Promote dev to main: session-finish credential scope fix#1276
Merged
Conversation
Co-authored-by: Cascade Bot <bot@cascade.dev>
* refactor(triggers): extract agent execution lifecycle * fix(ci): resolve production audit failure --------- Co-authored-by: Cascade Bot <bot@cascade.dev>
* test(triggers): pin trigger contract regressions * fix(triggers): replace mocked uniqueness check with real-implementation test Move the built-in trigger handler name uniqueness regression out of builtins.test.ts (which mocks listPMProviders() and every trigger module, making it incapable of catching real production duplicates) into a new builtins-uniqueness.test.ts that side-effect-imports the real Trello, JIRA, and Linear manifests and calls registerBuiltInTriggers with real handler instances. A duplicate name in any src/triggers/ handler or PM manifest will now fail CI. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Cascade Bot <bot@cascade.dev> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(triggers): add canonical events and result builders * fix(triggers): mirror prNumber into agentInput in buildGitHubPRDispatchResult The builder required `prNumber` but only wrote it to the top-level TriggerResult. The worker runs agents from `executionContext.agentInput`, and the existing safety net only mirrors `workItemId`, not `prNumber`. A migrated handler relying on the required option could therefore enqueue a PR agent with no `input.prNumber`, breaking PR context assembly and refs/pull checkout. Extend `buildAgentInput` to accept an optional `prNumber` and pass the option through so it is set in `agentInput` with the option value winning over any stale caller-supplied value (matching the work-item mirroring behaviour). Add tests covering both the injection-when-absent and the stale-value-override cases. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Cascade Bot <bot@cascade.dev> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
…1275) The cascade-tools session finish CLI extended raw oclif Command instead of CredentialScopedCommand, so the withGitHubToken AsyncLocalStorage scope was never established. When the primary PR sidecar was missing for any reason, validateFinish's secondary fallback findPRForCurrentBranch would call getClient() against an empty scope, throw "No GitHub client in scope", get silently swallowed by the catch in finish.ts, and the run would fail with "Cannot finish session without creating a PR" even when the PR existed on GitHub. Caught live on cascade run 06ec8a0a (PR #1274 was created but the run was marked failed). Switch Finish to extend CredentialScopedCommand so it inherits the same credential-scope wiring every other agent-facing CLI command uses. Add a regression test that exercises the real src/github/client.js module (only mocking the @octokit/rest constructor) so any future regression of the credential scope re-surfaces. The existing finish.test.ts gets the PM and GitHub credential scopes mocked as no-ops since the now-active credential chain would otherwise need the manifest registry bootstrapped. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Promotes the current
devtip tomain. Includes 5 commits ahead of main, headlined by:fix(session-finish): scope GitHub client so PR-lookup fallback works— fixes the prod failure on cascade run06ec8a0awhere the agent created PR feat(triggers): centralize trigger enablement checks #1274 but the run was wrongly marked failed becausecascade-tools session finishskipped thewithGitHubTokenAsyncLocalStorage scope, breaking the secondaryfindPRForCurrentBranchfallback whenever the primary sidecar evidence was missing. Once on main, subsequent codex implementation runs are robust to the intermittent sidecar miss.feat(triggers): add canonical events and result builderstest(triggers): pin trigger contract regressionsrefactor(triggers): extract agent execution lifecyclerefactor(triggers): extract agent work item linkingTest plan
6d80fd0d) is fully green: CI, Build and Deploy (Dev), Push on dev — all passed🤖 Generated with Claude Code