fix(cloud-apps): require structured confirmations#10677
Conversation
There was a problem hiding this comment.
Your trial has ended. Reactivate Greptile to resume code reviews.
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
⛔ Blocker — structured
|
|
Converting to draft to prevent an accidental merge — the structured-confirm read-location bug above is a genuine blocker (through the real planner path the delete / key-rotation / withdrawal confirmations never fire). Will re-open for review once the |
…l planner path) readStructuredConfirmation read confirm/confirmed only from the top level of options, but the runtime nests validated action parameters under options.parameters (execute-planned-tool-call.ts). All three destructive actions declare confirm as a parameter, so on every real planner turn the confirmation was invisible and DELETE_APP / REGENERATE_APP_API_KEY / WITHDRAW_APP_EARNINGS could never be confirmed. Read the nested location first, top-level as fallback.
…anner path Adds nested options.parameters coverage (the exact runtime shape) — the previous suite only fed top-level options, which passed while production was broken.
Blocker fixed ✅Pushed the read-location fix + real-path test:
Proof (deterministic, no model needed — the defect is a pure function)Executed the fixed logic against 16 assertions covering nested (real planner), top-level (backward-compat), and prose-rejection cases: Key cases: Remaining nicety (non-blocking): a |
There was a problem hiding this comment.
Your trial has ended. Reactivate Greptile to resume code reviews.
Refs #10471.
Summary
DELETE_APP,REGENERATE_APP_API_KEY, andWITHDRAW_APP_EARNINGS.confirm: truecan execute the operation, andconfirm: falsecancels it.Evidence
.github/issue-evidence/10471-cloud-apps-structured-confirm.md.github/issue-evidence/10471-cloud-apps-structured-confirm-scenario.json.github/issue-evidence/10471-cloud-apps-structured-confirm-run/matrix.json,.github/issue-evidence/10471-cloud-apps-structured-confirm-run/viewer/index.html.github/issue-evidence/10471-cloud-apps-structured-confirm-native.manifest.jsonManual review of the scenario confirmed:
confirmationRequired: trueand did not delete;yesstayed pending and did not delete;confirm: truedeleted exactly once;data;$50amount even when the confirmation text said$500;amount: 50plus anidempotency_key.Validation
bun installafter rebase: passed, no dependency changes kept.bun run build:core: passed, 64 successful tasks.bun test --coverage-reporter=lcov __tests__inplugins/plugin-cloud-apps: passed, 117 tests.bun run --cwd plugins/plugin-cloud-apps typecheck: passed.bun run --cwd plugins/plugin-cloud-apps lint:check: passed.SCENARIO_USE_LLM_PROXY=1 SCENARIO_LLM_PROXY_STRICT=1 bun --conditions eliza-source --tsconfig-override ../../tsconfig.json src/cli.ts run ../../plugins/plugin-cloud-apps/test/scenarios --scenario cloud-apps-structured-confirm --lane pr-deterministic --run-dir ../../.github/issue-evidence/10471-cloud-apps-structured-confirm-run --report ../../.github/issue-evidence/10471-cloud-apps-structured-confirm-scenario.json --export-native ../../.github/issue-evidence/10471-cloud-apps-structured-confirm-native.jsonl: passed, 1 scenario passed. Bun emitted a post-run internaldirectory mismatchwarning after exit success.git diff --check: passed.bun run verify: blocked at existing repo-levelaudit:type-safety-ratchetbefore Turbo typecheck/lint. Currentas unknown ascount is108 / 77; listed files are outside this PR (packages/feed/...,packages/agent/...,packages/app-core/...,plugins/plugin-capacitor-bridge/...).N/A evidence
confirm, and the scenario exercises the real runtime/task/action/SDK/HTTP path deterministically without deleting a real Cloud app or moving real funds.