fix: isolate session:patch hook payload (#53880) (thanks @graciegould)

* gateway: make session:patch hook typed and non-blocking * gateway(test): add session:patch hook coverage * docs(gateway): clarify session:patch security note * fix: address review feedback on session:patch hook Remove unused createInternalHookEvent import and fix doc example to use inline event.type check matching existing hook examples. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: isolate hook payload to prevent mutation leaking into response Shallow-copy sessionEntry and patch in the session:patch hook event so fire-and-forget handlers cannot mutate objects used by the response path. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: isolate session:patch hook payload (#53880) (thanks @graciegould) --------- Co-authored-by: “graciegould” <“graciegould5@gmail.com”> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-05-05 02:30:21 +00:00 · 2026-03-25 03:29:38 -07:00
parent 419824729a
commit 3e2e9bc238
4 changed files with 311 additions and 1 deletions
--- a/docs/automation/hooks.md
+++ b/docs/automation/hooks.md
@@ -275,6 +275,68 @@ Triggered when the gateway starts:

 - **`gateway:startup`**: After channels start and hooks are loaded

+### Session Patch Events
+
+Triggered when session properties are modified:
+
+- **`session:patch`**: When a session is updated
+
+#### Session Event Context
+
+Session events include rich context about the session and changes:
+
+```typescript
+{
+  sessionEntry: SessionEntry, // The complete updated session entry
+  patch: {                    // The patch object (only changed fields)
+    // Session identity & labeling
+    label?: string | null,           // Human-readable session label
+
+    // AI model configuration
+    model?: string | null,           // Model override (e.g., "claude-opus-4-5")
+    thinkingLevel?: string | null,   // Thinking level ("off"|"low"|"med"|"high")
+    verboseLevel?: string | null,    // Verbose output level
+    reasoningLevel?: string | null,  // Reasoning mode override
+    elevatedLevel?: string | null,   // Elevated mode override
+    responseUsage?: "off" | "tokens" | "full" | null, // Usage display mode
+
+    // Tool execution settings
+    execHost?: string | null,        // Exec host (sandbox|gateway|node)
+    execSecurity?: string | null,    // Security mode (deny|allowlist|full)
+    execAsk?: string | null,         // Approval mode (off|on-miss|always)
+    execNode?: string | null,        // Node ID for host=node
+
+    // Subagent coordination
+    spawnedBy?: string | null,       // Parent session key (for subagents)
+    spawnDepth?: number | null,      // Nesting depth (0 = root)
+
+    // Communication policies
+    sendPolicy?: "allow" | "deny" | null,          // Message send policy
+    groupActivation?: "mention" | "always" | null, // Group chat activation
+  },
+  cfg: OpenClawConfig            // Current gateway config
+}
+```
+
+**Security note:** Only privileged clients (including the Control UI) can trigger `session:patch` events. Standard WebChat clients are blocked from patching sessions (see PR #20800), so the hook will not fire from those connections.
+
+See `SessionsPatchParamsSchema` in `src/gateway/protocol/schema/sessions.ts` for the complete type definition.
+
+#### Example: Session Patch Logger Hook
+
+```typescript
+const handler = async (event) => {
+  if (event.type !== "session" || event.action !== "patch") {
+    return;
+  }
+  const { patch } = event.context;
+  console.log(`[session-patch] Session updated: ${event.sessionKey}`);
+  console.log(`[session-patch] Changes:`, patch);
+};
+
+export default handler;
+```
+
 ### Message Events

 Triggered when messages are received or sent: