Skip to content

AX-1579 - Robust support for multiple shells#35

Closed
MatanEden1 wants to merge 2 commits into
jfrog:mainfrom
MatanEden1:AX-1579-adding-env-vars-to-zshrc-but-cursor-using-bash
Closed

AX-1579 - Robust support for multiple shells#35
MatanEden1 wants to merge 2 commits into
jfrog:mainfrom
MatanEden1:AX-1579-adding-env-vars-to-zshrc-but-cursor-using-bash

Conversation

@MatanEden1

Copy link
Copy Markdown
Collaborator

What

Follow-up to #15. That PR made secret-persistence guidance shell-aware by detecting $SHELL and picking the matching rc file. This PR removes the single-file guess entirely.

Why

$SHELL reports the user's OS-configured login shell, not necessarily the shell Cursor actually uses to launch hooks/MCP servers. A user reported $SHELL=/bin/zsh (so the export went into ~/.zshrc), but Cursor's hook/MCP-launch process ran under bash, which never sources ~/.zshrc — the var was silently invisible to it.

Verified empirically (not just from memory) that:

  • bash never sources .zshrc, and zsh never sources .bashrc/.bash_profile — in login or non-login mode.
  • Neither shell sources its rc file at all when invoked non-interactively.

So a single-file guess based on $SHELL can miss regardless of how carefully the shell is detected.

Changes

  • plugins/jfrog/templates/jfrog-mcp-management.md: secret-persistence guidance now tells the agent to write the export to every common startup file (~/.zshrc, ~/.bashrc, ~/.bash_profile, fish config) instead of picking one, and to verify afterward via the existing 4a / "401/403 with ${env:VAR}" troubleshooting steps rather than assuming the write took effect.
  • Bump plugin version 0.5.10.5.2 (plugin.json + marketplace.json).

Test plan

  • node ./scripts/validate-template.mjs passes
  • Confirmed via isolated HOME/ZDOTDIR shell tests that bash/zsh don't cross-source rc files and don't source them non-interactively
  • Confirm on the reporting user's machine that the MCP process picks up the var after restart (4a tool descriptors / gateway stderr)

$SHELL only reports the user's OS login shell, not the shell Cursor
actually uses to launch hooks/MCP servers, so a single-file guess can
silently miss (confirmed: bash and zsh never source each other's rc
files, in login or non-login mode). Persist to every common startup
file instead, and verify afterward via the existing 4a/troubleshooting
checks rather than assuming the write was sourced.

Bump plugin version 0.5.1 -> 0.5.2.
@MatanEden1 MatanEden1 changed the title AX-1579 - Don't guess a single shell rc file for secret persistence AX-1579 - Robust support for multiple shells Jul 7, 2026
…using-bash

# Conflicts:
#	.cursor-plugin/marketplace.json
#	plugins/jfrog/.cursor-plugin/plugin.json
@MatanEden1

Copy link
Copy Markdown
Collaborator Author

Superseding with a PR from a branch on jfrog/cursor-plugin directly (instead of a fork branch) — see replacement PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant