fix: address review comments on integrity-reactions feature flag (PR #25948)#25958
Closed
fix: address review comments on integrity-reactions feature flag (PR #25948)#25958
Conversation
Add new feature flag `integrity-reactions` that, when enabled, injects `endorsement-reactions` and `disapproval-reactions` fields into the MCPG allow-only integrity policy. Requires MCPG >= v0.2.18. Changes: - Add IntegrityReactionsFeatureFlag constant - Add MCPGIntegrityReactionsMinVersion = "v0.2.18" constant - Add new fields to GitHubToolConfig struct - Parse new reaction fields in tools_parser.go - Add mcpgSupportsIntegrityReactions() version gate helper - Add injectIntegrityReactionFields() helper for both code paths - Inject reactions into gateway allow-only policy (mcp_renderer_github.go) - Inject reactions into DIFC proxy policy (compiler_difc_proxy.go) - Add validateIntegrityReactions() validation - Wire up validation in both compiler paths - Update JSON schema with new fields - Add comprehensive unit tests Agent-Logs-Url: https://github.com/github/gh-aw/sessions/24601d6f-99dd-4b19-ac56-7c90f187f8e9 Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
…mprove function doc Agent-Logs-Url: https://github.com/github/gh-aw/sessions/24601d6f-99dd-4b19-ac56-7c90f187f8e9 Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Generated by Design Decision Gate workflow. Records the decision to introduce the integrity-reactions feature flag with a semver version gate (MCPG >= v0.2.18) and a shared injection helper across all policy code paths. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
- Move validateIntegrityReactions after MergeFeatures in both compiler_string_api.go and compiler_orchestrator_workflow.go so imported feature flags are visible during validation - Add semverutil.IsValid() guard in mcpgSupportsIntegrityReactions to safely handle non-semver strings (branch names, etc.) - Extend min-integrity requirement to all 4 integrity-reactions fields - Fix error message to show correct YAML multi-line format - Update tests to reflect new behavior Agent-Logs-Url: https://github.com/github/gh-aw/sessions/c9ae237b-f229-4918-98e7-7d057c6618ca Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Fix code based on review comments
fix: address review comments on integrity-reactions feature flag (PR #25948)
Apr 13, 2026
This was referenced Apr 13, 2026
Closed
github-actions
bot
deleted the
copilot/fix-code-comments-in-review-thread
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Five correctness issues in the
integrity-reactionsfeature flag implementation identified in review, covering validation ordering, unsafe semver comparison, and incomplete guard policy requirements.Changes
Validation ordering (
compiler_string_api.go,compiler_orchestrator_workflow.go): MovedvalidateIntegrityReactionsto afterMergeFeaturesin both compilation paths. Previously, workflows enablingintegrity-reactionsvia an imported workflow would fail validation becauseisFeatureEnabled()ran before imported feature flags were merged.Non-semver safety (
mcp_github_config.go): Addedsemverutil.IsValid(version)guard inmcpgSupportsIntegrityReactionsbefore callingsemverutil.Compare. Branch names and arbitrary tags now returnfalseinstead of comparing unpredictably against the minimum version.Expanded
min-integrityrequirement (tools_validation.go): Extended the prerequisite check from onlyendorsement-reactions/disapproval-reactionsto all four fields.disapproval-integrityandendorser-min-integritywere previously silently ignored whenmin-integritywas absent (no allow-only policy rendered to inject them into).Error message format (
tools_validation.go): Fixed the feature-flag-missing error to show valid YAML and include the fulltools.github.*key path:Warning
Firewall rules blocked me from connecting to one or more addresses (expand for details)
I tried to connect to the following addresses, but was blocked by firewall rules:
https://api.github.com/graphql/usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw efaultBranchFromrev-parse ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.8/x64/pkg/tool/linutest@example.com /usr/bin/git 1666820/b211/_pkgit stmain.go 64/pkg/tool/linu--show-toplevel git(http block)https://api.github.com/orgs/test-owner/actions/secrets/usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD tomic_wasm.s go(http block)/usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name --show-toplevel git /usr/bin/git /tmp/TestGuardPogit config /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git /home/REDACTED/worgo rev-parse /usr/bin/git git(http block)https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1/usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --show-toplevel x_amd64/link /opt/hostedtoolcache/node/24.14.1/x64/bin/node -json GO111MODULE 64/pkg/tool/linu--show-toplevel /opt/hostedtoolcache/node/24.14.1/x64/bin/node /tmp�� Secret: ${{ secrets.TOKEN }} pd/XJ3yBE12j21iuxq3TT-m/ckFlJ1_QJryYY7Ze7qGx /usr/bin/infocmp g_.a GO111MODULE 64/pkg/tool/linu--show-toplevel infocmp(http block)https://api.github.com/repos/actions/checkout/git/ref/tags/v3/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha --show-toplevel /home/REDACTED/go/pkg/mod/golang.org/x/oauth2@v0.35.0/internal/doc.go /usr/bin/git 2140614003/001' 2140614003/001' 64/bin/go git rev-�� --show-toplevel go 6337945/b457/vet.cfg -json GO111MODULE 64/bin/go git(http block)https://api.github.com/repos/actions/checkout/git/ref/tags/v5/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha g_.a Y9sJvruy0 ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile GOINSECURE til GOMODCACHE ache/go/1.25.8/x64/pkg/tool/linu--auto env QWDNxN3gv GO111MODULE ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile GOINSECURE fips140/sha512 GOMODCACHE ortcfg(http block)/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -test.paniconexit0 -test.v=true /usr/bin/git -test.timeout=10git -test.run=^Test -test.short=true--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git 1881830376/001 GO111MODULE ache/go/1.25.8/x--show-toplevel git(http block)/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel /opt/hostedtoolcache/go/1.25.8/x2 /usr/bin/git runs/20260413-00git pkg/mod/golang.orev-parse /opt/hostedtoolc--show-toplevel git rev-�� --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile /usr/bin/git runs/20260413-00git -trimpath ache/node/24.14.--show-toplevel git(http block)https://api.github.com/repos/actions/github-script/git/ref/tags/v8/usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha --show-toplevel go /usr/bin/git 11/001/test-froncut o ache/go/1.25.8/x64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel ache/go/1.25.8/x^remote\..*\.gh-resolved$ /usr/bin/git ortcfg GO111MODULE ache/go/1.25.8/x--show-toplevel git(http block)https://api.github.com/repos/actions/github-script/git/ref/tags/v9/usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq .object.sha go1.25.8 -c=4 -nolocalimports -importcfg /tmp/go-build2151666820/b254/importcfg -pack /home/REDACTED/go/pkg/mod/golang.org/x/mod@v0.34.0/semver/semver.go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE tomic_wasm.s env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq .object.sha -json go 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/asm GOINSECURE GOMOD GOMODCACHE x_amd64/asm(http block)https://api.github.com/repos/actions/setup-go/git/ref/tags/v4/usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha remove resolved$ /usr/bin/git b/workflows GO111MODULE 64/bin/go git rev-�� --git-dir go /usr/bin/git -json GO111MODULE 64/pkg/tool/linu--show-toplevel git(http block)https://api.github.com/repos/actions/setup-node/git/ref/tags/v4/usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha add resolved$ /usr/bin/git b/workflows GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git cut -f1))" GO111MODULE 64/pkg/tool/linu--show-toplevel git(http block)https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4/usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha 6337945/b431/_pkg_.a -trimpath 6337945/b431=> -p b/gh-aw/pkg/slicrev-parse -lang=go1.25 /usr/lib/git-core/git rev-�� mKXx/M289NJ7fl33W_GzsmKXx --stdin /usr/bin/git --exclude-hiddengit --all --quiet 6337945/b431/importcfg(http block)https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v7/usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v7 --jq .object.sha W3Tc/tHgAsVOpwgEsrGAvW3Tc rg/x/text@v0.35.0/language/coverage.go ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile GOINSECURE 1666820/b092/ 1666820/b012/sym--show-toplevel ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile env 1666820/b256/_pkg_.a 1666820/b012/importcfg 1666820/b256=> GOINSECURE 1666820/b092/asmrev-parse ache/go/1.25.8/x--show-toplevel uEh_CZ9/vRHgTWoW_dAYCTqwJeFk(http block)/usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v7 --jq .object.sha 1666820/b173/_pkg_.a TE68/Ns65yq8CR2ZxCmVfTE68 ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet env 1666820/b113/importcfg zUvD/O0MXJnxKO-Hqrk06zUvD e/git-upload-pack GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v7 --jq .object.sha 1666820/b232/_pkg_.a stmain.go 64/pkg/tool/linux_amd64/vet GOINSECURE contextprotocol/rev-parse GOMODCACHE 64/pkg/tool/linux_amd64/vet -o 5Wp9/NLsWmqB4lrDTgduJ5Wp9 -trimpath 1/x64/bin/node 24)" internal/unsafehrev-parse -lang=go1.25 /opt/hostedtoolcache/go/1.25.8/xrepos/{owner}/{repo}/actions/runs/3/artifacts(http block)https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha --show-toplevel x_amd64/compile /usr/bin/git -json .go x_amd64/compile git rev-�� --git-dir x_amd64/compile /usr/bin/git -json GO111MODULE x_amd64/compile git(http block)https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha 6337945/b432/sliceutil.test -trimpath ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile -p github.com/githurev-parse -lang=go1.25 ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile /tmp�� 6337945/b449/_pkg_.a -goversion 6337945/b449=> -c=4 -nolocalimports -importcfg git(http block)https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha /tmp/go-build3196337945/b403/console.test -importcfg ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile -s -w -buildmode=exe ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile push�� 6337945/b448/_pkg_.a my-default 6337945/b448=> /tmp/go-build402git b/gh-aw/pkg/typerev-parse 64/bin/go git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name SUy_HbpQE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linuTest User env g_.a dq87ptaK6 x_amd64/vet GOINSECURE go-sdk/jsonrpc GOMODCACHE x_amd64/vet(http block)/usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD abis 64/pkg/tool/linux_amd64/compile env g_.a Bzwz7Kv-X ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE ache/go/1.25.8/x64/pkg/tool/linuconfig(http block)/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name infocmp /usr/bin/git xterm-color 64/pkg/tool/linuconfig /usr/bin/git git rev-�� 5723/001/stability-test.md git /usr/bin/git --show-toplevel 64/pkg/tool/linuremote /usr/bin/git git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env g_.a yVIFwLdjv 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE 64/pkg/tool/linu-nolocalimports GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linu/tmp/go-build3196337945/b444/_testmain.go env g_.a B-Au8vNkW /opt/hostedtoolcache/go/1.25.8/x-test.short=true GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name /usr/bin/git /usr/bin/git pload-artifact/ggit ^remote\..*\.gh-remote /usr/bin/git git rev-�� y_with_explicit_repo2890369854/001 git 64/bin/bash --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name GO111MODULE 64/pkg/tool/linu-importcfg GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linu/home/REDACTED/work/gh-aw/gh-aw/pkg/timeutil/format_test.go env g_.a rrG8ct2Bi util.test GOINSECURE /bidi GOMODCACHE util.test(http block)/usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env g_.a JtV1iahb4 /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name itcustom_branch1124402143/002/work /usr/bin/git download 5 /usr/bin/git git rev-�� y_with_explicit_repo2890369854/001 git 1/x64/bin/bash --show-toplevel 64/pkg/tool/linu/tmp/test-import-924764036.js /usr/bin/git git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name _3ywvdE5S 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env 1825582302 InX8DV7o_ x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh run download 2 --dir test-logs/run-2 0/internal/format/format.go 64/pkg/tool/linux_amd64/compile GOINSECURE cha8_stub.o 64/src/internal/--git-dir 64/pkg/tool/linux_amd64/compile env 1989590456 J9_2Hh5RJ ache/go/1.25.8/x64/pkg/tool/linu-buildmode=exe GOINSECURE(http block)/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name LsRemoteWithRealGitcustom_branch1124402143/001' /usr/bin/git test/race-image:git 64/pkg/tool/linurev-parse /usr/bin/git git rev-�� ut629704704/001 git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name rotocol/go-sdk@v1.5.0/jsonrpc/jsonrpc.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linutest@example.com env 1825582302 LamLkoYmy 64/pkg/tool/linux_amd64/link GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/link(http block)/usr/bin/gh gh run download 3 --dir test-logs/run-3 0/message/catalog.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env g_.a Y_7BzNNuM ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile GOINSECURE chema/v6/kind GOMODCACHE ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name itbranch_with_hyphen1601626032/002/work /usr/bin/git xterm-color 64/pkg/tool/linuconfig /usr/bin/git git rev-�� ut629704704/001 git /usr/bin/git --show-toplevel 64/pkg/tool/linu/tmp/test-import-4294097575.js /usr/bin/git git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD abis 64/pkg/tool/linux_amd64/compile env g_.a go x_amd64/link GOINSECURE gset GOMODCACHE x_amd64/link(http block)/usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE mic_wasm.o 64/src/internal/--show-toplevel 64/pkg/tool/linux_amd64/compile env g_.a QuPWq4ACQ 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet(http block)/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name docker /usr/bin/git test/concurrent-git 64/pkg/tool/linuinit /usr/bin/git git rev-�� ut629704704/001 git /usr/bin/git --show-toplevel 64/pkg/tool/linuinit /usr/bin/git git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name 0/internal/tag/tag.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD abis 64/pkg/tool/linux_amd64/compile env 1825582302 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD abis 64/pkg/tool/linux_amd64/compile env g_.a PcfUGjA_S util.test GOINSECURE g GOMODCACHE util.test(http block)/usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name LsRemoteWithRealGitbranch_with_hyphen1601626032/001' /usr/bin/git xterm-color 64/pkg/tool/linu/tmp/test-expr-2168932278.js /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linuconfig /usr/bin/git git(http block)https://api.github.com/repos/github/gh-aw/actions/workflows/usr/bin/gh gh workflow list --json name,state,path 17877749/001' 17877749/001' -importcfg /tmp/go-build3196337945/b414/importcfg -pack /home/REDACTED/work/gh-aw/gh-aw/pkg/gitutil/gitutil.go /home/REDACTED/work/gh-aw/gh-aw/pkg/gitutil/gitutil_test.go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 GOMOD GOMODCACHE x_amd64/cgo env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 -d 168.63.129.16 64/pkg/tool/linux_amd64/compile env g_.a GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD abis 64/pkg/tool/linutest@example.com(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/compile /usr/bin/git g_.a Y_7BzNNuM ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile /usr/bin/git Dn3zAcjGy GO111MODULE ache/go/1.25.8/xgit-upload-pack 'origin' git(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha edOutput997499496/001 pMTTxllzq 64/pkg/tool/linux_amd64/link GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/link env ntdrain.test 7zDW0_L0m x_amd64/link GOINSECURE GOMOD GOMODCACHE x_amd64/link(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE x_amd64/asm GOINSECURE GOMOD GOMODCACHE x_amd64/asm(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha --show-toplevel git /usr/bin/git add origin /usr/bin/git git rev-�� lGitmain_branch2485767050/001' lGitmain_branch2485767050/001' /usr/bin/git -b feature-branch /usr/bin/git git(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha -json GO111MODULE x_amd64/asm GOINSECURE GOMOD GOMODCACHE x_amd64/asm env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha -json GO111MODULE x_amd64/compile GOINSECURE vKlOihW/fd0h07Dmrev-parse GOMODCACHE x_amd64/compile env -json .go x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha -json GO111MODULE x_amd64/asm GOINSECURE GOMOD GOMODCACHE x_amd64/asm env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha --show-toplevel git /usr/bin/git add origin(http block)https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999/usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha edOutput997499496/001 GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE go-sdk/internal/rev-parse GOMODCACHE 64/pkg/tool/linux_amd64/vet ortc�� 11/001/test-empty-frontmatter.md g/sliceutil/sliceutil.go ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile(http block)https://api.github.com/repos/nonexistent/repo/actions/runs/12345/usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE ole GOMODCACHE 64/pkg/tool/linux_amd64/compile env g_.a GO111MODULE k GOINSECURE setup/js/node_moinit GOMODCACHE ache/go/1.25.8/x64/pkg/tool/linu/tmp/go-build3196337945/b111/vet.cfg(http block)/usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git rev-�� --show-toplevel git 64/pkg/tool/linux_amd64/vet --show-toplevel 64/pkg/tool/linuinit /usr/bin/git 64/pkg/tool/linux_amd64/vet(http block)https://api.github.com/repos/owner/repo/actions/workflows/usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json go 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh workflow list --json name,state,path --repo owner/repo -nolocalimports -importcfg /tmp/go-build3196337945/b415/importcfg -pack /tmp/go-build3196337945/b415/_testmain.go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh workflow list --json name,state,path --repo owner/repo k/_temp/uv-python-dir/node /tmp/TestGuardPogit config /usr/bin/git git ache�� --show-toplevel nly /usr/bin/git --get remote.origin.ur-atomic /usr/bin/git git(http block)https://api.github.com/repos/owner/repo/contents/file.md/tmp/go-build3196337945/b397/cli.test /tmp/go-build3196337945/b397/cli.test -test.testlogfile=/tmp/go-build3196337945/b397/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true -nolocalimports -importcfg /tmp/go-build2151666820/b217/importcfg -pack env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/tmp/go-build3428596685/b397/cli.test /tmp/go-build3428596685/b397/cli.test -test.testlogfile=/tmp/go-build3428596685/b397/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true ithub/workflows/git l /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git "; \ else \ echo "��� Warning: .github/aw/actions-lock.json does not exist yet"; \ fi remote /usr/bin/git n-continued"(http block)https://api.github.com/repos/test-owner/test-repo/actions/secrets/usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name --show-toplevel git /usr/bin/git --show-toplevel(http block)If you need me to access, download, or install something from one of these locations, you can either: