API breakage checks (Griffe)

Result: Failed

============================================================
Checking openhands-sdk (openhands.sdk)
============================================================
Comparing openhands-sdk 1.11.5 against 1.11.4
::notice title=openhands-sdk API::Ignoring Field metadata-only change (non-breaking): load_public_skills
::notice title=openhands-sdk API::Ignoring Field metadata-only change (non-breaking): temperature
::warning file=openhands-sdk/openhands/sdk/llm/llm.py,line=196,title=LLM.top_p::Attribute value was changed: `Field(default=1.0, ge=0, le=1)` -> `Field(default=None, ge=0, le=1, description='Nucleus sampling parameter. Defaults to None (uses provider default). Set to a value between 0 and 1 to control diversity of outputs.')`
::error title=SemVer::Breaking changes detected (1); require at least minor version bump from 1.11.x, but new is 1.11.5

============================================================
Checking openhands-workspace (openhands.workspace)
============================

Action log

@OpenHands take a look at the review comments and responses, implement the suggested changes

I'm on it! csmith49 can track my progress at all-hands.dev

Summary

I've successfully addressed all the review feedback on PR #2204. The changes have already been pushed to the api-compliance-monitor branch (commit b9a79107).

Changes Made

1. ComplianceState in base.py: Converted all_tool_call_ids from a redundant field to a computed @property that derives from set(pending_tool_call_ids) | completed_tool_call_ids

2. ToolResultOrderProperty in properties.py: Simplified three redundant membership checks to a single event.tool_call_id not in state.all_tool_call_ids check

3. InterleavedMessageProperty in properties.py: Removed the now-unnecessary state.all_tool_call_ids.add() call since the field no longer exists

4. add_event() in state.py: Updated docstring to clearly document that this is the only supported way to add events and direct mutation bypasses compliance monitoring

Verification

• ✅ All pre-commit checks pass (ruff, pyright, etc.)
• ✅ All 33 compliance tests pass
• ✅ Changes pushed to remote branch
• ✅ All 4 review threads resolved with commit references

@OpenHands please address the current round of unresolved comment

I'm on it! csmith49 can track my progress at all-hands.dev

Summary

I've successfully addressed all 4 unresolved review comments on PR #2204. The changes have been pushed to the api-compliance-monitor branch (commit 28d034db) and all review threads have been resolved.

Changes Made

Checklist

• ✅ All 4 review comments addressed
• ✅ Tests updated to match new design (32 tests pass)
• ✅ Pre-commit checks pass
• ✅ Changes pushed to remote
• ✅ All review threads resolved with explanatory comments

@OpenHands Address the two error handling comments by implementing the suggestions.

I'm on it! csmith49 can track my progress at all-hands.dev

Agent server REST API breakage checks (OpenAPI)

Result: Passed

Action log

Summary

I addressed the two error handling review comments on PR #2204. The changes have already been pushed to the api-compliance-monitor branch (commit ce3213b9).

Checklist

Files Modified

1. openhands-sdk/openhands/sdk/conversation/state.py - Added try-except around compliance monitor call
2. openhands-sdk/openhands/sdk/conversation/compliance/monitor.py - Added try-except in check_event() and update_state()
3. tests/sdk/conversation/compliance/test_monitor.py - Added new test for buggy property handling

All changes are concise and directly address the two error handling review comments. No extraneous changes were made.

@OpenHands Please read the review comment threads and address the documentation mismatches, as well as the type of the events property.

I'm on it! csmith49 can track my progress at all-hands.dev

Final Summary

I've successfully addressed the review comments on PR #2204. The changes have been pushed to the api-compliance-monitor branch (commit d816d440).

Checklist

✅ Fixed documentation mismatch in compliance/__init__.py: Removed garbled/duplicate text from the module docstring. It now clearly states that violations are "logged and rejected."

✅ Changed events property type in state.py: Changed return type from EventLog to Sequence[Event] to discourage direct mutation, with a docstring directing users to add_event().

✅ Resolved both unresolved review threads via GitHub GraphQL API

✅ All 45 compliance tests pass

✅ Pre-commit hooks pass (ruff lint, pyright)

Changes Made

• openhands-sdk/openhands/sdk/conversation/compliance/__init__.py - Fixed docstring
• openhands-sdk/openhands/sdk/conversation/state.py - Changed events property return type and added docstring

The changes are minimal and focused solely on addressing the review feedback.

@OpenHands Do a /codereview-roasted on this PR. Understand its goal first.

Publish your review here in the PR so we can see it.

I'm on it! enyst can track my progress at all-hands.dev

Renewed review (second pass, fresh eyes)

I re-read my own review + the diff with a calmer head. Some points stay “must fix”, a couple should be downgraded to “design tradeoff / clarify intent”, and I also missed one real consistency hole in the callback pipeline.

Recalibration: what’s actually major?

Still CRITICAL (I wouldn’t ship reject-mode without these)

1. Resume/restart correctness: monitor state not reconstructible from the event log

• Where: openhands-sdk/openhands/sdk/conversation/state.py resume path (~318–353) + .../conversation/compliance/monitor.py
• Why it’s still major: This is the classic “works in the happy path, breaks on restart” bug. A persisted conversation can be mid-tool-call when the process dies. After restart, a correct tool result can get rejected as “unknown tool_call_id” simply because the monitor forgot history.
• Bottom line: If the compliance logic depends on prior events, it must be derivable from the durable structure (the event log). Otherwise it’s not monitoring; it’s roulette.

2. ConversationState.add_event() returning False is currently too easy to ignore → state inconsistency + silent stalls

• Where: .../conversation/impl/local_conversation.py default callback (181–197)
• Why it’s still major: The default callback doesn’t check the bool and still mutates last_user_message_id. That’s an actual inconsistency: derived state can reference an event that wasn’t persisted.
• Even worse: if events get rejected and the rest of the system proceeds as if they happened, you’re going to get “pending forever” tool calls or agents stuck waiting for observations.

3. Exception policy is inconsistent (doc says fail-closed; behavior is effectively fail-open)

• Where: .../conversation/compliance/monitor.py catches check exceptions and returns []; ConversationState.add_event() rejects only if process_event() raises.
• Severity: Still major, but it might be “docs/tests are wrong” rather than “code is wrong”. Pick a policy and align:
  • If you want fail-open: document it as fail-open and consider disabling the monitor after repeated internal errors.
  • If you want fail-closed: treat a check exception as a violation (or raise) so add_event() can reject.

New CRITICAL issue I missed in the first pass

4. Rejection happens after other callbacks run → side effects / UI can observe events that are not in the log

• Where: callback composition in LocalConversation.__init__ and BaseConversation.compose_callbacks().
  • Visualizer callbacks are prepended (composed_list = [viz.on_event] + composed_list).
  • compose_callbacks() doesn’t support short-circuiting; it calls every callback unconditionally.
• Why it matters: With “reject” semantics, you’ve introduced a split-brain:
  • downstream consumers (visualizer, user callbacks, hooks, etc.) can react to an event
  • but the canonical conversation history never contains it.

If the intent is “rejected events still exist as transient signals but are not persisted”, that needs to be explicit and tested. If the intent is “rejected events should not be observable anywhere”, the compliance check must happen before callback fan-out.

Items I’d downgrade (still worth addressing, but not blockers by themselves)

• Out-of-order observation poisoning the conversation

  • I still think “rejecting a result that arrived early” can cause a permanent pending state. But on a second read: if this system assumes “Observation before Action” is always corruption (pattern a08), rejecting may be an acceptable hard stop.
  • Actionable ask: clarify whether the runtime ever expects out-of-order delivery. If yes → need buffering/reconciliation. If no → document that rejecting is intentional and that callers must handle False return.

• Unbounded growth of completed_tool_call_ids

  • Real, but probably acceptable until proven otherwise. Still worth a comment in code (or a bound) because this is exactly the kind of “long-lived conversation eats memory” footgun.

• Typing surface / “read-only events”

  • ConversationState.events is called “read-only” but returns EventsListBase, which includes append(). This is more a “doc doesn’t match interface” issue than a functional break.

Additional “might bite later” gap

• Action events are always allowed (monitor.py line ~63).
  • For the current 8 patterns, that matches what you test.
  • But if you ever want to enforce “no new assistant message with tool calls before all results”, you’ll likely need to use llm_response_id to distinguish “parallel tool calls from one response” vs “a second assistant response while pending”. Right now the monitor can’t tell.

Updated verdict

Still 🔴 needs improvement. The core idea (pre-ingest checking) is fine, but “reject mode” isn’t robust until:

• the monitor is reconstructible on resume,
• callers can’t accidentally ignore rejections,
• exception semantics are consistent,
• and the callback pipeline can’t observe events that the log rejects (or you explicitly define that as intended).

[Automatic Post]: It has been a while since there was any activity on this PR. @csmith49, are you still working on it? If so, please go ahead, if not then please request review, close it, or request that someone else follow up.