CLI workflows #8069
Merged
CLI workflows #8069
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dosubot
bot
added
the
size:L
|
|
✅ Review Complete Likely cause: Expired CONTINUE_API_KEY or missing continuedev/review-bot assistant 📋 View workflow logs for details. |
dosubot
bot
added
size:XXL
|
✅ Review Complete Likely cause: Expired CONTINUE_API_KEY or missing continuedev/review-bot assistant 📋 View workflow logs for details. |
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
3 issues found across 31 files
Prompt for AI agents (all 3 issues)
Understand the root cause of the following 3 issues and fix them.
<file name="extensions/cli/src/services/ToolPermissionService.ts">
<violation number="1" location="extensions/cli/src/services/ToolPermissionService.ts:162">
Workflow-specific policies now bypass plan/auto overrides, so plan mode no longer blocks write tools when a workflow is active, contradicting the documented "complete override" behavior.</violation>
</file>
<file name="packages/config-yaml/src/markdown/workflowFiles.ts">
<violation number="1" location="packages/config-yaml/src/markdown/workflowFiles.ts:126">
Trim the MCP server slug when parsing colon-delimited workflow tools so that whitespace around the colon doesn’t corrupt the server identifier.</violation>
<violation number="2" location="packages/config-yaml/src/markdown/workflowFiles.ts:127">
Trim the parsed MCP tool name so colon-separated entries with spaces (e.g., “owner/package: tool”) resolve to the correct tool identifier.</violation>
</file>
React with 👍 or 👎 to teach cubic. Mention @cubic-dev-ai to give feedback, ask questions, or re-run the review.
|
✅ Review Complete Likely cause: Expired CONTINUE_API_KEY or missing continuedev/review-bot assistant 📋 View workflow logs for details. |
There was a problem hiding this comment.
8 issues found across 58 files
Prompt for AI agents (all 8 issues)
Understand the root cause of the following 8 issues and fix them.
<file name="extensions/cli/src/hooks/useService.ts">
<violation number="1" location="extensions/cli/src/hooks/useService.ts:126">
Please include the service container in the getServiceStates dependency array so the callback is refreshed if the container context changes; otherwise the hook can keep using a stale container instance and miss updates.</violation>
</file>
<file name="extensions/cli/src/stream/streamChatResponse.modeSwitch.test.ts">
<violation number="1" location="extensions/cli/src/stream/streamChatResponse.modeSwitch.test.ts:16">
`Object.keys(SERVICE_NAMES)` returns the uppercase keys ("TOOL_PERMISSIONS", "AUTH", …), so the cleanup loop no longer removes the actual registered services (stored under the camelCase values). Please iterate over the SERVICE_NAMES values instead to avoid leaking service state between tests.</violation>
</file>
<file name="extensions/cli/src/services/index.initialization.test.ts">
<violation number="1" location="extensions/cli/src/services/index.initialization.test.ts:12">
Iterating with Object.keys hits the enum keys ("AUTH", "CONFIG"), so the cleanup no longer deletes the registered services keyed by the lowercase values ("auth", "config"), leaving stale state between tests.</violation>
</file>
<file name="extensions/cli/src/services/workflow-integration.test.ts">
<violation number="1" location="extensions/cli/src/services/workflow-integration.test.ts:462">
This assertion never checks that the workflow prompt was prefixed onto the CLI options. Because `enhanceConfig` clones the options object, `baseOptions.prompt` stays `['user-prompt']`, so the test always passes—even if no workflow prompt is injected—leaving the feature untested.</violation>
</file>
<file name="packages/config-yaml/src/markdown/workflowFiles.ts">
<violation number="1" location="packages/config-yaml/src/markdown/workflowFiles.ts:127">
MCP tool references with spaces after the colon are silently accepted, so the resulting toolName keeps the space and produces a policy like `mcp:owner/package: tool` that will never match the real tool identifier. Please reject colon-separated inputs that contain whitespace so workflows can’t silently misconfigure policies.
(Based on your team's feedback about ensuring MCP tool references reject colon-separated whitespace.) [FEEDBACK_USED]</violation>
</file>
<file name="extensions/cli/src/stream/streamChatResponse.ts">
<violation number="1" location="extensions/cli/src/stream/streamChatResponse.ts:340">
The headless flag is no longer passed into `processStreamingResponse`, so headless runs behave like interactive sessions—streaming output to stdout and attempting permission prompts—instead of enforcing the non-interactive headless flow.</violation>
</file>
<file name="extensions/cli/src/services/ConfigService.ts">
<violation number="1" location="extensions/cli/src/services/ConfigService.ts:59">
`injectedConfigOptions` is now read from the init object, but the caller still supplies the CLI overrides under `commandOptions`, so the overrides never reach `configEnhancer`. Update either the destructuring or the call to pass the correct property so CLI flags keep working.</violation>
</file>
<file name="extensions/cli/src/services/ToolPermissionService.ts">
<violation number="1" location="extensions/cli/src/services/ToolPermissionService.ts:86">
If a workflow requests only built-in tools, this list allows every tool—including MCP—because the wildcard allow is inserted before the MCP exclusion. Since permission checks rely on the first matching entry (as seen in the plan-mode policy ordering), the wildcard wins and the exclusion is never applied; reorder so the MCP exclusion comes before the wildcard.</violation>
</file>
React with 👍 or 👎 to teach cubic. Mention @cubic-dev-ai to give feedback, ask questions, or re-run the review.
extensions/cli/src/stream/streamChatResponse.modeSwitch.test.ts
Outdated
Show resolved
Hide resolved
sestinj
approved these changes
Oct 6, 2025
|
🎉 This PR is included in version 1.26.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 1.24.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 1.2.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Adds --workflow flag for workflow file support
Workflow files are pulled from the registry and parsed for rules, mcps/tool permissions, and model.
A workflow service keeps this state and is referenced by config and model services.
Summary by cubic
Adds workflow file support to the CLI via a --workflow flag and adds parsing/serialization for YAML-frontmatter workflow files.