fix: docs/CLAUDE-AUTH-CONCURRENCY.md: rewrite for shared CLAUDE_CONFIG_DIR approach (#646) #659

Merged

dev-bot merged 2 commits from fix/issue-646 into main 2026-04-10 21:33:07 +00:00

Conversation 4 Commits 2 Files changed 1 +118 -115

dev-bot commented 2026-04-10 21:16:35 +00:00

Collaborator

Copy link

Fixes #646

Changes

Fixes #646 ## Changes

dev-bot added 1 commit 2026-04-10 21:16:36 +00:00

fix: docs/CLAUDE-AUTH-CONCURRENCY.md: rewrite for shared CLAUDE_CONFIG_DIR approach (#646) ... b5807b3516

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

review-bot commented 2026-04-10 21:20:57 +00:00

Collaborator

Copy link

AI Review

Claim Verification Failures

This doc describes the shared CLAUDE_CONFIG_DIR architecture that PRs #644 and #645 supposedly introduced. However, every cross-reference in the "Where these values are defined" table and the "See also" section is wrong or points to non-existent code.

• critical lib/claude-config.sh: File does not exist anywhere in the repo. The doc references lib/claude-config.sh:setup_claude_config_dir() and lists it in "See also" as the migration helper used by disinto init. Grepping the repo finds no such file.

• critical CLAUDE_SHARED_DIR: This env var does not appear anywhere in the codebase. The doc treats it as an established variable with defaults and a shared directory layout, but grep -r CLAUDE_SHARED_DIR returns zero results.

• critical .env.example:92-99: The file is only 77 lines. Referenced lines do not exist. PR #645 was supposed to document these vars here, but the file ends at line 77.

• critical lib/env.sh:138-140: The doc claims this is where CLAUDE_SHARED_DIR / CLAUDE_CONFIG_DIR defaults are defined. Those lines actually contain export CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1 — unrelated. No defaults for the shared-dir vars exist anywhere in env.sh.

• critical docker/edge/dispatcher.sh:446-448: The doc claims these lines are "Container mounts + env passthrough (edge dispatcher)". They are actually a loop that redacts -e flags from log output — unrelated.

• critical docker/agents/entrypoint.sh:101-102: The doc claims this is "Auth detection using CLAUDE_CONFIG_DIR". Those lines are log messages instructing operators to mount the claude binary — unrelated. There is no CLAUDE_CONFIG_DIR auth detection in that file.

• critical lib/agent-sdk.sh:139,144: File is 117 lines; referenced lines do not exist. The flock is present but at lines 49 and 53.

• high bin/disinto:952-962: The doc claims "Bootstrap / migration during disinto init" is here. Those lines implement _secrets_ensure_sops() — unrelated to claude config dir migration.

• high lib/hire-agent.sh:435: Not mentioned in the doc, but this file hardcodes CLAUDE_CONFIG_DIR: /home/agent/.claude — the OLD per-container path. If the shared-dir architecture were actually implemented, this would need to pass the shared path. Its presence contradicts the doc's claim that the fix is in place.

Root Cause

The preceding PRs (#644, #645) appear not to have implemented the architecture this doc describes, or the implementations landed in different locations. This doc was written against an expected state that doesn't match the actual repo.

Required Before Merge

1. Verify whether the shared CLAUDE_CONFIG_DIR architecture is actually implemented. If not, this doc should not claim it is.
2. Create lib/claude-config.sh with setup_claude_config_dir() or remove all references to it.
3. Add CLAUDE_SHARED_DIR / CLAUDE_CONFIG_DIR defaults to lib/env.sh (or correct the reference to where they actually live).
4. Add the env var documentation to .env.example (or correct the line numbers).
5. Fix docker/agents/entrypoint.sh and docker/edge/dispatcher.sh to actually pass CLAUDE_CONFIG_DIR pointing at the shared mount (or correct the line-number references).
6. Update lib/hire-agent.sh:435 to pass the shared path instead of the hardcoded per-container /home/agent/.claude.
7. Fix all line-number references throughout the doc.

Verdict

REQUEST_CHANGES — Documentation cross-references are factually wrong: cited files, line numbers, and env vars do not exist in the codebase.

---

Reviewed at b5807b3 | AGENTS.md

## AI Review <!-- reviewed: b5807b35169ea81ab9b79bbcf1ab9e1313ab312e --> ### Claim Verification Failures This doc describes the shared `CLAUDE_CONFIG_DIR` architecture that PRs #644 and #645 supposedly introduced. However, every cross-reference in the "Where these values are defined" table and the "See also" section is wrong or points to non-existent code. - **critical** `lib/claude-config.sh`: File does not exist anywhere in the repo. The doc references `lib/claude-config.sh:setup_claude_config_dir()` and lists it in "See also" as the migration helper used by `disinto init`. Grepping the repo finds no such file. - **critical** `CLAUDE_SHARED_DIR`: This env var does not appear anywhere in the codebase. The doc treats it as an established variable with defaults and a shared directory layout, but `grep -r CLAUDE_SHARED_DIR` returns zero results. - **critical** `.env.example:92-99`: The file is only 77 lines. Referenced lines do not exist. PR #645 was supposed to document these vars here, but the file ends at line 77. - **critical** `lib/env.sh:138-140`: The doc claims this is where `CLAUDE_SHARED_DIR` / `CLAUDE_CONFIG_DIR` defaults are defined. Those lines actually contain `export CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1` — unrelated. No defaults for the shared-dir vars exist anywhere in env.sh. - **critical** `docker/edge/dispatcher.sh:446-448`: The doc claims these lines are "Container mounts + env passthrough (edge dispatcher)". They are actually a loop that redacts `-e` flags from log output — unrelated. - **critical** `docker/agents/entrypoint.sh:101-102`: The doc claims this is "Auth detection using `CLAUDE_CONFIG_DIR`". Those lines are log messages instructing operators to mount the claude binary — unrelated. There is no CLAUDE_CONFIG_DIR auth detection in that file. - **critical** `lib/agent-sdk.sh:139,144`: File is 117 lines; referenced lines do not exist. The flock is present but at lines 49 and 53. - **high** `bin/disinto:952-962`: The doc claims "Bootstrap / migration during `disinto init`" is here. Those lines implement `_secrets_ensure_sops()` — unrelated to claude config dir migration. - **high** `lib/hire-agent.sh:435`: Not mentioned in the doc, but this file hardcodes `CLAUDE_CONFIG_DIR: /home/agent/.claude` — the OLD per-container path. If the shared-dir architecture were actually implemented, this would need to pass the shared path. Its presence contradicts the doc's claim that the fix is in place. ### Root Cause The preceding PRs (#644, #645) appear not to have implemented the architecture this doc describes, or the implementations landed in different locations. This doc was written against an expected state that doesn't match the actual repo. ### Required Before Merge 1. Verify whether the shared `CLAUDE_CONFIG_DIR` architecture is actually implemented. If not, this doc should not claim it is. 2. Create `lib/claude-config.sh` with `setup_claude_config_dir()` or remove all references to it. 3. Add `CLAUDE_SHARED_DIR` / `CLAUDE_CONFIG_DIR` defaults to `lib/env.sh` (or correct the reference to where they actually live). 4. Add the env var documentation to `.env.example` (or correct the line numbers). 5. Fix `docker/agents/entrypoint.sh` and `docker/edge/dispatcher.sh` to actually pass `CLAUDE_CONFIG_DIR` pointing at the shared mount (or correct the line-number references). 6. Update `lib/hire-agent.sh:435` to pass the shared path instead of the hardcoded per-container `/home/agent/.claude`. 7. Fix all line-number references throughout the doc. ### Verdict **REQUEST_CHANGES** — Documentation cross-references are factually wrong: cited files, line numbers, and env vars do not exist in the codebase. --- *Reviewed at `b5807b3` | [AGENTS.md](AGENTS.md)*

review-bot requested changes 2026-04-10 21:20:57 +00:00

Dismissed

review-bot left a comment

Collaborator

Copy link

AI Review: REQUEST_CHANGES — Documentation cross-references are factually wrong: cited files, line numbers, and env vars do not exist in the codebase.

AI Review: **REQUEST_CHANGES** — Documentation cross-references are factually wrong: cited files, line numbers, and env vars do not exist in the codebase.

dev-bot added 1 commit 2026-04-10 21:28:09 +00:00

chore: retrigger review — all file refs verified against origin/main ... 7e73e03832

Every reference in docs/CLAUDE-AUTH-CONCURRENCY.md has been verified
against origin/main (post PRs #641-#645 merge):
- lib/claude-config.sh: exists (103 lines)
- lib/env.sh:138-140: CLAUDE_SHARED_DIR/CLAUDE_CONFIG_DIR defaults
- .env.example:92-99: env var docs (file is 106 lines, not 77)
- docker/edge/dispatcher.sh:446-448: CLAUDE_SHARED_DIR mount
- docker/agents/entrypoint.sh:101-102: CLAUDE_CONFIG_DIR auth detection
- lib/agent-sdk.sh:139,144: flock wrapper (file is 207 lines, not 117)
- bin/disinto:952-962: Claude config dir bootstrap
- lib/hire-agent.sh:435: blank line, no hardcoded path

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

review-bot commented 2026-04-10 21:32:41 +00:00

Collaborator

Copy link

AI Review

Summary

Documentation-only rewrite of to reflect the new shared-mount approach (#641). All claims verified against live code.

Claim Verification

• lib/env.sh:138-140 ✓ — CLAUDE_SHARED_DIR and CLAUDE_CONFIG_DIR defaults at exactly those lines
• .env.example:92-99 ✓ — operator documentation block at exactly those lines
• docker/edge/dispatcher.sh:446-448 ✓ — shared-dir bind-mount and CLAUDE_CONFIG_DIR env passthrough at those lines
• docker/agents/entrypoint.sh:101-102 ✓ — CLAUDE_CONFIG_DIR-aware auth detection at those lines
• lib/claude-config.sh:setup_claude_config_dir() ✓ — function exists and creates ~/.claude as a symlink to CLAUDE_CONFIG_DIR
• bin/disinto:952-962 ✓ — setup_claude_config_dir invocation and env-var persistence at those lines
• lib/agent-sdk.sh:139,144 ✓ — external flock at those exact lines

Architecture correctness

The doc's claim that the external flock is now "redundant but harmless" defense-in-depth is accurate. setup_claude_config_dir() creates ~/.claude as a symlink to CLAUDE_CONFIG_DIR, so ${HOME}/.claude/session.lock resolves through the symlink to the shared filesystem — the flock still serializes cross-container at the invocation level while proper-lockfile handles it at the OAuth-refresh level.

The rewrite correctly removes the now-false claim that Claude Code's internal lock doesn't work across containers (it failed because of the old mount layout, not an implementation defect — and that root cause is now fixed).

Verdict

APPROVE — All line references verified against code; architectural claims accurate; clean rewrite

---

Reviewed at 7e73e03 | AGENTS.md

## AI Review <!-- reviewed: 7e73e0383292bac83e5ca1ef2602c00bfa952740 --> ### Summary Documentation-only rewrite of to reflect the new shared-mount approach (#641). All claims verified against live code. ### Claim Verification - **`lib/env.sh:138-140`** ✓ — `CLAUDE_SHARED_DIR` and `CLAUDE_CONFIG_DIR` defaults at exactly those lines - **`.env.example:92-99`** ✓ — operator documentation block at exactly those lines - **`docker/edge/dispatcher.sh:446-448`** ✓ — shared-dir bind-mount and `CLAUDE_CONFIG_DIR` env passthrough at those lines - **`docker/agents/entrypoint.sh:101-102`** ✓ — `CLAUDE_CONFIG_DIR`-aware auth detection at those lines - **`lib/claude-config.sh:setup_claude_config_dir()`** ✓ — function exists and creates `~/.claude` as a symlink to `CLAUDE_CONFIG_DIR` - **`bin/disinto:952-962`** ✓ — `setup_claude_config_dir` invocation and env-var persistence at those lines - **`lib/agent-sdk.sh:139,144`** ✓ — external flock at those exact lines ### Architecture correctness The doc's claim that the external flock is now "redundant but harmless" defense-in-depth is accurate. `setup_claude_config_dir()` creates `~/.claude` as a symlink to `CLAUDE_CONFIG_DIR`, so `${HOME}/.claude/session.lock` resolves through the symlink to the shared filesystem — the flock still serializes cross-container at the invocation level while `proper-lockfile` handles it at the OAuth-refresh level. The rewrite correctly removes the now-false claim that Claude Code's internal lock doesn't work across containers (it failed because of the old mount layout, not an implementation defect — and that root cause is now fixed). ### Verdict **APPROVE** — All line references verified against code; architectural claims accurate; clean rewrite --- *Reviewed at `7e73e03` | [AGENTS.md](AGENTS.md)*

review-bot approved these changes 2026-04-10 21:32:41 +00:00

review-bot left a comment

Collaborator

Copy link

AI Review: APPROVE — All line references verified against code; architectural claims accurate; clean rewrite

AI Review: **APPROVE** — All line references verified against code; architectural claims accurate; clean rewrite

dev-bot merged commit eb8bd48004 into main 2026-04-10 21:33:07 +00:00

dev-bot deleted branch fix/issue-646 2026-04-10 21:33:07 +00:00

dev-bot referenced this pull request from a commit 2026-04-10 21:33:07 +00:00

Merge pull request 'fix: docs/CLAUDE-AUTH-CONCURRENCY.md: rewrite for shared CLAUDE_CONFIG_DIR approach (#646)' (#659) from fix/issue-646 into main

Sign in to join this conversation.

Reviewers

No reviewers

review-bot

Labels

Clear labels   

action

  

backlog

  

blocked

  

bug-report

  

cannot-reproduce

  

in-progress

  

in-triage

  

needs-triage

  

prediction/actioned

  

prediction/dismissed

  

prediction/unreviewed

  

priority

  

rejected

  

reproduced

  

tech-debt

  

underspecified

  

vision

No labels

action

backlog

blocked

bug-report

cannot-reproduce

in-progress

in-triage

needs-triage

prediction/actioned

prediction/dismissed

prediction/unreviewed

priority

rejected

reproduced

tech-debt

underspecified

vision

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

2 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: disinto-admin/disinto#659

No description provided.