mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-25 00:51:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
hermes-agent/tools
History
Exact
teknium1 603a68b918
fix(acp): isolate per-session approval callback via ContextVar 
Concurrent ACP sessions in one Hermes process previously shared
tools.terminal_tool._approval_callback as a module-global, so session B
overwriting the slot could route session A's dangerous-command prompt
through B's callback (and vice versa). Within a single OS user this was
UX confusion rather than a cross-principal boundary break, but the
shared state is genuine concurrency sloppiness worth fixing.

Store the callback (and the sibling sudo password callback) in
ContextVars. Each asyncio task gets its own copy, so per-session
set_approval_callback calls no longer stomp on each other. ACP's prompt
handler now wraps loop.run_in_executor in contextvars.copy_context().run
so the per-session callback survives the hop into the worker thread —
asyncio does not propagate contextvars across the executor boundary on
its own, and this was verified empirically.

Regression tests reproduce the original primitive (two overlapping
sessions, each asserts it observes its own callback) and document the
run_in_executor contextvar contract the ACP fix relies on.

Reported by @xeloxa in GHSA-qg5c-hvr5-hjgr.
2026-04-21 03:30:19 -07:00
..
browser_providers feat: ungate Tool Gateway — subscription-based access with per-tool opt-in 2026-04-16 12:36:49 -07:00
environments feat(skills+terminal): make bundled skill scripts runnable out of the box (#13384) 2026-04-21 00:39:19 -07:00
neutts_samples refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow 2026-03-17 02:33:12 -07:00
__init__.py Merge branch 'main' into rewbs/tool-use-charge-to-subscription 2026-03-31 08:48:54 +09:00
ansi_strip.py fix: strip ANSI at the source — clean terminal output before it reaches the model 2026-03-23 07:43:12 -07:00
approval.py feat: configurable approval mode for cron jobs (approvals.cron_mode) 2026-04-18 19:24:35 -07:00
binary_extensions.py fix(tools): address PR review — remove _extract_raw_output, BudgetConfig everywhere, read_file hardening 2026-04-08 02:24:32 -07:00
browser_camofox.py refactor: remove remaining redundant local imports (comprehensive sweep) 2026-04-21 00:50:58 -07:00
browser_camofox_state.py feat(browser): add persistent Camofox sessions and VNC URL discovery (salvage #4400) (#4419) 2026-04-01 04:18:50 -07:00
browser_cdp_tool.py feat(browser): add browser_cdp raw DevTools Protocol passthrough (#12369) 2026-04-19 00:03:10 -07:00
browser_tool.py refactor: remove redundant local imports already available at module level 2026-04-21 00:50:58 -07:00
budget_config.py fix: preserve existing thresholds, remove pre-read byte guard 2026-04-08 02:24:32 -07:00
checkpoint_manager.py refactor: remove redundant local imports already available at module level 2026-04-21 00:50:58 -07:00
clarify_tool.py refactor: add tool_error/tool_result helpers + read_raw_config, migrate 129 callsites 2026-04-07 13:36:38 -07:00
code_execution_tool.py feat(execute_code): add project/strict execution modes, default to project (#11971) 2026-04-18 01:46:25 -07:00
credential_files.py refactor: extract shared helpers to deduplicate repeated code patterns (#7917) 2026-04-11 13:59:52 -07:00
cronjob_tools.py fix: replace hardcoded ~/.hermes with display_hermes_home() in agent-facing text (#10285) 2026-04-15 04:57:55 -07:00
debug_helpers.py refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821) 2026-04-07 10:25:31 -07:00
delegate_tool.py fix: sweep remaining provider-URL substring checks across codebase 2026-04-20 22:14:29 -07:00
discord_tool.py feat: add Discord server introspection and management tool (#4753) 2026-04-19 11:52:19 -07:00
env_passthrough.py refactor: remove dead code — 1,784 lines across 77 files (#9180) 2026-04-13 16:32:04 -07:00
feishu_doc_tool.py fix(feishu-comment): use get_hermes_home(); drop dead asyncio wrapper; AUTHOR_MAP 2026-04-17 19:04:11 -07:00
feishu_drive_tool.py fix(feishu-comment): use get_hermes_home(); drop dead asyncio wrapper; AUTHOR_MAP 2026-04-17 19:04:11 -07:00
file_operations.py fix(patch): gate 'did you mean?' to no-match + extend to v4a/skill_manage 2026-04-21 02:03:46 -07:00
file_tools.py fix(patch): gate 'did you mean?' to no-match + extend to v4a/skill_manage 2026-04-21 02:03:46 -07:00
fuzzy_match.py fix(patch): gate 'did you mean?' to no-match + extend to v4a/skill_manage 2026-04-21 02:03:46 -07:00
homeassistant_tool.py fix: clean up description escaping, add string-data tests 2026-04-13 04:45:07 -07:00
image_generation_tool.py fix(fal): extend whitespace-only FAL_KEY handling to all call sites 2026-04-21 02:04:21 -07:00
interrupt.py fix(interrupt): propagate to concurrent-tool workers + opt-in debug trace (#11907) 2026-04-17 20:39:25 -07:00
managed_tool_gateway.py fix(tools): add debug logging for token refresh and tighten domain check 2026-04-02 12:40:03 +11:00
mcp_oauth.py fix(mcp-oauth): bidirectional auth_flow bridge + absolute expires_at (salvage #12025) (#12717) 2026-04-19 16:31:07 -07:00
mcp_oauth_manager.py fix(mcp-oauth): bidirectional auth_flow bridge + absolute expires_at (salvage #12025) (#12717) 2026-04-19 16:31:07 -07:00
mcp_tool.py refactor: remove redundant local imports already available at module level 2026-04-21 00:50:58 -07:00
memory_tool.py fix: nest msvcrt import inside fcntl except block 2026-04-14 10:18:05 -07:00
mixture_of_agents_tool.py refactor: remove dead code — 1,784 lines across 77 files (#9180) 2026-04-13 16:32:04 -07:00
neutts_synth.py fix(tts): document NeuTTS provider and align install guidance (#1903) 2026-03-18 02:55:30 -07:00
openrouter_client.py refactor: route ad-hoc LLM consumers through centralized provider router 2026-03-11 20:02:36 -07:00
osv_check.py feat: OSV malware check for MCP extension packages (#5305) 2026-04-05 12:46:07 -07:00
patch_parser.py fix(patch): gate 'did you mean?' to no-match + extend to v4a/skill_manage 2026-04-21 02:03:46 -07:00
path_security.py refactor: extract shared helpers to deduplicate repeated code patterns (#7917) 2026-04-11 13:59:52 -07:00
process_registry.py refactor: remove redundant local imports already available at module level 2026-04-21 00:50:58 -07:00
registry.py fix: tighten AST check to module-level only 2026-04-14 21:12:29 -07:00
rl_training_tool.py refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821) 2026-04-07 10:25:31 -07:00
send_message_tool.py refactor: remove remaining redundant local imports (comprehensive sweep) 2026-04-21 00:50:58 -07:00
session_search_tool.py fix(aux): add session_search extra_body and concurrency controls 2026-04-20 00:47:39 -07:00
skill_manager_tool.py fix(patch): gate 'did you mean?' to no-match + extend to v4a/skill_manage 2026-04-21 02:03:46 -07:00
skills_guard.py refactor: remove dead code — 1,784 lines across 77 files (#9180) 2026-04-13 16:32:04 -07:00
skills_hub.py feat(skills): centralized skills index — eliminate GitHub API calls for search/install 2026-04-12 16:39:04 -07:00
skills_sync.py feat(skills): add 'hermes skills reset' to un-stick bundled skills (#11468) 2026-04-17 00:41:31 -07:00
skills_tool.py refactor: remove remaining redundant local imports (comprehensive sweep) 2026-04-21 00:50:58 -07:00
terminal_tool.py fix(acp): isolate per-session approval callback via ContextVar 2026-04-21 03:30:19 -07:00
tirith_security.py fix: handle cross-device shutil.move failure in tirith auto-install (#10127) (#10524) 2026-04-15 14:50:07 -07:00
todo_tool.py fix(tools): enforce ID uniqueness in TODO store during replace operations 2026-04-11 16:22:50 -07:00
tool_backend_helpers.py fix(fal): extend whitespace-only FAL_KEY handling to all call sites 2026-04-21 02:04:21 -07:00
tool_result_storage.py fix(tools): neutralize shell injection in _write_to_sandbox via path quoting (#7940) 2026-04-11 14:26:11 -07:00
transcription_tools.py fix(stt): map cloud-only model names to valid local size for faster-whisper (#2544) 2026-04-20 05:18:48 -07:00
tts_tool.py feat(tts): complete KittenTTS integration (tools/setup/docs/tests) 2026-04-21 01:28:32 -07:00
url_safety.py fix: allow trusted QQ CDN benchmark IP resolution 2026-04-17 04:22:40 -07:00
vision_tools.py fix: vision tool respects auxiliary.vision.temperature from config (#4661) 2026-04-20 00:32:09 -07:00
voice_mode.py fix: point optional-dep install hints at the venv's python (#11938) 2026-04-17 21:16:33 -07:00
web_tools.py feat: ungate Tool Gateway — subscription-based access with per-tool opt-in 2026-04-16 12:36:49 -07:00
website_policy.py refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821) 2026-04-07 10:25:31 -07:00
xai_http.py feat(xai): upgrade to Responses API, add TTS provider 2026-04-16 02:24:08 -07:00