From 28a2e795da96c9dd19769ca32edda60bdc65ec3e Mon Sep 17 00:00:00 2001
From: Vincent Koc <vincentkoc@ieee.org>
Date: Thu, 4 Jun 2026 00:58:29 +0200
Subject: [PATCH] test(canvas): pin a2ui compatibility assets

---
 extensions/canvas/scripts/copy-a2ui.test.ts | 29 ++++++++++++++++-----
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/extensions/canvas/scripts/copy-a2ui.test.ts b/extensions/canvas/scripts/copy-a2ui.test.ts
index 9a16175bef3c..5326347d8e6f 100644
--- a/extensions/canvas/scripts/copy-a2ui.test.ts
+++ b/extensions/canvas/scripts/copy-a2ui.test.ts
@@ -1,3 +1,4 @@
+import { createHash } from "node:crypto";
 import fs from "node:fs/promises";
 import path from "node:path";
 import { resolvePreferredOpenClawTmpDir, withTempWorkspace } from "openclaw/plugin-sdk/temp-path";
@@ -6,6 +7,24 @@ import { copyA2uiAssets } from "./copy-a2ui.mjs";
 
 const ORIGINAL_SKIP_MISSING = process.env.OPENCLAW_A2UI_SKIP_MISSING;
 const ORIGINAL_SPARSE_PROFILE = process.env.OPENCLAW_SPARSE_PROFILE;
+const REQUIRED_COMPATIBILITY_ASSETS = [
+  {
+    path: path.join("assets", "providers", "google.png"),
+    sha256: "cea7e50b816514db6ca0f21d9545173fae1669643c71ed475c45c7f8440dac53",
+  },
+  {
+    path: path.join("assets", "providers", "x.png"),
+    sha256: "307c5dbde1ad66164fcfa1d9787435d99906fa78e7ba7d068f2aa705e86ff5aa",
+  },
+  {
+    path: "granola.png",
+    sha256: "16bc6b7f1b1229c8b1984c64520c30141b62c24b156c7590f86ca50bdc494d34",
+  },
+];
+
+function sha256(bytes: Buffer): string {
+  return createHash("sha256").update(bytes).digest("hex");
+}
 
 describe("canvas a2ui copy", () => {
   beforeEach(() => {
@@ -36,18 +55,14 @@ describe("canvas a2ui copy", () => {
 
   it("ships provider assets and the legacy granola compatibility image", async () => {
     const srcDir = path.join(process.cwd(), "extensions", "canvas", "src", "host", "a2ui");
-    const requiredAssets = [
-      path.join("assets", "providers", "google.png"),
-      path.join("assets", "providers", "x.png"),
-      "granola.png",
-    ];
     const pngSignature = [0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a];
 
-    for (const asset of requiredAssets) {
-      const bytes = await fs.readFile(path.join(srcDir, asset));
+    for (const asset of REQUIRED_COMPATIBILITY_ASSETS) {
+      const bytes = await fs.readFile(path.join(srcDir, asset.path));
 
       expect([...bytes.subarray(0, pngSignature.length)]).toEqual(pngSignature);
       expect(bytes.length).toBeGreaterThan(64);
+      expect(sha256(bytes)).toBe(asset.sha256);
     }
   });