fix: use semantic JSON comparison for MCP approval argument matching (#5080)

iamemilio · web-flow · commit c604b90e1e88 · 2026-03-09T12:43:38.000-04:00
## Summary MCP tool approval matching fails intermittently because LLMs may serialize tool call arguments differently between the first turn (where the approval request is created) and the second turn (where the approval is looked up). For example, the first call may include `{"liquid_name":"x","celsius":true}` while the re-invocation omits the defaulted field: `{"liquid_name":"x"}`. The current code compares argument strings with `==`, so these are treated as different tool calls and a new approval request is emitted instead of honoring the one the user already approved. This change parses the JSON before comparing so that semantically identical arguments match regardless of serialization differences. ## Test plan Existing `test_response_mcp_tool_approval` integration test covers this path. Made with [Cursor](https://cursor.com)
diff --git a/src/llama_stack/providers/inline/agents/meta_reference/responses/types.py b/src/llama_stack/providers/inline/agents/meta_reference/responses/types.py
@@ -4,6 +4,7 @@
 # This source code is licensed under the terms described in the LICENSE file in
 # the root directory of this source tree.
 
+import json
 from dataclasses import dataclass
 from typing import cast
 
@@ -34,6 +35,14 @@
 )
 
 
+def _json_equal(a: str, b: str) -> bool:
+    """Compare two JSON strings by value, falling back to string comparison."""
+    try:
+        return json.loads(a) == json.loads(b)
+    except (json.JSONDecodeError, TypeError):
+        return a == b
+
+
 class ToolExecutionResult(BaseModel):
     """Result of streaming tool execution."""
 
@@ -210,7 +219,7 @@ def approval_response(self, tool_name: str, arguments: str) -> OpenAIResponseMCP
 
     def _approval_request(self, tool_name: str, arguments: str) -> OpenAIResponseMCPApprovalRequest | None:
         for request in self.approval_requests:
-            if request.name == tool_name and request.arguments == arguments:
+            if request.name == tool_name and _json_equal(request.arguments, arguments):
                 return request
         return None
 
