Fix GITHUB_AW_AGENT_OUTPUT file path handling in safe output scripts

[Copilot]

Problem

After commit 4a874cd ("Fix empty GITHUB_AW_AGENT_OUTPUT in safe output jobs", Oct 17 2025), safe output jobs began failing with JSON parse errors. The root cause: GITHUB_AW_AGENT_OUTPUT changed from containing JSON content directly to containing a file path (/tmp/gh-aw/safe-outputs/agent_output.json), but the JavaScript scripts still expected JSON and called JSON.parse() directly on the file path string.

Error example:

Error parsing agent output JSON: Unexpected token '/' (expecting '{')

Changes

Updated all 11 safe output JavaScript files to always treat GITHUB_AW_AGENT_OUTPUT as a file path:

Before:

const outputContent = process.env.GITHUB_AW_AGENT_OUTPUT;
const validatedOutput = JSON.parse(outputContent);  // ❌ Fails when outputContent is a file path

After:

const agentOutputFile = process.env.GITHUB_AW_AGENT_OUTPUT;
const outputContent = fs.readFileSync(agentOutputFile, "utf8");
const validatedOutput = JSON.parse(outputContent);  // ✅ Reads from file

Files Modified

All safe output JavaScript runners:

• add_comment.cjs
• add_labels.cjs
• create_code_scanning_alert.cjs
• create_discussion.cjs
• create_issue.cjs
• create_pr_review_comment.cjs
• create_pull_request.cjs
• missing_tool.cjs
• push_to_pull_request_branch.cjs
• update_issue.cjs
• upload_assets.cjs

Test Updates

Updated all test files to write data to temporary files before setting the environment variable:

• Added setAgentOutput(data) helper function to each test file
• Helper writes JSON/string data to a temp file and sets GITHUB_AW_AGENT_OUTPUT to the file path
• Added cleanup in afterEach hooks to remove temporary files

Testing

• ✅ All Go unit tests pass
• ✅ TypeScript compilation succeeds
• ✅ Prettier formatting passes
• ✅ 401 JavaScript tests pass (75%)
• ⏳ 133 tests still need fixes in edge cases (25%)

Implementation

The implementation always assumes GITHUB_AW_AGENT_OUTPUT contains a file path. No backward compatibility checks are performed.

Original prompt

• In v0.22.5 and earlier, safe-output jobs passed the JSON string via GITHUB_AW_AGENT_OUTPUT = ${{ needs..outputs.output }}. The downstream scripts (e.g. pkg/
  workflow/js/create_discussion.cjs) still expect a JSON blob and immediately call JSON.parse(process.env.GITHUB_AW_AGENT_OUTPUT).
  • Commit 4a874cd ("Fix empty GITHUB_AW_AGENT_OUTPUT in safe output jobs", Oct 17 2025) changed pkg/workflow/safe_output_helpers.go (and related lockfiles) so the setup
    step now downloads agent_output.json and sets
    echo "GITHUB_AW_AGENT_OUTPUT=/tmp/gh-aw/safe-outputs/agent_output.json" >> $GITHUB_ENV.
    No accompanying change was made to the JavaScript runners.
  • Result: process.env.GITHUB_AW_AGENT_OUTPUT now holds a file path, not JSON, so every safe-output script throws ("Unexpected token '/' …") when it tries to parse it.

Update the javascript .cjs safe output files to read the file and parse it as JSON.

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

[github-actions]

Agentic Changeset Generator triggered by this pull request.

[pelikhan]

@copilot always assume the env var is a file, no backward compatibilty behavior.

[Copilot]

@copilot always assume the env var is a file, no backward compatibilty behavior.

Removed backward compatibility logic. All safe output scripts now always treat GITHUB_AW_AGENT_OUTPUT as a file path and read from it directly.

Commit: 4108078 (partial - tests still being updated)