From 0d2a5006e6dbe88b983e488f0484b4d5601c3a9a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 20 Feb 2026 21:42:34 +0000 Subject: [PATCH 1/5] Initial plan From 99619ba7a8475067ffae10471b2c1a8c0a953478 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 20 Feb 2026 21:57:46 +0000 Subject: [PATCH 2/5] feat: provide model to engine as env var when expression syntax is used (#issue) Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- pkg/workflow/claude_engine.go | 17 ++- pkg/workflow/codex_engine.go | 23 +++- pkg/workflow/copilot_engine_execution.go | 18 ++- pkg/workflow/gemini_engine.go | 19 +++- pkg/workflow/model_env_vars_test.go | 136 +++++++++++++++++++++++ 5 files changed, 198 insertions(+), 15 deletions(-) diff --git a/pkg/workflow/claude_engine.go b/pkg/workflow/claude_engine.go index 33f75f7fad7..7d5ce4a282d 100644 --- a/pkg/workflow/claude_engine.go +++ b/pkg/workflow/claude_engine.go @@ -161,7 +161,10 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str // 1. Explicit model in workflow config (highest priority) // 2. GH_AW_MODEL_AGENT_CLAUDE environment variable (set via GitHub Actions variables) modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" - if modelConfigured { + // When model is a GitHub Actions expression (e.g. ${{ inputs.model }}), it must be passed + // via an environment variable to avoid template injection validation failures. + modelIsExpression := modelConfigured && strings.Contains(workflowData.EngineConfig.Model, "${{") + if modelConfigured && !modelIsExpression { claudeLog.Printf("Using custom model: %s", workflowData.EngineConfig.Model) claudeArgs = append(claudeArgs, "--model", workflowData.EngineConfig.Model) } @@ -255,7 +258,7 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str } else { modelEnvVar = constants.EnvVarModelAgentClaude } - if !modelConfigured { + if !modelConfigured || modelIsExpression { claudeCommand = fmt.Sprintf(`%s${%s:+ --model "$%s"}`, claudeCommand, modelEnvVar, modelEnvVar) } @@ -360,7 +363,7 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str env["GH_AW_MAX_TURNS"] = workflowData.EngineConfig.MaxTurns } - // Add model environment variable if model is not explicitly configured + // Add model environment variable if model is not explicitly configured (or is a GitHub Actions expression) // This allows users to configure the default model via GitHub Actions variables // Use different env vars for agent vs detection jobs if !modelConfigured { @@ -371,6 +374,14 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str // For agent execution, use agent-specific env var env[constants.EnvVarModelAgentClaude] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelAgentClaude) } + } else if modelIsExpression { + // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - set it as env var + // so it is not embedded directly in the shell command (which would fail template injection validation) + if isDetectionJob { + env[constants.EnvVarModelDetectionClaude] = workflowData.EngineConfig.Model + } else { + env[constants.EnvVarModelAgentClaude] = workflowData.EngineConfig.Model + } } // Add custom environment variables from engine config diff --git a/pkg/workflow/codex_engine.go b/pkg/workflow/codex_engine.go index 241eb42e18f..391f4ed9bdd 100644 --- a/pkg/workflow/codex_engine.go +++ b/pkg/workflow/codex_engine.go @@ -122,8 +122,11 @@ func (e *CodexEngine) GetDeclaredOutputFiles() []string { // GetExecutionSteps returns the GitHub Actions steps for executing Codex func (e *CodexEngine) GetExecutionSteps(workflowData *WorkflowData, logFile string) []GitHubActionStep { modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" + // When model is a GitHub Actions expression (e.g. ${{ inputs.model }}), it must be passed + // via an environment variable to avoid template injection validation failures. + modelIsExpression := modelConfigured && strings.Contains(workflowData.EngineConfig.Model, "${{") model := "" - if modelConfigured { + if modelConfigured && !modelIsExpression { model = workflowData.EngineConfig.Model } firewallEnabled := isFirewallEnabled(workflowData) @@ -132,10 +135,10 @@ func (e *CodexEngine) GetExecutionSteps(workflowData *WorkflowData, logFile stri var steps []GitHubActionStep - // Build model parameter only if specified in engineConfig + // Build model parameter only if specified in engineConfig (and not an expression) // Otherwise, model can be set via GH_AW_MODEL_AGENT_CODEX or GH_AW_MODEL_DETECTION_CODEX environment variable var modelParam string - if modelConfigured { + if modelConfigured && !modelIsExpression { modelParam = fmt.Sprintf("-c model=%s ", workflowData.EngineConfig.Model) } else { // Check if this is a detection job (has no SafeOutputs config) @@ -271,13 +274,21 @@ mkdir -p "$CODEX_HOME/logs" env["GH_AW_TOOL_TIMEOUT"] = fmt.Sprintf("%d", workflowData.ToolsTimeout) } - // Add model environment variable if model is not explicitly configured + // Add model environment variable if model is not explicitly configured (or is a GitHub Actions expression) // This allows users to configure the default model via GitHub Actions variables // Use different env vars for agent vs detection jobs - if !modelConfigured { + if !modelConfigured || modelIsExpression { // Check if this is a detection job (has no SafeOutputs config) isDetectionJob := workflowData.SafeOutputs == nil - if isDetectionJob { + if modelIsExpression { + // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - set it as env var + // so it is not embedded directly in the shell command (which would fail template injection validation) + if isDetectionJob { + env[constants.EnvVarModelDetectionCodex] = workflowData.EngineConfig.Model + } else { + env[constants.EnvVarModelAgentCodex] = workflowData.EngineConfig.Model + } + } else if isDetectionJob { // For detection, use detection-specific env var (no default fallback for Codex) env[constants.EnvVarModelDetectionCodex] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelDetectionCodex) } else { diff --git a/pkg/workflow/copilot_engine_execution.go b/pkg/workflow/copilot_engine_execution.go index 825ecb262d1..4b26b5ee5ad 100644 --- a/pkg/workflow/copilot_engine_execution.go +++ b/pkg/workflow/copilot_engine_execution.go @@ -74,7 +74,10 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st // 1. Explicit model in workflow config (highest priority) // 2. GH_AW_MODEL_AGENT_COPILOT environment variable (set via GitHub Actions variables) modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" - if modelConfigured { + // When model is a GitHub Actions expression (e.g. ${{ inputs.model }}), it must be passed + // via an environment variable to avoid template injection validation failures. + modelIsExpression := modelConfigured && strings.Contains(workflowData.EngineConfig.Model, "${{") + if modelConfigured && !modelIsExpression { copilotExecLog.Printf("Using custom model: %s", workflowData.EngineConfig.Model) copilotArgs = append(copilotArgs, "--model", workflowData.EngineConfig.Model) } @@ -147,7 +150,7 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st var copilotCommand string // Determine if we need to conditionally add --model flag based on environment variable - needsModelFlag := !modelConfigured + needsModelFlag := !modelConfigured || modelIsExpression // Check if this is a detection job (has no SafeOutputs config) isDetectionJob := workflowData.SafeOutputs == nil var modelEnvVar string @@ -283,7 +286,7 @@ COPILOT_CLI_INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" env["GH_AW_MAX_TURNS"] = workflowData.EngineConfig.MaxTurns } - // Add model environment variable if model is not explicitly configured + // Add model environment variable if model is not explicitly configured (or is a GitHub Actions expression) // This allows users to configure the default model via GitHub Actions variables // Use different env vars for agent vs detection jobs if workflowData.EngineConfig == nil || workflowData.EngineConfig.Model == "" { @@ -296,6 +299,15 @@ COPILOT_CLI_INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" // For agent execution, use agent-specific env var env[constants.EnvVarModelAgentCopilot] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelAgentCopilot) } + } else if modelIsExpression { + // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - set it as env var + // so it is not embedded directly in the shell command (which would fail template injection validation) + isDetectionJob := workflowData.SafeOutputs == nil + if isDetectionJob { + env[constants.EnvVarModelDetectionCopilot] = workflowData.EngineConfig.Model + } else { + env[constants.EnvVarModelAgentCopilot] = workflowData.EngineConfig.Model + } } // Add custom environment variables from engine config diff --git a/pkg/workflow/gemini_engine.go b/pkg/workflow/gemini_engine.go index 8f8f7e52c1e..7e7841d7e96 100644 --- a/pkg/workflow/gemini_engine.go +++ b/pkg/workflow/gemini_engine.go @@ -2,6 +2,7 @@ package workflow import ( "fmt" + "strings" "github.com/github/gh-aw/pkg/constants" "github.com/github/gh-aw/pkg/logger" @@ -167,7 +168,11 @@ func (e *GeminiEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str var geminiArgs []string // Add model if specified - if workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" { + modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" + // When model is a GitHub Actions expression (e.g. ${{ inputs.model }}), it must be passed + // via an environment variable to avoid template injection validation failures. + modelIsExpression := modelConfigured && strings.Contains(workflowData.EngineConfig.Model, "${{") + if modelConfigured && !modelIsExpression { geminiArgs = append(geminiArgs, "--model", workflowData.EngineConfig.Model) } @@ -235,8 +240,7 @@ func (e *GeminiEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str // Add safe outputs env applySafeOutputEnvToMap(env, workflowData) - // Add model env var if not explicitly configured - modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" + // Add model env var if not explicitly configured (or is a GitHub Actions expression) if !modelConfigured { isDetectionJob := workflowData.SafeOutputs == nil if isDetectionJob { @@ -244,6 +248,15 @@ func (e *GeminiEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str } else { env[constants.EnvVarModelAgentGemini] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelAgentGemini) } + } else if modelIsExpression { + // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - set it as env var + // so it is not embedded directly in the shell command (which would fail template injection validation) + isDetectionJob := workflowData.SafeOutputs == nil + if isDetectionJob { + env[constants.EnvVarModelDetectionGemini] = workflowData.EngineConfig.Model + } else { + env[constants.EnvVarModelAgentGemini] = workflowData.EngineConfig.Model + } } // Generate the execution step diff --git a/pkg/workflow/model_env_vars_test.go b/pkg/workflow/model_env_vars_test.go index cbc88576342..543fecfe9ed 100644 --- a/pkg/workflow/model_env_vars_test.go +++ b/pkg/workflow/model_env_vars_test.go @@ -215,3 +215,139 @@ func TestExplicitModelConfigOverridesEnvVar(t *testing.T) { t.Errorf("Explicit model 'gpt-4' not found in command:\n%s", stepsContent) } } + +// TestExpressionModelUsesEnvVar tests that when model is a GitHub Actions expression, +// it is set as an environment variable rather than embedded directly in the shell command. +// This prevents template injection validation failures. +func TestExpressionModelUsesEnvVar(t *testing.T) { + tests := []struct { + name string + engine string + model string + expectedEnvVar string + expectedEnvVal string + }{ + { + name: "Copilot agent with inputs.model expression", + engine: "copilot", + model: "${{ inputs.model }}", + expectedEnvVar: constants.EnvVarModelAgentCopilot, + expectedEnvVal: "${{ inputs.model }}", + }, + { + name: "Copilot agent with vars.model expression", + engine: "copilot", + model: "${{ vars.MY_MODEL }}", + expectedEnvVar: constants.EnvVarModelAgentCopilot, + expectedEnvVal: "${{ vars.MY_MODEL }}", + }, + { + name: "Claude agent with inputs.model expression", + engine: "claude", + model: "${{ inputs.model }}", + expectedEnvVar: constants.EnvVarModelAgentClaude, + expectedEnvVal: "${{ inputs.model }}", + }, + { + name: "Codex agent with inputs.model expression", + engine: "codex", + model: "${{ inputs.model }}", + expectedEnvVar: constants.EnvVarModelAgentCodex, + expectedEnvVal: "${{ inputs.model }}", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + workflowData := &WorkflowData{ + Name: "test-expression-model", + AI: tt.engine, + EngineConfig: &EngineConfig{ + ID: tt.engine, + Model: tt.model, + }, + Tools: map[string]any{ + "bash": []any{"echo"}, + }, + SafeOutputs: &SafeOutputsConfig{}, + } + + engine, err := GetGlobalEngineRegistry().GetEngine(tt.engine) + if err != nil { + t.Fatalf("Failed to get engine: %v", err) + } + + steps := engine.GetExecutionSteps(workflowData, "/tmp/test.log") + + var stepsStr strings.Builder + for _, step := range steps { + for _, line := range step { + stepsStr.WriteString(line) + stepsStr.WriteString("\n") + } + } + stepsContent := stepsStr.String() + + // The expression must NOT appear directly in the shell command run: block + // (it should be in the env: block only) + if strings.Contains(stepsContent, "--model ${{") || strings.Contains(stepsContent, "--model \"${{") { + t.Errorf("Model expression should not be embedded directly in shell command in steps:\n%s", stepsContent) + } + + // The env var must be set to the expression value + expectedEnvLine := tt.expectedEnvVar + ": " + tt.expectedEnvVal + if !strings.Contains(stepsContent, expectedEnvLine) { + t.Errorf("Expected env line '%s' not found in steps:\n%s", expectedEnvLine, stepsContent) + } + + // The command must use the env var conditionally + if !strings.Contains(stepsContent, "${"+tt.expectedEnvVar+":+") { + t.Errorf("Expected conditional env var usage '${%s:+' not found in steps:\n%s", tt.expectedEnvVar, stepsContent) + } + }) + } +} + +// TestExpressionModelDetectionJobUsesEnvVar tests that detection jobs with expression model +// use the detection-specific environment variable. +func TestExpressionModelDetectionJobUsesEnvVar(t *testing.T) { + workflowData := &WorkflowData{ + Name: "test-detection-expression-model", + AI: "copilot", + EngineConfig: &EngineConfig{ + ID: "copilot", + Model: "${{ inputs.model }}", + }, + Tools: map[string]any{ + "bash": []any{"cat", "grep"}, + }, + SafeOutputs: nil, // detection job + } + + engine, err := GetGlobalEngineRegistry().GetEngine("copilot") + if err != nil { + t.Fatalf("Failed to get engine: %v", err) + } + + steps := engine.GetExecutionSteps(workflowData, "/tmp/detection.log") + + var stepsStr strings.Builder + for _, step := range steps { + for _, line := range step { + stepsStr.WriteString(line) + stepsStr.WriteString("\n") + } + } + stepsContent := stepsStr.String() + + // Detection job should use detection-specific env var + expectedEnvLine := constants.EnvVarModelDetectionCopilot + ": ${{ inputs.model }}" + if !strings.Contains(stepsContent, expectedEnvLine) { + t.Errorf("Expected detection env line '%s' not found in steps:\n%s", expectedEnvLine, stepsContent) + } + + // Must not embed expression directly in shell command + if strings.Contains(stepsContent, "--model ${{") { + t.Errorf("Model expression should not be embedded directly in shell command:\n%s", stepsContent) + } +} From 844f23762d1f619dbac8618368175eadcb76016c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 20 Feb 2026 22:13:31 +0000 Subject: [PATCH 3/5] fix: use COPILOT_MODEL native env var for expression-based model in Copilot engine Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- pkg/constants/constants.go | 5 ++ pkg/workflow/copilot_engine_execution.go | 21 +++---- pkg/workflow/model_env_vars_test.go | 71 +++++++++++++----------- 3 files changed, 56 insertions(+), 41 deletions(-) diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go index 8bf181e50a2..4fb6732403c 100644 --- a/pkg/constants/constants.go +++ b/pkg/constants/constants.go @@ -353,6 +353,11 @@ const ( // EnvVarModelDetectionGemini configures the default Gemini model for detection EnvVarModelDetectionGemini = "GH_AW_MODEL_DETECTION_GEMINI" + // CopilotCLIModelEnvVar is the native environment variable name supported by the Copilot CLI + // for selecting the model. Setting this env var is equivalent to passing --model to the CLI. + // Used when the model value is a GitHub Actions expression to avoid template injection. + CopilotCLIModelEnvVar = "COPILOT_MODEL" + // Common environment variable names used across all engines // EnvVarPrompt is the path to the workflow prompt file diff --git a/pkg/workflow/copilot_engine_execution.go b/pkg/workflow/copilot_engine_execution.go index 4b26b5ee5ad..5500ce70c1f 100644 --- a/pkg/workflow/copilot_engine_execution.go +++ b/pkg/workflow/copilot_engine_execution.go @@ -149,8 +149,12 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st // Build the copilot command var copilotCommand string - // Determine if we need to conditionally add --model flag based on environment variable - needsModelFlag := !modelConfigured || modelIsExpression + // Determine if we need to conditionally add --model flag based on the GH_AW_MODEL_* env var. + // - model not configured: use GH_AW_MODEL_AGENT_COPILOT via shell expansion (${VAR:+ --model "$VAR"}) + // - model is a static string: already added to copilotArgs above as --model + // - model is a GitHub Actions expression: set COPILOT_MODEL env var; Copilot CLI reads it + // natively without needing a --model flag in the shell command + needsModelFlag := !modelConfigured && !modelIsExpression // Check if this is a detection job (has no SafeOutputs config) isDetectionJob := workflowData.SafeOutputs == nil var modelEnvVar string @@ -300,14 +304,11 @@ COPILOT_CLI_INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" env[constants.EnvVarModelAgentCopilot] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelAgentCopilot) } } else if modelIsExpression { - // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - set it as env var - // so it is not embedded directly in the shell command (which would fail template injection validation) - isDetectionJob := workflowData.SafeOutputs == nil - if isDetectionJob { - env[constants.EnvVarModelDetectionCopilot] = workflowData.EngineConfig.Model - } else { - env[constants.EnvVarModelAgentCopilot] = workflowData.EngineConfig.Model - } + // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - use the Copilot CLI's + // native COPILOT_MODEL env var so the expression value is resolved by GitHub Actions + // without being embedded in the shell command (which would fail template injection validation) + copilotExecLog.Printf("Model is a GitHub Actions expression, setting %s env var", constants.CopilotCLIModelEnvVar) + env[constants.CopilotCLIModelEnvVar] = workflowData.EngineConfig.Model } // Add custom environment variables from engine config diff --git a/pkg/workflow/model_env_vars_test.go b/pkg/workflow/model_env_vars_test.go index 543fecfe9ed..341c6996b97 100644 --- a/pkg/workflow/model_env_vars_test.go +++ b/pkg/workflow/model_env_vars_test.go @@ -221,39 +221,44 @@ func TestExplicitModelConfigOverridesEnvVar(t *testing.T) { // This prevents template injection validation failures. func TestExpressionModelUsesEnvVar(t *testing.T) { tests := []struct { - name string - engine string - model string - expectedEnvVar string - expectedEnvVal string + name string + engine string + model string + expectedEnvVar string + expectedEnvVal string + expectShellExpansion bool // whether command should use ${VAR:+ --model "$VAR"} }{ { - name: "Copilot agent with inputs.model expression", - engine: "copilot", - model: "${{ inputs.model }}", - expectedEnvVar: constants.EnvVarModelAgentCopilot, - expectedEnvVal: "${{ inputs.model }}", + name: "Copilot agent with inputs.model expression uses native COPILOT_MODEL", + engine: "copilot", + model: "${{ inputs.model }}", + expectedEnvVar: constants.CopilotCLIModelEnvVar, + expectedEnvVal: "${{ inputs.model }}", + expectShellExpansion: false, // Copilot reads COPILOT_MODEL natively, no shell expansion needed }, { - name: "Copilot agent with vars.model expression", - engine: "copilot", - model: "${{ vars.MY_MODEL }}", - expectedEnvVar: constants.EnvVarModelAgentCopilot, - expectedEnvVal: "${{ vars.MY_MODEL }}", + name: "Copilot agent with vars.model expression uses native COPILOT_MODEL", + engine: "copilot", + model: "${{ vars.MY_MODEL }}", + expectedEnvVar: constants.CopilotCLIModelEnvVar, + expectedEnvVal: "${{ vars.MY_MODEL }}", + expectShellExpansion: false, }, { - name: "Claude agent with inputs.model expression", - engine: "claude", - model: "${{ inputs.model }}", - expectedEnvVar: constants.EnvVarModelAgentClaude, - expectedEnvVal: "${{ inputs.model }}", + name: "Claude agent with inputs.model expression", + engine: "claude", + model: "${{ inputs.model }}", + expectedEnvVar: constants.EnvVarModelAgentClaude, + expectedEnvVal: "${{ inputs.model }}", + expectShellExpansion: true, }, { - name: "Codex agent with inputs.model expression", - engine: "codex", - model: "${{ inputs.model }}", - expectedEnvVar: constants.EnvVarModelAgentCodex, - expectedEnvVal: "${{ inputs.model }}", + name: "Codex agent with inputs.model expression", + engine: "codex", + model: "${{ inputs.model }}", + expectedEnvVar: constants.EnvVarModelAgentCodex, + expectedEnvVal: "${{ inputs.model }}", + expectShellExpansion: true, }, } @@ -300,16 +305,20 @@ func TestExpressionModelUsesEnvVar(t *testing.T) { t.Errorf("Expected env line '%s' not found in steps:\n%s", expectedEnvLine, stepsContent) } - // The command must use the env var conditionally - if !strings.Contains(stepsContent, "${"+tt.expectedEnvVar+":+") { + // Check shell expansion expectation + shellExpansionPattern := "${" + tt.expectedEnvVar + ":+" + hasShellExpansion := strings.Contains(stepsContent, shellExpansionPattern) + if tt.expectShellExpansion && !hasShellExpansion { t.Errorf("Expected conditional env var usage '${%s:+' not found in steps:\n%s", tt.expectedEnvVar, stepsContent) + } else if !tt.expectShellExpansion && hasShellExpansion { + t.Errorf("Unexpected conditional env var usage '${%s:+' found in steps (should use native env var):\n%s", tt.expectedEnvVar, stepsContent) } }) } } // TestExpressionModelDetectionJobUsesEnvVar tests that detection jobs with expression model -// use the detection-specific environment variable. +// for Copilot use the native COPILOT_MODEL environment variable. func TestExpressionModelDetectionJobUsesEnvVar(t *testing.T) { workflowData := &WorkflowData{ Name: "test-detection-expression-model", @@ -340,10 +349,10 @@ func TestExpressionModelDetectionJobUsesEnvVar(t *testing.T) { } stepsContent := stepsStr.String() - // Detection job should use detection-specific env var - expectedEnvLine := constants.EnvVarModelDetectionCopilot + ": ${{ inputs.model }}" + // Detection job for Copilot should use COPILOT_MODEL (native CLI env var) + expectedEnvLine := constants.CopilotCLIModelEnvVar + ": ${{ inputs.model }}" if !strings.Contains(stepsContent, expectedEnvLine) { - t.Errorf("Expected detection env line '%s' not found in steps:\n%s", expectedEnvLine, stepsContent) + t.Errorf("Expected env line '%s' not found in steps:\n%s", expectedEnvLine, stepsContent) } // Must not embed expression directly in shell command From 2ab9ffc0585077c9a4bd1fe7ea623b237c8dd9a2 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 20 Feb 2026 22:39:19 +0000 Subject: [PATCH 4/5] feat: add ModelEnvVarProvider interface and use native CLI model env vars for Copilot, Claude, and Gemini Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- pkg/constants/constants.go | 9 ++- pkg/workflow/agentic_engine.go | 18 ++++++ pkg/workflow/claude_engine.go | 69 ++++++++++---------- pkg/workflow/claude_engine_network_test.go | 12 ++-- pkg/workflow/claude_engine_test.go | 9 ++- pkg/workflow/codex_engine.go | 73 +++++++++------------- pkg/workflow/copilot_engine.go | 6 ++ pkg/workflow/copilot_engine_execution.go | 50 ++++++--------- pkg/workflow/engine_config_test.go | 20 ++++-- pkg/workflow/gemini_engine.go | 39 ++++++------ pkg/workflow/gemini_engine_test.go | 4 +- pkg/workflow/model_env_vars_test.go | 53 +++++++++++++--- pkg/workflow/threat_detection_test.go | 15 ++--- 13 files changed, 212 insertions(+), 165 deletions(-) diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go index 4fb6732403c..8a55ba79f32 100644 --- a/pkg/constants/constants.go +++ b/pkg/constants/constants.go @@ -355,9 +355,16 @@ const ( // CopilotCLIModelEnvVar is the native environment variable name supported by the Copilot CLI // for selecting the model. Setting this env var is equivalent to passing --model to the CLI. - // Used when the model value is a GitHub Actions expression to avoid template injection. CopilotCLIModelEnvVar = "COPILOT_MODEL" + // ClaudeCLIModelEnvVar is the native environment variable name supported by the Claude Code CLI + // for selecting the model. Setting this env var is equivalent to passing --model to the CLI. + ClaudeCLIModelEnvVar = "ANTHROPIC_MODEL" + + // GeminiCLIModelEnvVar is the native environment variable name supported by the Gemini CLI + // for selecting the model. Setting this env var is equivalent to passing --model to the CLI. + GeminiCLIModelEnvVar = "GEMINI_MODEL" + // Common environment variable names used across all engines // EnvVarPrompt is the path to the workflow prompt file diff --git a/pkg/workflow/agentic_engine.go b/pkg/workflow/agentic_engine.go index e9d60619707..f47a2800c89 100644 --- a/pkg/workflow/agentic_engine.go +++ b/pkg/workflow/agentic_engine.go @@ -182,6 +182,16 @@ type SecurityProvider interface { GetRequiredSecretNames(workflowData *WorkflowData) []string } +// ModelEnvVarProvider is implemented by engines whose CLIs natively read a specific +// environment variable for model selection (e.g., COPILOT_MODEL, ANTHROPIC_MODEL). +// The default implementation in BaseEngine returns "" (no native env var). +type ModelEnvVarProvider interface { + // GetModelEnvVarName returns the name of the native environment variable the CLI + // uses for model selection (e.g., "COPILOT_MODEL", "ANTHROPIC_MODEL", "GEMINI_MODEL"). + // Returns an empty string if the engine does not support a native model env var. + GetModelEnvVarName() string +} + // CodingAgentEngine is a composite interface that combines all focused interfaces // This maintains backward compatibility with existing code while allowing more flexibility // Implementations can choose to implement only the interfaces they need by embedding BaseEngine @@ -192,6 +202,7 @@ type CodingAgentEngine interface { MCPConfigProvider LogParser SecurityProvider + ModelEnvVarProvider } // BaseEngine provides common functionality for agentic engines @@ -266,6 +277,13 @@ func (e *BaseEngine) GetDefaultDetectionModel() string { return "" } +// GetModelEnvVarName returns empty string by default (no native model env var). +// Engines whose CLI natively supports a model env var (e.g. COPILOT_MODEL, ANTHROPIC_MODEL) +// should override this to return that variable name. +func (e *BaseEngine) GetModelEnvVarName() string { + return "" +} + // GetLogFileForParsing returns the default log file path for parsing // Engines can override this to use engine-specific log files func (e *BaseEngine) GetLogFileForParsing() string { diff --git a/pkg/workflow/claude_engine.go b/pkg/workflow/claude_engine.go index 7d5ce4a282d..844b85e5ea0 100644 --- a/pkg/workflow/claude_engine.go +++ b/pkg/workflow/claude_engine.go @@ -38,6 +38,12 @@ func (e *ClaudeEngine) SupportsLLMGateway() int { return constants.ClaudeLLMGatewayPort } +// GetModelEnvVarName returns the native environment variable name that the Claude Code CLI uses +// for model selection. Setting ANTHROPIC_MODEL is equivalent to passing --model to the CLI. +func (e *ClaudeEngine) GetModelEnvVarName() string { + return constants.ClaudeCLIModelEnvVar +} + // GetRequiredSecretNames returns the list of secrets required by the Claude engine // This includes ANTHROPIC_API_KEY and optionally MCP_GATEWAY_API_KEY func (e *ClaudeEngine) GetRequiredSecretNames(workflowData *WorkflowData) []string { @@ -156,18 +162,11 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str // Disable Chrome integration for security and deterministic execution claudeArgs = append(claudeArgs, "--no-chrome") - // Add model if specified - // Model can be configured via: - // 1. Explicit model in workflow config (highest priority) - // 2. GH_AW_MODEL_AGENT_CLAUDE environment variable (set via GitHub Actions variables) + // Model is always passed via the native ANTHROPIC_MODEL environment variable when configured. + // This avoids embedding the value directly in the shell command (which fails template injection + // validation for GitHub Actions expressions like ${{ inputs.model }}). + // Fallback for unconfigured model uses GH_AW_MODEL_AGENT_CLAUDE with shell expansion. modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" - // When model is a GitHub Actions expression (e.g. ${{ inputs.model }}), it must be passed - // via an environment variable to avoid template injection validation failures. - modelIsExpression := modelConfigured && strings.Contains(workflowData.EngineConfig.Model, "${{") - if modelConfigured && !modelIsExpression { - claudeLog.Printf("Using custom model: %s", workflowData.EngineConfig.Model) - claudeArgs = append(claudeArgs, "--model", workflowData.EngineConfig.Model) - } // Add max_turns if specified (in CLI it's max-turns) if workflowData.EngineConfig != nil && workflowData.EngineConfig.MaxTurns != "" { @@ -249,16 +248,18 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str // This handles already-quoted arguments correctly and prevents double-escaping claudeCommand := shellJoinArgs(commandParts) - // Add conditional model flag if not explicitly configured - // Check if this is a detection job (has no SafeOutputs config) - isDetectionJob := workflowData.SafeOutputs == nil - var modelEnvVar string - if isDetectionJob { - modelEnvVar = constants.EnvVarModelDetectionClaude - } else { - modelEnvVar = constants.EnvVarModelAgentClaude - } - if !modelConfigured || modelIsExpression { + // When model is not configured, use the GH_AW_MODEL_AGENT_CLAUDE fallback env var + // via shell expansion so users can set a default via GitHub Actions variables. + // When model IS configured, ANTHROPIC_MODEL is set in the env block (see below) and the + // Claude CLI reads it natively - no --model flag in the shell command needed. + if !modelConfigured { + isDetectionJob := workflowData.SafeOutputs == nil + var modelEnvVar string + if isDetectionJob { + modelEnvVar = constants.EnvVarModelDetectionClaude + } else { + modelEnvVar = constants.EnvVarModelAgentClaude + } claudeCommand = fmt.Sprintf(`%s${%s:+ --model "$%s"}`, claudeCommand, modelEnvVar, modelEnvVar) } @@ -363,25 +364,23 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str env["GH_AW_MAX_TURNS"] = workflowData.EngineConfig.MaxTurns } - // Add model environment variable if model is not explicitly configured (or is a GitHub Actions expression) - // This allows users to configure the default model via GitHub Actions variables - // Use different env vars for agent vs detection jobs - if !modelConfigured { + // Set the model environment variable. + // When model is configured, use the native ANTHROPIC_MODEL env var - the Claude CLI reads it + // directly, avoiding the need to embed the value in the shell command (which would fail + // template injection validation for GitHub Actions expressions like ${{ inputs.model }}). + // When model is not configured, fall back to GH_AW_MODEL_AGENT/DETECTION_CLAUDE so users + // can set a default via GitHub Actions variables. + if modelConfigured { + claudeLog.Printf("Setting %s env var for model: %s", constants.ClaudeCLIModelEnvVar, workflowData.EngineConfig.Model) + env[constants.ClaudeCLIModelEnvVar] = workflowData.EngineConfig.Model + } else { + // No model configured - use fallback GitHub variable with shell expansion + isDetectionJob := workflowData.SafeOutputs == nil if isDetectionJob { - // For detection, use detection-specific env var (no default fallback for Claude) env[constants.EnvVarModelDetectionClaude] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelDetectionClaude) } else { - // For agent execution, use agent-specific env var env[constants.EnvVarModelAgentClaude] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelAgentClaude) } - } else if modelIsExpression { - // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - set it as env var - // so it is not embedded directly in the shell command (which would fail template injection validation) - if isDetectionJob { - env[constants.EnvVarModelDetectionClaude] = workflowData.EngineConfig.Model - } else { - env[constants.EnvVarModelAgentClaude] = workflowData.EngineConfig.Model - } } // Add custom environment variables from engine config diff --git a/pkg/workflow/claude_engine_network_test.go b/pkg/workflow/claude_engine_network_test.go index bdc5d5c15d5..0b2b724f09f 100644 --- a/pkg/workflow/claude_engine_network_test.go +++ b/pkg/workflow/claude_engine_network_test.go @@ -71,9 +71,9 @@ func TestClaudeEngineNetworkPermissions(t *testing.T) { t.Error("AWF should not be used without network permissions") } - // Verify model parameter is present - if !strings.Contains(stepYAML, "--model claude-3-5-sonnet-20241022") { - t.Error("Expected model 'claude-3-5-sonnet-20241022' in step YAML") + // Verify model is passed via ANTHROPIC_MODEL env var (not as --model flag) + if !strings.Contains(stepYAML, "ANTHROPIC_MODEL: claude-3-5-sonnet-20241022") { + t.Error("Expected ANTHROPIC_MODEL env var for model 'claude-3-5-sonnet-20241022' in step YAML") } }) @@ -113,9 +113,9 @@ func TestClaudeEngineNetworkPermissions(t *testing.T) { t.Error("--allow-domains should be present with AWF") } - // Verify model parameter is present - if !strings.Contains(stepYAML, "--model claude-3-5-sonnet-20241022") { - t.Error("Expected model 'claude-3-5-sonnet-20241022' in step YAML") + // Verify model is passed via ANTHROPIC_MODEL env var (not as --model flag) + if !strings.Contains(stepYAML, "ANTHROPIC_MODEL: claude-3-5-sonnet-20241022") { + t.Error("Expected ANTHROPIC_MODEL env var for model 'claude-3-5-sonnet-20241022' in step YAML") } }) diff --git a/pkg/workflow/claude_engine_test.go b/pkg/workflow/claude_engine_test.go index 54a4a461ed6..348cc31ccb5 100644 --- a/pkg/workflow/claude_engine_test.go +++ b/pkg/workflow/claude_engine_test.go @@ -276,9 +276,12 @@ func TestClaudeEngineWithVersion(t *testing.T) { t.Errorf("Expected claude command in step content:\n%s", stepContent) } - // Check that model is set in CLI args - if !strings.Contains(stepContent, "--model claude-3-5-sonnet-20241022") { - t.Errorf("Expected model 'claude-3-5-sonnet-20241022' in CLI args:\n%s", stepContent) + // Check that model is set via ANTHROPIC_MODEL env var (not as --model flag) + if !strings.Contains(stepContent, "ANTHROPIC_MODEL: claude-3-5-sonnet-20241022") { + t.Errorf("Expected ANTHROPIC_MODEL env var for model 'claude-3-5-sonnet-20241022' in step content:\n%s", stepContent) + } + if strings.Contains(stepContent, "--model claude-3-5-sonnet-20241022") { + t.Errorf("Model should not be embedded as --model flag in step content:\n%s", stepContent) } } diff --git a/pkg/workflow/codex_engine.go b/pkg/workflow/codex_engine.go index 391f4ed9bdd..34786ecfa83 100644 --- a/pkg/workflow/codex_engine.go +++ b/pkg/workflow/codex_engine.go @@ -50,6 +50,13 @@ func (e *CodexEngine) SupportsLLMGateway() int { return constants.CodexLLMGatewayPort } +// GetModelEnvVarName returns an empty string because the Codex CLI does not support +// selecting the model via a native environment variable. Model selection for Codex +// is done via the -c model=... configuration override in the shell command. +func (e *CodexEngine) GetModelEnvVarName() string { + return "" +} + // GetRequiredSecretNames returns the list of secrets required by the Codex engine // This includes CODEX_API_KEY, OPENAI_API_KEY, and optionally MCP_GATEWAY_API_KEY func (e *CodexEngine) GetRequiredSecretNames(workflowData *WorkflowData) []string { @@ -122,36 +129,23 @@ func (e *CodexEngine) GetDeclaredOutputFiles() []string { // GetExecutionSteps returns the GitHub Actions steps for executing Codex func (e *CodexEngine) GetExecutionSteps(workflowData *WorkflowData, logFile string) []GitHubActionStep { modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" - // When model is a GitHub Actions expression (e.g. ${{ inputs.model }}), it must be passed - // via an environment variable to avoid template injection validation failures. - modelIsExpression := modelConfigured && strings.Contains(workflowData.EngineConfig.Model, "${{") - model := "" - if modelConfigured && !modelIsExpression { - model = workflowData.EngineConfig.Model - } firewallEnabled := isFirewallEnabled(workflowData) - codexEngineLog.Printf("Building Codex execution steps: workflow=%s, model=%s, has_agent_file=%v, firewall=%v", - workflowData.Name, model, workflowData.AgentFile != "", firewallEnabled) + codexEngineLog.Printf("Building Codex execution steps: workflow=%s, modelConfigured=%v, has_agent_file=%v, firewall=%v", + workflowData.Name, modelConfigured, workflowData.AgentFile != "", firewallEnabled) var steps []GitHubActionStep - // Build model parameter only if specified in engineConfig (and not an expression) - // Otherwise, model can be set via GH_AW_MODEL_AGENT_CODEX or GH_AW_MODEL_DETECTION_CODEX environment variable - var modelParam string - if modelConfigured && !modelIsExpression { - modelParam = fmt.Sprintf("-c model=%s ", workflowData.EngineConfig.Model) + // Codex does not support a native model environment variable, so model selection + // always uses GH_AW_MODEL_AGENT_CODEX or GH_AW_MODEL_DETECTION_CODEX with shell expansion. + // This also correctly handles GitHub Actions expressions like ${{ inputs.model }}. + isDetectionJob := workflowData.SafeOutputs == nil + var modelEnvVar string + if isDetectionJob { + modelEnvVar = constants.EnvVarModelDetectionCodex } else { - // Check if this is a detection job (has no SafeOutputs config) - isDetectionJob := workflowData.SafeOutputs == nil - var modelEnvVar string - if isDetectionJob { - modelEnvVar = constants.EnvVarModelDetectionCodex - } else { - modelEnvVar = constants.EnvVarModelAgentCodex - } - // Model will be conditionally added via shell expansion if environment variable is set - modelParam = fmt.Sprintf(`${%s:+-c model="$%s" }`, modelEnvVar, modelEnvVar) + modelEnvVar = constants.EnvVarModelAgentCodex } + modelParam := fmt.Sprintf(`${%s:+-c model="$%s" }`, modelEnvVar, modelEnvVar) // Build search parameter if web-search tool is present webSearchParam := "" @@ -274,27 +268,16 @@ mkdir -p "$CODEX_HOME/logs" env["GH_AW_TOOL_TIMEOUT"] = fmt.Sprintf("%d", workflowData.ToolsTimeout) } - // Add model environment variable if model is not explicitly configured (or is a GitHub Actions expression) - // This allows users to configure the default model via GitHub Actions variables - // Use different env vars for agent vs detection jobs - if !modelConfigured || modelIsExpression { - // Check if this is a detection job (has no SafeOutputs config) - isDetectionJob := workflowData.SafeOutputs == nil - if modelIsExpression { - // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - set it as env var - // so it is not embedded directly in the shell command (which would fail template injection validation) - if isDetectionJob { - env[constants.EnvVarModelDetectionCodex] = workflowData.EngineConfig.Model - } else { - env[constants.EnvVarModelAgentCodex] = workflowData.EngineConfig.Model - } - } else if isDetectionJob { - // For detection, use detection-specific env var (no default fallback for Codex) - env[constants.EnvVarModelDetectionCodex] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelDetectionCodex) - } else { - // For agent execution, use agent-specific env var - env[constants.EnvVarModelAgentCodex] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelAgentCodex) - } + // Set the model environment variable. + // Codex has no native model env var, so model selection always goes through + // GH_AW_MODEL_AGENT_CODEX / GH_AW_MODEL_DETECTION_CODEX with shell expansion. + // When model is configured (static or GitHub Actions expression), set the env var directly. + // When not configured, use the GitHub variable fallback so users can set a default. + if modelConfigured { + codexEngineLog.Printf("Setting %s env var for model: %s", modelEnvVar, workflowData.EngineConfig.Model) + env[modelEnvVar] = workflowData.EngineConfig.Model + } else { + env[modelEnvVar] = fmt.Sprintf("${{ vars.%s || '' }}", modelEnvVar) } // Add custom environment variables from engine config diff --git a/pkg/workflow/copilot_engine.go b/pkg/workflow/copilot_engine.go index d0575c4b9c7..aa6d2a59225 100644 --- a/pkg/workflow/copilot_engine.go +++ b/pkg/workflow/copilot_engine.go @@ -55,6 +55,12 @@ func (e *CopilotEngine) GetDefaultDetectionModel() string { return string(constants.DefaultCopilotDetectionModel) } +// GetModelEnvVarName returns the native environment variable name that the Copilot CLI uses +// for model selection. Setting COPILOT_MODEL is equivalent to passing --model to the CLI. +func (e *CopilotEngine) GetModelEnvVarName() string { + return constants.CopilotCLIModelEnvVar +} + // SupportsLLMGateway returns the LLM gateway port for Copilot engine func (e *CopilotEngine) SupportsLLMGateway() int { return constants.CopilotLLMGatewayPort diff --git a/pkg/workflow/copilot_engine_execution.go b/pkg/workflow/copilot_engine_execution.go index 5500ce70c1f..f2aa36cad9d 100644 --- a/pkg/workflow/copilot_engine_execution.go +++ b/pkg/workflow/copilot_engine_execution.go @@ -69,18 +69,11 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st // Add --disable-builtin-mcps to disable built-in MCP servers copilotArgs = append(copilotArgs, "--disable-builtin-mcps") - // Add model if specified - // Model can be configured via: - // 1. Explicit model in workflow config (highest priority) - // 2. GH_AW_MODEL_AGENT_COPILOT environment variable (set via GitHub Actions variables) + // Model is always passed via the native COPILOT_MODEL environment variable when configured. + // This avoids embedding the value directly in the shell command (which fails template injection + // validation for GitHub Actions expressions like ${{ inputs.model }}). + // Fallback for unconfigured model uses GH_AW_MODEL_AGENT_COPILOT with shell expansion. modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" - // When model is a GitHub Actions expression (e.g. ${{ inputs.model }}), it must be passed - // via an environment variable to avoid template injection validation failures. - modelIsExpression := modelConfigured && strings.Contains(workflowData.EngineConfig.Model, "${{") - if modelConfigured && !modelIsExpression { - copilotExecLog.Printf("Using custom model: %s", workflowData.EngineConfig.Model) - copilotArgs = append(copilotArgs, "--model", workflowData.EngineConfig.Model) - } // Add --agent flag if specified via engine.agent // Note: Agent imports (.github/agents/*.md) still work for importing markdown content, @@ -149,12 +142,11 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st // Build the copilot command var copilotCommand string - // Determine if we need to conditionally add --model flag based on the GH_AW_MODEL_* env var. - // - model not configured: use GH_AW_MODEL_AGENT_COPILOT via shell expansion (${VAR:+ --model "$VAR"}) - // - model is a static string: already added to copilotArgs above as --model - // - model is a GitHub Actions expression: set COPILOT_MODEL env var; Copilot CLI reads it - // natively without needing a --model flag in the shell command - needsModelFlag := !modelConfigured && !modelIsExpression + // When model is not configured, use the GH_AW_MODEL_AGENT_COPILOT fallback env var + // via shell expansion (${VAR:+ --model "$VAR"}) so users can set it as a GitHub variable. + // When model IS configured, COPILOT_MODEL is set in the env block (see below) and the + // Copilot CLI reads it natively - no --model flag in the shell command needed. + needsModelFlag := !modelConfigured // Check if this is a detection job (has no SafeOutputs config) isDetectionJob := workflowData.SafeOutputs == nil var modelEnvVar string @@ -290,25 +282,23 @@ COPILOT_CLI_INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" env["GH_AW_MAX_TURNS"] = workflowData.EngineConfig.MaxTurns } - // Add model environment variable if model is not explicitly configured (or is a GitHub Actions expression) - // This allows users to configure the default model via GitHub Actions variables - // Use different env vars for agent vs detection jobs - if workflowData.EngineConfig == nil || workflowData.EngineConfig.Model == "" { - // Check if this is a detection job (has no SafeOutputs config) + // Set the model environment variable. + // When model is configured, use the native COPILOT_MODEL env var - the Copilot CLI reads it + // directly, avoiding the need to embed the value in the shell command (which would fail + // template injection validation for GitHub Actions expressions like ${{ inputs.model }}). + // When model is not configured, fall back to GH_AW_MODEL_AGENT/DETECTION_COPILOT so users + // can set a default via GitHub Actions variables. + if modelConfigured { + copilotExecLog.Printf("Setting %s env var for model: %s", constants.CopilotCLIModelEnvVar, workflowData.EngineConfig.Model) + env[constants.CopilotCLIModelEnvVar] = workflowData.EngineConfig.Model + } else { + // No model configured - use fallback GitHub variable with shell expansion isDetectionJob := workflowData.SafeOutputs == nil if isDetectionJob { - // For detection, use detection-specific env var (no builtin default, CLI will use its own) env[constants.EnvVarModelDetectionCopilot] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelDetectionCopilot) } else { - // For agent execution, use agent-specific env var env[constants.EnvVarModelAgentCopilot] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelAgentCopilot) } - } else if modelIsExpression { - // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - use the Copilot CLI's - // native COPILOT_MODEL env var so the expression value is resolved by GitHub Actions - // without being embedded in the shell command (which would fail template injection validation) - copilotExecLog.Printf("Model is a GitHub Actions expression, setting %s env var", constants.CopilotCLIModelEnvVar) - env[constants.CopilotCLIModelEnvVar] = workflowData.EngineConfig.Model } // Add custom environment variables from engine config diff --git a/pkg/workflow/engine_config_test.go b/pkg/workflow/engine_config_test.go index baf9e23195a..f99d8850b66 100644 --- a/pkg/workflow/engine_config_test.go +++ b/pkg/workflow/engine_config_test.go @@ -8,6 +8,7 @@ import ( "strings" "testing" + "github.com/github/gh-aw/pkg/constants" "github.com/github/gh-aw/pkg/testutil" ) @@ -421,17 +422,24 @@ func TestEngineConfigurationWithModel(t *testing.T) { switch tt.engine.GetID() { case "claude": if tt.expectedModel != "" { - expectedModelLine := "--model " + tt.expectedModel - if !strings.Contains(stepContent, expectedModelLine) { - t.Errorf("Expected step to contain model %s, got step content:\n%s", tt.expectedModel, stepContent) + // Claude passes model via native ANTHROPIC_MODEL env var + expectedEnvLine := "ANTHROPIC_MODEL: " + tt.expectedModel + if !strings.Contains(stepContent, expectedEnvLine) { + t.Errorf("Expected step to contain env var for model %s, got step content:\n%s", tt.expectedModel, stepContent) + } + // Should NOT embed --model in the shell command + if strings.Contains(stepContent, "--model "+tt.expectedModel) { + t.Errorf("Model should not be embedded as --model flag, got step content:\n%s", stepContent) } } case "codex": if tt.expectedModel != "" { - expectedModelArg := "model=" + tt.expectedModel - if !strings.Contains(stepContent, expectedModelArg) { - t.Errorf("Expected command to contain %s, got step content:\n%s", expectedModelArg, stepContent) + // Codex passes model via GH_AW_MODEL_*_CODEX with shell expansion + // The workflow has no SafeOutputs, so it uses the detection env var + expectedEnvLine := constants.EnvVarModelDetectionCodex + ": " + tt.expectedModel + if !strings.Contains(stepContent, expectedEnvLine) { + t.Errorf("Expected step to contain env var for model %s, got step content:\n%s", tt.expectedModel, stepContent) } } } diff --git a/pkg/workflow/gemini_engine.go b/pkg/workflow/gemini_engine.go index 7e7841d7e96..dd6ab8fc10c 100644 --- a/pkg/workflow/gemini_engine.go +++ b/pkg/workflow/gemini_engine.go @@ -2,7 +2,6 @@ package workflow import ( "fmt" - "strings" "github.com/github/gh-aw/pkg/constants" "github.com/github/gh-aw/pkg/logger" @@ -38,6 +37,12 @@ func (e *GeminiEngine) SupportsLLMGateway() int { return constants.GeminiLLMGatewayPort } +// GetModelEnvVarName returns the native environment variable name that the Gemini CLI uses +// for model selection. Setting GEMINI_MODEL is equivalent to passing --model to the CLI. +func (e *GeminiEngine) GetModelEnvVarName() string { + return constants.GeminiCLIModelEnvVar +} + // GetRequiredSecretNames returns the list of secrets required by the Gemini engine // This includes GEMINI_API_KEY and optionally MCP_GATEWAY_API_KEY func (e *GeminiEngine) GetRequiredSecretNames(workflowData *WorkflowData) []string { @@ -167,14 +172,11 @@ func (e *GeminiEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str // Build gemini CLI arguments based on configuration var geminiArgs []string - // Add model if specified + // Model is always passed via the native GEMINI_MODEL environment variable when configured. + // This avoids embedding the value directly in the shell command (which fails template injection + // validation for GitHub Actions expressions like ${{ inputs.model }}). + // Fallback for unconfigured model uses GH_AW_MODEL_AGENT_GEMINI with shell expansion. modelConfigured := workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" - // When model is a GitHub Actions expression (e.g. ${{ inputs.model }}), it must be passed - // via an environment variable to avoid template injection validation failures. - modelIsExpression := modelConfigured && strings.Contains(workflowData.EngineConfig.Model, "${{") - if modelConfigured && !modelIsExpression { - geminiArgs = append(geminiArgs, "--model", workflowData.EngineConfig.Model) - } // Gemini CLI reads MCP config from .gemini/settings.json (project-level) // The conversion script (convert_gateway_config_gemini.sh) writes settings.json @@ -240,23 +242,22 @@ func (e *GeminiEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str // Add safe outputs env applySafeOutputEnvToMap(env, workflowData) - // Add model env var if not explicitly configured (or is a GitHub Actions expression) - if !modelConfigured { + // Set the model environment variable. + // When model is configured, use the native GEMINI_MODEL env var - the Gemini CLI reads it + // directly, avoiding the need to embed the value in the shell command (which would fail + // template injection validation for GitHub Actions expressions like ${{ inputs.model }}). + // When model is not configured, fall back to GH_AW_MODEL_AGENT/DETECTION_GEMINI so users + // can set a default via GitHub Actions variables. + if modelConfigured { + geminiLog.Printf("Setting %s env var for model: %s", constants.GeminiCLIModelEnvVar, workflowData.EngineConfig.Model) + env[constants.GeminiCLIModelEnvVar] = workflowData.EngineConfig.Model + } else { isDetectionJob := workflowData.SafeOutputs == nil if isDetectionJob { env[constants.EnvVarModelDetectionGemini] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelDetectionGemini) } else { env[constants.EnvVarModelAgentGemini] = fmt.Sprintf("${{ vars.%s || '' }}", constants.EnvVarModelAgentGemini) } - } else if modelIsExpression { - // Model is a GitHub Actions expression (e.g. ${{ inputs.model }}) - set it as env var - // so it is not embedded directly in the shell command (which would fail template injection validation) - isDetectionJob := workflowData.SafeOutputs == nil - if isDetectionJob { - env[constants.EnvVarModelDetectionGemini] = workflowData.EngineConfig.Model - } else { - env[constants.EnvVarModelAgentGemini] = workflowData.EngineConfig.Model - } } // Generate the execution step diff --git a/pkg/workflow/gemini_engine_test.go b/pkg/workflow/gemini_engine_test.go index bd85bf7473c..ad618b691bc 100644 --- a/pkg/workflow/gemini_engine_test.go +++ b/pkg/workflow/gemini_engine_test.go @@ -171,7 +171,9 @@ func TestGeminiEngineExecution(t *testing.T) { stepContent := strings.Join(steps[0], "\n") - assert.Contains(t, stepContent, "--model gemini-1.5-pro", "Should include model flag") + // Model is passed via the native GEMINI_MODEL env var (not as a --model flag) + assert.Contains(t, stepContent, "GEMINI_MODEL: gemini-1.5-pro", "Should set GEMINI_MODEL env var") + assert.NotContains(t, stepContent, "--model gemini-1.5-pro", "Should not embed model in command") }) t.Run("with MCP servers", func(t *testing.T) { diff --git a/pkg/workflow/model_env_vars_test.go b/pkg/workflow/model_env_vars_test.go index 341c6996b97..ba09fdcaca9 100644 --- a/pkg/workflow/model_env_vars_test.go +++ b/pkg/workflow/model_env_vars_test.go @@ -205,14 +205,20 @@ func TestExplicitModelConfigOverridesEnvVar(t *testing.T) { } stepsContent := stepsStr.String() - // When model is explicitly configured, the env var should NOT be present + // When model is explicitly configured, the GH_AW_ fallback env var should NOT be present if strings.Contains(stepsContent, constants.EnvVarModelAgentCopilot+":") { - t.Errorf("Environment variable %s should not be present when model is explicitly configured", constants.EnvVarModelAgentCopilot) + t.Errorf("Fallback env var %s should not be present when model is explicitly configured", constants.EnvVarModelAgentCopilot) } - // The explicit model should be in the command - if !strings.Contains(stepsContent, "--model gpt-4") { - t.Errorf("Explicit model 'gpt-4' not found in command:\n%s", stepsContent) + // The model should be passed via the native COPILOT_MODEL env var (not via --model flag) + expectedEnvLine := constants.CopilotCLIModelEnvVar + ": gpt-4" + if !strings.Contains(stepsContent, expectedEnvLine) { + t.Errorf("Expected native env var line '%s' not found in steps:\n%s", expectedEnvLine, stepsContent) + } + + // The --model flag should NOT appear in the shell command (model is via env var) + if strings.Contains(stepsContent, "--model gpt-4") { + t.Errorf("--model flag should not be in command when model is set via native env var:\n%s", stepsContent) } } @@ -245,12 +251,12 @@ func TestExpressionModelUsesEnvVar(t *testing.T) { expectShellExpansion: false, }, { - name: "Claude agent with inputs.model expression", + name: "Claude agent with inputs.model expression uses native ANTHROPIC_MODEL", engine: "claude", model: "${{ inputs.model }}", - expectedEnvVar: constants.EnvVarModelAgentClaude, + expectedEnvVar: constants.ClaudeCLIModelEnvVar, expectedEnvVal: "${{ inputs.model }}", - expectShellExpansion: true, + expectShellExpansion: false, // Claude reads ANTHROPIC_MODEL natively, no shell expansion needed }, { name: "Codex agent with inputs.model expression", @@ -258,7 +264,7 @@ func TestExpressionModelUsesEnvVar(t *testing.T) { model: "${{ inputs.model }}", expectedEnvVar: constants.EnvVarModelAgentCodex, expectedEnvVal: "${{ inputs.model }}", - expectShellExpansion: true, + expectShellExpansion: true, // Codex has no native model env var, uses shell expansion }, } @@ -360,3 +366,32 @@ func TestExpressionModelDetectionJobUsesEnvVar(t *testing.T) { t.Errorf("Model expression should not be embedded directly in shell command:\n%s", stepsContent) } } + +// TestGetModelEnvVarName tests that engines return the correct native model env var name. +func TestGetModelEnvVarName(t *testing.T) { + tests := []struct { + engine string + expected string + }{ + {"copilot", constants.CopilotCLIModelEnvVar}, // "COPILOT_MODEL" + {"claude", constants.ClaudeCLIModelEnvVar}, // "ANTHROPIC_MODEL" + {"codex", ""}, // no native model env var + {"gemini", constants.GeminiCLIModelEnvVar}, // "GEMINI_MODEL" + } + + for _, tt := range tests { + t.Run(tt.engine, func(t *testing.T) { + eng, err := GetGlobalEngineRegistry().GetEngine(tt.engine) + if err != nil { + t.Fatalf("Failed to get engine %s: %v", tt.engine, err) + } + provider, ok := eng.(ModelEnvVarProvider) + if !ok { + t.Fatalf("Engine %s does not implement ModelEnvVarProvider", tt.engine) + } + if got := provider.GetModelEnvVarName(); got != tt.expected { + t.Errorf("Engine %s: GetModelEnvVarName() = %q, want %q", tt.engine, got, tt.expected) + } + }) + } +} diff --git a/pkg/workflow/threat_detection_test.go b/pkg/workflow/threat_detection_test.go index 58bec6b4f2d..0f0a8c1ef94 100644 --- a/pkg/workflow/threat_detection_test.go +++ b/pkg/workflow/threat_detection_test.go @@ -1029,19 +1029,14 @@ func TestCopilotDetectionDefaultModel(t *testing.T) { allSteps := strings.Join(steps, "") if tt.shouldContainModel { - // Check for --model flag - if !strings.Contains(allSteps, "--model") { - t.Errorf("Expected steps to contain --model flag, but it was not found.\nGenerated steps:\n%s", allSteps) - } - // For detection jobs, check if either: - // 1. The model is explicitly specified in the command (for custom models) - // 2. The environment variable GH_AW_MODEL_DETECTION_COPILOT is used (for default model) - hasExplicitModel := strings.Contains(allSteps, "--model "+tt.expectedModel) + // 1. The model is set via native COPILOT_MODEL env var (for configured models) + // 2. The environment variable GH_AW_MODEL_DETECTION_COPILOT is used (for default/fallback) + hasNativeEnvVar := strings.Contains(allSteps, "COPILOT_MODEL: "+tt.expectedModel) hasEnvVar := strings.Contains(allSteps, "GH_AW_MODEL_DETECTION_COPILOT") - if !hasExplicitModel && !hasEnvVar { - t.Errorf("Expected steps to contain either explicit model %q or GH_AW_MODEL_DETECTION_COPILOT environment variable, but neither was found.\nGenerated steps:\n%s", tt.expectedModel, allSteps) + if !hasNativeEnvVar && !hasEnvVar { + t.Errorf("Expected steps to contain either COPILOT_MODEL: %q or GH_AW_MODEL_DETECTION_COPILOT environment variable, but neither was found.\nGenerated steps:\n%s", tt.expectedModel, allSteps) } } }) From 2a2313cc1c2d5bd66774149f3fddbe556b488e99 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 20 Feb 2026 23:25:15 +0000 Subject: [PATCH 5/5] chore: merge main and recompile workflows Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .../agent-performance-analyzer.lock.yml | 29 ++++++ .../workflows/agent-persona-explorer.lock.yml | 25 +++++ .github/workflows/ai-moderator.lock.yml | 53 ++++++++++ .github/workflows/archie.lock.yml | 29 ++++++ .github/workflows/artifacts-summary.lock.yml | 25 +++++ .github/workflows/audit-workflows.lock.yml | 25 +++++ .github/workflows/auto-triage-issues.lock.yml | 29 ++++++ .github/workflows/blog-auditor.lock.yml | 25 +++++ .github/workflows/bot-detection.lock.yml | 53 ++++++++++ .github/workflows/brave.lock.yml | 29 ++++++ .../breaking-change-checker.lock.yml | 25 +++++ .github/workflows/changeset.lock.yml | 39 +++++++- .../workflows/chroma-issue-indexer.lock.yml | 3 +- .github/workflows/ci-coach.lock.yml | 36 +++++++ .github/workflows/ci-doctor.lock.yml | 63 +++++++++++- .../claude-code-user-docs-review.lock.yml | 25 +++++ .../cli-consistency-checker.lock.yml | 25 +++++ .../workflows/cli-version-checker.lock.yml | 25 +++++ .github/workflows/cloclo.lock.yml | 40 ++++++++ .../workflows/code-scanning-fixer.lock.yml | 40 ++++++++ .github/workflows/code-simplifier.lock.yml | 36 +++++++ .../commit-changes-analyzer.lock.yml | 25 +++++ .github/workflows/contribution-check.lock.yml | 33 +++++++ .../workflows/copilot-agent-analysis.lock.yml | 25 +++++ .../copilot-cli-deep-research.lock.yml | 25 +++++ .../copilot-pr-merged-report.lock.yml | 25 +++++ .../copilot-pr-nlp-analysis.lock.yml | 25 +++++ .../copilot-pr-prompt-analysis.lock.yml | 25 +++++ .../copilot-session-insights.lock.yml | 25 +++++ .github/workflows/craft.lock.yml | 29 ++++++ .../daily-assign-issue-to-user.lock.yml | 33 +++++++ .github/workflows/daily-choice-test.lock.yml | 25 +++++ .../workflows/daily-cli-performance.lock.yml | 29 ++++++ .../workflows/daily-cli-tools-tester.lock.yml | 25 +++++ .github/workflows/daily-code-metrics.lock.yml | 25 +++++ .../workflows/daily-compiler-quality.lock.yml | 25 +++++ .../daily-copilot-token-report.lock.yml | 25 +++++ .github/workflows/daily-doc-updater.lock.yml | 36 +++++++ .github/workflows/daily-fact.lock.yml | 35 ++++++- .github/workflows/daily-file-diet.lock.yml | 25 +++++ .../workflows/daily-firewall-report.lock.yml | 25 +++++ .../workflows/daily-issues-report.lock.yml | 29 ++++++ .../daily-malicious-code-scan.lock.yml | 25 +++++ .../daily-mcp-concurrency-analysis.lock.yml | 29 ++++++ .../daily-multi-device-docs-tester.lock.yml | 25 +++++ .github/workflows/daily-news.lock.yml | 25 +++++ .../daily-observability-report.lock.yml | 29 ++++++ .../daily-performance-summary.lock.yml | 29 ++++++ .github/workflows/daily-regulatory.lock.yml | 29 ++++++ .../workflows/daily-repo-chronicle.lock.yml | 25 +++++ .../daily-safe-output-optimizer.lock.yml | 25 +++++ .../daily-safe-outputs-conformance.lock.yml | 25 +++++ .../workflows/daily-secrets-analysis.lock.yml | 29 ++++++ .../daily-security-red-team.lock.yml | 25 +++++ .github/workflows/daily-semgrep-scan.lock.yml | 25 +++++ .../daily-syntax-error-quality.lock.yml | 25 +++++ .../daily-team-evolution-insights.lock.yml | 25 +++++ .github/workflows/daily-team-status.lock.yml | 25 +++++ .../daily-testify-uber-super-expert.lock.yml | 25 +++++ .../workflows/daily-workflow-updater.lock.yml | 36 +++++++ .github/workflows/deep-report.lock.yml | 25 +++++ .github/workflows/delight.lock.yml | 25 +++++ .github/workflows/dependabot-burner.lock.yml | 25 +++++ .../workflows/dependabot-go-checker.lock.yml | 29 ++++++ .github/workflows/dev-hawk.lock.yml | 29 ++++++ .github/workflows/dev.lock.yml | 25 +++++ .../developer-docs-consolidator.lock.yml | 36 +++++++ .github/workflows/dictation-prompt.lock.yml | 36 +++++++ .../workflows/discussion-task-miner.lock.yml | 29 ++++++ .github/workflows/docs-noob-tester.lock.yml | 25 +++++ .github/workflows/draft-pr-cleanup.lock.yml | 33 +++++++ .../duplicate-code-detector.lock.yml | 25 +++++ .../example-workflow-analyzer.lock.yml | 25 +++++ .github/workflows/firewall-escape.lock.yml | 25 +++++ .../workflows/functional-pragmatist.lock.yml | 36 +++++++ .../github-mcp-structural-analysis.lock.yml | 25 +++++ .../github-mcp-tools-report.lock.yml | 36 +++++++ .../github-remote-mcp-auth-test.lock.yml | 31 +++++- .../workflows/glossary-maintainer.lock.yml | 36 +++++++ .github/workflows/go-fan.lock.yml | 25 +++++ .github/workflows/go-logger.lock.yml | 36 +++++++ .../workflows/go-pattern-detector.lock.yml | 25 +++++ .github/workflows/gpclean.lock.yml | 25 +++++ .github/workflows/grumpy-reviewer.lock.yml | 29 ++++++ .github/workflows/hourly-ci-cleaner.lock.yml | 36 +++++++ .../workflows/instructions-janitor.lock.yml | 36 +++++++ .github/workflows/issue-arborist.lock.yml | 29 ++++++ .github/workflows/issue-monster.lock.yml | 43 +++++++- .github/workflows/issue-triage-agent.lock.yml | 33 +++++++ .github/workflows/jsweep.lock.yml | 36 +++++++ .../workflows/layout-spec-maintainer.lock.yml | 36 +++++++ .github/workflows/lockfile-stats.lock.yml | 25 +++++ .github/workflows/mcp-inspector.lock.yml | 25 +++++ .github/workflows/mergefest.lock.yml | 25 +++++ .../workflows/notion-issue-summary.lock.yml | 25 +++++ .github/workflows/org-health-report.lock.yml | 25 +++++ .github/workflows/pdf-summary.lock.yml | 29 ++++++ .github/workflows/plan.lock.yml | 29 ++++++ .github/workflows/poem-bot.lock.yml | 90 ++++++++++++++++- .github/workflows/portfolio-analyst.lock.yml | 25 +++++ .../workflows/pr-nitpick-reviewer.lock.yml | 29 ++++++ .github/workflows/pr-triage-agent.lock.yml | 33 +++++++ .../prompt-clustering-analysis.lock.yml | 25 +++++ .github/workflows/python-data-charts.lock.yml | 25 +++++ .github/workflows/q.lock.yml | 40 ++++++++ .github/workflows/refiner.lock.yml | 40 ++++++++ .github/workflows/release.lock.yml | 25 +++++ .../workflows/repo-audit-analyzer.lock.yml | 25 +++++ .github/workflows/repo-tree-map.lock.yml | 25 +++++ .../repository-quality-improver.lock.yml | 25 +++++ .github/workflows/research.lock.yml | 25 +++++ .github/workflows/safe-output-health.lock.yml | 25 +++++ .../schema-consistency-checker.lock.yml | 25 +++++ .github/workflows/scout.lock.yml | 29 ++++++ .../workflows/security-compliance.lock.yml | 25 +++++ .github/workflows/security-review.lock.yml | 29 ++++++ .../semantic-function-refactor.lock.yml | 29 ++++++ .github/workflows/sergo.lock.yml | 25 +++++ .../workflows/slide-deck-maintainer.lock.yml | 36 +++++++ .github/workflows/smoke-claude.lock.yml | 52 ++++++++++ .github/workflows/smoke-codex.lock.yml | 99 +++++++++++++++++++ .github/workflows/smoke-copilot.lock.yml | 56 +++++++++++ .github/workflows/smoke-gemini.lock.yml | 39 +++++++- .github/workflows/smoke-project.lock.yml | 63 ++++++++++++ .github/workflows/smoke-temporary-id.lock.yml | 33 +++++++ .github/workflows/smoke-test-tools.lock.yml | 29 ++++++ .../workflows/stale-repo-identifier.lock.yml | 25 +++++ .../workflows/static-analysis-report.lock.yml | 25 +++++ .../workflows/step-name-alignment.lock.yml | 25 +++++ .github/workflows/sub-issue-closer.lock.yml | 57 +++++++++++ .github/workflows/super-linter.lock.yml | 25 +++++ .../workflows/technical-doc-writer.lock.yml | 40 ++++++++ .github/workflows/terminal-stylist.lock.yml | 25 +++++ .../test-create-pr-error-handling.lock.yml | 36 +++++++ .github/workflows/test-dispatcher.lock.yml | 25 +++++ .../test-project-url-default.lock.yml | 25 +++++ .github/workflows/tidy.lock.yml | 36 +++++++ .github/workflows/typist.lock.yml | 25 +++++ .../workflows/ubuntu-image-analyzer.lock.yml | 36 +++++++ .github/workflows/unbloat-docs.lock.yml | 40 ++++++++ .github/workflows/video-analyzer.lock.yml | 25 +++++ .../workflows/weekly-issue-summary.lock.yml | 25 +++++ .../weekly-safe-outputs-spec-review.lock.yml | 36 +++++++ .github/workflows/workflow-generator.lock.yml | 61 ++++++++++++ .../workflow-health-manager.lock.yml | 57 +++++++++++ .../workflows/workflow-normalizer.lock.yml | 25 +++++ .../workflow-skill-extractor.lock.yml | 25 +++++ 147 files changed, 4573 insertions(+), 14 deletions(-) diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml index fc94d98dd48..012e6ed4852 100644 --- a/.github/workflows/agent-performance-analyzer.lock.yml +++ b/.github/workflows/agent-performance-analyzer.lock.yml @@ -677,6 +677,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -739,6 +743,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml index bca6a1d7019..e2f70235a97 100644 --- a/.github/workflows/agent-persona-explorer.lock.yml +++ b/.github/workflows/agent-persona-explorer.lock.yml @@ -599,6 +599,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml index 101bb71dffc..a9eb3ab2c9a 100644 --- a/.github/workflows/ai-moderator.lock.yml +++ b/.github/workflows/ai-moderator.lock.yml @@ -583,6 +583,59 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "hide_comment": { + "defaultMax": 5, + "fields": { + "comment_id": { + "required": true, + "type": "string", + "maxLength": 256 + }, + "reason": { + "type": "string", + "enum": [ + "SPAM", + "ABUSE", + "OFF_TOPIC", + "OUTDATED", + "RESOLVED" + ] + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml index b0c87d46002..b0c9d58365d 100644 --- a/.github/workflows/archie.lock.yml +++ b/.github/workflows/archie.lock.yml @@ -547,6 +547,35 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index b052a3f690b..66835a73cb9 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -528,6 +528,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index 4457dd6142e..f0421205467 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -700,6 +700,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/auto-triage-issues.lock.yml b/.github/workflows/auto-triage-issues.lock.yml index f5f80087696..07775f74b06 100644 --- a/.github/workflows/auto-triage-issues.lock.yml +++ b/.github/workflows/auto-triage-issues.lock.yml @@ -550,6 +550,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -579,6 +583,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml index fead8f15eec..1ca9a249f43 100644 --- a/.github/workflows/blog-auditor.lock.yml +++ b/.github/workflows/blog-auditor.lock.yml @@ -536,6 +536,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/bot-detection.lock.yml b/.github/workflows/bot-detection.lock.yml index 07844b07eb5..d72aeba4415 100644 --- a/.github/workflows/bot-detection.lock.yml +++ b/.github/workflows/bot-detection.lock.yml @@ -627,6 +627,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -662,6 +687,12 @@ jobs: "update_issue": { "defaultMax": 1, "fields": { + "assignees": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 39 + }, "body": { "type": "string", "sanitize": true, @@ -670,6 +701,28 @@ jobs: "issue_number": { "issueOrPRNumber": true }, + "labels": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "milestone": { + "optionalPositiveInteger": true + }, + "operation": { + "type": "string", + "enum": [ + "replace", + "append", + "prepend", + "replace-island" + ] + }, + "repo": { + "type": "string", + "maxLength": 256 + }, "status": { "type": "string", "enum": [ diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index deee5759632..c3ee292f5ee 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -538,6 +538,35 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml index 43e8322aa2c..92a33f373a2 100644 --- a/.github/workflows/breaking-change-checker.lock.yml +++ b/.github/workflows/breaking-change-checker.lock.yml @@ -550,6 +550,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml index a25f664392b..def0de5819c 100644 --- a/.github/workflows/changeset.lock.yml +++ b/.github/workflows/changeset.lock.yml @@ -465,6 +465,10 @@ jobs: "description": "Pull request body content in Markdown. For 'replace', this becomes the entire body. For 'append'/'prepend', this is added with a separator.", "type": "string" }, + "draft": { + "description": "Whether the PR should be a draft (true) or ready for review (false). Use to convert between draft and ready states.", + "type": "boolean" + }, "operation": { "description": "How to update the PR body: 'replace' (default - completely overwrite), 'append' (add to end with separator), or 'prepend' (add to start with separator). Title is always replaced.", "enum": [ @@ -591,6 +595,31 @@ jobs: GH_AW_SAFE_OUTPUTS_TOOLS_EOF cat > /opt/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_EOF' { + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -651,6 +680,9 @@ jobs: "sanitize": true, "maxLength": 65000 }, + "draft": { + "type": "boolean" + }, "operation": { "type": "string", "enum": [ @@ -662,6 +694,10 @@ jobs: "pull_request_number": { "issueOrPRNumber": true }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "type": "string", "sanitize": true, @@ -806,11 +842,12 @@ jobs: set -o pipefail mkdir -p "$CODEX_HOME/logs" sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains '*.jsr.io,172.30.0.1,api.npms.io,api.openai.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,cdn.jsdelivr.net,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,esm.sh,get.pnpm.io,go.dev,golang.org,googleapis.deno.dev,googlechromelabs.github.io,goproxy.io,host.docker.internal,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,openai.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pkg.go.dev,ppa.launchpad.net,proxy.golang.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,storage.googleapis.com,sum.golang.org,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \ - -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" && codex -c model=gpt-5.1-codex-mini exec --dangerously-bypass-approvals-and-sandbox --skip-git-repo-check "$INSTRUCTION"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" && codex ${GH_AW_MODEL_AGENT_CODEX:+-c model="$GH_AW_MODEL_AGENT_CODEX" }exec --dangerously-bypass-approvals-and-sandbox --skip-git-repo-check "$INSTRUCTION"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY || secrets.OPENAI_API_KEY }} CODEX_HOME: /tmp/gh-aw/mcp-config GH_AW_MCP_CONFIG: /tmp/gh-aw/mcp-config/config.toml + GH_AW_MODEL_AGENT_CODEX: gpt-5.1-codex-mini GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} GITHUB_STEP_SUMMARY: ${{ env.GITHUB_STEP_SUMMARY }} diff --git a/.github/workflows/chroma-issue-indexer.lock.yml b/.github/workflows/chroma-issue-indexer.lock.yml index d9fdd4dc642..803397eb64f 100644 --- a/.github/workflows/chroma-issue-indexer.lock.yml +++ b/.github/workflows/chroma-issue-indexer.lock.yml @@ -441,10 +441,11 @@ jobs: run: | set -o pipefail sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \ - -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --model gpt-5.1-codex-mini --allow-all-tools --add-dir /tmp/gh-aw/cache-memory-chroma/ --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory-chroma/ --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5.1-codex-mini GH_AW_MCP_CONFIG: /home/runner/.copilot/mcp-config.json GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GITHUB_HEAD_REF: ${{ github.head_ref }} diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml index a44a7ffa03b..05e41a88b79 100644 --- a/.github/workflows/ci-coach.lock.yml +++ b/.github/workflows/ci-coach.lock.yml @@ -490,6 +490,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -598,12 +602,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -612,6 +623,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index fd1896b9114..cfc30344817 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -667,6 +667,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -703,6 +707,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -738,6 +767,12 @@ jobs: "update_issue": { "defaultMax": 1, "fields": { + "assignees": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 39 + }, "body": { "type": "string", "sanitize": true, @@ -746,6 +781,28 @@ jobs: "issue_number": { "issueOrPRNumber": true }, + "labels": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "milestone": { + "optionalPositiveInteger": true + }, + "operation": { + "type": "string", + "enum": [ + "replace", + "append", + "prepend", + "replace-island" + ] + }, + "repo": { + "type": "string", + "maxLength": 256 + }, "status": { "type": "string", "enum": [ @@ -876,10 +933,11 @@ jobs: run: | set -o pipefail sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \ - -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --model gpt-5.1-codex-mini --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5.1-codex-mini GH_AW_MCP_CONFIG: /home/runner/.copilot/mcp-config.json GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} @@ -1226,10 +1284,11 @@ jobs: mkdir -p /tmp/gh-aw/ mkdir -p /tmp/gh-aw/agent/ mkdir -p /tmp/gh-aw/sandbox/agent/logs/ - copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --model gpt-5.1-codex-mini --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log + copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5.1-codex-mini GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GITHUB_HEAD_REF: ${{ github.head_ref }} GITHUB_REF_NAME: ${{ github.ref_name }} diff --git a/.github/workflows/claude-code-user-docs-review.lock.yml b/.github/workflows/claude-code-user-docs-review.lock.yml index 0865717fd78..bf4c5fae431 100644 --- a/.github/workflows/claude-code-user-docs-review.lock.yml +++ b/.github/workflows/claude-code-user-docs-review.lock.yml @@ -543,6 +543,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index b5cba3dde1a..0bedc071653 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -541,6 +541,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index 475c2b0e2a7..831838c815c 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -577,6 +577,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml index cb5c4e28924..94f3defc3b8 100644 --- a/.github/workflows/cloclo.lock.yml +++ b/.github/workflows/cloclo.lock.yml @@ -609,6 +609,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -713,6 +717,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -731,12 +739,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -745,6 +760,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml index dc582e53e50..75cb8fe7f4f 100644 --- a/.github/workflows/code-scanning-fixer.lock.yml +++ b/.github/workflows/code-scanning-fixer.lock.yml @@ -469,6 +469,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -595,6 +599,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -613,12 +621,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -627,6 +642,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/code-simplifier.lock.yml b/.github/workflows/code-simplifier.lock.yml index af6395c6332..9508365ec81 100644 --- a/.github/workflows/code-simplifier.lock.yml +++ b/.github/workflows/code-simplifier.lock.yml @@ -422,6 +422,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -530,12 +534,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -544,6 +555,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml index 546807d7d0f..cc8fb69d0e8 100644 --- a/.github/workflows/commit-changes-analyzer.lock.yml +++ b/.github/workflows/commit-changes-analyzer.lock.yml @@ -537,6 +537,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/contribution-check.lock.yml b/.github/workflows/contribution-check.lock.yml index 98ca84be929..efec313f5bc 100644 --- a/.github/workflows/contribution-check.lock.yml +++ b/.github/workflows/contribution-check.lock.yml @@ -564,6 +564,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -579,6 +583,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -615,6 +623,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml index e3704a89772..6572f5db638 100644 --- a/.github/workflows/copilot-agent-analysis.lock.yml +++ b/.github/workflows/copilot-agent-analysis.lock.yml @@ -604,6 +604,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/copilot-cli-deep-research.lock.yml b/.github/workflows/copilot-cli-deep-research.lock.yml index a0bd8a9b255..76815c25f56 100644 --- a/.github/workflows/copilot-cli-deep-research.lock.yml +++ b/.github/workflows/copilot-cli-deep-research.lock.yml @@ -569,6 +569,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index 2b89cb39705..6c52f6e0394 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -474,6 +474,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index 75e1483c09c..72da34fdc06 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -657,6 +657,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index ca2255f1743..8025acef31e 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -600,6 +600,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml index e0d7a5b615c..55284ccf4ed 100644 --- a/.github/workflows/copilot-session-insights.lock.yml +++ b/.github/workflows/copilot-session-insights.lock.yml @@ -668,6 +668,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index 1fb473f99e9..ade89943770 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -568,6 +568,35 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml index fa83c2c4466..9895475d05a 100644 --- a/.github/workflows/daily-assign-issue-to-user.lock.yml +++ b/.github/workflows/daily-assign-issue-to-user.lock.yml @@ -531,6 +531,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -549,6 +553,35 @@ jobs: }, "issue_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml index 032791833e1..b9b9a79d693 100644 --- a/.github/workflows/daily-choice-test.lock.yml +++ b/.github/workflows/daily-choice-test.lock.yml @@ -496,6 +496,31 @@ jobs: GH_AW_SAFE_OUTPUTS_TOOLS_EOF cat > /opt/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_EOF' { + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml index 312e0526e5f..6dafc116534 100644 --- a/.github/workflows/daily-cli-performance.lock.yml +++ b/.github/workflows/daily-cli-performance.lock.yml @@ -599,6 +599,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -635,6 +639,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml index 8a96acfc3ca..02fbfbba44c 100644 --- a/.github/workflows/daily-cli-tools-tester.lock.yml +++ b/.github/workflows/daily-cli-tools-tester.lock.yml @@ -596,6 +596,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml index 59a23e8a998..712ca1b288f 100644 --- a/.github/workflows/daily-code-metrics.lock.yml +++ b/.github/workflows/daily-code-metrics.lock.yml @@ -642,6 +642,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml index 383a45104b7..3bdcb960ece 100644 --- a/.github/workflows/daily-compiler-quality.lock.yml +++ b/.github/workflows/daily-compiler-quality.lock.yml @@ -543,6 +543,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml index f18fc6c0c96..5b9b2db96b7 100644 --- a/.github/workflows/daily-copilot-token-report.lock.yml +++ b/.github/workflows/daily-copilot-token-report.lock.yml @@ -668,6 +668,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml index ae714a7b10d..b323d693d35 100644 --- a/.github/workflows/daily-doc-updater.lock.yml +++ b/.github/workflows/daily-doc-updater.lock.yml @@ -433,6 +433,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -541,12 +545,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -555,6 +566,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml index ae2364cfb83..e69fa4d0fb3 100644 --- a/.github/workflows/daily-fact.lock.yml +++ b/.github/workflows/daily-fact.lock.yml @@ -485,6 +485,35 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, @@ -656,11 +685,12 @@ jobs: set -o pipefail mkdir -p "$CODEX_HOME/logs" sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains 172.30.0.1,api.openai.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,openai.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \ - -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" && codex -c model=gpt-5.1-codex-mini exec --dangerously-bypass-approvals-and-sandbox --skip-git-repo-check "$INSTRUCTION"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" && codex ${GH_AW_MODEL_AGENT_CODEX:+-c model="$GH_AW_MODEL_AGENT_CODEX" }exec --dangerously-bypass-approvals-and-sandbox --skip-git-repo-check "$INSTRUCTION"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY || secrets.OPENAI_API_KEY }} CODEX_HOME: /tmp/gh-aw/mcp-config GH_AW_MCP_CONFIG: /tmp/gh-aw/mcp-config/config.toml + GH_AW_MODEL_AGENT_CODEX: gpt-5.1-codex-mini GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} GITHUB_STEP_SUMMARY: ${{ env.GITHUB_STEP_SUMMARY }} @@ -956,11 +986,12 @@ jobs: set -o pipefail INSTRUCTION="$(cat "$GH_AW_PROMPT")" mkdir -p "$CODEX_HOME/logs" - codex -c model=gpt-5.1-codex-mini exec --dangerously-bypass-approvals-and-sandbox --skip-git-repo-check "$INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log + codex ${GH_AW_MODEL_DETECTION_CODEX:+-c model="$GH_AW_MODEL_DETECTION_CODEX" }exec --dangerously-bypass-approvals-and-sandbox --skip-git-repo-check "$INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY || secrets.OPENAI_API_KEY }} CODEX_HOME: /tmp/gh-aw/mcp-config GH_AW_MCP_CONFIG: /tmp/gh-aw/mcp-config/config.toml + GH_AW_MODEL_DETECTION_CODEX: gpt-5.1-codex-mini GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GITHUB_STEP_SUMMARY: ${{ env.GITHUB_STEP_SUMMARY }} OPENAI_API_KEY: ${{ secrets.CODEX_API_KEY || secrets.OPENAI_API_KEY }} diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml index 5eeeb52c6c6..4da603e781c 100644 --- a/.github/workflows/daily-file-diet.lock.yml +++ b/.github/workflows/daily-file-diet.lock.yml @@ -554,6 +554,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index a477ea6a24b..af562c624e2 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -650,6 +650,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml index 8099bd0c375..e0b88d4a43f 100644 --- a/.github/workflows/daily-issues-report.lock.yml +++ b/.github/workflows/daily-issues-report.lock.yml @@ -657,6 +657,10 @@ jobs: "OUTDATED", "ANSWERED" ] + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -686,6 +690,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml index f8319e96fa7..1e9c28162b3 100644 --- a/.github/workflows/daily-malicious-code-scan.lock.yml +++ b/.github/workflows/daily-malicious-code-scan.lock.yml @@ -566,6 +566,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml index c9616af56ba..0f72f5493b5 100644 --- a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml +++ b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml @@ -564,6 +564,10 @@ jobs: "type": "string", "sanitize": true, "maxLength": 65000 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -600,6 +604,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml index e258e5f3ada..4e3aa97158c 100644 --- a/.github/workflows/daily-multi-device-docs-tester.lock.yml +++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml @@ -594,6 +594,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index f8cd9b58b58..51551d5a7c0 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -714,6 +714,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml index aece434f575..f4e36907cea 100644 --- a/.github/workflows/daily-observability-report.lock.yml +++ b/.github/workflows/daily-observability-report.lock.yml @@ -622,6 +622,10 @@ jobs: "OUTDATED", "ANSWERED" ] + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -651,6 +655,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml index 803a9327cb0..24a4003e6b1 100644 --- a/.github/workflows/daily-performance-summary.lock.yml +++ b/.github/workflows/daily-performance-summary.lock.yml @@ -639,6 +639,10 @@ jobs: "OUTDATED", "ANSWERED" ] + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -668,6 +672,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml index 9c0a0580b78..27f31a537fa 100644 --- a/.github/workflows/daily-regulatory.lock.yml +++ b/.github/workflows/daily-regulatory.lock.yml @@ -564,6 +564,10 @@ jobs: "OUTDATED", "ANSWERED" ] + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -593,6 +597,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index 992e5dfb1b6..07bbd72b314 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -598,6 +598,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml index d44d69ec791..170fe1f218e 100644 --- a/.github/workflows/daily-safe-output-optimizer.lock.yml +++ b/.github/workflows/daily-safe-output-optimizer.lock.yml @@ -638,6 +638,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-safe-outputs-conformance.lock.yml b/.github/workflows/daily-safe-outputs-conformance.lock.yml index da3a6063120..4410590cdbb 100644 --- a/.github/workflows/daily-safe-outputs-conformance.lock.yml +++ b/.github/workflows/daily-safe-outputs-conformance.lock.yml @@ -552,6 +552,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml index 3f84dd2cfb1..86b98925333 100644 --- a/.github/workflows/daily-secrets-analysis.lock.yml +++ b/.github/workflows/daily-secrets-analysis.lock.yml @@ -559,6 +559,10 @@ jobs: "OUTDATED", "ANSWERED" ] + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -588,6 +592,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-security-red-team.lock.yml b/.github/workflows/daily-security-red-team.lock.yml index 3003d815fed..1a79038ad18 100644 --- a/.github/workflows/daily-security-red-team.lock.yml +++ b/.github/workflows/daily-security-red-team.lock.yml @@ -556,6 +556,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml index c75f2be620b..d762c064ede 100644 --- a/.github/workflows/daily-semgrep-scan.lock.yml +++ b/.github/workflows/daily-semgrep-scan.lock.yml @@ -566,6 +566,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml index c20911b17a2..2adb46de4c6 100644 --- a/.github/workflows/daily-syntax-error-quality.lock.yml +++ b/.github/workflows/daily-syntax-error-quality.lock.yml @@ -551,6 +551,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml index ed5fb5f730f..b223ea57606 100644 --- a/.github/workflows/daily-team-evolution-insights.lock.yml +++ b/.github/workflows/daily-team-evolution-insights.lock.yml @@ -533,6 +533,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index 6907eecf69b..bc0d6b0a44f 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -555,6 +555,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml index a6bf7c06497..12e6f01705f 100644 --- a/.github/workflows/daily-testify-uber-super-expert.lock.yml +++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml @@ -595,6 +595,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index c2b11aea265..263666c8260 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -410,6 +410,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -518,12 +522,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -532,6 +543,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index cb108442831..1b363b8e59a 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -762,6 +762,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml index 4b79908093b..896fff7601d 100644 --- a/.github/workflows/delight.lock.yml +++ b/.github/workflows/delight.lock.yml @@ -652,6 +652,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/dependabot-burner.lock.yml b/.github/workflows/dependabot-burner.lock.yml index be23f057697..20da24dd557 100644 --- a/.github/workflows/dependabot-burner.lock.yml +++ b/.github/workflows/dependabot-burner.lock.yml @@ -540,6 +540,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index b6ab02307c5..c64e3d80542 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -547,6 +547,10 @@ jobs: }, "issue_number": { "optionalPositiveInteger": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -583,6 +587,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 521a1a741f1..b519cf95952 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -586,6 +586,35 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index 329b97f4ee5..c63e7afd86a 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -538,6 +538,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml index 49006a7483b..67befce9b10 100644 --- a/.github/workflows/developer-docs-consolidator.lock.yml +++ b/.github/workflows/developer-docs-consolidator.lock.yml @@ -472,6 +472,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -606,12 +610,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -620,6 +631,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index 4ae0d51e880..5d997055b3d 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -416,6 +416,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -524,12 +528,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -538,6 +549,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml index 0ae1a253dae..60fd36c913f 100644 --- a/.github/workflows/discussion-task-miner.lock.yml +++ b/.github/workflows/discussion-task-miner.lock.yml @@ -598,6 +598,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -634,6 +638,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index a34503f5577..b81d513771b 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -552,6 +552,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml index 76f236ccc54..de1920a1708 100644 --- a/.github/workflows/draft-pr-cleanup.lock.yml +++ b/.github/workflows/draft-pr-cleanup.lock.yml @@ -551,6 +551,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -566,6 +570,35 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml index 5e305f3a7b2..0be2fd1cd9a 100644 --- a/.github/workflows/duplicate-code-detector.lock.yml +++ b/.github/workflows/duplicate-code-detector.lock.yml @@ -552,6 +552,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index 26ded6e574a..95f4e1f9016 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -584,6 +584,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index 531761aeff3..a1b61a9af70 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -596,6 +596,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/functional-pragmatist.lock.yml b/.github/workflows/functional-pragmatist.lock.yml index 2cf5c389a2c..68b53ba9438 100644 --- a/.github/workflows/functional-pragmatist.lock.yml +++ b/.github/workflows/functional-pragmatist.lock.yml @@ -418,6 +418,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -526,12 +530,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -540,6 +551,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml index fcdfdc3027d..18da0bf5198 100644 --- a/.github/workflows/github-mcp-structural-analysis.lock.yml +++ b/.github/workflows/github-mcp-structural-analysis.lock.yml @@ -602,6 +602,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml index ff439572e61..2b427710ef6 100644 --- a/.github/workflows/github-mcp-tools-report.lock.yml +++ b/.github/workflows/github-mcp-tools-report.lock.yml @@ -473,6 +473,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -607,12 +611,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -621,6 +632,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/github-remote-mcp-auth-test.lock.yml b/.github/workflows/github-remote-mcp-auth-test.lock.yml index c715b73dcf0..a92cd83bdbd 100644 --- a/.github/workflows/github-remote-mcp-auth-test.lock.yml +++ b/.github/workflows/github-remote-mcp-auth-test.lock.yml @@ -523,6 +523,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -679,10 +704,11 @@ jobs: run: | set -o pipefail sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \ - -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --model gpt-5.1-codex-mini --allow-all-tools --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-all-tools --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5.1-codex-mini GH_AW_MCP_CONFIG: /home/runner/.copilot/mcp-config.json GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} @@ -1015,10 +1041,11 @@ jobs: mkdir -p /tmp/gh-aw/ mkdir -p /tmp/gh-aw/agent/ mkdir -p /tmp/gh-aw/sandbox/agent/logs/ - copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --model gpt-5.1-codex-mini --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log + copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5.1-codex-mini GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GITHUB_HEAD_REF: ${{ github.head_ref }} GITHUB_REF_NAME: ${{ github.ref_name }} diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index 7f1359be45e..d8270a15ca0 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -450,6 +450,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -558,12 +562,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -572,6 +583,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml index 6feb40aaa44..cd59712828d 100644 --- a/.github/workflows/go-fan.lock.yml +++ b/.github/workflows/go-fan.lock.yml @@ -549,6 +549,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml index af71eb4aff3..5b8e8092656 100644 --- a/.github/workflows/go-logger.lock.yml +++ b/.github/workflows/go-logger.lock.yml @@ -455,6 +455,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -563,12 +567,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -577,6 +588,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index ae6a5f379cc..ad804bae372 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -559,6 +559,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/gpclean.lock.yml b/.github/workflows/gpclean.lock.yml index 4ddad2f4c07..1fcae0b5ab3 100644 --- a/.github/workflows/gpclean.lock.yml +++ b/.github/workflows/gpclean.lock.yml @@ -563,6 +563,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index d1cd721db7b..fa325f471eb 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -606,6 +606,10 @@ jobs: "required": true, "type": "string" }, + "repo": { + "type": "string", + "maxLength": 256 + }, "side": { "type": "string", "enum": [ @@ -619,6 +623,31 @@ jobs: }, "customValidation": "startLineLessOrEqualLine" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml index 6a76db8a231..58e7aca8cda 100644 --- a/.github/workflows/hourly-ci-cleaner.lock.yml +++ b/.github/workflows/hourly-ci-cleaner.lock.yml @@ -466,6 +466,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -574,12 +578,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -588,6 +599,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml index 83be88c52f1..2b28e841705 100644 --- a/.github/workflows/instructions-janitor.lock.yml +++ b/.github/workflows/instructions-janitor.lock.yml @@ -432,6 +432,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -540,12 +544,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -554,6 +565,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml index bd57d072c5c..484c4aeb17b 100644 --- a/.github/workflows/issue-arborist.lock.yml +++ b/.github/workflows/issue-arborist.lock.yml @@ -656,6 +656,10 @@ jobs: "required": true, "issueNumberOrTemporaryId": true }, + "repo": { + "type": "string", + "maxLength": 256 + }, "sub_issue_number": { "required": true, "issueNumberOrTemporaryId": true @@ -663,6 +667,31 @@ jobs: }, "customValidation": "parentAndSubDifferent" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index 16a603f1361..a063d952f26 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -559,6 +559,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -575,10 +579,43 @@ jobs: }, "pull_number": { "optionalPositiveInteger": true + }, + "pull_request_repo": { + "type": "string", + "maxLength": 256 + }, + "repo": { + "type": "string", + "maxLength": 256 } }, "customValidation": "requiresOneOf:issue_number,pull_number" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -725,10 +762,11 @@ jobs: run: | set -o pipefail sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \ - -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --model gpt-5.1-codex-mini --allow-all-tools --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-all-tools --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5.1-codex-mini GH_AW_MCP_CONFIG: /home/runner/.copilot/mcp-config.json GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} @@ -1062,10 +1100,11 @@ jobs: mkdir -p /tmp/gh-aw/ mkdir -p /tmp/gh-aw/agent/ mkdir -p /tmp/gh-aw/sandbox/agent/logs/ - copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --model gpt-5.1-codex-mini --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log + copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5.1-codex-mini GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GITHUB_HEAD_REF: ${{ github.head_ref }} GITHUB_REF_NAME: ${{ github.ref_name }} diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml index f3081cd0f27..d6879c59f23 100644 --- a/.github/workflows/issue-triage-agent.lock.yml +++ b/.github/workflows/issue-triage-agent.lock.yml @@ -505,6 +505,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -520,6 +524,35 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index 926408abe07..438f206b058 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -439,6 +439,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -547,12 +551,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -561,6 +572,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index d1752c7ba40..b0eceea3bb9 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -418,6 +418,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -526,12 +530,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -540,6 +551,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml index 27216d599df..13da3ff6468 100644 --- a/.github/workflows/lockfile-stats.lock.yml +++ b/.github/workflows/lockfile-stats.lock.yml @@ -547,6 +547,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 4318d7d0ff3..91d068560f7 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -697,6 +697,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index 4ab97ae6575..520abd6f657 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -526,6 +526,31 @@ jobs: GH_AW_SAFE_OUTPUTS_TOOLS_EOF cat > /opt/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_EOF' { + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index 02478912c64..05c8b0a803f 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -491,6 +491,31 @@ jobs: GH_AW_SAFE_OUTPUTS_TOOLS_EOF cat > /opt/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_EOF' { + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index 91d01460e5a..569566b9b82 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -602,6 +602,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index b78b72df174..31f339ab4c1 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -613,6 +613,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -642,6 +646,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index e56f377f44b..d6770f6f529 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -591,6 +591,10 @@ jobs: "OUTDATED", "ANSWERED" ] + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -627,6 +631,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index 95459f11776..9ad5fd9cb93 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -659,6 +659,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -966,6 +970,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -981,6 +989,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -992,6 +1004,10 @@ jobs: "type": "string", "sanitize": true, "maxLength": 65000 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -1069,12 +1085,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -1100,6 +1123,10 @@ jobs: "required": true, "type": "string" }, + "repo": { + "type": "string", + "maxLength": 256 + }, "side": { "type": "string", "enum": [ @@ -1120,6 +1147,10 @@ jobs: "required": true, "issueNumberOrTemporaryId": true }, + "repo": { + "type": "string", + "maxLength": 256 + }, "sub_issue_number": { "required": true, "issueNumberOrTemporaryId": true @@ -1127,6 +1158,31 @@ jobs: }, "customValidation": "parentAndSubDifferent" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -1182,6 +1238,12 @@ jobs: "update_issue": { "defaultMax": 1, "fields": { + "assignees": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 39 + }, "body": { "type": "string", "sanitize": true, @@ -1190,6 +1252,28 @@ jobs: "issue_number": { "issueOrPRNumber": true }, + "labels": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "milestone": { + "optionalPositiveInteger": true + }, + "operation": { + "type": "string", + "enum": [ + "replace", + "append", + "prepend", + "replace-island" + ] + }, + "repo": { + "type": "string", + "maxLength": 256 + }, "status": { "type": "string", "enum": [ @@ -1356,10 +1440,11 @@ jobs: run: | set -o pipefail sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,github.com,host.docker.internal,raw.githubusercontent.com,registry.npmjs.org,telemetry.enterprise.githubcopilot.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \ - -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --model gpt-5 --allow-tool github --allow-tool safeoutputs --allow-tool '\''shell(cat)'\'' --allow-tool '\''shell(date)'\'' --allow-tool '\''shell(echo)'\'' --allow-tool '\''shell(git add:*)'\'' --allow-tool '\''shell(git branch:*)'\'' --allow-tool '\''shell(git checkout:*)'\'' --allow-tool '\''shell(git commit:*)'\'' --allow-tool '\''shell(git merge:*)'\'' --allow-tool '\''shell(git rm:*)'\'' --allow-tool '\''shell(git status)'\'' --allow-tool '\''shell(git switch:*)'\'' --allow-tool '\''shell(git)'\'' --allow-tool '\''shell(grep)'\'' --allow-tool '\''shell(head)'\'' --allow-tool '\''shell(ls)'\'' --allow-tool '\''shell(pwd)'\'' --allow-tool '\''shell(sort)'\'' --allow-tool '\''shell(tail)'\'' --allow-tool '\''shell(uniq)'\'' --allow-tool '\''shell(wc)'\'' --allow-tool '\''shell(yq)'\'' --allow-tool write --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-tool github --allow-tool safeoutputs --allow-tool '\''shell(cat)'\'' --allow-tool '\''shell(date)'\'' --allow-tool '\''shell(echo)'\'' --allow-tool '\''shell(git add:*)'\'' --allow-tool '\''shell(git branch:*)'\'' --allow-tool '\''shell(git checkout:*)'\'' --allow-tool '\''shell(git commit:*)'\'' --allow-tool '\''shell(git merge:*)'\'' --allow-tool '\''shell(git rm:*)'\'' --allow-tool '\''shell(git status)'\'' --allow-tool '\''shell(git switch:*)'\'' --allow-tool '\''shell(git)'\'' --allow-tool '\''shell(grep)'\'' --allow-tool '\''shell(head)'\'' --allow-tool '\''shell(ls)'\'' --allow-tool '\''shell(pwd)'\'' --allow-tool '\''shell(sort)'\'' --allow-tool '\''shell(tail)'\'' --allow-tool '\''shell(uniq)'\'' --allow-tool '\''shell(wc)'\'' --allow-tool '\''shell(yq)'\'' --allow-tool write --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5 GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" GH_AW_ASSETS_BRANCH: "assets/${{ github.workflow }}" GH_AW_ASSETS_MAX_SIZE_KB: 10240 @@ -1732,10 +1817,11 @@ jobs: mkdir -p /tmp/gh-aw/ mkdir -p /tmp/gh-aw/agent/ mkdir -p /tmp/gh-aw/sandbox/agent/logs/ - copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --model gpt-5 --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log + copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION" 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} + COPILOT_MODEL: gpt-5 GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GITHUB_HEAD_REF: ${{ github.head_ref }} GITHUB_REF_NAME: ${{ github.ref_name }} diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml index 04fca7431bc..4305674248d 100644 --- a/.github/workflows/portfolio-analyst.lock.yml +++ b/.github/workflows/portfolio-analyst.lock.yml @@ -661,6 +661,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index 7a4c4ef6adc..2dfafff7322 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -694,6 +694,10 @@ jobs: "required": true, "type": "string" }, + "repo": { + "type": "string", + "maxLength": 256 + }, "side": { "type": "string", "enum": [ @@ -707,6 +711,31 @@ jobs: }, "customValidation": "startLineLessOrEqualLine" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/pr-triage-agent.lock.yml b/.github/workflows/pr-triage-agent.lock.yml index 13c93b88e03..dc9182f7f1f 100644 --- a/.github/workflows/pr-triage-agent.lock.yml +++ b/.github/workflows/pr-triage-agent.lock.yml @@ -609,6 +609,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -624,6 +628,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -660,6 +668,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index 995d15ccc3c..602c223e29b 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -666,6 +666,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index 3c2dd839308..abd8e059543 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -651,6 +651,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index f5992b75d19..1b8eaa87939 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -582,6 +582,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -686,6 +690,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -704,12 +712,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -718,6 +733,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/refiner.lock.yml b/.github/workflows/refiner.lock.yml index 105fd1ab5de..f059087f965 100644 --- a/.github/workflows/refiner.lock.yml +++ b/.github/workflows/refiner.lock.yml @@ -465,6 +465,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -569,6 +573,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -587,12 +595,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -601,6 +616,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index 0b74f1c6411..589cee91f5f 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -524,6 +524,31 @@ jobs: GH_AW_SAFE_OUTPUTS_TOOLS_EOF cat > /opt/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_EOF' { + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/repo-audit-analyzer.lock.yml b/.github/workflows/repo-audit-analyzer.lock.yml index 2880b7e1089..5666c6f5f02 100644 --- a/.github/workflows/repo-audit-analyzer.lock.yml +++ b/.github/workflows/repo-audit-analyzer.lock.yml @@ -557,6 +557,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index bba6d02d3df..b85fb5ed905 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -524,6 +524,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index fd5179b8972..892c55c649a 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -550,6 +550,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index 7510d62e01a..c4dbd579ce7 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -536,6 +536,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index cd3cdb66675..d52ee02e038 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -613,6 +613,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml index 1a683ee84b7..0c28128e67a 100644 --- a/.github/workflows/schema-consistency-checker.lock.yml +++ b/.github/workflows/schema-consistency-checker.lock.yml @@ -547,6 +547,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index 9db9abc6e7b..1e51bf21c48 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -623,6 +623,35 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml index dfac2e48f59..8d818e2e00a 100644 --- a/.github/workflows/security-compliance.lock.yml +++ b/.github/workflows/security-compliance.lock.yml @@ -610,6 +610,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml index 73c7406c245..f01921ea152 100644 --- a/.github/workflows/security-review.lock.yml +++ b/.github/workflows/security-review.lock.yml @@ -663,6 +663,10 @@ jobs: "required": true, "type": "string" }, + "repo": { + "type": "string", + "maxLength": 256 + }, "side": { "type": "string", "enum": [ @@ -676,6 +680,31 @@ jobs: }, "customValidation": "startLineLessOrEqualLine" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml index 26bf7c2c7ec..449ec7be3cd 100644 --- a/.github/workflows/semantic-function-refactor.lock.yml +++ b/.github/workflows/semantic-function-refactor.lock.yml @@ -559,6 +559,10 @@ jobs: }, "issue_number": { "optionalPositiveInteger": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -595,6 +599,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/sergo.lock.yml b/.github/workflows/sergo.lock.yml index 5fd4956e7d9..45617ed37bc 100644 --- a/.github/workflows/sergo.lock.yml +++ b/.github/workflows/sergo.lock.yml @@ -549,6 +549,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index 26fc59a3829..29e0fd42767 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -457,6 +457,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -565,12 +569,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -579,6 +590,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index 31127fd90a4..86f92fe2105 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -1126,6 +1126,10 @@ jobs: "description": "Pull request body content in Markdown. For 'replace', this becomes the entire body. For 'append'/'prepend', this is added with a separator.", "type": "string" }, + "draft": { + "description": "Whether the PR should be a draft (true) or ready for review (false). Use to convert between draft and ready states.", + "type": "boolean" + }, "operation": { "description": "How to update the PR body: 'replace' (default - completely overwrite), 'append' (add to end with separator), or 'prepend' (add to start with separator). Title is always replaced.", "enum": [ @@ -1263,6 +1267,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -1278,6 +1286,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -1287,6 +1299,10 @@ jobs: "pull_request_number": { "issueOrPRNumber": true }, + "repo": { + "type": "string", + "maxLength": 256 + }, "reviewers": { "required": true, "type": "array", @@ -1346,6 +1362,10 @@ jobs: "required": true, "type": "string" }, + "repo": { + "type": "string", + "maxLength": 256 + }, "side": { "type": "string", "enum": [ @@ -1359,6 +1379,31 @@ jobs: }, "customValidation": "startLineLessOrEqualLine" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -1446,6 +1491,9 @@ jobs: "sanitize": true, "maxLength": 65000 }, + "draft": { + "type": "boolean" + }, "operation": { "type": "string", "enum": [ @@ -1457,6 +1505,10 @@ jobs: "pull_request_number": { "issueOrPRNumber": true }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "type": "string", "sanitize": true, diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml index 41991260213..bb466b095bd 100644 --- a/.github/workflows/smoke-codex.lock.yml +++ b/.github/workflows/smoke-codex.lock.yml @@ -743,6 +743,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -758,6 +762,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -794,6 +802,55 @@ jobs: } } }, + "hide_comment": { + "defaultMax": 5, + "fields": { + "comment_id": { + "required": true, + "type": "string", + "maxLength": 256 + }, + "reason": { + "type": "string", + "enum": [ + "SPAM", + "ABUSE", + "OFF_TOPIC", + "OUTDATED", + "RESOLVED" + ] + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -825,6 +882,48 @@ jobs: "maxLength": 65000 } } + }, + "remove_labels": { + "defaultMax": 5, + "fields": { + "item_number": { + "issueOrPRNumber": true + }, + "labels": { + "required": true, + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "unassign_from_user": { + "defaultMax": 1, + "fields": { + "assignee": { + "type": "string", + "sanitize": true, + "maxLength": 39 + }, + "assignees": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 39 + }, + "issue_number": { + "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } } } GH_AW_SAFE_OUTPUTS_VALIDATION_EOF diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index a806c63ae2a..2762b8cee2c 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -886,6 +886,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -901,6 +905,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -980,6 +988,10 @@ jobs: "required": true, "type": "string" }, + "repo": { + "type": "string", + "maxLength": 256 + }, "side": { "type": "string", "enum": [ @@ -993,6 +1005,31 @@ jobs: }, "customValidation": "startLineLessOrEqualLine" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -1025,6 +1062,25 @@ jobs: } } }, + "remove_labels": { + "defaultMax": 5, + "fields": { + "item_number": { + "issueOrPRNumber": true + }, + "labels": { + "required": true, + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, "submit_pull_request_review": { "defaultMax": 1, "fields": { diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml index 89540ec7b56..280f4cc6305 100644 --- a/.github/workflows/smoke-gemini.lock.yml +++ b/.github/workflows/smoke-gemini.lock.yml @@ -622,6 +622,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -637,6 +641,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -673,6 +681,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -928,10 +961,11 @@ jobs: run: | set -o pipefail sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains '*.githubusercontent.com,*.googleapis.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,generativelanguage.googleapis.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,github.githubassets.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com' --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \ - -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && gemini --model gemini-2.0-flash-lite --yolo --output-format stream-json --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && gemini --yolo --output-format stream-json --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: GEMINI_API_BASE_URL: http://host.docker.internal:10003 GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }} + GEMINI_MODEL: gemini-2.0-flash-lite GH_AW_MCP_CONFIG: ${{ github.workspace }}/.gemini/settings.json GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} @@ -1224,9 +1258,10 @@ jobs: id: agentic_execution run: | set -o pipefail - gemini --model gemini-2.0-flash-lite --yolo --output-format stream-json --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" 2>&1 | tee -a /tmp/gh-aw/threat-detection/detection.log + gemini --yolo --output-format stream-json --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" 2>&1 | tee -a /tmp/gh-aw/threat-detection/detection.log env: GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }} + GEMINI_MODEL: gemini-2.0-flash-lite GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GITHUB_WORKSPACE: ${{ github.workspace }} - name: Parse threat detection results diff --git a/.github/workflows/smoke-project.lock.yml b/.github/workflows/smoke-project.lock.yml index ab15ee20320..a0a607f4e74 100644 --- a/.github/workflows/smoke-project.lock.yml +++ b/.github/workflows/smoke-project.lock.yml @@ -531,6 +531,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -860,6 +864,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -875,6 +883,10 @@ jobs: "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -965,12 +977,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -979,6 +998,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -1011,6 +1055,25 @@ jobs: } } }, + "remove_labels": { + "defaultMax": 5, + "fields": { + "item_number": { + "issueOrPRNumber": true + }, + "labels": { + "required": true, + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, "update_project": { "defaultMax": 10, "fields": { diff --git a/.github/workflows/smoke-temporary-id.lock.yml b/.github/workflows/smoke-temporary-id.lock.yml index dcbf25ec8aa..065d72fc19f 100644 --- a/.github/workflows/smoke-temporary-id.lock.yml +++ b/.github/workflows/smoke-temporary-id.lock.yml @@ -608,6 +608,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -651,6 +655,10 @@ jobs: "required": true, "issueNumberOrTemporaryId": true }, + "repo": { + "type": "string", + "maxLength": 256 + }, "sub_issue_number": { "required": true, "issueNumberOrTemporaryId": true @@ -658,6 +666,31 @@ jobs: }, "customValidation": "parentAndSubDifferent" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml index bc060a1b1be..460c5ba5d12 100644 --- a/.github/workflows/smoke-test-tools.lock.yml +++ b/.github/workflows/smoke-test-tools.lock.yml @@ -541,6 +541,35 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index 100fd60def7..2cd3c7ce3e8 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -671,6 +671,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index 96b8448ddf5..ab8ed251023 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -609,6 +609,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/step-name-alignment.lock.yml b/.github/workflows/step-name-alignment.lock.yml index 2145bc087f1..ca3c93e7b80 100644 --- a/.github/workflows/step-name-alignment.lock.yml +++ b/.github/workflows/step-name-alignment.lock.yml @@ -561,6 +561,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml index dda7c62af3d..78424a45456 100644 --- a/.github/workflows/sub-issue-closer.lock.yml +++ b/.github/workflows/sub-issue-closer.lock.yml @@ -565,6 +565,35 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 } } }, @@ -603,6 +632,12 @@ jobs: "update_issue": { "defaultMax": 1, "fields": { + "assignees": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 39 + }, "body": { "type": "string", "sanitize": true, @@ -611,6 +646,28 @@ jobs: "issue_number": { "issueOrPRNumber": true }, + "labels": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "milestone": { + "optionalPositiveInteger": true + }, + "operation": { + "type": "string", + "enum": [ + "replace", + "append", + "prepend", + "replace-island" + ] + }, + "repo": { + "type": "string", + "maxLength": 256 + }, "status": { "type": "string", "enum": [ diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 1b76c56e217..41b2f385267 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -578,6 +578,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index cdf9a42d382..47a0177b89c 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -505,6 +505,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -626,6 +630,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -644,12 +652,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -658,6 +673,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/terminal-stylist.lock.yml b/.github/workflows/terminal-stylist.lock.yml index dd0eeff760c..75a1e2ae85e 100644 --- a/.github/workflows/terminal-stylist.lock.yml +++ b/.github/workflows/terminal-stylist.lock.yml @@ -517,6 +517,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/test-create-pr-error-handling.lock.yml b/.github/workflows/test-create-pr-error-handling.lock.yml index 4addc21e6bf..4d68a49e491 100644 --- a/.github/workflows/test-create-pr-error-handling.lock.yml +++ b/.github/workflows/test-create-pr-error-handling.lock.yml @@ -429,6 +429,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -537,12 +541,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -551,6 +562,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/test-dispatcher.lock.yml b/.github/workflows/test-dispatcher.lock.yml index b8a2e328831..2e2c8f7d47f 100644 --- a/.github/workflows/test-dispatcher.lock.yml +++ b/.github/workflows/test-dispatcher.lock.yml @@ -478,6 +478,31 @@ jobs: GH_AW_SAFE_OUTPUTS_TOOLS_EOF cat > /opt/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_EOF' { + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/test-project-url-default.lock.yml b/.github/workflows/test-project-url-default.lock.yml index 4620b32beed..56b32fab4ac 100644 --- a/.github/workflows/test-project-url-default.lock.yml +++ b/.github/workflows/test-project-url-default.lock.yml @@ -682,6 +682,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index d23f0512629..80480edbfb3 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -468,6 +468,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -604,12 +608,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -618,6 +629,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml index 64ce7fd0645..ee34b53cea4 100644 --- a/.github/workflows/typist.lock.yml +++ b/.github/workflows/typist.lock.yml @@ -530,6 +530,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/ubuntu-image-analyzer.lock.yml b/.github/workflows/ubuntu-image-analyzer.lock.yml index 6ba26eff5f8..749e94e23d3 100644 --- a/.github/workflows/ubuntu-image-analyzer.lock.yml +++ b/.github/workflows/ubuntu-image-analyzer.lock.yml @@ -415,6 +415,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -523,12 +527,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -537,6 +548,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml index e2f531d5944..98304d24202 100644 --- a/.github/workflows/unbloat-docs.lock.yml +++ b/.github/workflows/unbloat-docs.lock.yml @@ -518,6 +518,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -639,6 +643,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -657,12 +665,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -671,6 +686,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index 7e17c57100d..b93d9df7063 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -562,6 +562,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index d5e7f2304f7..a3d2102a67f 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -574,6 +574,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml index f607f68f9a7..00376f91699 100644 --- a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml +++ b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml @@ -410,6 +410,10 @@ jobs: "description": "Source branch name containing the changes. If omitted, uses the current working branch.", "type": "string" }, + "draft": { + "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", + "type": "boolean" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -518,12 +522,19 @@ jobs: "sanitize": true, "maxLength": 256 }, + "draft": { + "type": "boolean" + }, "labels": { "type": "array", "itemType": "string", "itemSanitize": true, "itemMaxLength": 128 }, + "repo": { + "type": "string", + "maxLength": 256 + }, "title": { "required": true, "type": "string", @@ -532,6 +543,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/workflow-generator.lock.yml b/.github/workflows/workflow-generator.lock.yml index 6115ef3a7be..0a0b1d889c9 100644 --- a/.github/workflows/workflow-generator.lock.yml +++ b/.github/workflows/workflow-generator.lock.yml @@ -605,10 +605,43 @@ jobs: }, "pull_number": { "optionalPositiveInteger": true + }, + "pull_request_repo": { + "type": "string", + "maxLength": 256 + }, + "repo": { + "type": "string", + "maxLength": 256 } }, "customValidation": "requiresOneOf:issue_number,pull_number" }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -644,6 +677,12 @@ jobs: "update_issue": { "defaultMax": 1, "fields": { + "assignees": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 39 + }, "body": { "type": "string", "sanitize": true, @@ -652,6 +691,28 @@ jobs: "issue_number": { "issueOrPRNumber": true }, + "labels": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "milestone": { + "optionalPositiveInteger": true + }, + "operation": { + "type": "string", + "enum": [ + "replace", + "append", + "prepend", + "replace-island" + ] + }, + "repo": { + "type": "string", + "maxLength": 256 + }, "status": { "type": "string", "enum": [ diff --git a/.github/workflows/workflow-health-manager.lock.yml b/.github/workflows/workflow-health-manager.lock.yml index 04c674b9813..e790a74e984 100644 --- a/.github/workflows/workflow-health-manager.lock.yml +++ b/.github/workflows/workflow-health-manager.lock.yml @@ -660,6 +660,10 @@ jobs: }, "item_number": { "issueOrPRNumber": true + }, + "repo": { + "type": "string", + "maxLength": 256 } } }, @@ -696,6 +700,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { @@ -731,6 +760,12 @@ jobs: "update_issue": { "defaultMax": 1, "fields": { + "assignees": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 39 + }, "body": { "type": "string", "sanitize": true, @@ -739,6 +774,28 @@ jobs: "issue_number": { "issueOrPRNumber": true }, + "labels": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "milestone": { + "optionalPositiveInteger": true + }, + "operation": { + "type": "string", + "enum": [ + "replace", + "append", + "prepend", + "replace-island" + ] + }, + "repo": { + "type": "string", + "maxLength": 256 + }, "status": { "type": "string", "enum": [ diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml index b22718dad87..2ce78e85efb 100644 --- a/.github/workflows/workflow-normalizer.lock.yml +++ b/.github/workflows/workflow-normalizer.lock.yml @@ -602,6 +602,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": { diff --git a/.github/workflows/workflow-skill-extractor.lock.yml b/.github/workflows/workflow-skill-extractor.lock.yml index 8e86b0112c6..9b2853b189d 100644 --- a/.github/workflows/workflow-skill-extractor.lock.yml +++ b/.github/workflows/workflow-skill-extractor.lock.yml @@ -603,6 +603,31 @@ jobs: } } }, + "missing_data": { + "defaultMax": 20, + "fields": { + "alternatives": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "context": { + "type": "string", + "sanitize": true, + "maxLength": 256 + }, + "data_type": { + "type": "string", + "sanitize": true, + "maxLength": 128 + }, + "reason": { + "type": "string", + "sanitize": true, + "maxLength": 256 + } + } + }, "missing_tool": { "defaultMax": 20, "fields": {