mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-30 21:01:54 +08:00
`hexclave dev` re-execs through `npx <pkg>@latest` to pick up the latest dashboard. If that npx run failed (npm error, blocked download, lock contention, offline) it exited nonzero and `maybeReexecToLatest` propagated the code via process.exit, killing `hexclave dev` even though a perfectly good CLI was already installed. This bites users behind a package firewall (e.g. Socket Firewall on Replit), which blocks the @hexclave/cli download and surfaces as `npm error Lock compromised` (ECOMPROMISED) from npx's own cache lock. Use a startup-marker handshake to tell apart an npx/install failure (our CLI never ran -> fall back to the installed CLI) from a genuine nonzero exit of the wrapped command (our CLI ran -> propagate). The marker only needs file create/exists, so it's robust on sandboxed/networked filesystems. If the marker can't be created we keep the old always-propagate behavior. decidePostReexec + signalReexecStartedIfChild are pure and unit-tested. |
||
|---|---|---|
| .. | ||
| cli | ||
| dashboard-ui-components | ||
| js | ||
| next | ||
| react | ||
| sc | ||
| shared | ||
| shared-backend | ||
| tanstack-start | ||
| template | ||
| ui | ||