@librechat/agents 3.1.80-dev.2 → 3.1.80

package/src/tools/CodeExecutor.ts

@@ -8,48 +8,12 @@ import { EnvVar, Constants } from '@/common';
 
 config();
 
-export const imageExtRegex = /\.(jpg|jpeg|png|gif|webp)$/i;
 export const getCodeBaseURL = (): string =>
   getEnvironmentVariable(EnvVar.CODE_BASEURL) ??
   Constants.OFFICIAL_CODE_BASEURL;
 
-const imageMessage = 'Image is already displayed to the user';
-const otherMessage = 'File is already downloaded by the user';
-const inheritedFileMessage =
-  'Available as an input — already known to the user';
-const accessMessage =
-  'Note: Files from previous executions are automatically available and can be modified.';
-const emptyOutputMessage =
+export const emptyOutputMessage =
   'stdout: Empty. Ensure you\'re writing output explicitly.\n';
-const inheritedFilesHeader =
-  'Available files (inputs, not generated by this execution):';
-const generatedFilesHeader = 'Generated files:';
-const inheritedNote =
-  'Note: Files in "Available files" are inputs the user (or a skill) already provided to the sandbox. They were not produced by this execution and you should not present them as new outputs in your response.';
-
-/**
- * Renders one section of the post-execution file listing. Used by the
- * code/bash tool formatters to keep generated outputs and inherited
- * inputs visually separated. See BashExecutor for full docs.
- */
-export function renderFileSection(
-  header: string,
-  files: t.FileRefs,
-  defaultMessage: string
-): string {
-  if (files.length === 0) return '';
-  let out = `${header}\n`;
-  for (let i = 0; i < files.length; i++) {
-    const file = files[i];
-    const isImage = imageExtRegex.test(file.name);
-    out += `- /mnt/data/${file.name} | ${isImage ? imageMessage : defaultMessage}`;
-    if (i < files.length - 1) {
-      out += files.length <= 3 ? ', ' : ',\n';
-    }
-  }
-  out += '\n';
-  return out;
-}
 
 const SUPPORTED_LANGUAGES = [
   'py',
@@ -150,65 +114,24 @@ function createCodeExecutionTool(
         ...params,
       };
 
-      /**
-       * File injection priority:
-       * 1. Use _injected_files from ToolNode (avoids /files endpoint race condition)
-       * 2. Fall back to fetching from /files endpoint if session_id
-       *    provided but no injected files. The /files lookup still uses the
-       *    same id value — codeapi stores output files under the exec id as
-       *    their storage prefix, so the two values coincide here.
-       */
+      /* File injection: `_injected_files` from ToolNode (set when host
+       * primes a CodeSessionContext) or `params.files` from tool
+       * factory (set by hosts that pre-resolve at construction time).
+       * The legacy `/files/<session_id>` HTTP fallback was removed —
+       * codeapi's `sessionAuth` middleware now requires kind/id query
+       * params the tool can't supply at this point, so the fetch 400'd
+       * silently and the catch swallowed the failure. */
       if (_injected_files && _injected_files.length > 0) {
         postData.files = _injected_files;
-      } else if (session_id != null && session_id.length > 0) {
-        /** Fallback: fetch from /files endpoint (may have race condition issues) */
-        try {
-          const filesEndpoint = `${baseEndpoint}/files/${session_id}?detail=full`;
-          const fetchOptions: RequestInit = {
-            method: 'GET',
-            headers: {
-              'User-Agent': 'LibreChat/1.0',
-            },
-          };
-
-          if (process.env.PROXY != null && process.env.PROXY !== '') {
-            fetchOptions.agent = new HttpsProxyAgent(process.env.PROXY);
-          }
-
-          const response = await fetch(filesEndpoint, fetchOptions);
-          if (!response.ok) {
-            throw new Error(
-              `Failed to fetch files for session: ${response.status}`
-            );
-          }
-
-          const files = await response.json();
-          if (Array.isArray(files) && files.length > 0) {
-            const fileReferences: t.CodeEnvFile[] = files.map((file) => {
-              const nameParts = file.name.split('/');
-              const id = nameParts.length > 1 ? nameParts[1].split('.')[0] : '';
-
-              return {
-                storage_session_id: session_id,
-                /* `/files` fallback returns code-output files belonging
-                 * to the user; tag them user-private. */
-                kind: 'user' as const,
-                id,
-                /* `resource_id` is informational for `kind: 'user'`
-                 * (codeapi derives sessionKey from auth context); use
-                 * the same value as `id` since the `/files` fallback
-                 * doesn't carry separate provenance. */
-                resource_id: id,
-                name: file.metadata['original-filename'],
-              };
-            });
-
-            postData.files = fileReferences;
-          }
-        } catch {
-          // eslint-disable-next-line no-console
-          console.warn(`Failed to fetch files for session: ${session_id}`);
-        }
+      } else if (
+        session_id != null &&
+        session_id.length > 0 &&
+        !Array.isArray(postData.files)
+      ) {
+        // eslint-disable-next-line no-console
+        console.debug(
+          `[CodeExecutor] No injected files for session_id=${session_id} — exec will run without input files`
+        );
       }
 
       try {
@@ -230,6 +153,13 @@ function createCodeExecutionTool(
         }
 
         const result: t.ExecuteResult = await response.json();
+        /* Output is stdout/stderr only — file listings were removed
+         * because the LLM-facing summary (split inherited/generated
+         * with prescriptive notes) caused more confusion than help,
+         * especially for bash where models naturally explore
+         * `/mnt/data/` themselves. The artifact still carries every
+         * file so the host's session map stays in sync; the LLM
+         * doesn't see them in the tool result text. */
         let formattedOutput = '';
         if (result.stdout) {
           formattedOutput += `stdout:\n${result.stdout}\n`;
@@ -237,48 +167,15 @@ function createCodeExecutionTool(
           formattedOutput += emptyOutputMessage;
         }
         if (result.stderr) formattedOutput += `stderr:\n${result.stderr}\n`;
-        if (result.files && result.files.length > 0) {
-          /* See BashExecutor for the rationale: split inherited (read-only
-           * passthrough) inputs from real generated outputs so the LLM
-           * doesn't conflate skill files with newly-produced artifacts. */
-          const inheritedFiles = result.files.filter(
-            (f) => f.inherited === true
-          );
-          const generatedFiles = result.files.filter(
-            (f) => f.inherited !== true
-          );
-
-          formattedOutput += renderFileSection(
-            generatedFilesHeader,
-            generatedFiles,
-            otherMessage
-          );
-          formattedOutput += renderFileSection(
-            inheritedFilesHeader,
-            inheritedFiles,
-            inheritedFileMessage
-          );
-
-          if (generatedFiles.length > 0) {
-            formattedOutput += `\n\n${accessMessage}`;
-          }
-          if (inheritedFiles.length > 0) {
-            formattedOutput += `\n\n${inheritedNote}`;
-          }
-          return [
-            formattedOutput.trim(),
-            {
-              session_id: result.session_id,
-              files: result.files,
-            } satisfies t.CodeExecutionArtifact,
-          ];
-        }
 
+        const hasFiles = result.files != null && result.files.length > 0;
         return [
           formattedOutput.trim(),
-          {
-            session_id: result.session_id,
-          } satisfies t.CodeExecutionArtifact,
+          (hasFiles
+            ? { session_id: result.session_id, files: result.files }
+            : {
+              session_id: result.session_id,
+            }) satisfies t.CodeExecutionArtifact,
         ];
       } catch (error) {
         throw new Error(

package/src/tools/ProgrammaticToolCalling.ts

@@ -5,28 +5,11 @@ import { HttpsProxyAgent } from 'https-proxy-agent';
 import { tool, DynamicStructuredTool } from '@langchain/core/tools';
 import type { ToolCall } from '@langchain/core/messages/tool';
 import type * as t from '@/types';
-import { getCodeBaseURL, renderFileSection } from './CodeExecutor';
+import { emptyOutputMessage, getCodeBaseURL } from './CodeExecutor';
 import { Constants } from '@/common';
 
 config();
 
-// ============================================================================
-// Constants
-// ============================================================================
-
-const otherMessage = 'File is already downloaded by the user';
-const inheritedFileMessage =
-  'Available as an input — already known to the user';
-const inheritedFilesHeader =
-  'Available files (inputs, not generated by this execution):';
-const generatedFilesHeader = 'Generated files:';
-const inheritedNote =
-  'Note: Files in "Available files" are inputs the user (or a skill) already provided to the sandbox. They were not produced by this execution and you should not present them as new outputs in your response.';
-const accessMessage =
-  'Note: Files from previous executions are automatically available and can be modified.';
-const emptyOutputMessage =
-  'stdout: Empty. Ensure you\'re writing output explicitly.\n';
-
 /** Default max round-trips to prevent infinite loops */
 const DEFAULT_MAX_ROUND_TRIPS = 20;
 
@@ -545,6 +528,11 @@ export async function executeTools(
 
 /**
  * Formats the completed response for the agent.
+ *
+ * Output is stdout/stderr only — see `CodeExecutor.ts`. The
+ * artifact still carries every file so the host's session map
+ * stays in sync; the LLM doesn't see them in the tool result text.
+ *
  * @param response - The completed API response
  * @returns Tuple of [formatted string, artifact]
  */
@@ -563,32 +551,6 @@ export function formatCompletedResponse(
     formatted += `stderr:\n${response.stderr}\n`;
   }
 
-  if (response.files && response.files.length > 0) {
-    /* See BashExecutor for the rationale: split inherited (read-only
-     * passthrough) inputs from real generated outputs so the LLM doesn't
-     * conflate skill files with newly-produced artifacts. */
-    const inheritedFiles = response.files.filter((f) => f.inherited === true);
-    const generatedFiles = response.files.filter((f) => f.inherited !== true);
-
-    formatted += renderFileSection(
-      generatedFilesHeader,
-      generatedFiles,
-      otherMessage
-    );
-    formatted += renderFileSection(
-      inheritedFilesHeader,
-      inheritedFiles,
-      inheritedFileMessage
-    );
-
-    if (generatedFiles.length > 0) {
-      formatted += `\n\n${accessMessage}`;
-    }
-    if (inheritedFiles.length > 0) {
-      formatted += `\n\n${inheritedNote}`;
-    }
-  }
-
   return [
     formatted.trim(),
     {
@@ -675,16 +637,19 @@ export function createProgrammaticToolCallingTool(
         }
 
         /**
-         * File injection priority:
-         * 1. Use _injected_files from ToolNode (avoids /files endpoint race condition)
-         * 2. Fall back to fetching from /files endpoint if session_id
-         *    provided but no injected files.
+         * File injection: `_injected_files` from ToolNode session
+         * context. The legacy `/files/<session_id>` HTTP fallback was
+         * removed (see `CodeExecutor.ts`) — codeapi's sessionAuth now
+         * requires kind/id query params unavailable at this point.
          */
         let files: t.CodeEnvFile[] | undefined;
         if (_injected_files && _injected_files.length > 0) {
           files = _injected_files;
         } else if (session_id != null && session_id.length > 0) {
-          files = await fetchSessionFiles(baseUrl, session_id, proxy);
+          // eslint-disable-next-line no-console
+          console.debug(
+            `[ProgrammaticToolCalling] No injected files for session_id=${session_id} — exec will run without input files`
+          );
         }
 
         let response = await makeRequest(

package/src/tools/__tests__/ProgrammaticToolCalling.test.ts

@@ -626,7 +626,13 @@ for member in team:
       expect(output).toContain('stderr:\nWarning: deprecated function');
     });
 
-    it('formats file information correctly', () => {
+    it('preserves files on the artifact but omits them from the LLM-facing output', () => {
+      /* The post-execution file summary was removed because it
+       * misled the model more than it helped — especially with
+       * bash, where models naturally `ls /mnt/data/` to discover
+       * available files. The artifact still carries every file
+       * so the host's session-tracking layer stays in sync;
+       * the LLM just doesn't see the prescriptive listing. */
       const response: t.ProgrammaticExecutionResponse = {
         status: 'completed',
         stdout: 'Generated report\n',
@@ -634,95 +640,26 @@ for member in team:
         files: [
           { id: '1', name: 'report.pdf' },
           { id: '2', name: 'data.csv' },
-        ],
-        session_id: 'sess_abc123',
-      };
-
-      const [output, artifact] = formatCompletedResponse(response);
-
-      expect(output).toContain('Generated files:');
-      expect(output).toContain('report.pdf');
-      expect(output).toContain('data.csv');
-      expect(artifact.files).toHaveLength(2);
-      expect(artifact.files).toEqual(response.files);
-    });
-
-    it('handles image files with special message', () => {
-      const response: t.ProgrammaticExecutionResponse = {
-        status: 'completed',
-        stdout: '',
-        stderr: '',
-        files: [
-          { id: '1', name: 'chart.png' },
-          { id: '2', name: 'photo.jpg' },
-        ],
-        session_id: 'sess_abc123',
-      };
-
-      const [output] = formatCompletedResponse(response);
-
-      expect(output).toContain('chart.png');
-      expect(output).toContain('Image is already displayed to the user');
-    });
-
-    it('splits inherited inputs from generated outputs into distinct sections', () => {
-      const response: t.ProgrammaticExecutionResponse = {
-        status: 'completed',
-        stdout: 'analysis done\n',
-        stderr: '',
-        files: [
-          { id: 'g1', name: 'report.pdf' },
           { id: 'i1', name: 'pptx/SKILL.md', inherited: true },
-          { id: 'i2', name: 'pptx/scripts/clean.py', inherited: true },
-          { id: 'g2', name: 'chart.png' },
         ],
         session_id: 'sess_abc123',
       };
 
       const [output, artifact] = formatCompletedResponse(response);
 
-      /* Generated section lists only outputs the run produced. */
-      const generatedIdx = output.indexOf('Generated files:');
-      const inheritedIdx = output.indexOf('Available files (inputs');
-      expect(generatedIdx).toBeGreaterThan(-1);
-      expect(inheritedIdx).toBeGreaterThan(generatedIdx);
-
-      /* Slice each section so we can assert membership without
-       * cross-talk between the two listings. */
-      const generatedSection = output.slice(generatedIdx, inheritedIdx);
-      const inheritedSection = output.slice(inheritedIdx);
-
-      expect(generatedSection).toContain('report.pdf');
-      expect(generatedSection).toContain('chart.png');
-      expect(generatedSection).not.toContain('SKILL.md');
-
-      expect(inheritedSection).toContain('pptx/SKILL.md');
-      expect(inheritedSection).toContain('pptx/scripts/clean.py');
-      expect(inheritedSection).toContain('Available as an input');
-
-      /* The artifact still carries every file so the host can still
-       * thread per-file ids through to subsequent calls. */
-      expect(artifact.files).toHaveLength(4);
-    });
-
-    it('omits the Generated files header when every entry is inherited', () => {
-      const response: t.ProgrammaticExecutionResponse = {
-        status: 'completed',
-        stdout: 'cat: ok\n',
-        stderr: '',
-        files: [
-          { id: 'i1', name: 'pptx/SKILL.md', inherited: true },
-          { id: 'i2', name: 'pptx/editing.md', inherited: true },
-        ],
-        session_id: 'sess_abc123',
-      };
-
-      const [output] = formatCompletedResponse(response);
-
+      /* Tool result text is stdout/stderr only. */
+      expect(output).toContain('stdout:\nGenerated report');
       expect(output).not.toContain('Generated files:');
-      expect(output).toContain('Available files (inputs');
-      expect(output).toContain('pptx/SKILL.md');
-      expect(output).toContain('pptx/editing.md');
+      expect(output).not.toContain('Available files');
+      expect(output).not.toContain('report.pdf');
+      expect(output).not.toContain('SKILL.md');
+      expect(output).not.toContain('Image is already displayed');
+      expect(output).not.toContain('Available as an input');
+
+      /* Host-facing artifact still has every file with its
+       * `inherited` flag intact for session-context merging. */
+      expect(artifact.files).toHaveLength(3);
+      expect(artifact.files).toEqual(response.files);
     });
   });
 
@@ -922,7 +859,11 @@ for member in team:
       });
     });
 
-    it('formats response with files', () => {
+    it('passes files through on the artifact, never on the LLM-facing output', () => {
+      /* Output stays stdout/stderr-only regardless of file count or
+       * filename shape. The artifact is the sole sink for file refs;
+       * hosts thread them into `_injected_files` on subsequent
+       * tool calls via `storeCodeSessionFromResults`. */
       const response: t.ProgrammaticExecutionResponse = {
         status: 'completed',
         stdout: 'Report generated\n',
@@ -930,61 +871,21 @@ for member in team:
         files: [
           { id: '1', name: 'report.csv' },
           { id: '2', name: 'chart.png' },
-        ],
-        session_id: 'sess_xyz',
-      };
-
-      const [output, artifact] = formatCompletedResponse(response);
-
-      expect(output).toContain('Generated files:');
-      expect(output).toContain('report.csv');
-      expect(output).toContain('chart.png');
-      expect(output).toContain('File is already downloaded');
-      expect(output).toContain('Image is already displayed');
-      expect(artifact.files).toHaveLength(2);
-    });
-
-    it('handles multiple files with correct separators', () => {
-      const response: t.ProgrammaticExecutionResponse = {
-        status: 'completed',
-        stdout: 'Done\n',
-        stderr: '',
-        files: [
-          { id: '1', name: 'file1.txt' },
-          { id: '2', name: 'file2.txt' },
-        ],
-        session_id: 'sess_xyz',
-      };
-
-      const [output] = formatCompletedResponse(response);
-
-      // 2 files format: "- /mnt/data/file1.txt | ..., - /mnt/data/file2.txt | ..."
-      expect(output).toContain('file1.txt');
-      expect(output).toContain('file2.txt');
-      expect(output).toContain('- /mnt/data/file1.txt');
-      expect(output).toContain('- /mnt/data/file2.txt');
-    });
-
-    it('handles many files with newline separators', () => {
-      const response: t.ProgrammaticExecutionResponse = {
-        status: 'completed',
-        stdout: 'Done\n',
-        stderr: '',
-        files: [
-          { id: '1', name: 'file1.txt' },
-          { id: '2', name: 'file2.txt' },
           { id: '3', name: 'file3.txt' },
           { id: '4', name: 'file4.txt' },
         ],
         session_id: 'sess_xyz',
       };
 
-      const [output] = formatCompletedResponse(response);
+      const [output, artifact] = formatCompletedResponse(response);
+
+      expect(output).toBe('stdout:\nReport generated');
+      expect(output).not.toContain('report.csv');
+      expect(output).not.toContain('chart.png');
+      expect(output).not.toContain('/mnt/data/');
 
-      // More than 3 files should use newline separators
-      expect(output).toContain('file1.txt');
-      expect(output).toContain('file4.txt');
-      expect(output.match(/,\n/g)?.length).toBeGreaterThanOrEqual(2);
+      expect(artifact.files).toHaveLength(4);
+      expect(artifact.files).toEqual(response.files);
     });
   });