gb_flea/paperclip
1
0
Fork 0
forked from farhoodlabs/paperclip
Code Pull Requests Activity

Harden control-plane safety and issue identifiers (#5292)

Browse Source 
## Thinking Path

> - Paperclip relies on issue identifiers, execution policies, and agent
heartbeat rules to keep autonomous work auditable.
> - Safety checks need to reject ambiguous agent handoffs, and
identifier parsing needs to support Cloud tenant prefixes.
> - Agent instructions also need to make final-disposition rules
explicit so work does not stall in vague states.
> - This pull request isolates backend correctness and governance
hardening from the UI and recovery-system-notice branches.
> - The benefit is safer in-review transitions, better identifier
compatibility, and clearer agent operating contracts.

## What Changed

- Fixed run-aware confirmation ordering and interrupted-run state
cleanup.
- Added Cloud tenant identity bootstrap and alphanumeric issue
identifier support across shared parsing and server routes.
- Guarded agent-authored `in_review` updates unless a real review path
exists.
- Tightened heartbeat disposition instructions in adapter
utilities/default AGENTS/Paperclip skill.

## Verification

- `pnpm install --frozen-lockfile`
- `pnpm exec vitest run packages/shared/src/issue-references.test.ts
server/src/__tests__/issue-identifier-routes.test.ts
server/src/__tests__/issue-execution-policy-routes.test.ts
packages/adapter-utils/src/server-utils.test.ts` initially had the first
execution-policy test hit Vitest's 5s timeout under the parallel bundle
while the rest passed.
- `pnpm exec vitest run
server/src/__tests__/issue-execution-policy-routes.test.ts
--testTimeout=20000` passed with 10/10 tests.

- Follow-up: `pnpm run typecheck:build-gaps` passed.
- Follow-up: `pnpm --filter @paperclipai/ui typecheck` passed.
- Follow-up: `pnpm vitest run
server/src/__tests__/issue-comment-reopen-routes.test.ts
server/src/__tests__/company-portability.test.ts
server/src/__tests__/costs-service.test.ts` passed.
- Follow-up: `pnpm vitest run ui/src/context/LiveUpdatesProvider.test.ts
ui/src/lib/issue-chat-messages.test.ts
ui/src/lib/issue-reference.test.ts
ui/src/lib/issue-timeline-events.test.ts` passed.

## Risks

- Medium control-plane risk: in-review update validation changes agent
behavior. The error message is explicit and tests cover allowed review
paths.

## Model Used

- OpenAI GPT-5 Codex via Paperclip `codex_local` adapter, with
shell/git/GitHub CLI tool use.

## Checklist

- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have checked ROADMAP.md and confirmed this PR does not duplicate
planned core work
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [x] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge

---------

Co-authored-by: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Dotta
2026-05-06 07:49:47 -05:00
committed by GitHub
parent a1b30c9f35
commit 68f69975a4
17 changed files with 875 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ui/src/lib/issue-chat-messages.test.ts
+156 -1
View File
@@ -7,7 +7,10 @@ import {
type IssueChatComment,
type IssueChatLinkedRun,
} from "./issue-chat-messages";
import type { SuggestTasksInteraction } from "./issue-thread-interactions";
import type {
RequestConfirmationInteraction,
SuggestTasksInteraction,
} from "./issue-thread-interactions";
import type { IssueTimelineEvent } from "./issue-timeline-events";
import type { LiveRunForIssue } from "../api/heartbeats";
@@ -89,6 +92,34 @@ function createInteraction(
};
}
function createRequestConfirmation(
overrides: Partial<RequestConfirmationInteraction> = {},
): RequestConfirmationInteraction {
return {
id: "confirmation-1",
companyId: "company-1",
issueId: "issue-1",
kind: "request_confirmation",
title: "Approve the plan",
summary: "Review and approve the latest plan.",
status: "pending",
continuationPolicy: "wake_assignee",
createdByAgentId: "agent-1",
createdByUserId: null,
resolvedByAgentId: null,
resolvedByUserId: null,
createdAt: new Date("2026-04-06T12:01:00.000Z"),
updatedAt: new Date("2026-04-06T12:01:00.000Z"),
resolvedAt: null,
payload: {
version: 1,
prompt: "Approve the plan?",
},
result: null,
...overrides,
};
}
describe("buildAssistantPartsFromTranscript", () => {
it("maps assistant text, reasoning, and tool activity while omitting noisy stderr", () => {
const result = buildAssistantPartsFromTranscript([
@@ -438,6 +469,130 @@ describe("buildIssueChatMessages", () => {
});
});
it("places request confirmations after later same-run handoff status and comment", () => {
const messages = buildIssueChatMessages({
comments: [
createComment({
id: "comment-handoff",
authorAgentId: "agent-1",
authorUserId: null,
body: "Ready for approval.",
createdAt: new Date("2026-04-06T12:03:00.000Z"),
updatedAt: new Date("2026-04-06T12:03:00.000Z"),
runId: "run-1",
runAgentId: "agent-1",
}),
createComment({
id: "comment-user-reply",
body: "Approved.",
createdAt: new Date("2026-04-06T12:04:00.000Z"),
updatedAt: new Date("2026-04-06T12:04:00.000Z"),
}),
],
interactions: [
createRequestConfirmation({
id: "confirmation-1",
sourceRunId: "run-1",
status: "expired",
result: {
version: 1,
outcome: "superseded_by_comment",
commentId: "comment-user-reply",
},
}),
],
timelineEvents: [
{
id: "event-in-review",
actorType: "agent",
actorId: "agent-1",
createdAt: new Date("2026-04-06T12:02:00.000Z"),
runId: "run-1",
statusChange: {
from: "in_progress",
to: "in_review",
},
},
],
linkedRuns: [],
liveRuns: [],
currentUserId: "user-1",
});
expect(messages.map((message) => `${message.role}:${message.id}`)).toEqual([
"system:activity:event-in-review",
"assistant:comment-handoff",
"system:interaction:confirmation-1",
"user:comment-user-reply",
]);
});
it("keeps request confirmations chronological without later same-run handoff evidence", () => {
const messages = buildIssueChatMessages({
comments: [
createComment({
id: "comment-later",
createdAt: new Date("2026-04-06T12:02:00.000Z"),
updatedAt: new Date("2026-04-06T12:02:00.000Z"),
}),
],
interactions: [
createRequestConfirmation({
id: "confirmation-1",
sourceRunId: "run-1",
}),
],
timelineEvents: [],
linkedRuns: [],
liveRuns: [],
currentUserId: "user-1",
});
expect(messages.map((message) => `${message.role}:${message.id}`)).toEqual([
"system:interaction:confirmation-1",
"user:comment-later",
]);
});
it("does not move request confirmations past unrelated comments before same-run handoff", () => {
const messages = buildIssueChatMessages({
comments: [
createComment({
id: "comment-user-reply",
body: "I have a question first.",
createdAt: new Date("2026-04-06T12:02:00.000Z"),
updatedAt: new Date("2026-04-06T12:02:00.000Z"),
}),
createComment({
id: "comment-handoff",
authorAgentId: "agent-1",
authorUserId: null,
body: "Ready for approval.",
createdAt: new Date("2026-04-06T12:03:00.000Z"),
updatedAt: new Date("2026-04-06T12:03:00.000Z"),
runId: "run-1",
runAgentId: "agent-1",
}),
],
interactions: [
createRequestConfirmation({
id: "confirmation-1",
sourceRunId: "run-1",
}),
],
timelineEvents: [],
linkedRuns: [],
liveRuns: [],
currentUserId: "user-1",
});
expect(messages.map((message) => `${message.role}:${message.id}`)).toEqual([
"system:interaction:confirmation-1",
"user:comment-user-reply",
"assistant:comment-handoff",
]);
});
it("keeps succeeded runs as assistant messages when transcript output exists", () => {
const agentMap = new Map<string, Agent>([["agent-1", createAgent("agent-1", "CodexCoder")]]);
const messages = buildIssueChatMessages({