fix(policy): align retention default with runtime

2026-06-06 05:51:15 +08:00 · 2026-05-31 07:16:18 -07:00
parent 8cf918a3ed
commit 6a0e9730aa
5 changed files with 9 additions and 15 deletions
--- a/docs/concepts/session.md
+++ b/docs/concepts/session.md
@@ -110,8 +110,8 @@ writes.
 ## Session maintenance

 OpenClaw automatically bounds session storage over time. By default, it runs
-in `warn` mode (reports what would be cleaned). Set `session.maintenance.mode`
-to `"enforce"` for automatic cleanup:
+in `enforce` mode and applies cleanup during maintenance. Set
+`session.maintenance.mode` to `"warn"` to report what would be cleaned without mutating the store/files:

 ```json5
 {
--- a/docs/gateway/config-agents.md
+++ b/docs/gateway/config-agents.md
@@ -1272,7 +1272,7 @@ See [Multi-Agent Sandbox & Tools](/tools/multi-agent-sandbox-tools) for preceden
    resetTriggers: ["/new", "/reset"],
    store: "~/.openclaw/agents/{agentId}/sessions/sessions.json",
    maintenance: {
-      mode: "warn", // warn | enforce
+      mode: "enforce", // enforce (default) | warn
      pruneAfter: "30d",
      maxEntries: 500,
      resetArchiveRetention: "30d", // duration or false
@@ -1311,7 +1311,7 @@ See [Multi-Agent Sandbox & Tools](/tools/multi-agent-sandbox-tools) for preceden
 - **`agentToAgent.maxPingPongTurns`**: maximum reply-back turns between agents during agent-to-agent exchanges (integer, range: `0`-`20`, default: `5`). `0` disables ping-pong chaining.
 - **`sendPolicy`**: match by `channel`, `chatType` (`direct|group|channel`, with legacy `dm` alias), `keyPrefix`, or `rawKeyPrefix`. First deny wins.
 - **`maintenance`**: session-store cleanup + retention controls.
-  - `mode`: `warn` emits warnings only; `enforce` applies cleanup.
+  - `mode`: `enforce` applies cleanup and is the default; `warn` emits warnings only.
  - `pruneAfter`: age cutoff for stale entries (default `30d`).
  - `maxEntries`: maximum number of entries in `sessions.json` (default `500`). Runtime writes batch cleanup with a small high-water buffer for production-sized caps; `openclaw sessions cleanup --enforce` applies the cap immediately.
  - `rotateBytes`: deprecated and ignored; `openclaw doctor --fix` removes it from older configs.
--- a/docs/reference/session-management-compaction.md
+++ b/docs/reference/session-management-compaction.md
@@ -78,7 +78,7 @@ OpenClaw resolves these via `src/config/sessions.ts`.

 Session persistence has automatic maintenance controls (`session.maintenance`) for `sessions.json`, transcript artifacts, and trajectory sidecars:

- `mode`: `warn` (default) or `enforce`
+- `mode`: `enforce` (default) or `warn`
 - `pruneAfter`: stale-entry age cutoff (default `30d`)
 - `maxEntries`: cap entries in `sessions.json` (default `500`)
 - `resetArchiveRetention`: retention for `*.reset.<timestamp>` transcript archives (default: same as `pruneAfter`; `false` disables cleanup)
--- a/extensions/policy/src/doctor/register.test.ts
+++ b/extensions/policy/src/doctor/register.test.ts
@@ -7308,7 +7308,7 @@ describe("registerPolicyDoctorChecks", () => {
    );
  });

-  it("treats omitted session maintenance mode as warn for retention conformance", async () => {
+  it("treats omitted session maintenance mode as enforce for retention conformance", async () => {
    const configPath = join(workspaceDir, "openclaw.jsonc");
    const cfg = {
      ...cfgWithPolicy(),
@@ -7334,18 +7334,12 @@ describe("registerPolicyDoctorChecks", () => {
        expect.objectContaining({
          kind: "sessionRetentionMode",
          source: "oc://openclaw.config/session/maintenance/mode",
-          value: "warn",
+          value: "enforce",
          explicit: false,
        }),
      ]),
    );
-    expect(result.findings).toEqual([
-      expect.objectContaining({
-        checkId: "policy/data-handling-session-retention-not-enforced",
-        ocPath: "oc://openclaw.config/session/maintenance/mode",
-        requirement: "oc://policy.jsonc/dataHandling/retention/requireSessionMaintenance",
-      }),
-    ]);
+    expect(result.findings).toEqual([]);
  });

  it("does not treat disabled telemetry capture subkeys as content capture", async () => {
--- a/extensions/policy/src/policy-state.ts
+++ b/extensions/policy/src/policy-state.ts
@@ -851,7 +851,7 @@ export function scanPolicyDataHandling(

  const session = isRecord(cfg.session) ? cfg.session : {};
  const maintenance = isRecord(session.maintenance) ? session.maintenance : {};
-  const retentionMode = typeof maintenance.mode === "string" ? maintenance.mode : "warn";
+  const retentionMode = typeof maintenance.mode === "string" ? maintenance.mode : "enforce";
  entries.push({
    id: "session-maintenance-mode",
    kind: "sessionRetentionMode",