fix: use crypto.randomUUID() for slug generator sessionId/runId

Replace Date.now() with crypto.randomUUID() for collision-proof identifiers under concurrent slug-generation calls. Two separate Date.now() calls could resolve to the same millisecond in burst scenarios, causing shared sessionId between concurrent runs.
2026-03-09 23:50:44 -07:00 · 2026-03-09 23:50:44 -07:00 · b6583a379d
commit b6583a379d
parent e034064ee8
1 changed files with 3 additions and 2 deletions
--- a/src/hooks/llm-slug-generator.ts
+++ b/src/hooks/llm-slug-generator.ts
@ -2,6 +2,7 @@
 * LLM-based slug generator for session memory filenames
 */

+import crypto from "node:crypto";
 import fs from "node:fs/promises";
 import os from "node:os";
 import path from "node:path";
@ -59,7 +60,7 @@ Reply with ONLY the slug, nothing else. Examples: "vendor-pitch", "api-design",
    // text is extracted.  Slug generation is pure text — it never needs
    // tool access.
    const result = await runEmbeddedPiAgent({
-      sessionId: `slug-generator-${Date.now()}`,
+      sessionId: `slug-generator-${crypto.randomUUID()}`,
      sessionKey: "temp:slug-generator",
      agentId,
      sessionFile: tempSessionFile,
@ -71,7 +72,7 @@ Reply with ONLY the slug, nothing else. Examples: "vendor-pitch", "api-design",
      model,
      disableTools: true,
      timeoutMs: 15_000, // 15 second timeout
-      runId: `slug-gen-${Date.now()}`,
+      runId: `slug-gen-${crypto.randomUUID()}`,
    });

    // Extract text from payloads