Skip to content

fix(github-copilot): preserve reasoning ids with encrypted_content#71448

Merged
steipete merged 2 commits intoopenclaw:mainfrom
a410979729-sys:fix/github-copilot-encrypted-reasoning-ids
Apr 25, 2026
Merged

fix(github-copilot): preserve reasoning ids with encrypted_content#71448
steipete merged 2 commits intoopenclaw:mainfrom
a410979729-sys:fix/github-copilot-encrypted-reasoning-ids

Conversation

@a410979729-sys
Copy link
Copy Markdown
Contributor

@a410979729-sys a410979729-sys commented Apr 25, 2026
edited
Loading

Summary

Fix GitHub Copilot response replay so that reasoning items with encrypted_content do not have their item ids rewritten by connection-bound id normalization.

Problem

Copilot/OpenAI Responses reasoning items can carry encrypted_content that is bound to the original item id.

The existing connection-bound id normalization rewrites opaque response item ids before replay. For normal items this is fine, but for reasoning items with encrypted_content it creates an inconsistent payload:

  • outer reasoning item id is rewritten to a synthetic rs_<hash> id
  • encrypted payload still refers to the original upstream item id

This causes provider-side request rejection with errors like:

The encrypted content for item rs_... could not be verified.
Reason: Encrypted content item_id did not match the target item id.

Fix

Skip connection-bound id rewriting for response items where:

  • type === "reasoning"
  • encrypted_content is present

This keeps the encrypted reasoning block internally consistent while preserving the existing normalization behavior for other item types.

Tests

Added regression coverage for:

  • preserving ids for reasoning items with encrypted_content
  • continuing to rewrite reasoning ids when encrypted_content is absent

Local verification:

corepack pnpm exec vitest run extensions/github-copilot/connection-bound-ids.test.ts

Related

Addresses #70654

Submitted by Tianji on behalf of the Beidou Five and Joy.

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps Bot commented Apr 25, 2026

Greptile Summary

This PR adds a targeted guard in rewriteCopilotConnectionBoundResponseIds to skip id rewriting for reasoning items that carry an encrypted_content field, preventing a provider-side verification failure caused by a mismatched item id inside the encrypted payload. Two regression tests are added to cover both the new bypass and the unchanged behaviour for reasoning items without encrypted content.

Confidence Score: 5/5

Safe to merge — minimal, well-scoped fix with direct regression tests.

The change is two guarded lines with a clear precondition (type === 'reasoning' && typeof encrypted_content === 'string'), inserted at the right point in the loop before the id rewrite. Both the new behaviour and the existing behaviour for reasoning items without encrypted content are tested. No logic, security, or type-safety issues found.

No files require special attention.

Reviews (1): Last reviewed commit: "fix(github-copilot): skip id rewrite for..." | Re-trigger Greptile

steipete added a commit to a410979729-sys/openclaw that referenced this pull request Apr 25, 2026
@steipete
test(github-copilot): harden live Copilot replay auth (openclaw#71448)…
5328494 
… (thanks @a410979729-sys)
steipete added a commit to a410979729-sys/openclaw that referenced this pull request Apr 25, 2026
@steipete
test(github-copilot): harden live Copilot replay auth (openclaw#71448)…
f2a24d7 
… (thanks @a410979729-sys)
@steipete steipete force-pushed the fix/github-copilot-encrypted-reasoning-ids branch from 5328494 to f2a24d7 Compare April 25, 2026 07:27
steipete added a commit to a410979729-sys/openclaw that referenced this pull request Apr 25, 2026
@steipete
fix(plugin-sdk): align browser profile facade exports (openclaw#71448)
a9b87c1
steipete added a commit to a410979729-sys/openclaw that referenced this pull request Apr 25, 2026
@steipete
test(github-copilot): harden live Copilot replay auth (openclaw#71448)…
d27eb7c 
… (thanks @a410979729-sys)
steipete added a commit to a410979729-sys/openclaw that referenced this pull request Apr 25, 2026
@steipete
fix(plugin-sdk): align browser profile facade exports (openclaw#71448)
798c799
@steipete steipete force-pushed the fix/github-copilot-encrypted-reasoning-ids branch from a9b87c1 to 798c799 Compare April 25, 2026 07:51
steipete added a commit to a410979729-sys/openclaw that referenced this pull request Apr 25, 2026
@steipete
test(github-copilot): harden live Copilot replay auth (openclaw#71448)…
8197623 
… (thanks @a410979729-sys)
@steipete steipete force-pushed the fix/github-copilot-encrypted-reasoning-ids branch from 798c799 to 8197623 Compare April 25, 2026 07:57
@steipete steipete force-pushed the fix/github-copilot-encrypted-reasoning-ids branch from 8197623 to f7f4857 Compare April 25, 2026 07:57
@steipete steipete merged commit 8fd15ed into openclaw:main Apr 25, 2026
9 checks passed
@steipete
Copy link
Copy Markdown
Contributor

steipete commented Apr 25, 2026

Landed via squash merge.

  • Gate: pnpm check:changed; pnpm test:contracts:plugins; GITHUB_COPILOT_LIVE_TEST=1 OPENCLAW_LIVE_TEST=1 pnpm test:live extensions/github-copilot/connection-bound-ids.live.test.ts --reporter=verbose --testTimeout=70000
  • Source head: f7f4857
  • Merge commit: 8fd15ed

Thanks @a410979729-sys!

@github-actions github-actions Bot mentioned this pull request Apr 25, 2026
Open
steipete pushed a commit to MonkeyLeeT/openclaw that referenced this pull request Apr 25, 2026
@a410979729-sys @steipete
fix(github-copilot): preserve encrypted reasoning ids with encrypted_…
94f9a4b 
…content (openclaw#71448)

Preserve encrypted Copilot Responses reasoning item IDs during replay and harden the live Copilot replay probe.

Thanks @a410979729-sys.
@InvalidPandaa InvalidPandaa mentioned this pull request Apr 25, 2026
Merged
23 tasks
@steipete steipete mentioned this pull request Apr 25, 2026
Closed
Angfr95 pushed a commit to Angfr95/openclaw that referenced this pull request Apr 25, 2026
@a410979729-sys
fix(github-copilot): preserve encrypted reasoning ids with encrypted_…
1d7c381 
…content (openclaw#71448)

Preserve encrypted Copilot Responses reasoning item IDs during replay and harden the live Copilot replay probe.

Thanks @a410979729-sys.
ayesha-aziz123 pushed a commit to ayesha-aziz123/openclaw that referenced this pull request Apr 26, 2026
@a410979729-sys @ayesha-aziz123
fix(github-copilot): preserve encrypted reasoning ids with encrypted_…
a9374fe 
…content (openclaw#71448)

Preserve encrypted Copilot Responses reasoning item IDs during replay and harden the live Copilot replay probe.

Thanks @a410979729-sys.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

size: S

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@a410979729-sys @steipete