Harden runtime integrity and diagnostics#64
Conversation
This comment has been minimized.
This comment has been minimized.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 284df182ac
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: eba4d8dd4f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ff03aea5a9
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| removeTicketsSkill({ scope: "project", projectRoot: opts.projectRoot }), | ||
| removeTicketsSkill({ scope: "user" }), |
There was a problem hiding this comment.
Avoid deleting unrecognized hack-tickets skills
When a project or user already has a .codex/skills/hack-tickets directory whose SKILL.md is not the Hack-owned skill, checkDeprecatedTicketsSkill reports that as an error, but auto-sync still calls removeTicketsSkill; that remover deletes the directory without verifying the marker. In the default auto-sync mode this can be triggered by any normal Hack command after drift is detected, erasing an unrelated user skill instead of leaving the error for manual review.
Useful? React with 👍 / 👎.
| const usesHost = opts.target === "host" && hostValue !== undefined; | ||
| let effectiveScope: string | null = null; | ||
| let storedValue: unknown; | ||
| if (usesHost) { | ||
| effectiveScope = "host"; | ||
| storedValue = hostValue; |
There was a problem hiding this comment.
Use resolved env precedence in env explain
When --target host is used and a lower-priority host scope defines the key, this branch reports host as the effective source even if a later overlay/global or service value is what the runtime actually injects via hostTargetEnv/selectProjectEnvValuesForExecutionTarget. That makes hack env explain show the wrong source and secret status for layered overrides, so the explanation should be derived from the same resolved host/compose env map and precedence used for execution.
Useful? React with 👍 / 👎.
What changed
This PR hardens Hack's local runtime behavior across linked worktrees, lifecycle sessions, dependency bootstrap, targeted service operations, diagnostics, and generated agent guidance.
Runtime integrity
E_STARTUP_TIMEOUTinstead of hanging forever.E_STARTUP_INCOMPLETEwhen Compose exits zero but services remain Created/failed or no services are reported.hack up.doctor --fixrepair for exact containers stuck in Created without deleting them.Generic dependency and service operations
hack.dependencies.bootstrap=true, without assuming a service nameddeps.hack up <service...> -d,hack restart <service...>, andhack env apply --service <service>; scoped operations skip project lifecycle and implicit dependency startup.hack env explain <KEY> --env ... --service ... --target host|composeoutput showing availability, source, precedence, scope, and delivery.Doctor, global state, and agents
hack projects prune --project msp.--projectfiltering to prune so cleanup cannot affect unrelated project families.setup sync --all-scopes --check, shared~/.ai/skills/hack-climanagement, and explicit reload guidance for cached sessions.doctor --fix --jsonas a usage error instead of silently ignoring the mutating flag.Why
The prior behavior could leave a command hanging at “Starting”, report success while no service was running, lose lifecycle ownership after interruption, reinstall dependencies unnecessarily, or target a new branch stack without enough warning. Agent sessions could also keep stale Hack rules indefinitely, while Doctor mixed optional setup tips with actual repair work and suggested machine-wide cleanup for project-local drift.
User impact
New worktrees should inherit usable env state, selected overlays now reach host lifecycle processes predictably, interrupted startup has a safe recovery path, targeted changes avoid full-stack churn, and Doctor now reports concise scope-aware actions. Global and project agent integrations expose content staleness up front and have a supported refresh path.
Verification
bun test— full suite passes.bunx tsc -p packages/cli/tsconfig.json --noEmit.bun run build.lifecycle-session-recoveryE2E passes, including overlay propagation, branch isolation, compose failure, SIGTERM cleanup, deliberate SIGKILL, next-uprecovery, and Doctor cleanup.hack projects prune --project mspFollow-up / operator note
The existing orphan
msp--feat-apple-pay-merchant-sessions-endpointwas intentionally not pruned while other sessions are active. This PR makes the repair command safely project-scoped; cleanup can be run deliberately after review.