-
Notifications
You must be signed in to change notification settings - Fork 12.9k
Harden host + agent-runner from health audit findings#2732
Open
caburi00 wants to merge 3 commits into
Open
Conversation
Mechanical cleanup: drop unused imports/vars/args, prefix unused handler params with `_`, document the intentional `require()`s inside `vi.hoisted` (top-level imports aren't possible there), and replace one empty catch with an explanatory comment. No behavior change. `pnpm exec eslint src/ --quiet` is now clean. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The husky pre-commit hook silently fails on WSL when its working-tree copy gets saved with CRLF endings (bash treats `\r` as part of the token). HEAD has always been LF, but nothing prevents an editor or Windows-side tool from rewriting the working copy. A .gitattributes rule forces LF on checkout for every file under .husky/, so this can't recur. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Fixes from the 2026年06月10日 multi-agent health audit (adversarially verified). Container lifecycle (container-runner.ts, container-runtime.ts): - realpath-resolve bind-mount sources so the groups/data ext4 symlinks are followed and drvfs never enters the mount path (fixes Docker Desktop stale staging crash-loops, exit 127) - crash-on-spawn circuit breaker (decideCrashExit) so a broken image backs off and pauses instead of respawning every 60s forever - enforce MAX_CONCURRENT_CONTAINERS in wakeContainer - killContainer falls back to daemon-level `docker kill` before the CLI client Agent-runner (poll-loop.ts, db/messages-out.ts, mcp-tools/core.ts): - follow-up poller claims only messages it will push (no orphaned 'processing') - apply the accumulate (trigger=1) gate to follow-ups - thread message origin (fromMe) through edit/reaction Delivery + DB: - order outbound by (timestamp, seq) so same-second multi-part replies stay ordered (host + container) - add idx_messages_in_due for the hot countDueMessages poll - guard migration013 ALTERs (idempotent) - delete FK dependents in a transaction for agent/messaging group deletes - correct misleading delivery-retry comment Router: - cache compiled engage_pattern + cap input length (ReDoS guard) - invalid pattern fails closed with a one-shot warn (was fail-open) - run the command gate only when engaging (accumulate context stays silent) Scheduling: - recurring series survives a failed occurrence instead of dying silently - anchor next run on scheduled fire time to prevent drift WhatsApp: - reaction fromMe + real edit handler (was duplicating) - groups.upsert/update listeners for immediate new/renamed-group sync - flush re-queues on mid-flush error; outgoing queue bounded - await a clean socket close on teardown - extract the SIGTERM creds-wipe guard to a tested pure helper Security + ops: - authorize approval clicks (OneCLI credential + self-mod) by approver/admin - only colorize logs on a TTY so the service log file is greppable - non-destructive startup reconciliation of orphan session folders - correct stale schema.ts header to point at migrations Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@caburi00
caburi00
requested review from
gabi-simons and
gavrielc
as code owners
June 11, 2026 05:15
This was referenced Jun 12, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes from a multi-agent health audit (adversarially verified):
MAX_CONCURRENT_CONTAINERS, daemon-leveldocker killfallbackfromMeorigin(timestamp, seq), addidx_messages_in_due, idempotent migration013, transactional FK-safe cascade deletes, corrected delivery commentfromMe,groups.upsert/updatelisteners, bounded + re-queueing outgoing queue, awaited teardown, SIGTERM creds-wipe guard extracted to a tested pure helper24 files.
dist/intentionally excluded — rebuild on deploy. Adds tests for the crash breaker and the WhatsApp auth-wipe guard.🤖 Generated with Claude Code