[pull] main from danny-avila:main#127
Merged
Merged
Conversation
* fix: stop eager tool execution from corrupting large streamed args Two related eager-execution defects surfaced by create_file writing a large (multi-KB) Python file to the sandbox: 1. mergeToolCallArgsText's overlap-dedup heuristic stripped any >=8-char sequence where the accumulated text's suffix matched an incoming chunk's prefix. Indented code (8 spaces of double-indent, repeated tokens) trips this constantly, silently deleting hundreds of characters from the eager args. The corrupted eager args then (a) get written to disk and (b) diverge from the final LangChain-collapsed args, tripping the 'changed after eager execution' guard -> the model is told the write failed and loops. Fix: only dedupe an overlap when doing so yields a MORE complete parse than a plain append (a genuine partial resend recovers structure a doubled seam would break); otherwise concatenate and keep every character. Preserves the existing resend/cumulative dedup tests. 2. Side-effecting tools should not be executed speculatively at all: a speculative write can land even when the turn is superseded. Add EagerEventToolExecutionConfig.excludeToolNames so hosts can opt specific tools (create_file/edit_file) out of eager execution; excluded calls fall through to normal ToolNode execution with final args. Adds tests: large indented args accumulate without dropping characters, and excludeToolNames suppresses prestart. * refactor: withdraw mergeToolCallArgsText heuristic; rely on eager exclusion The parse-completeness heuristic can't disambiguate a genuine string-internal resend from a coincidental overlap — they're byte-identical patterns with opposite correct merges (Codex Finding 1). Rather than trade one corruption for another, revert the merge to its original behavior and rely solely on excludeToolNames: excluding side-effecting tools (create_file/edit_file) from eager execution routes them through the normal ToolNode path, which uses the final LangChain-collapsed args — correct for incremental-delta providers like Bedrock — with no speculative write and no merge guessing. * fix: apply eager exclusion after batch-level direct-tool guards Filtering excluded tools before createEagerToolExecutionPlan hid them from hasDirectToolCallInBatch, so an excluded tool that is also a direct tool could let a sibling event tool prestart in a mixed direct-tool batch. Move the exclusion into the plan's candidate selection, after the batch-level guards run against the full batch. Adds a regression test.
src/specs/summarization.test.ts is a single ~3.7k-line file, and Jest runs tests within one file sequentially (--maxWorkers only parallelizes across files). The summarization-tests job therefore ran every provider E2E suite (Anthropic, Bedrock, OpenAI) plus all local suites back-to-back on one runner. Split the job into a fail-fast:false matrix that runs each provider group and the hermetic "no API keys" group as independent parallel jobs, selected via Jest -t name patterns: - anthropic: Anthropic E2E + Token accounting audit (both hit the Anthropic API) - openai: OpenAI E2E - bedrock: Bedrock E2E - local: all "(no API keys)" suites Keeping each provider in its own serial job avoids cross-job rate-limit contention while cutting wall-clock time to the slowest group. The patterns partition all 25 tests with no gaps or overlaps.
…lNames) (#283) * feat: let host tools share the code-execution session (codeSessionToolNames) Files written by a host sandbox tool (e.g. LibreChat's create_file) were invisible to later bash_tool/execute_code calls because the shared code session (sessions[EXECUTE_CODE]) is only updated for built-in CODE_EXECUTION_TOOLS. A host authoring tool wrote to one exec session; the next code tool started its own — so 'create_file then run it' failed with file-not-found. Add RunConfig.codeSessionToolNames: a host-declared set of tool names that write to the sandbox. Their successful results fold the returned exec session_id into the shared code session, so subsequent code tools reuse the same sandbox. Kept name-scoped (not a blanket artifact opt-in) so only host-declared tools can influence the shared session; threaded RunConfig -> Graph -> ToolNode like eagerEventToolExecution. Adds ToolNode.session tests: a declared host tool stores its exec session; the same tool undeclared does not. * fix: attach code session to declared host tools + wire traditional ToolNode Two gaps in the codeSessionToolNames wiring (Codex review): - Read direction: codeSessionContext was attached to requests only for built-in code tools, skill, and read_file. A declared host tool (create_file/ edit_file) called when a session already exists got no session_id/files, so it wrote into a fresh sandbox and lost prior in-session state. Now gated on participatesInCodeSession in the event request builder and the eager stream planner (getCodeSessionContext). - The non-event-driven ToolNode in initializeTools didn't receive codeSessionToolNames, so the option was ignored on the traditional path. Pass it there too. Adds a test: a declared host tool request receives the existing code session. * fix: inject session for direct host tools + auto-exclude session tools from eager Two more gaps (Codex review): - The direct runTool pre-invocation injection (session_id/_injected_files) was gated on built-in CODE_EXECUTION_TOOLS, so a declared host tool on the traditional path got no current session and wrote to a fresh sandbox. Gate on participatesInCodeSession. - A codeSessionToolNames tool writes to the shared sandbox, so it is side-effecting and must not be eagerly prestarted. isEagerExecutionExcludedTool now treats codeSessionToolNames members as excluded, so hosts don't have to duplicate the name in excludeToolNames.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )