fix: restore export-html template placeholders and prevent reformatting

[iteemoo6]

This PR fixes the export-html template that was broken by a formatter.

What was broken:

• The template placeholders , , and were being split into multiple lines by the formatter
• This caused the export-html functionality to fail because the placeholders couldn't be recognized

What this PR does:

1. Restores the original template.html with correct placeholder formatting
2. Adds to to prevent future reformatting
3. Keeps the existing ignore in as an extra layer of protection

Closes #43616, #43620

[greptile-apps]

Greptile Summary

This PR fixes a regression where a code formatter corrupted the five template placeholders ({{CSS}}, {{SESSION_DATA}}, {{MARKED_JS}}, {{HIGHLIGHT_JS}}, {{JS}}) in template.html by splitting each {{...}} across multiple lines, causing all .replace() substitutions in commands-export-session.ts to silently fail and producing broken HTML exports. The fix restores the placeholders to single-line form and adds a .gitattributes -text marker to prevent Git from normalising the file's line endings in the future.

Key changes:

• template.html: All five placeholders are now on a single line each — the vendored-library and session-data placeholders are inlined directly inside their <script> tags (<script>{{MARKED_JS}}</script>) so a formatter is less likely to interpret the braces as a JS block statement and reformat them.
• .gitattributes: template.html is marked -text, consistent with how the two CLAUDE.md files are treated in this repo.

No functional issues found. The placeholder strings exactly match what generateHtml() and the security test's renderTemplate() both look for with their .replace("{{...}}", ...) calls.

Confidence Score: 5/5

• This PR is safe to merge — it is a straightforward restoration of broken placeholder strings with no logic changes.
• The change is minimal and targeted: it restores five template placeholders to their correct single-line form and adds a .gitattributes entry. The substitution logic in both commands-export-session.ts and the security test file already expects exactly these single-line placeholder strings, so the fix is consistent with the existing code. No new logic is introduced.
• No files require special attention.

_{Last reviewed commit: 7428668}

[openclaw-barnacle]

This pull request has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[clawsweeper]

Closing this as duplicate or superseded after Codex automated review.

Close this PR as superseded by open PR #41861 and open issue #41862. The export-session HTML bug is real and still present on current main, but this PR is a narrower duplicate fix: it restores template placeholders and adds a .gitattributes marker, while #41861 is the better canonical fix because it also changes JS/vendor asset injection to function replacers to avoid String.replace $-sequence mutation.

Best possible solution:

Close this PR as superseded and keep the remaining work focused on #41861/#41862. The best fix should restore formatter-safe template placeholders, use function replacers for injected JS/vendor assets, add a regression test that reads the real template.html path, and verify the build-copy path ships corrected export assets.

What I checked:

• Current main still has malformed export HTML placeholders: The checked-in template on current main contains formatter-expanded script bodies with bare MARKED_JS, HIGHLIGHT_JS, and JS identifiers instead of contiguous {{MARKED_JS}}, {{HIGHLIGHT_JS}}, and {{JS}} placeholders. (src/auto-reply/reply/export-html/template.html:62, 91e835ebe0ab)
• Generator still requires exact placeholder strings: generateHtml() still performs exact .replace("{{JS}}", templateJs), .replace("{{MARKED_JS}}", markedJs), and .replace("{{HIGHLIGHT_JS}}", hljsJs), so current main's split script blocks are not matched. (src/auto-reply/reply/commands-export-session.ts:91, 91e835ebe0ab)
• Existing tests do not cover the real broken template path: The command test mocks template.html with compact placeholders, while the security test reads the real template but then executes marked/highlight/template JS directly after replacements. Those tests do not prove generated HTML receives scripts from the checked-in template. (src/auto-reply/reply/commands-export-session.test.ts:56, 91e835ebe0ab)
• This PR is a narrower template-only duplicate: The PR changes only .gitattributes and template.html, restoring compact placeholders but not changing commands-export-session.ts replacement semantics. (src/auto-reply/reply/export-html/template.html, 74286681cdec)
• Canonical open PR fix(export): fix broken template placeholders in session export HTML #41861 covers the same bug more completely: PR fix(export): fix broken template placeholders in session export HTML #41861 is open and unmerged, restores the malformed template placeholders, and also changes JS/vendor asset replacements to function replacers. Its review discussion explicitly identified the replacement-string $ hazard and the author addressed it. (src/auto-reply/reply/commands-export-session.ts:92, 485acbdfa35d)
• Related issue context already points to fix(export): fix broken template placeholders in session export HTML #41861/export-session HTML renders blank — template placeholders broken by formatter #41862: Open issue export-session HTML renders blank — template placeholders broken by formatter #41862 describes the same blank export-session HTML behavior and names PR fix(export): fix broken template placeholders in session export HTML #41861 as the fix path. Closed issue export-html template.html malformed by formatter causing export failure #43620 was already closed as duplicate/superseded in favor of export-session HTML renders blank — template placeholders broken by formatter #41862/fix(export): fix broken template placeholders in session export HTML #41861 while noting the bug remains real.

So I’m closing this here and keeping the remaining discussion on the canonical linked item.

Codex Review notes: model gpt-5.5, reasoning high; reviewed against 91e835ebe0ab.