fix: prevent silent data loss on failed workspace session hydration (#1158)#1267
Open
blut-agent wants to merge 1 commit intostablyai:mainfrom
Open
fix: prevent silent data loss on failed workspace session hydration (#1158)#1267blut-agent wants to merge 1 commit intostablyai:mainfrom
blut-agent wants to merge 1 commit intostablyai:mainfrom
Conversation
…tablyai#1158) When workspace session hydration fails on startup, the error handler in App.tsx calls hydrateWorkspaceSession with empty tabs. The debounced session writer then picks up this empty state and permanently overwrites orca-data.json, deleting the user's tab state. Three fixes: 1. Gate session writer on hydration success — add a hydrationSucceeded flag in the main process Store. The writer's setWorkspaceSession() returns early until markHydrationSucceeded() is called by the renderer after a successful hydration. 2. Rolling backups before overwriting — before writing orca-data.json, rename the existing file to .bak and .bak.1. Wrapped in try/catch so backup failures never block the write. 3. Broaden worktree-id filter guard — in hydrateWorkspaceSession, also allow worktrees with undefined IDs (folder repos, certain SSH setups). Previously only 'default' worktrees were preserved.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
When workspace session hydration fails on startup, the error handler in
App.tsxcallshydrateWorkspaceSession({ tabsByWorktree: {}, ... })with empty tabs. The debounced session writer picks up this empty state and permanently overwritesorca-data.json, deleting the user's tab state with no recovery path.Fixes
Three layered fixes addressing different failure modes:
1. Gate session writer on hydration success (primary fix)
Add a
hydrationSucceededflag in the main processStore.setWorkspaceSession()returns early untilmarkHydrationSucceeded()is called by the renderer after a successful hydration. This prevents the error-handler path (empty tabs) from being persisted to disk.2. Rolling backups before overwriting (safety net)
Before writing
orca-data.json, rename the existing file to.bakand.bak.1. Wrapped in try/catch so backup failures never block the write. If a bad write occurs, the user can recover from.bak.3. Broaden worktree-id filter guard (edge case)
In
hydrateWorkspaceSession, also allow worktrees withundefinedIDs (folder repos, certain SSH setups). Previously only'default'worktrees were preserved, silently dropping tabs from other worktrees.Files Changed
src/main/persistence.tshydrationSucceededflag + rolling backupsrc/main/ipc/session.tssession:mark-hydration-succeededIPC handlersrc/preload/index.tsmarkHydrationSucceeded()to renderersrc/renderer/src/App.tsxmarkHydrationSucceeded()after successful hydrationsrc/renderer/src/store/slices/terminals.tsundefinedworktree IDs in filterTest Plan
tsc --noEmitpasses with zero errorsworkspace-sessionandterminalstests pass