fix(agents): compatibility fixes for legacy presets and actions by jordan-umusu · Pull Request #2584 · TracecatHQ/tracecat

jordan-umusu · 2026-04-30T15:25:52Z

No description provided.

zeropath-ai · 2026-04-30T15:35:44Z

✅ No security or compliance issues detected. Reviewed everything up to f11e9ce.

Security Overview

🔎 Scanned files: 31 changed file(s)
🔗 Scan Link: https://zeropath.com/app/repositories/00dffd6c-8834-4dc9-b6d8-b44cd1622986?scanId=b24924f5-9443-4bc4-b884-a3bcfcbdb034&codeScanTypes=PrScan&tab=issues

Detected Code Changes

Change Type	Relevant files
Enhancement	► frontend/src/app/admin/agent/page.tsx Remove unused helper functions Remove unused UI elements ► frontend/src/client/services.gen.ts Add `adminAgentListPlatformCatalog` function ► frontend/src/client/types.gen.ts Add types for `adminAgentListPlatformCatalog` ► frontend/src/components/agents/agent-presets-builder.tsx Add logic to handle legacy model configuration ► frontend/src/components/builder/panel/action-panel-fields.tsx Add `deprecated` prop to `FormLabelComponent` ► frontend/src/components/builder/panel/action-panel.tsx Add logic to determine when to show optional fields by default Add handling for deprecated fields in Action Panel ► frontend/src/components/jsonschema-table.tsx Display deprecation information in JSON Schema table ► frontend/src/components/organization/org-settings-agent.tsx Invalidate agent model access queries on credential save ► frontend/src/hooks/use-admin.ts Implement `adminListPlatformCatalog` hook ► frontend/src/lib/jsonschema.ts Extract deprecation information from JSON schema ► frontend/src/lib/schema.ts Add `deprecated` and `x-tracecat-deprecation-message` to `TcJsonSchemaExtra` ► packages/tracecat-ee/tracecat_ee/agent/schemas.py Update `_unpack_model_selection` to handle new `model` field precedence ► packages/tracecat-registry/tracecat_registry/core/agent.py Deprecate `model_name` and `model_provider` in `agent` function schema Add `model` field to `agent` function schema ► packages/tracecat-registry/tracecat_registry/core/ai.py Deprecate `model_name` and `model_provider` in AI functions Add `model` field to AI functions Implement `_resolve_model_selection` utility function ► tests/registry/test_agent.py Add test for deprecated model fields in agent schema ► tests/registry/test_core_ai.py Add test for accepting legacy model fields in `rank_documents` Add test for preferring `model` over legacy model fields Add test for deprecated model fields in AI function schemas ► tests/unit/api/test_api_admin_agent.py Add tests for `adminAgentListPlatformCatalog` endpoint
Refactor	► frontend/src/client/services.gen.ts Generate `adminAgentListPlatformCatalog` from OpenAPI spec ► frontend/src/client/types.gen.ts Generate types for `adminAgentListPlatformCatalog` from OpenAPI spec
Other	► frontend/src/hooks/use-admin.ts Remove `listCatalog` import and replace with internal `adminListPlatformCatalog`

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d18a6a3208

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

cubic-dev-ai

1 issue found across 20 files

Confidence score: 2/5

There is a clear regression risk in tracecat/agent/gateway.py: use_workspace_credentials is ignored, which can cause legacy no-catalog tokens to resolve workspace-scoped credentials instead of org-scoped ones.
Given the 7/10 severity and 7/10 confidence, this looks user-impacting (and potentially permission/scope-sensitive), so merge risk is high until the credential-selection logic is corrected.
Pay close attention to tracecat/agent/gateway.py - credential scope resolution may be incorrect for legacy token flows.

Prompt for AI agents (unresolved issues)


Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="tracecat/agent/gateway.py">

<violation number="1" location="tracecat/agent/gateway.py:211">
P1: `use_workspace_credentials` is now ignored, so no-catalog legacy tokens can resolve the wrong credential scope (workspace instead of org).</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2348c7319f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2aef114c67

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f11e9cead2

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

chatgpt-codex-connector · 2026-04-30T21:29:23Z

            credentials = await self.get_runtime_provider_credentials(
                preset_config.model_provider,
            )


Clear catalog_id when falling back to org credentials

If a preset is catalog-linked but get_catalog_credentials returns None and workspace credentials are missing, this branch falls back to org credentials without clearing preset_config.catalog_id. That leaves a stale catalog ID in the emitted config, so downstream token minting still marks the run as catalog-backed and the gateway re-queries catalog credentials, causing execution to fail even though org credentials were successfully resolved here.

Useful? React with 👍 / 👎.

chatgpt-codex-connector · 2026-04-30T21:29:23Z

+      if (form.getValues("catalog_id")) {
+        form.setValue("catalog_id", "", { shouldDirty: false })


Avoid silently unlinking presets from catalog on load

In preset edit mode, this effect clears catalog_id as soon as the current model cannot be matched to an enabled option. Saving any unrelated change then persists catalog_id: null while keeping model_provider/model_name, silently converting a catalog-governed preset into a legacy direct-provider preset without explicit user intent, which changes credential resolution and drops catalog-based access gating.

Useful? React with 👍 / 👎.

This comment has been minimized.

Sign in to view

jordan-umusu force-pushed the feat/agents-depreciate-legacy-actions branch from 65397ec to 55c24e2 Compare April 30, 2026 15:42

jordan-umusu marked this pull request as ready for review April 30, 2026 16:08

jordan-umusu changed the title ~~feat(agents): depreciate legacy ai action fields~~ fix(agents): compatability fixes for legacy presets and actions Apr 30, 2026

jordan-umusu changed the title ~~fix(agents): compatability fixes for legacy presets and actions~~ fix(agents): compatibility fixes for legacy presets and actions Apr 30, 2026

jordan-umusu added fix Bug fix agents LLM agents labels Apr 30, 2026

chatgpt-codex-connector Bot reviewed Apr 30, 2026

View reviewed changes

Comment thread tracecat/agent/gateway.py

Comment thread tracecat/agent/preset/activities.py

cubic-dev-ai Bot reviewed Apr 30, 2026

View reviewed changes

Comment thread tracecat/agent/gateway.py

jordan-umusu requested a review from daryllimyt April 30, 2026 16:30

daryllimyt approved these changes Apr 30, 2026

View reviewed changes

jordan-umusu force-pushed the feat/llm-providers-v2-integration branch from 3a6faa7 to 4684104 Compare April 30, 2026 20:35

Base automatically changed from feat/llm-providers-v2-integration to main April 30, 2026 20:41

feat(agents): depreciate legacy ai action fields

4371af1

jordan-umusu force-pushed the feat/agents-depreciate-legacy-actions branch from d18a6a3 to a5b8e5d Compare April 30, 2026 20:50

jordan-umusu temporarily deployed to internal-registry-ci April 30, 2026 20:50 — with GitHub Actions Inactive

This comment has been minimized.

Sign in to view

jordan-umusu force-pushed the feat/agents-depreciate-legacy-actions branch from a5b8e5d to 2348c73 Compare April 30, 2026 20:57

jordan-umusu temporarily deployed to internal-registry-ci April 30, 2026 20:57 — with GitHub Actions Inactive

jordan-umusu temporarily deployed to internal-registry-ci April 30, 2026 20:58 — with GitHub Actions Inactive

chatgpt-codex-connector Bot reviewed Apr 30, 2026

View reviewed changes

Comment thread tracecat/agent/service.py

Comment thread tracecat/agent/preset/service.py

jordan-umusu force-pushed the feat/agents-depreciate-legacy-actions branch from 2348c73 to 2aef114 Compare April 30, 2026 21:14

jordan-umusu temporarily deployed to internal-registry-ci April 30, 2026 21:14 — with GitHub Actions Inactive

This comment has been minimized.

Sign in to view

chatgpt-codex-connector Bot reviewed Apr 30, 2026

View reviewed changes

Comment thread tracecat/agent/gateway.py

Comment thread packages/tracecat-registry/tracecat_registry/core/agent.py

fix(agents): preset agency compat

f11e9ce

jordan-umusu force-pushed the feat/agents-depreciate-legacy-actions branch from 2aef114 to f11e9ce Compare April 30, 2026 21:21

jordan-umusu temporarily deployed to internal-registry-ci April 30, 2026 21:21 — with GitHub Actions Inactive

jordan-umusu temporarily deployed to internal-registry-ci April 30, 2026 21:22 — with GitHub Actions Inactive

jordan-umusu merged commit 0dd2d7c into main Apr 30, 2026
18 checks passed

jordan-umusu deleted the feat/agents-depreciate-legacy-actions branch April 30, 2026 21:28

chatgpt-codex-connector Bot reviewed Apr 30, 2026

View reviewed changes

		if (form.getValues("catalog_id")) {
		form.setValue("catalog_id", "", { shouldDirty: false })

Conversation

jordan-umusu commented Apr 30, 2026

Uh oh!

This comment has been minimized.

zeropath-ai Bot commented Apr 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

💡 Codex Review

Uh oh!

Uh oh!

Uh oh!

cubic-dev-ai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

This comment has been minimized.

chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

💡 Codex Review

Uh oh!

Uh oh!

Uh oh!

This comment has been minimized.

chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

💡 Codex Review

Uh oh!

Uh oh!

Uh oh!

Uh oh!

chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

💡 Codex Review

Uh oh!

chatgpt-codex-connector Bot Apr 30, 2026

Choose a reason for hiding this comment

Uh oh!

chatgpt-codex-connector Bot Apr 30, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

zeropath-ai Bot commented Apr 30, 2026 •

edited

Loading