fix(runtime): add input validation, credential safety, and proper error propagation #40
No reviewers
Labels
No labels
auto/blocked-by-deps
auto/ci-timeout
auto/claimed-implementer
auto/claimed-merge
auto/claimed-reviewer
auto/driver-down
auto/invariant-violation
auto/last-attempt-tier-0
auto/last-attempt-tier-1
auto/last-attempt-tier-2
auto/last-attempt-tier-min
Automation Tracking
auto/needs-conflict-resolution
auto/needs-implementer
auto/postmortem
auto/ready-to-merge
auto/restart-throttled
auto/revert
auto/sentinel
auto/stale-inactivity
auto/unstable
Blocked
Bounty
$100
Bounty
$1000
Bounty
$10000
Bounty
$20
Bounty
$2000
Bounty
$250
Bounty
$50
Bounty
$500
Bounty
$5000
Bounty
$750
MoSCoW
Could have
MoSCoW
Must have
MoSCoW
Should have
Needs Feedback
Points
1
Points
13
Points
2
Points
21
Points
3
Points
34
Points
5
Points
55
Points
8
Points
88
Priority
Backlog
Priority
CI Blocker
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Signed-off: Owner
Signed-off: Scrum Master
Signed-off: Tech Lead
Spike
State
Completed
State
Duplicate
State
In Progress
State
In Review
State
Paused
State
Unverified
State
Verified
State
Wont Do
Type
Automation
Type
Bug
Type
Discussion
Type
Documentation
Type
Epic
Type
Feature
Type
Legendary
Type
Refactor
Type
Support
Type
Task
Type
Testing
No milestone
No project
No assignees
2 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
cleveragents/cleveractors-core!40
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "fix/master-borked"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
Fix critical bugs in the runtime Executor: missing input validation, incorrect error types, resource leaks, and missing credential propagation in graph execution.
Changes
config_dict,credentials,limits,pricingparameters_execute_llm: RaiseExecutionError(notConfigurationError) for agent failures; addfinallyblock with agent cleanup_execute_llm: Guard credential access withNonecheck before.get()calls_execute_graph: PasscredentialstoAgentFactoryfor proper agent creation_execute_graph: AllowConfigurationError/ExecutionError/AgentCreationErrorto propagate naturallynodes.py: Remove hardcoded defaultworkflow_controllerrouting in message router nodesCommits
728630cfix(runtime): add input validation, credential safety, and proper error propagationCloses #39
0e38052efa126fb22fab126fb22fab3f8c3dfad63f8c3dfad6f8aebaf948f8aebaf9483fc0a3fa57PR Review —
fix(runtime): add input validation, credential safety, and proper error propagationProduction Code Changes (2 files)
src/cleveractors/langgraph/nodes.py— 1 line changed✅ Correct. Removing the hardcoded
{"next_node": "workflow_controller"}fallback is the right call — routing to a node that may not exist in the graph was dangerous. Returning{}correctly hands routing back to the graph's own edge logic.src/cleveractors/runtime.py— 52 additions, 13 deletions1. Constructor validation ✅
Silently accepting garbage inputs was broken before. All four parameter guards are correct. Note that
credentialsis explicitly allowed to beNone.2. Credential safety in
_execute_llm✅The old code called
.get()unconditionally onself.credentials, which would crash withAttributeErrorwhencredentials=None. Now correctly guarded.3.
ExecutionErrorinstead ofConfigurationErrorfor agent failures ✅Correct across
_execute_llm,_execute_graph, and_execute_tool. Agent failures at runtime are execution errors, not configuration errors.4. Agent cleanup
finallyblocks ✅Resource leaks fixed in both
_execute_llmand_execute_graph. The nestedtry/exceptinfinallycorrectly ensures cleanup failures are silent and don't swallow the original exception.5. Credentials passed to
AgentFactoryin_execute_graph✅This was the core bug breaking graph execution. Fixed.
6. Proper exception propagation ✅
Known typed exceptions (
ConfigurationError,ExecutionError,AgentCreationError) are re-raised cleanly in all three execution paths; all others are wrapped inExecutionError.7.
_estimate_tokenslogging ✅except Exception: pass→logger.debug(...). Better operability, no behaviour change.Issues Found
🔶 Minor —
_build_factory_config()unguarded.items()onNonecredentialsThe constructor now explicitly allows
credentials=None, but_build_factory_config()(unchanged) calls.items()unconditionally. If a caller passescredentials=Noneand the actor type resolves to"graph", this will raiseAttributeError. This is pre-existing — the old code had the same issue. Non-blocking for this fix; recommend a follow-up:(self.credentials or {}).items().🔵 Nit — Dead mock in
runtime_coverage_steps.pyruntime.pyno longer callsestimate_graph_tokensfromruntime_tokens— it uses the private_estimate_tokensdefined locally (which is correctly patched on the line above). This mock is now a no-op. Harmless but vestigial.🔵 Nit — Inconsistent exception chaining
_execute_llmusesfrom None(chain suppressed);_execute_graphusesfrom exc(chain preserved). The suppression in_execute_llmappears intentional per the PR description. Minor — worth aligning in a follow-up.Test Changes
return_value="Mock graph response"→return_value=("Mock graph response", {})in 3 step files_execute_graphnow unpacksresponse, final_state = await graph.execute(...)cleveractors.runtime.Xto actual module pathsruntime.pynow uses lazy (local) imports; the old names no longer exist in the module namespaceVerdict
✅ Approved — safe to merge.
All five critical bugs from issue #39 are correctly addressed. The test fixes are consistent with the runtime behaviour changes. The two nits and the pre-existing
_build_factory_config(None)edge case are non-blocking and can be addressed in a follow-up ticket.