Update safe outputs spec with discussions field from PR #16509#16516
Update safe outputs spec with discussions field from PR #16509#16516
Conversation
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Updates the Safe Outputs MCP Gateway specification to document the optional discussions configuration field for add-comment and hide-comment, which controls whether discussions: write permission is requested.
Changes:
- Bumps spec version to 1.13.0 and updates publication date to 2026-02-18
- Documents the
discussionsfield foradd_comment/hide_comment, including conditional permissions and examples - Adds a 1.13.0 entry to Appendix F (Document History)
Comments suppressed due to low confidence (1)
docs/src/content/docs/reference/safe-outputs-specification.md:2576
- Similar to
add_comment, this section should explicitly document the behavioral consequence ofdiscussions: false: hiding/minimizing comments on discussions will not work withoutdiscussions: write. Consider adding a short note that opting out must only be used when you will not target discussion comments (otherwise the operation will fail).
The optional `discussions` boolean field controls whether `discussions:write` permission is requested:
- **Default behavior** (`discussions: true` or omitted): Includes `discussions:write` permission for maximum compatibility. Use this when the GitHub App has Discussions permission granted.
- **Opt-out** (`discussions: false`): Excludes `discussions:write` permission. Use this when the GitHub App lacks Discussions permission to prevent 422 errors during token generation.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| The optional `discussions` boolean field controls whether `discussions:write` permission is requested: | ||
|
|
||
| - **Default behavior** (`discussions: true` or omitted): Includes `discussions:write` permission for maximum compatibility. Use this when the GitHub App has Discussions permission granted. | ||
| - **Opt-out** (`discussions: false`): Excludes `discussions:write` permission. Use this when the GitHub App lacks Discussions permission to prevent 422 errors during token generation. | ||
|
|
There was a problem hiding this comment.
The new discussions opt-out is documented as a permissions toggle, but this section doesn’t explicitly state the functional impact: with discussions: false, operations that target discussions (e.g., target: "discussion" or target: "*" when the resolved item is a discussion) will fail due to missing discussions: write. Please add a clear note about this incompatibility and recommend setting target to exclude discussions when opting out.
This issue also appears on line 2572 of the same file.
| - **Added**: Optional `discussions` field for `add-comment` and `hide-comment` safe output types to control `discussions:write` permission | ||
| - **Enhanced**: Permission documentation for `add-comment` and `hide-comment` to explain conditional `discussions:write` inclusion | ||
| - **Added**: Configuration examples demonstrating `discussions: false` usage for GitHub Apps without Discussions permission | ||
| - **Fixed**: Issue where `add-comment` and `hide-comment` unconditionally requested `discussions:write` permission, causing 422 errors for GitHub Apps lacking Discussions permission |
There was a problem hiding this comment.
In Appendix F, the entry refers to safe output types as add-comment / hide-comment, but elsewhere in the document history and type definitions the canonical identifiers use underscores (e.g., add_comment). For consistency and to avoid ambiguity between type IDs vs YAML keys, consider using add_comment / hide_comment here (or explicitly label them as configuration keys if you intend the hyphenated form).
| - **Added**: Optional `discussions` field for `add-comment` and `hide-comment` safe output types to control `discussions:write` permission | |
| - **Enhanced**: Permission documentation for `add-comment` and `hide-comment` to explain conditional `discussions:write` inclusion | |
| - **Added**: Configuration examples demonstrating `discussions: false` usage for GitHub Apps without Discussions permission | |
| - **Fixed**: Issue where `add-comment` and `hide-comment` unconditionally requested `discussions:write` permission, causing 422 errors for GitHub Apps lacking Discussions permission | |
| - **Added**: Optional `discussions` field for `add_comment` and `hide_comment` safe output types to control `discussions:write` permission | |
| - **Enhanced**: Permission documentation for `add_comment` and `hide_comment` to explain conditional `discussions:write` inclusion | |
| - **Added**: Configuration examples demonstrating `discussions: false` usage for GitHub Apps without Discussions permission | |
| - **Fixed**: Issue where `add_comment` and `hide_comment` unconditionally requested `discussions:write` permission, causing 422 errors for GitHub Apps lacking Discussions permission |
The Safe Outputs specification was not documenting the optional
discussionsfield added in PR #16509, which controls whetherdiscussions:writepermission is requested foradd-commentandhide-commentsafe output types.Changes
Version: Incremented to 1.13.0 with publication date 2026-02-18
add_commenttype documentation:discussionsto configuration parametersdiscussions:writepermission in Required Permissions sectiondiscussionsField" subsection with examplehide_commenttype documentation:discussionsfield with same semantics asadd_commentConfiguration examples (Section 5.4):
discussions: falseto Comment Extensions exampleChange log: Added Version 1.13.0 entry in Appendix F
Example Configuration
Default behavior:
discussions: true(or omitted) includesdiscussions:writefor backward compatibilityOpt-out behavior:
discussions: falseexcludesdiscussions:writeto prevent 422 errors when GitHub App lacks Discussions permissionOriginal prompt
✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.