Add integrity filtering notice to workflow footer#21749
Conversation
Create gateway_difc_filtered.cjs module that reads DIFC_FILTERED events from MCP gateway logs (gateway.jsonl / rpc-messages.jsonl) and generates a GitHub tip alert section for inclusion in workflow footers. Update messages_footer.cjs to call getDifcFilteredEvents() / generateDifcFilteredSection() inside generateFooterWithMessages(), following the same style as the existing firewall blocked domains notice. Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Adds a new footer notice that surfaces when GitHub Guard (DIFC) filtered tool-call items during workflow execution, mirroring the existing firewall blocked-domains footer style.
Changes:
- Introduces a new
gateway_difc_filtered.cjsmodule to parseDIFC_FILTEREDevents from MCP gateway JSONL logs and render a[!TIP]alert section. - Updates
messages_footer.cjsto append the DIFC filtered-items section after the firewall section when events are present. - Adds a dedicated Vitest suite covering parsing, file fallback behavior, and rendering edge cases.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| actions/setup/js/messages_footer.cjs | Appends the new DIFC filtered-items footer section during footer generation. |
| actions/setup/js/gateway_difc_filtered.cjs | Implements JSONL parsing + log reading fallback + markdown rendering for the new notice. |
| actions/setup/js/gateway_difc_filtered.test.cjs | Adds unit tests for parsing, reading behavior, and rendered output formatting. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
| function parseDifcFilteredEvents(jsonlContent) { | ||
| const filteredEvents = []; | ||
| const lines = jsonlContent.split("\n"); | ||
| for (const line of lines) { | ||
| const trimmed = line.trim(); | ||
| if (!trimmed || !trimmed.includes("DIFC_FILTERED")) continue; | ||
| try { | ||
| const entry = JSON.parse(trimmed); | ||
| if (entry.type === "DIFC_FILTERED") { | ||
| filteredEvents.push(entry); | ||
| } | ||
| } catch { | ||
| // skip malformed lines | ||
| } | ||
| } | ||
| return filteredEvents; |
actions/setup/js/messages_footer.cjs
Outdated
| // Add GitHub Guard DIFC filtered section if any items were filtered | ||
| const difcFilteredEvents = getDifcFilteredEvents(); | ||
| const difcFilteredSection = generateDifcFilteredSection(difcFilteredEvents); | ||
| if (difcFilteredSection) { | ||
| footer += difcFilteredSection; | ||
| } |
| for (const event of filteredEvents) { | ||
| let reference; | ||
| if (event.html_url) { | ||
| const label = event.number ? `#${event.number}` : event.html_url; | ||
| reference = `[${label}](${event.html_url})`; | ||
| } else { | ||
| reference = event.description || (event.tool_name ? `\`${event.tool_name}\`` : "-"); | ||
| } | ||
| const tool = event.tool_name ? `\`${event.tool_name}\`` : "-"; | ||
| const reason = (event.reason || "-").replace(/\n/g, " "); | ||
| section += `> - ${reference} (${tool}: ${reason})\n`; |
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Fixed in 0e98394. |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
✅ All tools validated successfully! Agent Container Smoke Test confirms agent container is ready. |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
|
Smoke Test Results — Run §23294171211
Overall:
Tip 🔒 GitHub Guard filtered 5 itemsThe GitHub Guard activated and filtered the following items during workflow execution.
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Reviewed gateway DIFC filtered events implementation. Clean, well-tested module with good separation of concerns. Left 2 minor suggestions around performance optimization and explicit path passing. No blocking issues.
📰 BREAKING: Report filed by Smoke Copilot
Tip
🔒 GitHub Guard filtered 5 items
The GitHub Guard activated and filtered the following items during workflow execution.
This happens when a tool call accesses a resource that does not meet the required integrity or secrecy level of the workflow.
- pr:#21749 (
pull_request_read: Resource 'pr:#21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.) - pr:#21749 (
pull_request_read: Resource 'pr:#21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.) - pr:#21749 (
pull_request_read: Resource 'pr:#21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.) - pr:#21749 (
pull_request_read: Resource 'pr:#21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.) - pr:#21749 (
pull_request_read: Resource 'pr:#21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.)
actions/setup/js/messages_footer.cjs
Outdated
| // Add GitHub Guard DIFC filtered section if any items were filtered | ||
| const difcFilteredEvents = getDifcFilteredEvents(); | ||
| const difcFilteredSection = generateDifcFilteredSection(difcFilteredEvents); | ||
| if (difcFilteredSection) { |
There was a problem hiding this comment.
This calls getDifcFilteredEvents() with no arguments, relying on the default paths. Consider passing the paths explicitly (or deriving them from the workflow context) to make it easier to test and to support custom log locations in the future.
| try { | ||
| const entry = JSON.parse(trimmed); | ||
| if (entry.type === "DIFC_FILTERED") { | ||
| filteredEvents.push(entry); |
There was a problem hiding this comment.
The early-exit check !trimmed.includes("DIFC_FILTERED") is a nice optimization to skip JSON parsing on irrelevant lines. Consider also checking for the opening brace trimmed.startsWith("{") to skip non-JSON lines even faster before the includes check.
Agent Container Tool Check
Result: 12/12 tools available ✅ Overall Status: PASS
|
|
🤖 Smoke Test: Copilot - 23296588438\n\n| Test | Status |\n|------|--------|\n| GitHub MCP | ✅ |\n| MCP Scripts GH CLI | ✅ |\n| Serena MCP | ❌ |\n| Playwright | ✅ |\n| Web Fetch | ✅ |\n| File Writing | ✅ |\n| Bash Tool | ✅ |\n| Discussion Interaction | ✅ |\n| Build gh-aw | ✅ |\n| Discussion Creation | ✅ |\n| Workflow Dispatch | ✅ |\n| PR Review | ✅ |\n\nOverall:
Note 🔒 GitHub Guard filtered 1 itemThe GitHub Guard activated and filtered the following item during workflow execution.
|
There was a problem hiding this comment.
Reviewed the DIFC filtered items footer feature. Code is clean and well-tested. Two minor suggestions: safer deduplication key separator and debug logging in the silent catch. Overall looks good! 🔒
📰 BREAKING: Report filed by Smoke Copilot
Note
🔒 GitHub Guard filtered 1 item
The GitHub Guard activated and filtered the following item during workflow execution.
This happens when a tool call accesses a resource that does not meet the required integrity or secrecy level of the workflow.
| // Deduplicate events by their significant fields | ||
| const seen = new Set(); | ||
| const uniqueEvents = filteredEvents.filter(event => { | ||
| const key = [event.html_url || "", event.tool_name || "", event.description || "", event.reason || ""].join("|"); |
There was a problem hiding this comment.
The deduplication key includes all four fields joined by |. If any of these fields contain a | character, it could cause false negatives (different events treated as duplicates). Consider using a safer separator like \0 (null byte) or JSON serialization for the key.
| if (difcFilteredSection) { | ||
| footer += difcFilteredSection; | ||
| } | ||
| } catch { |
There was a problem hiding this comment.
The silent catch {} here prevents DIFC errors from surfacing. Consider adding at least core.debug() logging so errors are visible in Actions debug output without breaking the footer generation.
|
Smoke test (Codex engine)
Warning
|
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
💥 Smoke Test Run 23296588401 — Claude engine results:
Overall: PARTIAL (tests #15 and #18 skipped — no threads/safe PRs)
Note 🔒 GitHub Guard filtered 1 itemThe GitHub Guard activated and filtered the following item during workflow execution.
|
There was a problem hiding this comment.
💥 Automated smoke test review - all systems nominal!
💥 [THE END] — Illustrated by Smoke Claude
Note
🔒 GitHub Guard filtered 1 item
The GitHub Guard activated and filtered the following item during workflow execution.
This happens when a tool call accesses a resource that does not meet the required integrity or secrecy level of the workflow.
|
|
||
| const fs = require("fs"); | ||
|
|
||
| const GATEWAY_JSONL_PATH = "/tmp/gh-aw/mcp-logs/gateway.jsonl"; |
There was a problem hiding this comment.
The hardcoded path /tmp/gh-aw/mcp-logs/gateway.jsonl looks good for the CI environment. Consider making this configurable via an environment variable for flexibility in different deployment contexts.
|
|
||
| // Add GitHub Guard DIFC filtered section if any items were filtered | ||
| try { | ||
| const difcFilteredEvents = getDifcFilteredEvents(); |
There was a problem hiding this comment.
The DIFC filtered events are retrieved and rendered here — wrapping this in a try/catch (as done in the parent function) is a good defensive pattern. The early return on empty difcFilteredSection keeps the output clean.
|
@copilot the note should be inserted BEFORE the footer (near the firewall note) |
…erateFooterWithMessages Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Fixed in c7481a3. Both the firewall and DIFC guard notices are now collected first and prepended before the attribution footer line (
Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
|
@copilot rename "github guard DIFC" to "Integrity filtering" |
…xt and tests Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Done in bfe900e. All user-facing references renamed:
|
|
@copilot only show the first 16 filtered items, and ellipse the rest. |
… rest Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Done in 1a17129. After deduplication, only the first 16 unique items are rendered. If more remain, a trailing line |
When integrity filtering (DIFC) filters tool calls during workflow execution, there's no indication of this in the created item's footer. This adds a
[!NOTE]alert—matching the style of the existing firewall blocked-domains notice—that surfaces filtered items with GitHub references and an explanation. Duplicate filtered events (the same item filtered multiple times) are collapsed into a single entry. The notice is placed before the attribution footer line, alongside the firewall notice.Changes
gateway_difc_filtered.cjs(new) — standalone module mirroringfirewall_blocked_domains.cjs:parseDifcFilteredEvents— extractsDIFC_FILTEREDentries from JSONL contentgetDifcFilteredEvents— readsgateway.jsonl(falls back torpc-messages.jsonl)generateDifcFilteredSection— renders a[!NOTE]alert with collapsed<details>listing linked GitHub references (#numberor full URL) and the filter reason; deduplicates events by composite key before rendering; limits the rendered list to the first 16 unique items, appending... and N more item(s)for any remaindermessages_footer.cjs— callsgetDifcFilteredEvents/generateDifcFilteredSectioningenerateFooterWithMessages; the notice is placed before the attribution footer line (alongside the firewall notice), wrapped intry/catchto ensure the rest of the footer is always preservedactions/setup/setup.sh— addsgateway_difc_filtered.cjstoSAFE_OUTPUTS_FILESso it is deployed at runtimegateway_difc_filtered.test.cjs(new) — 25 tests covering parsing, file-read fallback, section rendering edge cases, deduplication, and item truncationExample output
Original prompt
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.
✨ PR Review Safe Output Test - Run 23294171163
Tip
🔒 GitHub Guard filtered 4 items
The GitHub Guard activated and filtered the following items during workflow execution.
This happens when a tool call accesses a resource that does not meet the required integrity or secrecy level of the workflow.
pull_request_read: Resource 'pr:Add integrity filtering notice to workflow footer #21749' has lower integrity than agent requires. Agent would need to drop integrity tags [approved:all unapproved:all] to trust this resource.)pull_request_read: Resource 'pr:Add integrity filtering notice to workflow footer #21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.)pull_request_read: Resource 'pr:Add integrity filtering notice to workflow footer #21749' has lower integrity than agent requires. Agent would need to drop integrity tags [approved:all unapproved:all] to trust this resource.)pull_request_read: Resource 'pr:Add integrity filtering notice to workflow footer #21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.)✨ PR Review Safe Output Test - Run 23295134401
Note
🔒 GitHub Guard filtered 2 items
The GitHub Guard activated and filtered the following items during workflow execution.
This happens when a tool call accesses a resource that does not meet the required integrity or secrecy level of the workflow.
pull_request_read: Resource 'pr:Add integrity filtering notice to workflow footer #21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.)pull_request_read: Resource 'pr:Add integrity filtering notice to workflow footer #21749' has lower integrity than agent requires. Agent would need to drop integrity tags [approved:all unapproved:all] to trust this resource.)✨ PR Review Safe Output Test - Run 23295336186
✨ PR Review Safe Output Test - Run 23296588401
Note
🔒 GitHub Guard filtered 1 item
The GitHub Guard activated and filtered the following item during workflow execution.
This happens when a tool call accesses a resource that does not meet the required integrity or secrecy level of the workflow.
pull_request_read: Resource 'pr:Add integrity filtering notice to workflow footer #21749' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.)