AI-Cognitive-Leap/agnes-the-ai-analyst
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
agnes-the-ai-analyst/docs/setup/claude_settings.json
ZdenekSrotyr 8d0bb43b06
release: 0.46.4 — detach SessionEnd push so it survives claude -p SIGTERM (#222) 
## Summary

`claude -p` (headless mode) gives SessionEnd hook subprocesses ~1 second before SIGTERM, regardless of work in progress. `agnes push` for a typical workspace takes 5-30s. The current synchronous SessionEnd hook (`agnes push --quiet 2>/dev/null || true`) was therefore being killed mid-first-upload — `|| true` masks the SIGTERM as exit 0, so this regression was invisible until I traced it via a wrapper script and Claude's `~/.claude/debug/<sid>.txt` log.

Fix: wrap SessionEnd push in `bash -c "( nohup agnes push --quiet </dev/null >/dev/null 2>&1 & ) ; true"`. The subshell exits immediately, orphaning the upload child to init so it survives the hook subprocess kill. Same `bash -c` pattern as the existing `refresh-marketplace` SessionStart entry (for Windows compatibility).

End-to-end verified against production: claude exited in 5s, detached child completed the upload, file `491e3a23-...jsonl` landed on the server within 30s with mtime 14:30 UTC.

## Test plan

- [x] `pytest tests/test_lib_hooks.py` — added `test_session_end_push_is_detached` regression test asserting `nohup`, `&`, `</dev/null` are all present.
- [x] `pytest tests/test_setup_hooks_template.py` — assertions loosened from `==` to `in` where necessary.
- [x] Verified end-to-end against production with the detached wrapper before opening this PR (manual probe).
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/keboola/agnes-the-ai-analyst/pull/222" target="_blank">
  <picture>
    <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
    <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->
2026-05-07 17:59:27 +02:00

161 lines
4.5 KiB
JSON
Raw Blame History

{
"hooks": {
"SessionStart": [
{
"hooks": [
{
"type": "command",
"command": "agnes self-upgrade --quiet 2>/dev/null || true; agnes pull --quiet 2>/dev/null || true"
}
]
},
{
"hooks": [
{
"type": "command",
"command": "bash -c \"agnes refresh-marketplace --quiet 2>/dev/null || true\""
}
]
},
{
"hooks": [
{
"type": "command",
"command": "bash -c \"agnes push --quiet 2>/dev/null || true\""
}
]
}
],
"SessionEnd": [
{
"hooks": [
{
"type": "command",
"command": "bash -c \"( nohup agnes push --quiet </dev/null >/dev/null 2>&1 & ) ; true\""
}
]
}
]
},
"permissions": {
"allow": [
"Bash(git rebase:*)",
"Bash(git add:*)",
"Bash(git checkout:*)",
"Bash(git branch:*)",
"Bash(git cherry-pick:*)",
"Bash(git log:*)",
"Bash(git show:*)",
"Bash(git commit:*)",
"Bash(git fetch:*)",
"Bash(git diff:*)",
"Bash(git status:*)",
"Bash(git remote:*)",
"Bash(git tag:*)",
"Bash(find:*)",
"Bash(ls:*)",
"Bash(tree:*)",
"Bash(head:*)",
"Bash(tail:*)",
"Bash(wc:*)",
"Bash(which:*)",
"Bash(where:*)",
"Bash(pwd:*)",
"Bash(whoami:*)",
"Bash(echo:*)",
"Bash(file:*)",
"Bash(stat:*)",
"Bash(bash server/scripts/*)",
"Bash(python server/scripts/*)",
"Bash(ssh:*)",
"Bash(scp:*)",
"WebFetch(domain:github.com)",
"WebSearch"
],
"deny": [
"Read(**/.env)",
"Read(**/.env.*)",
"Read(**/credentials*)",
"Read(**/*credentials*)",
"Read(**/.credentials*)",
"Read(**/secrets*)",
"Read(**/*secrets*)",
"Read(**/.secrets*)",
"Read(**/*.pem)",
"Read(**/*.key)",
"Read(**/*.p12)",
"Read(**/*.pfx)",
"Read(**/*.keystore)",
"Read(**/*id_rsa*)",
"Read(**/*id_dsa*)",
"Read(**/*id_ecdsa*)",
"Read(**/*id_ed25519*)",
"Read(**/.ssh/*)",
"Read(**/.aws/credentials)",
"Read(**/.aws/config)",
"Read(**/.kube/config)",
"Read(**/.docker/config.json)",
"Read(**/.npmrc)",
"Read(**/.pypirc)",
"Read(**/.netrc)",
"Read(**/.git-credentials)",
"Read(**/master.key)",
"Read(**/config/master.key)",
"Read(**/*.crt)",
"Read(**/*.cer)",
"Read(**/*.jks)",
"Read(**/password*)",
"Read(**/*password*)",
"Read(**/token*)",
"Read(**/*token*)",
"Read(**/apikey*)",
"Read(**/*apikey*)",
"Read(**/.htpasswd)",
"Write(**/.env)",
"Write(**/.env.*)",
"Write(**/credentials*)",
"Write(**/*credentials*)",
"Write(**/secrets*)",
"Write(**/*secrets*)",
"Write(**/*.pem)",
"Write(**/*.key)",
"Write(**/.ssh/*)",
"Edit(**/.env)",
"Edit(**/.env.*)",
"Edit(**/credentials*)",
"Edit(**/*credentials*)",
"Edit(**/secrets*)",
"Edit(**/*secrets*)",
"Edit(**/*.pem)",
"Edit(**/*.key)",
"Edit(**/.ssh/*)",
"Bash(cat:*)",
"Write(server/**)",
"Edit(server/**)"
],
"ask": [
"Bash(rm:*)",
"Bash(git reset:--hard:*)",
"Bash(git clean:*)",
"Bash(git push:--force:*)",
"Bash(git push:-f:*)",
"Bash(npm install:*)",
"Bash(yarn add:*)",
"Bash(pip install:*)",
"Bash(composer install:*)",
"Bash(docker:*)",
"Bash(kubectl:*)",
"Bash(grep:*)",
"Bash(env:*)",
"Write(**/package.json)",
"Edit(**/package.json)",
"Write(**/composer.json)",
"Edit(**/composer.json)",
"Write(**/package-lock.json)",
"Write(**/composer.lock)",
"Write(**/yarn.lock)",
"Write(**/.gitignore)",
"Edit(**/.gitignore)"
]
}
}
Reference in a new issue View git blame Copy permalink