fix: kill running osgrep processes before cleanup

[marcusquinn]

Summary

• Add pkill -f osgrep as step 0 in cleanup_osgrep() before removing binary/data
• Running MCP server Node.js processes stay alive in memory after npm uninstall — they can attempt to rebuild indexes even after ~/.osgrep/ is deleted
• Uses graceful kill first, then SIGKILL after 1s for stragglers

Followup to #2168 (v2.124.0 osgrep removal).

[coderabbitai]

Warning

Rate limit exceeded

@marcusquinn has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 15 minutes and 5 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch hotfix/osgrep-kill-processes

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @marcusquinn, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the osgrep cleanup routine by ensuring that all active osgrep Node.js processes are terminated before the package is uninstalled and its data removed. This prevents lingering processes from consuming resources or attempting to operate on non-existent files, leading to a more robust and complete cleanup operation.

Highlights

• Process Termination: Implemented a new step in the cleanup_osgrep function to kill any running osgrep processes (Node.js MCP servers and indexers) before proceeding with the uninstallation and data removal.
• Graceful and Forceful Kill: The process termination logic first attempts a graceful kill using pkill -f 'osgrep', waits for 1 second, and then force-kills any remaining straggler processes with pkill -9 -f 'osgrep'.
• Addressing Lingering Processes: Resolved an issue where Node.js osgrep processes could persist in memory after npm uninstall, potentially attempting to rebuild indexes even after their associated data directory (~/.osgrep/) was deleted.

Changelog

• setup-modules/migrations.sh
  • Added a new step (step 0) to the cleanup_osgrep function to detect and kill running osgrep processes.
  • Implemented a two-phase process killing mechanism: a graceful kill followed by a forceful kill for any persistent processes after a short delay.

Activity

• No specific review comments or activities have been recorded for this pull request.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 40 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Sun Feb 22 21:25:28 UTC 2026: Code review monitoring started
Sun Feb 22 21:25:29 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 40

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 40
• VULNERABILITIES: 0

Generated on: Sun Feb 22 21:25:31 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[gemini-code-assist]

Code Review

The pull request correctly addresses the issue of running osgrep processes persisting after the package is uninstalled. The implementation follows a graceful-then-forced kill pattern which is appropriate for Node.js processes. However, there are violations of the repository's style guide regarding error redirection and process matching specificity that should be addressed to maintain consistency and reliability.

[gemini-code-assist]

The use of 2>/dev/null and 2>&1 for blanket suppression of stderr violates the repository style guide (line 50) and general rules. Redirection of stdout (>/dev/null) is sufficient for pgrep to check for process existence without polluting the terminal. Additionally, using a more specific pattern for pkill -f (e.g., targeting the binary path or using word boundaries) is recommended to avoid accidentally matching the script's own path if it contains the string "osgrep".

Suggested change

	if pgrep -f 'osgrep' >/dev/null 2>&1; then
	print_info "Killing running osgrep processes..."
	pkill -f 'osgrep' 2>/dev/null || true
	# Give processes a moment to exit gracefully
	sleep 1
	# Force-kill any stragglers
	pkill -9 -f 'osgrep' 2>/dev/null || true
	cleaned=true
	fi
	if pgrep -f 'osgrep' >/dev/null; then
	print_info "Killing running osgrep processes..."
	pkill -f 'osgrep' || true
	# Give processes a moment to exit gracefully
	sleep 1
	# Force-kill any stragglers
	pkill -9 -f 'osgrep' || true
	cleaned=true
	fi

References

1. 2>/dev/null is acceptable ONLY when redirecting to log files, not blanket suppression. ^(link)
2. In shell scripts, avoid blanket suppression of errors with '2>/dev/null'. For 'declare -f', redirecting only stdout ('>/dev/null') is sufficient as it does not output to stderr, allowing potential syntax errors to remain visible.
3. Avoid using '2>/dev/null' for blanket suppression of command errors in shell scripts to ensure that authentication, syntax, or system issues remain visible for debugging.
4. In shell scripts with set -e, guard kill commands within cleanup traps with || true to prevent premature termination if the target process has already exited, ensuring subsequent cleanup commands are executed.