fix: critical session lifecycle and permission persistence bugs#47
Draft
cursor[bot] wants to merge 2 commits into
Draft
fix: critical session lifecycle and permission persistence bugs#47cursor[bot] wants to merge 2 commits into
cursor[bot] wants to merge 2 commits into
Conversation
- Persist skip_permissions on create and load it via get_session - Preserve Stopped status when reader loop exits after user stop - Kill CLI process when deleting a running session - Retain buffered session output when flush_batch BEGIN fails - Merge journal history on tab switch instead of clobbering live feed Co-authored-by: José Fernando <xinnaider@users.noreply.github.com>
Co-authored-by: José Fernando <xinnaider@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Automated bug investigation found and fixed several high-severity correctness issues in session management, database persistence, and feed loading.
Bugs fixed
1. Permission bypass after restart (security)
Impact: Sessions created in approval mode silently switched to auto-approve after app restart or follow-up message reload.
Root cause:
get_sessionSELECT omittedskip_permissions,parent_session_id, anddepthcolumns (indices 15–17), causingskip_permissionsto always default totrue.create_sessionalso never persistedskip_permissionsto the DB.Fix: Align
get_sessionSELECT withget_sessions; persistskip_permissionson INSERT based onpermission_mode.2. Stopped sessions marked completed
Impact: Stopping a running session briefly showed "stopped" then flipped to "completed" when the CLI process exited.
Root cause:
reader_loopunconditionally wroteCompletedto DB on exit, racing withstop_session.Fix:
reader_exit_status()checks DB status and preservesStopped.3. Orphan CLI on session delete
Impact: Deleting a running session left the CLI process running in the background, continuing to emit events and write to DB.
Root cause:
delete_sessionremoved in-memory/DB state but never calledkill_pid.Fix: Kill process and clean up PID file before deletion (same as
stop_session).4. Silent JSONL loss on DB lock
Impact: Session chat output could be permanently lost under SQLite lock contention.
Root cause:
flush_batchcleared its entire buffer whenBEGINfailed.Fix: Retain buffer for retry on next flush cycle.
5. Live feed wiped on tab switch
Impact: Switching back to an active session could erase messages that arrived while away.
Root cause:
loadHistoryreplaced the in-memory journal array with the (stale) DB snapshot.Fix: Merge DB history with live entries by
seq.Tests added
should_persist_skip_permissions_from_permission_mode_on_createshould_load_parent_and_depth_via_get_sessionshould_preserve_stopped_status_when_reader_loop_exitsValidation
cargo test --lib(new tests pass)cargo clippy --lib -- -D warningscargo fmt --checknpm run format:checknpm run check(svelte-check)Not fixed (needs separate PR)
spawning_sessionsguard blocksdo_spawnfor entirereader_loopduration)