You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The claude-cli/codex-cli CLI-subprocess coding-agent driver's env allowlist (CODING_AGENT_ENV_ALLOWLIST, packages/loopover-engine/src/miner/cli-subprocess-driver.ts:71-85) never passes through HOME/XDG_CONFIG_HOME/XDG_DATA_HOME/XDG_STATE_HOME, nor any coding-agent credential (CLAUDE_CODE_OAUTH_TOKEN, ANTHROPIC_API_KEY, OPENAI_API_KEY, CODEX_ACCESS_TOKEN). This means the spawned claude/codex subprocess can never authenticate at all — not a permission-scope problem (that was #6840, already fixed), a pure "who am I" problem: the subprocess has no HOME to locate a persisted credential file, and no credential env var either.
This is separate from #6840 despite surfacing through the identical-looking claude_code_error_success symptom — #6840's --permission-mode/--allowedTools fix was real and necessary but not sufficient; a live attempt still fails after that fix, now with an explicit "Not logged in · Please run /login" result once the actual cause is isolated.
Reproduction
Confirmed on a real machine, with a real, valid CLAUDE_CODE_OAUTH_TOKEN, replicating the exact env buildAllowlistedEnv constructs for the subprocess today:
$ env -i PATH="$PATH" TERM="$TERM" LANG="$LANG" claude --print --output-format json \
--permission-mode acceptEdits --allowedTools Read Bash -- 'say hello in 3 words'
{"type":"result","subtype":"success","is_error":true, ...,
"result":"Not logged in · Please run /login", "terminal_reason":"api_error", ...}
Adding back exactly HOME and CLAUDE_CODE_OAUTH_TOKEN (nothing else) succeeds:
Also confirmed via a full, real loopover-miner attempt <owner/repo> <issue#> --live run with #6840's fix already installed — still failed with the identical claude_code_error_success/zero-turns symptom, because the env-allowlist gap is a distinct, still-live blocker.
Root cause and existing precedent for the fix
This package already has a correct general-purpose allowlist that includes exactly what's missing — SUBPROCESS_CLI_ENV_ALLOWLIST (packages/loopover-engine/src/subprocess-env.ts:14-32) includes HOME, XDG_CONFIG_HOME, XDG_DATA_HOME, and XDG_STATE_HOME alongside the same proxy/locale/PATH vars CODING_AGENT_ENV_ALLOWLIST already has. cli-subprocess-driver.ts defines its own separate, narrower list
instead of using this one, and neither list carries any credential env var name.
Suggested scope for a fix (not investigated further here — this issue is the bug report, not the fix)
Add HOME/XDG_CONFIG_HOME/XDG_DATA_HOME/XDG_STATE_HOME to whatever allowlist cli-subprocess-driver.ts ends up using (reusing SUBPROCESS_CLI_ENV_ALLOWLIST directly would also retire a duplicate, already-drifted list).
Explicitly forward only the credential env var that matches the actually-configured provider (not a blanket allowlist of every possible credential name regardless of which provider is in use — an operator with both ANTHROPIC_API_KEY and OPENAI_API_KEY set but running claude-cli should not have the unrelated OPENAI_API_KEY reach the subprocess). packages/loopover-miner/lib/coding-agent-construction.js already knows the resolved provider name at construction time and is a natural place to inject this as the extra/options.env override buildAllowlistedEnv already supports.
This is the primary reason no claude-cli/codex-cli-driven AMS attempt has ever completed real work in production — more fundamental than #6840's permission-mode gap, which was necessary but not sufficient. Both together are required for a live attempt to succeed.
Problem
The
claude-cli/codex-cliCLI-subprocess coding-agent driver's env allowlist (CODING_AGENT_ENV_ALLOWLIST,packages/loopover-engine/src/miner/cli-subprocess-driver.ts:71-85) never passes throughHOME/XDG_CONFIG_HOME/XDG_DATA_HOME/XDG_STATE_HOME, nor any coding-agent credential (CLAUDE_CODE_OAUTH_TOKEN,ANTHROPIC_API_KEY,OPENAI_API_KEY,CODEX_ACCESS_TOKEN). This means the spawnedclaude/codexsubprocess can never authenticate at all — not a permission-scope problem (that was #6840, already fixed), a pure "who am I" problem: the subprocess has noHOMEto locate a persisted credential file, and no credential env var either.This is separate from #6840 despite surfacing through the identical-looking
claude_code_error_successsymptom — #6840's--permission-mode/--allowedToolsfix was real and necessary but not sufficient; a live attempt still fails after that fix, now with an explicit"Not logged in · Please run /login"result once the actual cause is isolated.Reproduction
Confirmed on a real machine, with a real, valid
CLAUDE_CODE_OAUTH_TOKEN, replicating the exact envbuildAllowlistedEnvconstructs for the subprocess today:Adding back exactly
HOMEandCLAUDE_CODE_OAUTH_TOKEN(nothing else) succeeds:Also confirmed via a full, real
loopover-miner attempt <owner/repo> <issue#> --liverun with #6840's fix already installed — still failed with the identicalclaude_code_error_success/zero-turns symptom, because the env-allowlist gap is a distinct, still-live blocker.Root cause and existing precedent for the fix
This package already has a correct general-purpose allowlist that includes exactly what's missing —
SUBPROCESS_CLI_ENV_ALLOWLIST(packages/loopover-engine/src/subprocess-env.ts:14-32) includesHOME,XDG_CONFIG_HOME,XDG_DATA_HOME, andXDG_STATE_HOMEalongside the same proxy/locale/PATH varsCODING_AGENT_ENV_ALLOWLISTalready has.cli-subprocess-driver.tsdefines its own separate, narrower listinstead of using this one, and neither list carries any credential env var name.
Suggested scope for a fix (not investigated further here — this issue is the bug report, not the fix)
HOME/XDG_CONFIG_HOME/XDG_DATA_HOME/XDG_STATE_HOMEto whatever allowlistcli-subprocess-driver.tsends up using (reusingSUBPROCESS_CLI_ENV_ALLOWLISTdirectly would also retire a duplicate, already-drifted list).ANTHROPIC_API_KEYandOPENAI_API_KEYset but runningclaude-clishould not have the unrelatedOPENAI_API_KEYreach the subprocess).packages/loopover-miner/lib/coding-agent-construction.jsalready knows the resolved provider name at construction time and is a natural place to inject this as theextra/options.envoverridebuildAllowlistedEnvalready supports.HOMEand the resolved credential — the existing driver tests, per claude-cli driver's --permission-mode acceptEdits denies every Read/Bash call, silently blocking all real work #6840's own bug report, are argv-shape assertions and didn't catch this gap either.Impact
This is the primary reason no
claude-cli/codex-cli-driven AMS attempt has ever completed real work in production — more fundamental than #6840's permission-mode gap, which was necessary but not sufficient. Both together are required for a live attempt to succeed.