Skip to content

docs: clarify allowed-files is an exclusive allowlist, not an additive exception list#20606

Merged
pelikhan merged 2 commits intomainfrom
copilot/fix-allowed-files-issue
Mar 12, 2026
Merged

docs: clarify allowed-files is an exclusive allowlist, not an additive exception list#20606
pelikhan merged 2 commits intomainfrom
copilot/fix-allowed-files-issue

Conversation

Copy link
Contributor

Copilot AI commented Mar 11, 2026
edited
Loading

Users setting allowed-files: [".github/workflows/*"] to unblock workflow files inadvertently block all other files — including normal source code — because allowed-files is a full exclusive allowlist, not a supplemental exception list. The footgun is compounded by section heading language ("Exempting Specific Files") that implies the opposite semantics.

Changes

  • safe-outputs-pull-requests.md: Rename section from "Exempting Specific Files" → "Restricting Changes to Specific Files"; rewrite lead paragraph to front-load "exclusive allowlist" semantics; add [!CAUTION] callout with the exact footgun scenario and correct multi-pattern fix: 
    allowed-files:
  - .github/workflows/*
  - src/**           # must be listed explicitly — omitting this blocks src/
  • glossary.md: Rewrite "Allowed Files" entry to emphasize restriction-not-exception semantics and call out that listing .github/workflows/* does not additionally allow source files; update anchor link to match renamed section.
  • main_workflow_schema.json: Replace misleading description "files that are exempt from protected-file protection" with "Exclusive allowlist of glob patterns … files outside the list are always refused, including normal source files" (applies to both create-pull-request and push-to-pull-request-branch).

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GO111MODULE 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/link /usr/bin/git aw.test GO111MODULE 64/pkg/tool/linu--show-toplevel git (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --show-toplevel /opt/hostedtoolc/tmp/go-build2785010598/b259/vet.cfg /opt/hostedtoolcache/node/24.14.0/x64/bin/node /tmp/go-build908git -trimpath 64/bin/go node /tmp�� /tmp/TestHashConsistency_WithImports44784405/001/main.md go /usr/bin/git -json GO111MODULE x_amd64/vet git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha -unreachable=false /tmp/go-build2785010598/b100/vet.cfg (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet env -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel x_amd64/vet /usr/bin/git -json GO111MODULE x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/gh -json GO111MODULE x_amd64/vet gh (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git -json .cfg x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/git i/install.sh GO111MODULE ache/go/1.25.0/x--show-toplevel git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha k/gh-aw/gh-aw/pkg/stringutil/ansi.go k/gh-aw/gh-aw/pkg/stringutil/identifiers.go /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/compile "prettier" --chegit GOPROXY 64/bin/go /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/compile -o /tmp/go-build2785010598/b421/_pkg_.a -trimpath (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha /tmp/gh-aw-test-runs/20260311-235456-28318/test-4106057934/.github/workflows 5010598/b419/_testmain.go /opt/hostedtoolcache/node/24.14.0/x64/bin/node remote.origin.urgit GOPROXY 64/bin/go node /tmp�� /tmp/TestHashConsistency_GoAndJavaScript733266701/001/test-simple-frontmatter.md /opt/hostedtoolc/tmp/go-build2785010598/b242/vet.cfg /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /tmp/go-build908git -trimpath 64/bin/go /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel wJ/GFtmVa307QDDNremote.origin.url /usr/bin/git 2712407056 GO111MODULE 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git -json .cfg 64/pkg/tool/linu--show-toplevel git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha rt GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node /opt�� prettier --check 64/bin/go --ignore-path .prettierignore 64/bin/go iptables (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha k/gh-aw/gh-aw/pk-errorsas k/gh-aw/gh-aw/pk-ifaceassert 64/bin/go GOSUMDB GOWORK 64/bin/go /opt/hostedtoolc/tmp/go-build2785010598/b256/vet.cfg -o /tmp/go-build908015113/b400/_pkgGOINSECURE -trimpath 64/bin/go -p main -lang=go1.25 go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha che/go-build/35/35126d5394e2a1caGOINSECURE **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-bool /opt/hostedtoolc-buildtags -o /tmp/go-build908-errorsas -trimpath 64/bin/go -p github.com/githu-atomic -lang=go1.25 go (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha --show-toplevel -tests /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/compile k/gh-aw/gh-aw/pkgit GOPROXY 64/bin/go /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/compile -o /tmp/go-build2785010598/b422/_pkg_.a -trimpath /usr/bin/git -p main -lang=go1.25 git (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha /tmp/gh-aw-test-runs/20260311-235456-28318/test-2860624527/.github/workflows (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha bot-detection.md GO111MODULE 5010598/b193/vet.cfg GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.0/x-dwarf=false -uns�� 5456-28318/test-1036046740 /tmp/go-build2785010598/b165/vet-c=4 5010598/b322/vet.cfg GOSUMDB GOWORK 64/bin/go /opt/hostedtoolcache/go/1.25.0/x/tmp/go-build2785010598/b433/_testmain.go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet env -json .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet env -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet env -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linuremote.origin.url (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet env -json .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet env -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet estl�� -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path tions-lock.json pkg/workflow/data/action_pins.json; \ echo "��� Action pins syn/tmp/go-build2785010598/b397/importcfg GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go sh -c "prettier" --che-errorsas sh 64/bin/go tierignore git 64/bin/go go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet env 358529285/.github/workflows .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha -e -f 64/bin/go -d unsafe 64/bin/go go env -json GO111MODULE x_amd64/cgo GOINSECURE GOMOD GOMODCACHE x_amd64/cgo (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha -mod=readonly -e 64/bin/go --write ../../../pkg/wor-atomic 64/bin/go go env -json GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha /tmp/go-build908015113/b370/_pkgGOINSECURE -trimpath 64/bin/go -d internal/fuzz -lang=go1.25 go env -json GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha /tmp/go-build908015113/b378/_pkgGOINSECURE -trimpath 64/bin/go -p github.com/stret-unsafeptr=false -lang=go1.17 go env -json GO111MODULE x_amd64/link GOINSECURE GOMOD GOMODCACHE x_amd64/link (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha ode_modules/.bin-json node 64/bin/go --write ../../../pkg/wor-atomic 64/bin/go go env -json GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 7KRlb0f/T36gUPQZXFjOiSQ6baL5 env 1604014479/.github/workflows .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOSUMDB GOWORK 64/bin/go node /hom�� --check scripts/**/*.js 64/bin/go .prettierignore git 64/bin/go go (http block)
  • https://api.github.com/repos/owner/repo/contents/file.md
    • Triggering command: /tmp/go-build2785010598/b383/cli.test /tmp/go-build2785010598/b383/cli.test -test.testlogfile=/tmp/go-build2785010598/b383/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE 015113/b395/impo/tmp/go-build2785010598/b145/vet.cfg /hom�� che/go-build/b7/b7505c45f80cd646GOINSECURE **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-bool /opt/hostedtoolc-buildtags (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name npx prettier --cGOSUMDB GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go sh -c "prettier" --che-errorsas sh 64/bin/go tierignore git 64/bin/go go (http block)

If you need me to access, download, or install something from one of these locations, you can either:

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI linked an issue Mar 11, 2026 that may be closed by this pull request
(Feature Request): allowed-files is an allowlist, not an "additionally allow" list — undocumented and counterintuitive #20515
Closed
@pelikhan
docs: clarify allowed-files is an exclusive allowlist, not an additiv…
1cbf5fa 
…e exception list

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix allowed-files behavior in create-pull-request docs: clarify allowed-files is an exclusive allowlist, not an additive exception list Mar 11, 2026
@pelikhan pelikhan marked this pull request as ready for review March 12, 2026 00:04
Copilot AI review requested due to automatic review settings March 12, 2026 00:04
@pelikhan pelikhan merged commit fbd9465 into main Mar 12, 2026
@pelikhan pelikhan deleted the copilot/fix-allowed-files-issue branch March 12, 2026 00:04
Copilot AI reviewed Mar 12, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR clarifies that the allowed-files configuration is an exclusive allowlist (not an additive exception list), addressing a common user footgun where setting allowed-files: [".github/workflows/*"] inadvertently blocks all other files.

Changes:

  • Reworded the allowed-files section heading and description in safe-outputs-pull-requests.md, adding a [!CAUTION] callout explaining the exclusive-allowlist semantics with a concrete example.
  • Updated the glossary entry for "Allowed Files" to emphasize restriction semantics and fixed the anchor link to match the renamed section.
  • Updated the JSON schema descriptions for allowed-files in both create-pull-request and push-to-pull-request-branch to clarify exclusive-allowlist behavior.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
docs/src/content/docs/reference/safe-outputs-pull-requests.md Renamed section, rewrote lead paragraph, added caution callout, simplified trailing note
docs/src/content/docs/reference/glossary.md Rewrote "Allowed Files" entry and updated cross-reference anchor
pkg/parser/schemas/main_workflow_schema.json Updated allowed-files description in two schema locations

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

This was referenced Mar 12, 2026
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@pelikhan pelikhan pelikhan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

(Feature Request): allowed-files is an allowlist, not an "additionally allow" list — undocumented and counterintuitive

3 participants

@pelikhan