fix(feishu): preserve non-ASCII filenames for file uploads

[lynnzc]

Summary

• Problem: Feishu file uploads percent-encoded non-ASCII file_name values before upload.
• Why it matters: recipients saw URL-encoded filenames like %E7%A4%BA%E4%BE%8B.pdf instead of human-readable names.
• What changed: removed non-ASCII filename percent-encoding in Feishu upload path and preserved original file_name values.
• What did NOT change (scope boundary): no changes to media type routing, upload transport, or non-Feishu channels.

Change Type (select all)

• Bug fix
• Feature
• Refactor
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Closes [Bug]: Filename Becomes URL-Encoded String After Sending Files in Lark/Feishu #43840
• Related fix(feishu): encode non-ASCII filenames in file uploads #31328

User-visible / Behavior Changes

• Feishu/Lark file messages now keep original non-ASCII filenames (Chinese/special characters) instead of showing URL-encoded names.

Security Impact (required)

• New permissions/capabilities? (No)
• Secrets/tokens handling changed? (No)
• New/changed network calls? (No)
• Command/tool execution surface changed? (No)
• Data access scope changed? (No)
• If any Yes, explain risk + mitigation:

Repro + Verification

Environment

• OS: macOS
• Runtime/container: Node 22 + pnpm workspace
• Model/provider: N/A
• Integration/channel (if any): Feishu
• Relevant config (redacted): default mocked Feishu account in test

Steps

1. Send a file via Feishu path with non-ASCII filename (e.g. 测试文档.pdf).
2. Inspect upload payload im.file.create data.file_name.
3. Verify filename passed to Feishu remains human-readable.

Expected

• Non-ASCII filenames are preserved as-is.

Actual

• Verified in tests: data.file_name equals original non-ASCII filename.

Evidence

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Human Verification (required)

• Verified scenarios:
  • pnpm test extensions/feishu/src/media.test.ts
  • Result: 1 passed, 18 passed tests.
  • Assertions now verify preserved Chinese and special-character filenames in Feishu upload call payload.
• Edge cases checked:
  • ASCII filenames remain unchanged.
  • Special characters (em-dash/full-width brackets) remain unchanged.
• What you did not verify:
  • Live Feishu API run in a real tenant.

Review Conversations

• I replied to or resolved every bot review conversation I addressed in this PR.
• I left unresolved only the conversations that still need reviewer or maintainer judgment.

Compatibility / Migration

• Backward compatible? (Yes)
• Config/env changes? (No)
• Migration needed? (No)
• If yes, exact upgrade steps:

Failure Recovery (if this breaks)

• How to disable/revert this change quickly: revert this PR commit.
• Files/config to restore: extensions/feishu/src/media.ts, extensions/feishu/src/media.test.ts.
• Known bad symptoms reviewers should watch for: Feishu upload failures for some non-ASCII filenames.

Risks and Mitigations

• Risk: Some environments may still require encoded multipart filename handling.
  • Mitigation: behavior is covered by focused Feishu media tests and rollback is one commit.

[greptile-apps]

Greptile Summary

This PR removes the sanitizeFileNameForUpload utility from extensions/feishu/src/media.ts and passes file_name directly to the Feishu SDK, fixing the user-visible issue where recipients saw percent-encoded filenames (e.g. %E6%B5%8B%E8%AF%95.pdf) instead of the original Chinese/special-character names. The companion test file is updated to remove the deleted function's test suite and flip the filename assertions from "encodes" to "preserves".

• Root cause addressed: The previous encoding was surfaced verbatim to message recipients rather than being decoded by Feishu's server, making file names unreadable.
• Tradeoff to be aware of: The sanitizeFileNameForUpload JSDoc stated that raw non-ASCII characters could cause silent upload failures in the SDK's multipart form-data serialization (referencing larksuite/node-sdk#121). This workaround has been removed without confirming whether the underlying SDK issue is resolved — see inline comment on media.ts.
• Test coverage: All assertions are against a mocked SDK client, so they confirm the value passed to the SDK but cannot catch real-world multipart serialization failures. A live-tenant smoke test with a Chinese filename is recommended before relying on this in production.

Confidence Score: 4/5

• Safe to merge with low risk, but a live Feishu tenant test with non-ASCII filenames is recommended before wide rollout.
• The change is small (two files, one deleted function, updated assertions) and clearly scoped. The new behavior directly fixes a confirmed user-visible bug. The only open risk is whether the SDK-level multipart issue that originally motivated the encoding workaround still exists; this was not verified against a real Feishu API and the tests are fully mocked, so a silent-failure regression cannot be ruled out from the test suite alone.
• Pay close attention to extensions/feishu/src/media.ts — specifically the uploadFileFeishu call to client.im.file.create with a raw non-ASCII file_name. Verify the Feishu SDK version in use correctly handles UTF-8 filenames in multipart form-data before merging.

Comments Outside Diff (1)

1. extensions/feishu/src/media.ts, line 249-256 (link)

   SDK multipart form-data compatibility risk

   The removed sanitizeFileNameForUpload function's JSDoc explicitly noted that raw non-ASCII characters in file_name "cause the upload to silently fail when passed raw through the SDK's form-data serialization" (referencing larksuite/node-sdk#121). That workaround was added to address a known SDK-level limitation.

   This change trades one problem (recipients seeing encoded strings like %E6%B5%8B%E8%AF%95.pdf) for a potential regression (silent upload failures for non-ASCII filenames). Both problems affect non-ASCII filenames, but the silent failure mode is harder to detect.

   Since the tests mock the SDK client entirely, they don't exercise the real multipart serialization path and cannot catch this class of failure. The PR description also acknowledges that live Feishu API testing was not done.

   Before merging, it would be worth confirming either:

   1. The referenced SDK issue (feat(apple-reminders): switch to remind CLI for better list support #121) has since been resolved upstream (the SDK now handles UTF-8 file_name correctly in form-data), or
   2. A real-tenant smoke test with a Chinese-character filename succeeds end-to-end.

   If the silent-failure risk is confirmed to be gone (e.g. SDK was updated), a brief comment in the code noting why encoding is no longer needed would help future readers understand why the workaround was removed.

Prompt To Fix All With AI

This is a comment left during a code review.
Path: extensions/feishu/src/media.ts
Line: 249-256

Comment:
**SDK multipart form-data compatibility risk**

The removed `sanitizeFileNameForUpload` function's JSDoc explicitly noted that raw non-ASCII characters in `file_name` *"cause the upload to silently fail when passed raw through the SDK's form-data serialization"* (referencing [larksuite/node-sdk#121](https://github.com/larksuite/node-sdk/issues/121)). That workaround was added to address a known SDK-level limitation.

This change trades one problem (recipients seeing encoded strings like `%E6%B5%8B%E8%AF%95.pdf`) for a potential regression (silent upload failures for non-ASCII filenames). Both problems affect non-ASCII filenames, but the silent failure mode is harder to detect.

Since the tests mock the SDK client entirely, they don't exercise the real multipart serialization path and cannot catch this class of failure. The PR description also acknowledges that live Feishu API testing was not done.

Before merging, it would be worth confirming either:
1. The referenced SDK issue (#121) has since been resolved upstream (the SDK now handles UTF-8 `file_name` correctly in form-data), or
2. A real-tenant smoke test with a Chinese-character filename succeeds end-to-end.

If the silent-failure risk is confirmed to be gone (e.g. SDK was updated), a brief comment in the code noting *why* encoding is no longer needed would help future readers understand why the workaround was removed.

How can I resolve this? If you propose a fix, please make it concise.

_{Last reviewed commit: 71ca634}

[lynnzc]

Addressed the Greptile risk note with a minimal clarification in code:

• Added an inline comment in extensions/feishu/src/media.ts at uploadFileFeishu() explaining why file_name is intentionally passed as raw UTF-8 (to preserve recipient-visible filenames).
• Not changed intentionally: I did not reintroduce percent-encoding or add fallback retry logic, because that would bring back the user-facing %XX filename regression this PR fixes.

Rationale: the upstream SDK issue referenced in the old workaround (larksuite/node-sdk#121) is now closed as fixed, and this repo is on @larksuiteoapi/node-sdk@1.59.0.

Validation run:

• pnpm test extensions/feishu/src/media.test.ts (pass, 18/18)

I still agree with the recommendation that a real-tenant smoke test is useful before broad rollout; that is operational validation rather than a unit-test gap in this PR.