fix(core): litellm tool-arg repair + pin cecli Grep hardening

[JessicaMulein]

Summary

• Fix litellm_ollama_patch to import parse_tool_arguments from cecli.helpers.responses so glued local-model tool JSON uses cecli's full repair path
• Pin cecli submodule to 383b6fd8b (Grep format_output hardening for malformed searches)

Depends on cecli: Digital-Defiance/cecli#12

Test plan

• pytest tests/core/test_litellm_ollama_patch.py tests/core/test_cecli_tool_json.py
• source activate.sh && pip install -e cecli && pip install -e .

Note: will cherry-pick to dev-integration for dogfood.

Made with Cursor

PR Summary by Typo

Overview

This PR addresses a bug in litellm tool argument parsing by updating an import path and pins the cecli submodule to a newer version that includes hardening improvements.

Key Changes

• Corrected the import path for parse_tool_arguments in bright_vision_core/litellm_ollama_patch.py to reflect its new location within the cecli library.
• Updated the cecli submodule to a specific commit (383b6fd) for enhanced grep hardening.

Work Breakdown

Category	Lines Changed
Rework	2 (100.0%)
Total Changes	2

To turn off PR summary, please visit Notification settings.

[typo-app]

Static Code Review 📊

✅ All quality checks passed!

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 9abc96de-efd5-4ad9-8f29-6803b51d59df

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/litellm-grep-tool-json

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

Review Summary by Qodo

Fix litellm tool-arg repair and pin cecli Grep hardening
🐞 Bug fix ✨ Enhancement

Walkthroughs

Description

• Fix litellm_ollama_patch to import parse_tool_arguments from correct cecli module path
• Pin cecli submodule to 383b6fd8b for Grep format_output hardening
• Ensures glued local-model tool JSON uses cecli's full repair path

Diagram

flowchart LR
  A["litellm_ollama_patch.py"] -->|"import from correct path"| B["cecli.helpers.responses"]
  C["cecli submodule"] -->|"update to 383b6fd8b"| D["Grep format_output hardening"]
  B -->|"parse_tool_arguments"| E["Tool JSON repair"]

Loading

File Changes

1. bright_vision_core/litellm_ollama_patch.py 🐞 Bug fix +1/-1

Fix parse_tool_arguments import path

• Changed import path for parse_tool_arguments from cecli.tools.utils.helpers to
 cecli.helpers.responses
• Fixes tool argument parsing to use correct cecli module location

bright_vision_core/litellm_ollama_patch.py

---

2. cecli Dependencies +1/-1

Pin cecli submodule for Grep hardening

• Updated cecli submodule from 6974c2e584af955fa7fbd30d5bb5ee8315d1eff7 to
 383b6fd8b0d105676ba7fd53d8a43dc88ae51505
• Includes Grep format_output hardening for malformed searches

cecli

---

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (1) 📘 Rule violations (0) 🔗 Cross-repo conflicts (0)

1. Silent tool-args wipe 🐞 Bug ≡ Correctness

Description

If cecli.helpers.responses.parse_tool_arguments is unavailable at runtime (e.g., cecli submodule
updated but the Python package install is stale), _parse_tool_arguments_loose swallows the import
error and ultimately returns {}, and the LiteLLM patch then overwrites function.arguments with
an empty JSON object. This can cause tools to execute with empty arguments instead of failing
loudly, masking the underlying cecli/version mismatch.

Code

bright_vision_core/litellm_ollama_patch.py[R21-25]

Evidence

The new import is inside a broad try/except that swallows all errors, and _transform_request
always overwrites function.arguments with json.dumps(...), so import/parse failures become
'{}'. The repo’s dev workflow explicitly supports editable submodule installs, making stale
installs after a submodule bump a realistic scenario.

bright_vision_core/litellm_ollama_patch.py[17-32]
bright_vision_core/litellm_ollama_patch.py[46-75]
activate.sh[71-115]
bright_vision_core/cecli_session_crypto.py[15-41]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`_parse_tool_arguments_loose()` now imports `parse_tool_arguments` from `cecli.helpers.responses` only. When that import fails (commonly due to a stale editable `cecli` install after a submodule bump), the exception is swallowed and the function returns `{}` for malformed/glued JSON, and the LiteLLM patch writes that empty object back into the tool call.

### Issue Context
This patch runs early via `configure_vision_runtime()`, and it mutates `messages` tool-call arguments in-place.

### Fix Focus Areas
- bright_vision_core/litellm_ollama_patch.py[17-32]
- bright_vision_core/litellm_ollama_patch.py[46-75]

### Suggested fix
1. Make the import path resilient (or fail fast with a clear upgrade/reinstall instruction):
  - Try `from cecli.helpers.responses import parse_tool_arguments`.
  - On `ImportError`, fall back to the previous location `from cecli.tools.utils.helpers import parse_tool_arguments` **or** raise an `ImportError` that instructs the user to `pip install -e cecli`.
2. Avoid silently converting unparseable non-empty strings to `{}` without any signal:
  - Either log a warning (once) when both imports fail, or
  - Include the raw text in a safe field (e.g. `{"_raw": text}`) instead of `{}` so downstream can diagnose.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

[qodo-code-review]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: audit

Failed stage: Run actions/checkout@v4 [❌]

Failed test name: ""

Failure summary: The action failed during git submodule update --init --force --depth=1 --recursive while fetching the submodule e2e/fixture-pack (https://github.com/Digital-Defiance/brightvision-e2e-fixtures.git). - Git reported fatal: remote error: upload-pack: not our ref 4938c94d6d99481ebfea283d233427f8f2139904, meaning the superproject points e2e/fixture-pack at commit 4938c94d6d99481ebfea283d233427f8f2139904 but that commit does not exist (or is not reachable) in the submodule remote. - As a result, Git could not check out the referenced submodule commit and exited with code 128.

Relevant error logs: 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 114: [command]/usr/bin/git config --global --add url.https://github.com/.insteadOf org-101948091@github.com: 115: ##[endgroup] 116: ##[group]Fetching submodules 117: [command]/usr/bin/git submodule sync --recursive 118: [command]/usr/bin/git -c protocol.version=2 submodule update --init --force --depth=1 --recursive 119: Submodule 'brightdate-python' (https://github.com/Digital-Defiance/brightdate-python.git) registered for path 'brightdate-python' 120: Submodule 'cecli' (https://github.com/Digital-Defiance/cecli.git) registered for path 'cecli' 121: Submodule 'e2e/fixture-pack' (https://github.com/Digital-Defiance/brightvision-e2e-fixtures.git) registered for path 'e2e/fixture-pack' 122: Cloning into '/home/runner/work/BrightVision/BrightVision/brightdate-python'... 123: Cloning into '/home/runner/work/BrightVision/BrightVision/cecli'... 124: Cloning into '/home/runner/work/BrightVision/BrightVision/e2e/fixture-pack'... 125: Submodule path 'brightdate-python': checked out '70db3ac82c22d433b5fe20fe1d34a8592af38404' 126: From https://github.com/Digital-Defiance/cecli 127: * branch 383b6fd8b0d105676ba7fd53d8a43dc88ae51505 -> FETCH_HEAD 128: Submodule path 'cecli': checked out '383b6fd8b0d105676ba7fd53d8a43dc88ae51505' 129: ##[error]fatal: remote error: upload-pack: not our ref 4938c94d6d99481ebfea283d233427f8f2139904 130: ##[error]fatal: Fetched in submodule path 'e2e/fixture-pack', but it did not contain 4938c94d6d99481ebfea283d233427f8f2139904. Direct fetching of that commit failed. 131: ##[error]The process '/usr/bin/git' failed with exit code 128 132: Post job cleanup.

[typo-app]

AI Code Review 🤖

Files Reviewed: 2
Comments Added: 0
Lines of Code Analyzed: 4
Critical Issues: 0

PR Health: Excellent 🔥

_{Give 👍 or 👎 on each review comment to help us improve.}