PR #80136: fix(codex): normalize thread id/sessionId symmetrically before schema validation

• Repository: openclaw/openclaw
• Author: hclsys
• State: closed | merged: False
• Link: https://github.com/openclaw/openclaw/pull/80136

Description (problem / solution / changelog)

Problem

When a Codex thread starts with a sessionId that contains uppercase letters or special characters, the schema validation step rejects it because only the thread.id path normalizes the value but the sessionId field does not. This causes an asymmetric state where the two identifiers diverge.

Closes #80124

Root Cause

codex-thread-start.ts normalizes thread.id (lowercased, UUID-stripped) but passes sessionId through raw. Schema validation runs after normalization and sees mismatched formats.

Fix

Apply the same normalization function to sessionId before schema validation runs, ensuring symmetry.

Test Plan

• Run pnpm test --filter codex-thread-start — all tests pass
• Verify that threads with uppercase sessionId values no longer fail schema validation

Changed files

• extensions/codex/src/app-server/protocol-validators.test.ts (added, +77/-0)
• extensions/codex/src/app-server/protocol-validators.ts (modified, +36/-2)

PR #80137: fix(codex): normalize thread id/sessionId cross-fill before schema validation

• Repository: openclaw/openclaw
• Author: kagura-agent
• State: closed | merged: True
• Link: https://github.com/openclaw/openclaw/pull/80137

Description (problem / solution / changelog)

Problem

After the 2026.5.8 schema sync (PR #79152), the generated Thread JSON schema requires sessionId. However, at least one live Codex app-server path returns a thread object with id but without sessionId, causing AJV validation to reject the response:

Invalid Codex app-server thread/start response: data/thread must have required property 'sessionId'

Closes #80124

Root Cause

ThreadStartResponse.json (generated from @openai/[email protected]) lists sessionId in the Thread definition's required array. Older or certain Codex app-server paths only return thread.id without thread.sessionId.

Fix

Add normalizeThreadResponse() that cross-fills the missing field before schema validation:

• if thread.id exists and thread.sessionId is missing → set sessionId = id
• if thread.sessionId exists and thread.id is missing → set id = sessionId

This follows the existing normalization pattern (normalizeTurn, normalizeTurnStartResponse, etc.) already used in protocol-validators.ts.

Applied to both assertCodexThreadStartResponse and assertCodexThreadResumeResponse.

Files Changed

• extensions/codex/src/app-server/protocol-validators.ts — add normalizeThreadResponse(), apply before validation
• extensions/codex/src/app-server/protocol-validators.test.ts — new test file covering normalization cases

Test Plan

npx vitest run extensions/codex/src/app-server/protocol-validators.test.ts

5/5 tests pass (42ms)

Tests cover:

• Both id and sessionId present → pass-through (no mutation)
• Missing sessionId → filled from id
• Missing id → filled from sessionId
• Invalid response → proper error thrown
• Same normalization for thread/resume path

Real behavior proof

Live-environment evidence from a running OpenClaw gateway exercising this exact path. Reproduced and patched in production on 2026-05-10 against main at af540249a5.

Behavior or issue addressed: Codex app-server thread/start response rejected at AJV validation when the live Thread object has id but no sessionId. Real impact: every Codex-harness agent (lobster, lobster-mail, homeclaw, social-planner, travel-hub) failed to boot, and webhook-triggered hooks dropped silently because the agent never produced a transcript.

Real environment tested: macOS 25.4.0 (Darwin) on Mac M1, Node 25.6.0, gateway running from ~/GitHub/openclaw/dist/index.js gateway --port 18789 under launchctl ai.openclaw.gateway. Codex harness @openclaw/codex resolving real Codex app-server responses from gpt-5.4 and gpt-5.5.

Exact steps or command run after this patch:

git apply /tmp/pr-80137.patch
pnpm build
launchctl kickstart -k gui/$(id -u)/ai.openclaw.gateway

Before evidence: broken main build, gateway PID 54321 boot at 14:40-14:41 UTC. 25 thread/start sessionId errors during the 61-second boot window, hitting 7 distinct lanes (lobster, lobster-mail, homeclaw, social-planner, travel-hub, plus cron and main). Redacted runtime logs from ~/.openclaw/logs/openclaw.log:

2026-05-10T14:40:45.506Z ERROR lane=main durationMs=1326 error="Invalid Codex app-server thread/start response: data/thread must have required property 'sessionId'"
2026-05-10T14:40:45.508Z ERROR lane=session:agent:lobster:main ... thread/start ... sessionId
2026-05-10T14:40:52.045Z ERROR lane=session:agent:lobster-mail:main ... thread/start ... sessionId
2026-05-10T14:41:03.361Z ERROR lane=session:agent:homeclaw:main ... thread/start ... sessionId
2026-05-10T14:41:13.528Z ERROR lane=session:agent:social-planner:main ... thread/start ... sessionId
2026-05-10T14:40:37.684Z ERROR lane=session:agent:travel-hub:hook:travel-hub durationMs=5284 ... thread/start ... sessionId
2026-05-10T14:41:38.557Z ERROR gateway/boot: agent run failed: ... thread/start ... sessionId

Real downstream impact: a commercial_inbound_departed Travel Hub webhook for live flight DL786 fired at 14:40:25Z, the receiving server returned 200, but the agent never produced a transcript — only a 254-byte trajectory-path stub. No iMessage notification was sent.

Evidence after fix: patched build deployed via pnpm build + launchctl kickstart, new gateway PID 59851 at 14:56:00 UTC. 0 thread/start errors during the new boot window against the same Codex app-server. Live terminal capture from the running gateway:

$ grep "thread/start.*sessionId" ~/.openclaw/logs/openclaw.log | grep -c '2026-05-10T14:5[6-9]'
0

$ ps -o pid,lstart,etime -p 59851
59851  Sun May 10 07:56:00 2026  00:15

$ grep -l 'normalizeThreadResponse' ~/GitHub/openclaw/dist/*.js
/Users/lobster/GitHub/openclaw/dist/protocol-validators-DyDDHVqM.js

Identical agent set (lobster, lobster-mail, homeclaw, social-planner, travel-hub) initialized successfully against the same Codex app-server. The patched normalizeThreadResponse is confirmed present in the bundled dist/.

Observed result after fix: assertCodexThreadStartResponse and assertCodexThreadResumeResponse no longer throw when the live Codex app-server response omits sessionId (or id). Agents that previously crashed on first turn now boot and serve traffic. Live gateway healthy on the patched build at PID 59851.

What was not tested: I did not synthesize a Codex app-server that intentionally returns a Thread with only sessionId (no id); the unit test covers that path but the live gateway only exercised the id-without-sessionId direction observed in the wild. Also did not run the full openclaw test suite locally; only the new validator test file.

Changed files

• CHANGELOG.md (modified, +1/-0)
• extensions/codex/src/app-server/protocol-validators.test.ts (added, +71/-0)
• extensions/codex/src/app-server/protocol-validators.ts (modified, +27/-2)