[BUG/ENHANCEMENT] Hooks added to settings.json mid-session aren't enforced until restart; no durable session-scoped hook state
[BUG/ENHANCEMENT] Hooks added to settings.json mid-session aren't enforced until restart; no durable session-scoped hook state
Companion to the behavioral issues #65951 (workflow step-skipping) and #65952 (rationalized skipping). Those describe why users need mechanical process-gates; this describes why the gates are unreliable to build.
Environment
- Claude Code 2.1.140
- Model: claude-opus-4-8
Summary
Two reliability gaps make user-authored PreToolUse "process gates" unreliable in the very session where they matter:
(a) a hook added to settings.json mid-session is not active until Claude Code restarts, and (b) there is no durable, session-scoped place for a hook to keep state, so /tmp marker files are the only option and are not reliable for a whole session.
What happened
We use PreToolUse hooks to hard-block code edits until a workflow precondition is met (e.g. "a workflow doc has actually been opened this session"). We built such a gate mid-session:
- The enforcing half (a PreToolUse script, re-read from disk each call) took effect immediately.
- The creating half (a new PostToolUse-on-Read hook + a SessionStart hook -- both new
settings.jsonentries) did not load until a restart. So within that session the marker could never be created by the intended mechanism -- the gate could enforce but the legitimate path to satisfy it didn't exist. (Net effect: it blocked the author's own valid edit and forced a manual bypass.) - Separately, the
/tmpmarker we relied on vanished mid-session (no explicit delete), silently disabling the gate until we noticed.
Impact
A team that builds an enforcement hook to stop the agent skipping a step cannot trust it in the same session, and cannot rely on /tmp markers as durable session state. Everyone is pushed toward fragile workarounds -- which undercuts the only thing that currently works against the behavioral problems in #65951/#65952.
Recommendation
- Hot-reload
settings.jsonhooks (or a documented reload command) so newly-added hooks apply without a full restart. - Provide a hook-accessible, session-scoped key/value store keyed to the Claude Code session id, with a documented lifetime (created at SessionStart, cleared at session end), so a hook can persist a flag for the session without
/tmpfragility. Expose the session id to hooks via env var. - Document the load-time semantics of each hook type (which take effect immediately vs. on restart).
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗