From 7904741fbe5b722b1e12aefefbed73f26a8a9768 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 11 Feb 2026 05:44:19 +0000 Subject: [PATCH 1/3] Initial plan From 30d417cb2d0866ac37626abcec892a8a4251f5fd Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 11 Feb 2026 05:54:24 +0000 Subject: [PATCH 2/3] Fix tests after sandbox: false removal - Update firewall_default_enablement_test.go to check for "sandbox.agent: false" instead of "sandbox: false" in error messages - Update workflow_run_validation_test.go to use sandbox.agent: false instead of deprecated sandbox: false - Adjust warning counts to account for sandbox.agent: false warnings Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .../firewall_default_enablement_test.go | 4 +-- pkg/workflow/workflow_run_validation_test.go | 35 +++++++++++-------- 2 files changed, 23 insertions(+), 16 deletions(-) diff --git a/pkg/workflow/firewall_default_enablement_test.go b/pkg/workflow/firewall_default_enablement_test.go index 09094d06711..3ddaf535d5b 100644 --- a/pkg/workflow/firewall_default_enablement_test.go +++ b/pkg/workflow/firewall_default_enablement_test.go @@ -440,7 +440,7 @@ func TestStrictModeFirewallValidation(t *testing.T) { if err == nil { t.Error("Expected error when sandbox.agent is false in strict mode for copilot") } - expectedMsg := "sandbox: false" + expectedMsg := "sandbox.agent: false" if !strings.Contains(err.Error(), expectedMsg) { t.Errorf("Expected error message to contain '%s', got: %v", expectedMsg, err) } @@ -467,7 +467,7 @@ func TestStrictModeFirewallValidation(t *testing.T) { if err == nil { t.Error("Expected error for non-copilot engine with sandbox.agent: false in strict mode") } - expectedMsg := "sandbox: false" + expectedMsg := "sandbox.agent: false" if !strings.Contains(err.Error(), expectedMsg) { t.Errorf("Expected error message to contain '%s', got: %v", expectedMsg, err) } diff --git a/pkg/workflow/workflow_run_validation_test.go b/pkg/workflow/workflow_run_validation_test.go index eabcd9fc5a1..5b46f9d591b 100644 --- a/pkg/workflow/workflow_run_validation_test.go +++ b/pkg/workflow/workflow_run_validation_test.go @@ -36,7 +36,8 @@ on: types: [completed] tools: github: false -sandbox: false +sandbox: + agent: false --- # Workflow Run Without Branches @@ -45,7 +46,7 @@ Test workflow content.`, strictMode: false, expectError: false, expectWarning: true, - warningCount: 2, // 1 for workflow_run without branches + 1 for sandbox: false + warningCount: 2, // 1 for workflow_run without branches + 1 for sandbox.agent: false }, { name: "workflow_run without branches - strict mode - should error", @@ -80,7 +81,8 @@ on: - develop tools: github: false -sandbox: false +sandbox: + agent: false --- # Workflow Run With Branches @@ -89,7 +91,7 @@ Test workflow content.`, strictMode: false, expectError: false, expectWarning: false, - warningCount: 1, // 1 for sandbox: false + warningCount: 1, // 1 for sandbox.agent: false }, { name: "workflow_run with branches - strict mode - should pass", @@ -122,7 +124,8 @@ on: branches: [main] tools: github: false -sandbox: false +sandbox: + agent: false --- # Push Workflow @@ -131,7 +134,7 @@ Test workflow content.`, strictMode: false, expectError: false, expectWarning: false, - warningCount: 1, // 1 for sandbox: false + warningCount: 1, // 1 for sandbox.agent: false }, { name: "mixed triggers with workflow_run without branches - should warn/error", @@ -145,7 +148,8 @@ on: types: [completed] tools: github: false -sandbox: false +sandbox: + agent: false --- # Mixed Triggers @@ -154,7 +158,7 @@ Test workflow content.`, strictMode: false, expectError: false, expectWarning: true, - warningCount: 2, // 1 for workflow_run without branches + 1 for sandbox: false + warningCount: 2, // 1 for workflow_run without branches + 1 for sandbox.agent: false }, { name: "workflow_run with empty branches array - should warn/error", @@ -167,7 +171,8 @@ on: branches: [] tools: github: false -sandbox: false +sandbox: + agent: false --- # Workflow Run With Empty Branches @@ -176,7 +181,7 @@ Test workflow content.`, strictMode: false, expectError: false, expectWarning: false, - warningCount: 1, // 1 for sandbox: false + warningCount: 1, // 1 for sandbox.agent: false }, } @@ -236,14 +241,15 @@ strict: false on: push tools: github: false -sandbox: false +sandbox: + agent: false --- # No On Field Test workflow content.`, filename: "no-on-field.md", expectError: false, - warningCount: 1, // 1 for sandbox: false + warningCount: 1, // 1 for sandbox.agent: false }, { name: "multiple workflow_run configs - first without branches - should warn", @@ -255,14 +261,15 @@ on: types: [completed] tools: github: false -sandbox: false +sandbox: + agent: false --- # Multiple Workflows Test workflow content.`, filename: "multiple-workflows.md", expectError: false, - warningCount: 2, // 1 for workflow_run without branches + 1 for sandbox: false + warningCount: 2, // 1 for workflow_run without branches + 1 for sandbox.agent: false }, } From 86ce194a8bc715437c9ded546b09acd2c5698980 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 11 Feb 2026 06:02:14 +0000 Subject: [PATCH 3/3] Verify test fixes and complete validation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit All originally failing tests now pass: - TestStrictModeFirewallValidation: ✓ - TestWorkflowRunBranchValidation: ✓ - TestWorkflowRunBranchValidationEdgeCases: ✓ Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .../docs/reference/frontmatter-full.md | 25 +++++++++++-------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/docs/src/content/docs/reference/frontmatter-full.md b/docs/src/content/docs/reference/frontmatter-full.md index b3cc8f95571..7a26eb63577 100644 --- a/docs/src/content/docs/reference/frontmatter-full.md +++ b/docs/src/content/docs/reference/frontmatter-full.md @@ -909,21 +909,17 @@ network: # example.com itself) and ecosystem names like 'python', 'node'. # Sandbox configuration for AI engines. Controls agent sandbox (AWF or Sandbox -# Runtime) and MCP gateway. +# Runtime) and MCP gateway. The MCP gateway is always enabled and cannot be +# disabled. # (optional) # This field supports multiple formats (oneOf): -# Option 1: Set to false to completely disable sandbox features (firewall and -# gateway). Warning: This removes important security protections and should only -# be used in controlled environments. Not allowed in strict mode. -sandbox: true - -# Option 2: Legacy string format for sandbox type: 'default' for no sandbox, +# Option 1: Legacy string format for sandbox type: 'default' for no sandbox, # 'sandbox-runtime' or 'srt' for Anthropic Sandbox Runtime, 'awf' for Agent # Workflow Firewall sandbox: "default" -# Option 3: Object format for full sandbox configuration with agent and mcp +# Option 2: Object format for full sandbox configuration with agent and mcp # options sandbox: # Legacy sandbox type field (use agent instead) @@ -931,15 +927,22 @@ sandbox: type: "default" # Agent sandbox type: 'awf' uses AWF (Agent Workflow Firewall), 'srt' uses - # Anthropic Sandbox Runtime. Defaults to 'awf' if not specified. + # Anthropic Sandbox Runtime, or false to disable agent sandbox. Defaults to 'awf' + # if not specified. Note: Disabling the agent sandbox (false) removes firewall + # protection but keeps the MCP gateway enabled. # (optional) # This field supports multiple formats (oneOf): - # Option 1: Sandbox type: 'awf' for Agent Workflow Firewall, 'srt' for Sandbox + # Option 1: Set to false to disable the agent sandbox (firewall). Warning: This + # removes firewall protection but keeps the MCP gateway enabled. Not allowed in + # strict mode. + agent: true + + # Option 2: Sandbox type: 'awf' for Agent Workflow Firewall, 'srt' for Sandbox # Runtime agent: "awf" - # Option 2: Custom sandbox runtime configuration + # Option 3: Custom sandbox runtime configuration agent: # Agent identifier (replaces 'type' field in new format): 'awf' for Agent Workflow # Firewall, 'srt' for Sandbox Runtime