fix(session): scope session list to current directory to prevent cross-worktree leakage

[andreagroferreira]

Summary

When multiple git worktrees share the same root commit, they get the same project_id. This causes sessions from different worktrees to appear mixed in the session list. Similarly, the global project (worktree /) acts as a catch-all bucket, mixing sessions from completely unrelated directories.

Before: Opening OpenCode in marketplace-ms shows 174 sessions from marketplace-ms, news-cms, and ecommerce-wiz-last because they share the same git root commit.

After: Opening OpenCode in marketplace-ms shows only the 4 sessions that were created in that directory.

Root Cause

Three interrelated bugs:

1. global project catch-all: Directories without a git repo get project_id = 'global' with worktree = '/'. Since / is the filesystem root, all "orphan" sessions from unrelated directories appear together.

2. Shared project_id across worktrees: Git worktrees from the same repo share the same root commit hash, producing the same project_id. Without directory filtering, sessions from all worktrees are mixed.

3. workspace_id NULL exclusion: The workspace filter uses strict equality (eq(workspace_id, wsID)), which excludes all pre-migration sessions that have workspace_id = NULL.

Changes

packages/opencode/src/session/index.ts

• list(): Fix workspace_id filtering to include sessions with NULL workspace_id (pre-migration sessions) using OR(eq, isNull) instead of strict equality. Use explicit workspaceID input parameter instead of only reading from WorkspaceContext (the param was dead code before).
• createNext(): Accept explicit workspaceID in input, falling back to WorkspaceContext.workspaceID.

packages/opencode/src/server/routes/session.ts

• Default the GET /session/ route to filter by Instance.directory when no directory query param is provided. This ensures sessions are scoped to the active working directory server-side.
• Add workspaceID as an accepted query parameter.

packages/opencode/src/cli/cmd/session.ts

• Pass directory: Instance.directory to Session.list() in the CLI session list command.

packages/opencode/test/server/session-list.test.ts

• Add test: sessions with NULL workspace_id are included when filtering by workspaceID
• Add test: directory filter prevents cross-worktree session leakage
• Add test: createNext accepts explicit workspaceID

Test Results

124 pass
4 skip
0 fail
272 expect() calls
Ran 128 tests across 13 files. [11.61s]

Related Issues

• Fixes opencode sessions command fails to list historical sessions when run inside a Git repository #15678 — opencode sessions command fails to list historical sessions when run inside a Git repository
• Relates to [Web UI] Sessions under workspace root are missing after upgrading to 1.2.21 #16744 — Sessions under workspace root are missing after upgrading to 1.2.21
• Relates to [BUG] Zed ACP registry mode shows stale Recent sessions (unscoped /session) #16137 — Zed ACP registry mode shows stale Recent sessions (unscoped /session)
• Relates to /sessions TUI only shows recent sessions, ignores historical ones #16270 — /sessions TUI only shows recent sessions, ignores historical ones

Related PRs

• feat(core): allow passing workspaceID into session create endpoint #16798 — feat(core): allow passing workspaceID into session create endpoint (complementary)
• fix(session): scope session list and TUI to current directory #14489 — fix(session): scope session list and TUI to current directory (similar approach)
• fix: list all sessions regardless of git context (#15678) #15772 — fix: list all sessions regardless of git context (different approach)

[github-actions]

This PR doesn't fully meet our contributing guidelines and PR template.

What needs to be fixed:

• PR description is missing required template sections. Please use the PR template.

Please edit this PR description to address the above within 2 hours, or it will be automatically closed.

If you believe this was flagged incorrectly, please let a maintainer know.

[github-actions]

The following comment was made by an LLM, it may be inaccurate:

Found potentially related PRs:

1. fix: scope session list and children to current worktree #13960 - "fix: scope session list and children to current worktree"

   • fix: scope session list and children to current worktree #13960
   • Related: Similar approach to scoping sessions to worktrees to prevent cross-worktree leakage

2. fix: filter CLI sessions by current directory for worktree support #12008 - "fix: filter CLI sessions by current directory for worktree support"

   • fix: filter CLI sessions by current directory for worktree support #12008
   • Related: Addresses filtering sessions by directory in CLI for worktree scenarios

3. feat(cli): add -a global mode for session list #15178 - "feat(cli): add -a global mode for session list"

   • feat(cli): add -a global mode for session list #15178
   • Related: Deals with global vs scoped session list visibility

4. docs(cli): explain project-scoped session visibility #13118 - "docs(cli): explain project-scoped session visibility"

   • docs(cli): explain project-scoped session visibility #13118
   • Related: Documentation about project-scoped session visibility

These PRs address similar concerns around session scoping, worktree support, and preventing cross-directory session leakage, though they appear to be from different iterations or complementary approaches to the problem.

[github-actions]

This pull request has been automatically closed because it was not updated to meet our contributing guidelines within the 2-hour window.

Feel free to open a new pull request that follows our guidelines.