feat(tauri): support workspace file links

[YOMXXX]

Summary

• Adds safe Tauri IPC commands for opening, revealing, and previewing active-workspace files.
• Adds frontend workspace: / openhuman-workspace: link parsing and routes chat markdown workspace links through the new Tauri command.
• Keeps raw file:// markdown links blocked and preserves existing external http(s) / mailto: handling.
• Documents the new workspace file-link IPC surface.

Problem

Agents and UI surfaces can reference files produced under the OpenHuman workspace, but the desktop app did not have a safe first-party path for handling those workspace file links. Using raw filesystem URLs would either be blocked by the existing link policy or risk bypassing workspace boundaries.

Solution

• Introduce open_workspace_path, reveal_workspace_path, and preview_workspace_text Tauri commands.
• Resolve only workspace-relative paths against the active OpenHuman workspace, canonicalize the target, and reject absolute paths, traversal, URI/drive prefixes, missing targets, and symlink escapes.
• Add frontend helpers to parse workspace schemes and Tauri invoke wrappers that return camelCase preview payloads.
• Update chat markdown link rendering so workspace links survive react-markdown URL filtering and are dispatched through the guarded Tauri command.

Submission Checklist

If a section does not apply to this change, mark the item as N/A with a one-line reason. Do not delete items.

• Tests added or updated (happy path + at least one failure / edge case) per Testing Strategy
• Diff coverage ≥ 80% — not run locally; CI coverage gate is authoritative and will fail this PR if changed-line coverage is below 80%.
• Coverage matrix updated — N/A: no existing feature row for workspace markdown/file-link IPC; focused tests added with the implementation.
• All affected feature IDs from the matrix are listed in the PR description under ## Related — N/A: no matrix feature ID applies.
• No new external network dependencies introduced (mock backend used per Testing Strategy)
• Manual smoke checklist updated if this touches release-cut surfaces (docs/RELEASE-MANUAL-SMOKE.md) — N/A: no release smoke flow changes.
• Linked issue referenced in ## Related; Phase 3 Memory follow-up is tracked in Migrate Memory surfaces to shared workspace file links #2492

Impact

• Desktop/Tauri: adds three read/open-only workspace file commands behind the dedicated allow-workspace-files permission.
• Frontend/chat: workspace markdown links now open through the OS only after Rust validates the target remains inside the active workspace.
• Security: raw file:// links remain blocked; Rust canonicalization guards against path traversal and symlink escapes.
• Compatibility: existing external link handling is preserved.

Related

• Refs Make the Tauri frontend handle workspace file links and views properly #1402
• Follow-up: Migrate Memory surfaces to shared workspace file links #2492 tracks Phase 3 Memory surface migration onto the shared workspace-link layer
• Follow-up PR(s)/TODOs: add richer in-app preview UI for preview_workspace_text once the file-view surface is designed.

---

AI Authored PR Metadata (required for Codex/Linear PRs)

Keep this section for AI-authored PRs. For human-only PRs, mark each field N/A.

Linear Issue

• Key: N/A
• URL: N/A

Commit & Branch

• Branch: feat/1402-workspace-file-links
• Commit SHA: 3c7bbe97

Validation Run

• pnpm --filter openhuman-app format:check (via pre-push hook)
• pnpm typecheck (pnpm --filter openhuman-app compile)
• Focused tests: pnpm --filter openhuman-app test:unit src/utils/workspaceLinks.test.ts src/utils/tauriCommands/workspacePaths.test.ts src/pages/conversations/components/AgentMessageBubble.test.tsx (11 passed)
• Rust fmt/check (if changed): cargo fmt --manifest-path app/src-tauri/Cargo.toml -- --check; GGML_NATIVE=OFF cargo check --manifest-path app/src-tauri/Cargo.toml; pre-push pnpm --filter openhuman-app rust:check
• Tauri fmt/check (if changed): GGML_NATIVE=OFF cargo test --manifest-path app/src-tauri/Cargo.toml workspace_paths::tests (6 passed)
• Additional focused lint: pnpm --filter openhuman-app exec eslint src/utils/workspaceLinks.ts src/utils/workspaceLinks.test.ts src/utils/tauriCommands/workspacePaths.ts src/utils/tauriCommands/workspacePaths.test.ts src/pages/conversations/components/AgentMessageBubble.tsx src/pages/conversations/components/AgentMessageBubble.test.tsx
• Whitespace: git diff --check

Validation Blocked

• command: N/A
• error: N/A
• impact: N/A

Behavior Changes

• Intended behavior change: chat markdown can use workspace: or openhuman-workspace: links to open workspace-contained files through guarded Tauri commands.
• User-visible effect: users can click agent-produced workspace file links instead of copying paths manually.

Parity Contract

• Legacy behavior preserved: existing http:, https:, and mailto: links still route through openUrl; raw file:// links remain blocked.
• Guard/fallback/dispatch parity checks: frontend rejects unsafe workspace hrefs before invoke; Rust independently validates canonical target containment before opening/revealing/previewing.

Duplicate / Superseded PR Handling

• Duplicate PR(s): N/A
• Canonical PR: this PR
• Resolution (closed/superseded/updated): N/A

Summary by CodeRabbit

• New Features

  • Markdown now supports workspace file links so users can open, reveal, and preview files inside the active workspace directly from messages and tables.

• Documentation

  • Desktop host docs updated with architecture details and a workspace file-links command reference.

• Tests

  • Added end-to-end tests for workspace link parsing, UI link handling, file preview behavior, and path safety.

• Chores

  • Desktop permissions updated to allow workspace file actions.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds frontend workspace-scheme parsing, TypeScript Tauri wrappers, Tauri backend commands (open/reveal/preview) with canonical containment checks and UTF-8 previewing, permission entries, markdown link routing in chat, docs, and tests.

Changes

Workspace File Links and Path Operations

Layer / File(s)	Summary
Workspace link parsing utilities and tests app/src/utils/workspaceLinks.ts, app/src/utils/workspaceLinks.test.ts	Parses workspace: / openhuman-workspace: hrefs into normalized relative paths, rejecting traversal, null bytes, drive-like inputs, and unsafe segments; tests validate accepted variants and rejections.
Tauri backend workspace path commands app/src-tauri/src/lib.rs, app/src-tauri/src/workspace_paths.rs	Implements open_workspace_path, reveal_workspace_path, and preview_workspace_text with workspace-root resolution, input normalization, canonicalization containment checks, UTF-8 preview/truncation logic, and unit tests covering safety and truncation.
Tauri permissions configuration app/src-tauri/capabilities/default.json, app/src-tauri/permissions/allow-workspace-files.toml	Adds allow-workspace-files permission listing the three workspace commands and includes it in the default capability.
Frontend Tauri command wrappers app/src/utils/tauriCommands/workspacePaths.ts, app/src/utils/tauriCommands/workspacePaths.test.ts, app/src/utils/tauriCommands/index.ts	Exports typed wrappers that assert Tauri environment, invoke backend commands, and map Tauri snake_case responses to camelCase; tests verify gating and invocation.
Markdown link handling in chat app/src/pages/conversations/components/AgentMessageBubble.tsx, app/src/pages/conversations/components/AgentMessageBubble.test.tsx	Adds transformMarkdownUrl and MarkdownAnchor to route workspace links to openWorkspacePath and allowed externals to openUrl; applied to BubbleMarkdown and TableCellMarkdown with interaction tests.
Architecture documentation gitbooks/developing/architecture/tauri-shell.md	Expanded Tauri shell documentation, pointed IPC command registration to generate_handler!, added "Workspace file links" command group and updated core bridge description.
Cron store tests update src/openhuman/cron/store_tests.rs	Adjusts test assertions to use job next_run timestamps and to verify disabled jobs are not returned at boundary timestamps.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related issues

• Migrate Memory surfaces to shared workspace file links #2492 — Adds the shared workspace-link layer and Tauri backend/frontend plumbing referenced by the issue.

Suggested reviewers

• M3gA-Mind

Poem

A rabbit tiptoed through the tree, 🐰
Mapping paths so safely, free,
Links now whisper workspace names,
Open, reveal, preview frames—
Click with trust and hop with glee! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 41.38% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'feat(tauri): support workspace file links' clearly and concisely describes the main change—adding Tauri IPC commands and frontend support for workspace-scoped file links, which is the core purpose of this PR.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

gitbooks/developing/architecture/tauri-shell.md (1)

151-160: 💤 Low value

Well-documented workspace file link commands.

The documentation clearly explains the three new commands and their path safety constraints. All security considerations from the PR are covered: workspace-relative paths only, canonicalization, and rejection of traversal/absolute/URI/symlink escapes.

Optional: Consider adding issue reference for traceability

For consistency with the screen share section (line 143, which references #713 and #812), you could optionally mention that this closes issue #1402:

 ### Workspace file links
 
-From **`workspace_paths.rs`**. These commands accept workspace-relative paths only. The shell resolves each path against the active OpenHuman workspace, canonicalizes the target, and rejects traversal, absolute paths, URI-like prefixes, and symlink escapes before opening or reading anything.
+From **`workspace_paths.rs`**. These commands accept workspace-relative paths only. The shell resolves each path against the active OpenHuman workspace, canonicalizes the target, and rejects traversal, absolute paths, URI-like prefixes, and symlink escapes before opening or reading anything. See issue `#1402` (workspace file interactions).

This adds traceability similar to other command sections, but is not essential.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@gitbooks/developing/architecture/tauri-shell.md` around lines 151 - 160, Add
an optional issue reference for traceability by appending a short note in this
section (near the Workspace file links header or the screen-share style
reference) that indicates this documentation closes issue `#1402`; update the
prose around the list or add a parenthetical “(closes `#1402`)” so readers can
trace the implementation to the issue, referencing the workspace_paths.rs
commands open_workspace_path, reveal_workspace_path, and preview_workspace_text
when placing the note.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@app/src-tauri/permissions/allow-core-process.toml`:
- Around line 114-123: The allow-core-process TOML currently includes
workspace-file commands ("open_workspace_path", "reveal_workspace_path",
"preview_workspace_text"), widening a high-privilege bundle; create a new
permission TOML (e.g., allow-workspace-files) containing only those three
command identifiers, remove them from allow-core-process, and then update
capability grant files under app/src-tauri/capabilities/ to replace any grant of
allow-core-process with a grant for allow-workspace-files where only
workspace-file access is required so UI surfaces request the narrower
permission.

In `@app/src/utils/workspaceLinks.ts`:
- Around line 16-24: After calling decodeURIComponent on rawPath (the decoded
variable), immediately reject any decoded NUL bytes by checking for '\0' (or
char code 0) and returning null if found; update the logic in workspaceLinks.ts
right after the try/catch that sets decoded and before creating normalized so
that a decoded string containing NUL is treated as invalid (preserving the
existing WINDOWS_DRIVE_RE and normalized checks).

---

Nitpick comments:
In `@gitbooks/developing/architecture/tauri-shell.md`:
- Around line 151-160: Add an optional issue reference for traceability by
appending a short note in this section (near the Workspace file links header or
the screen-share style reference) that indicates this documentation closes issue
`#1402`; update the prose around the list or add a parenthetical “(closes `#1402`)”
so readers can trace the implementation to the issue, referencing the
workspace_paths.rs commands open_workspace_path, reveal_workspace_path, and
preview_workspace_text when placing the note.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 56615497-6482-4b9e-ab1a-b5945727268d

📥 Commits

Reviewing files that changed from the base of the PR and between 7fe3dd0 and c8745d8.

📒 Files selected for processing (11)

• app/src-tauri/permissions/allow-core-process.toml
• app/src-tauri/src/lib.rs
• app/src-tauri/src/workspace_paths.rs
• app/src/pages/conversations/components/AgentMessageBubble.test.tsx
• app/src/pages/conversations/components/AgentMessageBubble.tsx
• app/src/utils/tauriCommands/index.ts
• app/src/utils/tauriCommands/workspacePaths.test.ts
• app/src/utils/tauriCommands/workspacePaths.ts
• app/src/utils/workspaceLinks.test.ts
• app/src/utils/workspaceLinks.ts
• gitbooks/developing/architecture/tauri-shell.md

[coderabbitai]

🧹 Nitpick comments (1)

app/src/lib/i18n/chunks/de-5.ts (1)

504-526: 🏗️ Heavy lift

Split this locale chunk before it grows further.

Line 526 keeps this source above the preferred ~500-line limit; please split de-5.ts into smaller namespace-focused chunks to preserve readability and single responsibility.

As per coding guidelines "**/*.{js,ts,tsx,jsx}: Prefer files ≤ ~500 lines per source file; split modules when growing to maintain readability and single responsibility."

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@app/src/lib/i18n/chunks/de-5.ts` around lines 504 - 526, The de-5.ts locale
file has grown past the ~500-line guideline; extract the MCP-server keys (all
entries with the 'settings.mcpServer.*' and related
'settings.developerMenu.mcpServer.*' keys shown) into a new, smaller locale
chunk (e.g., a namespace-focused de-xxx file), export that chunk the same shape
as the existing locale object, and remove those keys from de-5.ts; then update
the locale aggregator where chunks are combined to import and merge the new MCP
chunk so runtime behavior and key names (settings.mcpServer.* and
settings.developerMenu.mcpServer.*) remain unchanged.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@app/src/lib/i18n/chunks/de-5.ts`:
- Around line 504-526: The de-5.ts locale file has grown past the ~500-line
guideline; extract the MCP-server keys (all entries with the
'settings.mcpServer.*' and related 'settings.developerMenu.mcpServer.*' keys
shown) into a new, smaller locale chunk (e.g., a namespace-focused de-xxx file),
export that chunk the same shape as the existing locale object, and remove those
keys from de-5.ts; then update the locale aggregator where chunks are combined
to import and merge the new MCP chunk so runtime behavior and key names
(settings.mcpServer.* and settings.developerMenu.mcpServer.*) remain unchanged.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 8121d2c8-fdcd-4191-b8f8-7604c706ed60

📥 Commits

Reviewing files that changed from the base of the PR and between c8745d8 and e08d5e8.

📒 Files selected for processing (2)

• app/src/lib/i18n/chunks/de-3.ts
• app/src/lib/i18n/chunks/de-5.ts

[YOMXXX]

Clarification for the CodeRabbit pre-merge note: the German i18n additions are intentional CI-gate cleanup, not a separate feature. pnpm i18n:check failed on this PR because de was missing the MCP-server keys and two existing subconscious keys; adding those translations brought the locale back to 0 missing keys and unblocked test / i18n Coverage.

[YOMXXX]

CI is green and the CodeRabbit threads are resolved. Ready for reviewer pass / merge when convenient.

[YOMXXX]

@graycyrus Could you take a reviewer pass on this when convenient? CI is green, CodeRabbit is approved, and there are no unresolved review threads on the PR. The German i18n additions are only to satisfy the current i18n gate.

[oxoxDev]

@YOMXXX can you resolve merge conflicts?

[YOMXXX]

@oxoxDev Merge conflicts are resolved in 08df631c by merging latest upstream/main into the PR branch.

Local validation run before push:

• pnpm i18n:check passed
• pnpm --filter openhuman-app test -- ... completed the Vitest suite: 320 files / 3088 tests passed
• GGML_NATIVE=OFF cargo test --manifest-path app/src-tauri/Cargo.toml workspace_paths -- --nocapture passed: 7 tests
• pre-push with GGML_NATIVE=OFF passed: format, lint (0 errors / existing warnings), TypeScript compile, Tauri rust check, command-token lint

CI has restarted and is currently in progress.

[YOMXXX]

@oxoxDev Conflicts are resolved and the follow-up CI is green now. I also hardened the flaky cron due-jobs boundary test that caused the previous Rust Core Coverage failure; Rust Core Coverage, Coverage Gate, Deploy Smoke, E2E, build, TypeScript, and Rust quality are all passing on 0b2c416e.\n\nNo unresolved review threads remain. Ready for reviewer pass when convenient.

[M3gA-Mind]

Walkthrough

Solid, well-structured PR. Adds three Tauri IPC commands (open_workspace_path, reveal_workspace_path, preview_workspace_text) behind a dedicated narrow permission, a TS parsing layer for workspace: / openhuman-workspace: link schemes, and chat markdown integration that routes workspace links through the guarded commands while keeping file:// blocked. CodeRabbit's two findings (permission split, post-decode NUL guard) were already addressed in commit 344d5b4. The Rust path validation is double-checked (pre-canonicalize + post-starts_with), the UTF-8 truncation handling is correct, and test coverage across Rust unit tests, TS unit tests, and the AgentMessageBubble integration test is thorough.

One blocking concern below around premature issue closure, plus a few minors.

Changes

Area	Files	Notes
Tauri shell (Rust)	workspace_paths.rs, lib.rs	New module, 3 commands, path validation
Tauri permissions	allow-workspace-files.toml, default.json	Dedicated narrow permission
Frontend util	workspaceLinks.ts, tauriCommands/workspacePaths.ts	Parsing + invoke wrappers
Chat render	AgentMessageBubble.tsx	urlTransform + MarkdownAnchor
Tests	4 new test files	Rust + TS unit, component integration
Docs	tauri-shell.md	Workspace file-link command table
Unrelated fix	cron/store_tests.rs	Deterministic cron test

Findings

[major] Closes #1402 while issue acceptance criteria are unmet

Issue #1402 lists "Memory surfaces use the shared layer" as an explicit acceptance criterion — the Obsidian openers in MemoryWorkspace.tsx and MemoryGraph.tsx should be migrated onto the new workspace-link layer. That is Phase 3 in the issue's own rollout plan and is not addressed here. Once this PR merges and Closes #1402 takes effect, the remaining Phase 3 work has no open issue tracking it.

Options:

1. Change Closes #1402 to Refs #1402 and open a follow-up issue for Phase 3 before merging, or
2. Keep the close and immediately file a follow-up tracking issue for Phase 3.

[minor] No debug/trace logging in workspace_paths.rs

The project convention for Rust core modules is to emit debug! / trace! calls for key operations. resolve_workspace_path and preview_workspace_text_from_root have zero log output — validation failures, canonicalization results, and preview sizes are invisible in production logs. Suggestion: add log::debug! at the successful return of resolve_workspace_path and a log::warn! on each Err return path.

[minor] Silent workspace open failures give users no feedback

MarkdownAnchor.onClick swallows openWorkspacePath errors completely. If the file was deleted after the agent referenced it, or no default app is registered, the click is a silent no-op. Consistent with the existing external-URL .catch(()=>{}) pattern, but workspace links feel more actionable. Suggestion: at minimum console.error the failure.

[minor] Unrelated change bundled in PR

src/openhuman/cron/store_tests.rs — makes the due_jobs test deterministic using job.next_run instead of wall clock + far future. The fix is correct, but unrelated to workspace file links. Not blocking.

[YOMXXX]

Review blockers addressed in 1af1c1ea.

• Changed the PR relationship from Closes #1402 to Refs #1402 so the parent issue is not auto-closed prematurely.
• Opened Migrate Memory surfaces to shared workspace file links #2492 to track the remaining Phase 3 Memory surface migration onto the shared workspace-link layer.
• Added [workspace-paths] warn/debug diagnostics around validation, resolution, open/reveal, and preview paths.
• Logged workspace-link open failures in chat markdown and added a rejection-path component test.

Validation run:

• pnpm --filter openhuman-app test:unit src/pages/conversations/components/AgentMessageBubble.test.tsx passed: 5 tests.
• pnpm --filter openhuman-app exec eslint src/pages/conversations/components/AgentMessageBubble.tsx src/pages/conversations/components/AgentMessageBubble.test.tsx --ext .tsx passed.
• GGML_NATIVE=OFF cargo test --manifest-path app/src-tauri/Cargo.toml workspace_paths -- --nocapture passed: 7 tests.
• git diff --check passed.
• Pre-push passed: format, lint, TypeScript compile, Tauri rust check, command-token lint.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@app/src-tauri/src/workspace_paths.rs`:
- Around line 95-98: The current check treats any colon in a path component
(variable part) as a URI/drive prefix and rejects it; instead only reject when
the path as a whole begins with a scheme/drive prefix. In the function that uses
variable part and returns workspace_path_error, replace the unconditional
part.contains(':') check with a check that detects a leading scheme/drive on the
entire path (e.g. match start of the input against a scheme/URI regex like
^[A-Za-z][A-Za-z0-9+.-]*: or a Windows drive pattern /^[A-Za-z]:/) or check only
the first component for a leading colon, and only then call
workspace_path_error; leave colons in later segments (e.g. "docs/2026:05.md")
allowed.
- Around line 23-27: The IPC error messages currently include absolute paths
(e.g., using target.display()) and leak local usernames; change the error
strings returned by functions like the tauri_plugin_opener::open_path call and
other workspace_path_error() usages to include a sanitized workspace-relative
path instead of the absolute path. Compute a relative path by attempting
target.strip_prefix(workspace_dir) (fall back to target.file_name() or a fixed
"<redacted>" token if strip_prefix fails), include only that relative token in
the workspace_path_error(format!(...)) messages, and send the full absolute path
only to debug logs (e.g., debug! or processLogger.debug) for diagnostic use.
Apply the same pattern to the other occurrences noted (lines around the
open_path call and the ranges mentioned) so no absolute filesystem paths are
present in IPC-returned error strings.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 82912b34-98f2-4d9d-bb8d-9e0f23bcec32

📥 Commits

Reviewing files that changed from the base of the PR and between 0b2c416 and 1af1c1e.

📒 Files selected for processing (3)

• app/src-tauri/src/workspace_paths.rs
• app/src/pages/conversations/components/AgentMessageBubble.test.tsx
• app/src/pages/conversations/components/AgentMessageBubble.tsx

[YOMXXX]

Synced latest upstream/main in 2b5bd3c6 and fixed the German i18n duplicate keys that caused the prior TS1117 typecheck failure on the PR merge ref.

Local validation before push:

• pnpm --filter openhuman-app compile passed.
• pnpm i18n:check passed with 0 missing / 0 extra keys.
• pnpm --filter openhuman-app test:unit src/pages/conversations/components/AgentMessageBubble.test.tsx passed: 5 tests.
• GGML_NATIVE=OFF cargo test --manifest-path app/src-tauri/Cargo.toml workspace_paths -- --nocapture passed: 7 tests.
• git diff --check passed.
• Pre-push passed: format, lint, TypeScript compile, Tauri rust check, command-token lint.

CI has restarted on the new head.

[YOMXXX]

Follow-up review fix pushed in 3c7bbe97.

• Sanitized IPC-returned workspace path errors so they no longer expose absolute local paths; absolute paths remain available in debug logs.
• Scoped colon rejection to leading URI/drive prefixes, allowing valid nested names like docs/2026:05.md.
• Added Rust regression tests for sanitized errors, rejected file:// prefixes, and accepted nested-colon paths.

Validation:

• GGML_NATIVE=OFF cargo test --manifest-path app/src-tauri/Cargo.toml workspace_paths -- --nocapture passed: 11 tests.
• pnpm --filter openhuman-app compile passed.
• git diff --check passed.
• Pre-push passed: format, lint, TypeScript compile, Tauri rust check, command-token lint.

[YOMXXX]

@M3gA-Mind Ready for re-review.

Current state:

• all CI checks are green on latest head 3c7bbe97
• all review threads are resolved
• Closes #1402 was changed to Refs #1402
• Phase 3 Memory-surface migration is tracked separately in Migrate Memory surfaces to shared workspace file links #2492
• workspace path logging and open-failure logging were added in 1af1c1ea
• the follow-up CodeRabbit findings were handled in 3c7bbe97 (sanitized IPC errors, allowed nested : path segments) and CodeRabbit approved