Skip to content

fix(cron): guard against undefined sessionTarget in startsWith calls#63402

Open
arbaleast wants to merge 1 commit intoopenclaw:mainfrom
arbaleast:fix/cron-sessiontarget
Open

fix(cron): guard against undefined sessionTarget in startsWith calls#63402
arbaleast wants to merge 1 commit intoopenclaw:mainfrom
arbaleast:fix/cron-sessiontarget

Conversation

@arbaleast
Copy link
Copy Markdown

@arbaleast arbaleast commented Apr 8, 2026

Bug

Cron jobs crash with TypeError: Cannot read properties of undefined (reading 'startsWith') when payload.kind='agentTurn' but sessionTarget is missing.

Root Cause

Two call sites in the cron runtime assume job.sessionTarget is always defined:

  • src/cron/delivery-plan.tsjob.sessionTarget.startsWith("session:")
  • src/gateway/server-cron.tsjob.sessionTarget.startsWith("session:")

Fix

Add optional chaining + nullish coalescing: job.sessionTarget?.startsWith("session:") ?? false

Fixes #63383

@arbaleast
fix(cron): guard against undefined sessionTarget in startsWith calls
f93a639 
Fixes TypeError: Cannot read properties of undefined (reading 'startsWith')
when a cron job has payload.kind='agentTurn' but is missing sessionTarget.

Adds null-safe operator in:
- src/cron/delivery-plan.ts (resolveCronDeliveryPlan)
- src/gateway/server-cron.ts (runIsolatedAgentJob)

Fixes openclaw#63383
@openclaw-barnacle openclaw-barnacle Bot added gateway Gateway runtime size: XS labels Apr 8, 2026
@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps Bot commented Apr 8, 2026

Greptile Summary

This PR adds optional chaining guards at two startsWith call sites in the cron runtime to prevent a TypeError crash when a CronJob has payload.kind='agentTurn' but sessionTarget is unexpectedly undefined at runtime (e.g., from pre-normalizer persisted data). The type definition (CronSessionTarget) does not include undefined, but the defensive guard is warranted because persisted JSON from older format versions could produce jobs without sessionTarget before normalization defaults were applied.

Confidence Score: 5/5

Safe to merge — the changes are minimal, targeted, and correctly prevent a crash without altering any other behavior.

Both changes are correct: the delivery-plan.ts guard evaluates to false when sessionTarget is undefined, keeping isIsolatedAgentTurn false and the delivery mode as none. The server-cron.ts guard is safe because the if body (which calls .slice(8)) is only entered when startsWith returned true, proving sessionTarget is defined. No P0/P1 findings.

No files require special attention.

Vulnerabilities

No security concerns identified.

Reviews (1): Last reviewed commit: "fix(cron): guard against undefined sessi..." | Re-trigger Greptile

@mjamiv
Copy link
Copy Markdown
Contributor

mjamiv commented Apr 8, 2026

+1 — confirmed exposure. We run scheduled cron jobs on 4 OpenClaw 2026.4.5 agents (AI news delivery, regulation report sync, file scanner) with payload.kind: "agentTurn". Our cron job specs do include sessionTarget, but this is a defensive fix that prevents a crash from an otherwise-valid config shape.

We've separately seen the #62876 / #62265 crash class (agent listener outside active run) in cron contexts, and having the cron runtime crash on a missing field before it even starts the job makes debugging harder.

Good fix — optional chaining here is the right approach.

Environment: 4 sandboxes, OpenClaw 2026.4.5, multiple cron jobs with exec tools (Typst, TTS).

@mvanhorn mvanhorn mentioned this pull request Apr 22, 2026
Open
25 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

gateway Gateway runtime size: XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: Cron runtime crashes with TypeError when job.sessionTarget is missing

2 participants

@arbaleast @mjamiv