fix: enforced global visible_skills in llm node validation and improved skill loading error handling across the project
This commit is contained in:
@@ -14,6 +14,21 @@ review_attempts=$(echo "$state" | jq -r '.review_attempts // 0')
|
|||||||
max_review_attempts=$(echo "$state" | jq -r '.max_review_attempts // 1')
|
max_review_attempts=$(echo "$state" | jq -r '.max_review_attempts // 1')
|
||||||
review_notes=$(echo "$state" | jq -r '.review_notes // ""')
|
review_notes=$(echo "$state" | jq -r '.review_notes // ""')
|
||||||
|
|
||||||
|
if [[ "$review_clean" != "true" && "$review_clean" != "false" ]]; then
|
||||||
|
echo "ERROR: review_clean must be boolean ('true'/'false'); got: $review_clean" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! [[ "$review_attempts" =~ ^[0-9]+$ ]]; then
|
||||||
|
echo "ERROR: review_attempts must be a non-negative integer; got: $review_attempts" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! [[ "$max_review_attempts" =~ ^[0-9]+$ ]]; then
|
||||||
|
echo "ERROR: max_review_attempts must be a non-negative integer; got: $max_review_attempts" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
if [[ "$review_clean" == "true" ]]; then
|
if [[ "$review_clean" == "true" ]]; then
|
||||||
jq -nc '{"_next": "end_success"}'
|
jq -nc '{"_next": "end_success"}'
|
||||||
exit 0
|
exit 0
|
||||||
|
|||||||
@@ -28,6 +28,8 @@ main() {
|
|||||||
local grep_args=(-nH --color=never)
|
local grep_args=(-nH --color=never)
|
||||||
|
|
||||||
if [[ -d "$search_path" ]]; then
|
if [[ -d "$search_path" ]]; then
|
||||||
|
# Use -r (not -R) so symlinks to directories are NOT followed - this avoids
|
||||||
|
# infinite loops on pathological symlink cycles (e.g. `ln -s . loop`).
|
||||||
grep_args+=(-r)
|
grep_args+=(-r)
|
||||||
grep_args+=(
|
grep_args+=(
|
||||||
--exclude-dir='.git'
|
--exclude-dir='.git'
|
||||||
|
|||||||
@@ -289,6 +289,17 @@ pub fn has_skill(name: &str) -> bool {
|
|||||||
skill_file(name).is_file()
|
skill_file(name).is_file()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn list_visible_skills(visible: Option<&[String]>) -> Vec<String> {
|
||||||
|
let installed = list_skills();
|
||||||
|
match visible {
|
||||||
|
None => installed,
|
||||||
|
Some(allow) => installed
|
||||||
|
.into_iter()
|
||||||
|
.filter(|name| allow.iter().any(|v| v == name))
|
||||||
|
.collect(),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
pub fn local_models_override() -> Result<Vec<ProviderModels>> {
|
pub fn local_models_override() -> Result<Vec<ProviderModels>> {
|
||||||
let model_override_path = models_override_file();
|
let model_override_path = models_override_file();
|
||||||
let err = || {
|
let err = || {
|
||||||
|
|||||||
@@ -1737,6 +1737,18 @@ impl RequestContext {
|
|||||||
"enabled_skills" => {
|
"enabled_skills" => {
|
||||||
let raw: Option<String> = super::parse_value(value)?;
|
let raw: Option<String> = super::parse_value(value)?;
|
||||||
let parsed: Option<Vec<String>> = raw.map(|s| super::csv_to_vec(&s));
|
let parsed: Option<Vec<String>> = raw.map(|s| super::csv_to_vec(&s));
|
||||||
|
if let Some(names) = parsed.as_ref() {
|
||||||
|
let visible =
|
||||||
|
paths::list_visible_skills(self.app.config.visible_skills.as_deref());
|
||||||
|
for name in names {
|
||||||
|
paths::validate_skill_name(name)?;
|
||||||
|
if !visible.iter().any(|s| s == name) {
|
||||||
|
bail!(
|
||||||
|
"enabled_skills references skill '{name}' which is not visible (check global 'visible_skills' and that the skill is installed)"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
self.update_app_config(|app| app.enabled_skills = parsed.clone());
|
self.update_app_config(|app| app.enabled_skills = parsed.clone());
|
||||||
}
|
}
|
||||||
"skills_enabled" => {
|
"skills_enabled" => {
|
||||||
@@ -2650,7 +2662,9 @@ impl RequestContext {
|
|||||||
|
|
||||||
self.skill_registry.insert(skill)?;
|
self.skill_registry.insert(skill)?;
|
||||||
if let Err(e) = self.refresh_tool_scope(abort_signal).await {
|
if let Err(e) = self.refresh_tool_scope(abort_signal).await {
|
||||||
let _ = self.skill_registry.unload(name);
|
if let Err(unload_err) = self.skill_registry.unload(name) {
|
||||||
|
warn!("Failed to unload skill '{name}' during error recovery: {unload_err}");
|
||||||
|
}
|
||||||
bail!("Loaded skill '{name}' but failed to refresh tool scope: {e}");
|
bail!("Loaded skill '{name}' but failed to refresh tool scope: {e}");
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2659,10 +2673,15 @@ impl RequestContext {
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub async fn unload_skill_repl(&mut self, name: &str, abort_signal: AbortSignal) -> Result<()> {
|
pub async fn unload_skill_repl(&mut self, name: &str, abort_signal: AbortSignal) -> Result<()> {
|
||||||
self.skill_registry.unload(name)?;
|
let skill = self.skill_registry.unload(name)?;
|
||||||
|
|
||||||
if let Err(e) = self.refresh_tool_scope(abort_signal).await {
|
if let Err(e) = self.refresh_tool_scope(abort_signal).await {
|
||||||
eprintln!("Warning: unloaded skill '{name}' but tool scope refresh failed: {e}");
|
if let Err(restore_err) = self.skill_registry.insert(skill) {
|
||||||
|
warn!(
|
||||||
|
"Failed to restore skill '{name}' after tool-scope refresh failure: {restore_err}"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
bail!("Unloaded skill '{name}' but failed to refresh tool scope; restored: {e}");
|
||||||
}
|
}
|
||||||
|
|
||||||
println!("✓ Unloaded skill '{name}'.");
|
println!("✓ Unloaded skill '{name}'.");
|
||||||
|
|||||||
+13
-3
@@ -105,7 +105,7 @@ fn handle_list(ctx: &RequestContext, policy: &SkillPolicy) -> Result<Value> {
|
|||||||
let mcp_on = ctx.app.config.mcp_server_support;
|
let mcp_on = ctx.app.config.mcp_server_support;
|
||||||
|
|
||||||
let mut entries = Vec::new();
|
let mut entries = Vec::new();
|
||||||
for name in paths::list_skills() {
|
for name in paths::list_visible_skills(ctx.app.config.visible_skills.as_deref()) {
|
||||||
if !policy.allows(&name) {
|
if !policy.allows(&name) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@@ -193,7 +193,10 @@ async fn handle_load(
|
|||||||
}
|
}
|
||||||
|
|
||||||
if let Err(e) = ctx.refresh_tool_scope(create_abort_signal()).await {
|
if let Err(e) = ctx.refresh_tool_scope(create_abort_signal()).await {
|
||||||
let _ = ctx.skill_registry.unload(name);
|
if let Err(unload_err) = ctx.skill_registry.unload(name) {
|
||||||
|
warn!("Failed to unload skill '{name}' during error recovery: {unload_err}");
|
||||||
|
}
|
||||||
|
|
||||||
return Ok(json!({
|
return Ok(json!({
|
||||||
"error": format!("Loaded skill '{name}' but failed to refresh tool scope: {e}")
|
"error": format!("Loaded skill '{name}' but failed to refresh tool scope: {e}")
|
||||||
}));
|
}));
|
||||||
@@ -212,13 +215,20 @@ async fn handle_unload(ctx: &mut RequestContext, args: &Value) -> Result<Value>
|
|||||||
_ => return Ok(json!({"error": "name is required"})),
|
_ => return Ok(json!({"error": "name is required"})),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if let Err(e) = paths::validate_skill_name(name) {
|
||||||
|
return Ok(json!({"error": e.to_string()}));
|
||||||
|
}
|
||||||
|
|
||||||
let skill = match ctx.skill_registry.unload(name) {
|
let skill = match ctx.skill_registry.unload(name) {
|
||||||
Ok(s) => s,
|
Ok(s) => s,
|
||||||
Err(e) => return Ok(json!({"error": e.to_string()})),
|
Err(e) => return Ok(json!({"error": e.to_string()})),
|
||||||
};
|
};
|
||||||
|
|
||||||
if let Err(e) = ctx.refresh_tool_scope(create_abort_signal()).await {
|
if let Err(e) = ctx.refresh_tool_scope(create_abort_signal()).await {
|
||||||
let _ = ctx.skill_registry.insert(skill);
|
if let Err(insert_err) = ctx.skill_registry.insert(skill) {
|
||||||
|
warn!("Failed to restore skill '{name}' after unload recovery: {insert_err}");
|
||||||
|
}
|
||||||
|
|
||||||
return Ok(json!({
|
return Ok(json!({
|
||||||
"error": format!(
|
"error": format!(
|
||||||
"Unloaded skill '{name}' but failed to refresh tool scope; restored: {e}"
|
"Unloaded skill '{name}' but failed to refresh tool scope; restored: {e}"
|
||||||
|
|||||||
@@ -191,6 +191,33 @@ impl GraphValidator {
|
|||||||
}
|
}
|
||||||
|
|
||||||
fn validate_llm_skills(&self, graph: &Graph, result: &mut ValidationResult) {
|
fn validate_llm_skills(&self, graph: &Graph, result: &mut ValidationResult) {
|
||||||
|
let visible_skills = self
|
||||||
|
.agent_ctx
|
||||||
|
.as_ref()
|
||||||
|
.and_then(|c| c.app_config.visible_skills.as_deref());
|
||||||
|
|
||||||
|
let is_visible = |name: &str| match visible_skills {
|
||||||
|
None => true,
|
||||||
|
Some(list) => list.iter().any(|s| s == name),
|
||||||
|
};
|
||||||
|
|
||||||
|
if let Some(graph_skills) = &graph.enabled_skills {
|
||||||
|
for name in graph_skills {
|
||||||
|
if name.trim().is_empty() {
|
||||||
|
result.error(ValidationError::new(
|
||||||
|
"graph 'enabled_skills' contains an empty skill name",
|
||||||
|
));
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if !is_visible(name) {
|
||||||
|
result.error(ValidationError::new(format!(
|
||||||
|
"graph 'enabled_skills' references '{name}' which is not in global 'visible_skills'"
|
||||||
|
)));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
for (node_id, node) in &graph.nodes {
|
for (node_id, node) in &graph.nodes {
|
||||||
let NodeType::Llm(llm) = &node.node_type else {
|
let NodeType::Llm(llm) = &node.node_type else {
|
||||||
continue;
|
continue;
|
||||||
@@ -207,6 +234,17 @@ impl GraphValidator {
|
|||||||
));
|
));
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !is_visible(name) {
|
||||||
|
result.error(ValidationError::with_node(
|
||||||
|
node_id,
|
||||||
|
format!(
|
||||||
|
"llm node 'enabled_skills' references '{name}' which is not in global 'visible_skills'"
|
||||||
|
),
|
||||||
|
));
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
if let Some(graph_skills) = &graph.enabled_skills
|
if let Some(graph_skills) = &graph.enabled_skills
|
||||||
&& !graph_skills.iter().any(|g| g == name)
|
&& !graph_skills.iter().any(|g| g == name)
|
||||||
{
|
{
|
||||||
|
|||||||
+4
-1
@@ -17,6 +17,7 @@ use gman::providers::SecretProvider;
|
|||||||
use gman::providers::SupportedProvider;
|
use gman::providers::SupportedProvider;
|
||||||
use gman::providers::local::LocalProvider;
|
use gman::providers::local::LocalProvider;
|
||||||
use inquire::{Password, PasswordDisplayMode, required};
|
use inquire::{Password, PasswordDisplayMode, required};
|
||||||
|
use log::warn;
|
||||||
use serde_yaml::Value;
|
use serde_yaml::Value;
|
||||||
use std::sync::{Arc, LazyLock};
|
use std::sync::{Arc, LazyLock};
|
||||||
use tokio::runtime::Handle;
|
use tokio::runtime::Handle;
|
||||||
@@ -228,7 +229,9 @@ impl Vault {
|
|||||||
.await
|
.await
|
||||||
.with_context(|| "vault read probe failed")?;
|
.with_context(|| "vault read probe failed")?;
|
||||||
if got != PROBE_VALUE {
|
if got != PROBE_VALUE {
|
||||||
let _ = self.provider_ref().delete_secret(&probe_key).await;
|
if let Err(cleanup_err) = self.provider_ref().delete_secret(&probe_key).await {
|
||||||
|
warn!("vault probe cleanup failed for key '{probe_key}': {cleanup_err}");
|
||||||
|
}
|
||||||
bail!("vault read probe returned an unexpected value");
|
bail!("vault read probe returned an unexpected value");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+19
-1
@@ -13,7 +13,7 @@ use gman::providers::one_password::OnePasswordProvider;
|
|||||||
use indoc::formatdoc;
|
use indoc::formatdoc;
|
||||||
use inquire::validator::Validation;
|
use inquire::validator::Validation;
|
||||||
use inquire::{Confirm, Password, PasswordDisplayMode, Select, Text, min_length, required};
|
use inquire::{Confirm, Password, PasswordDisplayMode, Select, Text, min_length, required};
|
||||||
use std::path::PathBuf;
|
use std::path::{Path, PathBuf};
|
||||||
use std::process::Command;
|
use std::process::Command;
|
||||||
|
|
||||||
pub fn ensure_password_file_initialized(local_provider: &mut LocalProvider) -> Result<()> {
|
pub fn ensure_password_file_initialized(local_provider: &mut LocalProvider) -> Result<()> {
|
||||||
@@ -91,6 +91,7 @@ pub fn create_vault_password_file(vault: &mut Vault) -> Result<()> {
|
|||||||
match password {
|
match password {
|
||||||
Ok(pw) => {
|
Ok(pw) => {
|
||||||
std::fs::write(&vault_password_file, pw.as_bytes())?;
|
std::fs::write(&vault_password_file, pw.as_bytes())?;
|
||||||
|
set_password_file_permissions(&vault_password_file)?;
|
||||||
println!(
|
println!(
|
||||||
"✓ Password file '{}' updated.",
|
"✓ Password file '{}' updated.",
|
||||||
vault_password_file.display()
|
vault_password_file.display()
|
||||||
@@ -162,6 +163,7 @@ pub fn create_vault_password_file(vault: &mut Vault) -> Result<()> {
|
|||||||
match password {
|
match password {
|
||||||
Ok(pw) => {
|
Ok(pw) => {
|
||||||
std::fs::write(&password_file, pw.as_bytes())?;
|
std::fs::write(&password_file, pw.as_bytes())?;
|
||||||
|
set_password_file_permissions(&password_file)?;
|
||||||
local_provider.password_file = Some(password_file);
|
local_provider.password_file = Some(password_file);
|
||||||
println!(
|
println!(
|
||||||
"✓ Password file '{}' created.",
|
"✓ Password file '{}' created.",
|
||||||
@@ -406,3 +408,19 @@ pub fn interpolate_secrets(content: &str, vault: &Vault) -> Result<(String, Vec<
|
|||||||
|
|
||||||
Ok((parsed_content, missing_secrets))
|
Ok((parsed_content, missing_secrets))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(unix)]
|
||||||
|
fn set_password_file_permissions(path: &Path) -> Result<()> {
|
||||||
|
use std::os::unix::fs::PermissionsExt;
|
||||||
|
std::fs::set_permissions(path, std::fs::Permissions::from_mode(0o600)).map_err(|e| {
|
||||||
|
anyhow!(
|
||||||
|
"Failed to set 0600 permissions on '{}': {e}",
|
||||||
|
path.display()
|
||||||
|
)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg(not(unix))]
|
||||||
|
fn set_password_file_permissions(_path: &Path) -> Result<()> {
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user