupDays);
                 const buildsByAge = yield prisma_1.prisma.build.findMany({
                     where: {
                         createdAt: {
@@ -64,15 +71,19 @@ let CleanupService = class CleanupService {
                         }
                     }
                 }
-                if (buildIdsToPurge.size === 0) {
-                    this.log.info('No builds identified for cleanup.');
-                    return;
+                if (buildIdsToPurge.size > 0) {
+                    this.log.info(`Identified ${buildIdsToPurge.size} builds for purging.`);
+                    for (const buildId of buildIdsToPurge) {
+                        yield this.purgeBuild(buildId, deleteBuildAssets);
+                    }
                 }
-                this.log.info(`Identified ${buildIdsToPurge.size} builds for purging.`);
-                // 3. Purge sessions and assets for these builds
-                for (const buildId of buildIdsToPurge) {
-                    yield this.purgeBuild(buildId, deleteBuildAssets);
+                else {
+                    this.log.info('No builds identified for cleanup.');
                 }
+                // 3. Orphan sessions (no build_id) older than retention window. Without
+                //    this, ad-hoc sessions (WebDriver runs with no build capability) are
+                //    never cleaned up — their assets accumulate on disk forever.
+                yield this.purgeOrphanSessions(expirationDate, deleteBuildAssets);
                 this.log.info('✅ Build cleanup completed successfully.');
             }
             catch (err) {
@@ -87,33 +98,15 @@ let CleanupService = class CleanupService {
         return __awaiter(this, void 0, void 0, function* () {
             const sessions = yield prisma_1.prisma.session.findMany({
                 where: { build_id: buildId },
-                include: {
-                    SessionLog: {
-                        select: { screenshot: true },
-                        where: { screenshot: { not: null } },
-                    },
+                select: {
+                    id: true,
+                    video_recording: true,
+                    performance_trace: true,
                 },
             });
             for (const session of sessions) {
-                if (deleteAssets) {
-                    // Delete video
-                    if (session.video_recording) {
-                        this.unlinkSilently(session.video_recording);
-                    }
-                    // Delete screenshots
-                    for (const logItem of session.SessionLog) {
-                        if (logItem.screenshot) {
-                            this.unlinkSilently(logItem.screenshot);
-                        }
-                    }
-                }
-                // Delete relations
-                // Note: We use deleteMany which is efficient.
-                yield Promise.all([
-                    prisma_1.prisma.sessionLog.deleteMany({ where: { session_id: session.id } }),
-                    prisma_1.prisma.log.deleteMany({ where: { session_id: session.id } }),
-                    prisma_1.prisma.profiling.deleteMany({ where: { session_id: session.id } }),
-                ]);
+                yield this.purgeSessionAssets(session, deleteAssets);
+                yield this.deleteSessionChildren(session.id);
             }
             // Delete sessions for this build
             yield prisma_1.prisma.session.deleteMany({ where: { build_id: buildId } });
@@ -122,16 +115,121 @@ let CleanupService = class CleanupService {
             this.log.debug(`Purged build: ${buildId} (${sessions.length} sessions removed)`);
         });
     }
+    /**
+     * Purge sessions with no parent build that are older than the retention
+     * window. Runs after build purging so build-owned sessions are already gone.
+     */
+    purgeOrphanSessions(cutoff, deleteAssets) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const orphans = yield prisma_1.prisma.session.findMany({
+                where: {
+                    build_id: null,
+                    createdAt: { lt: cutoff },
+                },
+                select: {
+                    id: true,
+                    video_recording: true,
+                    performance_trace: true,
+                },
+            });
+            if (orphans.length === 0) {
+                this.log.info('No orphan sessions to purge.');
+                return;
+            }
+            this.log.info(`Purging ${orphans.length} orphan session(s) older than cutoff.`);
+            for (const session of orphans) {
+                yield this.purgeSessionAssets(session, deleteAssets);
+                yield this.deleteSessionChildren(session.id);
+            }
+            yield prisma_1.prisma.session.deleteMany({
+                where: {
+                    build_id: null,
+                    createdAt: { lt: cutoff },
+                },
+            });
+        });
+    }
+    /**
+     * Deletes the assets owned by a single session: video, performance trace,
+     * all screenshots referenced by its logs, and finally a recursive sweep of
+     * the session's on-disk directory. That last sweep catches anything the DB
+     * didn't know about — partial pipeline writes, aborted recordings, stray
+     * screenshot dumps — so the session folder is guaranteed empty after cleanup.
+     */
+    purgeSessionAssets(session, deleteAssets) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!deleteAssets)
+                return;
+            if (session.video_recording) {
+                this.unlinkSilently(session.video_recording);
+            }
+            if (session.performance_trace) {
+                this.unlinkSilently(session.performance_trace);
+            }
+            // Screenshots live on SessionLog rows, one per UI command. Fetch just the
+            // paths so we don't pull full payloads into memory for long sessions.
+            const shots = yield prisma_1.prisma.sessionLog.findMany({
+                where: { session_id: session.id, screenshot: { not: null } },
+                select: { screenshot: true },
+            });
+            for (const s of shots) {
+                if (s.screenshot)
+                    this.unlinkSilently(s.screenshot);
+            }
+            // Final sweep: rm -rf the session directory. Files we already unlinked
+            // are no-ops; this phase catches the untracked strays.
+            this.removeSessionDirectory(session.id);
+        });
+    }
+    deleteSessionChildren(sessionId) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield Promise.all([
+                prisma_1.prisma.sessionLog.deleteMany({ where: { session_id: sessionId } }),
+                prisma_1.prisma.log.deleteMany({ where: { session_id: sessionId } }),
+                prisma_1.prisma.profiling.deleteMany({ where: { session_id: sessionId } }),
+            ]);
+        });
+    }
+    removeSessionDirectory(sessionId) {
+        // Defense against path traversal: reject anything that, when joined and
+        // normalized, escapes sessionAssetsPath. sessionId is a UUID in normal
+        // use but a corrupted DB row shouldn't let us rm -rf arbitrary paths.
+        const base = path_1.default.resolve(config_1.config.sessionAssetsPath);
+        const target = path_1.default.resolve(base, sessionId);
+        if (!target.startsWith(base + path_1.default.sep) && target !== base) {
+            this.log.warn(`Refusing to remove suspicious session dir: ${sessionId}`);
+            return;
+        }
+        if (target === base) {
+            this.log.warn('Refusing to remove sessionAssetsPath itself');
+            return;
+        }
+        try {
+            fs_1.default.rmSync(target, { recursive: true, force: true });
+            this.log.debug(`Removed session directory: ${target}`);
+        }
+        catch (err) {
+            this.log.warn(`Failed to remove session dir ${target}: ${err.message}`);
+        }
+    }
     unlinkSilently(filePath) {
+        // Asset paths in the DB are stored relative to sessionAssetsPath (see
+        // asset-manager.ts). Resolving them against cwd — which the prior
+        // implementation did implicitly — means fs.existsSync always returned
+        // false and nothing ever got unlinked. Always go via path.resolve.
+        if (!filePath)
+            return;
+        const resolved = path_1.default.isAbsolute(filePath)
+            ? filePath
+            : path_1.default.resolve(config_1.config.sessionAssetsPath, filePath);
         try {
-            // Check if it's a valid path and exists
-            if (filePath && fs_1.default.existsSync(filePath)) {
-                fs_1.default.unlinkSync(filePath);
-                this.log.debug(`Deleted asset: ${filePath}`);
+            if (fs_1.default.existsSync(resolved)) {
+                fs_1.default.unlinkSync(resolved);
+                this.log.debug(`Deleted asset: ${resolved}`);
             }
         }
         catch (e) {
-            this.log.warn(`Failed to delete asset ${filePath}: ${e.message}`);
+            this.log.warn(`Failed to delete asset ${resolved}: ${e.message}`);
         }
     }
 };