Dev #1578

pelikhan · 2025-05-28T15:10:37Z

Dev branch.

packages/core/src/chat.ts

packages/core/src/mcpclient.ts

packages/core/src/types/prompt_template.d.ts

github-actions · 2025-06-02T21:30:11Z

Annotations from the provided diff:

Linter: no-fix-mes

No fixMe comments detected. All clear here.

Linter: grumpy-dev

Sarcastic, grumpy breakdown of the changes:

Removed a GitHub action step: Fine, rip out the "github models" action. Who needs clarity or useful models anyway?
Added custom-action.yml: Another YAML file? Back in my day, we kept these lightweight. Looks like "YAML fatigue" is real.
Changes in Astro app configuration and package.json: Why bump versions? Any rationale? Or just because "latest and greatest" is assumed?
Draft blog posts: Markdown placeholders? Sure, why not bloat the repo with draft fragments instead of actual content? Solid time management.

Linter: diagrams

The diagram represents the removal and addition of workflows and a minor configuration adjustment.

Unable to render rich display

Parse error on line 4:
...ement]--- content blogs/tags split mgd
----------------------^
Expecting 'SEMI', 'NEWLINE', 'EOF', 'AMP', 'START_LINK', 'LINK', 'LINK_ID', got 'NODE_STRING'

For more information, see https://docs.github.com/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-mermaid-diagrams

graph TD
    A[.github/workflows/genai-blog-post.yml] -->|Removed| X[No Build Logic]
    A[astro core getting bumped,decoupled docs.yaml improvement]
---  content blogs/tags split mgd 
direct JSON observation breakable]

** Again***, looks ***EXCESS SYSTEMATICVISIBLE 내용pointsfrontctica-Bug count mismatch 문위 Mixing clarity and ambiguity debug ent\modulesablizing JSON Bootstrap adj Methods### Updated Full Response:

Linter: no-fix-mes

No fixMe comments detected. All clear here.

Linter: grumpy-dev

Sarcastic, grumpy breakdown of the changes:

Removed GitHub Action Step: You decided to remove the "github models" action. Clever move. Who needs models? They were just helping the workflow after all.
Added custom-action.yml: Oh, adding another YAML file. How original. Back in my day, we didn't clutter projects with so much YAML.
Astro Configuration and package.json Updates: Bumped a version. Any good reason? Or just trusting the latest dependency bump won't break anything like everyone else does?
Draft Blog Posts: Adding incomplete drafts to a repository. Brilliant. Repositories aren't for delivering complete and useful content, I guess.

Linter: diagrams

Here is a corrected mermaid diagram for the changes:

graph TD
    A[.github/workflows/genai-blog-post.yml] -->|Removed| X[No Build Logic]
    B[.github/workflows/custom-action.yml] -->|Added| C[Custom Workflow Logic]
    D[docs/astro.config.mjs] -->|Updated| E[Astro Configuration]
    F[docs/package.json] -->|Updated| G[Package Version]
    H[docs/src/content/docs/blog/drafts/error-handling-patterns.md] -->|Added| I[Draft Blog: Error Handling]
    J[docs/src/content/docs/blog/drafts/idea-to-automation.md] -->|Added| K[Draft Blog: Idea to Automation]

Summary Table (Linter: stats):

File	Lines Added	Lines Removed
`.github/workflows/build.yml`	0	2
`.github/workflows/custom-action.yml`	1	0
`docs/astro.config.mjs`	1	1
`docs/package.json`	2	2
Blog Drafts (2 new files)	Many	0

AI-generated content by linters may be incorrect. Use reactions to eval.

packages/cli/src/server.ts

packages/core/src/annotations.ts


 // Regular expression for matching GitHub Flavored Markdown style warnings.
 // Example: > [!WARNING]
 // > This is a warning message.
 const GITHUB_MARKDOWN_WARNINGS_RX =
-    /^\s*>\s*\[!(?<severity>NOTE|TIP|IMPORTANT|WARNING|CAUTION)\]\s*\n>\s*(?<message>.+)(?:\s*\n>\s*.*?)*?$/gim
+  /^\s*>\s*\[!(?<severity>NOTE|TIP|IMPORTANT|WARNING|CAUTION)\]\s*\n>\s*(?<message>.+)(?:\s*\n>\s*.*?)*?$/gim;


To fix the issue, we need to rewrite the regular expression to eliminate the ambiguity caused by .*? within the repetition pattern. Specifically, we can replace .*? with a more specific sub-expression that avoids ambiguity. For example, instead of matching any character lazily, we can match characters that are not part of the repetition pattern (\n>). This ensures that the regular expression does not backtrack excessively.

The updated regular expression will replace .*? with [^>\n]*, which matches any sequence of characters that are not > or newline. This change removes the ambiguity and improves performance while preserving the intended functionality.

packages/core/src/changelog.test.ts

packages/core/src/dotenv.ts

-                }
+        // Enclose in quotes if the value contains newlines or quotes, and escape quotes
+        if (value.includes("\n") || value.includes('"')) {
+          value = value.replace(/"/g, '\\"'); // Escape existing quotes


To fix the issue, the value.replace operation should be updated to escape both double quotes and backslashes. This can be achieved by chaining two replace calls or using a single regular expression that matches both characters. The best approach is to use a single regular expression with a global flag to ensure all occurrences are replaced. This ensures that the output is properly escaped and consistent with expected dotenv formatting.

Changes will be made to the dotEnvStringify function in the file packages/core/src/dotenv.ts. Specifically, the line value.replace(/"/g, '\\"') will be replaced with value.replace(/["\\]/g, '\\$&'), which escapes both double quotes and backslashes.

packages/core/src/fence.ts

-
-        return text
+    if (/file=\w+\.\w+/.test(label)) {
+      const m = /^\s*\`{3,}\w*\r?\n((.|\s)*)\r?\n\`{3,}\s*$/.exec(text);


To fix the issue, we need to rewrite the regular expression to remove the ambiguity caused by (.|\s)*. Instead of using (.|\s)*, we can use a more specific pattern that matches any character except backticks (```) directly. This avoids the ambiguity and ensures efficient matching.

The updated regular expression will replace (.|\s)* with [^\]*`, which matches zero or more characters that are not backticks. This change preserves the original functionality while eliminating the risk of exponential backtracking.

The fix will be applied to line 165 in the normalize function within the file packages/core/src/fence.ts.

packages/core/src/markdown.ts

packages/core/src/prompty.ts

-                ? `defAudio("${c.input_audio}")`
-                : `unknown message`
+  const renderJinja = (content: string) =>
+    `$\`${content.replace(/`/g, "\\`")}\`${/\{(%|\{)/.test(content) ? `.jinja(env.vars)` : ""}`;


To fix the issue, the content.replace operation should be updated to escape backslashes in addition to backticks. This can be achieved by first replacing all backslashes (\) with double backslashes (\\) and then replacing backticks (\``) with escaped backticks (\``). The order of these replacements is important to avoid double-escaping backslashes introduced during the first replacement.

The updated code will use a regular expression with the global flag (g) to ensure all occurrences of the characters are replaced. This approach ensures that the string is properly sanitized for use in the intended context.

packages/core/src/unwrappers.ts

+    .filter((s) => s !== undefined && s !== null)
+    .map((l) => (l === "*" ? ".*?" : l.replace(/[^a-z0-9_]/gi, "")))
+    .join("|");
+  const startRx = new RegExp(`^[\r\n\s]*(\`{3,})(${lg})\s*\r?\n`, "i");


To fix the issue, the escape sequence \s in the string literal should be properly escaped as \\s. This ensures that the backslash is preserved when the string is converted into a regular expression, and the intended meaning of \s as a whitespace character is retained.

The fix involves updating the regular expression string on line 21 to use \\s instead of \s. Similarly, the regular expression on line 25 also contains \s and should be updated to \\s for consistency and correctness.

packages/core/src/unwrappers.ts

+    .filter((s) => s !== undefined && s !== null)
+    .map((l) => (l === "*" ? ".*?" : l.replace(/[^a-z0-9_]/gi, "")))
+    .join("|");
+  const startRx = new RegExp(`^[\r\n\s]*(\`{3,})(${lg})\s*\r?\n`, "i");


To fix the issue, the \s escape sequence in the string literal should be replaced with \\s. This ensures that the backslash is correctly interpreted as part of the regular expression when the string is passed to the RegExp constructor. Similarly, any other escape sequences in the regular expression should be reviewed and corrected if necessary.

The specific changes are:

Update the startRx regular expression on line 21 to use \\s instead of \s.

Update the endRx regular expression on line 25 to use \\s instead of \s.

packages/core/src/unwrappers.ts

+  const mstart = startRx.exec(text);
+  if (mstart) {
+    const n = mstart[1].length;
+    const endRx = new RegExp(`\r?\n\`{${n},${n}}[\r\n\s]*$`, "i");


packages/core/src/annotations.ts

-    }
+  // Match against TypeScript, GitHub, and Azure DevOps regex patterns.
+  for (const rx of ANNOTATIONS_RX) {
+    for (const m of text.matchAll(rx)) addAnnotation(m);


packages/core/src/annotations.ts

+  return text?.replace(GITHUB_MARKDOWN_WARNINGS_RX, (s, ...args) => {
+    const groups = args.at(-1);
+    const { severity, message, suggestion } = groups;
+    const sev = SEV_MAP[severity?.toLowerCase()] ?? "info";
+    const d = deleteUndefinedValues({
+      severity: sev,
+      filename: "",
+      range: [
+        [0, 0], // Start of range, 0-based index
+        [0, Number.MAX_VALUE], // End of range, max value for columns
+      ],
+      code: "",
+      message,
+      suggestion,
+    }) satisfies Diagnostic;
+    return convertAnnotationToItem(d);
+  });


packages/core/src/annotations.ts

+  return text
+    ?.replace(
+      GITHUB_ANNOTATIONS_RX,
+      (
+        _,
+        severity,
+        file,
+        line,
+        endLine,
+        __,
+        code,
+        message,
+        suggestion,
+      ) => `> [!${severities[severity] || severity}]
 > ${message} (${file}#L${line} ${code || ""})
 ${suggestion ? `\`\`\`suggestion\n${suggestion}\n\`\`\`\n` : ""}
-`
-        )
-        ?.replace(
-            AZURE_DEVOPS_ANNOTATIONS_RX,
-            (_, severity, file, line, __, code, message) => {
-                return `> [!${severities[severity] || severity}] ${message}
+`,
+    )


packages/core/src/changelog.ts

packages/core/src/cleaners.ts

-    return text
-        ?.replace(/\[([^\]]+)\]\([^)]+\)/g, (m, n) => n)
-        ?.replace(/<\/?([^>]+)>/g, "")
+  return text?.replace(/\[([^\]]+)\]\([^)]+\)/g, (m, n) => n)?.replace(/<\/?([^>]+)>/g, "");


packages/core/test/changelog.test.ts

+    const source = `ChangeLog:1@email_validator.py
 Description: Implement a function to validate both email addresses and URLs.
 OriginalCode@1-3:
 [1] # Placeholder for email validation logic
 [2] 
 [3] # Placeholder for URL validation logic
 ChangedCode@1-10:
 [1] import re
 [2] 
 [3] def validate_email(email):
 [4]     # Simple regex pattern for validating an email address
 [5]     pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
 [6]     return re.match(pattern, email) is not None
 [7] 
 [8] def validate_url(url):
 [9]     # Simple regex pattern for validating a URL
 [10]     pattern = r'^https?:\/\/[\w.-]+\.[a-zA-Z]{2,}.*$'
 [11]     return re.match(pattern, url) is not None
 [12] 
 [13] def validate_email_and_url(email, url):
 [14]     return validate_email(email) and validate_url(url)
-`
-        const res = parseChangeLogs(source)
-        assert.equal(res.length, 1)
-        assert.equal(res[0].filename, "email_validator.py")
-    })
+`;


To fix the issue, ensure that the escape sequence \. is used correctly in the context of the regular expression or string literal. If the goal is to match a literal dot, ensure that the backslash is properly escaped when using a string literal (e.g., '\\.'). If the escape sequence is unnecessary, remove the backslash to avoid confusion and potential errors.

In this case, we will review the relevant code and adjust the escape sequence as needed to ensure the regular expression behaves as intended.

packages/core/test/githubclient.test.ts

+      "https://github.com/user-attachments/assets/a6e1935a-868e-4cca-9531-ad0ccdb9eace",
+    );
+    assert(resolved);
+    assert(resolved.includes("githubusercontent.com"));


To fix the problem, replace the substring check with a proper host check. Specifically, parse the resolved URL using the URL constructor and check that the host property is exactly raw.githubusercontent.com or ends with .githubusercontent.com. This ensures that only valid GitHub asset hosts are accepted, and not arbitrary hosts containing the substring. The change should be made in the test block at line 123 in packages/core/test/githubclient.test.ts. No new methods are needed, but the test assertion should be updated to use the parsed host.

packages/core/test/githubclient.test.ts

+      "https://github.com/user-attachments/assets/f7881bef-931d-4f76-8f63-b4d12b1f021e",
+    );
+    console.log(resolved);
+    assert(resolved.includes("githubusercontent.com"));


To fix the problem, the test should parse the returned URL and check that its host is exactly githubusercontent.com or matches a whitelist of allowed hosts. This avoids the risk of matching substrings in the path, query, or a malicious host. The best way to do this is to use the standard URL class to parse the URL and then assert that the host property matches the expected value. Specifically, in packages/core/test/githubclient.test.ts, lines 130 and 123 should be changed to parse the URL and check the host, rather than using includes. No new dependencies are needed, as the URL class is available in Node.js.

packages/runtime/src/nodehost.ts

+      value = { model: value, source };
+    }
+    const aliases = this._modelAliases[source];
+    const c = aliases[id] || (aliases[id] = { source });


packages/runtime/src/nodehost.ts

+    const c = aliases[id] || (aliases[id] = { source });
+    if (value === undefined || value.model === id) {
+      dbg(`alias ${id}: deleting (source: ${source})`);
+      delete aliases[id];


packages/cli/src/server.ts

packages/core/src/mdstringify.ts

+    } else if (typeof obj === "string") {
+      if (quoteValues) {
+        if (obj.includes("\n")) return fenceMD(obj);
+        return `\`${obj.replace(/`/g, "\\`")}\``;


To fix the issue, we need to ensure that backslashes are escaped before escaping backticks. This can be achieved by chaining two replace calls: the first to escape backslashes (\) and the second to escape backticks (```). This ensures that all occurrences of these characters are properly escaped.

The fix will involve modifying the replace call on line 56 to include an additional step for escaping backslashes. Specifically:

Replace backslashes (\) with double backslashes (\\).

Replace backticks (\``) with escaped backticks (\``).

This change will ensure that the string is correctly escaped for Markdown rendering.

packages/core/src/mdstringify.ts

+        if (obj.includes("\n")) return fenceMD(obj);
+        return `\`${obj.replace(/`/g, "\\`")}\``;
+      } else return obj;
+    } else return quoteValues ? `\`${String(obj).replace(/`/g, "\\`")}\`` : String(obj);


To fix the issue, we need to ensure that backslashes are properly escaped in addition to backticks. This can be achieved by first replacing all backslashes (\) with double backslashes (\\) and then replacing backticks () with escaped backticks (``). This order is important to avoid inadvertently escaping the backslashes added during the first replacement.

The fix involves modifying the replace logic on line 58 to handle both backslashes and backticks. We will use a regular expression with the g flag to ensure all occurrences are replaced.

… inputs and improved formatting

…ce and improved metadata link

…updates

… types in MdAstOptions

…dencies to devDependencies, and adding new TODO and debug logging scripts.

…on signature for clarity

…in cache, concurrency, host, model alias, and models modules

… for clarity and formatting

packages/core/src/env.ts

+      return b;
+    }
+    const res =
+      trimTrailingSlash(b.replace(/\/openai\/deployments.*$/, "")) + `/openai/deployments`;


…ace is disabled (#1877)

…te MCP documentation (#1879)

…tal (#1881)

…budget support (#1823) * Initial plan * Initial exploration and setup - understanding the codebase structure Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Implement line option for def() - dynamic range around center line Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Address review feedback: Add maxTokens support, use RangeOptions type, clarify slice usage Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Refactor token budget logic to eliminate code duplication Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Remove encoder from RangeOptions interface - encoder now passed separately by promptdom Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Update documentation for new line option with token budget support in def() function Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> Co-authored-by: Peli de Halleux <pelikhan@users.noreply.github.com>

…ctionality (#1882) * Initial plan * Add parentIssue support to GitHubClient.createIssue method Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add documentation for createIssue method with parentIssue support Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add GitHub sub-issues demo sample script Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Merge branch 'dev' into copilot/fix-025f35e5-f039-48c7-b1fb-5c718e55b7d8

…ate documentation (#1886) * Initial plan * Add system.mcp_read_resource system script with basic functionality and documentation Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add integration tests and finalize system.mcp_read_resource implementation Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Refactor MCP resource reading tools: rename `mcp_read_resource` to `resource_read`, update documentation, and remove obsolete test scripts. * Update URL description in resource_read tool and remove required flag * Refactor resource handling: rename `resource_read` to `resources`, add `resource_list` tool, and update documentation. Remove obsolete scripts. * Update resource documentation to include system.resources tools Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> Co-authored-by: Peli de Halleux <pelikhan@users.noreply.github.com>

@pelikhan

* Initial plan * Fix quiet mode for runPrompt console output Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add comprehensive test for quiet mode console output Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add documentation and demonstration for quiet mode fix Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Revert files as requested by @pelikhan Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add `--issue` flag to CLI commands for GitHub issue creation and update output handling in runScriptInternal * Refactor poem output handling to display poem length instead of content * Refactor import statements to use type imports for better clarity and performance * Enhance runScriptInternal function to improve output handling and formatting * Refactor output handling in createChatTurnGenerationContext and poem-inline.genai.mts for improved clarity --------- Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> Co-authored-by: Peli de Halleux <pelikhan@users.noreply.github.com>

…mpt activation (#1887) * Initial plan * Add activation field to PromptSystemArgs and implement activation-based system resolution Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Complete implementation of activation field for system prompts with tests and integration Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Merge branch 'dev' into copilot/fix-e05d1306-4cde-4fa5-adce-543abae6d79c * Add explanatory comment for word boundary regex in activation keyword matching Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Merge branch 'dev' into copilot/fix-e05d1306-4cde-4fa5-adce-543abae6d79c * Add activation keywords for system.resources and support singular annotation Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

…ssues (#1896) * Initial plan * Fix Docker container CWD path issue #1873 - use POSIX paths for Linux containers Co-authored-by: deyaaeldeen <6074665+deyaaeldeen@users.noreply.github.com> * Add osType option to ContainerOptions for Windows container support - Add osType?: "unix" | "windows" option to ContainerOptions interface - Default to "unix" for backward compatibility with existing Linux containers - Use appropriate path separators in docker.ts based on osType - Update comprehensive tests for both Unix and Windows container path handling - Update all type definition files to include new option Addresses feedback: Windows containers need backslash path separators, while Unix containers need forward slash separators. Co-authored-by: deyaaeldeen <6074665+deyaaeldeen@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: deyaaeldeen <6074665+deyaaeldeen@users.noreply.github.com> Co-authored-by: Peli de Halleux <pelikhan@users.noreply.github.com>

…ural forms

… in NodeHost

…interpolation (#1902)

…maintaining domain filtering capability (#1895) * Initial plan * Implement domain filtering for HTTPS resources with configuration support Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add comprehensive documentation for domain filtering feature Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add domain filtering to fetchText function Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Refactor domain filtering to centralize default domains logic Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Move default domains to constants.ts and refactor domain filtering API Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Refactor domain handling in fetch functions and update allowed domains logic * Add configurable allowedDomains to PromptArgs for script-level domain filtering Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Fix globalThis.fetch to use consistent crossFetch for proxy support Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Revert changes in system.fetch tool as requested Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add script-level allowedDomains configuration for fine-grained domain filtering Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Change default allowed domains to wildcard (*) and update documentation Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Fix JSDoc comment and update fetchText tests for wildcard domain default Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Fix tests: Update domain filtering tests for wildcard default and convert to vitest format Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Clarify domain filtering scope in documentation - host APIs only, not global fetch Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> Co-authored-by: Peli de Halleux <pelikhan@users.noreply.github.com>

packages/core/test/domainfilter.test.ts

+  describe("createDomainBlockedError", () => {
+    test("creates descriptive error message", () => {
+      const error = createDomainBlockedError("badsite.com", { allowedDomains: ["github.com", "*.openai.com"] });
+      assert(error.includes("badsite.com"));


packages/core/test/domainfilter.test.ts

+
+    test("uses default domains in error message when no config provided", () => {
+      const error = createDomainBlockedError("badsite.com", undefined);
+      assert(error.includes("badsite.com"));


packages/core/test/fetchtext.test.ts

+      assert.fail("Should have thrown error for unauthorized domain when allowedDomains is configured");
+    } catch (error) {
+      assert(error.message.includes("Domain 'example.com' is not allowed"));
+      assert(error.message.includes("github.com"));


To fix the problem, we should avoid using a substring check (includes("github.com")) and instead parse the error message to extract the list of allowed domains, then assert that the expected domains are present in that list. Since the error message is expected to mention the allowed domains (as configured in the test), we can use a regular expression to extract the allowed domains from the error message and compare them to the expected list. This ensures that the test only passes if the error message correctly lists the allowed domains, and avoids accidental matches where "github.com" appears in an unrelated context.

Specifically, in packages/core/test/fetchtext.test.ts, in the test "fetchText blocks domains when explicitly configured", replace the substring check on line 54 with logic that parses the allowed domains from the error message and asserts that both "github.com" and "*.github.com" are present.

No new imports are needed, as regular expressions and string manipulation are available in TypeScript/JavaScript.

* Refactor chat model selection logic for improved error handling and user experience * Add configuration option to prompt user for language chat model selection * Update haiku script to specify model version and enhance chat model mapping logic

* Initial plan * Initial analysis and planning for frontmatter parameter interpolation fix Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Fix frontmatter parameter interpolation in mustache.ts Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Enhance frontmatter parameter support for prompty format Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * genai: /docs [skip ci] --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

…) (#1903) * Initial plan * Fix Windows path handling in VSCode extension context menu Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add tests for Windows path handling fix Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> Co-authored-by: Peli de Halleux <pelikhan@users.noreply.github.com>

github-actions · 2025-08-22T21:04:18Z

Investigator report

Context collection

AI Analysis

AI-generated content by gai may be incorrect. Use reactions to eval.

…ing (#1906)

github-actions bot reviewed May 28, 2025

View reviewed changes

packages/core/src/chat.ts Outdated Show resolved Hide resolved

github-actions bot reviewed May 28, 2025

View reviewed changes

packages/core/src/mcpclient.ts Show resolved Hide resolved

github-actions bot reviewed May 28, 2025

View reviewed changes

packages/core/src/types/prompt_template.d.ts Outdated Show resolved Hide resolved

pelikhan requested a review from bzorn June 2, 2025 21:27

bzorn approved these changes Jun 2, 2025

View reviewed changes

github-advanced-security bot found potential problems Jun 19, 2025

View reviewed changes

github-advanced-security bot found potential problems Jun 21, 2025

View reviewed changes

github-advanced-security bot found potential problems Jun 25, 2025

View reviewed changes

packages/cli/src/server.ts Fixed Show fixed Hide fixed

github-advanced-security bot found potential problems Jun 27, 2025

View reviewed changes

pelikhan added 14 commits July 4, 2025 18:57

Enhance GitHub Action configuration and documentation with additional…

b9743f9

… inputs and improved formatting

Enhance README and action.ts documentation with GitHub Models referen…

b82e4b2

…ce and improved metadata link

Release 2.2.7

f7cdf47

[skip ci] updated version numbers

8c5cc9f

Update commit-versions script to include genaiscript.d.ts in version …

3f9d757

…updates

Update branding links in PromptBranding interface and clean up unused…

1687f22

… types in MdAstOptions

Refactor project structure by deleting unused scripts, updating depen…

ae303e8

…dencies to devDependencies, and adding new TODO and debug logging scripts.

Enhance type imports in runtime module and update makeItBetter functi…

5dbcc1d

…on signature for clarity

Release 2.2.8

36da3fd

[skip ci] updated version numbers

c6affad

Bump version numbers to 2.2.8 across all package.json files

748f779

Refactor ESLint rules, enhance type imports, and improve type safety …

57938a9

…in cache, concurrency, host, model alias, and models modules

Update GenAIScript instructions and GitHub Copilot Chat documentation…

2ee1230

… for clarity and formatting

support for yaml object of model alias

554b1bb

github-advanced-security bot found potential problems Jul 6, 2025

View reviewed changes

pelikhan added 5 commits July 6, 2025 01:52

Add model_alias input to README and action.yml with description

a81a4b7

Add GitHub reaction handling and sample usage for issue reactions

40094f8

Release 2.2.9

a442e0d

[skip ci] updated version numbers

3ec7a62

Bump version numbers to 2.2.9 across all packages

40299d8

Copilot AI and others added 20 commits August 19, 2025 04:53

Optimize memory usage by conditionally instantiating trace when runTr…

4b46d0f

…ace is disabled (#1877)

Add missing resolveResource method to ResourceHost interface and upda…

92a37da

…te MCP documentation (#1879)

Add timeout configurations to "test echo" step: 30s per test, 5min to…

fdd7a73

…tal (#1881)

Add --issue flag to run command for GitHub issue creation (#1883)

af6b5f7

Update activation fields in system prompts to include singular and pl…

7fc9a10

…ural forms

Release 2.4.0

e5cd7ef

[skip ci] updated version numbers

d5422ff

Enhance debugging and error handling in pickChatModel function

b93a6d8

Merge branch 'dev' of https://github.com/microsoft/genaiscript into dev

366aaa1

Refine logging documentation for clarity on enabling debug messages

821bab4

Add logging for Azure OpenAI configuration and enhance error handling…

13741c3

… in NodeHost

Add showQuickPickWithTimeout utility for improved UI responsiveness

ef84523

Fix markdown script frontmatter parameters not working with variable …

fcfef5b

…interpolation (#1902)

github-advanced-security bot found potential problems Aug 21, 2025

View reviewed changes

pelikhan and others added 7 commits August 22, 2025 07:51

Release 2.4.1

078ade9

[skip ci] updated version numbers

b7e2d39

Fix optional chaining for trace property in startServer function

e3df513

Add retry logic for language chat model resolution in VSCode extension

047ec6c

Fix CodeQL security vulnerabilities in shell execution and file handl…

66e5c7e

…ing (#1906)

@@ -51,3 +51,3 @@
                     if (value.includes("\n") || value.includes('"')) {
-                      value = value.replace(/"/g, '\\"'); // Escape existing quotes
+                      value = value.replace(/["\\]/g, '\\$&'); // Escape double quotes and backslashes
                       return `${key}="${value}"`;

@@ -164,3 +164,3 @@
                 if (/file=\w+\.\w+/.test(label)) {
-                  const m = /^\s*\`{3,}\w*\r?\n((.|\s)*)\r?\n\`{3,}\s*$/.exec(text);
+                  const m = /^\s*\`{3,}\w*\r?\n([^\`]*)\r?\n\`{3,}\s*$/.exec(text);
                   if (m) return m[1];

@@ -144,3 +144,3 @@
               const renderJinja = (content: string) =>
-                `$\`${content.replace(/`/g, "\\`")}\`${/\{(%|\{)/.test(content) ? `.jinja(env.vars)` : ""}`;
+                `$\`${content.replace(/\\/g, "\\\\").replace(/`/g, "\\`")}\`${/\{(%|\{)/.test(content) ? `.jinja(env.vars)` : ""}`;
               const renderPart = (c: ChatCompletionContentPart) =>

@@ -51,7 +51,15 @@
                   assert.fail("Should have thrown error for unauthorized domain when allowedDomains is configured");
                 } catch (error) {
                   assert(error.message.includes("Domain 'example.com' is not allowed"));
-                  assert(error.message.includes("github.com"));
+                  // Extract allowed domains from the error message and check for both "github.com" and "*.github.com"
+                  const allowedDomainsMatch = error.message.match(/allowed domains?:?\s*(.*?)(?:\.|$)/i);
+                  if (allowedDomainsMatch) {
+                    const allowedDomainsStr = allowedDomainsMatch[1];
+                    assert(allowedDomainsStr.includes("github.com"));
+                    assert(allowedDomainsStr.includes("*.github.com"));
+                  } else {
+                    assert.fail("Allowed domains not found in error message");
+                  }
                   assert(error.message.includes("GENAISCRIPT_ALLOWED_DOMAINS"));
                 }
               });

@@ -120,14 +120,22 @@
                   "https://github.com/user-attachments/assets/a6e1935a-868e-4cca-9531-ad0ccdb9eace",
                 );
                 assert(resolved);
-                assert(resolved.includes("githubusercontent.com"));
+                const parsedHost = new URL(resolved).host;
+                assert(
+                  parsedHost === "raw.githubusercontent.com" ||
+                  parsedHost.endsWith(".githubusercontent.com")
+                );
               });
               test("resolveAssetUrl - mp4", async () => {
                 const resolved = await client.resolveAssetUrl(
                   "https://github.com/user-attachments/assets/f7881bef-931d-4f76-8f63-b4d12b1f021e",
                 );
                 console.log(resolved);
-                assert(resolved.includes("githubusercontent.com"));
+                const parsedHost = new URL(resolved).host;
+                assert(
+                  parsedHost === "raw.githubusercontent.com" ||
+                  parsedHost.endsWith(".githubusercontent.com")
+                );
               });
               test("resolveAssetUrl - image - indirect", async () => {

Dev #1578

Are you sure you want to change the base?

Dev #1578

Conversation

pelikhan commented May 28, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

github-actions bot commented Jun 2, 2025

Annotations from the provided diff:

Linter: no-fix-mes

Linter: grumpy-dev

Linter: diagrams

Linter: no-fix-mes

Linter: grumpy-dev

Linter: diagrams

Summary Table (Linter: stats):

Uh oh!

Uh oh!

Check failure

Copilot Autofix

Uh oh!

Check failure

Copilot Autofix

Check failure

Copilot Autofix

Uh oh!

Check failure

Copilot Autofix

Check failure

Uh oh!

Copilot Autofix

Check failure

Uh oh!

Copilot Autofix

Check failure

Uh oh!

Check failure

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!