Files
agent-framework/python/packages
T
Evan Mattson 18e433fc6d Python: Validate approval responses against server-side pending request registry (#4548)
* Validate approval responses against server-side pending request registry

* improvements

* pin GHCP sdk version to non-breaking for now

* Pin CHCP sdk to LKG.

* really fix GHCP sdk pkg version

* Fix HITL approval validation security gaps and memory leak

- Validate rejected approval responses against pending_approvals registry,
  not just approved ones. Fabricated rejections without a prior request are
  now stripped from messages before reaching the LLM.
- Bound _pending_approvals with OrderedDict + LRU eviction (max 10k) to
  prevent unbounded memory growth from abandoned approval requests.
- Skip registration when function_call.name is None/empty; log warning
  when content.id or function_call is missing at registration time.
- Document pending_approvals parameter in run_agent_stream docstring.
- Add test for fabricated rejection attack scenario.
- Assert pending approval entry is preserved after function name mismatch.
- Pre-populate pending_approvals in rejection test for correct validation.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Apply pre-commit auto-fixes

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
18e433fc6d ยท 2026-03-11 23:21:29 +00:00
History
..
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00
2026-03-11 18:53:38 +00:00