fix: quota keychain prompts, permission reset, banner quality, multi-window activation#63
Merged
Merged
Conversation
…sent Claude Code rotates its keychain item every ~8h and the rewrite wipes the trusted-app ACL, re-firing the password prompt despite "Always Allow." Upstream (anthropics/claude-code#22144) closed the fix as not planned. The credentials file path is the documented escape hatch: users who write ~/.claude/.credentials.json (mode 0600) get zero prompts because Claude itself reads the file first and we now do the same. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
AEDeterminePermissionToAutomateTarget(...askUserIfNeeded: true) often returns the cached decision without dispatching the TCC dialog, so "Reset & prompt" on Automation -> System Events appeared to do nothing. Send a real harmless AppleScript command to System Events instead; macOS reliably fires the prompt on the first AppleEvent send after a tccutil reset clears the decision. Also surface tccutil non-zero exits via stderr so silent failures become visible during dev. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Claude Code occasionally fires the same Stop hook twice in rapid succession, producing two identical banners + two list entries. Drop the second event when an identical one (same agent/kind/message/ claudeSessionID) landed within a 2s window. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…pen when more events remain - Banner title now appends the custom/claudeName label (mirroring Sessions tab and context banners) so users can tell which session fired when multiple sessions are active. - Approve no longer closes the panel unconditionally — only closes when the queue is empty, matching the dismiss flow. Approving the last event still hides so the keystroke lands in the target app. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
cursor/code --reuse-window picks the most-recently-focused window matching the path, which is wrong when multiple editor windows are open for the same project. notify.sh already captures the per-window VSCODE_IPC_HOOK_CLI as event.ipcHook but the activator never used it. Prefix the shell invocation with the captured socket path so the CLI talks to that specific window's IPC server — pinning activation to the window the agent actually ran in. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
For iTerm2 with multiple tabs in the same project folder, the AX title-fragment walk picks an arbitrary matching tab — wrong when the agent runs in a specific pane. notify.sh already captures ITERM_SESSION_ID as event.sessionID; use iTerm2's AppleScript dictionary to walk windows -> tabs -> sessions and select the exact session whose id matches. Falls through to the AX path if scripting errors or the session has since been closed. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…ursor window iTerm2: ITERM_SESSION_ID is 'w0t0p0:UUID' (window-tab-pane prefix + UUID) but iTerm2's AppleScript 'id of session' returns just the UUID. The previous match compared the prefixed form against the bare UUID and always missed. Strip the prefix before comparing. Cursor/VSCode: --reuse-window routes the open request to the correct window via the IPC hook, but the CLI doesn't raise that window — the most-recently-focused window pops to front instead. Add an AX raise step that matches the captured windowTitle (which includes the open filename and is window-specific), pinning activation to the agent's window. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Seven targeted fixes off the back of user testing. Each is its own commit so the diff is easy to review.
Quota / keychain
fix(quota): prefer ~/.claude/.credentials.json over keychain when present(32df863)Claude Code rotates its keychain item every ~8h and the rewrite wipes the trusted-app ACL, re-firing the password prompt despite "Always Allow." Upstream (anthropics/claude-code#22144) closed the fix as not planned. The credentials file path is the documented escape hatch: users who write
~/.claude/.credentials.json(mode 0600) get zero prompts because Claude itself reads the file first and we now do the same.Permissions
fix(permissions): use real AppleEvent to trigger Automation prompt(33914d8)AEDeterminePermissionToAutomateTarget(...askUserIfNeeded: true)often returns the cached decision without dispatching the TCC dialog, so "Reset & prompt" on Automation → System Events appeared to do nothing. Send a real AppleScript command to System Events instead; macOS reliably fires the prompt on the first AppleEvent after atccutil reset. Also surfacetccutilnon-zero exits via stderr.Banner & panel quality
fix(events): dedupe hooks fired twice within 2s(9a3d846)Claude Code occasionally fires the same Stop hook twice in rapid succession. Drop the duplicate (same agent / kind / message / claudeSessionID) within a 2s window.
fix(panel): banner title includes session name; approve keeps panel open when more events remain(fcb763f)Click-to-focus on the right window
fix(activator): route Cursor/VSCode CLI through captured IPC socket(688641a)cursor/code --reuse-windowpicks the most-recently-focused matching window, which is wrong when multiple editor windows are open for the same project. notify.sh already captures the per-windowVSCODE_IPC_HOOK_CLIasevent.ipcHook— the activator never used it. Prefix the shell invocation with the captured socket path so the CLI talks to that specific window's IPC server.fix(activator): route iTerm2 click-to-focus via ITERM_SESSION_ID(ad34ae4)For iTerm2 with multiple tabs in the same project folder, the AX title-fragment walk picked an arbitrary matching tab. Use iTerm2's AppleScript dictionary to walk windows → tabs → sessions and select the exact session whose id matches
event.sessionID. Falls through to the AX path if scripting errors.fix(activator): correct iTerm2 session-id match + AX-raise specific Cursor window(d1e5226)ITERM_SESSION_IDisw0t0p0:UUIDbut iTerm's AppleScriptid of sessionreturns just the UUID. Strip the prefix before comparing.--reuse-windowroutes the open request correctly but doesn't raise the targeted window. Added an AX-raise step matching the captured windowTitle (which has the open filename and is window-specific).Known limitation: Zed multi-window
Investigated and confirmed unfixable from our side. Zed is single-process Rust/GPUI with no per-window env var (
ZED_TERM,TERM_PROGRAMare static), no AppleScript dictionary, no IPC socket, no URL-scheme window targeting, and no CLI flag to target a specific window. All Zed windows share PID, so process-tree walking doesn't help either. No third-party tool has solved this. Filing upstream as a follow-up.Test plan
~/.claude/.credentials.jsonpresent, no keychain prompts on quota polls.ZED_WINDOW_ID.🤖 Generated with Claude Code