fix: preserve error details in task logs

[zerone0x]

Base Branch

• This PR targets the develop branch (required for all feature/fix PRs)
• This PR targets main (hotfix only - maintainers)

Description

Ensure task log error entries always include a meaningful message by falling back to the underlying cause when the SessionError message is blank. This keeps planning/coding errors visible in the Logs tab after the AI SDK migration.

Related Issue

Closes #1978

Type of Change

• 🐛 Bug fix
• ✨ New feature
• 📚 Documentation
• ♻️ Refactor
• 🧪 Test

Area

• Frontend
• Backend
• Fullstack

Commit Message Format

Follow conventional commits: <type>: <subject>

Types: feat, fix, docs, style, refactor, test, chore

Example: feat: add user authentication system

AI Disclosure

• This PR includes AI-generated code (Claude, Codex, Copilot, etc.)

Tool(s) used: OpenAI Codex
Testing level:

• Untested -- AI output not yet verified

• Lightly tested -- ran the app / spot-checked key paths

• Fully tested -- all tests pass, manually verified behavior

• I understand what this PR does and how the underlying code works

Checklist

• I've synced with develop branch
• I've tested my changes locally
• I've followed the code principles (SOLID, DRY, KISS)
• My PR is small and focused (< 400 lines ideally)

Platform Testing Checklist

CRITICAL: This project supports Windows, macOS, and Linux. Platform-specific bugs are a common source of breakage.

• Windows tested (either on Windows or via CI)
• macOS tested (either on macOS or via CI)
• Linux tested (CI covers this)
• Used centralized platform/ module instead of direct process.platform checks
• No hardcoded paths (used findExecutable() or platform abstractions)

If you only have access to one OS: CI now tests on all platforms. Ensure all checks pass before submitting.

CI/Testing Requirements

• All CI checks pass on all platforms (Windows, macOS, Linux)
• All existing tests pass
• New features include test coverage
• Bug fixes include regression tests

Screenshots

N/A

Feature Toggle

• N/A - Feature is complete and ready for all users

Breaking Changes

Breaking: No

Details:
N/A

Summary by CodeRabbit

Release Notes

• Bug Fixes
  • Enhanced error logging with improved message extraction and sensitive data redaction to better protect confidential information in application logs.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

Clawdbot seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The TaskLogWriter now extracts and sanitizes error messages from SessionError objects using new helper functions instead of directly accessing the error message property. This ensures error detail fields are properly populated and sensitive tokens are redacted before logging.

Changes

Cohort / File(s)	Summary
Error Message Extraction & Sanitization apps/desktop/src/main/ai/logging/task-log-writer.ts	Added sanitizeErrorMessage() to redact sensitive tokens (API keys, bearer tokens) and extractErrorMessage() to derive messages from SessionError fields with multiple fallback paths. Updated 'error' event handling to use these helpers instead of direct property access.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A rabbit hops through logs with glee,
Error messages now plain to see!
Tokens hidden, secrets kept secure,
The planning phase now logs for sure! 🔐

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically summarizes the main change: adding logic to preserve error details in task logs through sanitization and extraction of error messages.
Linked Issues check	✅ Passed	The code changes directly address issue #1978 by implementing error message extraction and sanitization to ensure task log error entries include meaningful messages instead of empty detail fields.
Out of Scope Changes check	✅ Passed	All changes are scoped to TaskLogWriter error handling and directly support the objective of preserving error details in logs; no unrelated modifications detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🎉 Thanks for your first PR!

A maintainer will review it soon. Please make sure:

• Your branch is synced with develop
• CI checks pass
• You've followed our contribution guide

Welcome to the Auto Claude community!

[gemini-code-assist]

Code Review

This pull request introduces error message sanitization and extraction logic to the task log writer, ensuring sensitive data like API keys and Bearer tokens are redacted from logs. It also enhances error handling by robustly extracting messages from various error formats and causes. A review comment suggests improving type safety when inspecting unknown error causes by using the 'in' operator instead of type assertions.

[gemini-code-assist]

While this approach works, using type assertions like (cause as { message?: unknown }) can be brittle. A more robust and type-safe way to check for properties on an unknown or object type is to use the in operator. This avoids unsafe casting and makes the code's intent clearer.

  if (cause && typeof cause === 'object') {
    if ('message' in cause && typeof cause.message === 'string' && cause.message.trim()) {
      return sanitizeErrorMessage(cause.message);
    }
    if ('error' in cause && typeof cause.error === 'string' && cause.error.trim()) {
      return sanitizeErrorMessage(cause.error);
    }
  }

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/desktop/src/main/ai/logging/task-log-writer.ts`:
- Around line 35-61: Add focused unit tests for extractErrorMessage to cover
every extraction branch and redaction: create tests that pass a SessionError
with an empty/blank message and (1) cause as an Error whose message should be
returned via sanitizeErrorMessage, (2) cause as a string, (3) cause as an object
with a message property, (4) cause as an object with an error property, and (5)
where message and cause are blank but error.code is present (expect "Error:
<code>"). Also add tests verifying sanitizeErrorMessage redacts tokens and
sensitive strings in returned messages; reference the extractErrorMessage
function and sanitizeErrorMessage to locate the code under test. Ensure each
test asserts the exact sanitized output for regressions.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4bc8a660-514b-4c5f-9f84-f24b30dc1e37

📥 Commits

Reviewing files that changed from the base of the PR and between cba7a02 and ec06bbe.

📒 Files selected for processing (1)

• apps/desktop/src/main/ai/logging/task-log-writer.ts

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Add focused regression tests for extraction and redaction branches.

Given this is a bug fix for lost diagnostics, please add tests for blank message with: cause as Error, string, object { message }, object { error }, plus token redaction cases to prevent regressions.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/desktop/src/main/ai/logging/task-log-writer.ts` around lines 35 - 61,
Add focused unit tests for extractErrorMessage to cover every extraction branch
and redaction: create tests that pass a SessionError with an empty/blank message
and (1) cause as an Error whose message should be returned via
sanitizeErrorMessage, (2) cause as a string, (3) cause as an object with a
message property, (4) cause as an object with an error property, and (5) where
message and cause are blank but error.code is present (expect "Error: <code>").
Also add tests verifying sanitizeErrorMessage redacts tokens and sensitive
strings in returned messages; reference the extractErrorMessage function and
sanitizeErrorMessage to locate the code under test. Ensure each test asserts the
exact sanitized output for regressions.

[thameema]

We independently found and fixed the same issue in PR #1979. Our fix is in the same files (stream-handler.ts, task-log-writer.ts, worker.ts).

The root cause is that the AI SDK error events have message: 'Error' with the actual details buried in the cause property. Our approach extracts from cause, falls back to stack trace, then JSON serialization.

Cross-referencing so Andy can pick the best implementation when reviewing.