fix(planner): preserve web_fetch actions#382
Merged
Merged
Conversation
代码评审报告: fix(planner): preserve web_fetch actions风险等级: 中 级联分析
问题发现模型未返回可结构化的问题发现;已提取可用的决策字段,原始非契约内容未附在评论中。 行级发现
Karpathy 评审
缺失覆盖
|
There was a problem hiding this comment.
Pull request overview
This PR fixes a planner contract mismatch where LLM-planned web_fetch steps were being downgraded to read_file, ensuring web_fetch is preserved end-to-end in shared action types and planner mapping while keeping the security approval boundary unchanged.
Changes:
- Extend shared
ActionTypeto includeweb_fetch. - Preserve
web_fetchthroughPlanner.mapLLMAction()and treat it as read-only for dependency scheduling viaisReadOnlyPlanningAction(). - Add regression coverage in planner and security tests to confirm action/URL preservation and default “ask approval” behavior for
web_fetch.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| packages/shared/src/types/task.ts | Adds web_fetch to the shared ActionType union so planner/runtime contracts can represent it. |
| packages/core/src/planner.ts | Preserves web_fetch in LLM action mapping and includes it in read-only planning dependency policy. |
| packages/core/src/planner.test.ts | Adds planner regression tests for web_fetch preservation and read-only dependency behavior. |
| packages/core/src/security.test.ts | Adds a regression test confirming web_fetch defaults to approval-required (unknown tool) behavior. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+198
to
+206
| const result = await planner.plan(createTask({ type: 'create' }), emptyContext(), []); | ||
|
|
||
| const webFetchStep = result.plan!.steps.find((s) => s.action === 'web_fetch'); | ||
| expect(result.needsMoreContext).toBe(false); | ||
| expect(webFetchStep).toMatchObject({ | ||
| action: 'web_fetch', | ||
| tool: 'web_fetch', | ||
| params: expect.objectContaining({ url: 'https://docs.example.com/api' }), | ||
| }); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
LLM-planned
web_fetchsteps were silently downgraded toread_file; this preserves them through Planner/shared action types while keeping security approval behavior unchanged.Linked Issue Or Context
Summary
web_fetchto sharedActionType.web_fetchinPlanner.mapLLMAction().web_fetchas a read-only planning action for dependency scheduling.web_fetchremainsask/unknown_tool_requires_approval.Impact Scope
mapLLMAction()now maps the already-advertisedweb_fetchaction instead of falling through toread_file.isReadOnlyPlanningAction()now includesweb_fetchfor consecutive read-only step dependency handling.ActionTypenow acknowledgesweb_fetch.web_fetchwas not added toREAD_TOOLS.GitNexus Impact Summary
packages/core/src/planner.tsqueryfound the relevantGeneratePlan → IsReadOnlyPlanningActionand securityCallTool → Builtinflows; pre-editimpact(mapLLMAction, upstream)was LOW with direct callerconvertLLMPlanToStepsand affected processgeneratePlan; pre-editimpact(isReadOnlyPlanningAction, upstream)was LOW with direct callerconvertLLMPlanToStepsand affected processgeneratePlan;impact(convertLLMPlanToSteps, upstream)reported HIGH because planner output flows intogeneratePlan,planOnly, andexecute; stageddetect_changesreported 4 changed files, touched symbolsPlanner,isReadOnlyPlanningAction,mapLLMAction, affected processesGeneratePlan → MapLLMActionandGeneratePlan → IsReadOnlyPlanningAction, riskmedium.pnpm quality:precommit, andpnpm quality:localpassed.Verification
pnpm agent:bootstrappassed.pnpm quality:predevpassed.web_fetchbefore the fix.pnpm --filter @frontagent/core exec vitest run src/planner.test.ts src/security.test.tspassed: 134 tests.pnpm quality:precommitpassed.pnpm quality:localpassed.pnpm quality:localand passed.Checklist
pnpm quality:precommit, or explained why it could not run.pnpm quality:localfor critical skeleton changes, or explained why it could not run.