Conversation
…sts (#1350) Busy-wait loops with no timeout could hang forever. Use threading.Event for efficient blocking with 1s timeouts that fail clearly on expiry.
* added twist base protocol spec * created mock twist base adapter * added twistbase ConnectedHardware type * updated coordinator to support twist messages * added flowbase adapter * added blueprint and test script for testing * mypy test fixes * fix validates the adapter/hardware-type pairing upfront with a clear error * fixed redundant blueprint assignments * fixed mypy type ignore flags * added thread locks to velocity read write for flowbase adapter * fix mypy errors: portal import-untyped and adapter property override * added echo cmd vel script back for testing will be deprecated * removed echo_cmd_vel test script
…ntegration (#1351) Move adding_a_custom_arm.md from docs/development/ to docs/capabilities/manipulation/ where it belongs. Remove the outdated depth_camera_integration.md and fix resulting broken links.
* Moving towards deprecating `Agent`. It has been efectivelly split between `McpClient` and `McpServer`. * McpServer exposes all the `@skill` functions as MCP tools. * McpClient starts a langchain agent which coordinates calling tools from McpServer. * McpClient is not strictly necessary. You can register the MCP server in claude code and make it call tools. * McpClient also listens to `/human_input` so it can be used through the `humancli` like `Agent` can.
* added go2 preflight checklist * typo --------- Co-authored-by: Paul Nechifor <paul@nechifor.net>
- Add docs/platforms/humanoid/g1/index.md with full G1 guide - Update README.md to link G1 to new docs instead of todo.md - Covers: installation, simulation, real robot, agentic control, arm gestures, movement modes, keyboard teleop, all blueprints Closes DIM-576
…1348) * feat(doclinks): validate and resolve .md links, fix broken doc links Add Pattern 3 to doclinks that validates existing .md links in docs: - Resolves relative .md paths to absolute links - Validates absolute .md links exist on disk - Falls back to doc_index search for broken links with disambiguation - Handles index.md files by searching parent dir name - Scores candidates by directory overlap + filename match Delete duplicate docs/usage/transports.md (identical to transports/index.md). Fixes 5 broken links across docs/ (agents/docs/index.md, capabilities/ navigation/readme.md, usage/lcm.md). * refactor
* add missing command * Apply suggestion from @greptile-apps[bot] Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * fix * Update bin/gen-diagrams Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> --------- Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* feat(blueprints): add scratch * feat(blueprints): be able to run modules too * remove scratch
mustafab0
changed the title
|
Too many files changed for review. ( |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| result = await handle_request(body, request.app.state.skills, request.app.state.rpc_calls) | ||
| if result is None: | ||
| return Response(status_code=204) | ||
| return JSONResponse(result) |
Check warning
Code scanning / CodeQL
Information exposure through an exception Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI about 15 hours ago
In general, to fix this kind of issue, keep detailed exception information (messages, stack traces, internal paths, SQL, etc.) in server-side logs only, and return a generic, non-sensitive error message to clients. Ideally, include only high-level context that is safe to expose and, if needed, a correlation ID that lets operators look up the detailed error in logs.
For this specific code, the problematic part is the except block in _handle_tools_call. It both logs the exception (good) and then returns a JSON-RPC result whose text includes the full exception string (bad). We should keep the logging as is, but change the returned message so that it does not interpolate e. Instead, we can use a generic message like "Error running tool '<name>'. Check server logs for details." or even simpler, "Error running tool.". This preserves existing functionality from the client’s perspective (they still get an error and know which tool failed), while avoiding disclosure of internal exception messages.
Concretely:
- In
dimos/agents/mcp/mcp_server.py, in_handle_tools_call, replace:return _jsonrpc_result_text(req_id, f"Error running tool '{name}': {e}")
- With:
return _jsonrpc_result_text(req_id, f"Error running tool '{name}'. Please check server logs for details.")
(or similar wording that excludese).
No new methods or imports are needed: we continue to use logger.exception, _jsonrpc_result_text, and existing utilities.
| @@ -102,7 +102,10 @@ | ||
| result = await asyncio.get_event_loop().run_in_executor(None, lambda: rpc_call(**args)) | ||
| except Exception as e: | ||
| logger.exception("Error running tool", tool_name=name, exc_info=True) | ||
| return _jsonrpc_result_text(req_id, f"Error running tool '{name}': {e}") | ||
| return _jsonrpc_result_text( | ||
| req_id, | ||
| f"Error running tool '{name}'. Please check server logs for details.", | ||
| ) | ||
|
|
||
| if result is None: | ||
| return _jsonrpc_result_text(req_id, "It has started. You will be updated later.") |
5 participants
Problem
ManipulationModuleis a 1600-line monolith mixing core planning infrastructure with pick/place behaviors, GraspGen integration, and perception subscriptions. This makes it impossible to use the planner without pulling in perception and grasp generation dependencies.Additionally,
_BlueprintAtom.createinblueprints.pyfails to resolveIn/Outport annotations for modules usingfrom __future__ import annotationswithTYPE_CHECKINGguards (e.g.RealSenseCamera), silently breaking autoconnect transport wiring.Issue: DIM-451
Solution
Split
ManipulationModuleinto a base class and aPickAndPlaceModulesubclass:ManipulationModule(base): Core planning infrastructure, motion execution, gripper control, state machine. Skills:move_to_pose,move_to_joints,go_home,go_init,get_robot_state,reset.PickAndPlaceModule(ManipulationModule): Adds perception integration (objectsport, obstacle monitor,scan_objects,get_scene_info), GraspGen, and long-horizon skills (pick,place,place_back,pick_and_place,clear_perception_obstacles).PickAndPlaceModuleConfigextendsManipulationModuleConfigwith GraspGen fields. Onlyxarm_perceptionandxarm_perception_agentblueprints switch topick_and_place_module; all other blueprints use the basemanipulation_moduleunchanged.New blueprints:
xarm7_planner_coordinator_agentfor testing base module with an LLM agent.Bug fixes:
move_to_posenow preserves current EE orientation when roll/pitch/yaw are omitted (previously forced identity quaternion).resetchanged from@rpcto@skillso agents can clear faults.clear_perception_obstacleschanged from@rpcto@skillfor agent recovery from COLLISION_AT_START._BlueprintAtom.createnow uses reversed-MRO namespace resolution forget_type_hints, fixing autoconnect transport wiring for all modules withfrom __future__ import annotations.Breaking Changes
None.
ManipulationModuleretains all base skills and RPCs.PickAndPlaceModuleis a drop-in replacement where perception/pick-place is needed. Both are exported fromdimos.manipulation.How to Test
dimos run coordinator-mockthendimos run xarm7-planner-coordinator-agentdimos run coordinator-mockthendimos run xarm-perception-agentcloses DIM-451