fix: clear delivery routing state when creating isolated cron sessions

[carrotRakko]

Summary

• Problem: Cron jobs with sessionTarget: "isolated" inherit lastThreadId from prior session, causing announce deliveries to post as thread replies instead of channel top-level messages.
• Why it matters: Scheduled reports/notifications get buried in unrelated threads and are easy to miss.
• What changed: resolveCronSession() now clears delivery routing metadata (lastThreadId, lastTo, lastChannel, lastAccountId) when creating a new session.
• What did NOT change: Per-session overrides (modelOverride, providerOverride, thinkingLevel, etc.) are still preserved across session resets.

Change Type (select all)

• Bug fix

Scope (select all touched areas)

• Gateway / orchestration

Linked Issue/PR

• Closes [Bug]: Cron announce delivery posts to Slack thread instead of channel top-level when session has prior thread context #27751
• Related Cron announce delivery fails with explicit to targets (v2026.2.22) #24176, Cron announce delivery hijacks DM session routing when user replies #25450

User-visible / Behavior Changes

Cron jobs with sessionTarget: "isolated" and delivery.mode: "announce" will now correctly post to channel top-level instead of inheriting a thread target from prior conversations.

Security Impact (required)

• New permissions/capabilities? No
• Secrets/tokens handling changed? No
• New/changed network calls? No
• Command/tool execution surface changed? No
• Data access scope changed? No

Repro + Verification

Environment

• OS: Amazon Linux 2023 (aarch64)
• Runtime/container: Node 22, npm global install
• Integration/channel: Slack (socket mode)

Steps

1. Have an agent converse in a Slack thread in a channel
2. Session store records lastThreadId from that thread
3. A cron job fires with sessionTarget: "isolated", delivery.mode: "announce", delivery.to pointing to the same channel
4. Observe where the result is posted

Expected

• Cron result posted as top-level message in the channel

Actual

• Cron result posted as thread reply to a previous conversation thread

Evidence

• Failing test/log before + passing after

New test cases in session.test.ts:

• clears delivery routing metadata when forceNew is true
• clears delivery routing metadata when session is stale
• preserves delivery routing metadata when reusing fresh session

Human Verification (required)

• Verified scenarios: Deployed to production agent, confirmed cron jobs post to channel top-level
• Edge cases checked: Fresh session reuse still preserves delivery metadata (test coverage)
• What you did not verify: Matrix/Telegram channel behavior (only Slack tested)

Compatibility / Migration

• Backward compatible? Yes
• Config/env changes? No
• Migration needed? No

Failure Recovery (if this breaks)

• How to disable/revert this change quickly: Revert the single commit in session.ts
• Files/config to restore: src/cron/isolated-agent/session.ts
• Known bad symptoms: If delivery metadata clearing is too aggressive, fresh session reuse might lose routing context (mitigated by only clearing on isNewSession)

Risks and Mitigations

• Risk: Clearing lastTo/lastChannel might affect non-announce delivery modes that legitimately need prior routing state in new sessions.
  • Mitigation: The clear only applies when isNewSession is true (forceNew or session expired). Fresh session reuse is unaffected. Announce mode is the primary consumer of these fields for cron, and it should always resolve targets from the explicit delivery.to config, not inherited state.

✍️ Author: Claude Code with @carrotRakko (AI-written, human-approved)

[greptile-apps]

Greptile Summary

Correctly fixes cron job thread leaking by clearing delivery routing metadata when creating isolated sessions. The implementation uses a conditional spread operator to set lastThreadId, lastChannel, lastTo, and lastAccountId to undefined only when isNewSession is true (either forced new or stale session). This prevents announce-mode cron deliveries from inheriting thread context from prior conversations.

Key implementation details:

• Preserves per-session overrides (modelOverride, providerOverride, thinkingLevel, etc.) while clearing only delivery routing state
• Fresh session reuse (when isNewSession is false) correctly preserves routing metadata for continuity
• Spread operator order ensures proper field overriding: existing entry → core fields → conditional routing clear

Test coverage validates all three scenarios:

• forceNew=true clears routing but preserves overrides
• Stale sessions clear routing metadata
• Fresh session reuse preserves routing metadata

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The fix is well-implemented with comprehensive test coverage. The change is narrowly scoped to clearing delivery routing metadata only when creating new sessions, preserving existing behavior for fresh session reuse. The spread operator usage is correct, and all edge cases are covered by tests.
• No files require special attention

_{Last reviewed commit: 3dc2bc5}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 3dc2bc5284

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Clear deliveryContext when resetting cron session

When isNewSession is true, this block only unsets legacy last* fields, but session writes are normalized through normalizeSessionEntryDelivery (src/config/sessions/store.ts), which can repopulate lastThreadId/lastTo/... from entry.deliveryContext; additionally, routing reads delivery metadata via deliveryContextFromSession (src/utils/delivery-context.ts). In sessions where deliveryContext.threadId is present (the common normalized shape), stale thread routing survives and announce deliveries can still go to an old thread, so the reset needs to clear deliveryContext (or at least its thread/to/channel fields) together with last*.

Useful? React with 👍 / 👎.

[carrotRakko]

Good catch — fixed in fb18e90. deliveryContext is now also cleared alongside the last* fields when isNewSession is true.

✍️ Author: Claude Code with @carrotRakko (AI-written, human-approved)

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4ea8921fea

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Persist cleared route before delivery target resolution

This change only clears routing fields on the in-memory sessionEntry, but runCronIsolatedAgentTurn resolves delivery via resolveDeliveryTarget before the first persistSessionEntry call, and resolveDeliveryTarget reloads the store from disk. In isolated cron runs that reuse the same sessionKey, stale persisted lastThreadId/deliveryContext can still be read for the current delivery (and then re-written), so announce deliveries can continue posting into an old thread even after this patch.

Useful? React with 👍 / 👎.

[carrotRakko]

Thanks for the detailed analysis. However, I believe this concern does not apply here due to session key separation.

resolveCronSession clears routing fields on the cron isolated session entry (e.g., cron:some-job:agent:main), while resolveDeliveryTarget looks up the main session entry (via resolveAgentMainSessionKey) or the job configured sessionKey — both of which are different keys from the cron isolated session entry being cleared.

Since resolveDeliveryTarget never reads the cron isolated session entry that this patch modifies, the persist ordering relative to resolveDeliveryTarget does not matter — they operate on different store entries.

Additionally, resolveDeliveryTarget has a guard at L127-131 that only uses a session-derived threadId when resolved.to === resolved.lastTo, preventing stale thread routing from leaking to different delivery targets.

✍️ Author: Claude Code with @carrotRakko (AI-written, human-approved)