fix(cron): prevent premature cron job fire on restart (#60985) by rockcent · Pull Request #2 · rockcent/openclaw-pr-dev

rockcent · 2026-04-04T19:24:43Z

Summary

Fixes a regression where a cron job that already ran at its scheduled time would incorrectly fire again immediately on gateway restart.

Bug Description

When the gateway restarts before a cron job's scheduled time, the job was incorrectly identified as a "missed" job and fired immediately on startup catch-up, even though:

The job already ran at its scheduled time yesterday
The next scheduled time is still hours away

Root Cause: In isRunnableJob(), the allowCronMissedRunByLastRun path computed previousRunAtMs from nowMs instead of from nextRunAtMs. When nowMs is before the scheduled time (e.g., 01:24 AM for a 09:00 AM job), previousRunAtMs incorrectly returned yesterday's scheduled slot — the same as lastRunAtMs. The condition previousRunAtMs > lastRunAtMs evaluated to false... but the subsequent guard was absent, allowing the false-positive catch-up.

The Fix:

Compute previousRunAtMs from nextRunAtMs instead of nowMs — this correctly contexts the previous occurrence relative to the upcoming scheduled slot
Add a lastRunAtMs >= previousRunAtMs guard that returns false when the job already ran (either exactly at the scheduled slot or late after it)

Files Changed

src/cron/service/timer.ts — fix isRunnableJob() to compute previous occurrence from nextRunAtMs and add run-guard
src/cron/service/timer.regression.test.ts — regression test for issue [Bug] Cron jobs immediately fire on gateway restart instead of waiting for next scheduled time openclaw/openclaw#60985

Impact

Cron jobs will no longer fire prematurely on gateway restart
No breaking changes — the fix only removes false-positive catch-up runs

Related Issues

Fixes openclaw#60985

@altaywtf

…penclaw#53395) Merged via squash. Prepared head SHA: 31f2396 Co-authored-by: drvoss <3031622+drvoss@users.noreply.github.com> Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com> Reviewed-by: @altaywtf

@frankekn

…d ping intervals (openclaw#56646) Merged via squash with admin override. Prepared head SHA: f1c91d5 Note: required red lanes are currently inherited from latest origin/main, not introduced by this PR. Co-authored-by: hsiaoa <70124331+hsiaoa@users.noreply.github.com> Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com> Reviewed-by: @frankekn

@hxy91819

…penclaw#59911) Merged via squash. Prepared head SHA: a67bcaa Co-authored-by: ejames-dev <180847219+ejames-dev@users.noreply.github.com> Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com> Reviewed-by: @hxy91819

@altaywtf

…penclaw#60557) Merged via squash. Prepared head SHA: 637ff7d Co-authored-by: feniix <91633+feniix@users.noreply.github.com> Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com> Reviewed-by: @altaywtf

When the gateway client reconnects using a stored device token, it was defaulting to ["operator.admin"] scopes instead of preserving the previously authorized scopes from the stored token. This caused the operator device token to be regenerated without operator.read scope, breaking status/probe/health commands. This fix: 1. Loads the stored scopes along with the stored token in selectConnectAuth 2. Uses the stored scopes when reconnecting with a valid device token 3. Falls back to explicitly requested scopes or default admin-only scope when no stored scopes exist Fixes openclaw#46000

@caicongyang

…nks @caicongyang)

…odel (openclaw#58294) * fix(cron): prevent agent default model from overriding cron payload model (openclaw#58065) When a cron job specifies a model override via the Advanced settings, runWithModelFallback could silently fall back to the agent's configured primary model. This happened because fallbacksOverride was undefined when neither payload.fallbacks nor per-agent fallbacks were configured, causing resolveFallbackCandidates to append the agent primary as a last-resort candidate. A transient failure on the cron-selected model (rate limit, model-not-found, etc.) would then succeed on the agent default, making it appear as if the override was ignored entirely. Fix: when the cron payload carries an explicit model override, ensure fallbacksOverride is always a defined array (empty when no fallbacks are configured) so the agent primary is never silently appended. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * test: use stricter toEqual([]) assertion for fallbacksOverride Replace toBeDefined() + toBeInstanceOf(Array) with toEqual([]) to catch regressions where the array unexpectedly gains entries. Addresses review feedback. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: preserve cron override fallback semantics (openclaw#58294) --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Peter Steinberger <steipete@gmail.com>

…y ran Fixes a regression where a cron job that already ran at its scheduled time would incorrectly fire again immediately on gateway restart. Root cause: isRunnableJob() computed previousRunAtMs from nowMs instead of nextRunAtMs in the allowCronMissedRunByLastRun path. When nowMs is before the scheduled time, previousRunAtMs incorrectly returned yesterday's slot — the same as lastRunAtMs for a job that already ran. The condition previousRunAtMs > lastRunAtMs evaluated to false, but there was no guard to suppress the false-positive catch-up. Fix: compute previousRunAtMs from nextRunAtMs (correct context) and add a lastRunAtMs >= previousRunAtMs guard to prevent replay of a job that already ran (at or after its scheduled slot). Fixes openclaw#60985

drvoss and others added 30 commits April 4, 2026 15:38

docs: refresh security audit reference docs

62babff

docs: refresh trusted proxy auth guidance

7985cf5

docs: refresh reverse proxy hardening refs

4991cd6

docs: clarify trusted proxy mirror refs

16346d6

docs: refresh web surface auth mirrors

8f47302

refactor(providers): flatten shared stream hooks

a6707c2

docs: refresh control ui device identity refs

11d17b3

docs: refresh gateway auth overview mirrors

c63a326

fix: serialize async auth rate-limit attempts

032dbf0

docs: refresh http endpoint auth refs

6cff644

perf(agents): avoid repeated subagent registry rescans

b3faf20

fix(plugin-sdk): keep telegram command config available

2a03326

fix(build): restore portable provider runtime types

71ea82a

fix(tests): restore stream wrapper type coverage

0d47106

docs: refresh hook ingress security refs

b0025b1

docs: refresh tailscale auth mirrors

f8dcd3e

docs: refresh shared-secret auth mirrors

0afd30d

docs: refresh browser auth refs

022618e

docs: refresh gateway auth overview refs

11b8a02

docs: refresh tailscale http auth refs

07c7c4b

docs: refresh control ui auth ux refs

2ecb8ca

fix: preserve cached device token scopes safely (openclaw#46032) (tha…

3f1b270

…nks @caicongyang)

docs: refresh remote bootstrap refs

99e45eb

fix: harden parallels smoke harness

79be1e1

steipete and others added 30 commits April 4, 2026 19:20

docs: refresh sessions_history safety refs

e42deea

docs: refresh push-based orchestration refs

3b109c3

docs: refresh chat history scaffolding refs

fd222d3

docs: refresh session recall sanitization refs

f94645d

docs: refresh subagent completion fallback refs

c329dd8

docs: refresh text runtime sdk refs

9aec55f

docs: refresh session recall sanitization mirrors

d0d57ea

docs: refresh multi-agent sandbox recall mirror

759373e

feat(qwen): add qwen provider and video generation

e3ac0f4

style(qwen): apply formatter follow-ups

df76930

docs(qwen): refresh provider and endpoint guides

889ddb5

docs(qwen): fix front matter formatting

e06e36d

fix(providers): stabilize runtime normalization hooks

ca200eb

docs: refresh heartbeat skip-reason refs

eaef4ee

docs: refresh untrusted file wrapper refs

b1279b0

docs: refresh qwen media and config refs

879d45a

docs: refresh video generation sdk refs

c3ee8c6

docs: refresh video generation plugin refs

3b47c0a

docs: refresh configured provider fallback refs

a297556

docs: refresh provider scoped failover refs

4650b97

docs: refresh provider runtime hook refs

2894663

docs: refresh qwen video generation refs

62dd299

docs: refresh video generation config refs

e0ef385

docs: refresh qwen sdk helper refs

36b6496

docs: refresh plugin capability registration refs

43acbcd

docs: refresh plugin capability inventory refs

7988b59

docs: refresh realtime transcription capability refs

7c1c4da

chore(plugins): sync versions to 2026.4.4

67d6fc8

docs: refresh plugin overview mirrors

c488bec

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(cron): prevent premature cron job fire on restart (#60985)#2

fix(cron): prevent premature cron job fire on restart (#60985)#2
rockcent wants to merge 1749 commits intomainfrom
fix/cron-startup-missed-run-guard

rockcent commented Apr 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

20 participants

Conversation

rockcent commented Apr 4, 2026

Summary

Bug Description

Files Changed

Impact

Related Issues

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

20 participants