#20770: fix: prevent stale session-entry overwrite during reset-model persistence

## Fix Summary The reset-model/session persistence flow could overwrite newer session metadata with stale in-memory snapshots during concurrent updates. This patch switches the affected persistence paths from stale full-object replacement to merge-safe updates against the freshest store entry. ## Issue Linkage Fixes #20769 ## Security Snapshot - CVSS v3.1: 7.6 (High) - CVSS v4.0: 7.2 (High) ## Implementation Details ### Files Changed - `src/agents/auth-profiles/session-override.e2e.test.ts` (+42/-2) - `src/agents/auth-profiles/session-override.ts` (+22/-2) - `src/auto-reply/reply/commands-session.test.ts` (+53/-0) - `src/auto-reply/reply/commands-session.ts` (+27/-6) - `src/auto-reply/reply/directive-handling.impl.ts` (+61/-1) - `src/auto-reply/reply/directive-handling.model.test.ts` (+31/-1) - `src/auto-reply/reply/directive-handling.persist.ts` (+53/-1) - `src/auto-reply/reply/get-reply-run.ts` (+6/-1) - `src/auto-reply/reply/model-selection.test.ts` (+56/-0) - `src/auto-reply/reply/model-selection.ts` (+9/-1) - `src/auto-reply/reply/session-reset-model.ts` (+13/-7) - `src/auto-reply/reply/session.test.ts` (+45/-1) ### Technical Analysis - Replaced stale full-object session-entry writes with merge-safe updates in reset-model and related persistence call sites. - Ensured updates are applied against the latest on-disk store state and preserve unrelated fields written by concurrent flows. - Added regression tests across reset-model, commands-session, model-selection, directive handling, and auth-profile session overrides. ## Validation Evidence - Command: `NODE_OPTIONS=--max-old-space-size=8192 pnpm build && NODE_OPTIONS=--max-old-space-size=8192 pnpm check && NODE_OPTIONS=--max-old-space-size=8192 pnpm vitest run --config vitest.unit.config.ts src/auto-reply/reply/commands-session.test.ts src/auto-reply/reply/session.test.ts src/auto-reply/reply/model-selection.test.ts src/auto-reply/reply/directive-handling.model.test.ts && NODE_OPTIONS=--max-old-space-size=8192 pnpm vitest run --config vitest.e2e.config.ts src/agents/auth-profiles/session-override.e2e.test.ts` - Status: passed ## Risk and Compatibility non-breaking; behavior change is scoped to session persistence merge semantics and ordering in affected call sites ## AI-Assisted Disclosure - AI-assisted: yes - Model: GPT-5 Codex <!-- greptile_comment --> <h3>Greptile Summary</h3> Fixed race condition (CWE-362) in session persistence that could overwrite newer metadata with stale snapshots under concurrent updates. Changed from full-object replacement to merge-safe updates by reading fresh store entry inside lock, applying only specific field patches, and preserving unmodified fields. Applied consistently across 7 session persistence call sites with regression coverage added for all paths. <h3>Confidence Score: 4/5</h3> - Safe to merge with minor considerations around consistency - Implementation correctly addresses the race condition by using merge-safe persistence pattern. All changed paths follow consistent pattern of reading fresh entry inside lock and applying targeted patches. Comprehensive test coverage validates the fix. Score reflects solid implementation with one minor observation about pattern consistency. - All files follow the same safe merge pattern - no special attention needed _{Last reviewed commit: e0b1128} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->