fix: prevent session hang when tool approval required in headless mode#7915
Conversation
vincenzopalazzo
force-pushed
the
claude/interesting-zhukovsky
branch
from
35211f1 to
831f5f8
Compare
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 35211f16ef
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
Addressed review feedback from @chatgpt-codex-connector: process_message() now takes an explicit interactive parameter instead of hardcoding false. This ensures the initial prompt in interactive() correctly shows the approval dialog (passes true), while headless() and scenario tests pass false. Fixed in 839ee26. |
|
To use Codex here, create an environment for this repo. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 839ee268bd
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
In non-interactive/headless CLI sessions, tool confirmation prompts (cliclack::select) block forever since there is no terminal attached. This caused MCP server activation and any tool requiring approval to hang indefinitely in remote/headless sessions. Changes: - Add interactive parameter to process_message() so callers pass the correct value (true for interactive sessions, false for headless) - Guard prompt_tool_confirmation() behind the interactive flag: in headless mode, auto-allow with Permission::AllowOnce + log warning - Guard elicitation collection behind the interactive flag: in headless mode, cancel gracefully instead of blocking on terminal input Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo
force-pushed
the
claude/interesting-zhukovsky
branch
from
839ee26 to
687db41
Compare
|
@jh-block Re: your comment — good point, I agree. Silently auto-allowing defeats the purpose of I checked the callers of the
None of these have a legitimate reason to silently bypass approval. I'll update this to error out early in |
…lled in headless mode When elicitation is requested in non-interactive mode, return an error so automation pipelines correctly report failure instead of exit 0. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo
force-pushed
the
claude/interesting-zhukovsky
branch
from
e35c71b to
b8e42cb
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b8e42cb3aa
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
DOsinga
added
the
needs_human
…ve mode Instead of silently auto-allowing tool calls when running headless in Approve/SmartApprove mode (which bypasses the safety contract), return an error indicating this is an invalid configuration. Auto mode still auto-allows in headless sessions as before. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo
force-pushed
the
claude/interesting-zhukovsky
branch
from
c6d9166 to
6306be2
Compare
3 participants
Summary
SmartApprove/Approvemode)cliclack::select()interactive prompts behind the existinginteractiveflag inprocess_agent_responsePermission::AllowOncein headless mode (with a tracing warning for observability)Root Cause
process_agent_responseincrates/goose-cli/src/session/mod.rsunconditionally calledcliclack::select()— an interactive terminal prompt — when a tool required approval, regardless of whether the session was interactive or headless. Since headless/remote sessions have no terminal attached,cliclack::select()would block forever waiting for input that never comes. This prevented MCP server activation (viamanage_extensions) and any other tool requiring approval from completing in headless sessions.The
interactiveflag was already passed into the function and used for display decisions, but was never checked before the approval prompt.Test plan
cargo check -p goose-clicompiles cleanlycargo test -p goose-cli— all 112 tests pass🤖 Generated with Claude Code