[docs] Update glossary - daily scan

[github-actions]

Glossary Updates - 2026-05-01

Scan Type

• Incremental (daily - last 24 hours)
• Full scan (weekly - last 7 days)

Terms Added

• BYOK (Bring Your Own Key): Copilot engine mode routing to external LLM providers. Added because ADR-29411 and PR fix: add COPILOT_PROVIDER_* to strict-mode allowlist, skip token validation in BYOK mode, and document Copilot BYOK #29411 introduced full BYOK documentation in engines.md.
• Pwn Request: Critical pull_request_target security vulnerability. Added because ADR-29433 and PR Add pull_request_target security validation (pwn request detection) #29433 introduced compiler validation for this attack vector.

Terms Updated

• Sandbox: Removed reference to deprecated sandbox.agent: false. ADR-29483 and PR Add codemods to auto-remove deprecated sandbox.mcp.* and sandbox.agent: false keys #29483 deprecated this key and added a codemod to auto-remove it.

Changes Analyzed

• Reviewed 4 relevant commits from last 24 hours
• Analyzed 4 ADRs: fix: add COPILOT_PROVIDER_* to strict-mode allowlist, skip token validation in BYOK mode, and document Copilot BYOK #29411, Add pull_request_target security validation (pwn request detection) #29433, [cache-strategy] Fix cache miss in jsweep - JavaScript Unbloater #29450, Add codemods to auto-remove deprecated sandbox.mcp.* and sandbox.agent: false keys #29483

Related Changes

• PR fix: add COPILOT_PROVIDER_* to strict-mode allowlist, skip token validation in BYOK mode, and document Copilot BYOK #29411: Copilot BYOK provider vars strict-mode allowlist + documentation
• PR Add pull_request_target security validation (pwn request detection) #29433: pull_request_target security validation (pwn request detection)
• PR Add codemods to auto-remove deprecated sandbox.mcp.* and sandbox.agent: false keys #29483: Codemods to auto-remove deprecated sandbox.mcp.* and sandbox.agent: false keys

Generated by Glossary Maintainer · ● 1.3M · ◷

• expires on May 3, 2026, 10:46 AM UTC