mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-09 08:21:50 +00:00
5a3092b601
* fix(desktop): scope in-session /model switch per-session, stop process-env leak The desktop/dashboard tui_gateway backend hosts every same-profile session in ONE process. An in-session /model switch wrote process-global env vars (HERMES_MODEL / HERMES_INFERENCE_MODEL / HERMES_TUI_PROVIDER / HERMES_INFERENCE_PROVIDER), which _resolve_startup_runtime() reads when building a fresh agent. So switching the model in one session leaked into every other live session's next agent rebuild (/new, resume) — changing the model in session B silently changed it in session A. Fix: record the switch as a per-session model_override on the session dict instead of mutating os.environ. _make_agent honors that override on rebuild (carrying the concrete base_url/api_key/api_mode the switch resolved), and falls back to global config when absent. Global persistence on the --global flag is unchanged. Also a cleaner fix for #16857 (/new after switching to a custom-provider model): the override carries the resolved credentials, so the rebuild keeps the right endpoint without relying on the leaky env vars. Reported via Twitter (@Da7_Tech): MiniMax M3 in one session + GLM 5.1 in another interfere when switching between them. * test(tui_gateway): align /model switch tests with per-session override contract The three test_config_set_model_syncs_* tests asserted the old leaky contract (switch writes HERMES_MODEL / HERMES_TUI_PROVIDER / HERMES_INFERENCE_PROVIDER to process env). That env-sync IS the cross-session contamination bug this PR removes. Updated to assert the new contract: shared process env untouched, the switch recorded as a per-session model_override carrying provider/model/base_url/ api_key/api_mode. #16857's intent (a custom-provider switch survives /new) is still covered — now via the override _make_agent honors on rebuild.
372 lines
13 KiB
Python
372 lines
13 KiB
Python
"""Regression test for #11884: _make_agent must resolve runtime provider.
|
|
|
|
Without resolve_runtime_provider(), bare-slug models in config
|
|
(e.g. ``claude-opus-4-6`` with ``model.provider: anthropic``) leave
|
|
provider/base_url/api_key empty in AIAgent, causing HTTP 404.
|
|
"""
|
|
|
|
import os
|
|
from unittest.mock import MagicMock, patch
|
|
|
|
|
|
def test_make_agent_passes_resolved_provider():
|
|
"""_make_agent forwards provider/base_url/api_key/api_mode from
|
|
resolve_runtime_provider to AIAgent."""
|
|
|
|
fake_runtime = {
|
|
"provider": "anthropic",
|
|
"base_url": "https://api.anthropic.com",
|
|
"api_key": "sk-test-key",
|
|
"api_mode": "anthropic_messages",
|
|
"command": None,
|
|
"args": None,
|
|
"credential_pool": None,
|
|
}
|
|
|
|
fake_cfg = {
|
|
"model": {"default": "claude-opus-4-6", "provider": "anthropic"},
|
|
"agent": {"system_prompt": "test"},
|
|
}
|
|
|
|
with (
|
|
patch("tui_gateway.server._load_cfg", return_value=fake_cfg),
|
|
patch("tui_gateway.server._get_db", return_value=MagicMock()),
|
|
patch("tui_gateway.server._load_tool_progress_mode", return_value="compact"),
|
|
patch("tui_gateway.server._load_reasoning_config", return_value=None),
|
|
patch("tui_gateway.server._load_service_tier", return_value=None),
|
|
patch("tui_gateway.server._load_enabled_toolsets", return_value=None),
|
|
patch(
|
|
"hermes_cli.runtime_provider.resolve_runtime_provider",
|
|
return_value=fake_runtime,
|
|
) as mock_resolve,
|
|
patch("run_agent.AIAgent") as mock_agent,
|
|
):
|
|
|
|
from tui_gateway.server import _make_agent
|
|
|
|
_make_agent("sid-1", "key-1")
|
|
|
|
# target_model comes from _resolve_startup_runtime() which reads
|
|
# _load_cfg(). Due to module-level caching in tui_gateway.server,
|
|
# the patched config may not take effect when the module was already
|
|
# imported by an earlier test. Assert the stable part of the call.
|
|
mock_resolve.assert_called_once()
|
|
assert mock_resolve.call_args.kwargs.get("requested") is None
|
|
|
|
call_kwargs = mock_agent.call_args
|
|
assert call_kwargs.kwargs["provider"] == "anthropic"
|
|
assert call_kwargs.kwargs["base_url"] == "https://api.anthropic.com"
|
|
assert call_kwargs.kwargs["api_key"] == "sk-test-key"
|
|
assert call_kwargs.kwargs["api_mode"] == "anthropic_messages"
|
|
|
|
|
|
def test_make_agent_ignores_display_personality_without_system_prompt():
|
|
"""The TUI matches the classic CLI: personality only becomes active once
|
|
it has been saved to agent.system_prompt."""
|
|
|
|
fake_runtime = {
|
|
"provider": "openrouter",
|
|
"base_url": "https://api.synthetic.new/v1",
|
|
"api_key": "sk-test",
|
|
"api_mode": "chat_completions",
|
|
"command": None,
|
|
"args": None,
|
|
"credential_pool": None,
|
|
}
|
|
fake_cfg = {
|
|
"agent": {
|
|
"system_prompt": "",
|
|
"personalities": {"kawaii": "sparkle system prompt"},
|
|
},
|
|
"display": {"personality": "kawaii"},
|
|
"model": {"default": "glm-5"},
|
|
}
|
|
|
|
with (
|
|
patch("tui_gateway.server._load_cfg", return_value=fake_cfg),
|
|
patch("tui_gateway.server._get_db", return_value=MagicMock()),
|
|
patch(
|
|
"hermes_cli.runtime_provider.resolve_runtime_provider",
|
|
return_value=fake_runtime,
|
|
),
|
|
patch("run_agent.AIAgent") as mock_agent,
|
|
):
|
|
from tui_gateway.server import _make_agent
|
|
|
|
_make_agent("sid-default-personality", "key-default-personality")
|
|
|
|
assert mock_agent.call_args.kwargs["ephemeral_system_prompt"] is None
|
|
|
|
|
|
def test_make_agent_honors_tui_launch_env_flags():
|
|
fake_runtime = {
|
|
"provider": "openrouter",
|
|
"base_url": "https://api.synthetic.new/v1",
|
|
"api_key": "sk-test",
|
|
"api_mode": "chat_completions",
|
|
"command": None,
|
|
"args": None,
|
|
"credential_pool": None,
|
|
}
|
|
fake_cfg = {"agent": {"system_prompt": ""}, "model": {"default": "glm-5"}}
|
|
|
|
with (
|
|
patch.dict(
|
|
os.environ,
|
|
{
|
|
"HERMES_TUI_MAX_TURNS": "7",
|
|
"HERMES_TUI_CHECKPOINTS": "1",
|
|
"HERMES_TUI_PASS_SESSION_ID": "1",
|
|
"HERMES_IGNORE_RULES": "1",
|
|
},
|
|
),
|
|
patch("tui_gateway.server._load_cfg", return_value=fake_cfg),
|
|
patch("tui_gateway.server._get_db", return_value=MagicMock()),
|
|
patch(
|
|
"hermes_cli.runtime_provider.resolve_runtime_provider",
|
|
return_value=fake_runtime,
|
|
),
|
|
patch("run_agent.AIAgent") as mock_agent,
|
|
):
|
|
from tui_gateway.server import _make_agent
|
|
|
|
_make_agent("sid-env", "key-env")
|
|
|
|
kwargs = mock_agent.call_args.kwargs
|
|
assert kwargs["max_iterations"] == 7
|
|
assert kwargs["checkpoints_enabled"] is True
|
|
assert kwargs["pass_session_id"] is True
|
|
assert kwargs["skip_context_files"] is True
|
|
assert kwargs["skip_memory"] is True
|
|
|
|
|
|
def test_probe_config_health_flags_null_sections():
|
|
"""Bare YAML keys (`agent:` with no value) parse as None and silently
|
|
drop nested settings; probe must surface them so users can fix."""
|
|
from tui_gateway.server import _probe_config_health
|
|
|
|
assert _probe_config_health({"agent": {"x": 1}}) == ""
|
|
assert _probe_config_health({}) == ""
|
|
|
|
msg = _probe_config_health({"agent": None, "display": None, "model": {}})
|
|
assert "agent" in msg and "display" in msg
|
|
assert "model" not in msg
|
|
|
|
|
|
def test_probe_config_health_flags_null_personalities_with_active_personality():
|
|
from tui_gateway.server import _probe_config_health
|
|
|
|
msg = _probe_config_health(
|
|
{
|
|
"agent": {"personalities": None},
|
|
"display": {"personality": "kawaii"},
|
|
"model": {},
|
|
}
|
|
)
|
|
assert "display.personality" in msg
|
|
assert "agent.personalities" in msg
|
|
|
|
|
|
def test_make_agent_tolerates_null_config_sections():
|
|
"""Bare `agent:` / `display:` keys in ~/.hermes/config.yaml parse as
|
|
None. cfg.get("agent", {}) returns None (default only fires on missing
|
|
key), so downstream .get() chains must be guarded. Reported via Twitter
|
|
against the new TUI."""
|
|
|
|
fake_runtime = {
|
|
"provider": "openrouter",
|
|
"base_url": "https://api.synthetic.new/v1",
|
|
"api_key": "sk-test",
|
|
"api_mode": "chat_completions",
|
|
"command": None,
|
|
"args": None,
|
|
"credential_pool": None,
|
|
}
|
|
null_cfg = {"agent": None, "display": None, "model": {"default": "glm-5"}}
|
|
|
|
with (
|
|
patch("tui_gateway.server._load_cfg", return_value=null_cfg),
|
|
patch("tui_gateway.server._get_db", return_value=MagicMock()),
|
|
patch(
|
|
"hermes_cli.runtime_provider.resolve_runtime_provider",
|
|
return_value=fake_runtime,
|
|
),
|
|
patch("run_agent.AIAgent") as mock_agent,
|
|
):
|
|
|
|
from tui_gateway.server import _make_agent
|
|
|
|
_make_agent("sid-null", "key-null")
|
|
|
|
assert mock_agent.called
|
|
|
|
|
|
def test_make_agent_tolerates_null_personalities_with_active_personality():
|
|
fake_runtime = {
|
|
"provider": "openrouter",
|
|
"base_url": "https://api.synthetic.new/v1",
|
|
"api_key": "sk-test",
|
|
"api_mode": "chat_completions",
|
|
"command": None,
|
|
"args": None,
|
|
"credential_pool": None,
|
|
}
|
|
cfg = {
|
|
"agent": {"personalities": None},
|
|
"display": {"personality": "kawaii"},
|
|
"model": {"default": "glm-5"},
|
|
}
|
|
|
|
with (
|
|
patch("tui_gateway.server._load_cfg", return_value=cfg),
|
|
patch("tui_gateway.server._get_db", return_value=MagicMock()),
|
|
patch("cli.load_cli_config", return_value={"agent": {"personalities": None}}),
|
|
patch(
|
|
"hermes_cli.runtime_provider.resolve_runtime_provider",
|
|
return_value=fake_runtime,
|
|
),
|
|
patch("run_agent.AIAgent") as mock_agent,
|
|
):
|
|
from tui_gateway.server import _make_agent
|
|
|
|
_make_agent("sid-null-personality", "key-null-personality")
|
|
|
|
assert mock_agent.called
|
|
assert mock_agent.call_args.kwargs["ephemeral_system_prompt"] is None
|
|
|
|
|
|
def test_make_agent_honors_per_session_model_override():
|
|
"""Regression for cross-session model contamination: a per-session
|
|
``model_override`` (set by an in-session /model switch) must drive the
|
|
rebuilt agent's model/provider/base_url, NOT global config — and without
|
|
reading process-global env vars that a sibling session may have changed.
|
|
"""
|
|
|
|
# resolve_runtime_provider echoes the requested provider so we can prove
|
|
# the override's provider (not the global default) was passed through.
|
|
def echo_runtime(requested=None, target_model=None):
|
|
return {
|
|
"provider": requested or "GLOBAL_DEFAULT",
|
|
"base_url": "global-url",
|
|
"api_key": "global-key",
|
|
"api_mode": "chat_completions",
|
|
"command": None,
|
|
"args": None,
|
|
"credential_pool": None,
|
|
}
|
|
|
|
fake_cfg = {
|
|
"agent": {"system_prompt": ""},
|
|
"model": {"default": "global/model", "provider": "globalprov"},
|
|
}
|
|
|
|
override = {
|
|
"model": "zai/glm-5.1",
|
|
"provider": "zai",
|
|
"base_url": "https://api.z.ai/v1",
|
|
"api_key": "sk-glm",
|
|
"api_mode": "chat_completions",
|
|
}
|
|
|
|
with (
|
|
# Ensure no leaked env biases _resolve_startup_runtime (it must not even
|
|
# be consulted when an override is present).
|
|
patch.dict(os.environ, {}, clear=False),
|
|
patch("tui_gateway.server._load_cfg", return_value=fake_cfg),
|
|
patch("tui_gateway.server._get_db", return_value=MagicMock()),
|
|
patch("tui_gateway.server._load_reasoning_config", return_value=None),
|
|
patch("tui_gateway.server._load_service_tier", return_value=None),
|
|
patch("tui_gateway.server._load_enabled_toolsets", return_value=None),
|
|
patch(
|
|
"hermes_cli.runtime_provider.resolve_runtime_provider",
|
|
side_effect=echo_runtime,
|
|
),
|
|
patch("run_agent.AIAgent") as mock_agent,
|
|
):
|
|
for var in (
|
|
"HERMES_MODEL",
|
|
"HERMES_INFERENCE_MODEL",
|
|
"HERMES_TUI_PROVIDER",
|
|
"HERMES_INFERENCE_PROVIDER",
|
|
):
|
|
os.environ.pop(var, None)
|
|
|
|
from tui_gateway.server import _make_agent
|
|
|
|
_make_agent(
|
|
"sid-override", "key-override", model_override=override
|
|
)
|
|
|
|
kwargs = mock_agent.call_args.kwargs
|
|
assert kwargs["model"] == "zai/glm-5.1"
|
|
assert kwargs["provider"] == "zai"
|
|
# Concrete credentials from the switch survive the rebuild.
|
|
assert kwargs["base_url"] == "https://api.z.ai/v1"
|
|
assert kwargs["api_key"] == "sk-glm"
|
|
|
|
|
|
def test_apply_model_switch_does_not_leak_process_env():
|
|
"""Core fix for cross-session contamination: an in-session /model switch
|
|
must mutate only the target session (record a per-session override + switch
|
|
that session's agent in place) and must NOT write process-global env vars,
|
|
which the single-process desktop backend shares across every live session.
|
|
"""
|
|
from tui_gateway import server
|
|
|
|
class _FakeResult:
|
|
success = True
|
|
error_message = ""
|
|
warning_message = ""
|
|
new_model = "zai/glm-5.1"
|
|
target_provider = "zai"
|
|
base_url = "https://api.z.ai/v1"
|
|
api_key = "sk-glm"
|
|
api_mode = "chat_completions"
|
|
|
|
class _FakeAgent:
|
|
def __init__(self):
|
|
self.model = "minimax/m3"
|
|
self.provider = "minimax"
|
|
self.base_url = ""
|
|
self.api_key = ""
|
|
|
|
def switch_model(self, **kw):
|
|
self.model = kw["new_model"]
|
|
self.provider = kw["new_provider"]
|
|
|
|
env_keys = (
|
|
"HERMES_MODEL",
|
|
"HERMES_INFERENCE_MODEL",
|
|
"HERMES_TUI_PROVIDER",
|
|
"HERMES_INFERENCE_PROVIDER",
|
|
)
|
|
|
|
sess_b = {"agent": _FakeAgent(), "session_key": "k-B", "model_override": None}
|
|
sess_a = {"agent": _FakeAgent(), "session_key": "k-A", "model_override": None}
|
|
|
|
with (
|
|
patch("hermes_cli.model_switch.parse_model_flags",
|
|
return_value=("glm-5.1", None, False, False)),
|
|
patch("hermes_cli.model_switch.switch_model", return_value=_FakeResult()),
|
|
patch("tui_gateway.server._emit"),
|
|
patch("tui_gateway.server._restart_slash_worker"),
|
|
patch("tui_gateway.server._session_info", return_value={}),
|
|
patch("tui_gateway.server._persist_model_switch") as mock_persist,
|
|
):
|
|
before = {k: os.environ.get(k) for k in env_keys}
|
|
result = server._apply_model_switch("sidB", sess_b, "glm-5.1")
|
|
after = {k: os.environ.get(k) for k in env_keys}
|
|
|
|
assert result["value"] == "zai/glm-5.1"
|
|
# No process-global env mutation (the contamination vector).
|
|
assert before == after
|
|
# persist_global was False → config untouched.
|
|
mock_persist.assert_not_called()
|
|
# Target session recorded a per-session override.
|
|
assert sess_b["model_override"]["model"] == "zai/glm-5.1"
|
|
assert sess_b["model_override"]["provider"] == "zai"
|
|
# The switched agent mutated in place.
|
|
assert sess_b["agent"].model == "zai/glm-5.1"
|
|
# Sibling session is completely untouched.
|
|
assert sess_a["model_override"] is None
|
|
assert sess_a["agent"].model == "minimax/m3"
|