oxmux: Add streaming robustness controls#42
Merged
nodnarbnitram merged 6 commits intomainfrom May 1, 2026
Merged
Conversation
Greptile SummaryThis PR adds a deterministic streaming robustness layer to Confidence Score: 5/5Safe to merge; no logic or correctness issues found, only minor style observations. All findings are P2 (style/clarity only). Core logic — retry counting, cross-field validation, error mapping, fingerprint stability, and reserved-key enforcement — is correct and thoroughly exercised by the new tests. The previously flagged ProviderStreamFailure→PreStreamFailure mapping is resolved by the new StreamingFailure::ProviderStreamFailure variant, and the double-error concern for the timeout cross-field guard is handled correctly by checking Some(None) rather than None. No files require special attention.
|
| Filename | Overview |
|---|---|
| crates/oxmux/src/streaming.rs | Adds StreamingRobustnessPolicy, StreamingCancellationPolicy, StreamingRobustnessOutcome, reserved metadata key enforcement, and new StreamingFailure variants; well-validated with range checks and cross-field rules. |
| crates/oxmux/src/configuration/validation.rs | Adds validate_streaming with per-field and cross-field guards; the timeout+cancellation cross-field check correctly targets only the absent case (Some(None)), avoiding double errors when the field is present-but-invalid. |
| crates/oxmux/src/management.rs | Adds latest_streaming_outcome field and record_streaming_outcome with last-writer-wins semantics; ProviderStreamFailure correctly maps to StreamingFailure::ProviderStreamFailure (new variant, not PreStreamFailure). |
| crates/oxmux/src/provider.rs | Adds MockStreamingAttempt and execute_mock_streaming_attempts; total_attempts correctly reflects only executed attempts (no .max(policy.max_attempts()) inflation), validated by dedicated test. |
| crates/oxmux/src/configuration/file.rs | Propagates StreamingRobustnessPolicy through ConfigurationSnapshot, ValidatedFileConfiguration, and FileBackedManagementConfiguration; merge_streaming follows the same last-value-wins pattern as other merge helpers. |
| crates/oxmux/tests/provider_execution.rs | New tests cover retry-then-success, full exhaustion, short-plan exhaustion (reports only executed attempts), timeout, and cancellation; all key semantics exercised deterministically. |
| crates/oxmux/tests/file_configuration.rs | Covers full streaming TOML loading, partial defaults, out-of-range and type-mismatch errors, cross-field cancellation+timeout error, unknown field rejection, and layered-merge precedence. |
| crates/oxmux/tests/streaming_response.rs | Verifies reserved metadata key rejection, typed helper construction, StreamingRobustnessPolicy validation, and matchable failure variants for retry/timeout/cancellation. |
Flowchart
%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[StreamingAttempts outcome] --> B[execute_mock_streaming_attempts]
B --> C{Iterate attempt plan\nup to max_attempts}
C --> D[Success]
C --> E[FailBeforeEvent]
C --> F[TimeoutBeforeEvent]
C --> G[CancelBeforeEvent]
D --> H[with_committed_retry_summary\nif any retries occurred]
H --> I[ProviderExecutionResult::Success\nwith retry metadata prepended]
E --> J[Increment failed_pre_event_attempts\nStore last_failure]
J --> C
F --> K[Err: PreStreamTimeout]
G --> L[Err: PreStreamCancellation]
C -- plan exhausted --> M[Err: RetryExhausted\ntotal_attempts = failed_pre_event_attempts]
M --> N[ManagementSnapshot\nrecord_streaming_outcome]
I --> N
K --> N
L --> N
N --> O[Retain non-streaming warnings/errors\nAppend new outcome message\nUpdate latest_streaming_outcome]
Prompt To Fix All With AI
Fix the following 2 code review issues. Work through them one at a time, proposing concise fixes.
---
### Issue 1 of 2
crates/oxmux/src/configuration/file.rs:969-972
**Formatting inconsistency in fingerprint field**
`bootstrap_retry_count` uses `{}` (Display) while the surrounding streaming fields all use `{:?}` (Debug). For `u8` both produce identical output, so there's no functional impact on fingerprint stability, but the inconsistency is worth aligning for readability.
```suggestion
canonical.push_str(&format!(
"streaming.bootstrap-retry-count={:?}\n",
configuration.streaming.bootstrap_retry_count
));
```
### Issue 2 of 2
crates/oxmux/src/configuration/validation.rs:262-263
**`unwrap_or_default` is structurally unreachable after error check**
`validate_streaming` returns `None` only when a sub-validator pushed an error or the cross-field guard fired (both always push to `errors` first). The `if !errors.is_empty()` check above guarantees `validate_raw_configuration` has already returned before reaching this line, so `unwrap_or_default()` can never actually execute. It's harmless, but a comment or `expect` clarifying the invariant would make the relationship explicit and prevent future callers from accidentally adding a silent default path.
```rust
// SAFETY: validate_streaming returns None only after pushing to errors;
// the !errors.is_empty() guard above ensures we never reach here with None.
let streaming = streaming.expect("streaming validated without errors");
```
Reviews (3): Last reviewed commit: "Archive streaming robustness OpenSpec ch..." | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🔗 Linked Issue
Closes #20
✅ Type of Change
📝 Summary
oxmuxstreaming robustness policy, reserved control metadata, and structured pre-stream failure outcomes.[streaming]TOML configuration, management snapshots, and mock provider attempt plans for retry, timeout, cancellation, and provider stream failure visibility.📐 OpenSpec Evidence
openspec/changes/streaming-robustness-controlsoxmuxas the shared headless owner for stream policy, provider execution, configuration, and management semantics. Nooxidemuxapp-shell, GPUI, provider SDK, OAuth, credential storage, or live transport dependencies were added.📖 Documentation Checklist
README.md,CONTRIBUTING.md, or OpenSpec docs when needed.CHANGELOG.mdfor notable user-facing, compatibility, security, or workflow changes, or explained why it was not applicable. Not applicable: pre-release core semantics tracked by OpenSpec change artifacts.✔️ Contributor Checklist
.env.examplefile if environment variables are needed and ensured no secrets are committed. Not applicable: no environment variables added.oxmuxshared-core andoxidemuxplatform-shell boundary, or documented the OpenSpec-approved reason for changing it.mise run cilocally, or explained why it was not applicable.mise run securitylocally for dependency policy and vulnerability changes, or explained why it was not applicable. Not applicable: no dependency or security policy changes.mise run hk-check, or explained why they were not applicable. Commit hooks ran the relevant hk checks.💬 Additional Comments
Verification:
openspec validate streaming-robustness-controls --strictcargo fmt --all --checkcargo test -p oxmuxmise run ciRelease Notes:
Need help on this PR? Tag
@codesmithwith what you need.