fix: skip Claude augment hook when GitNexus server owns DB#1493
Merged
magyargergo merged 25 commits intoMay 14, 2026
Merged
Conversation
|
@dpearson2699 is attempting to deploy a commit to the NexusCore Team on Vercel. A member of the Team first needs to authorize it. |
magyargergo
changed the title
Contributor
✨ PR AutofixFound fixable formatting / unused-import issues across 14 changed lines. Comment |
Collaborator
|
/autofix |
Contributor
|
✅ Applied autofix and pushed a commit. (apply run) |
Collaborator
|
@dpearson2699 Could you please look into claude's findigs? 🙏 |
Merge brings hook-lock concurrency (abhigyanpatwari#1486) and related churn; resolve hooks.test.ts by keeping main concurrency suites plus augmentation tests. fix(hooks): address PR abhigyanpatwari#1493 review — trusted lsof/ps, tests, engines - Resolve lsof/ps via standard paths; GITNEXUS_HOOK_LSOF_PATH / _PS_PATH for tests - Document ETIMEDOUT fail-closed vs ENOENT fail-open; Windows no-op comment - Expand hooks.test.ts: production ps line, npx negative, ENOENT/ETIMEDOUT, multi-PID, serve - Honor GITNEXUS_HOOK_CLI_PATH in plugin hook runGitNexusCli (parity with CJS) - GITNEXUS_DEBUG: log augment stderr missing [GitNexus] marker (Finding 8) - Revert gitnexus engines to >=20 (drop stray >=22 in package.json + lockfile) Co-authored-by: Cursor <cursoragent@cursor.com>
Extract hook-db-lock-probe.cjs with a single hasGitNexusDbLockedByGitNexusServer entry point used by both Claude hooks: - Linux: scan /proc/<pid>/fd via dev+inode (no lsof required), optional lsof fallback; GITNEXUS_HOOK_LINUX_PROC_BUDGET_MS caps scan time - macOS and other Unix: trusted lsof + ps (absolute paths / env overrides) - Windows: Restart Manager + Win32_Process via win-rm-list-json.ps1 and GITNEXUS_HOOK_POWERSHELL_PATH Update hooks.test.ts source coverage for the probe module. Co-authored-by: Cursor <cursoragent@cursor.com>
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Contributor
CI Report✅ All checks passed Pipeline Status
Test Results
✅ All 9021 tests passed 1 test(s) skipped — expand for details
Code CoverageTests
📋 View full run · Generated by CI |
P0:
- Replace malformed `RM_UNIQUE_PROCESS` block in
`gitnexus/hooks/claude/win-rm-list-json.ps1` (duplicate struct decl +
duplicate `ProcessStartTime` + unbalanced braces) with a single
well-formed `[StructLayout(LayoutKind.Sequential, Pack = 4)]` struct,
so PowerShell `Add-Type` actually compiles and the Windows DB-lock
probe stops fail-open on every machine.
- `gitnexus/src/cli/setup.ts` now copies `hook-db-lock-probe.cjs` and
`win-rm-list-json.ps1` into the user's `~/.claude/hooks/gitnexus/`
alongside `hook-lock.cjs`, preventing the `MODULE_NOT_FOUND` thrown
by `gitnexus-hook.cjs:18`'s top-level require on every fresh install.
`gitnexus/test/unit/setup.test.ts` extended to assert both new copy
destinations.
- Four fail-open hook tests (`ENOENT lsof`, `npx parent line`,
`non-GitNexus ps line`, `ps ENOENT`) now seed `createHookToolDir`
with a valid `[GitNexus]` stderr line so
`expect(parseHookOutput).not.toBeNull()` actually holds on CI.
P1:
- Plugin copy of `win-rm-list-json.ps1` gains `Pack = 4` so its CLR
struct matches the 12-byte native `RM_UNIQUE_PROCESS` layout
(multi-blocker `RmGetList` no longer reads mangled `dwProcessId`).
- `GITNEXUS_HOOK_CLI_PATH = ''` now falls through to the resolution
chain in `gitnexus-hook.cjs`, matching the plugin copy and removing
the twin-file divergence on empty-string envs.
- Lock-warning suppression test seeds `gitnexusMarkerPath` and asserts
the augment subprocess actually ran, plus `GITNEXUS_DEBUG=1`
preserves the full discarded prefix.
- MCP-owner skip branch in both hook copies now emits
`[GitNexus] augment skipped: MCP server owns DB` on stderr, so
agents can distinguish intentional skip from silent failure.
P2:
- `ps` loop in `hook-db-lock-probe.cjs` fails-closed on `ETIMEDOUT`
to mirror the `lsof` handling (symmetric subprocess-probe contract).
- `RmStartSession` return value captured in both `.ps1` copies; exits
early with `[]` on non-zero so subsequent RM API calls don't operate
on an invalid handle.
- Windows RM-list `.ps1` encoded cache distinguishes uninitialized
(`undefined`) from load-failed (`null`) with a one-shot
`GITNEXUS_DEBUG` warning instead of silently caching empty string.
- `createHookToolDir` helper accepts `lsofOutputLines` and
`psOutputByPid`; the multi-PID test uses them instead of duplicating
the fake-binary construction inline.
- All five skip-path tests now assert `result.status === 0` and the
new skip-signal stderr line.
- `AGENTS.md` documents the seven hook configuration env vars
(`GITNEXUS_HOOK_CLI_PATH`, `_LSOF_PATH`, `_PS_PATH`,
`_POWERSHELL_PATH`, `_LINUX_PROC_BUDGET_MS`, `_RM_TARGET`,
`GITNEXUS_DEBUG`).
- `GITNEXUS_DEBUG` path in `gitnexus-hook.cjs`/`.js` writes the full
discarded stderr prefix instead of a 180-char preview.
- Inline comment in `hook-db-lock-probe.cjs` explains the intentional
Windows ETIMEDOUT fail-closed semantics.
- Removed the unnecessary `as WriteFileOptions` cast and orphaned
`import type { WriteFileOptions }` in `hooks.test.ts`.
P3:
- `isGitNexusServerCommand` unexported from
`hook-db-lock-probe.cjs` (kept as private helper).
- Env-path overrides (`GITNEXUS_HOOK_CLI_PATH`,
`_POWERSHELL_PATH`, `_LSOF_PATH`, `_PS_PATH`) require
`fs.existsSync` before being returned, so typos / stale config fall
through to the standard resolution chain.
Misc:
- `gitnexus/package.json` engines.node back to `>=22.0.0` (matches
origin/main and the original PR reviewer's earlier request).
Twin-tree parity / CI sync mechanism tracked separately at
abhigyanpatwari#1591.
Test plan: vitest run test/unit/hooks.test.ts → 113 passed,
18 Unix-only skipped; setup.test.ts → 14 passed.
Collaborator
|
/autofix |
Contributor
|
✅ Applied autofix and pushed a commit. (apply run) |
|
Deployment failed with the following error: |
hohaivu
pushed a commit
to hohaivu/GitNexus
that referenced
this pull request
May 19, 2026
…atwari#1493) * fix(claude): skip augment hook when server owns db * chore(autofix): apply prettier + eslint fixes via /autofix command * fix(hooks): cross-platform DB lock probe for MCP owner guard Extract hook-db-lock-probe.cjs with a single hasGitNexusDbLockedByGitNexusServer entry point used by both Claude hooks: - Linux: scan /proc/<pid>/fd via dev+inode (no lsof required), optional lsof fallback; GITNEXUS_HOOK_LINUX_PROC_BUDGET_MS caps scan time - macOS and other Unix: trusted lsof + ps (absolute paths / env overrides) - Windows: Restart Manager + Win32_Process via win-rm-list-json.ps1 and GITNEXUS_HOOK_POWERSHELL_PATH Update hooks.test.ts source coverage for the probe module. Co-authored-by: Cursor <cursoragent@cursor.com> * Update gitnexus/hooks/claude/win-rm-list-json.ps1 Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Apply suggestion from @github-actions[bot] Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix(gitnexus): repair package.json JSON after malformed engines edit Co-authored-by: Cursor <cursoragent@cursor.com> * Update Node.js engine version requirement to 22.0.0 * Update Node.js engine version to >=22.0.0 * fix(hooks): address ce-code-review findings on PR abhigyanpatwari#1493 P0: - Replace malformed `RM_UNIQUE_PROCESS` block in `gitnexus/hooks/claude/win-rm-list-json.ps1` (duplicate struct decl + duplicate `ProcessStartTime` + unbalanced braces) with a single well-formed `[StructLayout(LayoutKind.Sequential, Pack = 4)]` struct, so PowerShell `Add-Type` actually compiles and the Windows DB-lock probe stops fail-open on every machine. - `gitnexus/src/cli/setup.ts` now copies `hook-db-lock-probe.cjs` and `win-rm-list-json.ps1` into the user's `~/.claude/hooks/gitnexus/` alongside `hook-lock.cjs`, preventing the `MODULE_NOT_FOUND` thrown by `gitnexus-hook.cjs:18`'s top-level require on every fresh install. `gitnexus/test/unit/setup.test.ts` extended to assert both new copy destinations. - Four fail-open hook tests (`ENOENT lsof`, `npx parent line`, `non-GitNexus ps line`, `ps ENOENT`) now seed `createHookToolDir` with a valid `[GitNexus]` stderr line so `expect(parseHookOutput).not.toBeNull()` actually holds on CI. P1: - Plugin copy of `win-rm-list-json.ps1` gains `Pack = 4` so its CLR struct matches the 12-byte native `RM_UNIQUE_PROCESS` layout (multi-blocker `RmGetList` no longer reads mangled `dwProcessId`). - `GITNEXUS_HOOK_CLI_PATH = ''` now falls through to the resolution chain in `gitnexus-hook.cjs`, matching the plugin copy and removing the twin-file divergence on empty-string envs. - Lock-warning suppression test seeds `gitnexusMarkerPath` and asserts the augment subprocess actually ran, plus `GITNEXUS_DEBUG=1` preserves the full discarded prefix. - MCP-owner skip branch in both hook copies now emits `[GitNexus] augment skipped: MCP server owns DB` on stderr, so agents can distinguish intentional skip from silent failure. P2: - `ps` loop in `hook-db-lock-probe.cjs` fails-closed on `ETIMEDOUT` to mirror the `lsof` handling (symmetric subprocess-probe contract). - `RmStartSession` return value captured in both `.ps1` copies; exits early with `[]` on non-zero so subsequent RM API calls don't operate on an invalid handle. - Windows RM-list `.ps1` encoded cache distinguishes uninitialized (`undefined`) from load-failed (`null`) with a one-shot `GITNEXUS_DEBUG` warning instead of silently caching empty string. - `createHookToolDir` helper accepts `lsofOutputLines` and `psOutputByPid`; the multi-PID test uses them instead of duplicating the fake-binary construction inline. - All five skip-path tests now assert `result.status === 0` and the new skip-signal stderr line. - `AGENTS.md` documents the seven hook configuration env vars (`GITNEXUS_HOOK_CLI_PATH`, `_LSOF_PATH`, `_PS_PATH`, `_POWERSHELL_PATH`, `_LINUX_PROC_BUDGET_MS`, `_RM_TARGET`, `GITNEXUS_DEBUG`). - `GITNEXUS_DEBUG` path in `gitnexus-hook.cjs`/`.js` writes the full discarded stderr prefix instead of a 180-char preview. - Inline comment in `hook-db-lock-probe.cjs` explains the intentional Windows ETIMEDOUT fail-closed semantics. - Removed the unnecessary `as WriteFileOptions` cast and orphaned `import type { WriteFileOptions }` in `hooks.test.ts`. P3: - `isGitNexusServerCommand` unexported from `hook-db-lock-probe.cjs` (kept as private helper). - Env-path overrides (`GITNEXUS_HOOK_CLI_PATH`, `_POWERSHELL_PATH`, `_LSOF_PATH`, `_PS_PATH`) require `fs.existsSync` before being returned, so typos / stale config fall through to the standard resolution chain. Misc: - `gitnexus/package.json` engines.node back to `>=22.0.0` (matches origin/main and the original PR reviewer's earlier request). Twin-tree parity / CI sync mechanism tracked separately at abhigyanpatwari#1591. Test plan: vitest run test/unit/hooks.test.ts → 113 passed, 18 Unix-only skipped; setup.test.ts → 14 passed. * chore(autofix): apply prettier + eslint fixes via /autofix command * trigger --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Gergő Magyar <gergomagyar@icloud.com> Co-authored-by: Cursor <cursoragent@cursor.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
.gitnexus/lbugdatabase[GitNexus]augmentation output from hook stderr, suppressing incidental LadybugDB/FTS lock warnings from the opportunistic augment pathCloses #1492
Test plan
cd gitnexus && ./node_modules/.bin/vitest run test/unit/hooks.test.tscd gitnexus && ./node_modules/.bin/vitest run test/unit/hooks.test.ts test/integration/hooks-e2e.test.ts test/unit/setup-jsonc.test.tscd gitnexus && npm run buildnode --check gitnexus/hooks/claude/gitnexus-hook.cjs && node --check gitnexus-claude-plugin/hooks/gitnexus-hook.jslsof/psreportinggitnexus mcpownership of.gitnexus/lbugverified no augment subprocess output