Skip to content

fix: preserve callee workflow ref in caller-hosted relay activation checkout and fix Checkout actions folder for cross-repo relays#20714

Merged
pelikhan merged 8 commits intomainfrom
copilot/fix-activation-checkout-ref
Mar 13, 2026
Merged

fix: preserve callee workflow ref in caller-hosted relay activation checkout and fix Checkout actions folder for cross-repo relays#20714
pelikhan merged 8 commits intomainfrom
copilot/fix-activation-checkout-ref

Conversation

Copy link
Contributor

Copilot AI commented Mar 12, 2026
edited by github-actions bot
Loading

In caller-hosted relay topologies (<org>/<app-repo> calling <org>/<platform-repo>/.github/workflows/<gateway>.lock.yml@<feature-branch>), the activation checkout for .github/.agents ignored the callee's @<feature-branch> ref entirely, always falling back to the platform repo's default branch. Additionally, the Checkout actions folder step was emitted without repository: or ref:, causing Setup Scripts to fail in cross-repo relay scenarios because actions/checkout defaulted to the caller's repo (which has no actions/ directory).

Root cause

resolve_host_repo.cjs only emitted target_repo — there was no target_ref extraction from GITHUB_WORKFLOW_REF. Consequently GenerateGitHubFolderCheckoutStep had no ref: support, and no target_ref output was wired through the activation job.

Separately, generateCheckoutActionsFolder in dev and script modes omitted repository: github/gh-aw and ref: from the Checkout actions folder step, causing cross-repo callers to check out their own repo (which has no actions/ directory), making Setup Scripts fail immediately.

Changes

  • actions/setup/js/resolve_host_repo.cjs: Extract the @ref portion of GITHUB_WORKFLOW_REF and emit it as target_ref. Falls back to "" (not GITHUB_REF) when no @ is present — using GITHUB_REF in cross-repo contexts would inject the caller's branch, not the callee's.

  • pkg/workflow/checkout_manager.go: Add crossRepoTargetRef field with SetCrossRepoTargetRef/GetCrossRepoTargetRef. Extend GenerateGitHubFolderCheckoutStep(repository, ref string, ...) to emit ref: when non-empty.

  • pkg/workflow/compiler_activation_job.go: Expose target_ref as an activation output alongside target_repo for workflow_call triggers (sans inlined imports). Wire ${{ steps.resolve-host-repo.outputs.target_ref }} into the .github/.agents checkout.

  • pkg/workflow/compiler_yaml_helpers.go: Add versionToGitRef() helper that normalizes git describe output to a valid git ref (strips -dirty, extracts short SHA from v1.2.3-N-gSHA format). Apply repository: github/gh-aw and ref: <version> to the Checkout actions folder step in both dev and script modes.

  • pkg/workflow/maintenance_workflow.go: Same Checkout actions folder fix applied to the maintenance workflow generator.

Generated activation checkout now looks like:

- name: Checkout .github and .agents folders
  uses: actions/checkout@<sha>
  with:
    persist-credentials: false
    repository: ${{ steps.resolve-host-repo.outputs.target_repo }}
    ref: ${{ steps.resolve-host-repo.outputs.target_ref }}   # ← new
    sparse-checkout: |
      .github
      .agents

Generated Checkout actions folder step now looks like:

- name: Checkout actions folder
  uses: actions/checkout@<sha>
  with:
    repository: github/gh-aw   # ← new
    ref: <commit-sha>           # ← new
    sparse-checkout: |
      actions
    persist-credentials: false

target_ref handles full refs (refs/heads/feature), short names (main), tags (refs/tags/v1.0.0), and commit SHAs.

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

✨ PR Review Safe Output Test - Run 23031087181

💥 [THE END] — Illustrated by Smoke Claude ·

Copilot AI linked an issue Mar 12, 2026 that may be closed by this pull request
Bug: Activation checkout does not preserve callee workflow ref in caller-hosted relays #20697
Closed
@pelikhan
Copy link
Contributor

pelikhan commented Mar 12, 2026

@copilot review #20658

@pelikhan
fix: preserve callee workflow ref in caller-hosted relay activation c…
bf56fc9 
…heckout

- Update resolve_host_repo.cjs to extract and emit target_ref from
  GITHUB_WORKFLOW_REF's @ref portion
- Add crossRepoTargetRef field/methods to CheckoutManager
- Extend GenerateGitHubFolderCheckoutStep to accept and emit ref: field
- Expose target_ref as activation output alongside target_repo
- Wire target_ref into the activation .github/.agents checkout step
- Add comprehensive tests for all changes

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix activation checkout to preserve callee workflow ref fix: preserve callee workflow ref in caller-hosted relay activation checkout Mar 12, 2026
Copilot AI requested a review from pelikhan March 12, 2026 19:16
@pelikhan
fix: add repository and ref to Checkout actions folder step (#20658)
1390050 
In dev and script modes, the Checkout actions folder step was emitted
without repository: or ref:. In cross-repo relay scenarios this caused
actions/checkout to default to the caller's repo which has no actions/
directory, making Setup Scripts fail immediately.

- Add versionToGitRef() helper to extract a clean git ref from
  git-describe version strings (strips -dirty, extracts SHA from
  v1.2.3-N-gSHA format)
- Add repository: github/gh-aw to dev mode Checkout actions folder step
- Add ref: <version> to both dev and script mode checkout steps
- Update maintenance_workflow.go with the same fix
- Recompile all lock files to pick up the new fields

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Mar 12, 2026
edited
Loading

@copilot review #20658

Addressed in commit 1390050.

The Checkout actions folder step in dev and script modes was missing repository: github/gh-aw and ref:, causing cross-repo callers to checkout the caller's repo (which has no actions/ directory) instead of github/gh-aw.

The fix:

  • Added versionToGitRef() helper that extracts a clean git ref from git describe output (strips -dirty, extracts the short SHA from v1.2.3-N-gSHA format)
  • Added repository: github/gh-aw to the dev mode checkout step
  • Added ref: <version> to both dev and script mode checkout steps (omitted when version is dev)
  • Same fix applied to maintenance_workflow.go
  • All 167 lock files recompiled — Checkout actions folder now contains both fields, e.g.: 
    - name: Checkout actions folder
  uses: actions/checkout@<sha>
  with:
    repository: github/gh-aw
    ref: bf56fc9
    sparse-checkout: |
      actions
    persist-credentials: false

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw tWhenNoCustomSte/home/REDACTED/work/gh-aw/gh-aw/actions/setup/js/node_modules/.bin/pre�� (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw g/workflow/actio/home/REDACTED/.npm/_npx/b388654678d519d9/node_modules/.bin/prettier g/workflow/actio--write 64/pkg/tool/linuscripts/**/*.js g/wo�� h ../../../.pret.prettierignore .cfg 64/pkg/tool/linux_amd64/vet g/workflow/activ/bin/sh g/workflow/activ-c g/workflow/add_cecho &#34;��� JSON files formatted&#34; 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha (http block)
  • https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
    • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha ath ../../../.pr**/*.json .cfg 64/pkg/tool/linu../../../.prettierignore g/workflow/actiosh g/workflow/actio-c g/workflow/actio&#34;prettier&#34; --write &#39;../../../**/*.json&#39; &#39;!../../../pkg/workflow/js/**/*.json&#39; --ignore-path ../../../.prettierignore 64/pkg/tool/linux_amd64/vet er g/workflow/activation_checkout_t-test.short=true .cfg 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/a70c5eada06553e3510ac27f2c3bda9d3705bccb
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/a70c5eada06553e3510ac27f2c3bda9d3705bccb --jq .object.sha --get-regexp .cfg 64/pkg/tool/linu--log-level=error (http block)
  • https://api.github.com/repos/githubnext/agentics/git/ref/tags/
    • Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/# --jq .object.sha get .cfg 64/pkg/tool/linux_amd64/vet pull.rebase (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI changed the title fix: preserve callee workflow ref in caller-hosted relay activation checkout fix: preserve callee workflow ref in caller-hosted relay activation checkout and fix Checkout actions folder for cross-repo relays Mar 12, 2026
@pelikhan pelikhan added the smoke label Mar 12, 2026
@github-actions github-actions bot mentioned this pull request Mar 13, 2026
Closed
@pelikhan
Copy link
Contributor

pelikhan commented Mar 13, 2026

@copilot merge main recompile

Copilot AI and others added 2 commits March 13, 2026 02:06
Merge remote-tracking branch 'origin/main' into copilot/fix-activatio…
45b92cc 
…n-checkout-ref
@pelikhan
chore: merge main and recompile all lock files
e5318f0 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Mar 13, 2026
edited
Loading

@copilot merge main recompile

Done in commit e5318f0. Merged origin/main and recompiled all 168 lock files.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw yF0UmRo6FytN (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw -embedcfg /tmp/go-build3709493360/b336/embedcfg -pack (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha ithub/workflows (http block)
  • https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
    • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/a70c5eada06553e3510ac27f2c3bda9d3705bccb
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/a70c5eada06553e3510ac27f2c3bda9d3705bccb --jq .object.sha (http block)
  • https://api.github.com/repos/githubnext/agentics/git/ref/tags/
    • Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/# --jq .object.sha (http block)

If you need me to access, download, or install something from one of these locations, you can either:

@pelikhan pelikhan marked this pull request as ready for review March 13, 2026 02:44
Copilot AI review requested due to automatic review settings March 13, 2026 02:44
Copilot AI reviewed Mar 13, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes cross-repo “caller-hosted relay” behavior by preserving the callee workflow ref during activation checkouts and ensuring the actions/ directory checkout is explicitly pinned to github/gh-aw (repo + ref), preventing Setup Scripts failures when the caller repo lacks actions/.

Changes:

  • Emit and plumb a target_ref (from GITHUB_WORKFLOW_REF) alongside target_repo so activation checkouts can use the callee’s pinned ref.
  • Extend .github/.agents checkout generation to support an optional ref: for cross-repo workflow_call scenarios.
  • Update generated workflows to checkout the actions/ folder from github/gh-aw with explicit repository: and ref:.

Reviewed changes

Copilot reviewed 177 out of 177 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
actions/setup/js/resolve_host_repo.cjs Extracts and outputs target_ref from GITHUB_WORKFLOW_REF for downstream checkout steps.
pkg/workflow/checkout_manager.go Adds ref support to .github/.agents sparse checkout generation.
pkg/workflow/compiler_activation_job.go Exposes target_ref as activation output and wires it into activation .github/.agents checkout.
pkg/workflow/compiler_yaml_helpers.go Normalizes version→git ref and pins Checkout actions folder with repository/ref in dev/script modes.
pkg/workflow/maintenance_workflow.go Emits Checkout actions folder in dev/script mode with explicit repository and optional ref.
.github/workflows/agentics-maintenance.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/workflow-skill-extractor.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/workflow-normalizer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/workflow-health-manager.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/workflow-generator.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/weekly-safe-outputs-spec-review.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/weekly-issue-summary.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/weekly-editors-health-check.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/video-analyzer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/ubuntu-image-analyzer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/typist.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/tidy.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/test-workflow.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/test-project-url-default.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/test-dispatcher.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/test-create-pr-error-handling.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/terminal-stylist.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/super-linter.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/sub-issue-closer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/step-name-alignment.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/static-analysis-report.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/stale-repo-identifier.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-test-tools.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-temporary-id.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-project.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-multi-pr.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-gemini.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-create-cross-repo-pr.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-copilot.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-codex.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-claude.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/smoke-agent.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/slide-deck-maintainer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/sergo.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/semantic-function-refactor.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/security-review.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/security-compliance.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/security-alert-burndown.campaign.g.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/scout.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/schema-consistency-checker.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/safe-output-health.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/research.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/repository-quality-improver.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/repo-tree-map.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/repo-audit-analyzer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/release.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/refiner.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/q.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/python-data-charts.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/prompt-clustering-analysis.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/pr-triage-agent.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/pr-nitpick-reviewer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/portfolio-analyst.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/plan.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/pdf-summary.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/org-health-report.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/notion-issue-summary.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/metrics-collector.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/mergefest.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/mcp-inspector.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/lockfile-stats.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/layout-spec-maintainer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/jsweep.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/issue-triage-agent.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/issue-monster.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/issue-arborist.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/instructions-janitor.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/hourly-ci-cleaner.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/grumpy-reviewer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/gpclean.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/go-pattern-detector.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/go-logger.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/go-fan.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/glossary-maintainer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/github-remote-mcp-auth-test.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/github-mcp-tools-report.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/functional-pragmatist.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/firewall.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/example-workflow-analyzer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/example-permissions-warning.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/duplicate-code-detector.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/draft-pr-cleanup.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/docs-noob-tester.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/discussion-task-miner.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/dictation-prompt.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/dev.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/dev-hawk.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/dependabot-go-checker.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/dependabot-burner.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/delight.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/dead-code-remover.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-workflow-updater.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-team-status.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-team-evolution-insights.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-syntax-error-quality.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-semgrep-scan.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-security-red-team.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-secrets-analysis.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-safe-outputs-conformance.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-regulatory.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-performance-summary.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-observability-report.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-multi-device-docs-tester.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-mcp-concurrency-analysis.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-malicious-code-scan.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-function-namer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-firewall-report.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-file-diet.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-doc-updater.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-doc-healer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-compiler-quality.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-cli-tools-tester.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-cli-performance.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-choice-test.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-assign-issue-to-user.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/daily-architecture-diagram.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/craft.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/copilot-pr-merged-report.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/copilot-cli-deep-research.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/copilot-agent-analysis.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/contribution-check.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/constraint-solving-potd.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/commit-changes-analyzer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/codex-github-remote-mcp-test.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/code-simplifier.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/cloclo.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/cli-version-checker.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/cli-consistency-checker.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/claude-code-user-docs-review.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/ci-doctor.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/ci-coach.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/chroma-issue-indexer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/changeset.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/breaking-change-checker.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/brave.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/bot-detection.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/blog-auditor.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/auto-triage-issues.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/artifacts-summary.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/archie.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/ai-moderator.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/agent-performance-analyzer.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).
.github/workflows/ace-editor.lock.yml Pins Checkout actions folder to github/gh-aw (repo + ref).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

pkg/workflow/maintenance_workflow.go
Comment on lines +214 to +218
ref := versionToGitRef(version)
refLine := ""
if ref != "" {
refLine = " ref: " + ref + "\n"
}
.github/workflows/agentics-maintenance.yml Outdated
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
repository: github/gh-aw
ref: 45b92cc
.github/workflows/workflow-skill-extractor.lock.yml Outdated
Comment on lines +57 to +61
- name: Checkout actions folder
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
repository: github/gh-aw
ref: 45b92cc
@pelikhan
Copy link
Contributor

pelikhan commented Mar 13, 2026

@copilot fix tests CI / build-wasm (pull_request)Failing after 52s
CI / test (pull_request)
CI / test (pull_request)Failing after 1m

@pelikhan
fix: update WASM golden files with repository field in Checkout actio…
195b6b4 
…ns folder step

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Mar 13, 2026
edited
Loading

@copilot fix tests CI / build-wasm (pull_request)Failing after 52s
[CI / test (pull_request)](https://github.com/g...

Fixed in commit 195b6b4. The WASM golden test files were missing the new repository: github/gh-aw field — updated them by running go test ./pkg/workflow -run='^TestWasmGolden_' -update.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw -ifaceassert -nilfunc git rev-�� --show-toplevel -tests /usr/bin/git (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw git /opt/hostedtoolc--show-toplevel git rev-�� --show-toplevel node /usr/bin/git x_amd64/compile git /opt/hostedtoolc--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha se 0470764/b241/vet.cfg /home/REDACTED/go/bin/bash (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/compile /usr/bin/git --show-toplevel git ache/node/24.14.--show-toplevel git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha --show-toplevel /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet 0/x64/bin/node heckout/git/ref/git /tmp/go-build118rev-parse /opt/hostedtoolc--show-toplevel git js --show-toplevel /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /usr/bin/git -unreachable=falgit /tmp/go-build118rev-parse /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha tags/v4 git /usr/bin/git --show-toplevel ache/go/1.25.0/xrev-parse /usr/bin/tr git rev-�� --show-toplevel tr /usr/bin/git : ache/go/1.25.0/xrev-parse /usr/bin/git git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -unreachable=false /tmp/go-build1180470764/b036/vet.cfg 0470764/b335/vet.cfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha se 0470764/b036/vet.cfg .cfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha se 0470764/b106/vet.cfg .cfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha --local pull.rebase .cfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha se 0470764/b059/vet.cfg .cfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha se 0470764/b128/vet.cfg ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha set-url origin .cfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha --show-toplevel git ache/node/24.14.0/x64/bin/node --show-toplevel -tests /usr/bin/git git _inc�� --show-toplevel git cal/bin/bash --show-toplevel (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse 0/x64/bin/node git rev-�� --show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse 0/x64/bin/node git (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha se 0470764/b049/vet.cfg .cfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha --show-toplevel git ache/node/24.14.0/x64/bin/node --show-toplevel -tests /usr/bin/git git _inc�� --show-toplevel git k/_temp/ghcca-node/node/bin/bash --show-toplevel (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse 0/x64/bin/node git rev-�� --show-toplevel git ache/node/24.14.0/x64/bin/bash --show-toplevel /opt/hostedtoolcrev-parse 0/x64/bin/node git (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha --show-toplevel ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /usr/bin/cut 0/x64&#34;; export Pgit (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git rev-�� --show-toplevel git n-dir/node --show-toplevel ache/go/1.25.0/xrev-parse re-branch git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 bash /usr/bin/git --noprofile git /usr/bin/git git rev-�� --show-toplevel git 0/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 git /opt/hostedtoolcache/uv/0.10.9/x86_64/bash --show-toplevel git /usr/bin/git bash --no�� --noprofile git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 bash /usr/bin/git --noprofile git /usr/bin/git git rev-�� --show-toplevel git ache/node/24.14.0/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 git 066de2ac6823ccf7cf20c054a0e1efc4292c0935bd8debfa5c8dec2fbc71970d-d --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 bash /usr/bin/git --noprofile git /usr/bin/git git rev-�� --show-toplevel git ache/node/24.14.0/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� /ref/tags/v8 git /usr/bin/git --show-toplevel 64/pkg/tool/linu/tmp/fuzz-expr-3280379711.js /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 go 64/bin/go -v ./pkg/workflow /usr/bin/git git rev-�� --show-toplevel git 86_64/node --show-toplevel mT3H_ibhDjrd /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 git /usr/bin/find --show-toplevel git /usr/bin/git find /roo�� -type f /usr/bin/git &#43;30 -delete /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 bash x_amd64/link --noprofile git /usr/bin/git x_amd64/link rev-�� --show-toplevel git ache/node/24.14.0/x64/bin/node --show-toplevel git /usr/bin/git gQ/wQtfmYPJyckR0gnX0JTX/_8DtxLzCEyM21KM_Xuxg (http block)
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 bash x_amd64/vet --noprofile git /usr/bin/git x_amd64/vet rev-�� --show-toplevel git 0/x64/bin/npx --show-toplevel git /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 git /proc/self/fd/9 --show-toplevel git /usr/bin/git /usr/lib/systemd/systemd-executor --de�� 27 --log-level /usr/bin/git --log-target auto /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 tail /usr/bin/git /usr/bin/git git /usr/bin/git git rev-�� (http block)
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 git /home/REDACTED/.local/bin/bash --show-toplevel git /usr/bin/git bash --no�� --noprofile git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --show-toplevel git /usr/bin/git --show-toplevel git ache/node/24.14.&#34;prettier&#34; --write &#39;scripts/**/*.js&#39; --ignore-path .prettierignore --log-level=error git rev-�� h ../../../.prettierignore (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 -d 168.63.129.16 git rev-�� w/js/**/*.json&#39; --ignore-path conntrack /usr/bin/git INVALID,NEW -j DROP git (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 git /usr/local/.ghcu.github/workflows/test.md x_amd64/vet cjs --show-toplevel bash ache/node/24.14.-nolocalimports --noprofile git /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel x_amd64/vet /usr/bin/git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel git /opt/hostedtoolcache/node/24.14.0/x64/bin/node --show-toplevel (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha /repos/actions/github-script/git/ref/tags/v8 --jq /usr/bin/git --show-toplevel git nfig/composer/ve-bool git rev-�� --show-toplevel node /usr/bin/git /usr/bin/git git ache/go/1.25.0/x/tmp/gh-aw-test-runs/20260313-035124-29124/test-2720394278/.github/workflows git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha install --package-lock-only /usr/bin/git --show-toplevel -extld=gcc /usr/bin/git git rev-�� --show-toplevel git /usr/bin/basename --show-toplevel git /usr/bin/git basename (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha --show-toplevel git /sh --show-toplevel git tnet/tools/bash git rev-�� js/**/*.json&#39; ---errorsas node /usr/bin/git /usr/bin/git git ache/go/1.25.0/x--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git cfg git rev-�� js/**/*.json&#39; ---errorsas node /usr/bin/git /usr/bin/git tdata/wasm_golde-C ache/go/1.25.0/x/tmp/gh-aw-test-runs/20260313-035124-29124/test-3769543250/.github/workflows git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha --show-toplevel git /usr/bin/find --show-toplevel git cal/bin/bash find /tmp�� js/**/*.json&#39; ---errorsas 4 /usr/bin/git d -name bin git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha /repos/actions/github-script/git/ref/tags/v8 --jq /usr/bin/git --show-toplevel git /opt/hostedtoolc-bool git rev-�� js/**/*.json&#39; ---errorsas node /usr/bin/git /usr/bin/git git ache/go/1.25.0/x--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel infocmp /opt/hostedtoolc--show-toplevel git rev-�� --show-toplevel /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /usr/bin/sed -bool -buildtags /usr/bin/git sed (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha (http block)
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha --show-toplevel x_amd64/vet /usr/bin/git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha --show-toplevel git /opt/hostedtoolcache/node/24.14.0/x64/bin/node --show-toplevel (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion --show-toplevel git /usr/bin/git git rev-�� &#39;**/*.ts&#39; &#39;**/*.json&#39; --ignore-path ../../../.pr**/*.json git ndor/bin/sh --show-toplevel git /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion --show-toplevel 64/pkg/tool/linu/tmp/fuzz-expr-2216001072.js /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git 64/bin/node git (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo /usr/local/sbin/iptables --show-toplevel git ache/go/1.25.0/x&#34;prettier&#34; --write &#39;scripts/**/*.js&#39; --ignore-path .prettierignore --log-level=error iptables -w h ../../../.prettierignore (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo modules/@npmcli/run-script/lib/node-gyp-bin/sh --show-toplevel git sh iptables -w h ../../../.pret.prettierignore security /usr/bin/git OUTPUT -d 168.63.129.16 git (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo /usr/bin/git &#34;prettier&#34; --wrigit l /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • https://api.github.com/repos/owner/repo/contents/file.md
    • Triggering command: /tmp/go-build82077700/b383/cli.test /tmp/go-build82077700/b383/cli.test -test.testlogfile=/tmp/go-build82077700/b383/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true --show-toplevel git ache/node/24.14.--write git rev-�� ath ../../../.pr**/*.json git /usr/bin/git --show-toplevel git rgo/bin/bash 4 -type d -name bin 2&gt;/dev/null | tr &#39;\n&#39; &#39;:&#39;)$PATH&#34;; [ -n &#34;$GOROOT&#34; ] &amp;&amp; expo (http block)
    • Triggering command: /tmp/go-build1681901239/b359/cli.test /tmp/go-build1681901239/b359/cli.test -test.testlogfile=/tmp/go-build1681901239/b359/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.short=true --show-toplevel nly /usr/bin/git --write scripts/**/*.js 0/x64/bin/node git rev-�� --show-toplevel 0/x64/bin/node e/git : ${{ github.repgit git 77700/b427=&gt; e/git (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name --show-toplevel git /usr/bin/git --show-toplevel git ache/node/24.14.&#34;prettier&#34; --write &#39;scripts/**/*.js&#39; --ignore-path .prettierignore --log-level=e!../../../pkg/workflow/js/**/*.json git rev-�� --show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name --show-toplevel node /usr/bin/git prettier --write ache/go/1.25.0/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet (http block)

If you need me to access, download, or install something from one of these locations, you can either:

@pelikhan pelikhan merged commit bc59898 into main Mar 13, 2026
52 checks passed
@pelikhan pelikhan deleted the copilot/fix-activation-checkout-ref branch March 13, 2026 05:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

smoke

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bug: Activation checkout does not preserve callee workflow ref in caller-hosted relays

3 participants

@pelikhan