Skip to content

fix(snapshot): age-guard stale tmp cleanup; tighten .env filter (#408, #410)#416

Merged
justrach merged 3 commits intomainfrom
fix/snapshot-batch
May 5, 2026
Merged

fix(snapshot): age-guard stale tmp cleanup; tighten .env filter (#408, #410)#416
justrach merged 3 commits intomainfrom
fix/snapshot-batch

Conversation

@justrach
Copy link
Copy Markdown
Owner

@justrach justrach commented May 5, 2026

Closes #408, #410. cleanupStaleTmpFiles now skips tmps under ~60s old (preserving in-flight writes). isSensitivePath .env filter requires exact match or '.env.' prefix. Tests pass; suite green.

chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 5, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 3ca345a32c

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/watcher.zig
Comment on lines +1087 to +1088
if (basename.len >= 4 and std.mem.eql(u8, basename[0..4], ".env") and
(basename.len == 4 or basename[4] == '.')) return true;
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot May 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Restore .env secret filtering in path checks*

The new .env predicate only matches exact .env or .env.-prefixed names, so files like .envrc (commonly used to hold environment secrets) are now treated as non-sensitive and will be indexed/searchable; the same narrowed check was added in src/snapshot.zig, so these files can also be persisted into snapshots. This is a security regression from the previous .env* behavior and conflicts with the privacy guarantee in README.md that sensitive .env* files are auto-excluded.

Useful? React with 👍 / 👎.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 5, 2026

Benchmark Regression Report

Thresholds: 10.00% and 50,000 ns absolute delta

NOISE means the percentage threshold was exceeded, but the absolute delta was too small to fail CI.

Tool Base (ns) Head (ns) Delta Abs Delta (ns) Status
codedb_bundle 565961 580002 +2.48% +14041 OK
codedb_changes 59421 70479 +18.61% +11058 NOISE
codedb_deps 10412 10112 -2.88% -300 OK
codedb_edit 6178 7355 +19.05% +1177 NOISE
codedb_find 68296 68036 -0.38% -260 OK
codedb_hot 106589 108236 +1.55% +1647 OK
codedb_outline 318066 311420 -2.09% -6646 OK
codedb_read 103433 98158 -5.10% -5275 OK
codedb_search 179810 179824 +0.01% +14 OK
codedb_snapshot 288252 284708 -1.23% -3544 OK
codedb_status 97904 95206 -2.76% -2698 OK
codedb_symbol 65213 63498 -2.63% -1715 OK
codedb_tree 71817 80348 +11.88% +8531 NOISE
codedb_word 79043 76195 -3.60% -2848 OK

justrach and others added 3 commits May 5, 2026 11:29
@justrach @claude
test(issue-405): cleanupStaleTmpFiles deletes in-flight sibling tmp f…
a082444 
…iles

snapshot.zig:cleanupStaleTmpFiles deletes any matching <basename>*.tmp
file in the snapshot directory with no age guard. A sibling writer that
just created its in-flight tmp gets unlinked by a concurrent
loadSnapshotValidated() before it can rename(tmp, dest).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@justrach @claude
test(issue-409): snapshot .env prefix filter wrongly excludes .envoy …
ad036e0 
…files

snapshot.zig:isSensitivePath uses a raw 4-byte prefix match
(`basename[0..4] == ".env"`) to catch .env*, which also rejects legitimate
non-secret files like .envoy.json and .environment. These files round-
trip incorrectly through writeSnapshot/loadSnapshot — they are silently
dropped from the snapshot.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@justrach @claude
fix(snapshot): age-guard stale tmp cleanup; tighten .env filter (#408,
524bd2d 
…#410)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@justrach justrach force-pushed the fix/snapshot-batch branch from 3ca345a to 524bd2d Compare May 5, 2026 03:29
@justrach justrach merged commit 2c881e0 into main May 5, 2026
1 check passed
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 5, 2026

Benchmark Regression Report

Thresholds: 10.00% and 50,000 ns absolute delta

NOISE means the percentage threshold was exceeded, but the absolute delta was too small to fail CI.

Tool Base (ns) Head (ns) Delta Abs Delta (ns) Status
codedb_bundle 518664 513282 -1.04% -5382 OK
codedb_changes 54716 57773 +5.59% +3057 OK
codedb_deps 9311 8906 -4.35% -405 OK
codedb_edit 5386 5090 -5.50% -296 OK
codedb_find 60005 62604 +4.33% +2599 OK
codedb_hot 93861 101388 +8.02% +7527 OK
codedb_outline 284058 278083 -2.10% -5975 OK
codedb_read 90644 93546 +3.20% +2902 OK
codedb_search 172146 181329 +5.33% +9183 OK
codedb_snapshot 274399 262420 -4.37% -11979 OK
codedb_status 203640 199998 -1.79% -3642 OK
codedb_symbol 58891 56975 -3.25% -1916 OK
codedb_tree 48897 69030 +41.17% +20133 NOISE
codedb_word 66630 70424 +5.69% +3794 OK

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

snapshot: cleanupStaleTmpFiles deletes in-flight sibling tmp files (concurrent-write race)

1 participant

@justrach