revert: remove allowed-repos config from update_project, keep content-repo support only

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Author: Copilot

actions/setup/js/update_project.cjs

@@ -5,7 +5,7 @@ const { loadAgentOutput } = require("./load_agent_output.cjs");
 const { getErrorMessage } = require("./error_helpers.cjs");
 const { loadTemporaryIdMapFromResolved, resolveIssueNumber, isTemporaryId, normalizeTemporaryId } = require("./temporary_id.cjs");
 const { logStagedPreviewInfo } = require("./staged_preview.cjs");
-const { ERR_API, ERR_CONFIG, ERR_NOT_FOUND, ERR_PARSE, ERR_PERMISSION, ERR_VALIDATION } = require("./error_codes.cjs");
+const { ERR_API, ERR_CONFIG, ERR_NOT_FOUND, ERR_PARSE, ERR_VALIDATION } = require("./error_codes.cjs");
 
 /**
  * Normalize agent output keys for update_project.
@@ -462,10 +462,9 @@ async function fetchAllProjectFields(github, projectId) {
  * @param {any} output - Safe output configuration
  * @param {Map<string, any>} temporaryIdMap - Map of temporary IDs to resolved issue numbers
  * @param {Object} githubClient - GitHub client (Octokit instance) to use for GraphQL queries
- * @param {Set<string>|null} allowedContentRepos - Optional set of allowed repos for content_repo validation. When non-empty, only repos in this set (plus the workflow's host repository from context.repo) are accepted as content_repo values. When null or empty, any repo is accepted.
  * @returns {Promise<void|{temporaryId?: string, draftItemId?: string}>} Returns undefined for most operations, or an object with temporary ID mapping for draft issue creation
  */
-async function updateProject(output, temporaryIdMap = new Map(), githubClient = null, allowedContentRepos = null) {
+async function updateProject(output, temporaryIdMap = new Map(), githubClient = null) {
   output = normalizeUpdateProjectOutput(output);
 
   // Use the provided github client, or fall back to the global github object
@@ -1020,20 +1019,6 @@ async function updateProject(output, temporaryIdMap = new Map(), githubClient =
         const trimmedContentRepo = output.content_repo.trim();
         const parts = trimmedContentRepo.split("/").map(p => p.trim());
         if (parts.length === 2 && parts[0] && parts[1]) {
-          const requestedContentRepo = `${parts[0]}/${parts[1]}`;
-          const defaultRepo = `${owner}/${repo}`;
-          // Validate against allowed_repos when configured
-          if (allowedContentRepos !== null && allowedContentRepos.size > 0) {
-            const isDefaultRepo = requestedContentRepo === defaultRepo;
-            const isAllowed = isDefaultRepo || allowedContentRepos.has(requestedContentRepo);
-            if (!isAllowed) {
-              throw new Error(
-                `${ERR_PERMISSION}: content_repo "${requestedContentRepo}" is not in the allowed-repos list. ` +
-                  `Allowed: ${defaultRepo}${allowedContentRepos.size > 0 ? ", " + Array.from(allowedContentRepos).join(", ") : ""}. ` +
-                  `Configure allowed-repos under safe-outputs.update-project in your workflow frontmatter.`
-              );
-            }
-          }
           contentOwner = parts[0];
           contentRepo = parts[1];
           core.info(`Using content_repo for resolution: ${contentOwner}/${contentRepo}`);
@@ -1246,12 +1231,6 @@ async function main(config = {}, githubClient = null) {
   const configuredViews = Array.isArray(config.views) ? config.views : [];
   const configuredFieldDefinitions = Array.isArray(config.field_definitions) ? config.field_definitions : [];
 
-  // Parse allowed-repos for content_repo validation (cross-repo issue/PR resolution)
-  // When non-empty, only repos in this set (plus the workflow's host repository) are accepted as content_repo values.
-  const rawAllowedRepos = Array.isArray(config.allowed_repos) ? config.allowed_repos : [];
-  const sanitizedAllowedRepos = rawAllowedRepos.map(r => (typeof r === "string" ? r.trim() : "")).filter(r => r);
-  const allowedContentRepos = new Set(sanitizedAllowedRepos);
-
   // Check if we're in staged mode
   const isStaged = process.env.GH_AW_SAFE_OUTPUTS_STAGED === "true";
 
@@ -1261,9 +1240,6 @@ async function main(config = {}, githubClient = null) {
   if (configuredFieldDefinitions.length > 0) {
     core.info(`Found ${configuredFieldDefinitions.length} configured field definition(s) in frontmatter`);
   }
-  if (allowedContentRepos.size > 0) {
-    core.info(`Allowed content repos: ${Array.from(allowedContentRepos).join(", ")}`);
-  }
   core.info(`Max count: ${maxCount}`);
 
   // Track state
@@ -1383,7 +1359,7 @@ async function main(config = {}, githubClient = null) {
           };
 
           try {
-            await updateProject(fieldsOutput, tempIdMap, github, allowedContentRepos);
+            await updateProject(fieldsOutput, tempIdMap, github);
             core.info("✓ Created configured fields");
           } catch (err) {
             // prettier-ignore
@@ -1415,7 +1391,7 @@ async function main(config = {}, githubClient = null) {
       }
 
       // Process the update_project message
-      const updateResult = await updateProject(effectiveMessage, tempIdMap, github, allowedContentRepos);
+      const updateResult = await updateProject(effectiveMessage, tempIdMap, github);
 
       // After processing the first message, create configured views if any
       // Views are created after the first item is processed to ensure the project exists
@@ -1440,7 +1416,7 @@ async function main(config = {}, githubClient = null) {
               },
             };
 
-            await updateProject(viewOutput, tempIdMap, github, allowedContentRepos);
+            await updateProject(viewOutput, tempIdMap, github);
             core.info(`✓ Created view ${i + 1}/${configuredViews.length}: ${viewConfig.name} (${viewConfig.layout})`);
           } catch (err) {
             // prettier-ignore

actions/setup/js/update_project.test.cjs

@@ -2128,111 +2128,3 @@ describe("update_project temporary project ID resolution", () => {
     expect(mockCore.info).not.toHaveBeenCalledWith(expect.stringContaining("Resolved temporary project ID"));
   });
 });
-
-describe("update_project allowed_repos for content_repo validation", () => {
-  let messageHandler;
-
-  beforeEach(async () => {
-    vi.clearAllMocks();
-    mockGithub.graphql.mockReset();
-  });
-
-  it("allows content_repo in the allowed list", async () => {
-    messageHandler = await updateProjectHandlerFactory({ allowed_repos: ["otherowner/otherrepo"] }, mockGithub);
-    const projectUrl = "https://github.com/orgs/testowner/projects/60";
-
-    queueResponses([repoResponse(), viewerResponse(), orgProjectV2Response(projectUrl, 60, "project-allowed"), issueResponse("allowed-issue-id"), emptyItemsResponse(), { addProjectV2ItemById: { item: { id: "allowed-item" } } }]);
-
-    const result = await messageHandler(
-      {
-        type: "update_project",
-        project: projectUrl,
-        content_type: "issue",
-        content_number: 42,
-        content_repo: "otherowner/otherrepo",
-      },
-      {},
-      new Map()
-    );
-
-    expect(result.success).toBe(true);
-    const contentQuery = mockGithub.graphql.mock.calls.find(([query, vars]) => query.includes("issue(number:") && vars?.owner === "otherowner");
-    expect(contentQuery).toBeDefined();
-    expect(contentQuery[1]).toMatchObject({ owner: "otherowner", repo: "otherrepo", number: 42 });
-  });
-
-  it("rejects content_repo not in the allowed list", async () => {
-    messageHandler = await updateProjectHandlerFactory({ allowed_repos: ["otherowner/otherrepo"] }, mockGithub);
-    const projectUrl = "https://github.com/orgs/testowner/projects/60";
-
-    queueResponses([repoResponse(), viewerResponse(), orgProjectV2Response(projectUrl, 60, "project-rejected")]);
-
-    const result = await messageHandler(
-      {
-        type: "update_project",
-        project: projectUrl,
-        content_type: "issue",
-        content_number: 42,
-        content_repo: "evilorg/evilrepo",
-      },
-      {},
-      new Map()
-    );
-
-    expect(result.success).toBe(false);
-    expect(result.error).toContain("evilorg/evilrepo");
-    expect(result.error).toContain("not in the allowed-repos list");
-  });
-
-  it("always allows context.repo as content_repo even when allowed_repos is configured", async () => {
-    messageHandler = await updateProjectHandlerFactory({ allowed_repos: ["someorg/other"] }, mockGithub);
-    const projectUrl = "https://github.com/orgs/testowner/projects/60";
-
-    queueResponses([repoResponse(), viewerResponse(), orgProjectV2Response(projectUrl, 60, "project-default"), issueResponse("default-issue-id"), emptyItemsResponse(), { addProjectV2ItemById: { item: { id: "default-item" } } }]);
-
-    // testowner/testrepo is context.repo - should always be allowed
-    const result = await messageHandler(
-      {
-        type: "update_project",
-        project: projectUrl,
-        content_type: "issue",
-        content_number: 7,
-        content_repo: "testowner/testrepo",
-      },
-      {},
-      new Map()
-    );
-
-    expect(result.success).toBe(true);
-    const contentQuery = mockGithub.graphql.mock.calls.find(([query, vars]) => query.includes("issue(number:") && vars?.owner === "testowner");
-    expect(contentQuery).toBeDefined();
-  });
-
-  it("allows any content_repo when allowed_repos is not configured", async () => {
-    messageHandler = await updateProjectHandlerFactory({}, mockGithub);
-    const projectUrl = "https://github.com/orgs/testowner/projects/60";
-
-    queueResponses([repoResponse(), viewerResponse(), orgProjectV2Response(projectUrl, 60, "project-open"), issueResponse("open-issue-id"), emptyItemsResponse(), { addProjectV2ItemById: { item: { id: "open-item" } } }]);
-
-    const result = await messageHandler(
-      {
-        type: "update_project",
-        project: projectUrl,
-        content_type: "issue",
-        content_number: 99,
-        content_repo: "anyorg/anyrepo",
-      },
-      {},
-      new Map()
-    );
-
-    expect(result.success).toBe(true);
-    expect(result.error).toBeUndefined();
-  });
-
-  it("logs allowed content repos at startup when configured", async () => {
-    messageHandler = await updateProjectHandlerFactory({ allowed_repos: ["org/repo1", "org/repo2"] }, mockGithub);
-
-    expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Allowed content repos: org/repo1, org/repo2"));
-  });
-});

pkg/cli/workflows/test-update-project-cross-repo.md

@@ -4691,13 +4691,6 @@
                     },
                     "additionalProperties": false
                   }
-                },
-                "allowed-repos": {
-                  "type": "array",
-                  "description": "Optional list of additional repositories (in 'owner/repo' format) that are allowed as content_repo values for cross-repo issue/PR resolution. When configured, agents may only reference issues or pull requests from these repositories (plus the workflow host repository). Wildcards are supported (e.g., 'myorg/*'). Example: ['github/docs', 'github/github'].",
-                  "items": {
-                    "type": "string"
-                  }
                 }
               },
               "additionalProperties": false,
@@ -4708,11 +4701,6 @@
                 {
                   "github-token": "${{ secrets.PROJECT_GITHUB_TOKEN }}",
                   "max": 15
-                },
-                {
-                  "allowed-repos": ["myorg/docs", "myorg/api"],
-                  "github-token": "${{ secrets.PROJECT_GITHUB_TOKEN }}",
-                  "max": 20
                 }
               ]
             },

pkg/parser/schemas/main_workflow_schema.json

@@ -663,8 +663,7 @@ var handlerRegistry = map[string]handlerBuilder{
 		builder := newHandlerConfigBuilder().
 			AddTemplatableInt("max", c.Max).
 			AddIfNotEmpty("github-token", c.GitHubToken).
-			AddIfNotEmpty("project", c.Project).
-			AddStringSlice("allowed_repos", c.AllowedRepos)
+			AddIfNotEmpty("project", c.Project)
 		if len(c.Views) > 0 {
 			builder.AddDefault("views", c.Views)
 		}

pkg/workflow/compiler_safe_outputs_config.go

@@ -420,91 +420,9 @@ func TestPushToPullRequestBranchCrossRepoInHandlerConfig(t *testing.T) {
 	assert.Contains(t, allowedRepos, "githubnext/gh-aw-side-repo", "allowed_repos should contain the repo")
 }
 
-// TestUpdateProjectAllowedReposConfig verifies that the `allowed-repos` key in the
-// `update-project` frontmatter configuration is correctly parsed and populates the
-// AllowedRepos field on UpdateProjectConfig.
-func TestUpdateProjectAllowedReposConfig(t *testing.T) {
-	compiler := NewCompiler()
-
-	tests := []struct {
-		name          string
-		configMap     map[string]any
-		expectedRepos []string
-	}{
-		{
-			name: "allowed-repos configured",
-			configMap: map[string]any{
-				"update-project": map[string]any{
-					"allowed-repos": []any{"github/docs", "github/github"},
-				},
-			},
-			expectedRepos: []string{"github/docs", "github/github"},
-		},
-		{
-			name: "allowed-repos with single repo",
-			configMap: map[string]any{
-				"update-project": map[string]any{
-					"allowed-repos": []any{"myorg/myrepo"},
-				},
-			},
-			expectedRepos: []string{"myorg/myrepo"},
-		},
-		{
-			name: "no allowed-repos",
-			configMap: map[string]any{
-				"update-project": map[string]any{
-					"max": 5,
-				},
-			},
-			expectedRepos: nil,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			cfg := compiler.parseUpdateProjectConfig(tt.configMap)
-
-			require.NotNil(t, cfg, "config should not be nil")
-			assert.Equal(t, tt.expectedRepos, cfg.AllowedRepos, "AllowedRepos mismatch")
-		})
-	}
-}
-
-// TestUpdateProjectAllowedReposInHandlerConfig verifies the end-to-end flow: that
-// allowed-repos on UpdateProjectConfig is compiled into the GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG
-// environment variable as `allowed_repos`, so the JS runtime receives the configuration.
-func TestUpdateProjectAllowedReposInHandlerConfig(t *testing.T) {
-	compiler := NewCompiler()
-
-	workflowData := &WorkflowData{
-		Name: "Test",
-		SafeOutputs: &SafeOutputsConfig{
-			UpdateProjects: &UpdateProjectConfig{
-				GitHubToken:  "${{ secrets.PROJECT_GITHUB_TOKEN }}",
-				Project:      "https://github.com/orgs/myorg/projects/42",
-				AllowedRepos: []string{"github/docs", "github/github"},
-			},
-		},
-	}
-
-	var steps []string
-	compiler.addHandlerManagerConfigEnvVar(&steps, workflowData)
-
-	require.NotEmpty(t, steps)
-	handlerConfig := extractHandlerConfig(t, strings.Join(steps, ""))
-
-	updateProject, ok := handlerConfig["update_project"]
-	require.True(t, ok, "update_project config should be present")
-
-	assert.Equal(t, "${{ secrets.PROJECT_GITHUB_TOKEN }}", updateProject["github-token"], "github-token should be in handler config")
-	assert.Equal(t, "https://github.com/orgs/myorg/projects/42", updateProject["project"], "project should be in handler config")
-
-	allowedRepos, ok := updateProject["allowed_repos"]
-	require.True(t, ok, "allowed_repos should be present")
-	assert.Contains(t, allowedRepos, "github/docs", "allowed_repos should contain github/docs")
-	assert.Contains(t, allowedRepos, "github/github", "allowed_repos should contain github/github")
-}
-
+// TestHandlerManagerStepPerOutputTokenInHandlerConfig verifies that per-output tokens
+// (e.g., add-comment.github-token) are wired into the handler config JSON (GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG)
+// but NOT used as the step-level with.github-token. The step-level token follows the same
 // precedence as github_token.go: project token > global safe-outputs token > magic secrets.
 func TestHandlerManagerStepPerOutputTokenInHandlerConfig(t *testing.T) {
 	compiler := NewCompiler()