fix: harden auto-approval timeout cancellation with backend safeguards#11446
fix: harden auto-approval timeout cancellation with backend safeguards#114460xMink wants to merge 1 commit intoRooCodeInc:mainfrom
Conversation
When auto-approve is toggled off mid-countdown, the backend setTimeout could still fire and auto-commit a selection. PR RooCodeInc#11439 fixed the UI cleanup wiring; this hardens the backend independently. - webviewMessageHandler: cancel pending timeout when autoApprovalEnabled is toggled off - Task.ts: timeout callback re-checks autoApprovalEnabled and ask staleness before committing, with full try/catch to prevent unhandled rejections from the async callback - Added 4 backend regression tests covering explicit cancellation, defensive gate, superseded ask, and happy-path auto-select Closes RooCodeInc#11445
0xMink
requested review from
cte,
daniel-lxs,
hannesrudolph,
jr and
mrubens
as code owners
dosubot
bot
added
size:L
Reviewed all 3 changed files. The defensive gate logic and the hard-cancel on toggle-off are well-structured. All 4 new tests pass. One minor suggestion:
Mention @roomote in a comment to request specific changes to this pull request or fix all unresolved issues. |
![roomote[bot]](https://avatars.githubusercontent.com/in/1546624?s=60&v=4){kind=small}
| } catch { | ||
| // If anything fails (state read, approval fn, or response handling), | ||
| // do not auto-commit. | ||
| return | ||
| } |
There was a problem hiding this comment.
The bare catch silently swallows all errors with no logging. If getState() rejects or handleWebviewAskResponse throws, there will be zero diagnostic trace. The fail-safe behavior (don't auto-commit) is correct, but other catch blocks in this file (e.g., line 1697) log via console.error before continuing. Adding a log line here would preserve debuggability without changing the safety semantics.
| } catch { | |
| // If anything fails (state read, approval fn, or response handling), | |
| // do not auto-commit. | |
| return | |
| } | |
| } catch (error) { | |
| // If anything fails (state read, approval fn, or response handling), | |
| // do not auto-commit. | |
| console.error("Auto-approval timeout callback failed:", error) | |
| return | |
| } |
Fix it with Roo Code or mention @roomote and request a fix.
1 participant
Closes #11445
Summary
PR #11439 fixed the UI cleanup wiring so
FollowUpSuggest'suseEffectcleanup correctly sendscancelAutoApprovalto the backend. This follow-up hardens the backend independently so stale timeouts cannot auto-commit even if the UI cancellation chain is missed.webviewMessageHandler.tsnow callscancelAutoApprovalTimeout()on the current task whenautoApprovalEnabledis toggled off — independent of React lifecyclesetTimeoutcallback re-checksautoApprovalEnabledviagetState()and verifies the ask is not stale before auto-committing. Fulltry/catchwraps the entire async callback body to prevent unhandled rejectionsTest plan
auto-approval-timeout-cancellation.spec.tsusing fake timers and mockedcheckAutoApprovalask-queued-message-drain.spec.ts(1/1 passed),FollowUpSuggest.spec.tsx(18/18 passed)