Session/Cron maintenance hardening and cleanup UX

[gumadeiras]

Summary

This PR completes and hardens session/cron maintenance with safer cleanup semantics, clearer operator UX, and stronger observability.

• Adds first-class session maintenance controls:
  • session.maintenance.resetArchiveRetention
  • session.maintenance.maxDiskBytes
  • session.maintenance.highWaterBytes
• Adds openclaw sessions cleanup with --dry-run, --enforce, --json, and active-session protection.
• Adds multi-agent targeting for session inspection/cleanup via --agent <id> and --all-agents.
• Expands dry-run UX to show per-session planned actions in a table (Action, Key, Age, Model, Flags).
• Hardens transcript/archive cleanup to stay scoped to the owning store directory.
• Adds cron maintenance controls:
  • cron.sessionRetention transcript archival/cleanup
  • cron.runLog.maxBytes / cron.runLog.keepLines pruning
• Updates doctor state-integrity messaging with actionable OpenClaw verification commands.
• Fixes enforce-mode reporting so cleanup JSON/text summaries use actual applied maintenance stats (not preview-derived values).
• Adds regression coverage for enforce-mode summary correctness and doctor hint messaging.

Defaults and compatibility

• No default behavior changes.
• Existing defaults remain unchanged (warn, 30d, 500, 10mb; cron 24h; run-log 2_000_000 bytes / 2000 lines).
• New knobs are additive and default-safe.
• No breaking changes for existing configs.

Tests

• pnpm vitest src/config/sessions/artifacts.test.ts src/config/sessions/store.pruning.integration.test.ts src/commands/sessions-cleanup.test.ts src/cron/session-reaper.test.ts
• pnpm vitest src/gateway/session-utils.fs.test.ts src/commands/doctor-state-integrity.test.ts src/commands/doctor-state-integrity.test.ts
• pnpm check

Greptile Summary

This PR implements comprehensive session and cron maintenance hardening with safer cleanup semantics and improved operator UX. The changes add first-class session maintenance controls (session.maintenance.resetArchiveRetention, maxDiskBytes, highWaterBytes), a new openclaw sessions cleanup command with dry-run and enforce modes, multi-agent targeting via --agent and --all-agents, and cron maintenance controls for session retention and run-log pruning.

Key improvements:

• Path traversal protection via restrictToStoreDir ensures cleanup operations stay scoped to the owning store directory
• Disk budget enforcement removes oldest archives and transcripts when thresholds are exceeded
• Active session protection prevents cleanup from evicting in-use sessions
• Enhanced dry-run UX shows per-session planned actions in a table with Action, Key, Age, Model, and Flags columns
• Enforce-mode reporting fixed to use actual applied stats instead of preview-derived values
• Doctor state-integrity messaging updated with actionable verification commands
• Comprehensive test coverage for enforce-mode summary correctness and edge cases

Architecture:

• Session disk budget logic lives in src/config/sessions/disk-budget.ts with proper file/entry size accounting
• Cleanup command implementation in src/commands/sessions-cleanup.ts handles both dry-run preview and enforce modes
• Transcript archiving now respects store directory boundaries via path validation
• Cron session reaper in src/cron/session-reaper.ts handles ephemeral run session cleanup with throttling

Confidence Score: 4/5

• This PR is safe to merge with minor risk - the implementation is well-tested and includes proper safety mechanisms
• The PR demonstrates solid engineering with comprehensive test coverage, proper path traversal protection, active session guards, and backward-compatible defaults. The disk budget enforcement logic correctly handles concurrent operations, and the restrictToStoreDir flag prevents cleanup from affecting paths outside the sessions directory. One minor area that warrants attention is ensuring the doctor hints reference the correct command syntax across all edge cases.
• Pay close attention to src/config/sessions/disk-budget.ts for the core cleanup logic and path safety validation

_{Last reviewed commit: a202c52}

[Copilot]

Pull request overview

This PR completes session and cron maintenance with safer cleanup semantics, clearer operator UX, and stronger observability. It introduces first-class maintenance controls for session stores and cron jobs, adds a new openclaw sessions cleanup command with dry-run preview capabilities, and hardens transcript archival to prevent mutations outside designated directories.

Changes:

• Adds session maintenance controls (resetArchiveRetention, maxDiskBytes, highWaterBytes) with disk budget enforcement
• Adds openclaw sessions cleanup command with --dry-run, --enforce, --json, and multi-agent support (--agent, --all-agents)
• Adds cron maintenance controls (sessionRetention, runLog.maxBytes, runLog.keepLines) for automated cleanup
• Enhances parseDurationMs to support compound durations like "1h30m" and "2m500ms"
• Improves doctor state-integrity messaging with actionable OpenClaw-specific verification commands
• Fixes enforce-mode reporting to use actual applied maintenance stats instead of preview values

Reviewed changes

Copilot reviewed 47 out of 47 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
src/config/sessions/artifacts.ts	New helpers for session archive artifact classification and timestamp formatting
src/config/sessions/disk-budget.ts	New disk budget enforcement with oldest-first eviction, path safety validation
src/config/sessions/store.ts	Integration of disk budget, reset archive retention, and maintenance reporting callbacks
src/gateway/session-utils.fs.ts	Adds restrictToStoreDir flag to prevent archival of external paths
src/cron/session-reaper.ts	Archives transcripts for pruned cron run sessions with retention-based cleanup
src/cron/run-log.ts	Adds resolveCronRunLogPruneOptions for configurable run-log size and line limits
src/gateway/server-cron.ts	Integrates run-log pruning options into cron event logging
src/commands/sessions-cleanup.ts	New cleanup command with dry-run preview tables and enforce-mode application
src/commands/sessions.ts	Multi-agent support with --agent and --all-agents flags
src/commands/session-store-targets.ts	Agent store selection and validation logic
src/commands/sessions-table.ts	Shared session display formatting utilities
src/commands/doctor-state-integrity.ts	Detects orphan transcripts with archival remediation and OpenClaw-specific hints
src/cli/parse-duration.ts	Enhanced to support compound durations (e.g., "1h30m")
src/cli/program/routes.ts	Fast-path routing updated to handle sessions subcommands
src/cli/program/register.status-health-sessions.ts	Registers sessions cleanup subcommand with option forwarding
src/cli/program/command-registry.ts	Marks sessions as hasSubcommands: true
src/config/zod-schema.ts	Adds cron.runLog validation with maxBytes and keepLines
src/config/zod-schema.session.ts	Adds validation for resetArchiveRetention, maxDiskBytes, highWaterBytes
src/config/types.base.ts	Type definitions for new session maintenance fields
src/config/types.cron.ts	Type definitions for runLog pruning config
src/config/schema.labels.ts	UI labels for new config fields
src/config/schema.help.ts	Help text for new config fields
docs/*	Comprehensive documentation updates for maintenance features

[shakkernerd]

Merged via squash.

• Prepared head SHA: 7533b85
• Merge commit: eff3c5c

Thanks @gumadeiras!