Skip to content

fix(session): enforce 20-char display name cap on rename#2383

Open
aprv10 wants to merge 2 commits into
AgentWrapper:mainfrom
aprv10:fix/session-rename-display-name-cap
Open

fix(session): enforce 20-char display name cap on rename#2383
aprv10 wants to merge 2 commits into
AgentWrapper:mainfrom
aprv10:fix/session-rename-display-name-cap

Conversation

@aprv10

@aprv10 aprv10 commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Resolves #2375

What this fixes

Backend only — no frontend change.

  • Spawn caps displayName at 20 runes (DISPLAY_NAME_TOO_LONG), but the rename path had no length check at any layer, so ao session rename and PATCH /sessions/{id} accepted and persisted names spawn would have rejected.
  • Adds the same rune-count cap in the shared Service.Rename, so all three callers(the PATCH endpoint, ao session rename, and the sidebar inline-rename) inherit it and return the same DISPLAY_NAME_TOO_LONG error as spawn.
  • No controller/CLI duplication: the service-level guard already closes both paths with the correct error code, and the sidebar input's existing maxLength={20} is unchanged. The rename-session.ts comment claiming the daemon enforces this cap is now accurate.

Testing

  • go build ./... clean; go test ./internal/service/session/ ./internal/httpd/controllers/ passes.
  • Adds TestSessionRenameRejectsTooLongDisplayName: a 21-character rename is rejected with apierr.Invalid /DISPLAY_NAME_TOO_LONG and the stored name is left unchanged, mirroring the existing TestSessionsAPI_SpawnDisplayNameTooLong on the spawn path.

Files

  • backend/internal/service/session/service.go
  • backend/internal/service/session/service_test.go

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Session rename accepts display names longer than the 20-character cap that spawn enforces

2 participants