PR State:
merged
PR:
#52
Commit:
8bb656e0a40c130cf97841f513a9cd8bb677c63d
[FIX] viin_ai_base,viin_ai_agent,viin_ai_approval,viin_ai_workflow: PR #52 review fixes (CI lint + findings)
CI blocker (was the red Runbot flake8 + an error-log trip):
- viin_ai_approval/tests/test_advisory_acl.py: add mail_notify_force_send=False
to setUpClass (mirrors test_approval_adapter) so confirmed-request tests no
longer trip Runbot had_error_log; drop the unused `req` local (flake8 F841).
Security (RED-test-first, behavior tests with independent oracles):
- viin_ai_approval: _build_advisory_messages now routes the untrusted block
through the SSOT wrap_untrusted_context() instead of a hand-rolled fence, so an
attacker </untrusted_context> close tag / jailbreak phrase in a display_name or
signal can no longer escape the sandbox. New test_advisory_prompt_safety.
- viin_ai_workflow: _scan_target company isolation uses child_of (the routine
company + its branch descendants), not parent_of (ancestors). parent_of both
dropped the routine's own branch rows (false negative) and pulled the parent
company's rows into scope (upward cross-tenant leak). New branch-hierarchy test.
Robustness / accuracy:
- viin_ai_base usage_log: action_replay fallback narrowed by (id > pre_max) so a
concurrent replay of the same source cannot resolve the wrong log. New test.
- viin_ai_base provider: call_embedding decodes response.json() once;
_record_error_usage comment corrected to match the real flush ordering.
- viin_ai_approval: advisory cron `limit` docstring (per company per tick);
diagnostic warning when an advisory agent's tools read empty (ACL gap).
- viin_ai_agent: _wrap_tool_result docstring corrected (args is FE-display-only
on the pending-confirmation early return, not "trusted"); fix the stale test
name in the finding-to-test map.
Verified: odoo-bin --test-enable on a fresh pg14 DB - 0 failed / 0 error of 291
tests across viin_ai_base/agent/approval/workflow; flake8 (Runbot config) clean
on all changed lines (F841 resolved).
Branch:
17.0
| Subbuilds | Name | State | Detail |
|---|---|---|---|
| Build 385620 | Check the quality with Pylint: from test_lint to test_pylint 14m | Killed | Log |
| Build 385621 | At install tests: from account to website_twitter | Killed | Log |
| Build 385622 | Post install tests: step install all modules | Killed | Log |
| Build 385623 | Post install tests: from account to payment_asiapay | Killed | |
| Build 385624 | Post install tests: from payment_authorize to test_website_slides_full | Killed | |
| Build 385625 | Post install tests: from test_xlsx_export to to_website_docs_odoo_data | Killed | |
| Build 385626 | Post install tests: from to_website_odoo_version to viin_estimate | Killed | |
| Build 385627 | Post install tests: from viin_estimate_approval to viin_pricelist_validity_advance | Killed | |
| Build 385628 | Post install tests: from viin_product_multi_barcodes to website_twitter | Killed | |
| Build 385629 | Test install all modules without demo data: from account to website_twitter | Killed | Log |
| Create Date | Level | Message |
|---|---|---|
| 06/14/2026 22:25:08 | INFO |
Updated repository Viindoo-odoo
|
| 06/14/2026 22:25:08 | INFO |
Updated repository Viindoo-tvtmaaddons
|
| 06/14/2026 22:25:08 | INFO |
Updated repository Viindoo-erponline-enterprise
|
| 06/14/2026 22:25:08 | INFO |
Updated repository Viindoo-branding
|
| 06/14/2026 22:25:08 | INFO |
Cloned repository Viindoo-ai
|