From 9d6738e892c4eca43ee109f03ee2148a4c0588e1 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Mar 2026 11:46:00 +0000 Subject: [PATCH 1/3] Initial plan From bd2d8e72fde3ab5de97b609b8f20965093886c79 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Mar 2026 11:51:19 +0000 Subject: [PATCH 2/3] Initial plan: add Frontmatter and ToolsMap type aliases Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .../agent-performance-analyzer.lock.yml | 54 +++++++- .../workflows/agent-persona-explorer.lock.yml | 38 +++++- .github/workflows/ai-moderator.lock.yml | 46 ++++++- .github/workflows/archie.lock.yml | 37 ++++- .github/workflows/artifacts-summary.lock.yml | 36 ++++- .github/workflows/audit-workflows.lock.yml | 47 ++++++- .github/workflows/auto-triage-issues.lock.yml | 45 ++++++- .github/workflows/blog-auditor.lock.yml | 36 ++++- .github/workflows/bot-detection.lock.yml | 45 ++++++- .github/workflows/brave.lock.yml | 37 ++++- .../breaking-change-checker.lock.yml | 37 ++++- .github/workflows/changeset.lock.yml | 45 ++++++- .../workflows/chroma-issue-indexer.lock.yml | 2 - .github/workflows/ci-coach.lock.yml | 37 ++++- .github/workflows/ci-doctor.lock.yml | 54 +++++++- .../claude-code-user-docs-review.lock.yml | 37 ++++- .../cli-consistency-checker.lock.yml | 36 ++++- .../workflows/cli-version-checker.lock.yml | 37 ++++- .github/workflows/cloclo.lock.yml | 46 ++++++- .../workflows/code-scanning-fixer.lock.yml | 47 ++++++- .github/workflows/code-simplifier.lock.yml | 37 ++++- .../codex-github-remote-mcp-test.lock.yml | 2 - .../commit-changes-analyzer.lock.yml | 36 ++++- .github/workflows/contribution-check.lock.yml | 52 ++++++- .../workflows/copilot-agent-analysis.lock.yml | 38 +++++- .../copilot-cli-deep-research.lock.yml | 37 ++++- .../copilot-pr-merged-report.lock.yml | 37 ++++- .../copilot-pr-nlp-analysis.lock.yml | 47 ++++++- .../copilot-pr-prompt-analysis.lock.yml | 38 +++++- .../copilot-session-insights.lock.yml | 47 ++++++- .github/workflows/craft.lock.yml | 45 ++++++- .../daily-architecture-diagram.lock.yml | 45 ++++++- .../daily-assign-issue-to-user.lock.yml | 44 +++++- .github/workflows/daily-choice-test.lock.yml | 29 +++- .../workflows/daily-cli-performance.lock.yml | 45 ++++++- .../workflows/daily-cli-tools-tester.lock.yml | 36 ++++- .github/workflows/daily-code-metrics.lock.yml | 47 ++++++- .../workflows/daily-compiler-quality.lock.yml | 37 ++++- .../daily-copilot-token-report.lock.yml | 47 ++++++- .github/workflows/daily-doc-healer.lock.yml | 45 ++++++- .github/workflows/daily-doc-updater.lock.yml | 37 ++++- .github/workflows/daily-fact.lock.yml | 36 ++++- .github/workflows/daily-file-diet.lock.yml | 37 ++++- .../workflows/daily-firewall-report.lock.yml | 46 ++++++- .../workflows/daily-issues-report.lock.yml | 55 +++++++- .../daily-malicious-code-scan.lock.yml | 36 ++++- .../daily-mcp-concurrency-analysis.lock.yml | 45 ++++++- .../daily-multi-device-docs-tester.lock.yml | 45 ++++++- .github/workflows/daily-news.lock.yml | 47 ++++++- .../daily-observability-report.lock.yml | 45 ++++++- .../daily-performance-summary.lock.yml | 54 +++++++- .github/workflows/daily-regulatory.lock.yml | 44 +++++- .../daily-rendering-scripts-verifier.lock.yml | 38 +++++- .../workflows/daily-repo-chronicle.lock.yml | 46 ++++++- .../daily-safe-output-optimizer.lock.yml | 38 +++++- .../daily-safe-outputs-conformance.lock.yml | 36 ++++- .../workflows/daily-secrets-analysis.lock.yml | 44 +++++- .../daily-security-red-team.lock.yml | 36 ++++- .github/workflows/daily-semgrep-scan.lock.yml | 36 ++++- .../daily-syntax-error-quality.lock.yml | 36 ++++- .../daily-team-evolution-insights.lock.yml | 36 ++++- .github/workflows/daily-team-status.lock.yml | 37 ++++- .../daily-testify-uber-super-expert.lock.yml | 38 +++++- .../workflows/daily-workflow-updater.lock.yml | 36 ++++- .github/workflows/dead-code-remover.lock.yml | 38 +++++- .github/workflows/deep-report.lock.yml | 55 +++++++- .github/workflows/delight.lock.yml | 45 ++++++- .github/workflows/dependabot-burner.lock.yml | 37 ++++- .../workflows/dependabot-go-checker.lock.yml | 44 +++++- .github/workflows/dev-hawk.lock.yml | 37 ++++- .github/workflows/dev.lock.yml | 36 ++++- .../developer-docs-consolidator.lock.yml | 45 ++++++- .github/workflows/dictation-prompt.lock.yml | 36 ++++- .../workflows/discussion-task-miner.lock.yml | 45 ++++++- .github/workflows/docs-noob-tester.lock.yml | 45 ++++++- .github/workflows/draft-pr-cleanup.lock.yml | 52 ++++++- .../duplicate-code-detector.lock.yml | 36 ++++- .../example-custom-error-patterns.lock.yml | 3 - .../example-permissions-warning.lock.yml | 2 - .../example-workflow-analyzer.lock.yml | 36 ++++- .github/workflows/firewall-escape.lock.yml | 40 ++++-- .github/workflows/firewall.lock.yml | 2 - .../workflows/functional-pragmatist.lock.yml | 36 ++++- .../github-mcp-structural-analysis.lock.yml | 46 ++++++- .../github-mcp-tools-report.lock.yml | 45 ++++++- .../github-remote-mcp-auth-test.lock.yml | 36 ++++- .../workflows/glossary-maintainer.lock.yml | 37 ++++- .github/workflows/go-fan.lock.yml | 37 ++++- .github/workflows/go-logger.lock.yml | 37 ++++- .../workflows/go-pattern-detector.lock.yml | 37 ++++- .github/workflows/gpclean.lock.yml | 37 ++++- .github/workflows/grumpy-reviewer.lock.yml | 46 ++++++- .github/workflows/hourly-ci-cleaner.lock.yml | 37 ++++- .../workflows/instructions-janitor.lock.yml | 37 ++++- .github/workflows/issue-arborist.lock.yml | 52 ++++++- .github/workflows/issue-monster.lock.yml | 46 ++++++- .github/workflows/issue-triage-agent.lock.yml | 44 +++++- .github/workflows/jsweep.lock.yml | 37 ++++- .../workflows/layout-spec-maintainer.lock.yml | 36 ++++- .github/workflows/lockfile-stats.lock.yml | 37 ++++- .github/workflows/mcp-inspector.lock.yml | 39 +++++- .github/workflows/mergefest.lock.yml | 37 ++++- .github/workflows/metrics-collector.lock.yml | 4 - .../workflows/notion-issue-summary.lock.yml | 29 +++- .github/workflows/org-health-report.lock.yml | 46 ++++++- .github/workflows/pdf-summary.lock.yml | 46 ++++++- .github/workflows/plan.lock.yml | 45 ++++++- .github/workflows/poem-bot.lock.yml | 127 +++++++++++++++++- .github/workflows/portfolio-analyst.lock.yml | 46 ++++++- .../workflows/pr-nitpick-reviewer.lock.yml | 54 +++++++- .github/workflows/pr-triage-agent.lock.yml | 53 +++++++- .../prompt-clustering-analysis.lock.yml | 37 ++++- .github/workflows/python-data-charts.lock.yml | 46 ++++++- .github/workflows/q.lock.yml | 46 ++++++- .github/workflows/refiner.lock.yml | 45 ++++++- .github/workflows/release.lock.yml | 39 +++++- .../workflows/repo-audit-analyzer.lock.yml | 37 ++++- .github/workflows/repo-tree-map.lock.yml | 36 ++++- .../repository-quality-improver.lock.yml | 37 ++++- .github/workflows/research.lock.yml | 36 ++++- .github/workflows/safe-output-health.lock.yml | 37 ++++- .../schema-consistency-checker.lock.yml | 37 ++++- .github/workflows/scout.lock.yml | 46 ++++++- ...ecurity-alert-burndown.campaign.g.lock.yml | 61 ++++++++- .../workflows/security-compliance.lock.yml | 37 ++++- .github/workflows/security-review.lock.yml | 46 ++++++- .../semantic-function-refactor.lock.yml | 44 +++++- .github/workflows/sergo.lock.yml | 37 ++++- .../workflows/slide-deck-maintainer.lock.yml | 38 +++++- .github/workflows/smoke-agent.lock.yml | 45 ++++++- .github/workflows/smoke-claude.lock.yml | 110 ++++++++++++++- .github/workflows/smoke-codex.lock.yml | 78 ++++++++++- .github/workflows/smoke-copilot-arm.lock.yml | 87 +++++++++++- .github/workflows/smoke-copilot.lock.yml | 95 ++++++++++++- .../smoke-create-cross-repo-pr.lock.yml | 53 +++++++- .github/workflows/smoke-gemini.lock.yml | 54 +++++++- .github/workflows/smoke-multi-pr.lock.yml | 45 ++++++- .github/workflows/smoke-project.lock.yml | 85 +++++++++++- .github/workflows/smoke-temporary-id.lock.yml | 53 +++++++- .github/workflows/smoke-test-tools.lock.yml | 37 ++++- .../smoke-update-cross-repo-pr.lock.yml | 54 +++++++- .../workflows/smoke-workflow-call.lock.yml | 37 ++++- .../workflows/stale-repo-identifier.lock.yml | 46 ++++++- .../workflows/static-analysis-report.lock.yml | 37 ++++- .../workflows/step-name-alignment.lock.yml | 37 ++++- .github/workflows/sub-issue-closer.lock.yml | 44 +++++- .github/workflows/super-linter.lock.yml | 38 +++++- .../workflows/technical-doc-writer.lock.yml | 54 +++++++- .github/workflows/terminal-stylist.lock.yml | 36 ++++- .../test-create-pr-error-handling.lock.yml | 37 ++++- .github/workflows/test-dispatcher.lock.yml | 28 +++- .../test-project-url-default.lock.yml | 44 +++++- .github/workflows/test-workflow.lock.yml | 2 - .github/workflows/tidy.lock.yml | 45 ++++++- .github/workflows/typist.lock.yml | 36 ++++- .../workflows/ubuntu-image-analyzer.lock.yml | 37 ++++- .github/workflows/unbloat-docs.lock.yml | 55 +++++++- .github/workflows/video-analyzer.lock.yml | 36 ++++- .../weekly-editors-health-check.lock.yml | 45 ++++++- .../workflows/weekly-issue-summary.lock.yml | 46 ++++++- .../weekly-safe-outputs-spec-review.lock.yml | 36 ++++- .github/workflows/workflow-generator.lock.yml | 46 ++++++- .../workflow-health-manager.lock.yml | 54 +++++++- .../workflows/workflow-normalizer.lock.yml | 36 ++++- .../workflow-skill-extractor.lock.yml | 44 +++++- 165 files changed, 6112 insertions(+), 836 deletions(-) diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml index 7e4dff1b7b2..ccdd9633b50 100644 --- a/.github/workflows/agent-performance-analyzer.lock.yml +++ b/.github/workflows/agent-performance-analyzer.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -258,7 +257,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -420,6 +418,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -434,6 +436,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -465,6 +471,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -487,9 +501,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -508,10 +530,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -529,9 +559,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -558,9 +596,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1129,7 +1175,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1231,7 +1276,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1268,7 +1312,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1340,7 +1383,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/agent-performance-analyzer" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml index 886efe2aeb1..096787b9cef 100644 --- a/.github/workflows/agent-persona-explorer.lock.yml +++ b/.github/workflows/agent-persona-explorer.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -259,7 +258,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -425,6 +423,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -447,10 +453,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -468,9 +482,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -497,9 +519,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1012,7 +1042,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1113,7 +1142,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1150,7 +1178,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/agent-persona-explorer" GH_AW_ENGINE_ID: "copilot" @@ -1217,7 +1244,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: agentpersonaexplorer steps: diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml index f01953d31f2..8c9a0053de2 100644 --- a/.github/workflows/ai-moderator.lock.yml +++ b/.github/workflows/ai-moderator.lock.yml @@ -64,7 +64,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -301,7 +300,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -407,6 +405,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -417,6 +419,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -432,10 +438,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -453,9 +467,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -474,6 +496,10 @@ jobs: "description": "GraphQL node ID of the comment to hide (e.g., 'IC_kwDOABCD123456'). This is the GraphQL node ID, not the numeric comment ID from REST API. Can be obtained from GraphQL queries or comment API responses.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Optional reason for hiding the comment. Defaults to SPAM if not provided. Valid values: SPAM (spam content), ABUSE (abusive/harassment content), OFF_TOPIC (not relevant to discussion), OUTDATED (no longer applicable), RESOLVED (issue/question has been resolved).", "enum": [ @@ -484,6 +510,10 @@ jobs: "RESOLVED" ], "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -510,9 +540,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -916,7 +954,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1015,7 +1052,6 @@ jobs: permissions: actions: read contents: read - continue-on-error: false outputs: activated: ${{ ((steps.check_skip_roles.outputs.skip_roles_ok == 'true') && (steps.check_skip_bots.outputs.skip_bots_ok == 'true')) && (steps.check_rate_limit.outputs.rate_limit_ok == 'true') }} matched_command: '' @@ -1084,7 +1120,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/ai-moderator" GH_AW_ENGINE_ID: "codex" @@ -1155,7 +1190,6 @@ jobs: contents: read issues: write timeout-minutes: 5 - continue-on-error: false steps: - name: Checkout actions folder uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml index 2ea1aadeae8..e0f9908f06d 100644 --- a/.github/workflows/archie.lock.yml +++ b/.github/workflows/archie.lock.yml @@ -69,7 +69,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -308,7 +307,6 @@ jobs: copilot-requests: write issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -406,9 +404,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -427,10 +433,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -448,9 +462,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -477,9 +499,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -975,7 +1005,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1080,7 +1109,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1129,7 +1157,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/archie" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index c33cfc6b251..5cdf04e2ad4 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -245,7 +244,6 @@ jobs: copilot-requests: write concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -347,6 +345,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -369,10 +375,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -390,9 +404,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -419,9 +441,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -915,7 +945,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1020,7 +1049,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/artifacts-summary" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index 95e048db597..e6641b1d9c4 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -276,7 +275,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -481,6 +479,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -499,9 +505,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -520,10 +534,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -541,9 +563,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -570,9 +600,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1168,7 +1206,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1279,7 +1316,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1350,7 +1386,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/audit-workflows" GH_AW_ENGINE_ID: "claude" @@ -1418,7 +1453,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: auditworkflows steps: @@ -1462,7 +1496,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/auto-triage-issues.lock.yml b/.github/workflows/auto-triage-issues.lock.yml index daeb5495baa..754590c3cf5 100644 --- a/.github/workflows/auto-triage-issues.lock.yml +++ b/.github/workflows/auto-triage-issues.lock.yml @@ -54,7 +54,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -258,7 +257,6 @@ jobs: contents: read copilot-requests: write issues: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -360,6 +358,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -378,6 +384,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -388,6 +398,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -403,10 +417,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -424,9 +446,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -453,9 +483,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -985,7 +1023,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1086,7 +1123,6 @@ jobs: permissions: actions: read contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_rate_limit.outputs.rate_limit_ok == 'true') }} matched_command: '' @@ -1139,7 +1175,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/auto-triage-issues" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml index 20d011df3d5..19677339039 100644 --- a/.github/workflows/blog-auditor.lock.yml +++ b/.github/workflows/blog-auditor.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -253,7 +252,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -359,6 +357,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -381,10 +387,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -402,9 +416,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -431,9 +453,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1028,7 +1058,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1137,7 +1166,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/blog-auditor" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/bot-detection.lock.yml b/.github/workflows/bot-detection.lock.yml index 8a717a79b2f..2a82e68214f 100644 --- a/.github/workflows/bot-detection.lock.yml +++ b/.github/workflows/bot-detection.lock.yml @@ -45,7 +45,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -261,7 +260,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -357,6 +355,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -371,6 +373,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -405,6 +411,10 @@ jobs: "description": "Issue body content in Markdown. For 'replace', this becomes the entire body. For 'append'/'prepend', this content is added with a separator and an attribution footer. For 'replace-island', only the run-specific section is updated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to update. This is the numeric ID from the GitHub URL (e.g., 789 in github.com/owner/repo/issues/789). Required when the workflow target is '*' (any issue).", "type": [ @@ -436,6 +446,10 @@ jobs: ], "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "status": { "description": "New issue status: 'open' to reopen a closed issue, 'closed' to close an open issue.", "enum": [ @@ -462,10 +476,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -483,9 +505,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -512,9 +542,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -951,7 +989,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1054,7 +1091,6 @@ jobs: issues: read pull-requests: read - continue-on-error: false outputs: action: ${{ steps.precompute.outputs.action }} issue_body: ${{ steps.precompute.outputs.issue_body }} @@ -1853,7 +1889,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/bot-detection" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index 7db1df41536..1459c85f98c 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -55,7 +55,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -292,7 +291,6 @@ jobs: copilot-requests: write issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -390,9 +388,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -411,10 +417,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -432,9 +446,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -461,9 +483,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -963,7 +993,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1065,7 +1094,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1114,7 +1142,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/brave" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml index 6557d6091b3..19d3e48d6c8 100644 --- a/.github/workflows/breaking-change-checker.lock.yml +++ b/.github/workflows/breaking-change-checker.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -247,7 +246,6 @@ jobs: copilot-requests: write concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -345,6 +343,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -359,6 +361,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -386,10 +392,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -407,9 +421,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -436,9 +458,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -958,7 +988,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1061,7 +1090,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1110,7 +1138,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/breaking-change-checker" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml index 2dd3b6bad1b..af26f30245f 100644 --- a/.github/workflows/changeset.lock.yml +++ b/.github/workflows/changeset.lock.yml @@ -63,7 +63,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -306,7 +305,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -415,6 +413,10 @@ jobs: "description": "Whether the PR should be a draft (true) or ready for review (false). Use to convert between draft and ready states.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "operation": { "description": "How to update the PR body: 'replace' (default - completely overwrite), 'append' (add to end with separator), or 'prepend' (add to start with separator). Title is always replaced.", "enum": [ @@ -431,6 +433,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "New pull request title to replace the existing title.", "type": "string" @@ -449,6 +455,10 @@ jobs: "description": "Branch name to push changes from. If omitted, uses the current working branch. Only specify if you need to push from a different branch.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Commit message describing the changes. Follow repository commit message conventions (e.g., conventional commits).", "type": "string" @@ -459,6 +469,10 @@ jobs: "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -477,10 +491,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -498,9 +520,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -527,9 +557,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1017,7 +1055,6 @@ jobs: permissions: contents: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1121,7 +1158,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1159,7 +1195,6 @@ jobs: contents: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/changeset" GH_AW_ENGINE_ID: "codex" diff --git a/.github/workflows/chroma-issue-indexer.lock.yml b/.github/workflows/chroma-issue-indexer.lock.yml index d15ebe75ddc..d39ed962429 100644 --- a/.github/workflows/chroma-issue-indexer.lock.yml +++ b/.github/workflows/chroma-issue-indexer.lock.yml @@ -46,7 +46,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -245,7 +244,6 @@ jobs: issues: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: chromaissueindexer outputs: diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml index 9b9c5d5c41d..5c863e3bfa7 100644 --- a/.github/workflows/ci-coach.lock.yml +++ b/.github/workflows/ci-coach.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -268,7 +267,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -423,6 +421,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -434,6 +436,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -456,10 +462,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -477,9 +491,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -506,9 +528,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1020,7 +1050,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1146,7 +1175,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/ci-coach" GH_AW_ENGINE_ID: "copilot" @@ -1245,7 +1273,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: cicoach steps: diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index 89a52283765..f1ecaf32cbe 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -58,7 +58,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -288,7 +287,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -403,6 +401,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -417,6 +419,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -444,9 +450,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -472,6 +486,10 @@ jobs: "description": "Issue body content in Markdown. For 'replace', this becomes the entire body. For 'append'/'prepend', this content is added with a separator and an attribution footer. For 'replace-island', only the run-specific section is updated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to update. This is the numeric ID from the GitHub URL (e.g., 789 in github.com/owner/repo/issues/789). Required when the workflow target is '*' (any issue).", "type": [ @@ -503,6 +521,10 @@ jobs: ], "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "status": { "description": "New issue status: 'open' to reopen a closed issue, 'closed' to close an open issue.", "enum": [ @@ -529,10 +551,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -550,9 +580,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -579,9 +617,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1161,7 +1207,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1270,7 +1315,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_stop_time.outputs.stop_time_ok == 'true') }} matched_command: '' @@ -1320,7 +1364,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/ci-doctor" GH_AW_ENGINE_ID: "copilot" @@ -1395,7 +1438,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: cidoctor steps: diff --git a/.github/workflows/claude-code-user-docs-review.lock.yml b/.github/workflows/claude-code-user-docs-review.lock.yml index a62f106d915..586eaa50760 100644 --- a/.github/workflows/claude-code-user-docs-review.lock.yml +++ b/.github/workflows/claude-code-user-docs-review.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -251,7 +250,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -367,6 +365,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -389,10 +395,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -410,9 +424,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -439,9 +461,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -989,7 +1019,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1098,7 +1127,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/claude-code-user-docs-review" GH_AW_ENGINE_ID: "claude" @@ -1166,7 +1194,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: claudecodeuserdocsreview steps: diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index 10f446e00bb..7918e8b5555 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -43,7 +43,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -236,7 +235,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -334,6 +332,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -348,6 +350,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -375,10 +381,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -396,9 +410,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -425,9 +447,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -927,7 +957,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1029,7 +1058,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/cli-consistency-checker" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index 41f81adca33..88117313090 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -259,7 +258,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -374,6 +372,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -388,6 +390,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -415,10 +421,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -436,9 +450,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -465,9 +487,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1022,7 +1052,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1124,7 +1153,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/cli-version-checker" GH_AW_ENGINE_ID: "claude" @@ -1193,7 +1221,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: cliversionchecker steps: diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml index 2a8ac1b8e17..d24e19ff77b 100644 --- a/.github/workflows/cloclo.lock.yml +++ b/.github/workflows/cloclo.lock.yml @@ -92,7 +92,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -365,7 +364,6 @@ jobs: discussions: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -534,9 +532,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -563,6 +569,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -574,6 +584,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -596,10 +610,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -617,9 +639,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -646,9 +676,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1317,7 +1355,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1448,7 +1485,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1499,7 +1535,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/cloclo" GH_AW_ENGINE_ID: "claude" @@ -1600,7 +1635,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: cloclo steps: diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml index dc8d52bef0d..4bdeace90e2 100644 --- a/.github/workflows/code-scanning-fixer.lock.yml +++ b/.github/workflows/code-scanning-fixer.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -249,7 +248,6 @@ jobs: copilot-requests: write pull-requests: read security-events: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -376,6 +374,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -387,6 +389,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -405,6 +411,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -415,6 +425,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -430,10 +444,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -451,9 +473,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -480,9 +510,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1023,7 +1061,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1139,7 +1176,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1189,7 +1225,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_campaigns: ${{ steps.push_repo_memory_campaigns.outputs.validation_error }} validation_failed_campaigns: ${{ steps.push_repo_memory_campaigns.outputs.validation_failed }} @@ -1262,7 +1297,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/code-scanning-fixer" GH_AW_ENGINE_ID: "copilot" @@ -1360,7 +1394,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: codescanningfixer steps: diff --git a/.github/workflows/code-simplifier.lock.yml b/.github/workflows/code-simplifier.lock.yml index 4c6aacfdc64..08ee94dcfc0 100644 --- a/.github/workflows/code-simplifier.lock.yml +++ b/.github/workflows/code-simplifier.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -256,7 +255,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -362,6 +360,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -373,6 +375,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -395,10 +401,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -416,9 +430,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -445,9 +467,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -951,7 +981,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1071,7 +1100,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1123,7 +1151,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/code-simplifier" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/codex-github-remote-mcp-test.lock.yml b/.github/workflows/codex-github-remote-mcp-test.lock.yml index 585d3a41035..fec4ce68526 100644 --- a/.github/workflows/codex-github-remote-mcp-test.lock.yml +++ b/.github/workflows/codex-github-remote-mcp-test.lock.yml @@ -41,7 +41,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -230,7 +229,6 @@ jobs: permissions: contents: read issues: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: codexgithubremotemcptest outputs: diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml index 94b244d8dc4..bce0a735693 100644 --- a/.github/workflows/commit-changes-analyzer.lock.yml +++ b/.github/workflows/commit-changes-analyzer.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -252,7 +251,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -358,6 +356,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -380,10 +386,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -401,9 +415,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -430,9 +452,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -970,7 +1000,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1075,7 +1104,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/commit-changes-analyzer" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/contribution-check.lock.yml b/.github/workflows/contribution-check.lock.yml index 82cb0ceda3e..bfa5f621826 100644 --- a/.github/workflows/contribution-check.lock.yml +++ b/.github/workflows/contribution-check.lock.yml @@ -46,7 +46,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -246,7 +245,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -334,6 +332,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -348,6 +350,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -375,9 +381,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -392,6 +406,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -402,6 +420,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -417,10 +439,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -438,9 +468,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -467,9 +505,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1005,7 +1051,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1110,7 +1155,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/contribution-check" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml index 7350d5213f2..275cc371bd5 100644 --- a/.github/workflows/copilot-agent-analysis.lock.yml +++ b/.github/workflows/copilot-agent-analysis.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -278,7 +277,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -412,6 +410,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -434,10 +440,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -455,9 +469,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -484,9 +506,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1044,7 +1074,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1151,7 +1180,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1222,7 +1250,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-agent-analysis" GH_AW_ENGINE_ID: "claude" @@ -1289,7 +1316,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: copilotagentanalysis steps: diff --git a/.github/workflows/copilot-cli-deep-research.lock.yml b/.github/workflows/copilot-cli-deep-research.lock.yml index a3fe9a3254c..0f7eeaf599f 100644 --- a/.github/workflows/copilot-cli-deep-research.lock.yml +++ b/.github/workflows/copilot-cli-deep-research.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -257,7 +256,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -369,6 +367,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -391,10 +397,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -412,9 +426,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -441,9 +463,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -969,7 +999,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1076,7 +1105,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1147,7 +1175,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-cli-deep-research" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index b66d3950d04..92d38cbaddf 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -266,7 +265,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -386,6 +384,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -408,10 +414,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -429,9 +443,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -458,9 +480,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1085,7 +1115,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1190,7 +1219,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-pr-merged-report" GH_AW_ENGINE_ID: "copilot" @@ -1257,7 +1285,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: copilotprmergedreport steps: diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index eaa1cf4704d..9014cf70449 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -279,7 +278,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -438,6 +436,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -456,9 +462,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -477,10 +491,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -498,9 +520,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -527,9 +557,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1065,7 +1103,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1172,7 +1209,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1243,7 +1279,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-pr-nlp-analysis" GH_AW_ENGINE_ID: "copilot" @@ -1310,7 +1345,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: copilotprnlpanalysis steps: @@ -1354,7 +1388,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index 6bbcd730bc9..9e60c36d2d3 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -274,7 +273,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -404,6 +402,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -426,10 +432,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -447,9 +461,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -476,9 +498,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -989,7 +1019,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1096,7 +1125,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1167,7 +1195,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-pr-prompt-analysis" GH_AW_ENGINE_ID: "copilot" @@ -1234,7 +1261,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: copilotprpromptanalysis steps: diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml index 1727a29106c..7fe84b03233 100644 --- a/.github/workflows/copilot-session-insights.lock.yml +++ b/.github/workflows/copilot-session-insights.lock.yml @@ -53,7 +53,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -293,7 +292,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -449,6 +447,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -467,9 +473,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -488,10 +502,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -509,9 +531,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -538,9 +568,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1123,7 +1161,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1230,7 +1267,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1301,7 +1337,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-session-insights" GH_AW_ENGINE_ID: "claude" @@ -1368,7 +1403,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: copilotsessioninsights steps: @@ -1412,7 +1446,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index 4c47f428fa2..71e86d0510e 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -52,7 +52,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -285,7 +284,6 @@ jobs: copilot-requests: write issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -388,9 +386,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -409,6 +415,10 @@ jobs: "description": "Branch name to push changes from. If omitted, uses the current working branch. Only specify if you need to push from a different branch.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Commit message describing the changes. Follow repository commit message conventions (e.g., conventional commits).", "type": "string" @@ -419,6 +429,10 @@ jobs: "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -437,10 +451,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -458,9 +480,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -487,9 +517,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -998,7 +1036,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1101,7 +1138,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1152,7 +1188,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/craft" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-architecture-diagram.lock.yml b/.github/workflows/daily-architecture-diagram.lock.yml index 24c3e7f8648..182c797d558 100644 --- a/.github/workflows/daily-architecture-diagram.lock.yml +++ b/.github/workflows/daily-architecture-diagram.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -251,7 +250,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -359,6 +357,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -373,6 +375,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -408,6 +414,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -419,6 +429,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -441,10 +455,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -462,9 +484,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -491,9 +521,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1038,7 +1076,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1159,7 +1196,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-architecture-diagram" GH_AW_ENGINE_ID: "copilot" @@ -1259,7 +1295,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailyarchitecturediagram steps: diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml index bec8c13f8fe..2b31bae113b 100644 --- a/.github/workflows/daily-assign-issue-to-user.lock.yml +++ b/.github/workflows/daily-assign-issue-to-user.lock.yml @@ -43,7 +43,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -233,7 +232,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -331,9 +329,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -359,12 +365,20 @@ jobs: }, "type": "array" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to assign users to. This is the numeric ID from the GitHub URL (e.g., 543 in github.com/owner/repo/issues/543). If omitted, assigns to the issue that triggered this workflow.", "type": [ "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -383,10 +397,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -404,9 +426,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -433,9 +463,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -944,7 +982,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1048,7 +1085,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-assign-issue-to-user" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml index 291a6ab9a1a..635c29974c9 100644 --- a/.github/workflows/daily-choice-test.lock.yml +++ b/.github/workflows/daily-choice-test.lock.yml @@ -43,7 +43,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -238,7 +237,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -340,10 +338,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -361,9 +367,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -390,9 +404,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -932,7 +954,6 @@ jobs: - test_environment if: (always()) && (needs.agent.result != 'skipped') runs-on: ubuntu-slim - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1035,7 +1056,6 @@ jobs: if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (needs.agent.outputs.detection_success == 'true') runs-on: ubuntu-slim timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-choice-test" GH_AW_ENGINE_ID: "claude" @@ -1097,7 +1117,6 @@ jobs: if: > ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'test_environment')) runs-on: ubuntu-latest - continue-on-error: false steps: - name: Download agent output artifact continue-on-error: true diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml index c91f93f9577..ba4f37d8586 100644 --- a/.github/workflows/daily-cli-performance.lock.yml +++ b/.github/workflows/daily-cli-performance.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -262,7 +261,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -370,6 +368,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -384,6 +386,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -411,9 +417,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -432,10 +446,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -453,9 +475,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -482,9 +512,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1158,7 +1196,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1267,7 +1304,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1339,7 +1375,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-cli-performance" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml index b34add1ba19..bd755699edf 100644 --- a/.github/workflows/daily-cli-tools-tester.lock.yml +++ b/.github/workflows/daily-cli-tools-tester.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -242,7 +241,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -394,6 +392,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -408,6 +410,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -435,10 +441,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -456,9 +470,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -485,9 +507,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -999,7 +1029,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1102,7 +1131,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-cli-tools-tester" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml index 243903b4cac..da4fedd26f6 100644 --- a/.github/workflows/daily-code-metrics.lock.yml +++ b/.github/workflows/daily-code-metrics.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -274,7 +273,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -423,6 +421,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -441,9 +447,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -462,10 +476,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -483,9 +505,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -512,9 +542,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1097,7 +1135,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1208,7 +1245,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1279,7 +1315,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-code-metrics" GH_AW_ENGINE_ID: "claude" @@ -1347,7 +1382,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailycodemetrics steps: @@ -1391,7 +1425,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml index a0f52e051d7..f0c66f656c6 100644 --- a/.github/workflows/daily-compiler-quality.lock.yml +++ b/.github/workflows/daily-compiler-quality.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -254,7 +253,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -366,6 +364,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -388,10 +394,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -409,9 +423,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -438,9 +460,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -970,7 +1000,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1079,7 +1108,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-compiler-quality" GH_AW_ENGINE_ID: "copilot" @@ -1147,7 +1175,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailycompilerquality steps: diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml index 0cc46109efc..b9467128933 100644 --- a/.github/workflows/daily-copilot-token-report.lock.yml +++ b/.github/workflows/daily-copilot-token-report.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -267,7 +266,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -445,6 +443,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -463,9 +469,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -484,10 +498,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -505,9 +527,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -534,9 +564,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1072,7 +1110,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1183,7 +1220,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1254,7 +1290,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-copilot-token-report" GH_AW_ENGINE_ID: "copilot" @@ -1322,7 +1357,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailycopilottokenreport steps: @@ -1366,7 +1400,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/daily-doc-healer.lock.yml b/.github/workflows/daily-doc-healer.lock.yml index 9906d8af742..e1065278ba7 100644 --- a/.github/workflows/daily-doc-healer.lock.yml +++ b/.github/workflows/daily-doc-healer.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -250,7 +249,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -362,6 +360,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -376,6 +378,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -411,6 +417,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -422,6 +432,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -444,10 +458,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -465,9 +487,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -494,9 +524,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1113,7 +1151,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1239,7 +1276,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-doc-healer" GH_AW_ENGINE_ID: "claude" @@ -1353,7 +1389,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailydochealer steps: diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml index efd1bbade2f..ac309ae8513 100644 --- a/.github/workflows/daily-doc-updater.lock.yml +++ b/.github/workflows/daily-doc-updater.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -250,7 +249,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -370,6 +368,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -381,6 +383,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -403,10 +409,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -424,9 +438,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -453,9 +475,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1040,7 +1070,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1166,7 +1195,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-doc-updater" GH_AW_ENGINE_ID: "claude" @@ -1265,7 +1293,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailydocupdater steps: diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml index 300f770860f..7a2faf79bcf 100644 --- a/.github/workflows/daily-fact.lock.yml +++ b/.github/workflows/daily-fact.lock.yml @@ -43,7 +43,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -227,7 +226,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-codex-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -323,9 +321,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -344,10 +350,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -365,9 +379,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -394,9 +416,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -865,7 +895,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -968,7 +997,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-fact" GH_AW_ENGINE_ID: "codex" diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml index 7cafbe27042..fb2856bfd42 100644 --- a/.github/workflows/daily-file-diet.lock.yml +++ b/.github/workflows/daily-file-diet.lock.yml @@ -52,7 +52,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -255,7 +254,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -353,6 +351,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -367,6 +369,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -394,10 +400,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -415,9 +429,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -444,9 +466,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -976,7 +1006,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1078,7 +1107,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1127,7 +1155,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-file-diet" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index bb9081a7513..efaa490a6eb 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -262,7 +261,6 @@ jobs: security-events: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -451,6 +449,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -469,9 +475,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -490,10 +504,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -511,9 +533,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -540,9 +570,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1080,7 +1118,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1190,7 +1227,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-firewall-report" GH_AW_ENGINE_ID: "copilot" @@ -1258,7 +1294,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailyfirewallreport steps: @@ -1302,7 +1337,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml index 26d1a37865c..40656ea2a80 100644 --- a/.github/workflows/daily-issues-report.lock.yml +++ b/.github/workflows/daily-issues-report.lock.yml @@ -54,7 +54,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -283,7 +282,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-codex-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -419,6 +417,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -448,6 +454,10 @@ jobs: "string" ] }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Resolution reason: RESOLVED (issue addressed), DUPLICATE (discussed elsewhere), OUTDATED (no longer relevant), or ANSWERED (question answered).", "enum": [ @@ -457,6 +467,10 @@ jobs: "ANSWERED" ], "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -471,9 +485,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -492,10 +514,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -513,9 +543,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -542,9 +580,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1078,7 +1124,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1182,7 +1227,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1219,7 +1263,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-issues-report" GH_AW_ENGINE_ID: "codex" @@ -1287,7 +1330,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailyissuesreport steps: @@ -1331,7 +1373,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml index 8253e433d5f..cf71af8d6dd 100644 --- a/.github/workflows/daily-malicious-code-scan.lock.yml +++ b/.github/workflows/daily-malicious-code-scan.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -242,7 +241,6 @@ jobs: security-events: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -345,6 +343,10 @@ jobs: "description": "File path relative to the repository root where the issue was found (e.g., 'src/auth/password.js').", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number where the issue was found in the file.", "type": [ @@ -360,6 +362,10 @@ jobs: "description": "Suffix to append to the rule ID for categorizing different types of findings (e.g., 'sql-injection', 'xss').", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "severity": { "description": "Alert severity level: 'error' (critical security issues), 'warning' (potential problems), 'info' (informational), or 'note' (minor observations).", "enum": [ @@ -390,10 +396,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -411,9 +425,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -440,9 +462,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -833,7 +863,6 @@ jobs: permissions: contents: read security-events: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -939,7 +968,6 @@ jobs: contents: read security-events: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-malicious-code-scan" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml index a0bf7c8c680..e352dbad98a 100644 --- a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml +++ b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -253,7 +252,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -361,6 +359,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -375,6 +377,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -401,6 +407,14 @@ jobs: "body": { "description": "Clear, detailed task description for the Copilot coding agent. Include specific files to modify, expected behavior, acceptance criteria, and any constraints. The description should be actionable and self-contained.", "type": "string" + }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -419,10 +433,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -440,9 +462,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -469,9 +499,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1023,7 +1061,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1129,7 +1166,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-mcp-concurrency-analysis" GH_AW_ENGINE_ID: "copilot" @@ -1213,7 +1249,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailymcpconcurrencyanalysis steps: diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml index 49c108aa0be..87ccd49a74f 100644 --- a/.github/workflows/daily-multi-device-docs-tester.lock.yml +++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml @@ -54,7 +54,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -266,7 +265,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -368,6 +366,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -382,6 +384,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -405,9 +411,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -426,10 +440,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -447,9 +469,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -476,9 +506,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1107,7 +1145,6 @@ jobs: permissions: contents: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1213,7 +1250,6 @@ jobs: contents: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-multi-device-docs-tester" GH_AW_ENGINE_ID: "claude" @@ -1284,7 +1320,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index 521fbdd1db6..3db80d28aa5 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -278,7 +277,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -491,6 +489,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -509,9 +515,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -530,10 +544,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -551,9 +573,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -580,9 +610,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1134,7 +1172,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1245,7 +1282,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1316,7 +1352,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-news" GH_AW_ENGINE_ID: "copilot" @@ -1384,7 +1419,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailynews steps: @@ -1428,7 +1462,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml index 5f74abd7faf..259595c7edb 100644 --- a/.github/workflows/daily-observability-report.lock.yml +++ b/.github/workflows/daily-observability-report.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -255,7 +254,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-codex-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -415,6 +413,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -444,6 +450,10 @@ jobs: "string" ] }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Resolution reason: RESOLVED (issue addressed), DUPLICATE (discussed elsewhere), OUTDATED (no longer relevant), or ANSWERED (question answered).", "enum": [ @@ -453,6 +463,10 @@ jobs: "ANSWERED" ], "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -471,10 +485,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -492,9 +514,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -521,9 +551,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1043,7 +1081,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1147,7 +1184,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1184,7 +1220,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-observability-report" GH_AW_ENGINE_ID: "codex" diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml index b6efe7b62f7..9c30201f68f 100644 --- a/.github/workflows/daily-performance-summary.lock.yml +++ b/.github/workflows/daily-performance-summary.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -267,7 +266,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -402,6 +400,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -431,6 +437,10 @@ jobs: "string" ] }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Resolution reason: RESOLVED (issue addressed), DUPLICATE (discussed elsewhere), OUTDATED (no longer relevant), or ANSWERED (question answered).", "enum": [ @@ -440,6 +450,10 @@ jobs: "ANSWERED" ], "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -454,9 +468,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -475,10 +497,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -496,9 +526,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -525,9 +563,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1556,7 +1602,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1666,7 +1711,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-performance-summary" GH_AW_ENGINE_ID: "copilot" @@ -1734,7 +1778,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailyperformancesummary steps: @@ -1778,7 +1821,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml index 6c9e4bf24d2..7b755b9c00d 100644 --- a/.github/workflows/daily-regulatory.lock.yml +++ b/.github/workflows/daily-regulatory.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -254,7 +253,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -356,6 +354,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -385,6 +391,10 @@ jobs: "string" ] }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Resolution reason: RESOLVED (issue addressed), DUPLICATE (discussed elsewhere), OUTDATED (no longer relevant), or ANSWERED (question answered).", "enum": [ @@ -394,6 +404,10 @@ jobs: "ANSWERED" ], "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -412,10 +426,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -433,9 +455,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -462,9 +492,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1461,7 +1499,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1571,7 +1608,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-regulatory" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-rendering-scripts-verifier.lock.yml b/.github/workflows/daily-rendering-scripts-verifier.lock.yml index 0cfda31ce96..dcdf2c8e0e7 100644 --- a/.github/workflows/daily-rendering-scripts-verifier.lock.yml +++ b/.github/workflows/daily-rendering-scripts-verifier.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -264,7 +263,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -438,6 +436,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -449,6 +451,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -471,10 +477,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -492,9 +506,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -521,9 +543,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1124,7 +1154,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1243,7 +1272,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1295,7 +1323,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-rendering-scripts-verifier" GH_AW_ENGINE_ID: "claude" @@ -1394,7 +1421,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailyrenderingscriptsverifier steps: diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index bf32de320fe..59121182932 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -259,7 +258,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -394,6 +392,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -412,9 +418,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -433,10 +447,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -454,9 +476,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -483,9 +513,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1011,7 +1049,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1120,7 +1157,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-repo-chronicle" GH_AW_ENGINE_ID: "copilot" @@ -1188,7 +1224,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailyrepochronicle steps: @@ -1232,7 +1267,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml index 1862de7febd..d2c6e96a34e 100644 --- a/.github/workflows/daily-safe-output-optimizer.lock.yml +++ b/.github/workflows/daily-safe-output-optimizer.lock.yml @@ -52,7 +52,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -264,7 +263,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -437,6 +435,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -451,6 +453,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -478,10 +484,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -499,9 +513,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -528,9 +550,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1111,7 +1141,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1209,7 +1238,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1258,7 +1286,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-safe-output-optimizer" GH_AW_ENGINE_ID: "claude" @@ -1327,7 +1354,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: dailysafeoutputoptimizer steps: diff --git a/.github/workflows/daily-safe-outputs-conformance.lock.yml b/.github/workflows/daily-safe-outputs-conformance.lock.yml index f2e47603394..553835c3e85 100644 --- a/.github/workflows/daily-safe-outputs-conformance.lock.yml +++ b/.github/workflows/daily-safe-outputs-conformance.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -247,7 +246,6 @@ jobs: issues: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -349,6 +347,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -363,6 +365,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -390,10 +396,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -411,9 +425,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -440,9 +462,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -985,7 +1015,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1091,7 +1120,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-safe-outputs-conformance" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml index bb604dd06f0..50d0f2e3f9b 100644 --- a/.github/workflows/daily-secrets-analysis.lock.yml +++ b/.github/workflows/daily-secrets-analysis.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -244,7 +243,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -346,6 +344,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -375,6 +381,10 @@ jobs: "string" ] }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Resolution reason: RESOLVED (issue addressed), DUPLICATE (discussed elsewhere), OUTDATED (no longer relevant), or ANSWERED (question answered).", "enum": [ @@ -384,6 +394,10 @@ jobs: "ANSWERED" ], "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -402,10 +416,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -423,9 +445,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -452,9 +482,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -975,7 +1013,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1084,7 +1121,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-secrets-analysis" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-security-red-team.lock.yml b/.github/workflows/daily-security-red-team.lock.yml index 140c0035302..8bdea3e6d40 100644 --- a/.github/workflows/daily-security-red-team.lock.yml +++ b/.github/workflows/daily-security-red-team.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -251,7 +250,6 @@ jobs: issues: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -353,6 +351,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -367,6 +369,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -394,10 +400,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -415,9 +429,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -444,9 +466,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -989,7 +1019,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1095,7 +1124,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-security-red-team" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml index 0698f683d0c..5b58cbbfed2 100644 --- a/.github/workflows/daily-semgrep-scan.lock.yml +++ b/.github/workflows/daily-semgrep-scan.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -247,7 +246,6 @@ jobs: security-events: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -352,6 +350,10 @@ jobs: "description": "File path relative to the repository root where the issue was found (e.g., 'src/auth/password.js').", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number where the issue was found in the file.", "type": [ @@ -367,6 +369,10 @@ jobs: "description": "Suffix to append to the rule ID for categorizing different types of findings (e.g., 'sql-injection', 'xss').", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "severity": { "description": "Alert severity level: 'error' (critical security issues), 'warning' (potential problems), 'info' (informational), or 'note' (minor observations).", "enum": [ @@ -397,10 +403,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -418,9 +432,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -447,9 +469,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -969,7 +999,6 @@ jobs: permissions: contents: read security-events: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1072,7 +1101,6 @@ jobs: contents: read security-events: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-semgrep-scan" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml index f71350c061b..79a059f0240 100644 --- a/.github/workflows/daily-syntax-error-quality.lock.yml +++ b/.github/workflows/daily-syntax-error-quality.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -243,7 +242,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -344,6 +342,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -358,6 +360,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -385,10 +391,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -406,9 +420,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -435,9 +457,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -956,7 +986,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1062,7 +1091,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-syntax-error-quality" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml index 74dca905596..89f858da0f1 100644 --- a/.github/workflows/daily-team-evolution-insights.lock.yml +++ b/.github/workflows/daily-team-evolution-insights.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -250,7 +249,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -356,6 +354,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -378,10 +384,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -399,9 +413,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -428,9 +450,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -967,7 +997,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1076,7 +1105,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-team-evolution-insights" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index b0685dd6522..755be65ce3e 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -57,7 +57,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -257,7 +256,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -355,6 +353,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -369,6 +371,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -396,10 +402,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -417,9 +431,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -446,9 +468,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -947,7 +977,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1058,7 +1087,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_stop_time.outputs.stop_time_ok == 'true' }} matched_command: '' @@ -1094,7 +1122,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-team-status" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml index 092baf362a4..0031f5dcdaa 100644 --- a/.github/workflows/daily-testify-uber-super-expert.lock.yml +++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml @@ -53,7 +53,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -267,7 +266,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -375,6 +373,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -389,6 +391,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -416,10 +422,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -437,9 +451,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -466,9 +488,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1007,7 +1037,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1111,7 +1140,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1161,7 +1189,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1231,7 +1258,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-testify-uber-super-expert" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index 3f89a54992f..9cb8b1b0e0f 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -237,7 +236,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -343,6 +341,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -354,6 +356,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -376,10 +382,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -397,9 +411,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -426,9 +448,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -933,7 +963,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1059,7 +1088,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-workflow-updater" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/dead-code-remover.lock.yml b/.github/workflows/dead-code-remover.lock.yml index 4dd6db95d23..f29e267551d 100644 --- a/.github/workflows/dead-code-remover.lock.yml +++ b/.github/workflows/dead-code-remover.lock.yml @@ -47,7 +47,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -255,7 +254,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -381,6 +379,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -392,6 +394,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -414,10 +420,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -435,9 +449,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -464,9 +486,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -978,7 +1008,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1092,7 +1121,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1144,7 +1172,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dead-code-remover" GH_AW_ENGINE_ID: "copilot" @@ -1242,7 +1269,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: deadcoderemover steps: diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index 1a8fadbbf63..02c73d283f2 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -277,7 +276,6 @@ jobs: security-events: read concurrency: group: "gh-aw-codex-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -461,6 +459,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -475,6 +477,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -506,6 +512,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -524,9 +538,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -545,10 +567,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -566,9 +596,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -595,9 +633,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1165,7 +1211,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1276,7 +1321,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1347,7 +1391,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/deep-report" GH_AW_ENGINE_ID: "codex" @@ -1417,7 +1460,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: deepreport steps: @@ -1461,7 +1503,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml index cceae5bf651..76eea0f97b0 100644 --- a/.github/workflows/delight.lock.yml +++ b/.github/workflows/delight.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -259,7 +258,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -370,6 +368,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -384,6 +386,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -415,6 +421,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -437,10 +451,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -458,9 +480,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -487,9 +517,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1049,7 +1087,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1161,7 +1198,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1232,7 +1268,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/delight" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/dependabot-burner.lock.yml b/.github/workflows/dependabot-burner.lock.yml index 88cf09b975d..12b4aa5f395 100644 --- a/.github/workflows/dependabot-burner.lock.yml +++ b/.github/workflows/dependabot-burner.lock.yml @@ -45,7 +45,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -242,7 +241,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -340,6 +338,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -354,6 +356,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -381,10 +387,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -402,9 +416,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -431,9 +453,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -932,7 +962,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1031,7 +1060,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1067,7 +1095,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dependabot-burner" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index e0e9dec28ff..5fb82288e30 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -43,7 +43,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -241,7 +240,6 @@ jobs: security-events: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -339,6 +337,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -353,6 +355,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -380,12 +386,20 @@ jobs: "description": "Closing comment explaining why the issue is being closed and summarizing any resolution, workaround, or conclusion.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to close. This is the numeric ID from the GitHub URL (e.g., 901 in github.com/owner/repo/issues/901). If omitted, closes the issue that triggered this workflow (requires an issue event trigger).", "type": [ "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -404,10 +418,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -425,9 +447,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -454,9 +484,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -973,7 +1011,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1076,7 +1113,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dependabot-go-checker" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 113682c06bb..5ca9be34e9c 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -54,7 +54,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -271,7 +270,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -423,9 +421,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -444,10 +450,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -465,9 +479,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -494,9 +516,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1012,7 +1042,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1112,7 +1141,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1150,7 +1178,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dev-hawk" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index 3c1449ea1bf..883e86af710 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -43,7 +43,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -233,7 +232,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -331,6 +329,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -345,6 +347,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -372,10 +378,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -393,9 +407,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -422,9 +444,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -924,7 +954,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1026,7 +1055,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dev" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml index 0d3e682f70a..a5731a5b451 100644 --- a/.github/workflows/developer-docs-consolidator.lock.yml +++ b/.github/workflows/developer-docs-consolidator.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -263,7 +262,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -379,6 +377,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -409,6 +415,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -420,6 +430,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -442,10 +456,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -463,9 +485,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -492,9 +522,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1121,7 +1159,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1245,7 +1282,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/developer-docs-consolidator" GH_AW_ENGINE_ID: "claude" @@ -1343,7 +1379,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: developerdocsconsolidator steps: diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index 48b89efc190..21e4957f727 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -47,7 +47,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -243,7 +242,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -349,6 +347,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -360,6 +362,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -382,10 +388,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -403,9 +417,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -432,9 +454,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -939,7 +969,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1060,7 +1089,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dictation-prompt" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml index bc9e7d6c5ce..27f8ee265bf 100644 --- a/.github/workflows/discussion-task-miner.lock.yml +++ b/.github/workflows/discussion-task-miner.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -260,7 +259,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -361,6 +359,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -375,6 +377,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -402,9 +408,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -423,10 +437,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -444,9 +466,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -473,9 +503,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1025,7 +1063,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1135,7 +1172,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1207,7 +1243,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/discussion-task-miner" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index f90751fa379..1bda96184c5 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -246,7 +245,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -348,6 +346,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -366,9 +372,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -387,10 +401,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -408,9 +430,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -437,9 +467,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -966,7 +1004,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1071,7 +1108,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/docs-noob-tester" GH_AW_ENGINE_ID: "copilot" @@ -1139,7 +1175,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml index a6c0124b0bd..a5c799dc90d 100644 --- a/.github/workflows/draft-pr-cleanup.lock.yml +++ b/.github/workflows/draft-pr-cleanup.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -235,7 +234,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -333,12 +331,20 @@ jobs: "description": "Closing comment explaining why the PR is being closed without merging (e.g., superseded by another PR, no longer needed, approach rejected).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "pull_request_number": { "description": "Pull request number to close. This is the numeric ID from the GitHub URL (e.g., 432 in github.com/owner/repo/pull/432). If omitted, closes the PR that triggered this workflow (requires a pull_request event trigger).", "type": [ "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -357,9 +363,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -374,6 +388,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -384,6 +402,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -399,10 +421,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -420,9 +450,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -449,9 +487,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -973,7 +1019,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1078,7 +1123,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/draft-pr-cleanup" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml index da6c9ad57ff..99c12b173fe 100644 --- a/.github/workflows/duplicate-code-detector.lock.yml +++ b/.github/workflows/duplicate-code-detector.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -254,7 +253,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-codex-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -356,6 +354,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -370,6 +372,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -397,10 +403,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -418,9 +432,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -447,9 +469,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -963,7 +993,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1065,7 +1094,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/duplicate-code-detector" GH_AW_ENGINE_ID: "codex" diff --git a/.github/workflows/example-custom-error-patterns.lock.yml b/.github/workflows/example-custom-error-patterns.lock.yml index 233bf2edfdf..b57d764289b 100644 --- a/.github/workflows/example-custom-error-patterns.lock.yml +++ b/.github/workflows/example-custom-error-patterns.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -246,7 +245,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: examplecustomerrorpatterns outputs: @@ -508,7 +506,6 @@ jobs: permissions: actions: read contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_rate_limit.outputs.rate_limit_ok == 'true') }} matched_command: '' diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml index ff5a9d477e8..669c10da0e4 100644 --- a/.github/workflows/example-permissions-warning.lock.yml +++ b/.github/workflows/example-permissions-warning.lock.yml @@ -41,7 +41,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -229,7 +228,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: examplepermissionswarning outputs: diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index df54ed91a21..c098620fa8a 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -247,7 +246,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -407,6 +405,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -429,10 +435,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -450,9 +464,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -479,9 +501,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1030,7 +1060,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1135,7 +1164,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/example-workflow-analyzer" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index 0579be10e23..230378bfa75 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -54,7 +54,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -277,7 +276,6 @@ jobs: discussions: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -399,6 +397,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -421,10 +427,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -442,9 +456,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -471,9 +493,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -984,7 +1014,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1093,7 +1122,6 @@ jobs: permissions: issues: write - continue-on-error: false steps: - name: Create issue on test failure uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 @@ -1123,7 +1151,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1160,7 +1187,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1230,7 +1256,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/firewall-escape" GH_AW_ENGINE_ID: "copilot" @@ -1298,7 +1323,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: firewallescape steps: diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index 33aeec46868..5b5271321d0 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -41,7 +41,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -231,7 +230,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: firewall outputs: diff --git a/.github/workflows/functional-pragmatist.lock.yml b/.github/workflows/functional-pragmatist.lock.yml index b862749f331..f6be07afa01 100644 --- a/.github/workflows/functional-pragmatist.lock.yml +++ b/.github/workflows/functional-pragmatist.lock.yml @@ -47,7 +47,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -250,7 +249,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -356,6 +354,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -367,6 +369,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -389,10 +395,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -410,9 +424,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -439,9 +461,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -945,7 +975,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1072,7 +1101,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/functional-pragmatist" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml index 30cd8c2c78c..2380724e519 100644 --- a/.github/workflows/github-mcp-structural-analysis.lock.yml +++ b/.github/workflows/github-mcp-structural-analysis.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -263,7 +262,6 @@ jobs: security-events: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -402,6 +400,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -420,9 +426,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -441,10 +455,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -462,9 +484,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -491,9 +521,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1066,7 +1104,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1171,7 +1208,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/github-mcp-structural-analysis" GH_AW_ENGINE_ID: "claude" @@ -1238,7 +1274,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: githubmcpstructuralanalysis steps: @@ -1282,7 +1317,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml index beb5b06b498..15ed6f69acd 100644 --- a/.github/workflows/github-mcp-tools-report.lock.yml +++ b/.github/workflows/github-mcp-tools-report.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -260,7 +259,6 @@ jobs: security-events: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -376,6 +374,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -406,6 +412,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -417,6 +427,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -439,10 +453,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -460,9 +482,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -489,9 +519,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1078,7 +1116,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1202,7 +1239,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/github-mcp-tools-report" GH_AW_ENGINE_ID: "claude" @@ -1300,7 +1336,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: githubmcptoolsreport steps: diff --git a/.github/workflows/github-remote-mcp-auth-test.lock.yml b/.github/workflows/github-remote-mcp-auth-test.lock.yml index 653c8d85ec5..a3bc0e5e1f1 100644 --- a/.github/workflows/github-remote-mcp-auth-test.lock.yml +++ b/.github/workflows/github-remote-mcp-auth-test.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -245,7 +244,6 @@ jobs: issues: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -347,6 +345,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -369,10 +375,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -390,9 +404,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -419,9 +441,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -923,7 +953,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1029,7 +1058,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/github-remote-mcp-auth-test" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index 2711850f8aa..cbd16e214b5 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -265,7 +264,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -392,6 +390,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -403,6 +405,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -425,10 +431,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -446,9 +460,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -475,9 +497,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1024,7 +1054,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1146,7 +1175,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/glossary-maintainer" GH_AW_ENGINE_ID: "copilot" @@ -1244,7 +1272,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: glossarymaintainer steps: diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml index 3602fc38425..cbe18ca4fc0 100644 --- a/.github/workflows/go-fan.lock.yml +++ b/.github/workflows/go-fan.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -260,7 +259,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -376,6 +374,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -398,10 +404,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -419,9 +433,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -448,9 +470,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1032,7 +1062,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1141,7 +1170,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/go-fan" GH_AW_ENGINE_ID: "claude" @@ -1209,7 +1237,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: gofan steps: diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml index f67a5d91dd0..d19d479d838 100644 --- a/.github/workflows/go-logger.lock.yml +++ b/.github/workflows/go-logger.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -256,7 +255,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -392,6 +390,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -403,6 +405,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -425,10 +431,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -446,9 +460,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -475,9 +497,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1208,7 +1238,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1329,7 +1358,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/go-logger" GH_AW_ENGINE_ID: "claude" @@ -1427,7 +1455,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: gologger steps: diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index 9ec8c05de0f..e19edc226df 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -47,7 +47,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -254,7 +253,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -356,6 +354,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -370,6 +372,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -397,10 +403,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -418,9 +432,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -447,9 +469,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -990,7 +1020,6 @@ jobs: ast_grep: needs: activation runs-on: ubuntu-latest - continue-on-error: false outputs: found_patterns: ${{ steps.detect.outputs.found_patterns }} steps: @@ -1032,7 +1061,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1134,7 +1162,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/go-pattern-detector" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/gpclean.lock.yml b/.github/workflows/gpclean.lock.yml index f4f0e5f3397..32a62f80270 100644 --- a/.github/workflows/gpclean.lock.yml +++ b/.github/workflows/gpclean.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -247,7 +246,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -361,6 +359,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -375,6 +377,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -402,10 +408,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -423,9 +437,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -452,9 +474,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -960,7 +990,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1063,7 +1092,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/gpclean" GH_AW_ENGINE_ID: "copilot" @@ -1132,7 +1160,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: gpclean steps: diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index acbc13000a4..59997a538b9 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -56,7 +56,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -300,7 +299,6 @@ jobs: permissions: contents: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -398,6 +396,10 @@ jobs: "description": "Review comment content in Markdown. Provide specific, actionable feedback about the code at this location.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number for the comment. For single-line comments, this is the target line. For multi-line comments, this is the ending line.", "type": [ @@ -409,6 +411,10 @@ jobs: "description": "File path relative to the repository root (e.g., 'src/auth/login.js'). Must be a file that was changed in the PR.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "side": { "description": "Side of the diff to comment on: RIGHT for the new version (additions), LEFT for the old version (deletions). Defaults to RIGHT.", "enum": [ @@ -451,6 +457,14 @@ jobs: "COMMENT" ], "type": "string" + }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -466,10 +480,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -487,9 +509,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -516,9 +546,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1043,7 +1081,6 @@ jobs: permissions: contents: read pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1147,7 +1184,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1194,7 +1230,6 @@ jobs: contents: read pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/grumpy-reviewer" GH_AW_ENGINE_ID: "copilot" @@ -1262,7 +1297,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: grumpyreviewer steps: diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml index 46f6b7a4f38..0a83e816cb2 100644 --- a/.github/workflows/hourly-ci-cleaner.lock.yml +++ b/.github/workflows/hourly-ci-cleaner.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -267,7 +266,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -406,6 +404,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -417,6 +419,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -439,10 +445,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -460,9 +474,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -489,9 +511,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -990,7 +1020,6 @@ jobs: actions: read contents: read - continue-on-error: false outputs: ci_needs_fix: ${{ steps.ci_check.outputs.ci_needs_fix }} ci_run_id: ${{ steps.ci_check.outputs.ci_run_id }} @@ -1043,7 +1072,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1172,7 +1200,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/hourly-ci-cleaner" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml index 579d5ca4557..6e17e5912c5 100644 --- a/.github/workflows/instructions-janitor.lock.yml +++ b/.github/workflows/instructions-janitor.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -249,7 +248,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -369,6 +367,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -380,6 +382,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -402,10 +408,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -423,9 +437,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -452,9 +474,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1036,7 +1066,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1157,7 +1186,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/instructions-janitor" GH_AW_ENGINE_ID: "claude" @@ -1255,7 +1283,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: instructionsjanitor steps: diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml index 6a6194c150f..3d877bd1ea4 100644 --- a/.github/workflows/issue-arborist.lock.yml +++ b/.github/workflows/issue-arborist.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -250,7 +249,6 @@ jobs: issues: read concurrency: group: "gh-aw-codex-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -350,6 +348,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -364,6 +366,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -395,6 +401,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -417,10 +431,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -438,9 +460,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -455,6 +485,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "parent_issue_number": { "description": "The parent issue number to link the sub-issue to. This is the numeric ID from the GitHub URL (e.g., 100 in github.com/owner/repo/issues/100).", "type": [ @@ -462,6 +496,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "sub_issue_number": { "description": "The issue number to link as a sub-issue of the parent. This is the numeric ID from the GitHub URL (e.g., 101 in github.com/owner/repo/issues/101).", "type": [ @@ -495,9 +533,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1023,7 +1069,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1128,7 +1173,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/issue-arborist" GH_AW_ENGINE_ID: "codex" diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index ef31fc2ef04..dc05bc6bcd3 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -52,7 +52,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -267,7 +266,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -355,9 +353,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -376,6 +382,10 @@ jobs: "description": "Agent identifier to assign. Defaults to 'copilot' (the Copilot coding agent) if not specified.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to assign the Copilot coding agent to. This is the numeric ID from the GitHub URL (e.g., 234 in github.com/owner/repo/issues/234). Can also be a temporary_id (e.g., 'aw_abc123', 'aw_Test123') from an issue created earlier in the same workflow run. The issue should contain clear, actionable requirements. Either issue_number or pull_number must be provided, but not both.", "type": [ @@ -393,6 +403,10 @@ jobs: "pull_request_repo": { "description": "Target repository where the pull request should be created, in 'owner/repo' format. If omitted, the PR will be created in the same repository as the issue. This allows issues and code to live in different repositories. The global pull-request-repo configuration (if set) is automatically allowed; additional repositories must be listed in allowed-pull-request-repos.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -408,10 +422,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -429,9 +451,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -458,9 +488,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -970,7 +1008,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1072,7 +1109,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ ((steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true')) && (steps.check_skip_if_no_match.outputs.skip_no_match_check_ok == 'true') }} matched_command: '' @@ -1136,7 +1172,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/issue-monster" GH_AW_ENGINE_ID: "copilot" @@ -1227,7 +1262,6 @@ jobs: permissions: issues: read - continue-on-error: false outputs: has_issues: ${{ steps.search.outputs.has_issues }} issue_count: ${{ steps.search.outputs.issue_count }} diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml index 6ccc0d68a66..28deb7bb670 100644 --- a/.github/workflows/issue-triage-agent.lock.yml +++ b/.github/workflows/issue-triage-agent.lock.yml @@ -46,7 +46,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -247,7 +246,6 @@ jobs: issues: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -320,9 +318,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -337,6 +343,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -347,6 +357,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -362,10 +376,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -383,9 +405,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -412,9 +442,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -918,7 +956,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1022,7 +1059,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/issue-triage-agent" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index 1885c4631a7..2a2749db88d 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -252,7 +251,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -377,6 +375,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -388,6 +390,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -410,10 +416,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -431,9 +445,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -460,9 +482,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -981,7 +1011,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1108,7 +1137,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/jsweep" GH_AW_ENGINE_ID: "copilot" @@ -1207,7 +1235,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: jsweep steps: diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index 10018707416..01d8e63512c 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -45,7 +45,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -243,7 +242,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -356,6 +354,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -367,6 +369,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -389,10 +395,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -410,9 +424,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -439,9 +461,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -974,7 +1004,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1101,7 +1130,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/layout-spec-maintainer" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml index 392ad2fb817..b325a2b66d2 100644 --- a/.github/workflows/lockfile-stats.lock.yml +++ b/.github/workflows/lockfile-stats.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -254,7 +253,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -370,6 +368,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -392,10 +398,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -413,9 +427,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -442,9 +464,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -992,7 +1022,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1097,7 +1126,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/lockfile-stats" GH_AW_ENGINE_ID: "claude" @@ -1164,7 +1192,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: lockfilestats steps: diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 4532d3bdd74..061bd430916 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -63,7 +63,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -314,7 +313,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -491,6 +489,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -513,10 +519,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -534,9 +548,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -563,9 +585,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1330,7 +1360,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1434,7 +1463,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false steps: - name: Download agent output artifact continue-on-error: true @@ -1563,7 +1591,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false steps: - name: Download agent output artifact continue-on-error: true @@ -1708,7 +1735,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/mcp-inspector" GH_AW_ENGINE_ID: "copilot" @@ -1775,7 +1801,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: mcpinspector steps: diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index e89be343494..31b9445b3f5 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -51,7 +51,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -286,7 +285,6 @@ jobs: actions: read contents: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -387,6 +385,10 @@ jobs: "description": "Branch name to push changes from. If omitted, uses the current working branch. Only specify if you need to push from a different branch.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Commit message describing the changes. Follow repository commit message conventions (e.g., conventional commits).", "type": "string" @@ -397,6 +399,10 @@ jobs: "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -415,10 +421,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -436,9 +450,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -465,9 +487,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -994,7 +1024,6 @@ jobs: permissions: contents: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1098,7 +1127,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1147,7 +1175,6 @@ jobs: contents: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/mergefest" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml index 7f6fb8f2fc3..0e410cf653d 100644 --- a/.github/workflows/metrics-collector.lock.yml +++ b/.github/workflows/metrics-collector.lock.yml @@ -46,7 +46,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -252,7 +251,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: metricscollector outputs: @@ -599,7 +597,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -636,7 +633,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index 57da2f3c6f9..ceb9bd91e69 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -250,7 +249,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -346,10 +344,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -367,9 +373,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -396,9 +410,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -778,7 +800,6 @@ jobs: - safe_outputs if: (always()) && (needs.agent.result != 'skipped') runs-on: ubuntu-slim - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -880,7 +901,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false steps: - name: Download agent output artifact continue-on-error: true @@ -1007,7 +1027,6 @@ jobs: if: (!cancelled()) && (needs.agent.result != 'skipped') runs-on: ubuntu-slim timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/notion-issue-summary" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index 865d8708740..0b9e1ad7cd2 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -268,7 +267,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -395,6 +393,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -413,9 +419,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -434,10 +448,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -455,9 +477,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -484,9 +514,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1010,7 +1048,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1116,7 +1153,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/org-health-report" GH_AW_ENGINE_ID: "copilot" @@ -1183,7 +1219,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: orghealthreport steps: @@ -1227,7 +1262,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index dd7ff773ab6..7e3a211bcec 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -74,7 +74,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -332,7 +331,6 @@ jobs: discussions: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -444,6 +442,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -466,9 +472,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -487,10 +501,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -508,9 +530,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -537,9 +567,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1066,7 +1104,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1174,7 +1211,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1223,7 +1259,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/pdf-summary" GH_AW_ENGINE_ID: "copilot" @@ -1293,7 +1328,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: pdfsummary steps: diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index c1e273d1f47..83c851056e3 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -56,7 +56,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -293,7 +292,6 @@ jobs: discussions: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -381,6 +379,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -395,6 +397,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -429,6 +435,10 @@ jobs: "string" ] }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Resolution reason: RESOLVED (issue addressed), DUPLICATE (discussed elsewhere), OUTDATED (no longer relevant), or ANSWERED (question answered).", "enum": [ @@ -438,6 +448,10 @@ jobs: "ANSWERED" ], "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -456,10 +470,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -477,9 +499,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -506,9 +536,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1034,7 +1072,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1137,7 +1174,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1185,7 +1221,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/plan" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index a5e6b979653..f56c557f812 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -66,7 +66,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -321,7 +320,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -429,6 +427,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -443,6 +445,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -469,6 +475,14 @@ jobs: "body": { "description": "Clear, detailed task description for the Copilot coding agent. Include specific files to modify, expected behavior, acceptance criteria, and any constraints. The description should be actionable and self-contained.", "type": "string" + }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -491,6 +505,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -513,12 +535,20 @@ jobs: "description": "Closing comment explaining why the PR is being closed without merging (e.g., superseded by another PR, no longer needed, approach rejected).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "pull_request_number": { "description": "Pull request number to close. This is the numeric ID from the GitHub URL (e.g., 432 in github.com/owner/repo/pull/432). If omitted, closes the PR that triggered this workflow (requires a pull_request event trigger).", "type": [ "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -537,9 +567,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -566,6 +604,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -577,6 +619,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -599,6 +645,10 @@ jobs: "description": "Review comment content in Markdown. Provide specific, actionable feedback about the code at this location.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number for the comment. For single-line comments, this is the target line. For multi-line comments, this is the ending line.", "type": [ @@ -610,6 +660,10 @@ jobs: "description": "File path relative to the repository root (e.g., 'src/auth/login.js'). Must be a file that was changed in the PR.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "side": { "description": "Side of the diff to comment on: RIGHT for the new version (additions), LEFT for the old version (deletions). Defaults to RIGHT.", "enum": [ @@ -640,6 +694,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -650,6 +708,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -672,6 +734,10 @@ jobs: "description": "Issue body content in Markdown. For 'replace', this becomes the entire body. For 'append'/'prepend', this content is added with a separator and an attribution footer. For 'replace-island', only the run-specific section is updated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to update. This is the numeric ID from the GitHub URL (e.g., 789 in github.com/owner/repo/issues/789). Required when the workflow target is '*' (any issue).", "type": [ @@ -703,6 +769,10 @@ jobs: ], "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "status": { "description": "New issue status: 'open' to reopen a closed issue, 'closed' to close an open issue.", "enum": [ @@ -729,6 +799,10 @@ jobs: "description": "Branch name to push changes from. If omitted, uses the current working branch. Only specify if you need to push from a different branch.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Commit message describing the changes. Follow repository commit message conventions (e.g., conventional commits).", "type": "string" @@ -739,6 +813,10 @@ jobs: "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -753,9 +831,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -774,10 +860,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -795,9 +889,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -812,6 +914,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "parent_issue_number": { "description": "The parent issue number to link the sub-issue to. This is the numeric ID from the GitHub URL (e.g., 100 in github.com/owner/repo/issues/100).", "type": [ @@ -819,6 +925,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "sub_issue_number": { "description": "The issue number to link as a sub-issue of the parent. This is the numeric ID from the GitHub URL (e.g., 101 in github.com/owner/repo/issues/101).", "type": [ @@ -852,9 +962,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1655,7 +1773,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1778,7 +1895,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1829,7 +1945,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/poem-bot" GH_AW_ENGINE_ID: "copilot" @@ -1945,7 +2060,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: poembot steps: @@ -1989,7 +2103,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml index 41181d0a186..d60f7ba49af 100644 --- a/.github/workflows/portfolio-analyst.lock.yml +++ b/.github/workflows/portfolio-analyst.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -265,7 +264,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -462,6 +460,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -480,9 +486,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -501,10 +515,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -522,9 +544,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -551,9 +581,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1091,7 +1129,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1201,7 +1238,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/portfolio-analyst" GH_AW_ENGINE_ID: "copilot" @@ -1269,7 +1305,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: portfolioanalyst steps: @@ -1313,7 +1348,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index c01cadb91aa..4fd6af6ff3b 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -84,7 +84,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -330,7 +329,6 @@ jobs: actions: read contents: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -442,6 +440,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -464,6 +470,10 @@ jobs: "description": "Review comment content in Markdown. Provide specific, actionable feedback about the code at this location.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number for the comment. For single-line comments, this is the target line. For multi-line comments, this is the ending line.", "type": [ @@ -475,6 +485,10 @@ jobs: "description": "File path relative to the repository root (e.g., 'src/auth/login.js'). Must be a file that was changed in the PR.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "side": { "description": "Side of the diff to comment on: RIGHT for the new version (additions), LEFT for the old version (deletions). Defaults to RIGHT.", "enum": [ @@ -517,6 +531,14 @@ jobs: "COMMENT" ], "type": "string" + }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -532,10 +554,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -553,9 +583,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -582,9 +620,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1138,7 +1184,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1250,7 +1295,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1299,7 +1343,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/pr-nitpick-reviewer" GH_AW_ENGINE_ID: "copilot" @@ -1367,7 +1410,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: prnitpickreviewer steps: diff --git a/.github/workflows/pr-triage-agent.lock.yml b/.github/workflows/pr-triage-agent.lock.yml index f639588728b..4b02fb35d9b 100644 --- a/.github/workflows/pr-triage-agent.lock.yml +++ b/.github/workflows/pr-triage-agent.lock.yml @@ -43,7 +43,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -254,7 +253,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -352,6 +350,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -366,6 +368,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -393,9 +399,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -410,6 +424,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -420,6 +438,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -435,10 +457,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -456,9 +486,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -485,9 +523,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1034,7 +1080,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1141,7 +1186,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1213,7 +1257,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/pr-triage-agent" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index 1ee3e896cf0..66f7aca4e00 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -53,7 +53,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -269,7 +268,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -489,6 +487,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -511,10 +517,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -532,9 +546,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -561,9 +583,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1123,7 +1153,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1228,7 +1257,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/prompt-clustering-analysis" GH_AW_ENGINE_ID: "claude" @@ -1295,7 +1323,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: promptclusteringanalysis steps: diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index 67c8651c29d..a8a10cdcc33 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -47,7 +47,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -261,7 +260,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -450,6 +448,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -468,9 +474,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -489,10 +503,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -510,9 +532,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -539,9 +569,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1079,7 +1117,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1185,7 +1222,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/python-data-charts" GH_AW_ENGINE_ID: "copilot" @@ -1252,7 +1288,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: pythondatacharts steps: @@ -1296,7 +1331,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index acb9b95ca6a..917951cf822 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -92,7 +92,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -349,7 +348,6 @@ jobs: discussions: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -511,9 +509,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -540,6 +546,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -551,6 +561,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -573,10 +587,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -594,9 +616,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -623,9 +653,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1177,7 +1215,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1309,7 +1346,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1360,7 +1396,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/q" GH_AW_ENGINE_ID: "copilot" @@ -1461,7 +1496,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: q steps: diff --git a/.github/workflows/refiner.lock.yml b/.github/workflows/refiner.lock.yml index ce6b4bee4ac..67288ddb767 100644 --- a/.github/workflows/refiner.lock.yml +++ b/.github/workflows/refiner.lock.yml @@ -56,7 +56,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -276,7 +275,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -364,9 +362,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -393,6 +399,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -404,6 +414,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -426,10 +440,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -447,9 +469,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -476,9 +506,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1000,7 +1038,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1119,7 +1156,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1159,7 +1195,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/refiner" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index 6afe3836043..9894ce96e24 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -55,7 +55,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -255,7 +254,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -360,6 +358,10 @@ jobs: "description": "Release body content in Markdown. For 'replace', this becomes the entire release body. For 'append'/'prepend', this is added with a separator.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "operation": { "description": "How to update the release body: 'replace' (completely overwrite), 'append' (add to end with separator), or 'prepend' (add to start with separator).", "enum": [ @@ -369,6 +371,10 @@ jobs: ], "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tag": { "description": "Release tag name (e.g., 'v1.0.0'). REQUIRED - must be provided explicitly as the tag cannot always be inferred from event context.", "type": "string" @@ -392,10 +398,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -413,9 +427,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -442,9 +464,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -934,7 +964,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1034,7 +1063,6 @@ jobs: - activation - pre_activation runs-on: ubuntu-latest - continue-on-error: false outputs: release_tag: ${{ steps.compute_config.outputs.release_tag }} steps: @@ -1142,7 +1170,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1182,7 +1209,6 @@ jobs: id-token: write packages: write - continue-on-error: false outputs: release_id: ${{ steps.get_release.outputs.release_id }} steps: @@ -1326,7 +1352,6 @@ jobs: permissions: contents: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/release" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/repo-audit-analyzer.lock.yml b/.github/workflows/repo-audit-analyzer.lock.yml index 587a1ace5ab..3c7b07a9c31 100644 --- a/.github/workflows/repo-audit-analyzer.lock.yml +++ b/.github/workflows/repo-audit-analyzer.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -259,7 +258,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -372,6 +370,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -394,10 +400,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -415,9 +429,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -444,9 +466,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -946,7 +976,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1055,7 +1084,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/repo-audit-analyzer" GH_AW_ENGINE_ID: "copilot" @@ -1122,7 +1150,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: repoauditanalyzer steps: diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index e1361aee897..ae18c6189e2 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -246,7 +245,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -348,6 +346,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -370,10 +376,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -391,9 +405,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -420,9 +442,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -915,7 +945,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1021,7 +1050,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/repo-tree-map" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index 0d42e483775..c891ed9a5c1 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -258,7 +257,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -371,6 +369,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -393,10 +399,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -414,9 +428,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -443,9 +465,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -953,7 +983,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1059,7 +1088,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/repository-quality-improver" GH_AW_ENGINE_ID: "copilot" @@ -1126,7 +1154,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: repositoryqualityimprover steps: diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index ec8de282b30..d33c38ade5e 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -256,7 +255,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -358,6 +356,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -380,10 +386,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -401,9 +415,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -430,9 +452,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -941,7 +971,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1047,7 +1076,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/research" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index 65e88a5e2b9..476d2607068 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -259,7 +258,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -436,6 +434,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -458,10 +464,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -479,9 +493,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -508,9 +530,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1085,7 +1115,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1190,7 +1219,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/safe-output-health" GH_AW_ENGINE_ID: "claude" @@ -1257,7 +1285,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: safeoutputhealth steps: diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml index ff1d32d5edf..0440a46735e 100644 --- a/.github/workflows/schema-consistency-checker.lock.yml +++ b/.github/workflows/schema-consistency-checker.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -254,7 +253,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -370,6 +368,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -392,10 +398,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -413,9 +427,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -442,9 +464,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -993,7 +1023,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1098,7 +1127,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/schema-consistency-checker" GH_AW_ENGINE_ID: "claude" @@ -1165,7 +1193,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: schemaconsistencychecker steps: diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index 44c90141cff..161fced2421 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -111,7 +111,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -386,7 +385,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -491,9 +489,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -508,6 +514,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -518,6 +528,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -533,10 +547,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -554,9 +576,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -583,9 +613,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1192,7 +1230,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1306,7 +1343,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1355,7 +1391,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/scout" GH_AW_ENGINE_ID: "claude" @@ -1425,7 +1460,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: scout steps: diff --git a/.github/workflows/security-alert-burndown.campaign.g.lock.yml b/.github/workflows/security-alert-burndown.campaign.g.lock.yml index 324cc40e63f..b68e76db659 100644 --- a/.github/workflows/security-alert-burndown.campaign.g.lock.yml +++ b/.github/workflows/security-alert-burndown.campaign.g.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -246,7 +245,6 @@ jobs: contents: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -381,6 +379,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -395,6 +397,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -422,9 +428,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -443,10 +457,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -464,9 +486,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -554,6 +584,10 @@ jobs: "description": "Custom field values to set on the project item (e.g., {'Status': 'In Progress', 'Priority': 'High'}). Field names must match custom fields defined in the project.", "type": "object" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "operation": { "description": "Optional operation mode. Use create_fields to create required fields up-front, or create_view to add a project view. When omitted, the tool adds/updates project items.", "enum": [ @@ -567,6 +601,10 @@ jobs: "pattern": "^(https://github\\.com/(orgs|users)/[^/]+/projects/\\d+|#?aw_[A-Za-z0-9]{3,8})$", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for this draft issue (e.g., 'aw_abc1', '#aw_Test123'). Provide this when creating a new draft to enable future updates via draft_issue_id. Format: optional leading '#', then 'aw_' followed by 3 to 8 alphanumeric characters.", "pattern": "^#?aw_[A-Za-z0-9]{3,8}$", @@ -629,9 +667,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -648,11 +694,19 @@ jobs: "description": "Status update body in markdown format describing progress, findings, trends, and next steps. Should provide stakeholders with clear understanding of project state.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "project": { "description": "Full GitHub project URL (e.g., 'https://github.com/orgs/myorg/projects/42' or 'https://github.com/users/username/projects/5'). Project names or numbers alone are NOT accepted.", "pattern": "^https://github\\\\.com/(orgs|users)/[^/]+/projects/\\\\d+$", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "start_date": { "description": "Optional project start date in YYYY-MM-DD format (e.g., '2026-01-06').", "pattern": "^\\\\d{4}-\\\\d{2}-\\\\d{2}$", @@ -1330,7 +1384,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1435,7 +1488,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_campaigns: ${{ steps.push_repo_memory_campaigns.outputs.validation_error }} validation_failed_campaigns: ${{ steps.push_repo_memory_campaigns.outputs.validation_failed }} @@ -1507,7 +1559,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/security-alert-burndown.campaign.g" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml index 076792e6356..4eec6608a30 100644 --- a/.github/workflows/security-compliance.lock.yml +++ b/.github/workflows/security-compliance.lock.yml @@ -53,7 +53,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -281,7 +280,6 @@ jobs: permissions: contents: read security-events: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -389,6 +387,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -403,6 +405,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -430,10 +436,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -451,9 +465,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -480,9 +502,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -991,7 +1021,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1097,7 +1126,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1167,7 +1195,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/security-compliance" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml index 34afcd108fc..6d9b114f856 100644 --- a/.github/workflows/security-review.lock.yml +++ b/.github/workflows/security-review.lock.yml @@ -56,7 +56,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -301,7 +300,6 @@ jobs: issues: read pull-requests: read security-events: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -463,6 +461,10 @@ jobs: "description": "Review comment content in Markdown. Provide specific, actionable feedback about the code at this location.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number for the comment. For single-line comments, this is the target line. For multi-line comments, this is the ending line.", "type": [ @@ -474,6 +476,10 @@ jobs: "description": "File path relative to the repository root (e.g., 'src/auth/login.js'). Must be a file that was changed in the PR.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "side": { "description": "Side of the diff to comment on: RIGHT for the new version (additions), LEFT for the old version (deletions). Defaults to RIGHT.", "enum": [ @@ -516,6 +522,14 @@ jobs: "COMMENT" ], "type": "string" + }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -531,10 +545,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -552,9 +574,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -581,9 +611,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1122,7 +1160,6 @@ jobs: permissions: contents: read pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1226,7 +1263,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1273,7 +1309,6 @@ jobs: contents: read pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/security-review" GH_AW_ENGINE_ID: "copilot" @@ -1341,7 +1376,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: securityreview steps: diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml index b345c72a73e..e982e47ed2b 100644 --- a/.github/workflows/semantic-function-refactor.lock.yml +++ b/.github/workflows/semantic-function-refactor.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -252,7 +251,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -354,6 +352,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -368,6 +370,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -395,12 +401,20 @@ jobs: "description": "Closing comment explaining why the issue is being closed and summarizing any resolution, workaround, or conclusion.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to close. This is the numeric ID from the GitHub URL (e.g., 901 in github.com/owner/repo/issues/901). If omitted, closes the issue that triggered this workflow (requires an issue event trigger).", "type": [ "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -419,10 +433,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -440,9 +462,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -469,9 +499,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1067,7 +1105,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1169,7 +1206,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/semantic-function-refactor" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/sergo.lock.yml b/.github/workflows/sergo.lock.yml index 12a28a01fef..075b3ec93a9 100644 --- a/.github/workflows/sergo.lock.yml +++ b/.github/workflows/sergo.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -260,7 +259,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -376,6 +374,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -398,10 +404,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -419,9 +433,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -448,9 +470,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1031,7 +1061,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1140,7 +1169,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/sergo" GH_AW_ENGINE_ID: "claude" @@ -1208,7 +1236,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: sergo steps: diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index 4bf8e7212e7..aa0018b2579 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -270,7 +269,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -397,6 +395,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -408,6 +410,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -430,10 +436,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -451,9 +465,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -480,9 +502,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1041,7 +1071,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1161,7 +1190,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1213,7 +1241,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/slide-deck-maintainer" GH_AW_ENGINE_ID: "copilot" @@ -1312,7 +1339,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: slidedeckmaintainer steps: diff --git a/.github/workflows/smoke-agent.lock.yml b/.github/workflows/smoke-agent.lock.yml index 9b05dcd6024..a875fa73281 100644 --- a/.github/workflows/smoke-agent.lock.yml +++ b/.github/workflows/smoke-agent.lock.yml @@ -54,7 +54,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -277,7 +276,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -379,9 +377,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -400,6 +406,10 @@ jobs: "description": "Agent identifier to assign. Defaults to 'copilot' (the Copilot coding agent) if not specified.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to assign the Copilot coding agent to. This is the numeric ID from the GitHub URL (e.g., 234 in github.com/owner/repo/issues/234). Can also be a temporary_id (e.g., 'aw_abc123', 'aw_Test123') from an issue created earlier in the same workflow run. The issue should contain clear, actionable requirements. Either issue_number or pull_number must be provided, but not both.", "type": [ @@ -417,6 +427,10 @@ jobs: "pull_request_repo": { "description": "Target repository where the pull request should be created, in 'owner/repo' format. If omitted, the PR will be created in the same repository as the issue. This allows issues and code to live in different repositories. The global pull-request-repo configuration (if set) is automatically allowed; additional repositories must be listed in allowed-pull-request-repos.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -432,10 +446,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -453,9 +475,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -482,9 +512,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -978,7 +1016,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1101,7 +1138,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1139,7 +1175,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent" GH_AW_ENGINE_ID: "codex" diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index 94a998b43f8..5b5b842c075 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -68,7 +68,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -655,7 +654,6 @@ jobs: discussions: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -827,6 +825,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -841,6 +843,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -868,12 +874,20 @@ jobs: "description": "Closing comment explaining why the PR is being closed without merging (e.g., superseded by another PR, no longer needed, approach rejected).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "pull_request_number": { "description": "Pull request number to close. This is the numeric ID from the GitHub URL (e.g., 432 in github.com/owner/repo/pull/432). If omitted, closes the PR that triggered this workflow (requires a pull_request event trigger).", "type": [ "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -892,9 +906,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -913,6 +935,10 @@ jobs: "description": "Review comment content in Markdown. Provide specific, actionable feedback about the code at this location.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number for the comment. For single-line comments, this is the target line. For multi-line comments, this is the ending line.", "type": [ @@ -924,6 +950,10 @@ jobs: "description": "File path relative to the repository root (e.g., 'src/auth/login.js'). Must be a file that was changed in the PR.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "side": { "description": "Side of the diff to comment on: RIGHT for the new version (additions), LEFT for the old version (deletions). Defaults to RIGHT.", "enum": [ @@ -966,6 +996,14 @@ jobs: "COMMENT" ], "type": "string" + }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -977,6 +1015,14 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "thread_id": { "description": "The node ID of the review thread to resolve (e.g., 'PRRT_kwDOABCD...'). This is the GraphQL node ID, not a numeric ID.", "type": "string" @@ -994,6 +1040,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -1004,6 +1054,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -1015,6 +1069,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "pull_request_number": { "description": "Pull request number to add reviewers to. This is the numeric ID from the GitHub URL (e.g., 876 in github.com/owner/repo/pull/876). If omitted, adds reviewers to the PR that triggered this workflow. Only works for pull_request event triggers. For workflow_dispatch, schedule, or other triggers, pull_request_number is required — omitting it will silently skip the reviewer assignment.", "type": [ @@ -1028,6 +1086,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -1050,6 +1112,10 @@ jobs: "description": "Whether the PR should be a draft (true) or ready for review (false). Use to convert between draft and ready states.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "operation": { "description": "How to update the PR body: 'replace' (default - completely overwrite), 'append' (add to end with separator), or 'prepend' (add to start with separator). Title is always replaced.", "enum": [ @@ -1066,6 +1132,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "New pull request title to replace the existing title.", "type": "string" @@ -1084,6 +1154,10 @@ jobs: "description": "Branch name to push changes from. If omitted, uses the current working branch. Only specify if you need to push from a different branch.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Commit message describing the changes. Follow repository commit message conventions (e.g., conventional commits).", "type": "string" @@ -1094,6 +1168,10 @@ jobs: "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -1112,10 +1190,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -1133,9 +1219,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -1162,9 +1256,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -2550,7 +2652,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -2673,7 +2774,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -2713,7 +2813,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-claude" GH_AW_ENGINE_ID: "claude" @@ -2817,7 +2916,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: smokeclaude steps: diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml index 55c9cdb4f33..8e6b0828dec 100644 --- a/.github/workflows/smoke-codex.lock.yml +++ b/.github/workflows/smoke-codex.lock.yml @@ -61,7 +61,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -316,7 +315,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -435,6 +433,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -449,6 +451,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -476,9 +482,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -493,6 +507,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -503,6 +521,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -514,6 +536,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to remove labels from. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, removes labels from the item that triggered this workflow.", "type": "number" @@ -524,6 +550,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -549,6 +579,10 @@ jobs: }, "type": "array" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to unassign users from. This is the numeric ID from the GitHub URL (e.g., 543 in github.com/owner/repo/issues/543). If omitted, uses the issue that triggered this workflow.", "type": [ @@ -559,6 +593,10 @@ jobs: "repo": { "description": "Target repository in 'owner/repo' format. If omitted, uses the current repository. Must be in allowed-repos list if specified.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -574,10 +612,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -595,9 +641,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -616,6 +670,10 @@ jobs: "description": "GraphQL node ID of the comment to hide (e.g., 'IC_kwDOABCD123456'). This is the GraphQL node ID, not the numeric comment ID from REST API. Can be obtained from GraphQL queries or comment API responses.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Optional reason for hiding the comment. Defaults to SPAM if not provided. Valid values: SPAM (spam content), ABUSE (abusive/harassment content), OFF_TOPIC (not relevant to discussion), OUTDATED (no longer applicable), RESOLVED (issue/question has been resolved).", "enum": [ @@ -626,6 +684,10 @@ jobs: "RESOLVED" ], "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -652,9 +714,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1449,7 +1519,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1570,7 +1639,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1608,7 +1676,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-codex" GH_AW_ENGINE_ID: "codex" @@ -1680,7 +1747,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: smokecodex steps: diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml index 90b9a3483ce..0d95d6567a8 100644 --- a/.github/workflows/smoke-copilot-arm.lock.yml +++ b/.github/workflows/smoke-copilot-arm.lock.yml @@ -60,7 +60,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -320,7 +319,6 @@ jobs: discussions: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -488,6 +486,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -502,6 +504,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -533,6 +539,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -555,6 +569,10 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" @@ -562,6 +580,10 @@ jobs: "repo": { "description": "Target repository for this operation in 'owner/repo' format. Must be the target-repo or in the allowed-repos list.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -580,6 +602,10 @@ jobs: "description": "Review comment content in Markdown. Provide specific, actionable feedback about the code at this location.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number for the comment. For single-line comments, this is the target line. For multi-line comments, this is the ending line.", "type": [ @@ -591,6 +617,10 @@ jobs: "description": "File path relative to the repository root (e.g., 'src/auth/login.js'). Must be a file that was changed in the PR.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "side": { "description": "Side of the diff to comment on: RIGHT for the new version (additions), LEFT for the old version (deletions). Defaults to RIGHT.", "enum": [ @@ -633,6 +663,14 @@ jobs: "COMMENT" ], "type": "string" + }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -644,6 +682,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -658,6 +700,10 @@ jobs: "repo": { "description": "Target repository for this operation in 'owner/repo' format. Must be the target-repo or in the allowed-repos list.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -669,6 +715,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to remove labels from. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, removes labels from the item that triggered this workflow.", "type": "number" @@ -679,6 +729,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -697,10 +751,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -718,9 +780,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -747,9 +817,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1975,7 +2053,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -2099,7 +2176,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -2138,7 +2214,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-copilot-arm" GH_AW_ENGINE_ID: "copilot" @@ -2211,7 +2286,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false steps: - name: Download agent output artifact continue-on-error: true @@ -2245,7 +2319,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: smokecopilotarm steps: diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 5dcdd8b1ab3..39651cd89e3 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -62,7 +62,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -323,7 +322,6 @@ jobs: discussions: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -491,6 +489,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -505,6 +507,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -536,6 +542,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -558,6 +572,10 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" @@ -565,6 +583,10 @@ jobs: "repo": { "description": "Target repository for this operation in 'owner/repo' format. Must be the target-repo or in the allowed-repos list.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -583,6 +605,10 @@ jobs: "description": "Review comment content in Markdown. Provide specific, actionable feedback about the code at this location.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "line": { "description": "Line number for the comment. For single-line comments, this is the target line. For multi-line comments, this is the ending line.", "type": [ @@ -594,6 +620,10 @@ jobs: "description": "File path relative to the repository root (e.g., 'src/auth/login.js'). Must be a file that was changed in the PR.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "side": { "description": "Side of the diff to comment on: RIGHT for the new version (additions), LEFT for the old version (deletions). Defaults to RIGHT.", "enum": [ @@ -636,6 +666,14 @@ jobs: "COMMENT" ], "type": "string" + }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -647,6 +685,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -661,6 +703,10 @@ jobs: "repo": { "description": "Target repository for this operation in 'owner/repo' format. Must be the target-repo or in the allowed-repos list.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -672,6 +718,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to remove labels from. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, removes labels from the item that triggered this workflow.", "type": "number" @@ -682,6 +732,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -700,10 +754,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -721,9 +783,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -738,6 +808,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to set the type for. If omitted, sets the type on the issue that triggered this workflow.", "type": [ @@ -748,6 +822,10 @@ jobs: "issue_type": { "description": "Issue type name to set (e.g., \"Bug\", \"Feature\", \"Task\"). Use an empty string \"\" to clear the current issue type.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -774,9 +852,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -2020,7 +2106,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -2144,7 +2229,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -2183,7 +2267,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-copilot" GH_AW_ENGINE_ID: "copilot" @@ -2256,7 +2339,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false steps: - name: Download agent output artifact continue-on-error: true @@ -2290,7 +2372,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: smokecopilot steps: diff --git a/.github/workflows/smoke-create-cross-repo-pr.lock.yml b/.github/workflows/smoke-create-cross-repo-pr.lock.yml index 43bb6a3cc7b..4bf99c1ae68 100644 --- a/.github/workflows/smoke-create-cross-repo-pr.lock.yml +++ b/.github/workflows/smoke-create-cross-repo-pr.lock.yml @@ -56,7 +56,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -284,7 +283,6 @@ jobs: copilot-requests: write issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -389,6 +387,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -403,6 +405,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -430,9 +436,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -459,6 +473,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -470,6 +488,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -492,10 +514,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -513,9 +543,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -542,9 +580,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1102,7 +1148,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1239,7 +1284,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1279,7 +1323,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-create-cross-repo-pr" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml index 257391b3583..5e0751c1aee 100644 --- a/.github/workflows/smoke-gemini.lock.yml +++ b/.github/workflows/smoke-gemini.lock.yml @@ -61,7 +61,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -310,7 +309,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -422,6 +420,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -436,6 +438,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -463,9 +469,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -480,6 +494,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -490,6 +508,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -505,10 +527,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -526,9 +556,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -555,9 +593,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1189,7 +1235,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1310,7 +1355,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1348,7 +1392,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-gemini" GH_AW_ENGINE_ID: "gemini" @@ -1420,7 +1463,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: smokegemini steps: diff --git a/.github/workflows/smoke-multi-pr.lock.yml b/.github/workflows/smoke-multi-pr.lock.yml index 9644bc817f6..9d830337bcd 100644 --- a/.github/workflows/smoke-multi-pr.lock.yml +++ b/.github/workflows/smoke-multi-pr.lock.yml @@ -56,7 +56,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -293,7 +292,6 @@ jobs: permissions: contents: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -391,9 +389,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -420,6 +426,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -431,6 +441,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -453,10 +467,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -474,9 +496,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -503,9 +533,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1053,7 +1091,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1191,7 +1228,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1231,7 +1267,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-multi-pr" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/smoke-project.lock.yml b/.github/workflows/smoke-project.lock.yml index 4bfee0e5263..552b18ff3d2 100644 --- a/.github/workflows/smoke-project.lock.yml +++ b/.github/workflows/smoke-project.lock.yml @@ -54,7 +54,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -292,7 +291,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -390,6 +388,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -404,6 +406,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -431,9 +437,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -460,6 +474,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -471,6 +489,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -489,6 +511,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to add labels to. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, adds labels to the issue or PR that triggered this workflow. Only works for issue or pull_request event triggers. For schedule, workflow_dispatch, or other triggers, item_number is required — omitting it will silently skip the label operation.", "type": "number" @@ -499,6 +525,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -510,6 +540,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "Issue or PR number to remove labels from. This is the numeric ID from the GitHub URL (e.g., 456 in github.com/owner/repo/issues/456). If omitted, removes labels from the item that triggered this workflow.", "type": "number" @@ -520,6 +554,10 @@ jobs: "type": "string" }, "type": "array" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -538,10 +576,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -559,9 +605,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -649,6 +703,10 @@ jobs: "description": "Custom field values to set on the project item (e.g., {'Status': 'In Progress', 'Priority': 'High'}). Field names must match custom fields defined in the project.", "type": "object" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "operation": { "description": "Optional operation mode. Use create_fields to create required fields up-front, or create_view to add a project view. When omitted, the tool adds/updates project items.", "enum": [ @@ -662,6 +720,10 @@ jobs: "pattern": "^(https://github\\.com/(orgs|users)/[^/]+/projects/\\d+|#?aw_[A-Za-z0-9]{3,8})$", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for this draft issue (e.g., 'aw_abc1', '#aw_Test123'). Provide this when creating a new draft to enable future updates via draft_issue_id. Format: optional leading '#', then 'aw_' followed by 3 to 8 alphanumeric characters.", "pattern": "^#?aw_[A-Za-z0-9]{3,8}$", @@ -724,9 +786,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -743,11 +813,19 @@ jobs: "description": "Status update body in markdown format describing progress, findings, trends, and next steps. Should provide stakeholders with clear understanding of project state.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "project": { "description": "Full GitHub project URL (e.g., 'https://github.com/orgs/myorg/projects/42' or 'https://github.com/users/username/projects/5'). Project names or numbers alone are NOT accepted.", "pattern": "^https://github\\\\.com/(orgs|users)/[^/]+/projects/\\\\d+$", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "start_date": { "description": "Optional project start date in YYYY-MM-DD format (e.g., '2026-01-06').", "pattern": "^\\\\d{4}-\\\\d{2}-\\\\d{2}$", @@ -1446,7 +1524,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1584,7 +1661,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1624,7 +1700,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-project" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/smoke-temporary-id.lock.yml b/.github/workflows/smoke-temporary-id.lock.yml index 82b2c789310..e9a58fc9753 100644 --- a/.github/workflows/smoke-temporary-id.lock.yml +++ b/.github/workflows/smoke-temporary-id.lock.yml @@ -54,7 +54,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -288,7 +287,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -386,6 +384,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -400,6 +402,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -427,9 +433,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -448,10 +462,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -469,9 +491,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -486,6 +516,10 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "parent_issue_number": { "description": "The parent issue number to link the sub-issue to. This is the numeric ID from the GitHub URL (e.g., 100 in github.com/owner/repo/issues/100).", "type": [ @@ -493,6 +527,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "sub_issue_number": { "description": "The issue number to link as a sub-issue of the parent. This is the numeric ID from the GitHub URL (e.g., 101 in github.com/owner/repo/issues/101).", "type": [ @@ -526,9 +564,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1065,7 +1111,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1187,7 +1232,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1225,7 +1269,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-temporary-id" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml index 5373f7d0ad6..9efd7abf35f 100644 --- a/.github/workflows/smoke-test-tools.lock.yml +++ b/.github/workflows/smoke-test-tools.lock.yml @@ -56,7 +56,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -277,7 +276,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -399,9 +397,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -420,10 +426,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -441,9 +455,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -470,9 +492,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -958,7 +988,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1080,7 +1109,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1118,7 +1146,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-test-tools" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/smoke-update-cross-repo-pr.lock.yml b/.github/workflows/smoke-update-cross-repo-pr.lock.yml index ca720ad3777..127862d6a68 100644 --- a/.github/workflows/smoke-update-cross-repo-pr.lock.yml +++ b/.github/workflows/smoke-update-cross-repo-pr.lock.yml @@ -56,7 +56,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -291,7 +290,6 @@ jobs: copilot-requests: write issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -413,6 +411,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -427,6 +429,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -454,9 +460,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -475,6 +489,10 @@ jobs: "description": "Branch name to push changes from. If omitted, uses the current working branch. Only specify if you need to push from a different branch.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Commit message describing the changes. Follow repository commit message conventions (e.g., conventional commits).", "type": "string" @@ -485,6 +503,10 @@ jobs: "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -503,10 +525,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -524,9 +554,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -553,9 +591,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1104,7 +1150,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1227,7 +1272,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1267,7 +1311,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-update-cross-repo-pr" GH_AW_ENGINE_ID: "copilot" @@ -1371,7 +1414,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: smokeupdatecrossrepopr steps: diff --git a/.github/workflows/smoke-workflow-call.lock.yml b/.github/workflows/smoke-workflow-call.lock.yml index 79d5c9a8471..d698ca74565 100644 --- a/.github/workflows/smoke-workflow-call.lock.yml +++ b/.github/workflows/smoke-workflow-call.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -245,7 +244,6 @@ jobs: permissions: contents: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -343,9 +341,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -364,10 +370,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -385,9 +399,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -414,9 +436,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -922,7 +952,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1022,7 +1051,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1060,7 +1088,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-workflow-call" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index 2d441904f11..ac6b501f6db 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -58,7 +58,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -281,7 +280,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -438,6 +436,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -452,6 +454,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -475,9 +481,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -496,10 +510,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -517,9 +539,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -546,9 +576,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1078,7 +1116,6 @@ jobs: permissions: contents: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1182,7 +1219,6 @@ jobs: contents: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/stale-repo-identifier" GH_AW_ENGINE_ID: "copilot" @@ -1252,7 +1288,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: stalerepoidentifier steps: @@ -1296,7 +1331,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index 7410c61f8c2..c5e95f529be 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -255,7 +254,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -432,6 +430,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -454,10 +460,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -475,9 +489,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -504,9 +526,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1067,7 +1097,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1172,7 +1201,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/static-analysis-report" GH_AW_ENGINE_ID: "claude" @@ -1239,7 +1267,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: staticanalysisreport steps: diff --git a/.github/workflows/step-name-alignment.lock.yml b/.github/workflows/step-name-alignment.lock.yml index 9e0033dc67c..8d66fc22068 100644 --- a/.github/workflows/step-name-alignment.lock.yml +++ b/.github/workflows/step-name-alignment.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -246,7 +245,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -358,6 +356,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -372,6 +374,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -399,10 +405,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -420,9 +434,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -449,9 +471,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1021,7 +1051,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1123,7 +1152,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/step-name-alignment" GH_AW_ENGINE_ID: "claude" @@ -1192,7 +1220,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: stepnamealignment steps: diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml index 919a39e8f3b..78268f7969a 100644 --- a/.github/workflows/sub-issue-closer.lock.yml +++ b/.github/workflows/sub-issue-closer.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -239,7 +238,6 @@ jobs: issues: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -337,9 +335,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -365,6 +371,10 @@ jobs: "description": "Issue body content in Markdown. For 'replace', this becomes the entire body. For 'append'/'prepend', this content is added with a separator and an attribution footer. For 'replace-island', only the run-specific section is updated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to update. This is the numeric ID from the GitHub URL (e.g., 789 in github.com/owner/repo/issues/789). Required when the workflow target is '*' (any issue).", "type": [ @@ -396,6 +406,10 @@ jobs: ], "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "status": { "description": "New issue status: 'open' to reopen a closed issue, 'closed' to close an open issue.", "enum": [ @@ -422,10 +436,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -443,9 +465,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -472,9 +502,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1014,7 +1052,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1119,7 +1156,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/sub-issue-closer" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 63f082423dd..4814ec98590 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -47,7 +47,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -262,7 +261,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -376,6 +374,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -390,6 +392,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -417,10 +423,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -438,9 +452,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -467,9 +489,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -975,7 +1005,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1078,7 +1107,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/super-linter" GH_AW_ENGINE_ID: "copilot" @@ -1149,7 +1177,6 @@ jobs: packages: read statuses: write - continue-on-error: false steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -1194,7 +1221,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: superlinter steps: diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index 2fc78eaa040..19fe165560f 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -51,7 +51,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -267,7 +266,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -402,9 +400,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -431,6 +437,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -442,6 +452,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -460,9 +474,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -481,10 +503,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -502,9 +532,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -531,9 +569,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1088,7 +1134,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1212,7 +1257,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/technical-doc-writer" GH_AW_ENGINE_ID: "copilot" @@ -1313,7 +1357,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: technicaldocwriter steps: @@ -1357,7 +1400,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/terminal-stylist.lock.yml b/.github/workflows/terminal-stylist.lock.yml index 3e90b2184ee..52bd451e78b 100644 --- a/.github/workflows/terminal-stylist.lock.yml +++ b/.github/workflows/terminal-stylist.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -246,7 +245,6 @@ jobs: contents: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -348,6 +346,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -370,10 +376,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -391,9 +405,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -420,9 +442,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -923,7 +953,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1029,7 +1058,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/terminal-stylist" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/test-create-pr-error-handling.lock.yml b/.github/workflows/test-create-pr-error-handling.lock.yml index 57d81ec6d7b..27e988bfc2b 100644 --- a/.github/workflows/test-create-pr-error-handling.lock.yml +++ b/.github/workflows/test-create-pr-error-handling.lock.yml @@ -41,7 +41,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -244,7 +243,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -364,6 +362,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -375,6 +377,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -397,10 +403,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -418,9 +432,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -447,9 +469,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1008,7 +1038,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1129,7 +1158,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/test-create-pr-error-handling" GH_AW_ENGINE_ID: "claude" @@ -1227,7 +1255,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: testcreateprerrorhandling steps: diff --git a/.github/workflows/test-dispatcher.lock.yml b/.github/workflows/test-dispatcher.lock.yml index 8cf9ae53b2b..62567f62975 100644 --- a/.github/workflows/test-dispatcher.lock.yml +++ b/.github/workflows/test-dispatcher.lock.yml @@ -40,7 +40,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -232,7 +231,6 @@ jobs: permissions: contents: read issues: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -330,10 +328,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -351,9 +357,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -380,9 +394,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -865,7 +887,6 @@ jobs: runs-on: ubuntu-slim permissions: actions: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -967,7 +988,6 @@ jobs: permissions: actions: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/test-dispatcher" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/test-project-url-default.lock.yml b/.github/workflows/test-project-url-default.lock.yml index c81a2d7a555..d1ae1836870 100644 --- a/.github/workflows/test-project-url-default.lock.yml +++ b/.github/workflows/test-project-url-default.lock.yml @@ -40,7 +40,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -231,7 +230,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -329,10 +327,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -350,9 +356,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -440,6 +454,10 @@ jobs: "description": "Custom field values to set on the project item (e.g., {'Status': 'In Progress', 'Priority': 'High'}). Field names must match custom fields defined in the project.", "type": "object" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "operation": { "description": "Optional operation mode. Use create_fields to create required fields up-front, or create_view to add a project view. When omitted, the tool adds/updates project items.", "enum": [ @@ -453,6 +471,10 @@ jobs: "pattern": "^(https://github\\.com/(orgs|users)/[^/]+/projects/\\d+|#?aw_[A-Za-z0-9]{3,8})$", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for this draft issue (e.g., 'aw_abc1', '#aw_Test123'). Provide this when creating a new draft to enable future updates via draft_issue_id. Format: optional leading '#', then 'aw_' followed by 3 to 8 alphanumeric characters.", "pattern": "^#?aw_[A-Za-z0-9]{3,8}$", @@ -515,9 +537,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -534,11 +564,19 @@ jobs: "description": "Status update body in markdown format describing progress, findings, trends, and next steps. Should provide stakeholders with clear understanding of project state.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "project": { "description": "Full GitHub project URL (e.g., 'https://github.com/orgs/myorg/projects/42' or 'https://github.com/users/username/projects/5'). Project names or numbers alone are NOT accepted.", "pattern": "^https://github\\\\.com/(orgs|users)/[^/]+/projects/\\\\d+$", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "start_date": { "description": "Optional project start date in YYYY-MM-DD format (e.g., '2026-01-06').", "pattern": "^\\\\d{4}-\\\\d{2}-\\\\d{2}$", @@ -1108,7 +1146,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1210,7 +1247,6 @@ jobs: permissions: contents: read timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/test-project-url-default" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/test-workflow.lock.yml b/.github/workflows/test-workflow.lock.yml index ad2f21766ab..d174eae0370 100644 --- a/.github/workflows/test-workflow.lock.yml +++ b/.github/workflows/test-workflow.lock.yml @@ -45,7 +45,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -231,7 +230,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: testworkflow outputs: diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index 28353e1a849..2ba58b76456 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -64,7 +64,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -297,7 +296,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -417,6 +415,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -428,6 +430,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -450,6 +456,10 @@ jobs: "description": "Branch name to push changes from. If omitted, uses the current working branch. Only specify if you need to push from a different branch.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Commit message describing the changes. Follow repository commit message conventions (e.g., conventional commits).", "type": "string" @@ -460,6 +470,10 @@ jobs: "number", "string" ] + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -478,10 +492,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -499,9 +521,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -528,9 +558,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1080,7 +1118,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1200,7 +1237,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1250,7 +1286,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/tidy" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml index 61fd5cb0292..2d3c13301bb 100644 --- a/.github/workflows/typist.lock.yml +++ b/.github/workflows/typist.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -251,7 +250,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-claude-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -357,6 +355,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -379,10 +385,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -400,9 +414,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -429,9 +451,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1003,7 +1033,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1108,7 +1137,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/typist" GH_AW_ENGINE_ID: "claude" diff --git a/.github/workflows/ubuntu-image-analyzer.lock.yml b/.github/workflows/ubuntu-image-analyzer.lock.yml index 086c185fe8e..aa11eee13f9 100644 --- a/.github/workflows/ubuntu-image-analyzer.lock.yml +++ b/.github/workflows/ubuntu-image-analyzer.lock.yml @@ -47,7 +47,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -249,7 +248,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -355,6 +353,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -366,6 +368,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -388,10 +394,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -409,9 +423,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -438,9 +460,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -970,7 +1000,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1090,7 +1119,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_skip_if_match.outputs.skip_check_ok == 'true') }} matched_command: '' @@ -1142,7 +1170,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/ubuntu-image-analyzer" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml index 8a50f1998fd..7e243422685 100644 --- a/.github/workflows/unbloat-docs.lock.yml +++ b/.github/workflows/unbloat-docs.lock.yml @@ -60,7 +60,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -305,7 +304,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -433,9 +431,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -462,6 +468,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -473,6 +483,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -491,9 +505,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -512,10 +534,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -533,9 +563,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -562,9 +600,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1247,7 +1293,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1365,7 +1410,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_command_position.outputs.command_position_ok == 'true') }} matched_command: ${{ steps.check_command_position.outputs.matched_command }} @@ -1416,7 +1460,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/unbloat-docs" GH_AW_ENGINE_ID: "claude" @@ -1517,7 +1560,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: unbloatdocs steps: @@ -1561,7 +1603,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index 1e8a892e871..59738499f70 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -252,7 +251,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -358,6 +356,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -372,6 +374,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -399,10 +405,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -420,9 +434,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -449,9 +471,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -967,7 +997,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1070,7 +1099,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/video-analyzer" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/weekly-editors-health-check.lock.yml b/.github/workflows/weekly-editors-health-check.lock.yml index 621783e2e6d..fe291a80902 100644 --- a/.github/workflows/weekly-editors-health-check.lock.yml +++ b/.github/workflows/weekly-editors-health-check.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -246,7 +245,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -352,6 +350,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -363,6 +365,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -381,9 +387,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -402,10 +416,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -423,9 +445,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -452,9 +482,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1017,7 +1055,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1144,7 +1181,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/weekly-editors-health-check" GH_AW_ENGINE_ID: "copilot" @@ -1244,7 +1280,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 3a2f118aa3e..65682295d60 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -49,7 +49,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -265,7 +264,6 @@ jobs: issues: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" @@ -375,6 +373,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -393,9 +399,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "path": { "description": "Absolute file path to upload (e.g., '/tmp/chart.png'). Must be under the workspace or /tmp directory. By default, only image files (.png, .jpg, .jpeg) are allowed; other file types require workflow configuration.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -414,10 +428,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -435,9 +457,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -464,9 +494,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -990,7 +1028,6 @@ jobs: contents: write discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1099,7 +1136,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/weekly-issue-summary" GH_AW_ENGINE_ID: "copilot" @@ -1167,7 +1203,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - continue-on-error: false env: GH_AW_WORKFLOW_ID_SANITIZED: weeklyissuesummary steps: @@ -1211,7 +1246,6 @@ jobs: permissions: contents: write timeout-minutes: 10 - continue-on-error: false outputs: branch_name: ${{ steps.upload_assets.outputs.branch_name }} published_count: ${{ steps.upload_assets.outputs.published_count }} diff --git a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml index 171b31bc258..a4da5b47d27 100644 --- a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml +++ b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml @@ -44,7 +44,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -244,7 +243,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -340,6 +338,10 @@ jobs: "description": "Whether to create the PR as a draft. Draft PRs cannot be merged until marked as ready for review. Use mark_pull_request_as_ready_for_review to convert a draft PR. Default: true.", "type": "boolean" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the PR (e.g., 'enhancement', 'bugfix'). Labels must exist in the repository.", "items": { @@ -351,6 +353,10 @@ jobs: "description": "Target repository in 'owner/repo' format. For multi-repo workflows where the target repo differs from the workflow repo, this must match a repo in the allowed-repos list or the configured target-repo. If omitted, defaults to the configured target-repo (from safe-outputs config), NOT the workflow repository. In most cases, you should omit this parameter and let the system use the configured default.", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise PR title describing the changes. Follow repository conventions (e.g., conventional commits). The title appears as the main heading.", "type": "string" @@ -373,10 +379,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -394,9 +408,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -423,9 +445,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -928,7 +958,6 @@ jobs: contents: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1055,7 +1084,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/weekly-safe-outputs-spec-review" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/workflow-generator.lock.yml b/.github/workflows/workflow-generator.lock.yml index fd12c1d1877..e39478cec01 100644 --- a/.github/workflows/workflow-generator.lock.yml +++ b/.github/workflows/workflow-generator.lock.yml @@ -49,7 +49,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -283,7 +282,6 @@ jobs: contents: read issues: read pull-requests: read - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -371,6 +369,10 @@ jobs: "description": "Agent identifier to assign. Defaults to 'copilot' (the Copilot coding agent) if not specified.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to assign the Copilot coding agent to. This is the numeric ID from the GitHub URL (e.g., 234 in github.com/owner/repo/issues/234). Can also be a temporary_id (e.g., 'aw_abc123', 'aw_Test123') from an issue created earlier in the same workflow run. The issue should contain clear, actionable requirements. Either issue_number or pull_number must be provided, but not both.", "type": [ @@ -388,6 +390,10 @@ jobs: "pull_request_repo": { "description": "Target repository where the pull request should be created, in 'owner/repo' format. If omitted, the PR will be created in the same repository as the issue. This allows issues and code to live in different repositories. The global pull-request-repo configuration (if set) is automatically allowed; additional repositories must be listed in allowed-pull-request-repos.", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "type": "object" @@ -410,6 +416,10 @@ jobs: "description": "Issue body content in Markdown. For 'replace', this becomes the entire body. For 'append'/'prepend', this content is added with a separator and an attribution footer. For 'replace-island', only the run-specific section is updated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to update. This is the numeric ID from the GitHub URL (e.g., 789 in github.com/owner/repo/issues/789). Required when the workflow target is '*' (any issue).", "type": [ @@ -441,6 +451,10 @@ jobs: ], "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "status": { "description": "New issue status: 'open' to reopen a closed issue, 'closed' to close an open issue.", "enum": [ @@ -467,10 +481,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -488,9 +510,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -517,9 +547,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1064,7 +1102,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1167,7 +1204,6 @@ jobs: permissions: actions: read contents: read - continue-on-error: false outputs: activated: ${{ (steps.check_membership.outputs.is_team_member == 'true') && (steps.check_rate_limit.outputs.rate_limit_ok == 'true') }} matched_command: '' @@ -1221,7 +1257,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/workflow-generator" GH_AW_ENGINE_ID: "copilot" @@ -1311,7 +1346,6 @@ jobs: contents: read issues: write timeout-minutes: 5 - continue-on-error: false steps: - name: Checkout actions folder uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 diff --git a/.github/workflows/workflow-health-manager.lock.yml b/.github/workflows/workflow-health-manager.lock.yml index 7e30f5b1fd3..6daf3ea1dbd 100644 --- a/.github/workflows/workflow-health-manager.lock.yml +++ b/.github/workflows/workflow-health-manager.lock.yml @@ -50,7 +50,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -262,7 +261,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -370,6 +368,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -384,6 +386,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -411,9 +417,17 @@ jobs: "description": "The comment text in Markdown format. This is the 'body' field - do not use 'comment_body' or other variations. Provide helpful, relevant information that adds value to the conversation. CONSTRAINTS: The complete comment (your body text + automatically added footer) must not exceed 65536 characters total. Maximum 10 mentions (@username), maximum 50 links (http/https URLs). A footer (~200-500 characters) is automatically appended with workflow attribution, so leave adequate space. If these limits are exceeded, the tool call will fail with a detailed error message indicating which constraint was violated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "item_number": { "description": "The issue, pull request, or discussion number to comment on. This is the numeric ID from the GitHub URL (e.g., 123 in github.com/owner/repo/issues/123). If omitted, the tool auto-targets the issue, PR, or discussion that triggered this workflow. Auto-targeting only works for issue, pull_request, discussion, and comment event triggers — it does NOT work for schedule, workflow_dispatch, push, or workflow_run triggers. For those trigger types, always provide item_number explicitly, or the comment will be silently discarded.", "type": "number" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -439,6 +453,10 @@ jobs: "description": "Issue body content in Markdown. For 'replace', this becomes the entire body. For 'append'/'prepend', this content is added with a separator and an attribution footer. For 'replace-island', only the run-specific section is updated.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "issue_number": { "description": "Issue number to update. This is the numeric ID from the GitHub URL (e.g., 789 in github.com/owner/repo/issues/789). Required when the workflow target is '*' (any issue).", "type": [ @@ -470,6 +488,10 @@ jobs: ], "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "status": { "description": "New issue status: 'open' to reopen a closed issue, 'closed' to close an open issue.", "enum": [ @@ -496,10 +518,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -517,9 +547,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -546,9 +584,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1131,7 +1177,6 @@ jobs: discussions: write issues: write pull-requests: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1232,7 +1277,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }} matched_command: '' @@ -1269,7 +1313,6 @@ jobs: concurrency: group: "push-repo-memory-${{ github.repository }}" cancel-in-progress: false - continue-on-error: false outputs: validation_error_default: ${{ steps.push_repo_memory_default.outputs.validation_error }} validation_failed_default: ${{ steps.push_repo_memory_default.outputs.validation_failed }} @@ -1341,7 +1384,6 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/workflow-health-manager" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml index 96f97f52116..2a5090e0b42 100644 --- a/.github/workflows/workflow-normalizer.lock.yml +++ b/.github/workflows/workflow-normalizer.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -248,7 +247,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -400,6 +398,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -414,6 +416,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -441,10 +447,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -462,9 +476,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -491,9 +513,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1005,7 +1035,6 @@ jobs: permissions: contents: read issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1112,7 +1141,6 @@ jobs: contents: read issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/workflow-normalizer" GH_AW_ENGINE_ID: "copilot" diff --git a/.github/workflows/workflow-skill-extractor.lock.yml b/.github/workflows/workflow-skill-extractor.lock.yml index d538bf2f1ac..b253ea01ddd 100644 --- a/.github/workflows/workflow-skill-extractor.lock.yml +++ b/.github/workflows/workflow-skill-extractor.lock.yml @@ -48,7 +48,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - continue-on-error: false outputs: comment_id: "" comment_repo: "" @@ -247,7 +246,6 @@ jobs: pull-requests: read concurrency: group: "gh-aw-copilot-${{ github.workflow }}" - continue-on-error: false env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" @@ -345,6 +343,10 @@ jobs: "description": "Detailed issue description in Markdown. Do NOT repeat the title as a heading since it already appears as the issue's h1. Include context, reproduction steps, or acceptance criteria as appropriate.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "labels": { "description": "Labels to categorize the issue (e.g., 'bug', 'enhancement'). Labels must exist in the repository.", "items": { @@ -359,6 +361,10 @@ jobs: "string" ] }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "temporary_id": { "description": "Unique temporary identifier for referencing this issue before it's created. Format: 'aw_' followed by 3 to 8 alphanumeric characters (e.g., 'aw_abc1', 'aw_Test123'). Use '#aw_ID' in body text to reference other issues by their temporary_id; these are replaced with actual issue numbers after creation.", "pattern": "^aw_[A-Za-z0-9]{3,8}$", @@ -390,6 +396,14 @@ jobs: "description": "Discussion category by name (e.g., 'General'), slug (e.g., 'general'), or ID. If omitted, uses the first available category. Category must exist in the repository.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "title": { "description": "Concise discussion title summarizing the topic. The title appears as the main heading, so keep it brief and descriptive.", "type": "string" @@ -412,10 +426,18 @@ jobs: "description": "Any workarounds, manual steps, or alternative approaches the user could take (max 256 characters).", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this tool is needed or what information you want to share about the limitation (max 256 characters).", "type": "string" }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" + }, "tool": { "description": "Optional: Name or description of the missing tool or capability (max 128 characters). Be specific about what functionality is needed.", "type": "string" @@ -433,9 +455,17 @@ jobs: "inputSchema": { "additionalProperties": false, "properties": { + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "message": { "description": "Status or completion message to log. Should explain what was analyzed and the outcome (e.g., 'Code review complete - no issues found', 'Analysis complete - all tests passing').", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [ @@ -462,9 +492,17 @@ jobs: "description": "Type or description of the missing data or information (max 128 characters). Be specific about what data is needed.", "type": "string" }, + "integrity": { + "description": "Trustworthiness level of the message source (e.g., \"low\", \"medium\", \"high\").", + "type": "string" + }, "reason": { "description": "Explanation of why this data is needed to complete the task (max 256 characters).", "type": "string" + }, + "secrecy": { + "description": "Confidentiality level of the message content (e.g., \"public\", \"internal\", \"private\").", + "type": "string" } }, "required": [], @@ -1010,7 +1048,6 @@ jobs: contents: read discussions: write issues: write - continue-on-error: false outputs: noop_message: ${{ steps.noop.outputs.noop_message }} tools_reported: ${{ steps.missing_tool.outputs.tools_reported }} @@ -1116,7 +1153,6 @@ jobs: discussions: write issues: write timeout-minutes: 15 - continue-on-error: false env: GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/workflow-skill-extractor" GH_AW_ENGINE_ID: "copilot" From 0879061fa966a96664ba673c14dc1b146973d48a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Mar 2026 11:58:36 +0000 Subject: [PATCH 3/3] Add Frontmatter and ToolsMap type aliases to pkg/workflow/compiler_types.go and update function signatures Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- pkg/workflow/agent_validation.go | 6 ++--- pkg/workflow/agentic_engine.go | 4 ++-- pkg/workflow/agentic_workflow_test.go | 2 +- pkg/workflow/allow_github_references_test.go | 2 +- pkg/workflow/cache.go | 2 +- pkg/workflow/claude_mcp.go | 2 +- pkg/workflow/claude_tools.go | 4 ++-- pkg/workflow/codex_engine.go | 4 ++-- pkg/workflow/codex_mcp.go | 2 +- pkg/workflow/compiler_filters_validation.go | 2 +- .../compiler_filters_validation_test.go | 2 +- pkg/workflow/compiler_jobs.go | 6 ++--- pkg/workflow/compiler_jobs_test.go | 2 +- .../compiler_orchestrator_frontmatter.go | 2 +- pkg/workflow/compiler_orchestrator_tools.go | 4 ++-- .../compiler_orchestrator_workflow.go | 14 ++++++------ pkg/workflow/compiler_safe_outputs.go | 4 ++-- pkg/workflow/compiler_types.go | 6 +++++ pkg/workflow/compiler_yaml_artifacts.go | 4 ++-- pkg/workflow/copilot_engine_tools.go | 4 ++-- pkg/workflow/copilot_mcp.go | 2 +- pkg/workflow/docker.go | 2 +- pkg/workflow/domains.go | 16 +++++++------- pkg/workflow/engine.go | 2 +- pkg/workflow/engine_test.go | 2 +- pkg/workflow/env_secrets_validation_test.go | 8 +++---- pkg/workflow/features_test.go | 2 +- pkg/workflow/fetch.go | 2 +- pkg/workflow/filters.go | 6 ++--- .../frontmatter_extraction_metadata.go | 22 +++++++++---------- .../frontmatter_extraction_metadata_test.go | 2 +- .../frontmatter_extraction_security.go | 4 ++-- pkg/workflow/frontmatter_extraction_yaml.go | 12 +++++----- .../frontmatter_extraction_yaml_test.go | 2 +- pkg/workflow/frontmatter_types.go | 6 ++--- pkg/workflow/gemini_mcp.go | 2 +- pkg/workflow/gemini_tools.go | 2 +- pkg/workflow/imported_steps_validation.go | 2 +- .../imported_steps_validation_test.go | 2 +- pkg/workflow/manual_approval.go | 4 ++-- pkg/workflow/manual_approval_test.go | 2 +- pkg/workflow/mcp_config_custom.go | 2 +- pkg/workflow/mcp_config_validation.go | 2 +- pkg/workflow/mcp_environment.go | 2 +- pkg/workflow/mcp_renderer.go | 4 ++-- pkg/workflow/mcp_setup_generator.go | 2 +- pkg/workflow/role_checks.go | 22 +++++++++---------- pkg/workflow/role_checks_test.go | 2 +- pkg/workflow/runs_on_validation.go | 2 +- pkg/workflow/runs_on_validation_test.go | 2 +- pkg/workflow/safe_inputs_parser.go | 4 ++-- pkg/workflow/safe_inputs_parser_test.go | 2 +- pkg/workflow/safe_jobs.go | 2 +- pkg/workflow/safe_outputs_config.go | 2 +- pkg/workflow/safe_outputs_mentions_test.go | 2 +- pkg/workflow/schedule_preprocessing.go | 4 ++-- pkg/workflow/secret_masking.go | 2 +- pkg/workflow/skip_bots_test.go | 2 +- pkg/workflow/skip_roles_test.go | 2 +- pkg/workflow/source_field_test.go | 2 +- pkg/workflow/stop_after.go | 12 +++++----- pkg/workflow/strict_mode_validation.go | 12 +++++----- pkg/workflow/strict_mode_validation_test.go | 4 ++-- pkg/workflow/tools_types.go | 2 +- pkg/workflow/tracker_id_test.go | 2 +- 65 files changed, 142 insertions(+), 136 deletions(-) diff --git a/pkg/workflow/agent_validation.go b/pkg/workflow/agent_validation.go index 6f78af5be58..7bde4b9900b 100644 --- a/pkg/workflow/agent_validation.go +++ b/pkg/workflow/agent_validation.go @@ -100,7 +100,7 @@ func (c *Compiler) validateAgentFile(workflowData *WorkflowData, markdownPath st } // validateMaxTurnsSupport validates that max-turns is only used with engines that support this feature -func (c *Compiler) validateMaxTurnsSupport(frontmatter map[string]any, engine CodingAgentEngine) error { +func (c *Compiler) validateMaxTurnsSupport(frontmatter Frontmatter, engine CodingAgentEngine) error { // Check if max-turns is specified in the engine config engineSetting, engineConfig := c.ExtractEngineConfig(frontmatter) _ = engineSetting // Suppress unused variable warning @@ -127,7 +127,7 @@ func (c *Compiler) validateMaxTurnsSupport(frontmatter map[string]any, engine Co } // validateMaxContinuationsSupport validates that max-continuations is only used with engines that support this feature -func (c *Compiler) validateMaxContinuationsSupport(frontmatter map[string]any, engine CodingAgentEngine) error { +func (c *Compiler) validateMaxContinuationsSupport(frontmatter Frontmatter, engine CodingAgentEngine) error { // Check if max-continuations is specified in the engine config _, engineConfig := c.ExtractEngineConfig(frontmatter) @@ -148,7 +148,7 @@ func (c *Compiler) validateMaxContinuationsSupport(frontmatter map[string]any, e } // validateWebSearchSupport validates that web-search tool is only used with engines that support this feature -func (c *Compiler) validateWebSearchSupport(tools map[string]any, engine CodingAgentEngine) { +func (c *Compiler) validateWebSearchSupport(tools ToolsMap, engine CodingAgentEngine) { // Check if web-search tool is requested _, hasWebSearch := tools["web-search"] diff --git a/pkg/workflow/agentic_engine.go b/pkg/workflow/agentic_engine.go index f496b610cfb..724805125ca 100644 --- a/pkg/workflow/agentic_engine.go +++ b/pkg/workflow/agentic_engine.go @@ -154,7 +154,7 @@ type WorkflowExecutor interface { // Engines that support MCP servers should implement this type MCPConfigProvider interface { // RenderMCPConfig renders the MCP configuration for this engine to the given YAML builder - RenderMCPConfig(yaml *strings.Builder, tools map[string]any, mcpTools []string, workflowData *WorkflowData) error + RenderMCPConfig(yaml *strings.Builder, tools ToolsMap, mcpTools []string, workflowData *WorkflowData) error } // LogParser handles parsing and analyzing engine logs @@ -323,7 +323,7 @@ func (e *BaseEngine) GetLogParserScriptId() string { // RenderMCPConfig provides a default no-op implementation for MCP configuration // Engines can override this to provide custom MCP server configuration -func (e *BaseEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]any, mcpTools []string, workflowData *WorkflowData) error { +func (e *BaseEngine) RenderMCPConfig(yaml *strings.Builder, tools ToolsMap, mcpTools []string, workflowData *WorkflowData) error { // Default implementation does nothing - engines that support MCP should override this return nil } diff --git a/pkg/workflow/agentic_workflow_test.go b/pkg/workflow/agentic_workflow_test.go index 1120317735e..670f87d81f0 100644 --- a/pkg/workflow/agentic_workflow_test.go +++ b/pkg/workflow/agentic_workflow_test.go @@ -352,7 +352,7 @@ func TestAgenticWorkflowsNilSafety(t *testing.T) { func TestAgenticWorkflowsExtractToolsEdgeCases(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expectTools bool description string }{ diff --git a/pkg/workflow/allow_github_references_test.go b/pkg/workflow/allow_github_references_test.go index fc7921cdc44..66f37d5be78 100644 --- a/pkg/workflow/allow_github_references_test.go +++ b/pkg/workflow/allow_github_references_test.go @@ -12,7 +12,7 @@ import ( func TestAllowGitHubReferencesConfig(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expected []string }{ { diff --git a/pkg/workflow/cache.go b/pkg/workflow/cache.go index dd7c709570d..766399ac10d 100644 --- a/pkg/workflow/cache.go +++ b/pkg/workflow/cache.go @@ -221,7 +221,7 @@ func (c *Compiler) extractCacheMemoryConfig(toolsConfig *ToolsConfig) (*CacheMem // extractCacheMemoryConfigFromMap is a backward compatibility wrapper for extractCacheMemoryConfig // extractCacheMemoryConfigFromMap is a backward compatibility wrapper for extractCacheMemoryConfig // that accepts map[string]any instead of *ToolsConfig. This allows gradual migration of calling code. -func (c *Compiler) extractCacheMemoryConfigFromMap(tools map[string]any) (*CacheMemoryConfig, error) { +func (c *Compiler) extractCacheMemoryConfigFromMap(tools ToolsMap) (*CacheMemoryConfig, error) { toolsConfig, err := ParseToolsConfig(tools) if err != nil { return nil, err diff --git a/pkg/workflow/claude_mcp.go b/pkg/workflow/claude_mcp.go index eadc161b1e8..d835ed7ac6d 100644 --- a/pkg/workflow/claude_mcp.go +++ b/pkg/workflow/claude_mcp.go @@ -9,7 +9,7 @@ import ( var claudeMCPLog = logger.New("workflow:claude_mcp") // RenderMCPConfig renders the MCP configuration for Claude engine -func (e *ClaudeEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]any, mcpTools []string, workflowData *WorkflowData) error { +func (e *ClaudeEngine) RenderMCPConfig(yaml *strings.Builder, tools ToolsMap, mcpTools []string, workflowData *WorkflowData) error { claudeMCPLog.Printf("Rendering MCP config for Claude: tool_count=%d, mcp_tool_count=%d", len(tools), len(mcpTools)) // Create unified renderer with Claude-specific options diff --git a/pkg/workflow/claude_tools.go b/pkg/workflow/claude_tools.go index 176d2670ebe..af98a8c7ef7 100644 --- a/pkg/workflow/claude_tools.go +++ b/pkg/workflow/claude_tools.go @@ -13,7 +13,7 @@ import ( var claudeToolsLog = logger.New("workflow:claude_tools") // expandNeutralToolsToClaudeTools converts neutral tool names to Claude-specific tool configurations -func (e *ClaudeEngine) expandNeutralToolsToClaudeTools(tools map[string]any) map[string]any { +func (e *ClaudeEngine) expandNeutralToolsToClaudeTools(tools ToolsMap) map[string]any { claudeToolsLog.Printf("Starting neutral tools expansion: input_tools=%d", len(tools)) result := make(map[string]any) @@ -128,7 +128,7 @@ func (e *ClaudeEngine) expandNeutralToolsToClaudeTools(tools map[string]any) map // 2. converts neutral tools to Claude-specific tools format // 3. adds default Claude tools and git commands based on safe outputs configuration // 4. generates the allowed tools string for Claude -func (e *ClaudeEngine) computeAllowedClaudeToolsString(tools map[string]any, safeOutputs *SafeOutputsConfig, cacheMemoryConfig *CacheMemoryConfig) string { +func (e *ClaudeEngine) computeAllowedClaudeToolsString(tools ToolsMap, safeOutputs *SafeOutputsConfig, cacheMemoryConfig *CacheMemoryConfig) string { claudeToolsLog.Print("Computing allowed Claude tools string") // Initialize tools map if nil diff --git a/pkg/workflow/codex_engine.go b/pkg/workflow/codex_engine.go index 32c4f1f0e20..3cc35685715 100644 --- a/pkg/workflow/codex_engine.go +++ b/pkg/workflow/codex_engine.go @@ -407,7 +407,7 @@ func (e *CodexEngine) expandNeutralToolsToCodexTools(toolsConfig *ToolsConfig) * // expandNeutralToolsToCodexToolsFromMap is a backward compatibility wrapper // that accepts map[string]any instead of *ToolsConfig -func (e *CodexEngine) expandNeutralToolsToCodexToolsFromMap(tools map[string]any) map[string]any { +func (e *CodexEngine) expandNeutralToolsToCodexToolsFromMap(tools ToolsMap) map[string]any { toolsConfig, _ := ParseToolsConfig(tools) result := e.expandNeutralToolsToCodexTools(toolsConfig) return result.ToMap() @@ -415,7 +415,7 @@ func (e *CodexEngine) expandNeutralToolsToCodexToolsFromMap(tools map[string]any // renderShellEnvironmentPolicy generates the [shell_environment_policy] section for config.toml // This controls which environment variables are passed through to MCP servers for security -func (e *CodexEngine) renderShellEnvironmentPolicy(yaml *strings.Builder, tools map[string]any, mcpTools []string, workflowData *WorkflowData) { +func (e *CodexEngine) renderShellEnvironmentPolicy(yaml *strings.Builder, tools ToolsMap, mcpTools []string, workflowData *WorkflowData) { // Collect all environment variables needed by MCP servers envVars := make(map[string]bool) diff --git a/pkg/workflow/codex_mcp.go b/pkg/workflow/codex_mcp.go index 0399a549488..064815346e5 100644 --- a/pkg/workflow/codex_mcp.go +++ b/pkg/workflow/codex_mcp.go @@ -10,7 +10,7 @@ import ( var codexMCPLog = logger.New("workflow:codex_mcp") // RenderMCPConfig generates MCP server configuration for Codex -func (e *CodexEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]any, mcpTools []string, workflowData *WorkflowData) error { +func (e *CodexEngine) RenderMCPConfig(yaml *strings.Builder, tools ToolsMap, mcpTools []string, workflowData *WorkflowData) error { if codexMCPLog.Enabled() { codexMCPLog.Printf("Rendering MCP config for Codex: mcp_tools=%v, tool_count=%d", mcpTools, len(tools)) } diff --git a/pkg/workflow/compiler_filters_validation.go b/pkg/workflow/compiler_filters_validation.go index 9bf85a22b4a..f9496cb45f5 100644 --- a/pkg/workflow/compiler_filters_validation.go +++ b/pkg/workflow/compiler_filters_validation.go @@ -41,7 +41,7 @@ import ( var filterValidationLog = logger.New("workflow:filter_validation") // ValidateEventFilters checks for GitHub Actions filter mutual exclusivity rules -func ValidateEventFilters(frontmatter map[string]any) error { +func ValidateEventFilters(frontmatter Frontmatter) error { filterValidationLog.Print("Validating event filter mutual exclusivity") on, exists := frontmatter["on"] diff --git a/pkg/workflow/compiler_filters_validation_test.go b/pkg/workflow/compiler_filters_validation_test.go index 9b356b8e878..0d43557c973 100644 --- a/pkg/workflow/compiler_filters_validation_test.go +++ b/pkg/workflow/compiler_filters_validation_test.go @@ -10,7 +10,7 @@ import ( func TestValidateEventFilters(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter wantErr bool errContains string }{ diff --git a/pkg/workflow/compiler_jobs.go b/pkg/workflow/compiler_jobs.go index d483bc8fe0b..5c374c8350b 100644 --- a/pkg/workflow/compiler_jobs.go +++ b/pkg/workflow/compiler_jobs.go @@ -182,7 +182,7 @@ func (c *Compiler) buildJobs(data *WorkflowData, markdownPath string) error { // Try to read frontmatter to determine event types for safe events check. // Use contentOverride first (set by ParseWorkflowString for wasm/string API mode), // then fall back to reading from disk. - var frontmatter map[string]any + var frontmatter Frontmatter var rawContent string if c.contentOverride != "" { rawContent = c.contentOverride @@ -233,7 +233,7 @@ func (c *Compiler) buildJobs(data *WorkflowData, markdownPath string) error { // buildPreActivationAndActivationJobs builds the pre-activation and activation jobs if needed. // Returns whether each job was created. -func (c *Compiler) buildPreActivationAndActivationJobs(data *WorkflowData, frontmatter map[string]any, lockFilename string) (preActivationJobCreated bool, activationJobCreated bool, err error) { +func (c *Compiler) buildPreActivationAndActivationJobs(data *WorkflowData, frontmatter Frontmatter, lockFilename string) (preActivationJobCreated bool, activationJobCreated bool, err error) { // Determine if permission checks or stop-time checks are needed needsPermissionCheck := c.needsRoleCheck(data, frontmatter) hasStopTime := data.StopTime != "" @@ -405,7 +405,7 @@ func (c *Compiler) updateConclusionJobDependencies(pushRepoMemoryJobName, update // extractJobsFromFrontmatter extracts job configuration from frontmatter // This now uses the structured extraction helper for consistency -func (c *Compiler) extractJobsFromFrontmatter(frontmatter map[string]any) map[string]any { +func (c *Compiler) extractJobsFromFrontmatter(frontmatter Frontmatter) map[string]any { return ExtractMapField(frontmatter, "jobs") } diff --git a/pkg/workflow/compiler_jobs_test.go b/pkg/workflow/compiler_jobs_test.go index f476900895e..c979408a236 100644 --- a/pkg/workflow/compiler_jobs_test.go +++ b/pkg/workflow/compiler_jobs_test.go @@ -23,7 +23,7 @@ func TestExtractJobsFromFrontmatter(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expectedLen int }{ { diff --git a/pkg/workflow/compiler_orchestrator_frontmatter.go b/pkg/workflow/compiler_orchestrator_frontmatter.go index 9e533a957da..1741920227d 100644 --- a/pkg/workflow/compiler_orchestrator_frontmatter.go +++ b/pkg/workflow/compiler_orchestrator_frontmatter.go @@ -142,7 +142,7 @@ func (c *Compiler) parseFrontmatterSection(markdownPath string) (*frontmatterPar // copyFrontmatterWithoutInternalMarkers creates a deep copy of frontmatter without internal marker fields // This is used for schema validation while preserving markers in the original for YAML generation -func (c *Compiler) copyFrontmatterWithoutInternalMarkers(frontmatter map[string]any) map[string]any { +func (c *Compiler) copyFrontmatterWithoutInternalMarkers(frontmatter Frontmatter) map[string]any { // Create a shallow copy of the top level copy := make(map[string]any) for k, v := range frontmatter { diff --git a/pkg/workflow/compiler_orchestrator_tools.go b/pkg/workflow/compiler_orchestrator_tools.go index 9924d57edbf..5bcd54fd104 100644 --- a/pkg/workflow/compiler_orchestrator_tools.go +++ b/pkg/workflow/compiler_orchestrator_tools.go @@ -67,7 +67,7 @@ func (c *Compiler) processToolsAndMarkdown(result *parser.FrontmatterResult, cle } } - var tools map[string]any + var tools ToolsMap // Extract tools from the main file topTools := extractToolsFromFrontmatter(result.Frontmatter) @@ -370,7 +370,7 @@ func (c *Compiler) detectTextOutputUsage(markdownContent string) bool { // hasContentContext checks if the workflow is triggered by events that have text content // (issues, discussions, pull requests, or comments). These events can provide sanitized // text/title/body outputs via the sanitized step, even if not explicitly referenced. -func (c *Compiler) hasContentContext(frontmatter map[string]any) bool { +func (c *Compiler) hasContentContext(frontmatter Frontmatter) bool { // Check if "on" field exists onField, exists := frontmatter["on"] if !exists || onField == nil { diff --git a/pkg/workflow/compiler_orchestrator_workflow.go b/pkg/workflow/compiler_orchestrator_workflow.go index 5919d87d398..76808d27709 100644 --- a/pkg/workflow/compiler_orchestrator_workflow.go +++ b/pkg/workflow/compiler_orchestrator_workflow.go @@ -216,7 +216,7 @@ func resolveInlinedImports(rawFrontmatter map[string]any) bool { } // extractYAMLSections extracts YAML configuration sections from frontmatter -func (c *Compiler) extractYAMLSections(frontmatter map[string]any, workflowData *WorkflowData) { +func (c *Compiler) extractYAMLSections(frontmatter Frontmatter, workflowData *WorkflowData) { orchestratorWorkflowLog.Print("Extracting YAML sections from frontmatter") workflowData.On = c.extractTopLevelYAMLSection(frontmatter, "on") @@ -238,7 +238,7 @@ func (c *Compiler) extractYAMLSections(frontmatter map[string]any, workflowData } // processAndMergeSteps handles the merging of imported steps with main workflow steps -func (c *Compiler) processAndMergeSteps(frontmatter map[string]any, workflowData *WorkflowData, importsResult *parser.ImportsResult) { +func (c *Compiler) processAndMergeSteps(frontmatter Frontmatter, workflowData *WorkflowData, importsResult *parser.ImportsResult) { orchestratorWorkflowLog.Print("Processing and merging custom steps") workflowData.CustomSteps = c.extractTopLevelYAMLSection(frontmatter, "steps") @@ -323,7 +323,7 @@ func (c *Compiler) processAndMergeSteps(frontmatter map[string]any, workflowData } // processAndMergePostSteps handles the processing of post-steps with action pinning -func (c *Compiler) processAndMergePostSteps(frontmatter map[string]any, workflowData *WorkflowData) { +func (c *Compiler) processAndMergePostSteps(frontmatter Frontmatter, workflowData *WorkflowData) { orchestratorWorkflowLog.Print("Processing post-steps") workflowData.PostSteps = c.extractTopLevelYAMLSection(frontmatter, "post-steps") @@ -359,7 +359,7 @@ func (c *Compiler) processAndMergePostSteps(frontmatter map[string]any, workflow } // processAndMergeServices handles the merging of imported services with main workflow services -func (c *Compiler) processAndMergeServices(frontmatter map[string]any, workflowData *WorkflowData, importsResult *parser.ImportsResult) { +func (c *Compiler) processAndMergeServices(frontmatter Frontmatter, workflowData *WorkflowData, importsResult *parser.ImportsResult) { orchestratorWorkflowLog.Print("Processing and merging services") workflowData.Services = c.extractTopLevelYAMLSection(frontmatter, "services") @@ -449,8 +449,8 @@ func (c *Compiler) mergeJobsFromYAMLImports(mainJobs map[string]any, mergedJobsJ // extractAdditionalConfigurations extracts cache-memory, repo-memory, safe-inputs, and safe-outputs configurations func (c *Compiler) extractAdditionalConfigurations( - frontmatter map[string]any, - tools map[string]any, + frontmatter Frontmatter, + tools ToolsMap, markdownDir string, workflowData *WorkflowData, importsResult *parser.ImportsResult, @@ -565,7 +565,7 @@ func (c *Compiler) extractAdditionalConfigurations( // processOnSectionAndFilters processes the on section configuration and applies various filters func (c *Compiler) processOnSectionAndFilters( - frontmatter map[string]any, + frontmatter Frontmatter, workflowData *WorkflowData, cleanPath string, ) error { diff --git a/pkg/workflow/compiler_safe_outputs.go b/pkg/workflow/compiler_safe_outputs.go index 59f5e0394b4..d9fa9dbec91 100644 --- a/pkg/workflow/compiler_safe_outputs.go +++ b/pkg/workflow/compiler_safe_outputs.go @@ -17,7 +17,7 @@ var compilerSafeOutputsLog = logger.New("workflow:compiler_safe_outputs") // parseOnSection handles parsing of the "on" section from frontmatter, extracting command triggers, // reactions, and stop-after configurations while detecting conflicts with other event types. -func (c *Compiler) parseOnSection(frontmatter map[string]any, workflowData *WorkflowData, markdownPath string) error { +func (c *Compiler) parseOnSection(frontmatter Frontmatter, workflowData *WorkflowData, markdownPath string) error { compilerSafeOutputsLog.Printf("Parsing on section: workflow=%s, markdownPath=%s", workflowData.Name, markdownPath) // Check if "slash_command" or "command" (deprecated) is used as a trigger in the "on" section // Also extract "reaction" from the "on" section @@ -275,7 +275,7 @@ func (c *Compiler) mergeSafeJobsFromIncludedConfigs(topSafeJobs map[string]*Safe } // applyDefaultTools adds default read-only GitHub MCP tools, creating github tool if not present -func (c *Compiler) applyDefaultTools(tools map[string]any, safeOutputs *SafeOutputsConfig, sandboxConfig *SandboxConfig, networkPermissions *NetworkPermissions) map[string]any { +func (c *Compiler) applyDefaultTools(tools ToolsMap, safeOutputs *SafeOutputsConfig, sandboxConfig *SandboxConfig, networkPermissions *NetworkPermissions) map[string]any { compilerSafeOutputsLog.Printf("Applying default tools: existingToolCount=%d", len(tools)) // Always apply default GitHub tools (create github section if it doesn't exist) diff --git a/pkg/workflow/compiler_types.go b/pkg/workflow/compiler_types.go index bf7618b1d0f..d93de12c4f8 100644 --- a/pkg/workflow/compiler_types.go +++ b/pkg/workflow/compiler_types.go @@ -9,6 +9,12 @@ import ( var logTypes = logger.New("workflow:compiler_types") +// Frontmatter is a type alias for the raw YAML frontmatter map parsed from workflow markdown files. +type Frontmatter = map[string]any + +// ToolsMap is a type alias for the tools configuration map within a workflow frontmatter. +type ToolsMap = map[string]any + // CompilerOption is a functional option for configuring a Compiler type CompilerOption func(*Compiler) diff --git a/pkg/workflow/compiler_yaml_artifacts.go b/pkg/workflow/compiler_yaml_artifacts.go index 2ea7d0abf9a..7df25519d7b 100644 --- a/pkg/workflow/compiler_yaml_artifacts.go +++ b/pkg/workflow/compiler_yaml_artifacts.go @@ -11,13 +11,13 @@ var compilerYamlArtifactsLog = logger.New("workflow:compiler_yaml_artifacts") // generateExtractAccessLogs is a legacy method that no longer does anything // Network filtering is now handled at the workflow level -func (c *Compiler) generateExtractAccessLogs(yaml *strings.Builder, tools map[string]any) { +func (c *Compiler) generateExtractAccessLogs(yaml *strings.Builder, tools ToolsMap) { // No proxy tools anymore - network filtering is handled at workflow level } // generateUploadAccessLogs is a legacy method that no longer does anything // Network filtering is now handled at the workflow level -func (c *Compiler) generateUploadAccessLogs(yaml *strings.Builder, tools map[string]any) { +func (c *Compiler) generateUploadAccessLogs(yaml *strings.Builder, tools ToolsMap) { // No proxy tools anymore - network filtering is handled at workflow level } diff --git a/pkg/workflow/copilot_engine_tools.go b/pkg/workflow/copilot_engine_tools.go index 0a2d336a27e..823900b6a4b 100644 --- a/pkg/workflow/copilot_engine_tools.go +++ b/pkg/workflow/copilot_engine_tools.go @@ -35,7 +35,7 @@ var copilotEngineToolsLog = logger.New("workflow:copilot_engine_tools") // computeCopilotToolArguments computes the --allow-tool arguments for Copilot CLI based on tool configurations. // It handles bash/shell tools, edit tools, safe outputs, safe inputs, and MCP server tools. // Returns a sorted list of arguments ready to be passed to the Copilot CLI. -func (e *CopilotEngine) computeCopilotToolArguments(tools map[string]any, safeOutputs *SafeOutputsConfig, safeInputs *SafeInputsConfig, workflowData *WorkflowData) []string { +func (e *CopilotEngine) computeCopilotToolArguments(tools ToolsMap, safeOutputs *SafeOutputsConfig, safeInputs *SafeInputsConfig, workflowData *WorkflowData) []string { copilotEngineToolsLog.Printf("Computing tool arguments: tools=%d", len(tools)) if tools == nil { tools = make(map[string]any) @@ -208,7 +208,7 @@ func (e *CopilotEngine) computeCopilotToolArguments(tools map[string]any, safeOu // generateCopilotToolArgumentsComment generates a multi-line comment showing each tool argument. // This is used to document which tool permissions are being granted in the compiled workflow. -func (e *CopilotEngine) generateCopilotToolArgumentsComment(tools map[string]any, safeOutputs *SafeOutputsConfig, safeInputs *SafeInputsConfig, workflowData *WorkflowData, indent string) string { +func (e *CopilotEngine) generateCopilotToolArgumentsComment(tools ToolsMap, safeOutputs *SafeOutputsConfig, safeInputs *SafeInputsConfig, workflowData *WorkflowData, indent string) string { toolArgs := e.computeCopilotToolArguments(tools, safeOutputs, safeInputs, workflowData) if len(toolArgs) == 0 { return "" diff --git a/pkg/workflow/copilot_mcp.go b/pkg/workflow/copilot_mcp.go index f75cb53a3bc..1aaf563f23e 100644 --- a/pkg/workflow/copilot_mcp.go +++ b/pkg/workflow/copilot_mcp.go @@ -9,7 +9,7 @@ import ( var copilotMCPLog = logger.New("workflow:copilot_mcp") // RenderMCPConfig generates MCP server configuration for Copilot CLI -func (e *CopilotEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]any, mcpTools []string, workflowData *WorkflowData) error { +func (e *CopilotEngine) RenderMCPConfig(yaml *strings.Builder, tools ToolsMap, mcpTools []string, workflowData *WorkflowData) error { copilotMCPLog.Printf("Rendering MCP config for Copilot engine: mcpTools=%d", len(mcpTools)) // Create the directory first diff --git a/pkg/workflow/docker.go b/pkg/workflow/docker.go index 6a4339fb6e1..b07acd0bf2f 100644 --- a/pkg/workflow/docker.go +++ b/pkg/workflow/docker.go @@ -12,7 +12,7 @@ import ( var dockerLog = logger.New("workflow:docker") // collectDockerImages collects all Docker images used in MCP configurations -func collectDockerImages(tools map[string]any, workflowData *WorkflowData, actionMode ActionMode) []string { +func collectDockerImages(tools ToolsMap, workflowData *WorkflowData, actionMode ActionMode) []string { var images []string imageSet := make(map[string]bool) // Use a set to avoid duplicates diff --git a/pkg/workflow/domains.go b/pkg/workflow/domains.go index 634cdccbe7b..23c0b66cd3a 100644 --- a/pkg/workflow/domains.go +++ b/pkg/workflow/domains.go @@ -390,7 +390,7 @@ func matchesDomain(domain, pattern string) bool { // extractHTTPMCPDomains extracts domain names from HTTP MCP server URLs in tools configuration // Returns a slice of domain names (e.g., ["mcp.tavily.com", "api.example.com"]) -func extractHTTPMCPDomains(tools map[string]any) []string { +func extractHTTPMCPDomains(tools ToolsMap) []string { if tools == nil { return []string{} } @@ -440,7 +440,7 @@ func extractHTTPMCPDomains(tools map[string]any) []string { // extractPlaywrightDomains returns Playwright domains when Playwright tool is configured // Returns a slice of domain names required for Playwright browser downloads // These domains are needed when Playwright MCP server initializes in the Docker container -func extractPlaywrightDomains(tools map[string]any) []string { +func extractPlaywrightDomains(tools ToolsMap) []string { if tools == nil { return []string{} } @@ -456,7 +456,7 @@ func extractPlaywrightDomains(tools map[string]any) []string { // mergeDomainsWithNetworkToolsAndRuntimes combines default domains with NetworkPermissions, HTTP MCP server domains, and runtime ecosystem domains // Returns a deduplicated, sorted, comma-separated string suitable for AWF's --allow-domains flag -func mergeDomainsWithNetworkToolsAndRuntimes(defaultDomains []string, network *NetworkPermissions, tools map[string]any, runtimes map[string]any) string { +func mergeDomainsWithNetworkToolsAndRuntimes(defaultDomains []string, network *NetworkPermissions, tools ToolsMap, runtimes map[string]any) string { domainMap := make(map[string]bool) // Add default domains @@ -522,31 +522,31 @@ var engineDefaultDomains = map[constants.EngineName][]string{ // HTTP MCP server domains, and runtime ecosystem domains. // Returns a deduplicated, sorted, comma-separated string suitable for AWF's --allow-domains flag. // Falls back to an empty default domain list for unknown engines. -func GetAllowedDomainsForEngine(engine constants.EngineName, network *NetworkPermissions, tools map[string]any, runtimes map[string]any) string { +func GetAllowedDomainsForEngine(engine constants.EngineName, network *NetworkPermissions, tools ToolsMap, runtimes map[string]any) string { return mergeDomainsWithNetworkToolsAndRuntimes(engineDefaultDomains[engine], network, tools, runtimes) } // GetCopilotAllowedDomainsWithToolsAndRuntimes merges Copilot default domains with NetworkPermissions, HTTP MCP server domains, and runtime ecosystem domains // Returns a deduplicated, sorted, comma-separated string suitable for AWF's --allow-domains flag -func GetCopilotAllowedDomainsWithToolsAndRuntimes(network *NetworkPermissions, tools map[string]any, runtimes map[string]any) string { +func GetCopilotAllowedDomainsWithToolsAndRuntimes(network *NetworkPermissions, tools ToolsMap, runtimes map[string]any) string { return GetAllowedDomainsForEngine(constants.CopilotEngine, network, tools, runtimes) } // GetCodexAllowedDomainsWithToolsAndRuntimes merges Codex default domains with NetworkPermissions, HTTP MCP server domains, and runtime ecosystem domains // Returns a deduplicated, sorted, comma-separated string suitable for AWF's --allow-domains flag -func GetCodexAllowedDomainsWithToolsAndRuntimes(network *NetworkPermissions, tools map[string]any, runtimes map[string]any) string { +func GetCodexAllowedDomainsWithToolsAndRuntimes(network *NetworkPermissions, tools ToolsMap, runtimes map[string]any) string { return GetAllowedDomainsForEngine(constants.CodexEngine, network, tools, runtimes) } // GetClaudeAllowedDomainsWithToolsAndRuntimes merges Claude default domains with NetworkPermissions, HTTP MCP server domains, and runtime ecosystem domains // Returns a deduplicated, sorted, comma-separated string suitable for AWF's --allow-domains flag -func GetClaudeAllowedDomainsWithToolsAndRuntimes(network *NetworkPermissions, tools map[string]any, runtimes map[string]any) string { +func GetClaudeAllowedDomainsWithToolsAndRuntimes(network *NetworkPermissions, tools ToolsMap, runtimes map[string]any) string { return GetAllowedDomainsForEngine(constants.ClaudeEngine, network, tools, runtimes) } // GetGeminiAllowedDomainsWithToolsAndRuntimes merges Gemini default domains with NetworkPermissions, HTTP MCP server domains, and runtime ecosystem domains // Returns a deduplicated, sorted, comma-separated string suitable for AWF's --allow-domains flag -func GetGeminiAllowedDomainsWithToolsAndRuntimes(network *NetworkPermissions, tools map[string]any, runtimes map[string]any) string { +func GetGeminiAllowedDomainsWithToolsAndRuntimes(network *NetworkPermissions, tools ToolsMap, runtimes map[string]any) string { return GetAllowedDomainsForEngine(constants.GeminiEngine, network, tools, runtimes) } diff --git a/pkg/workflow/engine.go b/pkg/workflow/engine.go index e7ae617214b..fc57bc9741c 100644 --- a/pkg/workflow/engine.go +++ b/pkg/workflow/engine.go @@ -72,7 +72,7 @@ type EngineNetworkConfig struct { } // ExtractEngineConfig extracts engine configuration from frontmatter, supporting both string and object formats -func (c *Compiler) ExtractEngineConfig(frontmatter map[string]any) (string, *EngineConfig) { +func (c *Compiler) ExtractEngineConfig(frontmatter Frontmatter) (string, *EngineConfig) { if engine, exists := frontmatter["engine"]; exists { engineLog.Print("Extracting engine configuration from frontmatter") diff --git a/pkg/workflow/engine_test.go b/pkg/workflow/engine_test.go index 34e4ba7d5a6..22872090a36 100644 --- a/pkg/workflow/engine_test.go +++ b/pkg/workflow/engine_test.go @@ -109,7 +109,7 @@ func TestEngineVersionTypeHandling(t *testing.T) { func TestEngineVersionNotProvided(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter }{ { name: "engine without version field", diff --git a/pkg/workflow/env_secrets_validation_test.go b/pkg/workflow/env_secrets_validation_test.go index 95f6edc0a9f..238fbc5e085 100644 --- a/pkg/workflow/env_secrets_validation_test.go +++ b/pkg/workflow/env_secrets_validation_test.go @@ -13,7 +13,7 @@ import ( func TestValidateEnvSecrets(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter strictMode bool expectError bool errorMsg string @@ -238,7 +238,7 @@ func TestValidateEnvSecretsNonStrictMode(t *testing.T) { // The warning behavior is tested by ensuring no error is returned in non-strict mode tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter }{ { name: "env with single secret in non-strict mode emits warning", @@ -277,7 +277,7 @@ func TestValidateEnvSecretsIntegration(t *testing.T) { // Test that validateEnvSecrets is properly integrated with the compiler tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter strictMode bool expectError bool }{ @@ -451,7 +451,7 @@ func TestValidateEnvSecretsMultipleSecretsErrorMessage(t *testing.T) { func TestValidateEngineEnvSecrets(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter strictMode bool expectError bool errorMsg string diff --git a/pkg/workflow/features_test.go b/pkg/workflow/features_test.go index 9340b88b33f..6a3b0da8e20 100644 --- a/pkg/workflow/features_test.go +++ b/pkg/workflow/features_test.go @@ -90,7 +90,7 @@ func TestIsFeatureEnabledWithData(t *testing.T) { tests := []struct { name string envValue string - frontmatter map[string]any + frontmatter Frontmatter flag constants.FeatureFlag expected bool description string diff --git a/pkg/workflow/fetch.go b/pkg/workflow/fetch.go index b92d2c8a8d4..4563dd163eb 100644 --- a/pkg/workflow/fetch.go +++ b/pkg/workflow/fetch.go @@ -11,7 +11,7 @@ var fetchLog = logger.New("workflow:fetch") // AddMCPFetchServerIfNeeded adds the mcp/fetch dockerized MCP server to the tools configuration // if the engine doesn't have built-in web-fetch support and web-fetch tool is requested -func AddMCPFetchServerIfNeeded(tools map[string]any, engine CodingAgentEngine) (map[string]any, []string) { +func AddMCPFetchServerIfNeeded(tools ToolsMap, engine CodingAgentEngine) (map[string]any, []string) { // Check if web-fetch tool is requested if _, hasWebFetch := tools["web-fetch"]; !hasWebFetch { fetchLog.Print("web-fetch tool not requested, skipping MCP fetch server") diff --git a/pkg/workflow/filters.go b/pkg/workflow/filters.go index 2410cf29ada..054fc7076e8 100644 --- a/pkg/workflow/filters.go +++ b/pkg/workflow/filters.go @@ -9,7 +9,7 @@ import ( var filtersLog = logger.New("workflow:filters") // applyPullRequestDraftFilter applies draft filter conditions for pull_request triggers -func (c *Compiler) applyPullRequestDraftFilter(data *WorkflowData, frontmatter map[string]any) { +func (c *Compiler) applyPullRequestDraftFilter(data *WorkflowData, frontmatter Frontmatter) { filtersLog.Print("Applying pull request draft filter") // Use cached On field from ParsedFrontmatter if available, otherwise fall back to map access @@ -103,7 +103,7 @@ func (c *Compiler) applyPullRequestDraftFilter(data *WorkflowData, frontmatter m // applyPullRequestForkFilter applies fork filter conditions for pull_request triggers // Supports "forks: []string" with glob patterns // Default behavior: When forks field is not specified, only same-repo PRs are allowed (forks are disallowed by default) -func (c *Compiler) applyPullRequestForkFilter(data *WorkflowData, frontmatter map[string]any) { +func (c *Compiler) applyPullRequestForkFilter(data *WorkflowData, frontmatter Frontmatter) { filtersLog.Print("Applying pull request fork filter") // Use cached On field from ParsedFrontmatter if available, otherwise fall back to map access @@ -194,7 +194,7 @@ func (c *Compiler) applyPullRequestForkFilter(data *WorkflowData, frontmatter ma // applyLabelFilter applies label name filter conditions for labeled/unlabeled triggers // Supports "names: []string" to filter which label changes trigger the workflow -func (c *Compiler) applyLabelFilter(data *WorkflowData, frontmatter map[string]any) { +func (c *Compiler) applyLabelFilter(data *WorkflowData, frontmatter Frontmatter) { filtersLog.Print("Applying label filter") // Use cached On field from ParsedFrontmatter if available, otherwise fall back to map access diff --git a/pkg/workflow/frontmatter_extraction_metadata.go b/pkg/workflow/frontmatter_extraction_metadata.go index ef1300b4236..029253b1b7f 100644 --- a/pkg/workflow/frontmatter_extraction_metadata.go +++ b/pkg/workflow/frontmatter_extraction_metadata.go @@ -13,7 +13,7 @@ var frontmatterMetadataLog = logger.New("workflow:frontmatter_extraction_metadat // extractFeatures extracts the features field from frontmatter // Returns a map of feature flags and configuration options (supports boolean flags and string values) -func (c *Compiler) extractFeatures(frontmatter map[string]any) map[string]any { +func (c *Compiler) extractFeatures(frontmatter Frontmatter) map[string]any { frontmatterMetadataLog.Print("Extracting features from frontmatter") value, exists := frontmatter["features"] if !exists { @@ -35,7 +35,7 @@ func (c *Compiler) extractFeatures(frontmatter map[string]any) map[string]any { } // extractDescription extracts the description field from frontmatter -func (c *Compiler) extractDescription(frontmatter map[string]any) string { +func (c *Compiler) extractDescription(frontmatter Frontmatter) string { value, exists := frontmatter["description"] if !exists { return "" @@ -53,7 +53,7 @@ func (c *Compiler) extractDescription(frontmatter map[string]any) string { } // extractSource extracts the source field from frontmatter -func (c *Compiler) extractSource(frontmatter map[string]any) string { +func (c *Compiler) extractSource(frontmatter Frontmatter) string { value, exists := frontmatter["source"] if !exists { return "" @@ -68,7 +68,7 @@ func (c *Compiler) extractSource(frontmatter map[string]any) string { } // extractTrackerID extracts and validates the tracker-id field from frontmatter -func (c *Compiler) extractTrackerID(frontmatter map[string]any) (string, error) { +func (c *Compiler) extractTrackerID(frontmatter Frontmatter) (string, error) { value, exists := frontmatter["tracker-id"] if !exists { return "", nil @@ -162,7 +162,7 @@ func safeUint64ToInt(u uint64) int { // extractToolsTimeout extracts the timeout setting from tools // Returns 0 if not set (engines will use their own defaults) // Returns error if timeout is explicitly set but invalid (< 1) -func (c *Compiler) extractToolsTimeout(tools map[string]any) (int, error) { +func (c *Compiler) extractToolsTimeout(tools ToolsMap) (int, error) { if tools == nil { return 0, nil // Use engine defaults } @@ -205,7 +205,7 @@ func (c *Compiler) extractToolsTimeout(tools map[string]any) (int, error) { // extractToolsStartupTimeout extracts the startup-timeout setting from tools // Returns 0 if not set (engines will use their own defaults) // Returns error if startup-timeout is explicitly set but invalid (< 1) -func (c *Compiler) extractToolsStartupTimeout(tools map[string]any) (int, error) { +func (c *Compiler) extractToolsStartupTimeout(tools ToolsMap) (int, error) { if tools == nil { return 0, nil // Use engine defaults } @@ -243,22 +243,22 @@ func (c *Compiler) extractToolsStartupTimeout(tools map[string]any) (int, error) // extractMapFromFrontmatter is a generic helper to extract a map[string]any from frontmatter // This now uses the structured extraction helper for better error handling -func extractMapFromFrontmatter(frontmatter map[string]any, key string) map[string]any { +func extractMapFromFrontmatter(frontmatter Frontmatter, key string) map[string]any { return ExtractMapField(frontmatter, key) } // extractToolsFromFrontmatter extracts tools section from frontmatter map -func extractToolsFromFrontmatter(frontmatter map[string]any) map[string]any { +func extractToolsFromFrontmatter(frontmatter Frontmatter) map[string]any { return ExtractMapField(frontmatter, "tools") } // extractMCPServersFromFrontmatter extracts mcp-servers section from frontmatter -func extractMCPServersFromFrontmatter(frontmatter map[string]any) map[string]any { +func extractMCPServersFromFrontmatter(frontmatter Frontmatter) map[string]any { return ExtractMapField(frontmatter, "mcp-servers") } // extractRuntimesFromFrontmatter extracts runtimes section from frontmatter map -func extractRuntimesFromFrontmatter(frontmatter map[string]any) map[string]any { +func extractRuntimesFromFrontmatter(frontmatter Frontmatter) map[string]any { return ExtractMapField(frontmatter, "runtimes") } @@ -266,7 +266,7 @@ func extractRuntimesFromFrontmatter(frontmatter map[string]any) map[string]any { // Returns: PluginInfo with plugins list, custom token, and per-plugin MCP configs // Supports both array format and object format with optional github-token // Each plugin item can be either a string (repository slug) or an object with id and optional mcp config -func extractPluginsFromFrontmatter(frontmatter map[string]any) *PluginInfo { +func extractPluginsFromFrontmatter(frontmatter Frontmatter) *PluginInfo { value, exists := frontmatter["plugins"] if !exists { return nil diff --git a/pkg/workflow/frontmatter_extraction_metadata_test.go b/pkg/workflow/frontmatter_extraction_metadata_test.go index efc007463d3..9ed4615764d 100644 --- a/pkg/workflow/frontmatter_extraction_metadata_test.go +++ b/pkg/workflow/frontmatter_extraction_metadata_test.go @@ -11,7 +11,7 @@ func TestExtractFeatures(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expected map[string]any }{ { diff --git a/pkg/workflow/frontmatter_extraction_security.go b/pkg/workflow/frontmatter_extraction_security.go index 2f75133c9c0..f14e7d32b7b 100644 --- a/pkg/workflow/frontmatter_extraction_security.go +++ b/pkg/workflow/frontmatter_extraction_security.go @@ -5,7 +5,7 @@ import "github.com/github/gh-aw/pkg/logger" var frontmatterExtractionSecurityLog = logger.New("workflow:frontmatter_extraction_security") // extractNetworkPermissions extracts network permissions from frontmatter -func (c *Compiler) extractNetworkPermissions(frontmatter map[string]any) *NetworkPermissions { +func (c *Compiler) extractNetworkPermissions(frontmatter Frontmatter) *NetworkPermissions { frontmatterExtractionSecurityLog.Print("Extracting network permissions from frontmatter") if network, exists := frontmatter["network"]; exists { @@ -151,7 +151,7 @@ func (c *Compiler) extractFirewallConfig(firewall any) *FirewallConfig { } // extractSandboxConfig extracts sandbox configuration from front matter -func (c *Compiler) extractSandboxConfig(frontmatter map[string]any) *SandboxConfig { +func (c *Compiler) extractSandboxConfig(frontmatter Frontmatter) *SandboxConfig { frontmatterExtractionSecurityLog.Print("Extracting sandbox configuration from frontmatter") sandbox, exists := frontmatter["sandbox"] diff --git a/pkg/workflow/frontmatter_extraction_yaml.go b/pkg/workflow/frontmatter_extraction_yaml.go index a7cb6428ea1..6dd41e037e6 100644 --- a/pkg/workflow/frontmatter_extraction_yaml.go +++ b/pkg/workflow/frontmatter_extraction_yaml.go @@ -15,7 +15,7 @@ import ( var frontmatterLog = logger.New("workflow:frontmatter_extraction") // extractYAMLValue extracts a scalar value from the frontmatter map -func (c *Compiler) extractYAMLValue(frontmatter map[string]any, key string) string { +func (c *Compiler) extractYAMLValue(frontmatter Frontmatter, key string) string { if value, exists := frontmatter[key]; exists { if str, ok := value.(string); ok { return str @@ -62,7 +62,7 @@ func (c *Compiler) indentYAMLLines(yamlContent, indent string) string { } // extractTopLevelYAMLSection extracts a top-level YAML section from frontmatter -func (c *Compiler) extractTopLevelYAMLSection(frontmatter map[string]any, key string) string { +func (c *Compiler) extractTopLevelYAMLSection(frontmatter Frontmatter, key string) string { value, exists := frontmatter[key] if !exists { return "" @@ -126,7 +126,7 @@ func (c *Compiler) extractTopLevelYAMLSection(frontmatter map[string]any, key st // commentOutProcessedFieldsInOnSection comments out draft, fork, forks, names, manual-approval, stop-after, skip-if-match, skip-if-no-match, skip-roles, reaction, and lock-for-agent fields in the on section // These fields are processed separately and should be commented for documentation // Exception: names fields in sections with __gh_aw_native_label_filter__ marker in frontmatter are NOT commented out -func (c *Compiler) commentOutProcessedFieldsInOnSection(yamlStr string, frontmatter map[string]any) string { +func (c *Compiler) commentOutProcessedFieldsInOnSection(yamlStr string, frontmatter Frontmatter) string { frontmatterLog.Print("Processing 'on' section to comment out processed fields") // Check frontmatter for native label filter markers @@ -582,7 +582,7 @@ func (c *Compiler) addZizmorIgnoreForWorkflowRun(yamlStr string) string { } // extractPermissions extracts permissions from frontmatter using the permission parser -func (c *Compiler) extractPermissions(frontmatter map[string]any) string { +func (c *Compiler) extractPermissions(frontmatter Frontmatter) string { permissionsValue, exists := frontmatter["permissions"] if !exists { frontmatterLog.Print("No permissions field found in frontmatter") @@ -615,7 +615,7 @@ func (c *Compiler) extractPermissions(frontmatter map[string]any) string { // extractIfCondition extracts the if condition from frontmatter, returning just the expression // without the "if: " prefix -func (c *Compiler) extractIfCondition(frontmatter map[string]any) string { +func (c *Compiler) extractIfCondition(frontmatter Frontmatter) string { value, exists := frontmatter["if"] if !exists { return "" @@ -646,7 +646,7 @@ func (c *Compiler) extractExpressionFromIfString(ifString string) string { } // extractCommandConfig extracts command configuration from frontmatter including name and events -func (c *Compiler) extractCommandConfig(frontmatter map[string]any) (commandNames []string, commandEvents []string) { +func (c *Compiler) extractCommandConfig(frontmatter Frontmatter) (commandNames []string, commandEvents []string) { frontmatterLog.Print("Extracting command configuration from frontmatter") // Check new format: on.slash_command or on.slash_command.name (preferred) // Also check legacy format: on.command or on.command.name (deprecated) diff --git a/pkg/workflow/frontmatter_extraction_yaml_test.go b/pkg/workflow/frontmatter_extraction_yaml_test.go index 63d273e6a04..a159d050991 100644 --- a/pkg/workflow/frontmatter_extraction_yaml_test.go +++ b/pkg/workflow/frontmatter_extraction_yaml_test.go @@ -11,7 +11,7 @@ func TestExtractYAMLValue(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter key string expected string }{ diff --git a/pkg/workflow/frontmatter_types.go b/pkg/workflow/frontmatter_types.go index e365f9b8c8a..ce7ce023473 100644 --- a/pkg/workflow/frontmatter_types.go +++ b/pkg/workflow/frontmatter_types.go @@ -191,7 +191,7 @@ type FrontmatterConfig struct { // var name string // err := unmarshalFromMap(frontmatter, "name", &name) // -// var tools map[string]any +// var tools ToolsMap // err := unmarshalFromMap(frontmatter, "tools", &tools) func unmarshalFromMap(data map[string]any, key string, dest any) error { value, exists := data[key] @@ -216,7 +216,7 @@ func unmarshalFromMap(data map[string]any, key string, dest any) error { // ParseFrontmatterConfig creates a FrontmatterConfig from a raw frontmatter map // This provides a single entry point for converting untyped frontmatter into // a structured configuration with better error handling. -func ParseFrontmatterConfig(frontmatter map[string]any) (*FrontmatterConfig, error) { +func ParseFrontmatterConfig(frontmatter Frontmatter) (*FrontmatterConfig, error) { frontmatterTypesLog.Printf("Parsing frontmatter config with %d fields", len(frontmatter)) var config FrontmatterConfig @@ -494,7 +494,7 @@ func countRuntimes(config *RuntimesConfig) int { // convert all numbers to float64). // // Returns an empty map if the key doesn't exist (for backward compatibility). -func ExtractMapField(frontmatter map[string]any, key string) map[string]any { +func ExtractMapField(frontmatter Frontmatter, key string) map[string]any { // Check if key exists and value is not nil value, exists := frontmatter[key] if !exists || value == nil { diff --git a/pkg/workflow/gemini_mcp.go b/pkg/workflow/gemini_mcp.go index 95b289c6403..5a7c54b72b6 100644 --- a/pkg/workflow/gemini_mcp.go +++ b/pkg/workflow/gemini_mcp.go @@ -9,7 +9,7 @@ import ( var geminiMCPLog = logger.New("workflow:gemini_mcp") // RenderMCPConfig renders MCP server configuration for Gemini CLI -func (e *GeminiEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]any, mcpTools []string, workflowData *WorkflowData) error { +func (e *GeminiEngine) RenderMCPConfig(yaml *strings.Builder, tools ToolsMap, mcpTools []string, workflowData *WorkflowData) error { geminiMCPLog.Printf("Rendering MCP config for Gemini: tool_count=%d, mcp_tool_count=%d", len(tools), len(mcpTools)) // Create unified renderer with Gemini-specific options diff --git a/pkg/workflow/gemini_tools.go b/pkg/workflow/gemini_tools.go index 9c563a2bdde..77ef347bcb7 100644 --- a/pkg/workflow/gemini_tools.go +++ b/pkg/workflow/gemini_tools.go @@ -42,7 +42,7 @@ var geminiToolsLog = logger.New("workflow:gemini_tools") // // See: https://github.com/google-gemini/gemini-cli/blob/main/docs/tools/file-system.md // See: https://github.com/google-gemini/gemini-cli/blob/main/docs/tools/shell.md -func computeGeminiToolsCore(tools map[string]any) []string { +func computeGeminiToolsCore(tools ToolsMap) []string { // Always include essential read-only file system tools toolsCore := []string{ "glob", diff --git a/pkg/workflow/imported_steps_validation.go b/pkg/workflow/imported_steps_validation.go index 1677a94c46d..08949a3e899 100644 --- a/pkg/workflow/imported_steps_validation.go +++ b/pkg/workflow/imported_steps_validation.go @@ -55,7 +55,7 @@ func (c *Compiler) validateImportedStepsNoAgenticSecrets(engineConfig *EngineCon // // In strict mode this returns an error; in non-strict mode it emits a warning. // Only applies to the agent job. Custom jobs under 'jobs:' are not checked. -func (c *Compiler) validateCheckoutPersistCredentials(frontmatter map[string]any, mergedSteps string) error { +func (c *Compiler) validateCheckoutPersistCredentials(frontmatter Frontmatter, mergedSteps string) error { importedStepsValidationLog.Printf("Validating checkout persist-credentials in agent job steps (strict=%v)", c.strictMode) var offendingStepNames []string diff --git a/pkg/workflow/imported_steps_validation_test.go b/pkg/workflow/imported_steps_validation_test.go index cf64a6599e3..365289f7d28 100644 --- a/pkg/workflow/imported_steps_validation_test.go +++ b/pkg/workflow/imported_steps_validation_test.go @@ -148,7 +148,7 @@ func TestCheckoutMissingPersistCredentialsFalse(t *testing.T) { func TestValidateCheckoutPersistCredentials_FrontmatterSteps(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter mergedSteps string strictMode bool expectError bool diff --git a/pkg/workflow/manual_approval.go b/pkg/workflow/manual_approval.go index dff9c41b7af..8ab822fb12e 100644 --- a/pkg/workflow/manual_approval.go +++ b/pkg/workflow/manual_approval.go @@ -9,7 +9,7 @@ import ( var manualApprovalLog = logger.New("workflow:manual_approval") // extractManualApprovalFromOn extracts the manual-approval value from the on: section -func (c *Compiler) extractManualApprovalFromOn(frontmatter map[string]any) (string, error) { +func (c *Compiler) extractManualApprovalFromOn(frontmatter Frontmatter) (string, error) { onSection, exists := frontmatter["on"] if !exists { manualApprovalLog.Print("No on: section found in frontmatter") @@ -39,7 +39,7 @@ func (c *Compiler) extractManualApprovalFromOn(frontmatter map[string]any) (stri } // processManualApprovalConfiguration extracts manual-approval configuration from frontmatter -func (c *Compiler) processManualApprovalConfiguration(frontmatter map[string]any, workflowData *WorkflowData) error { +func (c *Compiler) processManualApprovalConfiguration(frontmatter Frontmatter, workflowData *WorkflowData) error { manualApprovalLog.Print("Processing manual-approval configuration") // Extract manual-approval from the on: section diff --git a/pkg/workflow/manual_approval_test.go b/pkg/workflow/manual_approval_test.go index 94c7e73ccfd..ec1abc23eeb 100644 --- a/pkg/workflow/manual_approval_test.go +++ b/pkg/workflow/manual_approval_test.go @@ -9,7 +9,7 @@ import ( func TestExtractManualApprovalFromOn(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter want string wantErr bool }{ diff --git a/pkg/workflow/mcp_config_custom.go b/pkg/workflow/mcp_config_custom.go index e7217b1e57b..257056e273b 100644 --- a/pkg/workflow/mcp_config_custom.go +++ b/pkg/workflow/mcp_config_custom.go @@ -529,7 +529,7 @@ func renderSharedMCPConfig(yaml *strings.Builder, toolName string, toolConfig ma // collectHTTPMCPHeaderSecrets collects all secrets from HTTP MCP tool headers // Returns a map of environment variable names to their secret expressions -func collectHTTPMCPHeaderSecrets(tools map[string]any) map[string]string { +func collectHTTPMCPHeaderSecrets(tools ToolsMap) map[string]string { allSecrets := make(map[string]string) for toolName, toolValue := range tools { diff --git a/pkg/workflow/mcp_config_validation.go b/pkg/workflow/mcp_config_validation.go index 04f375bcaca..8c8e1140b3b 100644 --- a/pkg/workflow/mcp_config_validation.go +++ b/pkg/workflow/mcp_config_validation.go @@ -57,7 +57,7 @@ import ( var mcpValidationLog = logger.New("workflow:mcp_config_validation") // ValidateMCPConfigs validates all MCP configurations in the tools section using JSON schema -func ValidateMCPConfigs(tools map[string]any) error { +func ValidateMCPConfigs(tools ToolsMap) error { mcpValidationLog.Printf("Validating MCP configurations for %d tools", len(tools)) // List of built-in tools that have their own validation logic diff --git a/pkg/workflow/mcp_environment.go b/pkg/workflow/mcp_environment.go index c86fd21c03c..1b95c8b7861 100644 --- a/pkg/workflow/mcp_environment.go +++ b/pkg/workflow/mcp_environment.go @@ -57,7 +57,7 @@ var mcpEnvironmentLog = logger.New("workflow:mcp_environment") // collectMCPEnvironmentVariables collects all MCP-related environment variables // from the workflow configuration to be passed to both Start MCP gateway and MCP Gateway steps -func collectMCPEnvironmentVariables(tools map[string]any, mcpTools []string, workflowData *WorkflowData, hasAgenticWorkflows bool) map[string]string { +func collectMCPEnvironmentVariables(tools ToolsMap, mcpTools []string, workflowData *WorkflowData, hasAgenticWorkflows bool) map[string]string { envVars := make(map[string]string) // Check for GitHub MCP server token diff --git a/pkg/workflow/mcp_renderer.go b/pkg/workflow/mcp_renderer.go index a95d7eb4af3..82387667f9f 100644 --- a/pkg/workflow/mcp_renderer.go +++ b/pkg/workflow/mcp_renderer.go @@ -598,7 +598,7 @@ type RenderCustomMCPToolConfigHandler func(yaml *strings.Builder, toolName strin func HandleCustomMCPToolInSwitch( yaml *strings.Builder, toolName string, - tools map[string]any, + tools ToolsMap, isLast bool, renderFunc RenderCustomMCPToolConfigHandler, ) bool { @@ -909,7 +909,7 @@ func renderGuardPoliciesJSON(yaml *strings.Builder, policies map[string]any, ind // - options: JSON MCP config rendering options func RenderJSONMCPConfig( yaml *strings.Builder, - tools map[string]any, + tools ToolsMap, mcpTools []string, workflowData *WorkflowData, options JSONMCPConfigOptions, diff --git a/pkg/workflow/mcp_setup_generator.go b/pkg/workflow/mcp_setup_generator.go index cbc22d1c541..01e8bf27e6e 100644 --- a/pkg/workflow/mcp_setup_generator.go +++ b/pkg/workflow/mcp_setup_generator.go @@ -75,7 +75,7 @@ import ( var mcpSetupGeneratorLog = logger.New("workflow:mcp_setup_generator") // generateMCPSetup generates the MCP server configuration setup -func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any, engine CodingAgentEngine, workflowData *WorkflowData) error { +func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools ToolsMap, engine CodingAgentEngine, workflowData *WorkflowData) error { mcpSetupGeneratorLog.Print("Generating MCP server configuration setup") // Collect tools that need MCP server configuration var mcpTools []string diff --git a/pkg/workflow/role_checks.go b/pkg/workflow/role_checks.go index bb2611b4d28..1931ed94c16 100644 --- a/pkg/workflow/role_checks.go +++ b/pkg/workflow/role_checks.go @@ -89,7 +89,7 @@ func (c *Compiler) generateRateLimitCheck(data *WorkflowData, steps []string) [] } // extractRoles extracts the 'roles' field from frontmatter to determine permission requirements -func (c *Compiler) extractRoles(frontmatter map[string]any) []string { +func (c *Compiler) extractRoles(frontmatter Frontmatter) []string { // Check on.roles if onValue, exists := frontmatter["on"]; exists { if onMap, ok := onValue.(map[string]any); ok { @@ -139,7 +139,7 @@ func parseRolesValue(rolesValue any, fieldName string) []string { } // extractBots extracts the 'bots' field from frontmatter to determine allowed bot identifiers -func (c *Compiler) extractBots(frontmatter map[string]any) []string { +func (c *Compiler) extractBots(frontmatter Frontmatter) []string { // Check on.bots if onValue, exists := frontmatter["on"]; exists { if onMap, ok := onValue.(map[string]any); ok { @@ -183,7 +183,7 @@ func parseBotsValue(botsValue any, fieldName string) []string { } // extractRateLimitConfig extracts the 'rate-limit' field from frontmatter -func (c *Compiler) extractRateLimitConfig(frontmatter map[string]any) *RateLimitConfig { +func (c *Compiler) extractRateLimitConfig(frontmatter Frontmatter) *RateLimitConfig { if rateLimitValue, exists := frontmatter["rate-limit"]; exists && rateLimitValue != nil { switch v := rateLimitValue.(type) { case map[string]any: @@ -268,7 +268,7 @@ func (c *Compiler) extractRateLimitConfig(frontmatter map[string]any) *RateLimit } // inferEventsFromTriggers infers rate-limit events from the workflow's 'on:' triggers -func (c *Compiler) inferEventsFromTriggers(frontmatter map[string]any) []string { +func (c *Compiler) inferEventsFromTriggers(frontmatter Frontmatter) []string { onValue, exists := frontmatter["on"] if !exists || onValue == nil { return nil @@ -314,7 +314,7 @@ func (c *Compiler) inferEventsFromTriggers(frontmatter map[string]any) []string } // needsRoleCheck determines if the workflow needs permission checks with full context -func (c *Compiler) needsRoleCheck(data *WorkflowData, frontmatter map[string]any) bool { +func (c *Compiler) needsRoleCheck(data *WorkflowData, frontmatter Frontmatter) bool { // If user explicitly specified "roles: all", no permission checks needed if len(data.Roles) == 1 && data.Roles[0] == "all" { roleLog.Print("Role check not needed: roles set to 'all'") @@ -339,7 +339,7 @@ func (c *Compiler) needsRoleCheck(data *WorkflowData, frontmatter map[string]any } // hasSafeEventsOnly checks if the workflow uses only safe events that don't require permission checks -func (c *Compiler) hasSafeEventsOnly(data *WorkflowData, frontmatter map[string]any) bool { +func (c *Compiler) hasSafeEventsOnly(data *WorkflowData, frontmatter Frontmatter) bool { // If user explicitly specified "roles: all", skip permission checks if len(data.Roles) == 1 && data.Roles[0] == "all" { return true @@ -417,7 +417,7 @@ func (c *Compiler) hasSafeEventsOnly(data *WorkflowData, frontmatter map[string] } // hasWorkflowRunTrigger checks if the agentic workflow's frontmatter declares a workflow_run trigger -func (c *Compiler) hasWorkflowRunTrigger(frontmatter map[string]any) bool { +func (c *Compiler) hasWorkflowRunTrigger(frontmatter Frontmatter) bool { if frontmatter == nil { return false } @@ -496,7 +496,7 @@ func (c *Compiler) combineJobIfConditions(existingCondition, workflowRunRepoSafe // extractSkipRoles extracts the 'skip-roles' field from the 'on:' section of frontmatter // Returns nil if skip-roles is not configured -func (c *Compiler) extractSkipRoles(frontmatter map[string]any) []string { +func (c *Compiler) extractSkipRoles(frontmatter Frontmatter) []string { // Check the "on" section in frontmatter onValue, exists := frontmatter["on"] if !exists || onValue == nil { @@ -517,7 +517,7 @@ func (c *Compiler) extractSkipRoles(frontmatter map[string]any) []string { // extractSkipBots extracts the 'skip-bots' field from the 'on:' section of frontmatter // Returns nil if skip-bots is not configured -func (c *Compiler) extractSkipBots(frontmatter map[string]any) []string { +func (c *Compiler) extractSkipBots(frontmatter Frontmatter) []string { // Check the "on" section in frontmatter onValue, exists := frontmatter["on"] if !exists || onValue == nil { @@ -633,7 +633,7 @@ func (c *Compiler) mergeSkipBots(topSkipBots []string, importedSkipBots []string // extractActivationGitHubToken extracts the 'github-token' field from the 'on:' section of frontmatter. // This token is used for pre-activation reactions and activation status comments. -func (c *Compiler) extractActivationGitHubToken(frontmatter map[string]any) string { +func (c *Compiler) extractActivationGitHubToken(frontmatter Frontmatter) string { if onValue, exists := frontmatter["on"]; exists { if onMap, ok := onValue.(map[string]any); ok { if tokenValue, hasToken := onMap["github-token"]; hasToken { @@ -649,7 +649,7 @@ func (c *Compiler) extractActivationGitHubToken(frontmatter map[string]any) stri // extractActivationGitHubApp extracts the 'github-app' field from the 'on:' section of frontmatter. // When configured, a GitHub App installation access token is minted for use in reactions and status comments. -func (c *Compiler) extractActivationGitHubApp(frontmatter map[string]any) *GitHubAppConfig { +func (c *Compiler) extractActivationGitHubApp(frontmatter Frontmatter) *GitHubAppConfig { if onValue, exists := frontmatter["on"]; exists { if onMap, ok := onValue.(map[string]any); ok { if appValue, hasApp := onMap["github-app"]; hasApp { diff --git a/pkg/workflow/role_checks_test.go b/pkg/workflow/role_checks_test.go index f78264989bf..c34bd9a2475 100644 --- a/pkg/workflow/role_checks_test.go +++ b/pkg/workflow/role_checks_test.go @@ -153,7 +153,7 @@ func TestInferEventsFromTriggers(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expected []string }{ { diff --git a/pkg/workflow/runs_on_validation.go b/pkg/workflow/runs_on_validation.go index f3369d8dd1f..f7e0897913f 100644 --- a/pkg/workflow/runs_on_validation.go +++ b/pkg/workflow/runs_on_validation.go @@ -39,7 +39,7 @@ const macOSRunnerFAQURL = "https://github.github.com/gh-aw/reference/faq/#why-ar // container jobs required for the Agent Workflow Firewall sandbox. // // Returns an error with a FAQ link if a macOS runner is detected, nil otherwise. -func validateRunsOn(frontmatter map[string]any, markdownPath string) error { +func validateRunsOn(frontmatter Frontmatter, markdownPath string) error { runsOn, exists := frontmatter["runs-on"] if !exists { return nil diff --git a/pkg/workflow/runs_on_validation_test.go b/pkg/workflow/runs_on_validation_test.go index d0e82600099..47917fd6270 100644 --- a/pkg/workflow/runs_on_validation_test.go +++ b/pkg/workflow/runs_on_validation_test.go @@ -12,7 +12,7 @@ import ( func TestValidateRunsOn(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter wantErr bool errorInMsg string description string diff --git a/pkg/workflow/safe_inputs_parser.go b/pkg/workflow/safe_inputs_parser.go index 177e5cf64ee..5ce5f05fbce 100644 --- a/pkg/workflow/safe_inputs_parser.go +++ b/pkg/workflow/safe_inputs_parser.go @@ -207,7 +207,7 @@ func parseSafeInputsMap(safeInputsMap map[string]any) (*SafeInputsConfig, bool) } // ParseSafeInputs parses safe-inputs configuration from frontmatter (standalone function for testing) -func ParseSafeInputs(frontmatter map[string]any) *SafeInputsConfig { +func ParseSafeInputs(frontmatter Frontmatter) *SafeInputsConfig { if frontmatter == nil { return nil } @@ -227,7 +227,7 @@ func ParseSafeInputs(frontmatter map[string]any) *SafeInputsConfig { } // extractSafeInputsConfig extracts safe-inputs configuration from frontmatter -func (c *Compiler) extractSafeInputsConfig(frontmatter map[string]any) *SafeInputsConfig { +func (c *Compiler) extractSafeInputsConfig(frontmatter Frontmatter) *SafeInputsConfig { safeInputsLog.Print("Extracting safe-inputs configuration from frontmatter") safeInputs, exists := frontmatter["safe-inputs"] diff --git a/pkg/workflow/safe_inputs_parser_test.go b/pkg/workflow/safe_inputs_parser_test.go index fd55b2c6445..0867bc1f0c8 100644 --- a/pkg/workflow/safe_inputs_parser_test.go +++ b/pkg/workflow/safe_inputs_parser_test.go @@ -292,7 +292,7 @@ func TestIsSafeInputsEnabledWithEnv(t *testing.T) { func TestParseSafeInputsAndExtractSafeInputsConfigConsistency(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter }{ { name: "nil frontmatter", diff --git a/pkg/workflow/safe_jobs.go b/pkg/workflow/safe_jobs.go index 881d5715af3..6c0e8ecd501 100644 --- a/pkg/workflow/safe_jobs.go +++ b/pkg/workflow/safe_jobs.go @@ -299,7 +299,7 @@ func (c *Compiler) buildSafeJobs(data *WorkflowData, threatDetectionEnabled bool // extractSafeJobsFromFrontmatter extracts safe-jobs configuration from frontmatter. // Only checks the safe-outputs.jobs location. The top-level "safe-jobs" syntax is NOT supported. -func extractSafeJobsFromFrontmatter(frontmatter map[string]any) map[string]*SafeJobConfig { +func extractSafeJobsFromFrontmatter(frontmatter Frontmatter) map[string]*SafeJobConfig { // Check location: safe-outputs.jobs if safeOutputs, exists := frontmatter["safe-outputs"]; exists { if safeOutputsMap, ok := safeOutputs.(map[string]any); ok { diff --git a/pkg/workflow/safe_outputs_config.go b/pkg/workflow/safe_outputs_config.go index a044372e3c6..1bd4d9c13cb 100644 --- a/pkg/workflow/safe_outputs_config.go +++ b/pkg/workflow/safe_outputs_config.go @@ -50,7 +50,7 @@ var safeOutputsConfigLog = logger.New("workflow:safe_outputs_config") // // extractSafeOutputsConfig extracts output configuration from frontmatter -func (c *Compiler) extractSafeOutputsConfig(frontmatter map[string]any) *SafeOutputsConfig { +func (c *Compiler) extractSafeOutputsConfig(frontmatter Frontmatter) *SafeOutputsConfig { safeOutputsConfigLog.Print("Extracting safe-outputs configuration from frontmatter") var config *SafeOutputsConfig diff --git a/pkg/workflow/safe_outputs_mentions_test.go b/pkg/workflow/safe_outputs_mentions_test.go index ead41ea63ba..6ebcea41b67 100644 --- a/pkg/workflow/safe_outputs_mentions_test.go +++ b/pkg/workflow/safe_outputs_mentions_test.go @@ -270,7 +270,7 @@ func TestGenerateSafeOutputsConfig_WithMentions(t *testing.T) { func TestExtractSafeOutputsConfig_WithMentions(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expected *MentionsConfig }{ { diff --git a/pkg/workflow/schedule_preprocessing.go b/pkg/workflow/schedule_preprocessing.go index db346221cdf..3c8c4406804 100644 --- a/pkg/workflow/schedule_preprocessing.go +++ b/pkg/workflow/schedule_preprocessing.go @@ -100,7 +100,7 @@ func (c *Compiler) normalizeScheduleString(scheduleStr string, itemIndex int) (p // preprocessScheduleFields converts human-friendly schedule expressions to cron expressions // in the frontmatter's "on" section. It modifies the frontmatter map in place. -func (c *Compiler) preprocessScheduleFields(frontmatter map[string]any, markdownPath string, content string) error { +func (c *Compiler) preprocessScheduleFields(frontmatter Frontmatter, markdownPath string, content string) error { schedulePreprocessingLog.Print("Preprocessing schedule fields in frontmatter") // Check if "on" field exists @@ -375,7 +375,7 @@ func (c *Compiler) createTriggerParseError(filePath, content, triggerStr string, // addFriendlyScheduleComments adds comments showing the original friendly format for schedule cron expressions // This function is called after the YAML has been generated from the frontmatter -func (c *Compiler) addFriendlyScheduleComments(yamlStr string, frontmatter map[string]any) string { +func (c *Compiler) addFriendlyScheduleComments(yamlStr string, frontmatter Frontmatter) string { // Retrieve the friendly formats for this compilation if len(c.scheduleFriendlyFormats) == 0 { return yamlStr diff --git a/pkg/workflow/secret_masking.go b/pkg/workflow/secret_masking.go index 557e6406ba8..a2a7a54c72e 100644 --- a/pkg/workflow/secret_masking.go +++ b/pkg/workflow/secret_masking.go @@ -6,7 +6,7 @@ import ( ) // extractSecretMaskingConfig extracts secret-masking configuration from frontmatter -func (c *Compiler) extractSecretMaskingConfig(frontmatter map[string]any) *SecretMaskingConfig { +func (c *Compiler) extractSecretMaskingConfig(frontmatter Frontmatter) *SecretMaskingConfig { secretMaskingLog.Print("Extracting secret-masking configuration from frontmatter") if secretMasking, exists := frontmatter["secret-masking"]; exists { diff --git a/pkg/workflow/skip_bots_test.go b/pkg/workflow/skip_bots_test.go index 744d79bcb97..2fd9a5f7eec 100644 --- a/pkg/workflow/skip_bots_test.go +++ b/pkg/workflow/skip_bots_test.go @@ -216,7 +216,7 @@ func TestExtractSkipBots(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expected []string }{ { diff --git a/pkg/workflow/skip_roles_test.go b/pkg/workflow/skip_roles_test.go index da21460ab63..948b01ad902 100644 --- a/pkg/workflow/skip_roles_test.go +++ b/pkg/workflow/skip_roles_test.go @@ -176,7 +176,7 @@ func TestExtractSkipRoles(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expected []string }{ { diff --git a/pkg/workflow/source_field_test.go b/pkg/workflow/source_field_test.go index 8b5953e8ade..8e669ba6ea7 100644 --- a/pkg/workflow/source_field_test.go +++ b/pkg/workflow/source_field_test.go @@ -183,7 +183,7 @@ func TestSourceFieldExtraction(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expected string }{ { diff --git a/pkg/workflow/stop_after.go b/pkg/workflow/stop_after.go index 0f781beb50d..e4a3e8b90c6 100644 --- a/pkg/workflow/stop_after.go +++ b/pkg/workflow/stop_after.go @@ -16,7 +16,7 @@ import ( var stopAfterLog = logger.New("workflow:stop_after") // extractStopAfterFromOn extracts the stop-after value from the on: section -func (c *Compiler) extractStopAfterFromOn(frontmatter map[string]any, workflowData ...*WorkflowData) (string, error) { +func (c *Compiler) extractStopAfterFromOn(frontmatter Frontmatter, workflowData ...*WorkflowData) (string, error) { // Use cached On field from ParsedFrontmatter if available (when workflowData is provided) var onSection any var exists bool @@ -51,7 +51,7 @@ func (c *Compiler) extractStopAfterFromOn(frontmatter map[string]any, workflowDa } // processStopAfterConfiguration extracts and processes stop-after configuration from frontmatter -func (c *Compiler) processStopAfterConfiguration(frontmatter map[string]any, workflowData *WorkflowData, markdownPath string) error { +func (c *Compiler) processStopAfterConfiguration(frontmatter Frontmatter, workflowData *WorkflowData, markdownPath string) error { stopAfterLog.Printf("Processing stop-after configuration for workflow: %s", markdownPath) // Extract stop-after from the on: section stopAfter, err := c.extractStopAfterFromOn(frontmatter, workflowData) @@ -190,7 +190,7 @@ func ExtractStopTimeFromLockFile(lockFilePath string) string { } // extractSkipIfMatchFromOn extracts the skip-if-match value from the on: section -func (c *Compiler) extractSkipIfMatchFromOn(frontmatter map[string]any, workflowData ...*WorkflowData) (*SkipIfMatchConfig, error) { +func (c *Compiler) extractSkipIfMatchFromOn(frontmatter Frontmatter, workflowData ...*WorkflowData) (*SkipIfMatchConfig, error) { // Use cached On field from ParsedFrontmatter if available (when workflowData is provided) var onSection any var exists bool @@ -269,7 +269,7 @@ func (c *Compiler) extractSkipIfMatchFromOn(frontmatter map[string]any, workflow } // extractSkipIfNoMatchFromOn extracts the skip-if-no-match value from the on: section -func (c *Compiler) extractSkipIfNoMatchFromOn(frontmatter map[string]any, workflowData ...*WorkflowData) (*SkipIfNoMatchConfig, error) { +func (c *Compiler) extractSkipIfNoMatchFromOn(frontmatter Frontmatter, workflowData ...*WorkflowData) (*SkipIfNoMatchConfig, error) { // Use cached On field from ParsedFrontmatter if available (when workflowData is provided) var onSection any var exists bool @@ -348,7 +348,7 @@ func (c *Compiler) extractSkipIfNoMatchFromOn(frontmatter map[string]any, workfl } // processSkipIfMatchConfiguration extracts and processes skip-if-match configuration from frontmatter -func (c *Compiler) processSkipIfMatchConfiguration(frontmatter map[string]any, workflowData *WorkflowData) error { +func (c *Compiler) processSkipIfMatchConfiguration(frontmatter Frontmatter, workflowData *WorkflowData) error { // Extract skip-if-match from the on: section skipIfMatchConfig, err := c.extractSkipIfMatchFromOn(frontmatter, workflowData) if err != nil { @@ -368,7 +368,7 @@ func (c *Compiler) processSkipIfMatchConfiguration(frontmatter map[string]any, w } // processSkipIfNoMatchConfiguration extracts and processes skip-if-no-match configuration from frontmatter -func (c *Compiler) processSkipIfNoMatchConfiguration(frontmatter map[string]any, workflowData *WorkflowData) error { +func (c *Compiler) processSkipIfNoMatchConfiguration(frontmatter Frontmatter, workflowData *WorkflowData) error { // Extract skip-if-no-match from the on: section skipIfNoMatchConfig, err := c.extractSkipIfNoMatchFromOn(frontmatter, workflowData) if err != nil { diff --git a/pkg/workflow/strict_mode_validation.go b/pkg/workflow/strict_mode_validation.go index e7a6b077c43..9b2c55fb0fb 100644 --- a/pkg/workflow/strict_mode_validation.go +++ b/pkg/workflow/strict_mode_validation.go @@ -54,7 +54,7 @@ import ( var strictModeValidationLog = logger.New("workflow:strict_mode_validation") // validateStrictPermissions refuses write permissions in strict mode -func (c *Compiler) validateStrictPermissions(frontmatter map[string]any) error { +func (c *Compiler) validateStrictPermissions(frontmatter Frontmatter) error { permissionsValue, exists := frontmatter["permissions"] if !exists { // No permissions specified is fine @@ -108,7 +108,7 @@ func (c *Compiler) validateStrictNetwork(networkPermissions *NetworkPermissions) } // validateStrictMCPNetwork requires top-level network configuration when custom MCP servers use containers -func (c *Compiler) validateStrictMCPNetwork(frontmatter map[string]any, networkPermissions *NetworkPermissions) error { +func (c *Compiler) validateStrictMCPNetwork(frontmatter Frontmatter, networkPermissions *NetworkPermissions) error { // Check mcp-servers section (new format) mcpServersValue, exists := frontmatter["mcp-servers"] if !exists { @@ -151,7 +151,7 @@ func (c *Compiler) validateStrictMCPNetwork(frontmatter map[string]any, networkP } // validateStrictTools validates tools configuration in strict mode -func (c *Compiler) validateStrictTools(frontmatter map[string]any) error { +func (c *Compiler) validateStrictTools(frontmatter Frontmatter) error { // Check tools section toolsValue, exists := frontmatter["tools"] if !exists { @@ -200,7 +200,7 @@ func (c *Compiler) validateStrictTools(frontmatter map[string]any) error { } // validateStrictDeprecatedFields refuses deprecated fields in strict mode -func (c *Compiler) validateStrictDeprecatedFields(frontmatter map[string]any) error { +func (c *Compiler) validateStrictDeprecatedFields(frontmatter Frontmatter) error { // Get the list of deprecated fields from the schema deprecatedFields, err := parser.GetMainWorkflowDeprecatedFields() if err != nil { @@ -242,7 +242,7 @@ func (c *Compiler) validateStrictDeprecatedFields(frontmatter map[string]any) er // COPILOT_GITHUB_TOKEN: ${{ secrets.MY_ORG_COPILOT_TOKEN }} // // No other engine.env var is allowed to have secrets. -func (c *Compiler) validateEnvSecrets(frontmatter map[string]any) error { +func (c *Compiler) validateEnvSecrets(frontmatter Frontmatter) error { // Check top-level env section (no allowed overrides here) if err := c.validateEnvSecretsSection(frontmatter, "env", nil); err != nil { return err @@ -369,7 +369,7 @@ func (c *Compiler) validateEnvSecretsSection(config map[string]any, sectionName // Note: Strict mode also affects zizmor security scanner behavior (see pkg/cli/zizmor.go) // When zizmor is enabled with --zizmor flag, strict mode will treat any security // findings as compilation errors rather than warnings. -func (c *Compiler) validateStrictMode(frontmatter map[string]any, networkPermissions *NetworkPermissions) error { +func (c *Compiler) validateStrictMode(frontmatter Frontmatter, networkPermissions *NetworkPermissions) error { if !c.strictMode { strictModeValidationLog.Printf("Strict mode disabled, skipping validation") return nil diff --git a/pkg/workflow/strict_mode_validation_test.go b/pkg/workflow/strict_mode_validation_test.go index ebc28607b28..a03d6d19e06 100644 --- a/pkg/workflow/strict_mode_validation_test.go +++ b/pkg/workflow/strict_mode_validation_test.go @@ -11,7 +11,7 @@ import ( func TestValidateStrictPermissions(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expectError bool errorMsg string }{ @@ -556,7 +556,7 @@ func TestValidateStrictModeEdgeCases(t *testing.T) { func TestValidateStrictCacheMemoryScope(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expectError bool errorMsg string }{ diff --git a/pkg/workflow/tools_types.go b/pkg/workflow/tools_types.go index b35f6f69027..2cf0207c11c 100644 --- a/pkg/workflow/tools_types.go +++ b/pkg/workflow/tools_types.go @@ -50,7 +50,7 @@ var toolsTypesLog = logger.New("workflow:tools_types") // } // // // Backward compatibility wrapper -// func processToolsFromMap(tools map[string]any) error { +// func processToolsFromMap(tools ToolsMap) error { // config, err := ParseToolsConfig(tools) // if err != nil { // return err diff --git a/pkg/workflow/tracker_id_test.go b/pkg/workflow/tracker_id_test.go index e09869915eb..ed118241584 100644 --- a/pkg/workflow/tracker_id_test.go +++ b/pkg/workflow/tracker_id_test.go @@ -10,7 +10,7 @@ import ( func TestExtractTrackerID(t *testing.T) { tests := []struct { name string - frontmatter map[string]any + frontmatter Frontmatter expected string shouldError bool errorMsg string