continuous-intelligence/ci
2
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases 29 Wiki Activity

fix(P01): add Zod BackendResult validation and fix opencode silent success

Browse Source 
---ci---
project: ci
phase: 1
milestone: v0.8
status: in_progress
decisions:
  - id: D-022
    decision: Validate BackendResult at boundary with Zod schema
    rationale: External backend output is untrusted; runtime validation prevents corrupt commit streams
    confidence: 0.92
  - id: D-023
    decision: opencode parseResult returns success:false on malformed JSON
    rationale: Silent success:true on parse failure masks backend errors; fail loudly instead
    confidence: 0.95
requirements:
  covered: [FIX-02, FIX-03]
---/ci---

FIX-02: Add Zod BackendResultSchema and validateBackendResult() in
backends/types.ts. backendResultToAgentResult() in base.ts now validates
before passing through. Invalid results produce success:false with error
detail. Path traversal protection: artifact paths with '..' or leading '/'
are rejected.

FIX-03: opencode.ts parseResult() no longer defaults to success:true when
JSON parsing fails entirely. Both the inner parse error and the no-JSON
match case now return emptyBackendResult() with descriptive error messages.
This commit is contained in:
Jon Chery
2026-05-29 19:52:51 +00:00
parent 2306493a77
commit 5fb285cf46
3 changed files with 75 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/agents/base.ts
+13 -1
View File
@@ -1,4 +1,4 @@
import { IntelligenceBackend, BackendRequest, BackendResult, BackendUnavailableError, emptyBackendResult } from "../backends/types.js";
import { IntelligenceBackend, BackendRequest, BackendResult, BackendUnavailableError, emptyBackendResult, validateBackendResult } from "../backends/types.js";
import { AgentName, AutonomyLevel } from "../types/config.js";
export interface AgentResult {
@@ -21,6 +21,18 @@ export interface AgentContext {
}
export function backendResultToAgentResult(result: BackendResult): AgentResult {
const validation = validateBackendResult(result);
if (!validation.result) {
return {
success: false,
output: "",
artifacts_created: [],
decisions: 0,
escalations: 0,
duration_ms: 0,
error: `BackendResult validation failed: ${validation.errors.join("; ")}`,
};
}
return {
success: result.success,
output: result.output,