Improve openai_ask tool-use behavior

[iangmaia]

What does it do?

Improves openai_ask follow-up behavior after the initial tool-use support:

• Uses max_completion_tokens for Chat Completions requests.
• Adds store: false to opt out of OpenAI request storage.
• Validates function tool definitions before sending them to OpenAI.
• Keeps malformed or unsupported tool calls from invoking local handlers.
• Caps local tool execution without dropping the final allowed model response.
• Avoids logging raw tool arguments, handler exception messages, or backtraces.

Checklist before requesting a review

• Run bundle exec rubocop to test for code style violations and recommendations.
• Add Unit Tests (aka specs/*_spec.rb) if applicable.
• Run bundle exec rspec to run the whole test suite and ensure all your tests pass.
• Make sure you added an entry in the CHANGELOG.md file to describe your changes under the appropriate existing ### subsection of the existing ## Trunk section.
• If applicable, add an entry in the MIGRATION.md file to describe how the changes will affect the migration from the previous major version and what the clients will need to change and consider.

[Copilot]

Pull request overview

This PR tightens and hardens openai_ask’s Chat Completions + tool-use loop behavior, with a focus on safer logging, stricter tool validation, and clearer iteration limiting semantics.

Changes:

• Switch Chat Completions requests to max_completion_tokens and opt out of request storage via store: false.
• Add validation for tool definitions and returned tool-call payloads, preventing malformed/unsupported tool calls from invoking local handlers.
• Adjust the tool-use loop to cap local tool execution rounds while still allowing one final model turn to produce an answer; reduce sensitive data exposure in logs.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File	Description
lib/fastlane/plugin/wpmreleasetoolkit/actions/common/openai_ask_action.rb	Updates request parameters, adds tool/max-iteration validation, hardens tool-call execution and logging, and refines loop termination semantics.
spec/openai_ask_action_spec.rb	Adds/updates specs for new request fields, iteration cap behavior, tool validation, and sensitive logging guarantees.
CHANGELOG.md	Documents the openai_ask tool-use behavior improvements under Trunk bug fixes.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

[mokagio]

It would be good to document where this number comes from. What's its rationale?

I feel the 5 in the max tool iterations is much easier to accept at face value than 2048 tokens.

[iangmaia]

Addressed in 1e9c94c by documenting that DEFAULT_MAX_COMPLETION_TOKENS preserves the previous max_tokens ceiling while moving to the current API field.

[mokagio]

Thanks! Also, only later in the review I realized that this was a previously introduced magic number, I should have acknowledge that in the comment.

[mokagio]

Nitpick: What do you think of an empty line to visually separate the validation from the execution?

Suggested change

	validate_tools!(tools)
	validate_tools!(tools)

[iangmaia]

Applied in 1e9c94c.

[mokagio]

I wonder if returning nil would be clearer here.

[iangmaia]

Agreed. Changed tool_type to return nil for missing/non-hash definitions in 1e9c94c.

[mokagio]

Is this a bug fix then? All of the entries seem improvements to me. Should this be an internal changes or new feature entry?

[iangmaia]

I think it's both 😅 omitting sensitive tool diagnostics from logs and not running additional tool calls after max_tool_iterations are actually bug fixes. But indeed other points are improvements.

[iangmaia]

Updated to split in 1e9c94c.