UAT: Missing fail-fast validation for required string arguments in create_action() public method #3885

New issue

Open

opened 2026-04-06 07:08:38 +00:00 by freemo · 0 comments

freemo commented

2026-04-06 07:08:38 +00:00

Owner

Metadata

Branch: fix/uat-create-action-fail-fast-validation
Commit Message: fix(plan-lifecycle-service): add fail-fast validation for required string args in create_action()
Milestone: (none — see backlog note below)
Parent Epic: #362

Bug Report

Feature Area: Error Handling and Resilience
Severity: Medium
Found by: UAT automated testing

What Was Tested

The create_action() public method in src/cleveragents/application/services/plan_lifecycle_service.py (lines 725-814) was analyzed for compliance with the CONTRIBUTING.md fail-fast validation requirements.

Expected Behavior (from CONTRIBUTING.md)

All public and protected class methods must validate their arguments as the very first step before any other logic.
Validation checks must include:

Null Checks: Reject unexpected null values.

Empty Strings and Collections: Reject empty inputs where they are not explicitly allowed.

Value Range: For numeric values.

Actual Behavior

The create_action() method accepts several required string parameters (description, definition_of_done, strategy_actor, execution_actor) but does NOT validate them for emptiness before proceeding. The only validation performed is parsing the name parameter:

# src/cleveragents/application/services/plan_lifecycle_service.py lines 725-814
def create_action(
    self,
    name: str,
    description: str,           # Required but not validated for empty
    definition_of_done: str,    # Required but not validated for empty
    strategy_actor: str,        # Required but not validated for empty
    execution_actor: str,       # Required but not validated for empty
    ...
) -> Action:
    self._logger.info("Creating action", name=name)

    # Parse namespaced name
    try:
        namespaced_name = NamespacedName.parse(name)
    except ValueError as e:
        raise ValidationError(f"Invalid action name: {e}") from e

    # No validation of description, definition_of_done, strategy_actor, execution_actor!
    action = Action(
        namespaced_name=namespaced_name,
        description=description,  # Could be empty string ""
        ...
    )

Why This Is a Problem

Violates CONTRIBUTING.md fail-fast principle: Required string arguments are not validated at the method boundary.
Silent invalid state: An action can be created with an empty description, empty definition_of_done, or empty strategy_actor/execution_actor, which will cause downstream failures when the action is used.
Inconsistent validation: The name parameter is validated but the other required string parameters are not.
Late failure: Without early validation, errors manifest later (e.g., when the plan tries to execute with an empty actor name), making debugging harder.

Recommended Fix

Add fail-fast validation at the start of create_action():

def create_action(self, name: str, description: str, definition_of_done: str,
                  strategy_actor: str, execution_actor: str, ...) -> Action:
    # Fail-fast validation (CONTRIBUTING.md requirement)
    if not description or not description.strip():
        raise ValidationError("description must not be empty")
    if not definition_of_done or not definition_of_done.strip():
        raise ValidationError("definition_of_done must not be empty")
    if not strategy_actor or not strategy_actor.strip():
        raise ValidationError("strategy_actor must not be empty")
    if not execution_actor or not execution_actor.strip():
        raise ValidationError("execution_actor must not be empty")

    self._logger.info("Creating action", name=name)
    # ... rest of method

Code Location

File: src/cleveragents/application/services/plan_lifecycle_service.py
Lines: 725-814
Method: create_action()

Subtasks

Add fail-fast empty-string validation for description at the top of create_action()
Add fail-fast empty-string validation for definition_of_done at the top of create_action()
Add fail-fast empty-string validation for strategy_actor at the top of create_action()
Add fail-fast empty-string validation for execution_actor at the top of create_action()
Tests (unit): Add test cases asserting ValidationError is raised for each empty-string argument
Tests (Behave): Add scenario for create_action() rejecting empty required string arguments
Verify coverage >= 97% via nox -s coverage_report
Run nox (all default sessions), fix any errors

Definition of Done

This issue is complete when:

All subtasks above are completed and checked off.
create_action() raises ValidationError immediately when any of description, definition_of_done, strategy_actor, or execution_actor is an empty or whitespace-only string.
Unit tests cover all four new validation branches.
A Git commit is created where the first line of the commit message matches the Commit Message in Metadata exactly, followed by a blank line, then additional lines providing relevant details about the implementation.
The commit is pushed to the remote on the branch matching the Branch in Metadata exactly.
The commit is submitted as a pull request to master, reviewed, and merged before this issue is marked done.
All nox stages pass
Coverage >= 97%

Backlog note: This issue was discovered during autonomous operation
on milestone v3.5.0. It does not block milestone completion and has been
placed in the backlog for human review and future milestone assignment.

Automated by CleverAgents Bot
Supervisor: UAT Testing | Agent: ca-new-issue-creator

## Metadata - **Branch**: `fix/uat-create-action-fail-fast-validation` - **Commit Message**: `fix(plan-lifecycle-service): add fail-fast validation for required string args in create_action()` - **Milestone**: _(none — see backlog note below)_ - **Parent Epic**: #362 ## Bug Report **Feature Area:** Error Handling and Resilience **Severity:** Medium **Found by:** UAT automated testing ### What Was Tested The `create_action()` public method in `src/cleveragents/application/services/plan_lifecycle_service.py` (lines 725-814) was analyzed for compliance with the CONTRIBUTING.md fail-fast validation requirements. ### Expected Behavior (from CONTRIBUTING.md) > All `public` and `protected` class methods **must** validate their arguments as the very first step before any other logic. > Validation checks must include: > - **Null Checks:** Reject unexpected `null` values. > - **Empty Strings and Collections:** Reject empty inputs where they are not explicitly allowed. > - **Value Range:** For numeric values. ### Actual Behavior The `create_action()` method accepts several required string parameters (`description`, `definition_of_done`, `strategy_actor`, `execution_actor`) but does NOT validate them for emptiness before proceeding. The only validation performed is parsing the `name` parameter: ```python # src/cleveragents/application/services/plan_lifecycle_service.py lines 725-814 def create_action( self, name: str, description: str, # Required but not validated for empty definition_of_done: str, # Required but not validated for empty strategy_actor: str, # Required but not validated for empty execution_actor: str, # Required but not validated for empty ... ) -> Action: self._logger.info("Creating action", name=name) # Parse namespaced name try: namespaced_name = NamespacedName.parse(name) except ValueError as e: raise ValidationError(f"Invalid action name: {e}") from e # No validation of description, definition_of_done, strategy_actor, execution_actor! action = Action( namespaced_name=namespaced_name, description=description, # Could be empty string "" ... ) ``` ### Why This Is a Problem 1. **Violates CONTRIBUTING.md fail-fast principle**: Required string arguments are not validated at the method boundary. 2. **Silent invalid state**: An action can be created with an empty `description`, empty `definition_of_done`, or empty `strategy_actor`/`execution_actor`, which will cause downstream failures when the action is used. 3. **Inconsistent validation**: The `name` parameter is validated but the other required string parameters are not. 4. **Late failure**: Without early validation, errors manifest later (e.g., when the plan tries to execute with an empty actor name), making debugging harder. ### Recommended Fix Add fail-fast validation at the start of `create_action()`: ```python def create_action(self, name: str, description: str, definition_of_done: str, strategy_actor: str, execution_actor: str, ...) -> Action: # Fail-fast validation (CONTRIBUTING.md requirement) if not description or not description.strip(): raise ValidationError("description must not be empty") if not definition_of_done or not definition_of_done.strip(): raise ValidationError("definition_of_done must not be empty") if not strategy_actor or not strategy_actor.strip(): raise ValidationError("strategy_actor must not be empty") if not execution_actor or not execution_actor.strip(): raise ValidationError("execution_actor must not be empty") self._logger.info("Creating action", name=name) # ... rest of method ``` ### Code Location - File: `src/cleveragents/application/services/plan_lifecycle_service.py` - Lines: 725-814 - Method: `create_action()` ## Subtasks - [ ] Add fail-fast empty-string validation for `description` at the top of `create_action()` - [ ] Add fail-fast empty-string validation for `definition_of_done` at the top of `create_action()` - [ ] Add fail-fast empty-string validation for `strategy_actor` at the top of `create_action()` - [ ] Add fail-fast empty-string validation for `execution_actor` at the top of `create_action()` - [ ] Tests (unit): Add test cases asserting `ValidationError` is raised for each empty-string argument - [ ] Tests (Behave): Add scenario for `create_action()` rejecting empty required string arguments - [ ] Verify coverage >= 97% via `nox -s coverage_report` - [ ] Run `nox` (all default sessions), fix any errors ## Definition of Done This issue is complete when: - All subtasks above are completed and checked off. - `create_action()` raises `ValidationError` immediately when any of `description`, `definition_of_done`, `strategy_actor`, or `execution_actor` is an empty or whitespace-only string. - Unit tests cover all four new validation branches. - A Git commit is created where the **first line** of the commit message matches the Commit Message in Metadata exactly, followed by a blank line, then additional lines providing relevant details about the implementation. - The commit is pushed to the remote on the branch matching the **Branch** in Metadata exactly. - The commit is submitted as a **pull request** to `master`, reviewed, and **merged** before this issue is marked done. - All nox stages pass - Coverage >= 97% > **Backlog note:** This issue was discovered during autonomous operation > on milestone v3.5.0. It does not block milestone completion and has been > placed in the backlog for human review and future milestone assignment. --- **Automated by CleverAgents Bot** Supervisor: UAT Testing | Agent: ca-new-issue-creator

freemo added a new dependency

2026-04-06 07:08:45 +00:00

#362 Epic: Security & Safety Hardening

freemo referenced this issue

2026-04-06 07:13:06 +00:00

[Automated] CleverAgents Build Session - 2026-04-06 #3775

freemo referenced this issue

2026-04-06 07:21:26 +00:00

[Automated] CleverAgents Build Session - 2026-04-06 #3775

freemo referenced this issue

2026-04-06 10:35:53 +00:00

[Automated] CleverAgents Build Session - 2026-04-06 #3775