Issue Station
Sign In
Tools hereToolbox

openclaw - 💡(How to fix) Fix [Bug] Honcho session ID validation fails for subagent/cron session keys (>100 chars) [1 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#77715Fetched 2026-05-06 06:22:36
View on GitHub
Comments
1
Participants
2
Timeline
1
Reactions
2
Author
slideshow-dingoslideshow-dingo
Participants
clawsweeper[bot]clawsweeper[bot]slideshow-dingoslideshow-dingo
Timeline (top)
commented ×1

Error Message

  1. EL time wasted on failing Zod parse/error log per failure

Root Cause

In @honcho-ai/openclaw-honcho/dist/helpers.js, buildSessionKey() concatenates sessionKey + '-' + messageProvider without a length check:

export function buildSessionKey(ctx) {
  const baseKey = ctx?.sessionKey ?? 'default';
  const provider = ctx?.messageProvider ?? 'unknown';
  const combined = `${baseKey}-${provider}`;
  return combined.replace(/[^a-zA-Z0-9-]/g, '-');
}

Subagent session keys (e.g. agent:main:cron:49bb2b34-0f8c-440c-9222-131ef5944045:run:fb06425f-b1e1-4cd1-893d-2fd25836ac42) are ~107 chars. Honcho's SDK enforces a hard 100-char limit server-side (validation.js:144: .max(100, 'Session ID can be at most 100 characters')).

Fix Action

Workaround

None available to end users. This is a bundled dependency issue.

Code Example

export function buildSessionKey(ctx) {
  const baseKey = ctx?.sessionKey ?? 'default';
  const provider = ctx?.messageProvider ?? 'unknown';
  const combined = `${baseKey}-${provider}`;
  return combined.replace(/[^a-zA-Z0-9-]/g, '-');
}

---

[honcho] Failed to save messages to Honcho: [{ "origin": "string", "code": "too_big", "maximum": 100, "path": [], "message": "Session ID can be at most 100 characters" }]
[plugins] Failed to fetch Honcho context: [{ "code": "too_big", "maximum": 100, ... }]

---

export function buildSessionKey(ctx) {
  const baseKey = ctx?.sessionKey ?? 'default';
  const provider = ctx?.messageProvider ?? 'unknown';
  const combined = `${baseKey}-${provider}`;
  const sanitized = combined.replace(/[^a-zA-Z0-9-]/g, '-');
  const maxBaseLen = 100 - Math.min(provider.length + 1, 20);
  return sanitized.length > 100
    ? sanitized.slice(0, maxBaseLen) + sanitized.slice(-(100 - maxBaseLen))
    : sanitized;
}
RAW_BUFFERClick to expand / collapse

Bug Summary

Subagent and cron-run session keys (format: agent:main:cron:<uuid>:run:<uuid>) exceed Honcho's 100-character session ID limit, causing all agent_end and before_compaction hook flushes to fail silently. This produces cascading symptoms: no message persistence to Honcho, compaction silently skipped, and session summaries not saved.

Environment

  • OpenClaw: 2026.5.3-1
  • Node.js: 22.22.2 (Linux)
  • Honcho SDK: bundled with @honcho-ai/openclaw-honcho
  • Session type: subagent isolated runs, cron agentTurn jobs

Root Cause

In @honcho-ai/openclaw-honcho/dist/helpers.js, buildSessionKey() concatenates sessionKey + '-' + messageProvider without a length check:

export function buildSessionKey(ctx) {
  const baseKey = ctx?.sessionKey ?? 'default';
  const provider = ctx?.messageProvider ?? 'unknown';
  const combined = `${baseKey}-${provider}`;
  return combined.replace(/[^a-zA-Z0-9-]/g, '-');
}

Subagent session keys (e.g. agent:main:cron:49bb2b34-0f8c-440c-9222-131ef5944045:run:fb06425f-b1e1-4cd1-893d-2fd25836ac42) are ~107 chars. Honcho's SDK enforces a hard 100-char limit server-side (validation.js:144: .max(100, 'Session ID can be at most 100 characters')).

Observed Errors (71 occurrences in 16h)

[honcho] Failed to save messages to Honcho: [{ "origin": "string", "code": "too_big", "maximum": 100, "path": [], "message": "Session ID can be at most 100 characters" }]
[plugins] Failed to fetch Honcho context: [{ "code": "too_big", "maximum": 100, ... }]

Impact

  1. No messages saved to Honcho for any subagent cron session
  2. Compaction hooks silently fail → compactionCount stays 0 despite session age
  3. Session summaries not persisted
  4. EL time wasted on failing Zod parse/error log per failure

Suggested Fix

buildSessionKey() should truncate the baseKey to leave room for the provider suffix (~20 chars). Maximum baseKey length = 100 - max_provider_len - 1. Example fix:

export function buildSessionKey(ctx) {
  const baseKey = ctx?.sessionKey ?? 'default';
  const provider = ctx?.messageProvider ?? 'unknown';
  const combined = `${baseKey}-${provider}`;
  const sanitized = combined.replace(/[^a-zA-Z0-9-]/g, '-');
  const maxBaseLen = 100 - Math.min(provider.length + 1, 20);
  return sanitized.length > 100
    ? sanitized.slice(0, maxBaseLen) + sanitized.slice(-(100 - maxBaseLen))
    : sanitized;
}

Workaround

None available to end users. This is a bundled dependency issue.

extent analysis

TL;DR

Truncate the session key in buildSessionKey() to adhere to Honcho's 100-character limit.

Guidance

  • Review the buildSessionKey() function in @honcho-ai/openclaw-honcho/dist/helpers.js to ensure it truncates the base key to accommodate the provider suffix.
  • Verify that the modified buildSessionKey() function produces session keys within the 100-character limit.
  • Test the updated function with various input scenarios to ensure it handles different session key lengths correctly.
  • Consider updating the @honcho-ai/openclaw-honcho package to the latest version if the fix is already implemented.

Example

The suggested fix provides an example of how to modify the buildSessionKey() function to truncate the session key:

export function buildSessionKey(ctx) {
  const baseKey = ctx?.sessionKey?? 'default';
  const provider = ctx?.messageProvider?? 'unknown';
  const combined = `${baseKey}-${provider}`;
  const sanitized = combined.replace(/[^a-zA-Z0-9-]/g, '-');
  const maxBaseLen = 100 - Math.min(provider.length + 1, 20);
  return sanitized.length > 100
   ? sanitized.slice(0, maxBaseLen) + sanitized.slice(-(100 - maxBaseLen))
    : sanitized;
}

Notes

The provided fix assumes that truncating the session key will not affect the functionality of the application. However, it is essential to test the updated function thoroughly to ensure it does not introduce any unintended consequences.

Recommendation

Apply the suggested fix to the buildSessionKey() function, as it directly addresses the issue with session key length exceeding Honcho's limit. This fix should resolve the errors and allow messages to be saved to Honcho correctly.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#GPU setup#container setup#orchestration issue#cache issue#memory leak

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING