fix(cli): stop dev runs crashing when a rebuild removes an in-use build dir#4276
fix(cli): stop dev runs crashing when a rebuild removes an in-use build dir#4276ericallam wants to merge 1 commit into
Conversation
…ld dir A dev run could crash at boot with a raw MODULE_NOT_FOUND on dev-run-worker.mjs, or hang until timeout, when a rebuild had cleaned up the build directory it was launched against. Verify the worker entry before forking (retryable fail instead of a raw crash), make the watchdog lock-aware so it cannot delete a live session build tree, and fail a run bound to a superseded worker version with a clear message.
🦋 Changeset detectedLatest commit: 278c410 The changes in this PR will be included in the next version bump. This PR includes changesets to release 26 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
WalkthroughThe dev runtime now checks for a missing worker entry point before starting a run, reports dequeued runs whose workers were superseded by rebuilds, and propagates branch-scoped watchdog lock-file paths. Watchdog cleanup reads the lock-file PID and preserves temporary directories owned by another live session. A patch changeset documents these build-race fixes. 🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
@trigger.dev/build
trigger.dev
@trigger.dev/core
@trigger.dev/python
@trigger.dev/react-hooks
@trigger.dev/redis-worker
@trigger.dev/rsc
@trigger.dev/schema-to-json
@trigger.dev/sdk
commit: |
There was a problem hiding this comment.
🧹 Nitpick comments (1)
packages/cli-v3/src/entryPoints/dev-run-controller.ts (1)
605-613: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚖️ Poor tradeoffConsider moving
dev-run-controller.tstosrc/dev/to align with directory guidelines.The logic correctly handles missing worker entry points during concurrent rebuilds. However, since
DevRunControlleris dev-mode code executed locally byDevSupervisor, its location insrc/entryPoints/conflicts with the project's directory guidelines.As per coding guidelines, dev mode code should be located in
src/dev/, while code insrc/entryPoints/is specifically intended to run inside customer containers. Consider relocating this file tosrc/dev/as a future refactoring to maintain accurate runtime boundaries.Source: Coding guidelines
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository UI
Review profile: CHILL
Plan: Pro
Run ID: a8131564-317e-4d40-8944-0a8d871911d6
📒 Files selected for processing (4)
.changeset/fix-dev-build-dir-race.mdpackages/cli-v3/src/dev/devSupervisor.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/entryPoints/dev-run-controller.ts
📜 Review details
⏰ Context from checks skipped due to timeout. (25)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (1, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (11, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (6, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (5, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (10, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (12, 12)
- GitHub Check: e2e / 🧪 CLI v3 tests (warp-windows-latest-x64-8x - pnpm)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (7, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (3, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (9, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (2, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (4, 12)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (8, 12)
- GitHub Check: e2e / 🧪 CLI v3 tests (warp-ubuntu-latest-x64-4x - npm)
- GitHub Check: e2e / 🧪 CLI v3 tests (warp-windows-latest-x64-8x - npm)
- GitHub Check: packages / 🧪 Unit Tests: Packages (2, 3)
- GitHub Check: e2e / 🧪 CLI v3 tests (warp-ubuntu-latest-x64-4x - pnpm)
- GitHub Check: typecheck / typecheck
- GitHub Check: internal / 🧪 Unit Tests: Internal
- GitHub Check: packages / 🧪 Unit Tests: Packages (1, 3)
- GitHub Check: e2e-webapp / 🧪 E2E Tests: Webapp
- GitHub Check: packages / 🧪 Unit Tests: Packages (3, 3)
- GitHub Check: Build and publish previews
- GitHub Check: code-quality / code-quality
- GitHub Check: Analyze (javascript-typescript)
🧰 Additional context used
📓 Path-based instructions (6)
**/*.{ts,tsx}
📄 CodeRabbit inference engine (.github/copilot-instructions.md)
**/*.{ts,tsx}: Use types over interfaces for TypeScript
Avoid using enums; prefer string unions or const objects instead
**/*.{ts,tsx}: Prefer static imports over dynamicimport(); use dynamic imports only for unresolvable circular dependencies, genuine performance code splitting, or conditional runtime loading.
Import Trigger.dev tasks from@trigger.dev/sdk; never use@trigger.dev/sdk/v3or deprecatedclient.defineJob.
Add agentcrumbs while writing code using approved namespaces; mark lines with//@Crumbsor blocks with `// `#region` `@crumbs, and strip them before merging.
Files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
**/*.{ts,tsx,js,jsx}
📄 CodeRabbit inference engine (.github/copilot-instructions.md)
Use function declarations instead of default exports
Files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
**/*.ts
📄 CodeRabbit inference engine (.cursor/rules/otel-metrics.mdc)
**/*.ts: When creating or editing OTEL metrics (counters, histograms, gauges), ensure metric attributes have low cardinality by using only enums, booleans, bounded error codes, or bounded shard IDs
Do not use high-cardinality attributes in OTEL metrics such as UUIDs/IDs (envId, userId, runId, projectId, organizationId), unbounded integers (itemCount, batchSize, retryCount), timestamps (createdAt, startTime), or free-form strings (errorMessage, taskName, queueName)
When exporting OTEL metrics via OTLP to Prometheus, be aware that the exporter automatically adds unit suffixes to metric names (e.g., 'my_duration_ms' becomes 'my_duration_ms_milliseconds', 'my_counter' becomes 'my_counter_total'). Account for these transformations when writing Grafana dashboards or Prometheus queries
Files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
packages/cli-v3/src/entryPoints/**/*
📄 CodeRabbit inference engine (packages/cli-v3/CLAUDE.md)
Code in
src/entryPoints/runs inside customer containers and is a different runtime environment from the CLI - changes affect deployed task execution directly
Files:
packages/cli-v3/src/entryPoints/dev-run-controller.ts
packages/**/*.{ts,tsx}
📄 CodeRabbit inference engine (AGENTS.md)
For public packages, use
buildfor verification.
Files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
packages/cli-v3/src/dev/**/*
📄 CodeRabbit inference engine (packages/cli-v3/CLAUDE.md)
Dev mode code should be located in
src/dev/and runs tasks locally in the user's Node.js process without containers
Files:
packages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
🧠 Learnings (9)
📚 Learning: 2026-03-22T13:26:12.060Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3244
File: apps/webapp/app/components/code/TextEditor.tsx:81-86
Timestamp: 2026-03-22T13:26:12.060Z
Learning: In the triggerdotdev/trigger.dev codebase, do not flag `navigator.clipboard.writeText(...)` calls for `missing-await`/`unhandled-promise` issues. These clipboard writes are intentionally invoked without `await` and without `catch` handlers across the project; keep that behavior consistent when reviewing TypeScript/TSX files (e.g., usages like in `apps/webapp/app/components/code/TextEditor.tsx`).
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
📚 Learning: 2026-03-22T19:24:14.403Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3187
File: apps/webapp/app/v3/services/alerts/deliverErrorGroupAlert.server.ts:200-204
Timestamp: 2026-03-22T19:24:14.403Z
Learning: In the triggerdotdev/trigger.dev codebase, webhook URLs are not expected to contain embedded credentials/secrets (e.g., fields like `ProjectAlertWebhookProperties` should only hold credential-free webhook endpoints). During code review, if you see logging or inclusion of raw webhook URLs in error messages, do not automatically treat it as a credential-leak/secrets-in-logs issue by default—first verify the URL does not contain embedded credentials (for example, no username/password in the URL, no obvious secret/token query params or fragments). If the URL is credential-free per this project’s conventions, allow the logging.
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma error P1001 ("Can't reach database server") in TypeScript, don’t assume a single error shape. Prisma can surface P1001 via two different error classes/fields: `PrismaClientKnownRequestError` exposes it as `err.code === "P1001"` (common during mid-query connection drops), while `PrismaClientInitializationError` exposes it as `err.errorCode === "P1001"` (common on client startup failure). Therefore, predicates should use `err.code === "P1001" || err.errorCode === "P1001"`. Do not flag `err.code === "P1001"` as “unreachable/never matches,” as it is expected in production.
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma errors for P1001 ("Can't reach database server"), do not assume it only appears under a single property name. Prisma may surface P1001 via either `PrismaClientKnownRequestError` (`err.code === "P1001"`, e.g., mid-query connection drops) or `PrismaClientInitializationError` (`err.errorCode === "P1001"`, e.g., client startup connection failure). To reliably detect the condition, check `err.code === "P1001" || err.errorCode === "P1001"`, and avoid review rules that would incorrectly flag `err.code === "P1001"` as unreachable/never-matching.
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
📚 Learning: 2026-06-13T19:53:13.759Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3937
File: packages/trigger-sdk/skills/realtime-and-frontend/SKILL.md:258-260
Timestamp: 2026-06-13T19:53:13.759Z
Learning: When reviewing code that uses `trigger.dev/react-hooks`’s `useRealtimeRun`, preserve the call signature where the first argument is the full realtime handle object (not `handle.id`). This is intentional to maintain type-safety and is consistent with the official docs; do not suggest changing the first argument from the handle object to `handle.id`.
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
📚 Learning: 2026-06-17T17:13:49.929Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3948
File: apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.bulk-actions.$bulkActionParam/route.tsx:48-62
Timestamp: 2026-06-17T17:13:49.929Z
Learning: In triggerdotdev/trigger.dev, within `dashboardLoader`/`dashboardAction` (or similar context resolver code) whenever you resolve an organization ID from an organization slug for RBAC/enterprise authorization scope, always read from the primary Prisma client (`prisma`), not `$replica`. Using `$replica` can hit replica-lag and cause the RBAC lookup/authorization to run without the correct org scope (bypassing intended role enforcement). Implement the slug→org lookup with `prisma.organization.findFirst(...)` (or equivalent primary-client query) and add an inline comment documenting why the primary client is required (replica lag could lead to unscoped RBAC checks).
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
📚 Learning: 2026-06-23T13:04:21.413Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4023
File: apps/webapp/app/services/upsertBranch.server.ts:14-18
Timestamp: 2026-06-23T13:04:21.413Z
Learning: In TypeScript, it’s valid to `import { type X }` and then use `typeof X` in a type-only position, e.g. `type Alias = z.infer<typeof X>`. The `type` modifier suppresses the runtime import, but the type checker still has the full exported type so `z.infer<typeof X>` can resolve correctly. In code reviews, don’t flag this as a TypeScript compile error as long as `typeof X` is used in a type context (e.g., with `z.infer`, `type` aliases, generics), not as a runtime value.
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
📚 Learning: 2026-06-04T18:16:35.386Z
Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 3836
File: apps/supervisor/src/backpressure/backpressureMonitor.ts:3-5
Timestamp: 2026-06-04T18:16:35.386Z
Learning: When reviewing TypeScript in this repo, apply the rule “prefer type aliases over interfaces” only to data/object shapes and union/intersection type modeling. If an interface is being used as a behavioral contract for collaborators to implement (e.g., method-shape interfaces that define required behavior, such as `BackpressureLogger` / `BackpressureSignalSource` in `apps/supervisor/src/backpressure/backpressureMonitor.ts`), keep it as an `interface` and do not flag it as a type-alias-vs-interface violation.
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
📚 Learning: 2026-06-09T17:58:04.699Z
Learnt from: 0ski
Repo: triggerdotdev/trigger.dev PR: 3879
File: apps/webapp/app/models/vercelIntegration.server.ts:619-630
Timestamp: 2026-06-09T17:58:04.699Z
Learning: In this codebase, outbound raw `fetch` calls should typically rely on Node/undici’s default request timeout (about ~300s) rather than adding a per-call `AbortController` + `setTimeout` wrapper inside individual functions (e.g. in files like `apps/webapp/app/models/vercelIntegration.server.ts`). During code review, do not flag the absence of a per-call timeout on a single `fetch` as an issue; if per-call timeouts are needed, they should be implemented via a codebase-wide convention (e.g., a shared fetch wrapper or documented pattern) rather than ad-hoc per-function changes.
Applied to files:
packages/cli-v3/src/entryPoints/dev-run-controller.tspackages/cli-v3/src/dev/devWatchdog.tspackages/cli-v3/src/dev/devSupervisor.ts
🔇 Additional comments (3)
packages/cli-v3/src/dev/devSupervisor.ts (1)
597-623: LGTM!.changeset/fix-dev-build-dir-race.md (1)
5-5: LGTM!packages/cli-v3/src/dev/devWatchdog.ts (1)
81-95: 🎯 Functional CorrectnessNo issue:
readFileSyncis imported andparentPidis defined in file scope.> Likely an incorrect or invalid review comment.
Summary
In
trigger dev, a task run could crash at boot with a crypticCannot find module .../.trigger/tmp/build-XXXX/.../dev-run-worker.mjs(MODULE_NOT_FOUNDatrunMain), or silently hang and time out, when a rebuild had already cleaned up the build directory the run was launched against. This makes local dev runs resilient to that race: they retry cleanly instead of hard-crashing, the build tree of a running session is no longer deleted out from under it, and a run bound to a superseded worker version fails fast with an actionable message.Root cause
Dev builds each rebuild into its own ephemeral
.trigger/tmp/build-*directory and resolves a run's worker entrypoint (dev-run-worker.mjs) to a path inside a specific one of those dirs, tied to a background-worker version. Those directories are deleted as workers are superseded and when the tmp root is cleared, but nothing re-checks that the directory still exists before forking the run worker, and nothing stops a run being launched against a version whose directory is already gone. Three uncoordinated deletion paths feed the race: the per-rebuild prune of old workers,clearTmpDirsat session start, and the detached watchdog'scleanupTmpDir, which removes the whole tmp root on parent death and can race a restarting session. Introduced in commit ef04cc3, which added the per-rebuild build dirs and the watchdog.Fix
Before forking the run worker, verify the entrypoint exists; if the build dir was cleaned up, fail with a retryable error so the attempt retries per the task's retry policy instead of surfacing a raw
MODULE_NOT_FOUNDboot crash. The watchdog'scleanupTmpDirnow respects the dev lock file and will not remove the tmp root while a different live session owns it, so a stale or racing watchdog can no longer wipe a running session's build tree. And when a run is dequeued for a worker version the CLI no longer has, it now fails immediately with a clear "superseded by a rebuild, trigger again" message instead of being silently dropped and left to hang until the dequeue retry limit.The session-start cleanup order is left unchanged on purpose.
createLockFilewrites the new session's pid to the lock beforeclearTmpDirsruns and before the first build, and the new watchdog's single-instance guard kills the prior watchdog before that first build, so the lock-aware check already covers the only remaining window where a stale watchdog could fire. Reordering would add churn without closing a real gap.Verification
Reproduced the crash and the dropped-run hang end to end in a local dev session, then confirmed after the fix: removing a build dir out from under a run yields a clean retryable failure (no
MODULE_NOT_FOUND, norunMainstack) and the run retries per its policy; the watchdog leaves a live session's build dirs intact and runs complete normally; and a run bound to a pruned version fails immediately with the clear message.