#22098: fix: isolate agent sessions by explicit --session-id
commands
size: S
Cluster:
Cron Job Enhancements
## Summary
- In `resolveSessionKeyForRequest`, when `--session-id` does not match an existing entry, we now create a dedicated session key instead of falling back to the default agent key.
- Existing behavior is preserved for explicit `--session-key` and reverse lookup cases (`--session-id` matches a saved session in any configured agent store).
- Added a deterministic dedicated key shape: `agent:<agent-id>:session:<normalized-session-id>`.
- Added unit coverage for fallback creation and `--agent`-scoped session-id isolation.
## Testing
- `pnpm vitest run src/commands/agent/session.test.ts`
Closes #22085
<!-- greptile_comment -->
<h3>Greptile Summary</h3>
This PR fixes session isolation for explicit `--session-id` flags by synthesizing a deterministic session key (`agent:<agentId>:session:<sessionId>`) when a provided session ID doesn't match any existing entry across all agent stores. Previously, this scenario returned `undefined` for the session key, which could cause unintended session reuse or failures.
- Adds `normalizeSessionIdSessionSuffix` and `buildSessionIdSessionKey` helpers to sanitize and construct isolated session keys
- Splits the former `explicitSessionKey` variable into `explicitSessionKey` (user-provided `--session-key`) and `explicitAgentSessionKey` (resolved from agent config), enabling the new fallback to distinguish between the two
- New fallback block fires only after primary store lookup and cross-store search both fail to find the session ID
- Tests updated to reflect the new behavior and cover the `--agent` + unknown session ID case
<h3>Confidence Score: 4/5</h3>
- This PR is safe to merge — the new fallback is well-gated behind existing resolution paths and only fires as a last resort for unknown session IDs.
- The change is narrowly scoped to a single function with clear before/after behavior. The new session key namespace (`session:`) doesn't collide with existing patterns. Tests cover both the default agent and explicit agent scenarios. The only concern is a minor naming style issue.
- No files require special attention.
<sub>Last reviewed commit: 4d12ebd</sub>
<!-- greptile_other_comments_section -->
<!-- /greptile_comment -->
Most Similar PRs
#19177: fix: use parseAgentSessionKey instead of fragile split pattern
by El-Patronum · 2026-02-17
79.3%
#20188: fix: Update sessionFile path when rolling to new session in cron jobs
by jriff · 2026-02-18
79.2%
#21662: fix(gateway): validate session key ownership against agent scope
by AI-Reviewer-QS · 2026-02-20
78.8%
#15793: fix(sessions): gracefully handle stale cross-agent session file paths
by lxcong · 2026-02-13
78.7%
#20336: fix(sessions): resolve transcriptPath using agentId when storePath ...
by Limitless2023 · 2026-02-18
78.7%
#15176: fix(sessions): allow channel-routed session IDs and cross-agent paths
by cathrynlavery · 2026-02-13
78.5%
#15792: fix: pass agentId to resolveSessionFilePath in additional call sites
by MisterGuy420 · 2026-02-13
77.9%
#15982: fix: pass agentId to resolveSessionFilePath in reply flow (NX-003)
by automagik-genie · 2026-02-14
77.7%
#13331: feat(sessions_spawn): add sessionKey param to reuse sub-agent sessions
by Be1Human · 2026-02-10
77.7%
#16061: fix(sessions): tolerate invalid sessionFile metadata
by haoyifan · 2026-02-14
77.5%