diff --git a/src/gateway/boot.test.ts b/src/gateway/boot.test.ts
index 9c56f9fec27..aa7dcbdc997 100644
--- a/src/gateway/boot.test.ts
+++ b/src/gateway/boot.test.ts
@@ -149,7 +149,7 @@ describe("runBootOnce", () => {
       agentCommand.mockRejectedValue(new Error("boom"));
       await expect(runBootOnce({ cfg: {}, deps: makeDeps(), workspaceDir })).resolves.toEqual({
         status: "failed",
-        reason: expect.stringContaining("agent run failed: boom"),
+        reason: "agent run failed: boom",
       });
       expect(agentCommand).toHaveBeenCalledTimes(1);
     });
diff --git a/src/gateway/server-node-events.test.ts b/src/gateway/server-node-events.test.ts
index b47e6f43951..3f3c1c8b424 100644
--- a/src/gateway/server-node-events.test.ts
+++ b/src/gateway/server-node-events.test.ts
@@ -1045,7 +1045,9 @@ describe("agent request events", () => {
     // server-node-events must log-and-return on parse failure — no agent
     // dispatch, no crash, and the refusal reason bubbles up via logGateway.
     expect(agentCommandMock).not.toHaveBeenCalled();
-    expect(warn).toHaveBeenCalledWith(expect.stringMatching(/attachment parse failed.*non-image/i));
+    expect(warn).toHaveBeenCalledWith(
+      "agent.request attachment parse failed: attachment a.pdf: non-image attachments not supported",
+    );
   });
 
   beforeEach(() => {
diff --git a/src/gateway/server-startup-memory.test.ts b/src/gateway/server-startup-memory.test.ts
index f269a64cecf..9a4213b6327 100644
--- a/src/gateway/server-startup-memory.test.ts
+++ b/src/gateway/server-startup-memory.test.ts
@@ -124,7 +124,9 @@ describe("startGatewayMemoryBackend", () => {
     expect(log.info).toHaveBeenCalledWith(
       'qmd memory startup boot sync completed for 2 agents: "ops", "main"',
     );
-    expect(log.info).not.toHaveBeenCalledWith(expect.stringContaining("deferred"));
+    expect(log.info.mock.calls.some(([message]) => String(message).includes("deferred"))).toBe(
+      false,
+    );
   });
 
   it("logs a warning when qmd manager init fails and continues with other agents", async () => {
diff --git a/src/gateway/server-startup.test.ts b/src/gateway/server-startup.test.ts
index 9c822379b67..bcf5c6ff48a 100644
--- a/src/gateway/server-startup.test.ts
+++ b/src/gateway/server-startup.test.ts
@@ -189,7 +189,7 @@ describe("gateway startup primary model warmup", () => {
     });
 
     expect(warn).toHaveBeenCalledWith(
-      expect.stringContaining("startup model warmup failed for codex/gpt-5.4"),
+      "startup model warmup failed for codex/gpt-5.4: Error: models write failed",
     );
   });
 });
diff --git a/src/gateway/server.plugin-http-auth.test.ts b/src/gateway/server.plugin-http-auth.test.ts
index a50783bf2d7..342c557826a 100644
--- a/src/gateway/server.plugin-http-auth.test.ts
+++ b/src/gateway/server.plugin-http-auth.test.ts
@@ -168,10 +168,11 @@ describe("gateway plugin HTTP auth boundary", () => {
         "nosniff",
       );
       expect(withoutHstsResponse.setHeader).toHaveBeenCalledWith("Referrer-Policy", "no-referrer");
-      expect(withoutHstsResponse.setHeader).not.toHaveBeenCalledWith(
-        "Strict-Transport-Security",
-        expect.any(String),
-      );
+      expect(
+        withoutHstsResponse.setHeader.mock.calls.some(
+          ([headerName]) => headerName === "Strict-Transport-Security",
+        ),
+      ).toBe(false);
 
       const withHsts = createTestGatewayServer({
         resolvedAuth: AUTH_NONE,
diff --git a/src/gateway/server/plugins-http.test.ts b/src/gateway/server/plugins-http.test.ts
index f14b61bee5f..2c1daa01cc2 100644
--- a/src/gateway/server/plugins-http.test.ts
+++ b/src/gateway/server/plugins-http.test.ts
@@ -408,7 +408,7 @@ describe("createGatewayPluginRequestHandler", () => {
     const { res, setHeader, end } = makeMockHttpResponse();
     const handled = await handler({ url: "/boom" } as IncomingMessage, res);
     expect(handled).toBe(true);
-    expect(log.warn).toHaveBeenCalledWith(expect.stringContaining("boom"));
+    expect(log.warn).toHaveBeenCalledWith("plugin http route failed (route): Error: boom");
     expect(res.statusCode).toBe(500);
     expect(setHeader).toHaveBeenCalledWith("Content-Type", "text/plain; charset=utf-8");
     expect(end).toHaveBeenCalledWith("Internal Server Error");
diff --git a/src/gateway/startup-control-ui-origins.test.ts b/src/gateway/startup-control-ui-origins.test.ts
index 52712809787..92b347f5e89 100644
--- a/src/gateway/startup-control-ui-origins.test.ts
+++ b/src/gateway/startup-control-ui-origins.test.ts
@@ -16,7 +16,9 @@ describe("maybeSeedControlUiAllowedOriginsAtStartup", () => {
     const expectedOrigins = ["http://localhost:3000", "http://127.0.0.1:3000"];
     expect(result.seededAllowedOrigins).toBe(true);
     expect(result.config.gateway?.controlUi?.allowedOrigins).toEqual(expectedOrigins);
-    expect(log.info).toHaveBeenCalledWith(expect.stringContaining("for bind=lan"));
+    expect(log.info).toHaveBeenCalledWith(
+      'gateway: seeded gateway.controlUi.allowedOrigins ["http://localhost:3000","http://127.0.0.1:3000"] for bind=lan (required since v2026.2.26; see issue #29385). Applied for this runtime without writing config; add other origins to gateway.controlUi.allowedOrigins if needed.',
+    );
     expect(log.warn).not.toHaveBeenCalled();
   });