fix(stability): remaining crash/hang fixes from stability pass#18
Merged
Conversation
Closes out the 6 items still open from the 10-bug stability audit: - auto-create sub-chat row on send when the row is missing (prevents silent UPDATE no-op if renderer races createSubChat → send) - strip CLAUDE_CODE_ENTRYPOINT/CLAUDECODE from inherited env so the dev build launched from a `claude` CLI terminal no longer fails with "Claude Code cannot be launched inside another session" - 90s first-chunk wedge timeout on the SDK stream — aborts and surfaces a STREAM_WEDGE error instead of hanging the UI indefinitely - clearer ENOENT message when the bundled Claude binary is missing, pointing the user at `bun run claude:download` - root AppErrorBoundary + preload try/catch around exposeElectronTRPC, with one-shot auto-reload (10s debounce via sessionStorage) so IPC race crashes recover instead of leaving a black screen - Opus 1M context: map `opus[1m]` to the `opus` CLI shortcut and set ANTHROPIC_BETAS=context-1m-2025-08-07 on the child env so the 1M window actually engages Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
aletc1
added a commit
that referenced
this pull request
Apr 18, 2026
Adds the user-visible features shipped since the README was last touched (commits #18 through #26) and groups the fork additions into four sections for readability: Workflow & UI, Git/PRs/Worktrees, Models, and Stability & Polish. Highlights surfaced: split view with drag-to-split, Cmd+Shift+T, sortable sidebar, draggable tabs, queue reorder, copy popover, PR widget + branch switcher, two-column commit diff, Pull & Push recovery dialog, worktree deletion safety, Sonnet 4.6 1M context + recovery action, GPT-5.4, rich tool rendering, stream wedge timeout, and crash auto-recovery. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
8 tasks
aletc1
added a commit
that referenced
this pull request
Apr 18, 2026
…esh (#27) * fix(security,perf): audit-driven hardening of main process Addresses critical findings from a security/correctness/performance audit. Security (P0): - voice.ts, claude/env.ts: replace `execSync(${shell} -ilc '...')` with `execFileSync(shell, ['-ilc', ...])` and add a safe-shell allowlist to block `$SHELL=` command-injection via template interpolation. - claude-token.ts: remove `shell: true` from the `claude setup-token` spawn and resolve the CLI to an absolute path via `which`/`where` before invoking, so metacharacters in PATH can't be interpreted. - auth-manager.ts + index.ts: the `/auth` deep-link handler now requires an in-flight OAuth flow initiated by `startAuthFlow()`. A per-flow `state` nonce is generated, attached to the auth URL, and verified with constant-time compare on callback. Unsolicited deep links (drive- by CSRF via `twentyfirst-agents://auth?code=...`) are rejected. Performance (P1): - db/index.ts: add `PRAGMA synchronous = NORMAL` under WAL to reduce fsync load during high-frequency message persistence. - db/schema/index.ts + drizzle/0009_*: add indexes on `chats.project_id`, `sub_chats.chat_id`, and `sub_chats.stream_id` (previously full-table scans on hot FK lookups). - claude.ts: coalesce `text-delta` chunks in a 24ms buffer keyed by text id. Non-delta chunks flush the buffer first to preserve ordering. Cuts tRPC/IPC chatter during long streaming responses. Robustness (P2): - db/index.ts: migration failures now quarantine the DB file to `agents.db.broken-<timestamp>` and start fresh instead of crashing the app on every launch. - index.ts: bound `cleanupGitWatchers()` in `before-quit` to 1.5s so a hung chokidar instance can't block app quit indefinitely. Dismissed during verification: - `sandbox: false` in webPreferences is intentional for electron-trpc; contextIsolation remains enabled. - `activeSessions` map cleanup is already wired on unsubscribe and in the stream's finally block. - The stream's async IIFE is wrapped in try/catch/finally; no unhandled rejection. - Project deletion is atomic under FK cascade with `foreign_keys=ON`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * docs: refresh fork additions section with recent features Adds the user-visible features shipped since the README was last touched (commits #18 through #26) and groups the fork additions into four sections for readability: Workflow & UI, Git/PRs/Worktrees, Models, and Stability & Polish. Highlights surfaced: split view with drag-to-split, Cmd+Shift+T, sortable sidebar, draggable tabs, queue reorder, copy popover, PR widget + branch switcher, two-column commit diff, Pull & Push recovery dialog, worktree deletion safety, Sonnet 4.6 1M context + recovery action, GPT-5.4, rich tool rendering, stream wedge timeout, and crash auto-recovery. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes out the 6 items still open from the 10-bug stability audit:
claudeCLI terminal no longer fails with "Claude Code cannot be launched inside another session"bun run claude:downloadopus[1m]to theopusCLI shortcut and set ANTHROPIC_BETAS=context-1m-2025-08-07 on the child env so the 1M window actually engages