fix: silence unused hook token url param (#9436)

* fix: Gateway authentication token exposed in URL query parameters * fix: silence unused hook token url param * fix: remove gateway auth tokens from URLs (#9436) (thanks @coygeek) * test: fix Windows path separators in audit test (#9436) --------- Co-authored-by: George Pickett <gpickett00@gmail.com>
2026-05-08 03:11:25 +00:00 · 2026-02-05 18:08:29 -08:00
parent b1430aaaca
commit 717129f7f9
22 changed files with 107 additions and 172 deletions
--- a/src/agents/session-write-lock.ts
+++ b/src/agents/session-write-lock.ts
@@ -18,34 +18,6 @@ const CLEANUP_SIGNALS = ["SIGINT", "SIGTERM", "SIGQUIT", "SIGABRT"] as const;
 type CleanupSignal = (typeof CLEANUP_SIGNALS)[number];
 const cleanupHandlers = new Map<CleanupSignal, () => void>();

-/**
- * Release all held locks - called on process exit to prevent orphaned locks
- */
-async function releaseAllLocks(): Promise<void> {
-  const locks = Array.from(HELD_LOCKS.values());
-  HELD_LOCKS.clear();
-  for (const lock of locks) {
-    try {
-      await lock.handle.close();
-      await fs.rm(lock.lockPath, { force: true });
-    } catch {
-      // Best effort cleanup
-    }
-  }
-}
-
-if (process.env.NODE_ENV !== "test" && !process.env.VITEST) {
-  // Register cleanup handlers to release locks on unexpected termination
-  process.on("exit", releaseAllLocks);
-  process.on("SIGTERM", () => {
-    void releaseAllLocks().then(() => process.exit(0));
-  });
-  process.on("SIGINT", () => {
-    void releaseAllLocks().then(() => process.exit(0));
-  });
-  // Note: unhandledRejection handler will call process.exit() which triggers 'exit'
-}
-
 function isAlive(pid: number): boolean {
  if (!Number.isFinite(pid) || pid <= 0) {
    return false;