From 69bd45be13441ef157ccef41faa63ad6eb4e4097 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 21 Dec 2025 15:45:01 +0000 Subject: [PATCH 1/2] Initial plan From 0f9105f19efafa636b6b3d9861ee80c77c8aaf1a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 21 Dec 2025 15:51:15 +0000 Subject: [PATCH 2/2] fix: format code and recompile workflows Co-authored-by: mnkiefer <8320933+mnkiefer@users.noreply.github.com> --- .github/workflows/audit-workflows.lock.yml | 6 +- .../copilot-pr-nlp-analysis.lock.yml | 4 +- .../copilot-session-insights.lock.yml | 4 +- .github/workflows/daily-code-metrics.lock.yml | 4 +- .../daily-copilot-token-report.lock.yml | 5 +- .github/workflows/daily-file-diet.lock.yml | 4 +- .../workflows/daily-firewall-report.lock.yml | 6 +- .../workflows/daily-issues-report.lock.yml | 4 +- .github/workflows/daily-news.lock.yml | 4 +- .../daily-performance-summary.lock.yml | 4 +- .../workflows/daily-repo-chronicle.lock.yml | 4 +- .github/workflows/deep-report.lock.yml | 2 +- .github/workflows/dev-hawk.lock.yml | 2 +- .../github-mcp-structural-analysis.lock.yml | 4 +- ...ion-project64.campaign.launcher.g.lock.yml | 416 +++++++----------- .../workflows/go-pattern-detector.lock.yml | 2 +- .github/workflows/intelligence.lock.yml | 4 +- .github/workflows/issue-classifier.lock.yml | 2 +- .github/workflows/org-health-report.lock.yml | 4 +- .github/workflows/portfolio-analyst.lock.yml | 6 +- .../prompt-clustering-analysis.lock.yml | 6 +- .github/workflows/python-data-charts.lock.yml | 4 +- .github/workflows/release.lock.yml | 14 +- .github/workflows/safe-output-health.lock.yml | 2 +- .../workflows/slide-deck-maintainer.lock.yml | 2 +- .../smoke-copilot-playwright.lock.yml | 2 +- .github/workflows/smoke-detector.lock.yml | 2 +- .../workflows/stale-repo-identifier.lock.yml | 8 +- .../workflows/static-analysis-report.lock.yml | 2 +- .github/workflows/super-linter.lock.yml | 8 +- .github/workflows/tidy.lock.yml | 4 +- .../workflows/weekly-issue-summary.lock.yml | 4 +- pkg/campaign/validation.go | 2 +- 33 files changed, 217 insertions(+), 334 deletions(-) diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index 2a605dae96c..538756202a0 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -171,7 +171,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod @@ -193,7 +193,7 @@ jobs: pip install --user --quiet numpy pandas matplotlib seaborn scipy - if: always() name: Upload charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-charts @@ -201,7 +201,7 @@ jobs: retention-days: 30 - if: always() name: Upload source and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-source-and-data diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index ce0de675dd3..6693aeee98b 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -177,7 +177,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -185,7 +185,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml index 13903ae786b..370caba49aa 100644 --- a/.github/workflows/copilot-session-insights.lock.yml +++ b/.github/workflows/copilot-session-insights.lock.yml @@ -184,7 +184,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -192,7 +192,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml index 8cdd541b483..48d5331eafd 100644 --- a/.github/workflows/daily-code-metrics.lock.yml +++ b/.github/workflows/daily-code-metrics.lock.yml @@ -170,7 +170,7 @@ jobs: pip install --user --quiet numpy pandas matplotlib seaborn scipy - if: always() name: Upload charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-charts @@ -178,7 +178,7 @@ jobs: retention-days: 30 - if: always() name: Upload source and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-source-and-data diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml index df52ab90661..0d6a847b013 100644 --- a/.github/workflows/daily-copilot-token-report.lock.yml +++ b/.github/workflows/daily-copilot-token-report.lock.yml @@ -30,6 +30,7 @@ name: "Daily Copilot Token Consumption Report" "on": schedule: - cron: "0 11 * * 1-5" + # Friendly format: daily (scattered) workflow_dispatch: permissions: {} @@ -173,7 +174,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -181,7 +182,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml index 82b08ac94c6..44507afee89 100644 --- a/.github/workflows/daily-file-diet.lock.yml +++ b/.github/workflows/daily-file-diet.lock.yml @@ -189,7 +189,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -197,7 +197,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index 57456d552cc..554448aaaed 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -170,7 +170,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod @@ -190,7 +190,7 @@ jobs: pip install --user --quiet numpy pandas matplotlib seaborn scipy - if: always() name: Upload charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-charts @@ -198,7 +198,7 @@ jobs: retention-days: 30 - if: always() name: Upload source and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-source-and-data diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml index 18f508ac169..b97c6ad21c6 100644 --- a/.github/workflows/daily-issues-report.lock.yml +++ b/.github/workflows/daily-issues-report.lock.yml @@ -185,7 +185,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -193,7 +193,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index 65707681c20..53452b22daf 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -179,7 +179,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -187,7 +187,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml index a9a378fcf69..8683c3b298b 100644 --- a/.github/workflows/daily-performance-summary.lock.yml +++ b/.github/workflows/daily-performance-summary.lock.yml @@ -176,7 +176,7 @@ jobs: pip install --user --quiet numpy pandas matplotlib seaborn scipy - if: always() name: Upload charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-charts @@ -184,7 +184,7 @@ jobs: retention-days: 30 - if: always() name: Upload source and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-source-and-data diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index 77194f4c300..229775e3e88 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -174,7 +174,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -182,7 +182,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index 7b8089e9772..5b0465bd30b 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -179,7 +179,7 @@ jobs: name: Fetch weekly issues data run: "# Create output directories\nmkdir -p /tmp/gh-aw/weekly-issues-data\nmkdir -p /tmp/gh-aw/cache-memory\n\n# Get today's date for cache identification\nTODAY=$(date '+%Y-%m-%d')\nCACHE_DIR=\"/tmp/gh-aw/cache-memory\"\n\n# Check if cached data exists from today\nif [ -f \"$CACHE_DIR/weekly-issues-${TODAY}.json\" ] && [ -s \"$CACHE_DIR/weekly-issues-${TODAY}.json\" ]; then\n echo \"✓ Found cached weekly issues data from ${TODAY}\"\n cp \"$CACHE_DIR/weekly-issues-${TODAY}.json\" /tmp/gh-aw/weekly-issues-data/issues.json\n \n # Regenerate schema if missing\n if [ ! -f \"$CACHE_DIR/weekly-issues-${TODAY}-schema.json\" ]; then\n /tmp/gh-aw/jqschema.sh < /tmp/gh-aw/weekly-issues-data/issues.json > \"$CACHE_DIR/weekly-issues-${TODAY}-schema.json\"\n fi\n cp \"$CACHE_DIR/weekly-issues-${TODAY}-schema.json\" /tmp/gh-aw/weekly-issues-data/issues-schema.json\n \n echo \"Using cached data from ${TODAY}\"\n echo \"Total issues in cache: $(jq 'length' /tmp/gh-aw/weekly-issues-data/issues.json)\"\nelse\n echo \"⬇ Downloading fresh weekly issues data...\"\n \n # Calculate date 7 days ago (cross-platform: GNU date first, BSD fallback)\n DATE_7_DAYS_AGO=$(date -d '7 days ago' '+%Y-%m-%d' 2>/dev/null || date -v-7d '+%Y-%m-%d')\n \n echo \"Fetching issues created or updated since ${DATE_7_DAYS_AGO}...\"\n \n # Fetch issues from the last 7 days using gh CLI\n # Using --search with updated filter to get recent activity\n gh issue list --repo ${{ github.repository }} \\\n --search \"updated:>=${DATE_7_DAYS_AGO}\" \\\n --state all \\\n --json number,title,author,createdAt,state,url,body,labels,updatedAt,closedAt,milestone,assignees,comments \\\n --limit 500 \\\n > /tmp/gh-aw/weekly-issues-data/issues.json\n\n # Generate schema for reference\n /tmp/gh-aw/jqschema.sh < /tmp/gh-aw/weekly-issues-data/issues.json > /tmp/gh-aw/weekly-issues-data/issues-schema.json\n\n # Store in cache with today's date\n cp /tmp/gh-aw/weekly-issues-data/issues.json \"$CACHE_DIR/weekly-issues-${TODAY}.json\"\n cp /tmp/gh-aw/weekly-issues-data/issues-schema.json \"$CACHE_DIR/weekly-issues-${TODAY}-schema.json\"\n\n echo \"✓ Weekly issues data saved to cache: weekly-issues-${TODAY}.json\"\n echo \"Total issues found: $(jq 'length' /tmp/gh-aw/weekly-issues-data/issues.json)\"\nfi\n\n# Always ensure data is available at expected locations for backward compatibility\necho \"Weekly issues data available at: /tmp/gh-aw/weekly-issues-data/issues.json\"\necho \"Schema available at: /tmp/gh-aw/weekly-issues-data/issues-schema.json\"" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index f76137103e1..4f0163a1bb6 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -174,7 +174,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml index c9d1155a9a7..9765266e0f0 100644 --- a/.github/workflows/github-mcp-structural-analysis.lock.yml +++ b/.github/workflows/github-mcp-structural-analysis.lock.yml @@ -175,7 +175,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -183,7 +183,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/go-file-size-reduction-project64.campaign.launcher.g.lock.yml b/.github/workflows/go-file-size-reduction-project64.campaign.launcher.g.lock.yml index adeaaad055a..ed6ef5d742c 100644 --- a/.github/workflows/go-file-size-reduction-project64.campaign.launcher.g.lock.yml +++ b/.github/workflows/go-file-size-reduction-project64.campaign.launcher.g.lock.yml @@ -25,7 +25,7 @@ name: "Go File Size Reduction Campaign (Project 64) (launcher)" "on": schedule: - cron: "0 17 * * *" - workflow_dispatch: null + workflow_dispatch: permissions: {} @@ -148,7 +148,7 @@ jobs: output_types: ${{ steps.collect_output.outputs.output_types }} steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false - name: Create gh-aw temp directory @@ -246,10 +246,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images @@ -264,7 +262,7 @@ jobs: while [ $attempt -le $max_attempts ]; do echo "Attempt $attempt of $max_attempts: Pulling $image..." - if docker pull "$image"; then + if docker pull --quiet "$image"; then echo "Successfully pulled $image" return 0 fi @@ -2128,7 +2126,7 @@ jobs: PROMPT_EOF - name: Substitute placeholders - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 env: GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GH_AW_GITHUB_ACTOR: ${{ github.actor }} @@ -2350,14 +2348,14 @@ jobs: } >> "$GITHUB_STEP_SUMMARY" - name: Upload prompt if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: prompt.txt path: /tmp/gh-aw/aw-prompts/prompt.txt if-no-files-found: warn - name: Upload agentic run info if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: aw_info.json path: /tmp/gh-aw/aw_info.json @@ -2370,7 +2368,7 @@ jobs: timeout-minutes: 20 run: | set -o pipefail - sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:rw" --mount /usr/bin/date:/usr/bin/date:ro --mount /usr/bin/gh:/usr/bin/gh:ro --mount /usr/bin/yq:/usr/bin/yq:ro --mount /usr/local/bin/copilot:/usr/local/bin/copilot:ro --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,github.com,host.docker.internal,raw.githubusercontent.com,registry.npmjs.org --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs \ + sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:rw" --mount /usr/bin/date:/usr/bin/date:ro --mount /usr/bin/gh:/usr/bin/gh:ro --mount /usr/bin/yq:/usr/bin/yq:ro --mount /usr/local/bin/copilot:/usr/local/bin/copilot:ro --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,github.com,host.docker.internal,raw.githubusercontent.com,registry.npmjs.org --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --image-tag 0.7.0 \ -- /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-tool github --allow-tool safeoutputs --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_COPILOT:+ --model "$GH_AW_MODEL_AGENT_COPILOT"} \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log env: @@ -2504,7 +2502,7 @@ jobs: SECRET_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload Safe Outputs if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: safe_output.jsonl path: ${{ env.GH_AW_SAFE_OUTPUTS }} @@ -2566,10 +2564,7 @@ jobs: return []; } } - function sanitizeContentCore(content, maxLength) { - if (!content || typeof content !== "string") { - return ""; - } + function buildAllowedDomains() { const allowedDomainsEnv = process.env.GH_AW_ALLOWED_DOMAINS; const defaultAllowedDomains = ["github.com", "github.io", "githubusercontent.com", "githubassets.com", "github.dev", "codespaces.new"]; let allowedDomains = allowedDomainsEnv @@ -2588,131 +2583,141 @@ jobs: const apiDomains = extractDomainsFromUrl(githubApiUrl); allowedDomains = allowedDomains.concat(apiDomains); } - allowedDomains = [...new Set(allowedDomains)]; - let sanitized = content; - sanitized = sanitized.replace(/\x1b\[[0-9;]*[mGKH]/g, ""); - sanitized = sanitized.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, ""); - sanitized = neutralizeCommands(sanitized); - sanitized = neutralizeAllMentions(sanitized); - sanitized = removeXmlComments(sanitized); - sanitized = convertXmlTags(sanitized); - sanitized = sanitizeUrlProtocols(sanitized); - sanitized = sanitizeUrlDomains(sanitized, allowedDomains); - const lines = sanitized.split("\n"); - const maxLines = 65000; - maxLength = maxLength || 524288; - if (lines.length > maxLines) { - const truncationMsg = "\n[Content truncated due to line count]"; - const truncatedLines = lines.slice(0, maxLines).join("\n") + truncationMsg; - if (truncatedLines.length > maxLength) { - sanitized = truncatedLines.substring(0, maxLength - truncationMsg.length) + truncationMsg; + return [...new Set(allowedDomains)]; + } + function sanitizeUrlProtocols(s) { + return s.replace(/((?:http|ftp|file|ssh|git):\/\/([\w.-]*)(?:[^\s]*)|(?:data|javascript|vbscript|about|mailto|tel):[^\s]+)/gi, (match, _fullMatch, domain) => { + if (domain) { + const domainLower = domain.toLowerCase(); + const truncated = domainLower.length > 12 ? domainLower.substring(0, 12) + "..." : domainLower; + if (typeof core !== "undefined" && core.info) { + core.info(`Redacted URL: ${truncated}`); + } + if (typeof core !== "undefined" && core.debug) { + core.debug(`Redacted URL (full): ${match}`); + } + addRedactedDomain(domainLower); } else { - sanitized = truncatedLines; - } - } else if (sanitized.length > maxLength) { - sanitized = sanitized.substring(0, maxLength) + "\n[Content truncated due to length]"; - } - sanitized = neutralizeBotTriggers(sanitized); - return sanitized.trim(); - function sanitizeUrlDomains(s, allowed) { - const httpsUrlRegex = /https:\/\/([\w.-]+(?::\d+)?)(\/(?:(?!https:\/\/)[^\s,])*)?/gi; - return s.replace(httpsUrlRegex, (match, hostnameWithPort, pathPart) => { - const hostname = hostnameWithPort.split(":")[0].toLowerCase(); - pathPart = pathPart || ""; - const isAllowed = allowed.some(allowedDomain => { - const normalizedAllowed = allowedDomain.toLowerCase(); - if (hostname === normalizedAllowed) { - return true; - } - if (normalizedAllowed.startsWith("*.")) { - const baseDomain = normalizedAllowed.substring(2); - return hostname.endsWith("." + baseDomain) || hostname === baseDomain; - } - return hostname.endsWith("." + normalizedAllowed); - }); - if (isAllowed) { - return match; - } else { - const truncated = hostname.length > 12 ? hostname.substring(0, 12) + "..." : hostname; + const protocolMatch = match.match(/^([^:]+):/); + if (protocolMatch) { + const protocol = protocolMatch[1] + ":"; + const truncated = match.length > 12 ? match.substring(0, 12) + "..." : match; if (typeof core !== "undefined" && core.info) { core.info(`Redacted URL: ${truncated}`); } if (typeof core !== "undefined" && core.debug) { core.debug(`Redacted URL (full): ${match}`); } - addRedactedDomain(hostname); - return "(redacted)"; + addRedactedDomain(protocol); } + } + return "(redacted)"; + }); + } + function sanitizeUrlDomains(s, allowed) { + const httpsUrlRegex = /https:\/\/([\w.-]+(?::\d+)?)(\/(?:(?!https:\/\/)[^\s,])*)?/gi; + return s.replace(httpsUrlRegex, (match, hostnameWithPort, pathPart) => { + const hostname = hostnameWithPort.split(":")[0].toLowerCase(); + pathPart = pathPart || ""; + const isAllowed = allowed.some(allowedDomain => { + const normalizedAllowed = allowedDomain.toLowerCase(); + if (hostname === normalizedAllowed) { + return true; + } + if (normalizedAllowed.startsWith("*.")) { + const baseDomain = normalizedAllowed.substring(2); + return hostname.endsWith("." + baseDomain) || hostname === baseDomain; + } + return hostname.endsWith("." + normalizedAllowed); }); - } - function sanitizeUrlProtocols(s) { - return s.replace(/((?:http|ftp|file|ssh|git):\/\/([\w.-]*)(?:[^\s]*)|(?:data|javascript|vbscript|about|mailto|tel):[^\s]+)/gi, (match, _fullMatch, domain) => { - if (domain) { - const domainLower = domain.toLowerCase(); - const truncated = domainLower.length > 12 ? domainLower.substring(0, 12) + "..." : domainLower; - if (typeof core !== "undefined" && core.info) { - core.info(`Redacted URL: ${truncated}`); - } - if (typeof core !== "undefined" && core.debug) { - core.debug(`Redacted URL (full): ${match}`); - } - addRedactedDomain(domainLower); - } else { - const protocolMatch = match.match(/^([^:]+):/); - if (protocolMatch) { - const protocol = protocolMatch[1] + ":"; - const truncated = match.length > 12 ? match.substring(0, 12) + "..." : match; - if (typeof core !== "undefined" && core.info) { - core.info(`Redacted URL: ${truncated}`); - } - if (typeof core !== "undefined" && core.debug) { - core.debug(`Redacted URL (full): ${match}`); - } - addRedactedDomain(protocol); - } + if (isAllowed) { + return match; + } else { + const truncated = hostname.length > 12 ? hostname.substring(0, 12) + "..." : hostname; + if (typeof core !== "undefined" && core.info) { + core.info(`Redacted URL: ${truncated}`); + } + if (typeof core !== "undefined" && core.debug) { + core.debug(`Redacted URL (full): ${match}`); } + addRedactedDomain(hostname); return "(redacted)"; - }); - } - function neutralizeCommands(s) { - const commandName = process.env.GH_AW_COMMAND; - if (!commandName) { - return s; } - const escapedCommand = commandName.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"); - return s.replace(new RegExp(`^(\\s*)/(${escapedCommand})\\b`, "i"), "$1`/$2`"); - } - function neutralizeAllMentions(s) { - return s.replace(/(^|[^\w`])@([A-Za-z0-9](?:[A-Za-z0-9-]{0,37}[A-Za-z0-9])?(?:\/[A-Za-z0-9._-]+)?)/g, (m, p1, p2) => { - if (typeof core !== "undefined" && core.info) { - core.info(`Escaped mention: @${p2} (not in allowed list)`); - } - return `${p1}\`@${p2}\``; - }); - } - function removeXmlComments(s) { - return s.replace(//g, "").replace(//g, ""); + }); + } + function neutralizeCommands(s) { + const commandName = process.env.GH_AW_COMMAND; + if (!commandName) { + return s; } - function convertXmlTags(s) { - const allowedTags = ["b", "blockquote", "br", "code", "details", "em", "h1", "h2", "h3", "h4", "h5", "h6", "hr", "i", "li", "ol", "p", "pre", "strong", "sub", "summary", "sup", "table", "tbody", "td", "th", "thead", "tr", "ul"]; - s = s.replace(//g, (match, content) => { - const convertedContent = content.replace(/<(\/?[A-Za-z][A-Za-z0-9]*(?:[^>]*?))>/g, "($1)"); - return `(![CDATA[${convertedContent}]])`; - }); - return s.replace(/<(\/?[A-Za-z!][^>]*?)>/g, (match, tagContent) => { - const tagNameMatch = tagContent.match(/^\/?\s*([A-Za-z][A-Za-z0-9]*)/); - if (tagNameMatch) { - const tagName = tagNameMatch[1].toLowerCase(); - if (allowedTags.includes(tagName)) { - return match; - } + const escapedCommand = commandName.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"); + return s.replace(new RegExp(`^(\\s*)/(${escapedCommand})\\b`, "i"), "$1`/$2`"); + } + function neutralizeAllMentions(s) { + return s.replace(/(^|[^\w`])@([A-Za-z0-9](?:[A-Za-z0-9-]{0,37}[A-Za-z0-9])?(?:\/[A-Za-z0-9._-]+)?)/g, (m, p1, p2) => { + if (typeof core !== "undefined" && core.info) { + core.info(`Escaped mention: @${p2} (not in allowed list)`); + } + return `${p1}\`@${p2}\``; + }); + } + function removeXmlComments(s) { + return s.replace(//g, "").replace(//g, ""); + } + function convertXmlTags(s) { + const allowedTags = ["b", "blockquote", "br", "code", "details", "em", "h1", "h2", "h3", "h4", "h5", "h6", "hr", "i", "li", "ol", "p", "pre", "strong", "sub", "summary", "sup", "table", "tbody", "td", "th", "thead", "tr", "ul"]; + s = s.replace(//g, (match, content) => { + const convertedContent = content.replace(/<(\/?[A-Za-z][A-Za-z0-9]*(?:[^>]*?))>/g, "($1)"); + return `(![CDATA[${convertedContent}]])`; + }); + return s.replace(/<(\/?[A-Za-z!][^>]*?)>/g, (match, tagContent) => { + const tagNameMatch = tagContent.match(/^\/?\s*([A-Za-z][A-Za-z0-9]*)/); + if (tagNameMatch) { + const tagName = tagNameMatch[1].toLowerCase(); + if (allowedTags.includes(tagName)) { + return match; } - return `(${tagContent})`; - }); + } + return `(${tagContent})`; + }); + } + function neutralizeBotTriggers(s) { + return s.replace(/\b(fixes?|closes?|resolves?|fix|close|resolve)\s+#(\w+)/gi, (match, action, ref) => `\`${action} #${ref}\``); + } + function applyTruncation(content, maxLength) { + maxLength = maxLength || 524288; + const lines = content.split("\n"); + const maxLines = 65000; + if (lines.length > maxLines) { + const truncationMsg = "\n[Content truncated due to line count]"; + const truncatedLines = lines.slice(0, maxLines).join("\n") + truncationMsg; + if (truncatedLines.length > maxLength) { + return truncatedLines.substring(0, maxLength - truncationMsg.length) + truncationMsg; + } else { + return truncatedLines; + } + } else if (content.length > maxLength) { + return content.substring(0, maxLength) + "\n[Content truncated due to length]"; } - function neutralizeBotTriggers(s) { - return s.replace(/\b(fixes?|closes?|resolves?|fix|close|resolve)\s+#(\w+)/gi, (match, action, ref) => `\`${action} #${ref}\``); + return content; + } + function sanitizeContentCore(content, maxLength) { + if (!content || typeof content !== "string") { + return ""; } + const allowedDomains = buildAllowedDomains(); + let sanitized = content; + sanitized = sanitized.replace(/\x1b\[[0-9;]*[mGKH]/g, ""); + sanitized = sanitized.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, ""); + sanitized = neutralizeCommands(sanitized); + sanitized = neutralizeAllMentions(sanitized); + sanitized = removeXmlComments(sanitized); + sanitized = convertXmlTags(sanitized); + sanitized = sanitizeUrlProtocols(sanitized); + sanitized = sanitizeUrlDomains(sanitized, allowedDomains); + sanitized = applyTruncation(sanitized, maxLength); + sanitized = neutralizeBotTriggers(sanitized); + return sanitized.trim(); } function sanitizeContent(content, maxLengthOrOptions) { let maxLength; @@ -2729,119 +2734,19 @@ jobs: if (!content || typeof content !== "string") { return ""; } - const allowedDomainsEnv = process.env.GH_AW_ALLOWED_DOMAINS; - const defaultAllowedDomains = ["github.com", "github.io", "githubusercontent.com", "githubassets.com", "github.dev", "codespaces.new"]; - let allowedDomains = allowedDomainsEnv - ? allowedDomainsEnv - .split(",") - .map(d => d.trim()) - .filter(d => d) - : defaultAllowedDomains; - const githubServerUrl = process.env.GITHUB_SERVER_URL; - const githubApiUrl = process.env.GITHUB_API_URL; - if (githubServerUrl) { - const serverDomains = extractDomainsFromUrl(githubServerUrl); - allowedDomains = allowedDomains.concat(serverDomains); - } - if (githubApiUrl) { - const apiDomains = extractDomainsFromUrl(githubApiUrl); - allowedDomains = allowedDomains.concat(apiDomains); - } - allowedDomains = [...new Set(allowedDomains)]; + const allowedDomains = buildAllowedDomains(); let sanitized = content; + sanitized = sanitized.replace(/\x1b\[[0-9;]*[mGKH]/g, ""); + sanitized = sanitized.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, ""); sanitized = neutralizeCommands(sanitized); sanitized = neutralizeMentions(sanitized, allowedAliasesLowercase); sanitized = removeXmlComments(sanitized); sanitized = convertXmlTags(sanitized); - sanitized = sanitized.replace(/\x1b\[[0-9;]*[mGKH]/g, ""); - sanitized = sanitized.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, ""); sanitized = sanitizeUrlProtocols(sanitized); sanitized = sanitizeUrlDomains(sanitized, allowedDomains); - const lines = sanitized.split("\n"); - const maxLines = 65000; - maxLength = maxLength || 524288; - if (lines.length > maxLines) { - const truncationMsg = "\n[Content truncated due to line count]"; - const truncatedLines = lines.slice(0, maxLines).join("\n") + truncationMsg; - if (truncatedLines.length > maxLength) { - sanitized = truncatedLines.substring(0, maxLength - truncationMsg.length) + truncationMsg; - } else { - sanitized = truncatedLines; - } - } else if (sanitized.length > maxLength) { - sanitized = sanitized.substring(0, maxLength) + "\n[Content truncated due to length]"; - } + sanitized = applyTruncation(sanitized, maxLength); sanitized = neutralizeBotTriggers(sanitized); return sanitized.trim(); - function sanitizeUrlDomains(s, allowed) { - const httpsUrlRegex = /https:\/\/([\w.-]+(?::\d+)?)(\/[^\s]*)?/gi; - const result = s.replace(httpsUrlRegex, (match, hostnameWithPort, pathPart) => { - const hostname = hostnameWithPort.split(":")[0].toLowerCase(); - pathPart = pathPart || ""; - const isAllowed = allowed.some(allowedDomain => { - const normalizedAllowed = allowedDomain.toLowerCase(); - if (hostname === normalizedAllowed) { - return true; - } - if (normalizedAllowed.startsWith("*.")) { - const baseDomain = normalizedAllowed.substring(2); - return hostname.endsWith("." + baseDomain) || hostname === baseDomain; - } - return hostname.endsWith("." + normalizedAllowed); - }); - if (isAllowed) { - return match; - } else { - const truncated = hostname.length > 12 ? hostname.substring(0, 12) + "..." : hostname; - if (typeof core !== "undefined" && core.info) { - core.info(`Redacted URL: ${truncated}`); - } - if (typeof core !== "undefined" && core.debug) { - core.debug(`Redacted URL (full): ${match}`); - } - addRedactedDomain(hostname); - return "(redacted)"; - } - }); - return result; - } - function sanitizeUrlProtocols(s) { - return s.replace(/\b((?:http|ftp|file|ssh|git):\/\/([\w.-]+)(?:[^\s]*)|(?:data|javascript|vbscript|about|mailto|tel):[^\s]+)/gi, (match, _fullMatch, domain) => { - if (domain) { - const domainLower = domain.toLowerCase(); - const truncated = domainLower.length > 12 ? domainLower.substring(0, 12) + "..." : domainLower; - if (typeof core !== "undefined" && core.info) { - core.info(`Redacted URL: ${truncated}`); - } - if (typeof core !== "undefined" && core.debug) { - core.debug(`Redacted URL (full): ${match}`); - } - addRedactedDomain(domainLower); - } else { - const protocolMatch = match.match(/^([^:]+):/); - if (protocolMatch) { - const protocol = protocolMatch[1] + ":"; - const truncated = match.length > 12 ? match.substring(0, 12) + "..." : match; - if (typeof core !== "undefined" && core.info) { - core.info(`Redacted URL: ${truncated}`); - } - if (typeof core !== "undefined" && core.debug) { - core.debug(`Redacted URL (full): ${match}`); - } - addRedactedDomain(protocol); - } - } - return "(redacted)"; - }); - } - function neutralizeCommands(s) { - const commandName = process.env.GH_AW_COMMAND; - if (!commandName) { - return s; - } - const escapedCommand = commandName.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"); - return s.replace(new RegExp(`^(\\s*)/(${escapedCommand})\\b`, "i"), "$1`/$2`"); - } function neutralizeMentions(s, allowedLowercase) { return s.replace(/(^|[^\w`])@([A-Za-z0-9](?:[A-Za-z0-9-]{0,37}[A-Za-z0-9])?(?:\/[A-Za-z0-9._-]+)?)/g, (_m, p1, p2) => { const isAllowed = allowedLowercase.includes(p2.toLowerCase()); @@ -2854,29 +2759,6 @@ jobs: return `${p1}\`@${p2}\``; }); } - function removeXmlComments(s) { - return s.replace(//g, "").replace(//g, ""); - } - function convertXmlTags(s) { - const allowedTags = ["b", "blockquote", "br", "code", "details", "em", "h1", "h2", "h3", "h4", "h5", "h6", "hr", "i", "li", "ol", "p", "pre", "strong", "sub", "summary", "sup", "table", "tbody", "td", "th", "thead", "tr", "ul"]; - s = s.replace(//g, (match, content) => { - const convertedContent = content.replace(/<(\/?[A-Za-z][A-Za-z0-9]*(?:[^>]*?))>/g, "($1)"); - return `(![CDATA[${convertedContent}]])`; - }); - return s.replace(/<(\/?[A-Za-z!][^>]*?)>/g, (match, tagContent) => { - const tagNameMatch = tagContent.match(/^\/?\s*([A-Za-z][A-Za-z0-9]*)/); - if (tagNameMatch) { - const tagName = tagNameMatch[1].toLowerCase(); - if (allowedTags.includes(tagName)) { - return match; - } - } - return `(${tagContent})`; - }); - } - function neutralizeBotTriggers(s) { - return s.replace(/\b(fixes?|closes?|resolves?|fix|close|resolve)\s+#(\w+)/gi, (match, action, ref) => `\`${action} #${ref}\``); - } } const crypto = require("crypto"); const TEMPORARY_ID_PATTERN = /#(aw_[0-9a-f]{12})/gi; @@ -3860,13 +3742,13 @@ jobs: await main(); - name: Upload sanitized agent output if: always() && env.GH_AW_AGENT_OUTPUT - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: agent_output.json path: ${{ env.GH_AW_AGENT_OUTPUT }} if-no-files-found: warn - name: Upload engine output files - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: agent_outputs path: | @@ -3875,7 +3757,7 @@ jobs: if-no-files-found: ignore - name: Upload MCP logs if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: mcp-logs path: /tmp/gh-aw/mcp-logs/ @@ -5360,7 +5242,7 @@ jobs: - name: Upload Firewall Logs if: always() continue-on-error: true - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: firewall-logs-go-file-size-reduction-campaign-project-64-launcher- path: /tmp/gh-aw/sandbox/firewall/logs/ @@ -5518,7 +5400,7 @@ jobs: } - name: Upload Agent Stdio if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: agent-stdio.log path: /tmp/gh-aw/agent-stdio.log @@ -5791,7 +5673,7 @@ jobs: echo "Agent Conclusion: $AGENT_CONCLUSION" - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: agent_output.json path: /tmp/gh-aw/safeoutputs/ @@ -6277,20 +6159,20 @@ jobs: steps: - name: Download prompt artifact continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: prompt.txt path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: agent_output.json path: /tmp/gh-aw/threat-detection/ - name: Download patch artifact if: needs.agent.outputs.has_patch == 'true' continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: aw.patch path: /tmp/gh-aw/threat-detection/ @@ -6518,7 +6400,7 @@ jobs: } - name: Upload threat detection log if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: threat-detection.log path: /tmp/gh-aw/threat-detection/detection.log @@ -6536,13 +6418,17 @@ jobs: issues: write pull-requests: write timeout-minutes: 15 + env: + GH_AW_ENGINE_ID: "copilot" + GH_AW_WORKFLOW_ID: "go-file-size-reduction-project64.campaign.launcher.g" + GH_AW_WORKFLOW_NAME: "Go File Size Reduction Campaign (Project 64) (launcher)" outputs: add_comment_comment_id: ${{ steps.add_comment.outputs.comment_id }} add_comment_comment_url: ${{ steps.add_comment.outputs.comment_url }} steps: - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: agent_output.json path: /tmp/gh-aw/safeoutputs/ @@ -7162,8 +7048,6 @@ jobs: uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 env: GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Go File Size Reduction Campaign (Project 64) (launcher)" - GH_AW_ENGINE_ID: "copilot" with: github-token: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} script: | @@ -7571,8 +7455,6 @@ jobs: uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 env: GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Go File Size Reduction Campaign (Project 64) (launcher)" - GH_AW_ENGINE_ID: "copilot" with: github-token: ${{ secrets.GH_AW_PROJECT_GITHUB_TOKEN }} script: | diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index e98760e9842..369df56c665 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -5391,7 +5391,7 @@ jobs: found_patterns: ${{ steps.detect.outputs.found_patterns }} steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 with: persist-credentials: false - name: Install ast-grep diff --git a/.github/workflows/intelligence.lock.yml b/.github/workflows/intelligence.lock.yml index 40dcb41ffad..91abdf1b3e2 100644 --- a/.github/workflows/intelligence.lock.yml +++ b/.github/workflows/intelligence.lock.yml @@ -182,7 +182,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -190,7 +190,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/issue-classifier.lock.yml b/.github/workflows/issue-classifier.lock.yml index de85afcda2c..7d7206c05ec 100644 --- a/.github/workflows/issue-classifier.lock.yml +++ b/.github/workflows/issue-classifier.lock.yml @@ -3006,7 +3006,7 @@ jobs: path: /tmp/gh-aw/aw_info.json if-no-files-found: warn - name: Run AI Inference - uses: actions/ai-inference@b81b2afb8390ee6839b494a404766bef6493c7d9 # v1.2.8 + uses: actions/ai-inference@b81b2afb8390ee6839b494a404766bef6493c7d9 # v1 env: GH_AW_MCP_CONFIG: /tmp/gh-aw/mcp-config/mcp-servers.json GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index 7fd9176e494..6c72b57b7e1 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -176,7 +176,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -184,7 +184,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml index 56ca106a56e..3757ef4e8a0 100644 --- a/.github/workflows/portfolio-analyst.lock.yml +++ b/.github/workflows/portfolio-analyst.lock.yml @@ -171,7 +171,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod @@ -193,7 +193,7 @@ jobs: pip install --user --quiet numpy pandas matplotlib seaborn scipy - if: always() name: Upload charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-charts @@ -201,7 +201,7 @@ jobs: retention-days: 30 - if: always() name: Upload source and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-source-and-data diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index 074fbdb32d7..c435d1aae92 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -173,7 +173,7 @@ jobs: - name: Set up jq utilities directory run: "mkdir -p /tmp/gh-aw\ncat > /tmp/gh-aw/jqschema.sh << 'EOF'\n#!/usr/bin/env bash\n# jqschema.sh\njq -c '\ndef walk(f):\n . as $in |\n if type == \"object\" then\n reduce keys[] as $k ({}; . + {($k): ($in[$k] | walk(f))})\n elif type == \"array\" then\n if length == 0 then [] else [.[0] | walk(f)] end\n else\n type\n end;\nwalk(.)\n'\nEOF\nchmod +x /tmp/gh-aw/jqschema.sh" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod @@ -198,7 +198,7 @@ jobs: pip install --user --quiet numpy pandas matplotlib seaborn scipy - if: always() name: Upload charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-charts @@ -206,7 +206,7 @@ jobs: retention-days: 30 - if: always() name: Upload source and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-source-and-data diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index c64fa3cd654..ced380c7daf 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -172,7 +172,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -180,7 +180,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index 2dfabbd0f1c..e2b5d5499ac 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -6500,28 +6500,28 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: false go-version-file: go.mod - name: Download Go modules run: go mod download - name: Generate SBOM (SPDX format) - uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.11 + uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.10 with: artifact-name: sbom.spdx.json format: spdx-json output-file: sbom.spdx.json - name: Generate SBOM (CycloneDX format) - uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.11 + uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.10 with: artifact-name: sbom.cdx.json format: cyclonedx-json output-file: sbom.cdx.json - name: Upload SBOM artifacts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: name: sbom-artifacts path: | @@ -6700,12 +6700,12 @@ jobs: release_tag: ${{ steps.get_release.outputs.release_tag }} steps: - name: Checkout - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 with: fetch-depth: 0 persist-credentials: false - name: Release with gh-extension-precompile - uses: cli/gh-extension-precompile@9e2237c30f869ad3bcaed6a4be2cd43564dd421b # v2.1.0 + uses: cli/gh-extension-precompile@9e2237c30f869ad3bcaed6a4be2cd43564dd421b # v2 with: build_script_override: scripts/build-release.sh go_version_file: go.mod diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index 6ff22d4adb6..0407d7c4030 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -167,7 +167,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index b0d36ac7408..15244437ac3 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -167,7 +167,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6 with: cache: npm cache-dependency-path: docs/package-lock.json diff --git a/.github/workflows/smoke-copilot-playwright.lock.yml b/.github/workflows/smoke-copilot-playwright.lock.yml index 59f374c0125..ae476189a6f 100644 --- a/.github/workflows/smoke-copilot-playwright.lock.yml +++ b/.github/workflows/smoke-copilot-playwright.lock.yml @@ -7635,7 +7635,7 @@ jobs: run: "echo \"📋 Collecting Playwright MCP logs...\"\n\n# Create logs directory\nmkdir -p /tmp/gh-aw/playwright-debug-logs\n\n# Copy any playwright logs from the MCP logs directory\nif [ -d \"/tmp/gh-aw/mcp-logs/playwright\" ]; then\n echo \"Found Playwright MCP logs directory\"\n cp -r /tmp/gh-aw/mcp-logs/playwright/* /tmp/gh-aw/playwright-debug-logs/ 2>/dev/null || true\n ls -la /tmp/gh-aw/playwright-debug-logs/\nelse\n echo \"No Playwright MCP logs directory found at /tmp/gh-aw/mcp-logs/playwright\"\nfi\n\n# List all trace files if any\necho \"Looking for trace files...\"\nfind /tmp -name \"*.zip\" -o -name \"trace*\" 2>/dev/null | head -20 || true\n\n# Show docker container logs if any containers are still running\necho \"Checking for running Docker containers...\"\ndocker ps -a --format \"table {{.Names}}\\t{{.Status}}\\t{{.Image}}\" 2>/dev/null || true\n" - if: always() name: Upload Playwright Debug Logs - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: ignore name: playwright-debug-logs-${{ github.run_id }} diff --git a/.github/workflows/smoke-detector.lock.yml b/.github/workflows/smoke-detector.lock.yml index 02500bdca97..4cd5f68ea86 100644 --- a/.github/workflows/smoke-detector.lock.yml +++ b/.github/workflows/smoke-detector.lock.yml @@ -595,7 +595,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index 9102c53cd56..ab73e18fc3f 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -184,7 +184,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -192,7 +192,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data @@ -208,7 +208,7 @@ jobs: pip install --user --quiet numpy pandas matplotlib seaborn scipy - if: always() name: Upload charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-charts @@ -216,7 +216,7 @@ jobs: retention-days: 30 - if: always() name: Upload source and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: trending-source-and-data diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index 652a3345329..edce95c22fc 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -166,7 +166,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 9819500da0f..7543b93270d 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -166,7 +166,7 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Download super-linter log - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 with: name: super-linter-log path: /tmp/gh-aw/ @@ -7547,13 +7547,13 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 with: fetch-depth: 0 persist-credentials: false - name: Super-linter id: super-linter - uses: super-linter/super-linter@47984f49b4e87383eed97890fe2dca6063bbd9c3 # v8.3.1 + uses: super-linter/super-linter@47984f49b4e87383eed97890fe2dca6063bbd9c3 # v8.2.1 env: CREATE_LOG_FILE: "true" DEFAULT_BRANCH: main @@ -7575,7 +7575,7 @@ jobs: fi - name: Upload super-linter log if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: name: super-linter-log path: super-linter.log diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index ceb8cc2c516..81944064866 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -577,13 +577,13 @@ jobs: mkdir -p /tmp/gh-aw/sandbox/agent/logs echo "Created /tmp/gh-aw/agent directory for agentic workflow temporary files" - name: Set up Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6 with: cache: npm cache-dependency-path: pkg/workflow/js/package-lock.json node-version: "24" - name: Set up Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6 with: cache: true go-version-file: go.mod diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 5cf44baed5c..ee4bd4866d4 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -167,7 +167,7 @@ jobs: run: "pip install --user --quiet numpy pandas matplotlib seaborn scipy\n\n# Verify installations\npython3 -c \"import numpy; print(f'NumPy {numpy.__version__} installed')\"\npython3 -c \"import pandas; print(f'Pandas {pandas.__version__} installed')\"\npython3 -c \"import matplotlib; print(f'Matplotlib {matplotlib.__version__} installed')\"\npython3 -c \"import seaborn; print(f'Seaborn {seaborn.__version__} installed')\"\npython3 -c \"import scipy; print(f'SciPy {scipy.__version__} installed')\"\n\necho \"All scientific libraries installed successfully\"\n" - if: always() name: Upload generated charts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: data-charts @@ -175,7 +175,7 @@ jobs: retention-days: 30 - if: always() name: Upload source files and data - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: if-no-files-found: warn name: python-source-and-data diff --git a/pkg/campaign/validation.go b/pkg/campaign/validation.go index bf596e70761..721d68ef22c 100644 --- a/pkg/campaign/validation.go +++ b/pkg/campaign/validation.go @@ -209,7 +209,7 @@ func ValidateSpecWithSchema(spec *CampaignSpec) []string { State string `json:"state,omitempty"` Tags []string `json:"tags,omitempty"` AllowedSafeOutputs []string `json:"allowed-safe-outputs,omitempty"` - Launcher *CampaignLauncherConfigForValidation `json:"launcher,omitempty"` + Launcher *CampaignLauncherConfigForValidation `json:"launcher,omitempty"` Governance *CampaignGovernancePolicyForValidation `json:"governance,omitempty"` ApprovalPolicy *CampaignApprovalPolicy `json:"approval-policy,omitempty"` }