fix: add resilient media processing fallbacks#83568
Conversation
Dependency Changes DetectedThis PR changes dependency-related files. Maintainers should confirm these changes are intentional. Changed files:
Maintainer follow-up:
|
|
ClawSweeper status: review started. I am starting a fresh review of this pull request: fix: add resilient media processing fallbacks This is item 1/1 in the current shard. Shard 0/1. This placeholder means the worker is alive and reading the current context. I will edit this same comment with the actual review when the claws are done clicking. Crustacean status: shell secured, claws on keyboard, evidence pebbles being sorted. |
0c475a6 to
fc5096b
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0c475a6e68
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| return { | ||
| buffer: await convert(canonicalPath, params.maxBytes), | ||
| buffer: converted.buffer, | ||
| contentType: "image/jpeg", |
There was a problem hiding this comment.
Preserve original MIME unless HEIC was actually converted
When deps.convertHeicToJpeg is not provided, this code takes loadWebMedia(...) output and always sets contentType to image/jpeg. That is unsafe because loadWebMedia can return the original bytes without conversion (for example when HEIC is not classified as an image by MIME sniffing), so downstream receives non-JPEG data mislabeled as JPEG. In that path, consumers that trust contentType can fail to decode or process corrupted attachments.
Useful? React with 👍 / 👎.
Summary
Verification
pnpm -s tsgo:corepnpm -s tsgo:core:testnode scripts/run-vitest.mjs src/media/image-ops.input-guard.test.ts src/media/web-media.test.ts src/agents/tool-images.test.ts extensions/browser/src/browser/screenshot.test.ts extensions/imessage/src/monitor/media-staging.test.ts extensions/speech-core/src/tts.test.ts src/media/audio-transcode.test.ts src/infra/resolve-system-bin.test.tsnode scripts/run-vitest.mjs src/media-understanding/apply.test.ts src/media/web-media.test.ts extensions/browser/src/browser/screenshot.test.ts src/agents/tool-images.test.ts --rungit diff --check.agents/skills/autoreview/scripts/autoreview --mode localtbx_01krx76481tanrjxxh4360yrhf: focused media fallback shard, 58 passed / 1 skippedReal behavior proof
Behavior addressed: Fixes #83401 by installing Sharp with the root package and routing image/media processing through a central Sharp-first service with OS/tool fallbacks.
Real environment tested: local macOS checkout; Linux Blacksmith Testbox-through-Crabbox
tbx_01krx76481tanrjxxh4360yrhf; earlier direct AWS Windows proof for backend chain before final centralization.Exact steps or command run after this patch:
pnpm -s tsgo:core && pnpm -s tsgo:core:test && node scripts/run-vitest.mjs ... && git diff --check;node scripts/crabbox-wrapper.mjs run --provider blacksmith-testbox ... node scripts/run-vitest.mjs ...Evidence after fix: local focused proof passed 134 tests across 9 files plus 108 tests across the media-understanding/browser/tool-image subset; remote Linux Testbox run passed 58 tests with 1 skipped and exit 0.
Observed result after fix: compliant under-cap non-HEIC images can pass through when image processors are unavailable, resize-required images fail closed when processors are unavailable, fallback backends are tried centrally, and media call sites use the shared service.
What was not tested: full suite; latest native Windows Crabbox rerun was blocked by Windows sync/transport before command execution, so Windows-specific latest patch coverage is via unit tests plus earlier backend-chain proof.