Skip to content

refactor(auto-reply): add lifecycle storage seams#93685

Merged
jalehman merged 2 commits into
openclaw:mainfrom
jalehman:clawdbot-d02.1.9.1.32/31b-auto-reply-lifecycle-boundaries
Jun 18, 2026
Merged

refactor(auto-reply): add lifecycle storage seams#93685
jalehman merged 2 commits into
openclaw:mainfrom
jalehman:clawdbot-d02.1.9.1.32/31b-auto-reply-lifecycle-boundaries

Conversation

@jalehman

@jalehman jalehman commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Adds two operation-sized session accessor seams for auto-reply lifecycle storage work.
  • Moves runner reset persistence, transcript tail replay, and optional old transcript cleanup behind persistSessionResetLifecycle.
  • Moves reply rollover persistence, retired legacy delivery row persistence, transcript archive, and stable transcript resolution behind persistSessionRolloverLifecycle.
  • Keeps hooks, MCP runtime retirement, harness reset, browser cleanup, and other non-storage side effects in the existing callers.
  • Intentionally does not add SQLite schema, storage flipping, plugin SDK semantics, or broader Path 3 migration work.

Linked context

Related #88838
Related #89124
Related #93659

Tracks OpenClaw Path 3 transaction-boundary follow-up .32.

Requested by maintainer/coordinator delegation for OpenClaw Path 3 transaction-boundary prep.

Real behavior proof

Behavior addressed: Auto-reply reset and rollover callers now route lifecycle storage work through the session accessor seam while preserving transcript replay/archive behavior and keeping non-storage cleanup in the callers.

Real environment tested: Local live gateway from /Users/phaedrus/Projects/clawdbot on rebased head 50f4d68, OpenClaw 2026.6.8 (50f4d68), LaunchAgent on loopback port 18789, macOS, built dist/index.js service path.

Exact steps or command run after this patch:

pnpm build
pnpm openclaw --version
pnpm openclaw gateway restart
pnpm openclaw gateway status --json
curl -fsS http://127.0.0.1:18789/healthz
curl -fsS http://127.0.0.1:18789/readyz
pnpm openclaw gateway call sessions.create --json --params '{"key":"agent:main:path3-proof-93685-head-1781821386","agentId":"main","label":"Path 3 proof 93685 final head"}'
pnpm openclaw gateway call chat.inject --json --params '{"sessionKey":"agent:main:path3-proof-93685-head-1781821386","agentId":"main","message":"path3 proof final head agent-path row before /new","label":"Path3 Proof"}'
pnpm openclaw agent --session-key agent:main:path3-proof-93685-head-1781821386 --message /new --json --timeout 60
pnpm openclaw gateway call sessions.describe --json --params '{"key":"agent:main:path3-proof-93685-head-1781821386"}'
pnpm openclaw gateway call sessions.get --json --params '{"key":"agent:main:path3-proof-93685-head-1781821386"}'
node - <<'NODE_PROOF'
const fs = require('node:fs');
const path = require('node:path');
const dir = '/Users/phaedrus/.openclaw/agents/main/sessions';
const oldId = 'cd40c7ee-f66b-4a2a-a8b8-505646b2c0e5';
const newId = '2d9f521e-2f0e-4146-bf1a-c0eb05484529';
const files = fs.readdirSync(dir).filter((name) => name.includes(oldId) || name.includes(newId)).sort();
console.log(JSON.stringify({ files }, null, 2));
for (const file of files) {
  const full = path.join(dir, file);
  const preview = fs.readFileSync(full, 'utf8').split('\n').slice(0, 5).filter(Boolean);
  console.log(`--- ${file}`);
  console.log(preview.join('\n'));
}
NODE_PROOF
pnpm openclaw gateway call sessions.delete --json --params '{"key":"agent:main:path3-proof-93685-head-1781821386","deleteTranscript":true}'
rm -f /Users/phaedrus/.openclaw/agents/main/sessions/cd40c7ee-f66b-4a2a-a8b8-505646b2c0e5.jsonl.reset.2026-06-18T22-23-21.089Z /Users/phaedrus/.openclaw/agents/main/sessions/2d9f521e-2f0e-4146-bf1a-c0eb05484529.jsonl.deleted.2026-06-18T22-24-07.500Z
find /Users/phaedrus/.openclaw/agents/main/sessions -maxdepth 1 '(' -name '*cd40c7ee-f66b-4a2a-a8b8-505646b2c0e5*' -o -name '*2d9f521e-2f0e-4146-bf1a-c0eb05484529*' ')' -print
curl -fsS http://127.0.0.1:18789/readyz

Evidence after fix: Gateway restart succeeded on 50f4d68; /healthz returned {"ok":true,"status":"live"}. The real pnpm openclaw agent --session-key ... --message /new --json --timeout 60 path returned status: "ok", payload text ✅ New session started., and agentMeta.sessionId: "2d9f521e-2f0e-4146-bf1a-c0eb05484529". Persisted state changed from pre-reset sessionId: "cd40c7ee-f66b-4a2a-a8b8-505646b2c0e5" to sessionId: "2d9f521e-2f0e-4146-bf1a-c0eb05484529"; sessions.get returned messages: [] for the fresh current transcript. The old transcript was archived as cd40c7ee-f66b-4a2a-a8b8-505646b2c0e5.jsonl.reset.2026-06-18T22-23-21.089Z containing the injected assistant row, and the new transcript 2d9f521e-2f0e-4146-bf1a-c0eb05484529.jsonl contained a fresh session header. Cleanup removed the throwaway proof session entry and both proof transcript artifacts. Final /readyz after cleanup returned ready:true, failing:[], and non-degraded event loop metrics.

Observed result after fix: The rebased auto-reply /new lifecycle produced a fresh session row and archived the previous transcript through the live Gateway, with no model turn needed and no leftover proof state after cleanup.

What was not tested: Future SQLite implementation, doctor migration/import behavior, plugin SDK compatibility, full CI, and broad remote Crabbox/Testbox gates.

Tests and validation

  • node scripts/run-vitest.mjs src/config/sessions/session-accessor.test.ts src/auto-reply/reply/agent-runner-session-reset.test.ts src/auto-reply/reply/session.test.ts src/auto-reply/reply/session-transcript-replay.test.ts test/scripts/check-session-accessor-boundary.test.ts
  • node scripts/run-oxlint.mjs scripts/check-session-accessor-boundary.mjs src/auto-reply/reply/agent-runner-session-reset.ts src/auto-reply/reply/session-transcript-replay.ts src/auto-reply/reply/session.ts src/config/sessions/session-accessor.test.ts src/config/sessions/session-accessor.ts src/config/sessions/transcript-replay.ts test/scripts/check-session-accessor-boundary.test.ts
  • pnpm run lint:tmp:session-accessor-boundary
  • git diff --check HEAD~1 HEAD
  • pnpm exec oxfmt --check scripts/check-session-accessor-boundary.mjs src/auto-reply/reply/agent-runner-session-reset.ts src/auto-reply/reply/session-transcript-replay.ts src/auto-reply/reply/session.ts src/config/sessions/session-accessor.test.ts src/config/sessions/session-accessor.ts src/config/sessions/transcript-replay.ts test/scripts/check-session-accessor-boundary.test.ts
  • pnpm build
  • /Users/phaedrus/Projects/clawdbot/.agents/skills/autoreview/scripts/autoreview --mode branch --base upstream/main

Regression coverage added in src/config/sessions/session-accessor.test.ts for reset lifecycle replay/cleanup and rollover archive/stable transcript results. The boundary guard now ratchets agent-runner-session-reset.ts and session.ts against legacy session-store writer calls. Autoreview was clean on final head 50f4d68703a93a28be104be27d1b4a30b0f1868b with overall: patch is correct (0.84).

Risk checklist

Did user-visible behavior change? (Yes/No): No

Did config, environment, or migration behavior change? (Yes/No): No

Did security, auth, secrets, network, or tool execution behavior change? (Yes/No): No

What is the highest-risk area?

Preserving exact reset and rollover hook payload behavior while moving transcript archive/replay work behind the accessor.

How is that risk mitigated?

Existing auto-reply reset/session tests still pass, new accessor lifecycle tests cover the moved storage work, and non-storage side effects remain in the original callers.

Current review state

What is the next action?

Draft review and CI.

What is still waiting on author, maintainer, CI, or external proof?

Maintainer review and CI; no known author-side blockers.

Which bot or reviewer comments were addressed?

Fresh autoreview found no accepted/actionable findings.

@openclaw-barnacle openclaw-barnacle Bot added scripts Repository scripts size: L maintainer Maintainer-authored PR labels Jun 16, 2026
@vincentkoc vincentkoc self-assigned this Jun 16, 2026
@jalehman jalehman force-pushed the clawdbot-d02.1.9.1.32/31b-auto-reply-lifecycle-boundaries branch from cd8e212 to 4d2f18f Compare June 18, 2026 22:07
@clawsweeper

clawsweeper Bot commented Jun 18, 2026

Copy link
Copy Markdown
Contributor

Codex review: needs maintainer review before merge. Reviewed June 18, 2026, 6:55 PM ET / 22:55 UTC.

Summary
The branch adds reset and rollover lifecycle operations to the session accessor and routes auto-reply storage, transcript replay/archive, and boundary guard coverage through those seams.

PR surface: Source +127, Tests +116, Other +2. Total +245 across 8 files.

Reproducibility: not applicable. this is a refactor PR rather than a reported failing bug. The PR body includes after-fix live Gateway output for the /new lifecycle, and the diff adds focused reset/rollover lifecycle tests.

Review metrics: 1 noteworthy metric.

  • Lifecycle storage seams: 2 added. The reset and rollover accessor operations are the new future-backend parity surface maintainers should review before merge.

Stored data model
Persistent data-model change detected: serialized state: src/auto-reply/reply/session-transcript-replay.test.ts, serialized state: src/auto-reply/reply/session-transcript-replay.ts, serialized state: src/auto-reply/reply/session.ts, serialized state: src/config/sessions/session-accessor.test.ts, serialized state: src/config/sessions/session-accessor.ts, serialized state: src/config/sessions/transcript-replay.ts, and 3 more. Confirm migration or upgrade compatibility proof before merge.

Root-cause cluster
Relationship: fixed_by_candidate
Canonical: #88838
Summary: This PR is a candidate implementation slice for the open Path 3 session/transcript SQLite migration tracker; merged sibling PRs are adjacent but do not supersede this auto-reply reset/rollover lifecycle slice.

Members:

Proposal only: this assessment does not dispatch repair, suppress jobs, mutate sibling items, close, or merge anything.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • [P2] Complete the assigned reset/rollover parity review and let required CI finish.

Risk before merge

  • [P1] The PR moves auto-reply reset and rollover session/transcript lifecycle persistence behind new accessors, so a parity mistake could affect transcript replay, archive paths, lifecycle hook payloads, or follow-up session continuity.
  • [P1] The protected maintainer label and live assignment mean merge should wait for explicit maintainer parity review even though no line-level defect was found.
  • [P1] Required CI still had queued checks in the live PR status, so normal required-check completion remains a merge gate.

Maintainer options:

  1. Complete Reset/Rollover Parity Review (recommended)
    Have the assigned maintainer compare reset and rollover hook payloads, transcript replay, archive, cleanup, maintenance-warning, and follow-up session behavior against current file-backed behavior before merge.
  2. Accept The Staged Seam Risk
    Maintainers can intentionally land the file-backed seam with the supplied live proof and focused tests while leaving future SQLite adapter validation under the Path 3 tracker.
  3. Pause For Backend Proof
    If maintainers want future-backend evidence before accepting this operation shape, pause this PR until an adjacent SQLite adapter slice exercises the same lifecycle operations.

Next step before merge

  • [P2] The remaining action is assigned maintainer/session-state parity review and required-check follow-up, not a narrow automated repair.

Security
Cleared: The diff moves internal session file/transcript operations behind accessors and updates tests/guard scripts; it does not add dependency, workflow, secret, permission, or external code-execution surface.

Review details

Best possible solution:

Land the narrow file-backed lifecycle seam after assigned maintainer parity review and required checks pass, keeping SQLite storage flip and migration work in the Path 3 tracker.

Do we have a high-confidence way to reproduce the issue?

Not applicable; this is a refactor PR rather than a reported failing bug. The PR body includes after-fix live Gateway output for the /new lifecycle, and the diff adds focused reset/rollover lifecycle tests.

Is this the best way to solve the issue?

Yes; this appears to be the right owner boundary because storage lifecycle work moves into session-accessor operations while non-storage runtime cleanup and hook dispatch remain in the existing callers. The merged gateway reset/delete seam is adjacent, not a replacement for this auto-reply reset/rollover slice.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 6af1b97b1de7.

Label changes

Label justifications:

  • P2: This is a normal-priority internal session-state refactor with limited immediate user-facing change but meaningful migration value.
  • merge-risk: 🚨 session-state: The PR moves auto-reply reset and rollover session/transcript persistence behind new accessors, so a parity mistake could affect session continuity or lifecycle hook state.
  • rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
  • status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body provides structured after-fix live Gateway output showing /new created a fresh session, archived the old transcript, returned healthy readiness, and cleaned up proof state; the final head only removes an unused replay shim and retargets the test import.
  • proof: sufficient: Contributor real behavior proof is sufficient. The PR body provides structured after-fix live Gateway output showing /new created a fresh session, archived the old transcript, returned healthy readiness, and cleaned up proof state; the final head only removes an unused replay shim and retargets the test import.
Evidence reviewed

PR surface:

Source +127, Tests +116, Other +2. Total +245 across 8 files.

View PR surface stats
Area Files Added Removed Net
Source 4 222 95 +127
Tests 3 117 1 +116
Docs 0 0 0 0
Config 0 0 0 0
Generated 0 0 0 0
Other 1 2 0 +2
Total 8 341 96 +245

What I checked:

  • Repository policy read and applied: Root AGENTS.md plus scoped scripts/test guides were read fully; the session-state, protected-label, best-fix, and scoped script/test review rules affected this verdict. (AGENTS.md:1, 6af1b97b1de7)
  • Live PR state: GitHub reports this PR open, mergeable but unstable, assigned to vincentkoc, labeled maintainer/proof sufficient/P2/merge-risk session-state, and still with required checks queued. (e952d46d9d99)
  • Current reset behavior: Current main directly updates the session store, replays recent transcript messages, refreshes follow-up state, and optionally deletes old transcripts inside resetReplyRunSession. (src/auto-reply/reply/agent-runner-session-reset.ts:97, 6af1b97b1de7)
  • PR reset seam: PR head moves reset store persistence, transcript replay, and optional cleanup into persistSessionResetLifecycle while keeping follow-up state and caller notifications in resetReplyRunSession. (src/config/sessions/session-accessor.ts:756, e952d46d9d99)
  • Current rollover behavior: Current main directly persists /new rollover entries, retires legacy delivery rows, archives the previous transcript, and resolves stable session-end transcript data in initSessionState. (src/auto-reply/reply/session.ts:837, 6af1b97b1de7)
  • PR rollover seam: PR head moves rollover persistence, retired-row persistence, transcript archive, and stable transcript resolution into persistSessionRolloverLifecycle while leaving MCP, harness, browser cleanup, and hooks in the caller. (src/config/sessions/session-accessor.ts:800, e952d46d9d99)

Likely related people:

  • jalehman: Authored the open Path 3 tracker and recent merged session-accessor seam slices that this PR extends, including auto-reply and gateway lifecycle seam work. (role: feature owner / recent area contributor; confidence: high; commits: 127e174c9e4d, c41bc58cf612, b637414871ab; files: src/config/sessions/session-accessor.ts, src/auto-reply/reply/session.ts, src/auto-reply/reply/agent-runner-session-reset.ts)
  • vincentkoc: Live PR metadata assigns this PR to vincentkoc, and current-main blame shows Vincent Koc on the central reset, rollover, and accessor contract lines being refactored. (role: assigned reviewer / recent area contributor; confidence: medium; commits: d9397e5b9bb0; files: src/auto-reply/reply/session.ts, src/auto-reply/reply/agent-runner-session-reset.ts, src/config/sessions/session-accessor.ts)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

@clawsweeper clawsweeper Bot added proof: sufficient ClawSweeper judged the real behavior proof convincing. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. labels Jun 18, 2026
@jalehman jalehman force-pushed the clawdbot-d02.1.9.1.32/31b-auto-reply-lifecycle-boundaries branch from 4d2f18f to 8604daa Compare June 18, 2026 22:16
@jalehman jalehman force-pushed the clawdbot-d02.1.9.1.32/31b-auto-reply-lifecycle-boundaries branch from 8604daa to 50f4d68 Compare June 18, 2026 22:24
@jalehman jalehman marked this pull request as ready for review June 18, 2026 22:27
@clawsweeper clawsweeper Bot added P2 Normal backlog priority with limited blast radius. merge-risk: 🚨 session-state 🚨 May lose, corrupt, stale, or mis-associate session, agent, or context state. labels Jun 18, 2026
@jalehman jalehman merged commit 49e6f5a into openclaw:main Jun 18, 2026
174 of 176 checks passed
@jalehman jalehman deleted the clawdbot-d02.1.9.1.32/31b-auto-reply-lifecycle-boundaries branch June 18, 2026 23:40
vincentkoc added a commit that referenced this pull request Jun 19, 2026
* 'main' of https://github.com/openclaw/openclaw: (82 commits)
  fix(e2e): validate chat tools body limit
  fix(e2e): honor chat tools body limit
  fix(e2e): validate chat tools timeout
  fix(e2e): give cleanup smoke build heap headroom
  fix(e2e): validate plugin lifecycle limits
  refactor(auto-reply): add lifecycle storage seams (#93685)
  fix: preserve pending subagent completion announces (#94349)
  fix(e2e): validate plugin log limits before setup
  fix(e2e): validate codex media timeout
  fix(e2e): validate fixture log limits
  fix(e2e): validate cleanup log limits
  fix(e2e): validate docker log limits
  fix(live): validate docker pids limits
  fix(e2e): validate docker pids limits
  test: fold channel message flows into qa e2e (#93174)
  fix(e2e): validate docker build limits
  Prevent Codex thread rotation from losing next-step context (#94093)
  fix(e2e): validate fixture cleanup interval
  fix(agents): correct claw-score validation workflow
  fix(e2e): validate log tail limits
  ...
RomneyDa pushed a commit that referenced this pull request Jun 19, 2026
* refactor(auto-reply): add lifecycle storage seams

* fix(auto-reply): remove unused transcript replay shim
github-actions Bot pushed a commit to Desicool/openclaw that referenced this pull request Jun 19, 2026
* refactor(auto-reply): add lifecycle storage seams

* fix(auto-reply): remove unused transcript replay shim
github-actions Bot pushed a commit to Desicool/openclaw that referenced this pull request Jun 19, 2026
* 'main' of https://github.com/openclaw/openclaw: (82 commits)
  fix(e2e): validate chat tools body limit
  fix(e2e): honor chat tools body limit
  fix(e2e): validate chat tools timeout
  fix(e2e): give cleanup smoke build heap headroom
  fix(e2e): validate plugin lifecycle limits
  refactor(auto-reply): add lifecycle storage seams (openclaw#93685)
  fix: preserve pending subagent completion announces (openclaw#94349)
  fix(e2e): validate plugin log limits before setup
  fix(e2e): validate codex media timeout
  fix(e2e): validate fixture log limits
  fix(e2e): validate cleanup log limits
  fix(e2e): validate docker log limits
  fix(live): validate docker pids limits
  fix(e2e): validate docker pids limits
  test: fold channel message flows into qa e2e (openclaw#93174)
  fix(e2e): validate docker build limits
  Prevent Codex thread rotation from losing next-step context (openclaw#94093)
  fix(e2e): validate fixture cleanup interval
  fix(agents): correct claw-score validation workflow
  fix(e2e): validate log tail limits
  ...
cxbAsDev pushed a commit to cxbAsDev/openclaw that referenced this pull request Jun 23, 2026
* refactor(auto-reply): add lifecycle storage seams

* fix(auto-reply): remove unused transcript replay shim
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

maintainer Maintainer-authored PR merge-risk: 🚨 session-state 🚨 May lose, corrupt, stale, or mis-associate session, agent, or context state. P2 Normal backlog priority with limited blast radius. proof: sufficient ClawSweeper judged the real behavior proof convincing. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. scripts Repository scripts size: M status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants