Sessions: consolidate path hardening and fallback resilience

[vincentkoc]

Summary

• consolidate the session-path hardening work into one merge-ready branch
• resolve symlinked state-dir alias paths safely during session-file containment checks
• preserve cross-agent/state-root compatibility while keeping agents/<id>/sessions/** bounds
• make resolveSessionFilePath resilient to stale/corrupt persisted sessionFile metadata by falling back to derived safe transcript paths
• add focused regression coverage for invalid absolute paths and symlink-alias paths
• include changelog credit lines with contributor handles (@haoyifan, @EpaL, @vincentkoc)

Files

• src/config/sessions/paths.ts
• src/config/sessions/sessions.test.ts
• src/config/sessions.test.ts
• CHANGELOG.md

Validation

• pnpm vitest run src/config/sessions/sessions.test.ts src/config/sessions.test.ts

Credit / lineage

• Related: fix(sessions): tolerate invalid sessionFile metadata #16061
• Related: fix: resolve symlinks in session path validation (#18553) #18593
• Replaces closed draft: Changelog: credit session path fixes #24652

Greptile Summary

This PR consolidates session path hardening by resolving symlinks during containment checks and adding fallback resilience for stale/corrupt sessionFile metadata. The changes prevent session handler failures when persisted paths become invalid while maintaining cross-agent compatibility.

Key Changes:

• Added safeRealpathSync helper to resolve symlinks safely with fallback to original path on failure
• Updated resolvePathFromAgentSessionsDir and resolvePathWithinSessionsDir to resolve symlinks before performing containment checks
• Wrapped resolveSessionFilePath logic in try-catch to gracefully fall back to derived transcript paths when sessionFile metadata is invalid
• Added comprehensive test coverage for symlink aliases, symlink escape scenarios, and invalid absolute paths
• Updated CHANGELOG with proper credit attribution

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The implementation correctly handles symlink resolution and adds proper fallback mechanisms without introducing security vulnerabilities. The symlink resolution is done safely with proper containment checks, the try-catch wrapper prevents handler crashes from stale metadata, and comprehensive test coverage validates all edge cases including symlink escapes and cross-agent scenarios. The code follows established patterns and maintains backward compatibility.
• No files require special attention

_{Last reviewed commit: 67656f4}

[vincentkoc]

Added an extra hardening regression test for symlink escape paths.

What it covers:

• sessionFile points to a symlink under agents/<id>/sessions that resolves outside that directory.
• Expected behavior: resolution fails closed to the derived safe path (sess-1.jsonl under the agent sessions dir), not the escaped target.

Validation rerun:

• pnpm vitest run src/config/sessions/sessions.test.ts src/config/sessions.test.ts
• Result: 44/44 tests passing.