Discovery date: 2026-05-28
Reported by: Codex
Severity: medium
Environment: local workflow execution with parallel endpoint forEach
Scope / affected surface: endpoint stage execution, onStatus.message, execution logging/reporting
Evidence: WorkflowExecutor.ApplyStatusActionOutput assigns stage.Message = statusAction.Message on the shared WorkflowStageDefinition instance.
Summary
onStatus.message mutates the shared stage definition during execution. When an endpoint stage runs through parallel forEach iterations, a branch-specific message from one iteration can overwrite the message observed by another iteration.
Expected behavior
Status-specific messages should be resolved per execution attempt or per iteration without mutating the shared workflow definition.
Current behavior
ApplyStatusActionOutput copies statusAction.Message into stage.Message. Because the same WorkflowStageDefinition instance is shared across iterations, parallel branches can leak messages across iteration boundaries.
Reproduction steps
- Create an endpoint stage with
forEach using the default parallel execution mode.
- Configure
onStatus entries with different message values for different HTTP statuses.
- Return different statuses across iterations.
- Observe that one iteration can overwrite
stage.Message for another iteration because the shared stage definition is mutated during execution.
Environment details
- Runtime: SphereIntegrationHub CLI.
- Workflow shape: endpoint stage with parallel
forEach and branch-specific onStatus.message values.
- Platform: not platform-specific.
Notes
- A likely fix is to carry the effective message as execution-local state instead of writing it back into
WorkflowStageDefinition.
- Add a regression test with parallel
forEach iterations returning different statuses and messages.
Discovery date: 2026-05-28
Reported by: Codex
Severity: medium
Environment: local workflow execution with parallel endpoint
forEachScope / affected surface: endpoint stage execution,
onStatus.message, execution logging/reportingEvidence:
WorkflowExecutor.ApplyStatusActionOutputassignsstage.Message = statusAction.Messageon the sharedWorkflowStageDefinitioninstance.Summary
onStatus.messagemutates the shared stage definition during execution. When an endpoint stage runs through parallelforEachiterations, a branch-specific message from one iteration can overwrite the message observed by another iteration.Expected behavior
Status-specific messages should be resolved per execution attempt or per iteration without mutating the shared workflow definition.
Current behavior
ApplyStatusActionOutputcopiesstatusAction.Messageintostage.Message. Because the sameWorkflowStageDefinitioninstance is shared across iterations, parallel branches can leak messages across iteration boundaries.Reproduction steps
forEachusing the default parallel execution mode.onStatusentries with differentmessagevalues for different HTTP statuses.stage.Messagefor another iteration because the shared stage definition is mutated during execution.Environment details
forEachand branch-specificonStatus.messagevalues.Notes
WorkflowStageDefinition.forEachiterations returning different statuses and messages.