Skip to content

Write last build tag to /tmp for statusline#2652

Open
lawrencecchen wants to merge 1 commit intomainfrom
feat-reload-last-tag
Open

Write last build tag to /tmp for statusline#2652
lawrencecchen wants to merge 1 commit intomainfrom
feat-reload-last-tag

Conversation

@lawrencecchen
Copy link
Copy Markdown
Contributor

@lawrencecchen lawrencecchen commented Apr 6, 2026
edited by cubic-dev-ai bot
Loading

Summary

  • reload.sh writes the tag to /tmp/cmux-last-tag (global fallback) and /tmp/cmux-last-tag-$CLAUDE_SESSION_ID (per-session) after each build
  • Enables Claude Code statusline to show the latest tag each session has built, without sessions clobbering each other

Companion: a SessionStart hook in cmuxterm-hq bridges session_id into CLAUDE_SESSION_ID env var, and a statusline script reads the per-session tag file.

Test plan

  • Run CLAUDE_SESSION_ID=test123 ./scripts/reload.sh --tag foo and verify /tmp/cmux-last-tag-test123 contains foo
  • Run without CLAUDE_SESSION_ID and verify /tmp/cmux-last-tag is written

Summary by cubic

After each build, scripts/reload.sh now writes the tag to /tmp/cmux-last-tag and, when CLAUDE_SESSION_ID is set, to /tmp/cmux-last-tag-$CLAUDE_SESSION_ID. This lets the Claude Code statusline show the latest tag per session without clobbering across sessions.

Written for commit 5505719. Summary will update on new commits.

@lawrencecchen
Write last tag to /tmp for Claude Code statusline
5505719 
reload.sh now writes the tag to /tmp/cmux-last-tag (global) and
/tmp/cmux-last-tag-$CLAUDE_SESSION_ID (per-session) so each
Claude Code instance can display its own latest build tag in the
status line.
@vercel
Copy link
Copy Markdown

vercel bot commented Apr 6, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
cmux Ready Ready Preview, Comment Apr 6, 2026 11:36pm

@cubic-dev-ai
Copy link
Copy Markdown

cubic-dev-ai bot commented Apr 6, 2026

This review could not be run because your cubic account has exceeded the monthly review limit. If you need help restoring access, please contact contact@cubic.dev.

chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Apr 6, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 550571955a

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

scripts/reload.sh
Comment on lines +409 to +410
if [[ -n "${CLAUDE_SESSION_ID:-}" ]]; then
echo "$TAG" > "/tmp/cmux-last-tag-${CLAUDE_SESSION_ID}" || true
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Sanitize session ID before composing tag file path

CLAUDE_SESSION_ID is written directly into the filename (/tmp/cmux-last-tag-${CLAUDE_SESSION_ID}) without slugging/validation. If the session id ever contains path separators or traversal segments (for example a/b), the redirection fails or can target an unintended path, and the trailing || true suppresses the error so the per-session tag file is silently not updated. This breaks the new statusline behavior for those sessions; normalize the id (e.g., via sanitize_path) before using it in a filesystem path.

Useful? React with 👍 / 👎.

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps bot commented Apr 6, 2026

Greptile Summary

reload.sh now writes the current build tag to /tmp/cmux-last-tag (global) and /tmp/cmux-last-tag-${CLAUDE_SESSION_ID} (per-session) after each tagged build, enabling per-session statusline display without inter-session clobbering. The only finding is a minor P2: CLAUDE_SESSION_ID is embedded in the filename without sanitize_path(), inconsistent with the script's existing defensive pattern for all other env-controlled path components.

Confidence Score: 5/5

Safe to merge; only a minor P2 sanitization suggestion remains.

The change is two lines, the logic is correct and well-placed, and the only finding is a P2 style inconsistency with the script's existing sanitize_path() pattern. P2 findings do not reduce the score below 5.

scripts/reload.sh lines 409-411 (CLAUDE_SESSION_ID sanitization)

Important Files Changed

Filename Overview
scripts/reload.sh Adds tag-writing to /tmp after each tagged build; CLAUDE_SESSION_ID used unsanitized in filename (P2 style issue)

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant Script as reload.sh
    participant GlobalFile as /tmp/cmux-last-tag
    participant SessionFile as /tmp/cmux-last-tag-SESSION_ID
    participant Statusline as Claude Code Statusline

    Dev->>Script: ./scripts/reload.sh --tag foo
    Script->>Script: Build & configure tagged app
    Script->>GlobalFile: echo "$TAG" (global fallback)
    alt CLAUDE_SESSION_ID is set
        Script->>SessionFile: echo "$TAG" (unsanitized key)
    end
    Statusline->>SessionFile: read per-session tag
    Statusline->>Statusline: display current build tag
Loading

Reviews (1): Last reviewed commit: "Write last tag to /tmp for Claude Code s..." | Re-trigger Greptile

greptile-apps[bot]
greptile-apps bot reviewed Apr 6, 2026
View reviewed changes
scripts/reload.sh
Comment on lines +409 to +411
if [[ -n "${CLAUDE_SESSION_ID:-}" ]]; then
echo "$TAG" > "/tmp/cmux-last-tag-${CLAUDE_SESSION_ID}" || true
fi
Copy link
Copy Markdown
Contributor

@greptile-apps greptile-apps bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Unsanitized CLAUDE_SESSION_ID in filename

The script's established pattern is to pass all env-controlled values through sanitize_path() before embedding in /tmp paths (e.g. TAG_SLUG="$(sanitize_path "$TAG")"). Using CLAUDE_SESSION_ID raw could silently write to an unintended path if it ever contained / or ..; the || true means failures go unnoticed.

Suggested change
if [[ -n "${CLAUDE_SESSION_ID:-}" ]]; then
echo "$TAG" > "/tmp/cmux-last-tag-${CLAUDE_SESSION_ID}" || true
fi
if [[ -n "${CLAUDE_SESSION_ID:-}" ]]; then
SESSION_SLUG="$(sanitize_path "${CLAUDE_SESSION_ID}")"
echo "$TAG" > "/tmp/cmux-last-tag-${SESSION_SLUG}" || true
fi

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

+1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lawrencecchen