What happened
PR #1278 added a fullsend_ai_ref input to 6 reusable workflows with required: true and no default. This would have broken all existing deployed callers (per-org thin callers and per-repo shims) when the v0 tag advanced. The review agent ran 5 times on this PR. The first 3 runs flagged only protected-path and docs-currency issues. The 4th run finally caught the correctness issue. Meanwhile, human reviewer ralphbean and a 7-agent review squad both caught it independently on May 29. The author fixed it by changing to required: false with default: v0.
What could go better
The review agent lacks a specific heuristic for detecting backward-incompatible changes to workflow_call input schemas. Adding required: true without a default to an existing reusable workflow is a well-known breaking-change pattern in GitHub Actions. The review agent's general correctness analysis caught it eventually, but inconsistently — 3 runs missed it. A targeted check would catch this deterministically on the first run.
Existing issues #1069 (behavioral-change detection for workflow files) and #1275 (trace workflow_call chains) are related but neither specifically addresses input schema backward compatibility. #1778 covers breaking API changes in dependency bumps, not workflow inputs.
Confidence: Medium-high. I'm confident the review agent missed the issue on early runs and that a targeted check would help. I'm less certain whether the issue was present in the earliest commit (SHA 07c33c6) or was introduced later — the review runs were on different SHAs.
Proposed change
Add a backward-compatibility check to the review agent's correctness sub-agent (or as a dedicated workflow-specific check) that detects when a workflow_call or workflow_dispatch input is changed from required: false (or newly added) to required: true without a default value. This check should:
- Parse workflow YAML files in the diff for
on.workflow_call.inputs and on.workflow_dispatch.inputs sections.
- Compare against the base branch to detect newly-required inputs without defaults.
- Flag as HIGH or CRITICAL severity with a message explaining the backward-compatibility impact on existing callers.
This belongs in the review agent's skill or sub-agent definition in fullsend-ai/fullsend (likely the correctness sub-agent or a workflow-specific review check).
Validation criteria
On the next PR that adds a required: true workflow input without a default (or changes an existing input from optional to required), the review agent should flag it as a breaking change on the first review run. Test by submitting a PR with this pattern and verifying the review output includes a backward-compatibility finding.
Generated by retro agent from #1278
What happened
PR #1278 added a
fullsend_ai_refinput to 6 reusable workflows withrequired: trueand no default. This would have broken all existing deployed callers (per-org thin callers and per-repo shims) when thev0tag advanced. The review agent ran 5 times on this PR. The first 3 runs flagged only protected-path and docs-currency issues. The 4th run finally caught the correctness issue. Meanwhile, human reviewer ralphbean and a 7-agent review squad both caught it independently on May 29. The author fixed it by changing torequired: falsewithdefault: v0.What could go better
The review agent lacks a specific heuristic for detecting backward-incompatible changes to
workflow_callinput schemas. Addingrequired: truewithout a default to an existing reusable workflow is a well-known breaking-change pattern in GitHub Actions. The review agent's general correctness analysis caught it eventually, but inconsistently — 3 runs missed it. A targeted check would catch this deterministically on the first run.Existing issues #1069 (behavioral-change detection for workflow files) and #1275 (trace workflow_call chains) are related but neither specifically addresses input schema backward compatibility. #1778 covers breaking API changes in dependency bumps, not workflow inputs.
Confidence: Medium-high. I'm confident the review agent missed the issue on early runs and that a targeted check would help. I'm less certain whether the issue was present in the earliest commit (SHA
07c33c6) or was introduced later — the review runs were on different SHAs.Proposed change
Add a backward-compatibility check to the review agent's correctness sub-agent (or as a dedicated workflow-specific check) that detects when a
workflow_callorworkflow_dispatchinput is changed fromrequired: false(or newly added) torequired: truewithout adefaultvalue. This check should:on.workflow_call.inputsandon.workflow_dispatch.inputssections.This belongs in the review agent's skill or sub-agent definition in
fullsend-ai/fullsend(likely the correctness sub-agent or a workflow-specific review check).Validation criteria
On the next PR that adds a
required: trueworkflow input without a default (or changes an existing input from optional to required), the review agent should flag it as a breaking change on the first review run. Test by submitting a PR with this pattern and verifying the review output includes a backward-compatibility finding.Generated by retro agent from #1278