Skip to content

fix: critical session lifecycle and permission persistence bugs#47

Draft
cursor[bot] wants to merge 2 commits into
devfrom
cursor/critical-bug-investigation-cd78
Draft

fix: critical session lifecycle and permission persistence bugs#47
cursor[bot] wants to merge 2 commits into
devfrom
cursor/critical-bug-investigation-cd78

Conversation

@cursor

@cursor cursor Bot commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

Summary

Automated bug investigation found and fixed several high-severity correctness issues in session management, database persistence, and feed loading.

Bugs fixed

1. Permission bypass after restart (security)

Impact: Sessions created in approval mode silently switched to auto-approve after app restart or follow-up message reload.

Root cause: get_session SELECT omitted skip_permissions, parent_session_id, and depth columns (indices 15–17), causing skip_permissions to always default to true. create_session also never persisted skip_permissions to the DB.

Fix: Align get_session SELECT with get_sessions; persist skip_permissions on INSERT based on permission_mode.

2. Stopped sessions marked completed

Impact: Stopping a running session briefly showed "stopped" then flipped to "completed" when the CLI process exited.

Root cause: reader_loop unconditionally wrote Completed to DB on exit, racing with stop_session.

Fix: reader_exit_status() checks DB status and preserves Stopped.

3. Orphan CLI on session delete

Impact: Deleting a running session left the CLI process running in the background, continuing to emit events and write to DB.

Root cause: delete_session removed in-memory/DB state but never called kill_pid.

Fix: Kill process and clean up PID file before deletion (same as stop_session).

4. Silent JSONL loss on DB lock

Impact: Session chat output could be permanently lost under SQLite lock contention.

Root cause: flush_batch cleared its entire buffer when BEGIN failed.

Fix: Retain buffer for retry on next flush cycle.

5. Live feed wiped on tab switch

Impact: Switching back to an active session could erase messages that arrived while away.

Root cause: loadHistory replaced the in-memory journal array with the (stale) DB snapshot.

Fix: Merge DB history with live entries by seq.

Tests added

  • should_persist_skip_permissions_from_permission_mode_on_create
  • should_load_parent_and_depth_via_get_session
  • should_preserve_stopped_status_when_reader_loop_exits

Validation

  • cargo test --lib (new tests pass)
  • cargo clippy --lib -- -D warnings
  • cargo fmt --check
  • npm run format:check
  • npm run check (svelte-check)

Not fixed (needs separate PR)

  • Follow-up messages silently dropped while agent is running (spawning_sessions guard blocks do_spawn for entire reader_loop duration)
Open in Web View Automation 

cursoragent and others added 2 commits June 15, 2026 12:15
- Persist skip_permissions on create and load it via get_session
- Preserve Stopped status when reader loop exits after user stop
- Kill CLI process when deleting a running session
- Retain buffered session output when flush_batch BEGIN fails
- Merge journal history on tab switch instead of clobbering live feed

Co-authored-by: José Fernando <xinnaider@users.noreply.github.com>
Co-authored-by: José Fernando <xinnaider@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant