Skip to content

workflows/implement: filter claude stderr before forwarding to caller#159

Closed
ooloth wants to merge 1 commit into
mainfrom
claude/issue-81
Closed

workflows/implement: filter claude stderr before forwarding to caller#159
ooloth wants to merge 1 commit into
mainfrom
claude/issue-81

Conversation

@ooloth

@ooloth ooloth commented May 21, 2026

Copy link
Copy Markdown
Owner

✅ What

  • Adds is_claude_diagnostic to filter Claude subprocess stderr before forwarding to caller stderr
  • Lines over 200 chars or starting with {/[ (JSON) are suppressed from caller output
  • All stderr lines still go to the transcript file for local debugging

🤔 Why

  • Claude's stderr can include tool call results and file contents — email addresses, API responses, and other personal data from repos being processed
  • Caller stderr should show only Claude's own status and error messages, not the contents of files read during implementation

👩‍🔬 How to validate

  • Run hub implement on an issue in a repo that contains files with email addresses
  • Expect caller stderr to show only short Claude status messages (e.g. "Waiting for API…"), not file contents
  • Open the transcript file in ~/.hub/transcripts/ — expect the full interaction including tool results to be present

🔖 Related links

Closes #81

Generated by Claude Code

@ooloth
workflows/implement: filter claude stderr before forwarding to caller
34fff30 
#81

Previously every line from the Claude subprocess's stderr was forwarded
verbatim to the caller's stderr via `eprintln!`. With `--output-format
stream-json --verbose`, Claude's stderr can contain tool call results and
file contents — including email addresses, API responses, or other
personal data from repositories being processed.

This adds `is_claude_diagnostic`, a heuristic filter that passes only
lines that look like Claude's own status/diagnostic output: short lines
(<= 200 chars) that don't start with `{` or `[`. All stderr lines
continue to be written to the transcript file for local debugging.

Closes #81

https://claude.ai/code/session_01NX6Sqy1LRifn2ZbMjm4gcM
Copilot AI review requested due to automatic review settings May 21, 2026 05:18
@ooloth ooloth mentioned this pull request May 21, 2026
Closed
@ooloth ooloth added the author:agent This was authored by an agent. label May 21, 2026 — with Claude
@ooloth ooloth self-assigned this May 21, 2026
Copilot AI reviewed May 21, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR reduces the risk of leaking sensitive tool output or repository contents by filtering which claude subprocess stderr lines are forwarded to the caller’s stderr, while still capturing all stderr lines in the on-disk transcript for debugging.

Changes:

  • Added an is_claude_diagnostic heuristic to decide which stderr lines are safe to forward to caller output.
  • Updated the claude stderr forwarding loop to always write full stderr to the transcript and only forward “diagnostic-like” lines to caller stderr.
  • Added unit tests covering the new heuristic behavior.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread workflows/src/implement.rs
Comment on lines +28 to +29
// Suppress anything over 200 chars — diagnostic messages are short.
if line.len() > 200 {
Comment thread workflows/src/implement.rs
Comment on lines +365 to +370
fn short_status_messages_are_diagnostic() {
assert!(is_claude_diagnostic("Waiting for API…"));
assert!(is_claude_diagnostic("hub implement: starting ooloth/hub#81"));
assert!(is_claude_diagnostic("Error: something went wrong"));
assert!(is_claude_diagnostic(""));
}
This was referenced May 24, 2026
Open
Open
@ooloth

ooloth commented Jun 20, 2026

Copy link
Copy Markdown
Owner Author

Closing as obsolete. This PR filters Claude subprocess stderr in workflows/src/implement.rs, but main has since deleted that file (c72bc7d) as dead code — it was declared in lib.rs but never wired to any binary, so hub implement was never a runnable path.

The replacement dispatch architecture (workflows/src/dispatch.rs) spawns Claude in a detached tmux window; Claude's stdout/stderr go to that pane the human attaches to, rather than being piped back and re-emitted to caller stderr. The threat model this PR addressed (hub forwarding Claude's file-content-bearing stderr to the caller) no longer exists in the new design.

Superseded by main's deletion of the dead code. See #81.

@ooloth ooloth closed this Jun 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@ooloth ooloth

Labels

author:agent This was authored by an agent.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Stop forwarding raw Claude process stderr to caller output

2 participants

@ooloth