feat(host-proxy): add targetClientId support to HostFileProxy and HostProxyBase#29394
Conversation
…tProxyBase - Add targetClientId to HostFileReadRequest, HostFileWriteRequest, HostFileEditRequest, HostFileCancelRequest - Add targetClientId to HostCuRequest and HostCuCancelRequest - HostFileProxy.request() resolves target client (auto-resolve single, validate explicit, undefined for untargeted) - Thread targetClientId through all broadcastMessage calls (request, abort cancel, dispose cancel) - Add targetClientId to HostProxyBase.PendingEntry and dispatchRequest (covers HostCuProxy via inheritance) - Update broadcastDynamic to accept and forward targetClientId as options to broadcastMessage - Register targetClientId in assistant-event-hub.ts for host_file and host_cu pending interactions Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
credence-the-bot
Bot
merged commit 67b2df3
into
Credence/targeted-host-proxy-phase2
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9865c539fc
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| pendingInteractions.register(msg.requestId, { | ||
| conversationId, | ||
| kind: "host_file", | ||
| targetClientId, |
There was a problem hiding this comment.
Now that host_file_request stores targetClientId in pending interactions, /v1/host-file-result should verify the submitting client matches that target (as host-bash-result already does). handleHostFileResult currently accepts any authenticated submitter with a requestId, so a different connected client can resolve a targeted file request and inject/override the result if it learns the ID.
Useful? React with 👍 / 👎.
| } else if (msg.type === "host_cu_request") { | ||
| pendingInteractions.register(msg.requestId, { | ||
| conversationId, | ||
| kind: "host_cu", | ||
| targetClientId, |
There was a problem hiding this comment.
The same targeting gap exists for CU: this change records targetClientId for host_cu_request, but /v1/host-cu-result does not check x-vellum-client-id against that stored target before resolving. That means any authenticated client that can post a known requestId can complete another client’s targeted computer-use action, defeating the new per-client routing guarantee.
Useful? React with 👍 / 👎.
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
Summary
targetClientIdresolution toHostFileProxy.request(): auto-resolves when exactly onehost_file-capable client is connected, validates explicittargetClientIdagainst the hub, and leavesundefinedfor untargeted broadcast (existing behaviour for 0 or >1 clients)targetClientIdthroughHostProxyBase.dispatchRequest()andPendingEntry, coveringHostCuProxyvia inheritance — both request, abort-cancel, and dispose-cancel broadcast paths now forward the targettargetClientId?: stringtoHostFileReadRequest,HostFileWriteRequest,HostFileEditRequest,HostFileCancelRequest,HostCuRequest, andHostCuCancelRequestmessage typesassistant-event-hub.tsregisterPendingInteractionto forwardtargetClientIdforhost_file_requestandhost_cu_requestinteractions (matching the existinghost_bash_requestpattern)Test plan
stemmermodule error)HostFileProxyauto-resolves single connected client (no explicittargetClientIdneeded)targetClientIdvalidation returns error message when client not found or lacks capabilityhost_cu_request/host_file_requestinteractions inpendingInteractionsincludetargetClientIdtargetClientIdand route correctly🤖 Generated with Claude Code