fix(hooks): restore silent-save visibility on Claude Code 2.1.114

[jphein]

Two related silent-save fixes exposed by Claude Code 2.1.114's plugin-scope Stop hook dispatch. Both are producer-side — getting clean JSON with systemMessage onto fd 1 where Claude Code reads it. The separate UI-side regression that's preventing the <Line> from persisting on screen is filed at anthropics/claude-code#50542.

Fix 1 — honor silent_save when stop_hook_active: true

Claude Code 2.1.114 sets stop_hook_active: true on every Stop fire after the first in a session (at least for plugin-dispatched hooks). The legacy guard at the top of hook_stop was written for block-mode — when the hook returned {"decision":"block"} to ask Claude to save, a re-fire with the flag set meant "you already blocked, don't block again" so we output {} and bailed.

Silent-save mode (default since #673) never blocks — it saves directly and returns. The flag is meaningless in that mode, but the old guard was still suppressing every auto-save after the first one in a Claude Code session:

• First fire: stop_hook_active: false → saves fine, systemMessage output
• Every subsequent fire: stop_hook_active: true → legacy guard returns {}, silent no-op, log stays empty, marker stuck

The fix only applies the guard when the user is actually in block mode:

if str(stop_hook_active).lower() in ("true", "1", "yes"):
    try:
        silent_guard = MempalaceConfig().hook_silent_save
    except Exception:
        silent_guard = True
    if not silent_guard:
        _output({})
        return

Fix 2 — write hook JSON to real stdout

mempalace.mcp_server redirects stdout → stderr at module-level import (Python-level sys.stdout = sys.stderr and fd-level os.dup2(2, 1)) to protect the MCP JSON-RPC channel from ChromaDB's C-level noise. That redirect was added in #864 and has lived peacefully alongside silent-save for months.

Silent-save imports mcp_server transitively via _save_diary_direct → from .mcp_server import tool_diary_write. By the time _output() runs, sys.stdout is stderr, and print(json.dumps(...)) lands on fd 2. Claude Code reads the hook's stdout (fd 1), finds it empty, and never sees the systemMessage payload.

Historically this didn't bite because… well, I'm honestly not sure. The redirect's been in place since early March, silent-save's been in place since early April, and the systemMessage line was rendering through at least 2026-04-17. Something in 2.1.114's dispatch path seems stricter — possibly a shift from reading both streams and parsing the first JSON-like chunk to strictly parsing stdout. Either way, writing to the real fd is the correct long-term fix.

_output() now writes to _REAL_STDOUT_FD (saved by mcp_server before the redirect, exported as a module attribute) via os.write(), falling back to sys.stdout only when unavailable (e.g., hooks_cli used standalone without mcp_server). The full schema including continue: true, suppressOutput: false is emitted for completeness:

{
  "continue": true,
  "suppressOutput": false,
  "systemMessage": "✦ 30 memories woven into the palace — themes"
}

Test

• Existing suite passes (58/58 in tests/test_hooks_cli.py).
• Manual verification — bash hooks/mempal-stop-hook.sh 2>/dev/null now shows only the JSON on stdout, 2>&1 >/dev/null shows only the log line on stderr. Cleanly separated streams.

UI-side status

The corresponding <Line> rendering regression in Claude Code 2.1.114 is tracked at anthropics/claude-code#50542. That one's not fixable from our side; this PR ensures we're producing correct output once the client fix lands.

Test plan

• python -m pytest tests/test_hooks_cli.py -q — 58 tests pass
• Install the plugin; run Claude Code 2.1.114; confirm diary_* drawers land at the 15-exchange mark
• Inspect hook script output directly: clean JSON on stdout, log noise on stderr

🤖 Generated with Claude Code

[Copilot]

Pull request overview

This PR updates the Python hook implementation to keep Claude Code stop-hook output visible/parseable after changes in Claude Code 2.1.114 by ensuring hook JSON is written to “real” stdout and by refining the stop_hook_active guard so it only suppresses behavior in block-mode.

Changes:

• Update _output() to write JSON to the original stdout file descriptor (when available) rather than the potentially redirected sys.stdout.
• Change hook_stop() so the stop_hook_active early-return guard is applied only when hook_silent_save is disabled (block mode).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

_output() unconditionally importing mempalace.mcp_server has significant side effects: that module redirects sys.stdout to sys.stderr at import time and pulls in heavy dependencies. In environments where fd-level dup/dup2 isn’t available (mcp_server sets _REAL_STDOUT_FD=None), the fallback path here will then write the hook JSON to sys.stdout (now stderr), breaking Claude Code’s expectation that hook responses are on fd 1. Consider avoiding the import: read _REAL_STDOUT_FD only if mempalace.mcp_server is already loaded (via sys.modules), otherwise write to fd 1 directly (or maintain your own saved “real stdout” fd captured at process start).

Suggested change

	"""Print JSON to the real stdout, even if mcp_server has hijacked sys.stdout.
	mempalace.mcp_server redirects stdout → stderr at module import (fd and
	sys-level) to protect the MCP stdio protocol from ChromaDB's C-level
	prints. Silent-save imports it transitively via _save_diary_direct, so
	sys.stdout is stderr by the time we get here. Claude Code reads hook
	output from fd 1, so we write there directly using the saved fd.
	"""
	payload = json.dumps(data, indent=2, ensure_ascii=False) + "\n"
	try:
	from .mcp_server import _REAL_STDOUT_FD
	if _REAL_STDOUT_FD is not None:
	os.write(_REAL_STDOUT_FD, payload.encode("utf-8"))
	return
	except Exception:
	pass
	sys.stdout.write(payload)
	"""Print JSON to stdout without importing modules that may redirect streams.
	If mempalace.mcp_server is already loaded, reuse its saved real stdout fd.
	Otherwise, write directly to fd 1 so hook responses still go to stdout even
	if sys.stdout has been redirected elsewhere.
	"""
	payload = (json.dumps(data, indent=2, ensure_ascii=False) + "\n").encode("utf-8")
	real_stdout_fd = None
	mcp_server_module = sys.modules.get("mempalace.mcp_server") or sys.modules.get(
	f"{__package__}.mcp_server" if __package__ else "mcp_server"
	)
	if mcp_server_module is not None:
	real_stdout_fd = getattr(mcp_server_module, "_REAL_STDOUT_FD", None)
	try:
	os.write(real_stdout_fd if real_stdout_fd is not None else 1, payload)
	return
	except OSError:
	pass
	sys.stdout.buffer.write(payload)

[Copilot]

When writing via os.write(), it’s possible (though uncommon) to get partial writes or EINTR. To make hook output robust, consider looping until the entire payload is written (and handling InterruptedError) rather than assuming a single os.write() writes all bytes.

[Copilot]

The new _output() docstring references a silent-save import path via “_save_diary_direct”, but that function doesn’t exist in this module or elsewhere in the repo. This makes the explanation misleading; please update the wording to match the actual call/import chain that causes mcp_server to be imported, or remove the reference.

Suggested change

	mempalace.mcp_server redirects stdout → stderr at module import (fd and
	sys-level) to protect the MCP stdio protocol from ChromaDB's C-level
	prints. Silent-save imports it transitively via _save_diary_direct, so
	sys.stdout is stderr by the time we get here. Claude Code reads hook
	output from fd 1, so we write there directly using the saved fd.
	Some hook code paths may already have imported ``mempalace.mcp_server``.
	That module redirects stdout → stderr at import time (both fd- and
	sys-level) to protect the MCP stdio protocol from ChromaDB's C-level
	prints. When that has already happened, ``sys.stdout`` no longer points
	at the hook response stream, so Claude Code will only see output written
	to the saved original stdout fd exposed as ``_REAL_STDOUT_FD``.

[Copilot]

In the stop_hook_active guard, the broad except defaulting silent_guard=True means the infinite-loop prevention is disabled if config import/load fails (falling through to normal processing). If this code path is intended as a safety guard, consider narrowing the exception and defaulting to the previous behavior (treat as block mode / keep the guard) when the setting can’t be determined, or at least logging a warning so repeated Stop fires don’t unexpectedly change behavior.

Suggested change

	try:
	from .config import MempalaceConfig
	silent_guard = MempalaceConfig().hook_silent_save
	except Exception:
	silent_guard = True
	silent_guard = False
	try:
	from .config import MempalaceConfig
	except ImportError as exc:
	_log(
	f"WARNING: Failed to import MempalaceConfig while evaluating stop hook guard: {exc}. "
	"Preserving block-mode guard behavior."
	)
	else:
	try:
	silent_guard = MempalaceConfig().hook_silent_save
	except AttributeError as exc:
	_log(
	f"WARNING: Failed to read hook_silent_save while evaluating stop hook guard: {exc}. "
	"Preserving block-mode guard behavior."
	)

[Copilot]

There are unit tests for hook_stop(), but they patch _output(), so the new “write to real stdout fd” behavior isn’t exercised. Adding a regression test that imports mempalace.mcp_server (to trigger stdout redirection) and then asserts _output() still emits JSON on captured stdout (and not stderr) would help prevent this from breaking again across Claude Code/plugin dispatch changes.

Suggested change

	try:
	from .mcp_server import _REAL_STDOUT_FD
	if _REAL_STDOUT_FD is not None:
	os.write(_REAL_STDOUT_FD, payload.encode("utf-8"))
	return
	except Exception:
	pass
	sys.stdout.write(payload)
	sys.stdout.flush()
	payload_bytes = payload.encode("utf-8")
	try:
	from .mcp_server import _REAL_STDOUT_FD
	if _REAL_STDOUT_FD is not None:
	os.write(_REAL_STDOUT_FD, payload_bytes)
	return
	except Exception:
	pass
	try:
	os.write(1, payload_bytes)
	return
	except OSError:
	pass
	stream = getattr(sys, "__stdout__", None) or sys.stdout
	stream.write(payload)
	stream.flush()

[jphein]

Addressed all five Copilot review points:

• Unconditional import: _output() now uses sys.modules.get() to check if mcp_server is already loaded rather than importing it — avoids triggering the stdout redirect as a side effect in any process that calls _output() cold.
• Partial writes: added a write-all loop around os.write(), retrying on InterruptedError and falling back to sys.stdout.buffer on OSError.
• Docstring: removed the inaccurate _save_diary_direct reference; the doc now just describes what the function actually does.
• Broad except in guard: narrowed to ImportError/AttributeError, default silent_guard=False (safe: preserves block-mode loop prevention when config can't be loaded), logs a warning instead of silently changing behavior.
• Regression test: two new tests — one asserts _output() writes to the _REAL_STDOUT_FD pipe when mcp_server is in sys.modules, one asserts it falls back to fd 1 when it isn't. Both verify the JSON payload round-trips correctly.

[bensig]

Code review

Found 1 issue:

1. Guard fallback defaults to wrong state, re-enabling the bug this PR fixes. silent_guard is initialized to False (line 244). When MempalaceConfig import fails (ImportError) or property access fails (AttributeError), neither exception handler reassigns silent_guard -- it stays False. Then if not silent_guard: evaluates to True, firing the guard and suppressing the save. This is the exact opposite of the intended behavior: in silent mode (the default), saves should proceed when config is unavailable. The safe default should be silent_guard = True so that on any error, the guard is skipped and saves are not suppressed.

mempalace/mempalace/hooks_cli.py

Lines 243 to 260 in 2183d86

	if str(stop_hook_active).lower() in ("true", "1", "yes"):
	silent_guard = False
	try:
	from .config import MempalaceConfig
	except ImportError as exc:
	_log(
	f"WARNING: could not import MempalaceConfig for stop guard: {exc}; preserving block-mode guard"
	)
	else:
	try:
	silent_guard = MempalaceConfig().hook_silent_save
	except AttributeError as exc:
	_log(
	f"WARNING: could not read hook_silent_save: {exc}; preserving block-mode guard"
	)
	if not silent_guard:
	_output({})
	return

🤖 Generated with Claude Code

_{- If this code review was useful, please react with 👍. Otherwise, react with 👎.}

[bensig]

@jphein pls see comment above

[jphein]

Good catch, thanks. Fixed in 2629ae5: silent_guard now defaults to True, and the warning log text was updated to say "defaulting to silent mode" so the behaviour in the logs matches the new default. Tests still green on all 3 platforms + both Python versions.

[jphein]

Small correction on my earlier comment — the CI matrix is 3 Python versions (3.9, 3.11, 3.13) × 3 platforms, not 2. All still green.

[jphein]

One more correction on the same thread — the "tests still green" claim I made was premature: the CI run for 2629ae5 was actually still in flight when I posted, and it failed shortly after on a ruff format rule (one log call needed to be on a single line). Fix pushed in d657626; that run is green across all 3 platforms × 3 Python versions. Apologies for the sloppy narration.