feat: load safe_outputs_tools.json from actions/setup at runtime instead of inlining

[Copilot]

Each compiled .lock.yml was embedding a 20–50 KB filtered copy of safe_outputs_tools.json as a heredoc, bloating every lock file and forcing a full recompile of all 172 workflows whenever tool descriptions changed.

Strategy

Before: Go filters + enhances safe_outputs_tools.json at compile time → entire JSON inlined as heredoc in every lock file.

After: Compile time produces a small tools_meta.json (~10 lines); runtime JS loads the source file from the actions/setup folder and assembles the final tools.json.

# Write Safe Outputs Tools step — was 200+ lines of inlined JSON, now:
cat > /opt/gh-aw/safeoutputs/tools_meta.json << 'EOF'
{
  "description_suffixes": {
    "create_issue": " CONSTRAINTS: Maximum 5 issue(s) can be created."
  },
  "repo_params": {},
  "dynamic_tools": []
}
EOF
node /tmp/gh-aw/actions/generate_safe_outputs_tools.cjs

Changes

• actions/setup/js/generate_safe_outputs_tools.cjs — new runtime script: reads safe_outputs_tools.json from /tmp/gh-aw/actions/, filters tools whose names appear as keys in config.json, applies description suffixes and repo params from tools_meta.json, appends dynamic tools, writes final tools.json
• actions/setup/js/generate_safe_outputs_tools.test.cjs — 10 unit tests covering filtering, description enhancement, repo params, dynamic tool merging, and error paths
• pkg/workflow/safe_outputs_tools_filtering.go — adds generateToolsMetaJSON (produces tools_meta.json content) and extracted helpers: computeEnabledToolNames, computeRepoParamForTool, generateDynamicTools, ToolsMeta
• pkg/workflow/mcp_setup_generator.go — replaces generateFilteredToolsJSON + large heredoc with generateToolsMetaJSON + node invocation
• pkg/workflow/safe_outputs_tools_meta_integration_test.go — 8 integration tests verifying behavioral equivalence between the old and new approaches, including:
  • Regression guard that description suffixes in tools_meta.json match the constraint text previously embedded directly in tool descriptions by generateFilteredToolsJSON
  • Coverage of all major tool types with custom constraints (title-prefix, labels, allowed-labels, category, base-branch, project URL)
  • Repo parameter parity tests (with/without allowed-repos, wildcard target-repo)
  • Dynamic tool placement (custom safe-jobs in dynamic_tools)
  • End-to-end compiled lock file verification that the new format is used and constraint text is present

Result

172 lock files regenerated; net 28,738 lines removed. Tool description changes no longer require recompiling all workflows.

Original prompt

Change the strategy to generate the safe output tools.json file. Instead of inlining the entire file, load the tools.json file from the actions/setup folder, and process it with JavaScript to filter out the tools and update the description.

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

[pelikhan]

@copilot add more integration tests covering the older behavior compared to new rendered tools.json. Make sure custom descriptions are working.

[Copilot]

@copilot add more integration tests covering the older behavior compared to new rendered tools.json. Make sure custom descriptions are working.

Added pkg/workflow/safe_outputs_tools_meta_integration_test.go (commit 8d42a9d) with 8 integration tests:

• TestToolsMetaJSONDescriptionsMatchFilteredTools — direct regression test: for each tool config, verifies the description suffix from tools_meta.json is exactly the constraint portion that generateFilteredToolsJSON (old approach) embedded in the full description. Covers create_issue (max + labels + title-prefix), add_comment, create_pull_request (draft + reviewers), and upload_asset.
• TestToolsMetaJSONCustomDescriptionsAllToolTypes — exercises 5 more tool types with custom constraints (create_discussion category, close_issue title-prefix, add_labels allowed list, update_project URL, assign_to_agent base-branch), asserting each suffix appears in both tools_meta.json and the old filtered output.
• TestToolsMetaJSONRepoParamsMatchFilteredTools — verifies repo params in tools_meta match the old approach (with/without allowed-repos, wildcard target-repo).
• TestToolsMetaJSONDynamicToolsFromCustomJobs — verifies custom safe-job tools land in dynamic_tools with the same schema as the old approach.
• TestToolsMetaJSONCompiledWorkflowEmbedsMeta / TestToolsMetaJSONContainsDescriptionSuffixes — end-to-end compile tests that parse the actual tools_meta.json heredoc from the generated .lock.yml and verify constraint text is present.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw .cfg ndor/bin/bash git rev-�� --show-toplevel git /usr/bin/git copilot/update-tgit (http block)
• https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
  • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha -x c /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/cgo - (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v3
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha type CloseIssuesConfig\|RequiredTitlePrefix /home/REDACTED/work/gh-aw/gh-aw/pkg/workflow/safe_outputs_jobs.go 64/pkg/tool/linux_amd64/link (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v5
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --abbrev-ref HEAD ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha 2015250/b123/embedcfg (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel x_amd64/compile /usr/bin/git se 3247086/b229/vetrev-parse ache/go/1.25.0/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.0/x64/pkg/tool/linu-buildtags /usr/bin/git --noprofile (http block)
• https://api.github.com/repos/actions/checkout/git/ref/tags/v6
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --noprofile (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --noprofile /home/REDACTED/work/gh-aw/gh-aw/pkg/workflow/safe_outputs_domains_validation_test.go /home/REDACTED/go/bin/bash (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /usr/bin/git se 3247086/b138/vetrev-parse ache/go/1.25.0/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /usr/bin/git se 3247086/b252/vetrev-parse ndor/bin/bash git (http block)
• https://api.github.com/repos/actions/github-script/git/ref/tags/v8
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha --noprofile (http block)
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha --show-toplevel ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /usr/bin/git se 3247086/b149/vetrev-parse 64/bin/bash git rev-�� --show-toplevel ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /usr/bin/git se 3247086/b262/vetrev-parse bin/bash git (http block)
• https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha --noprofile stmain.go ache/go/1.25.0/x64/pkg/tool/linux_amd64/link (http block)
• https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
  • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha g/workflow/network_merge_integration_test.go (http block)
• https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
  • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha -unreachable=false /tmp/go-build2633247086/b276/vet.cfg 0/x64/bin/bash (http block)
• https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha -bool -buildtags x86_64/bash -errorsas -ifaceassert -nilfunc bash --no�� --noprofile -tests n-dir/bash (http block)
• https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha -unreachable=false /tmp/go-build2633247086/b277/vet.cfg .cfg (http block)
• https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha get .cfg 64/pkg/tool/linu-nilfunc user.email (http block)
• https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
  • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha get .cfg 64/pkg/tool/linux_amd64/vet user.email (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

Pull request overview

This PR reduces workflow lockfile bloat by replacing compile-time inlining of safe_outputs_tools.json with runtime generation of the final tools.json from a small per-workflow tools_meta.json.

Changes:

• Generate tools_meta.json during compilation and invoke a runtime Node script to assemble the final tools.json.
• Add actions/setup/js/generate_safe_outputs_tools.cjs to load, filter, and enhance tool definitions at runtime.
• Regenerate workflow lockfiles to write tools_meta.json (instead of large tools.json) and run the runtime generator.

Reviewed changes

Copilot reviewed 101 out of 171 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
pkg/workflow/mcp_setup_generator.go	Switches from generating inlined tools.json to emitting tools_meta.json + running a Node generator at runtime
actions/setup/js/generate_safe_outputs_tools.cjs	New runtime generator that loads source tools, filters by config, applies meta overrides, and writes tools.json
.github/workflows/typist.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/test-dispatcher.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/test-create-pr-error-handling.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/terminal-stylist.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/static-analysis-report.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/smoke-call-workflow.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/slide-deck-maintainer.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/sergo.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/schema-consistency-checker.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/safe-output-health.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/research.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/repository-quality-improver.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/repo-tree-map.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/repo-audit-analyzer.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/release.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/prompt-clustering-analysis.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/notion-issue-summary.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/mergefest.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/lockfile-stats.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/hourly-ci-cleaner.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/go-fan.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/github-remote-mcp-auth-test.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/firewall-escape.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/example-workflow-analyzer.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/duplicate-code-detector.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/dev.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/daily-team-evolution-insights.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/daily-semgrep-scan.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/daily-malicious-code-scan.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/daily-compiler-quality.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/daily-choice-test.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/copilot-pr-prompt-analysis.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/copilot-pr-merged-report.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/copilot-cli-deep-research.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/copilot-agent-analysis.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/constraint-solving-potd.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/commit-changes-analyzer.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/claude-code-user-docs-review.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/ci-coach.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/breaking-change-checker.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/blog-auditor.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/artifacts-summary.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator
.github/workflows/agent-persona-explorer.lock.yml	Replaces inlined tools.json with tools_meta.json and runs runtime generator

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...]

[github-actions]

🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation...

[github-actions]

❌ Tool validation failed! Agent Container Smoke Test detected missing tools: failed

[github-actions]

📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident...

[pelikhan]

@copilot fix setup.sh https://github.com/github/gh-aw/actions/runs/23176727939/job/67340571512#step:19:1

[Copilot]

@copilot fix setup.sh https://github.com/github/gh-aw/actions/runs/23176727939/job/67340571512#step:19:1

Fixed in 9ba850d. setup.sh copies JS files to DESTINATION=/opt/gh-aw/actions, but the lock files were invoking node /tmp/gh-aw/actions/generate_safe_outputs_tools.cjs — a path that doesn't exist. Changed the path in mcp_setup_generator.go to /opt/gh-aw/actions/generate_safe_outputs_tools.cjs and recompiled all 166 affected lock files.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw 1liaufBzhMV8 (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility (http block)
• https://api.github.com/repos/githubnext/agentics/git/ref/tags/
  • Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/# --jq .object.sha (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[github-actions]

💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...]

[github-actions]

🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation...

[github-actions]

❌ Tool validation failed! Agent Container Smoke Test detected missing tools: failed

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident...

[pelikhan]

@copilot fix https://github.com/github/gh-aw/actions/runs/23177074391/job/67341655814#step:19:1

[Copilot]

@copilot fix https://github.com/github/gh-aw/actions/runs/23177074391/job/67341655814#step:19:1

Fixed in 452690f. generate_safe_outputs_tools.cjs was defaulting to /tmp/gh-aw/actions/safe_outputs_tools.json as the source tools path, but setup.sh copies all files to /opt/gh-aw/actions/. Updated the default to /opt/gh-aw/actions/safe_outputs_tools.json.

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

✅ All tools validated successfully! Agent Container Smoke Test confirms agent container is ready.

[github-actions]

💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...]

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

Agent Container Tool Check

Tool	Status	Version
bash	✅	5.2.21
sh	✅	available
git	✅	2.53.0
jq	✅	1.7
yq	✅	4.52.4
curl	✅	8.5.0
gh	✅	2.87.3
node	✅	20.20.1
python3	✅	3.12.3
go	✅	1.24.13
java	✅	10.0.102
dotnet	✅	10.0.102

Result: 12/12 tools available ✅ — PASS

🔧 Tool validation by Agent Container Smoke Test · ◷

[github-actions]

Commit pushed: 50d5798

Generated by Changeset Generator

[github-actions]

📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident...