fix: guard tool event callbacks (AI-assisted)#81696
Conversation
|
Codex review: passed. Reviewed June 19, 2026, 1:12 AM ET / 05:12 UTC. Summary PR surface: Source +31, Tests +44. Total +75 across 2 files. Reproducibility: yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event paths, so a throwing observer can interrupt the handler and a rejected async observer can leak unless guarded; I did not run a failing current-main repro in this read-only review. Review metrics: 1 noteworthy metric.
Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Risk before merge
Maintainer options:
Next step before merge
Security Review detailsBest possible solution: Land the focused tool-callback guard after exact-head automerge checks and normal maintainer gates, and track any broader observer-callback policy separately if maintainers want that scope. Do we have a high-confidence way to reproduce the issue? Yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event paths, so a throwing observer can interrupt the handler and a rejected async observer can leak unless guarded; I did not run a failing current-main repro in this read-only review. Is this the best way to solve the issue? Yes. The PR is the narrowest maintainable fix for the stated tool-handler observer boundary: local wrappers match the callback types, preserve canonical event/state emissions, and avoid changing broader lifecycle or global event semantics. AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against 5e7a0b155808. Label changesLabel changes:
Label justifications:
Evidence reviewedPR surface: Source +31, Tests +44. Total +75 across 2 files. View PR surface stats
What I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
|
|
@steipete Hi, could you take a look when you have a moment? The checks are green and the real behavior proof is in place, so this PR is ready for human review. |
|
This pull request has been automatically marked as stale due to inactivity. |
6096302 to
0e74376
Compare
0e74376 to
44afadf
Compare
44afadf to
65de17d
Compare
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
|
@clawsweeper re-review |
|
/clownfish automerge |
|
Clownfish is on the reef for this PR. 🐠 I tagged A maintainer can call |
|
@clawsweeper approve |
|
🦞👀 Command router queued. I will update this comment with the next step. |
|
🦞✅ Source: What merged:
Automerge notes:
The automerge loop is complete. Automerge progress:
|
Summary: - This PR wraps embedded-agent tool-handler onExecutionPhase and per-run onAgentEvent emissions in best-effort warning guards and adds regression tests for throwing and rejecting callbacks. - PR surface: Source +31, Tests +44. Total +75 across 2 files. - Reproducibility: yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event ... sync observer can leak unless guarded; I did not run a failing current-main repro in this read-only review. Automerge notes: - No ClawSweeper repair was needed after automerge opt-in. Validation: - ClawSweeper review passed for head 65de17d. - Required merge gates passed before the squash merge. Prepared head SHA: 65de17d Review: openclaw#81696 (comment) Co-authored-by: xuyi1243 <maginaxwhz@gmail.com>
Summary: - This PR wraps embedded-agent tool-handler onExecutionPhase and per-run onAgentEvent emissions in best-effort warning guards and adds regression tests for throwing and rejecting callbacks. - PR surface: Source +31, Tests +44. Total +75 across 2 files. - Reproducibility: yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event ... sync observer can leak unless guarded; I did not run a failing current-main repro in this read-only review. Automerge notes: - No ClawSweeper repair was needed after automerge opt-in. Validation: - ClawSweeper review passed for head 65de17d. - Required merge gates passed before the squash merge. Prepared head SHA: 65de17d Review: openclaw#81696 (comment) Co-authored-by: xuyi1243 <maginaxwhz@gmail.com>
Summary
Change Type (select all)
Scope (select all touched areas)
Linked Issue/PR
Real behavior proof (required for external PRs)
65de17d9e09cabf804eca4050943f34e35ff2166.git rev-parse HEADnode --import tsx --input-type=module <<'NODE' ...runtime callback proof script... NODEnode scripts/run-vitest.mjs src/agents/embedded-agent-subscribe.handlers.tools.test.ts -- --runnode_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src/agents/embedded-agent-subscribe.handlers.tools.tsnode_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src ui packagesgit diff --checkmaindirectly invokes the same per-run callbacks withctx.params.onExecutionPhase?.(...)andvoid ctx.params.onAgentEvent?.(...), so sync throws can escape and async rejections are not observed on that path. The proof above demonstrates the current PR head converts those callback failures into warning-only observer failures while preserving tool event handling.Root Cause (if applicable)
void, but synchronous throws still escaped and promise rejections were not caught.Regression Test Plan (if applicable)
src/agents/pi-embedded-subscribe.handlers.tools.test.tsUser-visible / Behavior Changes
None.
Diagram (if applicable)
Security Impact (required)
Yes, explain risk + mitigation: N/ARepro + Verification
Environment
Steps
git rev-parse HEAD.src/agents/embedded-agent-subscribe.handlers.tools.tsand exercises sync-throwing plus async-rejecting progress callbacks againsthandleToolExecutionStart.node scripts/run-vitest.mjs src/agents/embedded-agent-subscribe.handlers.tools.test.ts -- --run.node_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src/agents/embedded-agent-subscribe.handlers.tools.tsnode_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src ui packagesgit diff --checkExpected
Actual
65de17d9e09cabf804eca4050943f34e35ff2166.Evidence
Human Verification (required)
What you personally verified (not just CI), and how:
65de17d9e09cabf804eca4050943f34e35ff2166, production handler import, sync execution-phase callback throw, sync per-run agent-event callback throw, async per-run agent-event callback rejection, existing tool event behavior, and the thenable-safePromise.resolve(result).catch(...)guard.Review Conversations
Compatibility / Migration
Risks and Mitigations