Skip to content

Harden compile MCP stdout handling and add compile stdio pollution coverage#26968

Merged
pelikhan merged 7 commits intomainfrom
copilot/add-mcp-server-integration-test
Apr 18, 2026
Merged

Harden compile MCP stdout handling and add compile stdio pollution coverage#26968
pelikhan merged 7 commits intomainfrom
copilot/add-mcp-server-integration-test

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 18, 2026
edited
Loading

Summary

  • Hardened MCP compile tool handling to keep successful tool content sourced from subprocess stdout only
  • Added integration coverage to verify MCP stdio stdout remains JSON-RPC-only while calling compile for all workflows
  • Added unit coverage to prevent stderr/log pollution in successful compile tool responses

Changes

  • Kept compile tool behavior using stdout-only success output semantics
  • Reverted mcp_tools_management.go changes per review feedback (so add, update, and fix stream handling remains unchanged)
  • Reverted mcp_tools_readonly.go changes per review feedback (so mcp-inspect stream handling remains unchanged)
  • Added unit test in pkg/cli/mcp_tools_output_streams_test.go:
    • TestCompileTool_UsesOnlyStdoutOnSuccess
  • Added integration test in pkg/cli/mcp_server_stdio_integration_test.go:
    • TestMCPServer_CompileAllWorkflows_StdoutOnlyJSONRPC
    • validates raw stdio traffic is valid JSON-RPC and compile result text is clean JSON

Validation

  • Targeted tests passed:
    • go test -v ./pkg/cli -run 'TestCompileTool_UsesOnlyStdoutOnSuccess'
    • go test -v -tags=integration ./pkg/cli -run 'TestMCPServer_CompileAllWorkflows_StdoutOnlyJSONRPC'
  • Full required validation executed multiple times via make agent-finish; failures observed are pre-existing/unrelated in this environment (pkg/cli timeout in full suite and pkg/workflow wasm golden failures).

Copilot AI requested a review from pelikhan April 18, 2026 01:06
pelikhan
pelikhan reviewed Apr 18, 2026
View reviewed changes
Comment thread pkg/cli/mcp_tools_management.go
@@ -1,7 +1,9 @@
package cli

import (
Copy link
Copy Markdown
Collaborator

@pelikhan pelikhan Apr 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot revert changes in this file

Copy link
Copy Markdown
Contributor Author

Copilot AI Apr 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in fd1dc63pkg/cli/mcp_tools_management.go has been reverted to its pre-change state.

pelikhan
pelikhan reviewed Apr 18, 2026
View reviewed changes
Comment thread pkg/cli/mcp_tools_readonly.go
cmdArgs = append(cmdArgs, "--check-secrets")

// Execute the CLI command
cmd := execCmd(ctx, cmdArgs...)
Copy link
Copy Markdown
Collaborator

@pelikhan pelikhan Apr 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot revert changes in this file

Copy link
Copy Markdown
Contributor Author

Copilot AI Apr 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in 51c81e1pkg/cli/mcp_tools_readonly.go has been reverted to its pre-change state, and the related stdout-only mcp-inspect test coverage was removed.

@github-actions github-actions bot mentioned this pull request Apr 18, 2026
Closed
Copy link
Copy Markdown
Contributor Author

Copilot AI commented Apr 18, 2026

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GO111MODULE ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel go /usr/bin/git /ref/tags/v9 GO111MODULE sv git (http block)
  • https://api.github.com/orgs/test-owner/actions/secrets
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name HKFC/E_0TB0-3XumGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 8612188/b420/impGO111MODULE -c che/go-build/fe/GOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go /opt/hostedtoolc-importcfg (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv /tmp/shared-actions-test2852867327 show /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv extensions.objectformat GOPROXY /usr/lib/git-core/git-upload-pack GOSUMDB GOWORK 64/bin/go git-upload-pack /tmp�� GOMODCACHE go /opt/hostedtoolcache/node/24.14.1/x64/bin/node -json GO111MODULE 64/bin/go node (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv user.email test@example.com /usr/bin/git y_with_explicit_git GO111MODULE ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel go /usr/bin/git -json 5d407220fe49cd93rev-parse 64/pkg/tool/linu--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /usr/bin/git -json GO111MODULE /usr/bin/chmod git rev-�� --show-toplevel chmod /usr/bin/git runs/20260418-01git GOPROXY /usr/lib/git-cor--show-toplevel git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6.0.2
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6.0.2 --jq [.object.sha, .object.type] | @tsv INVALID,NEW -j DROP (http block)
  • https://api.github.com/repos/actions/download-artifact/git/ref/tags/v8.0.1
    • Triggering command: /usr/bin/gh gh api /repos/actions/download-artifact/git/ref/tags/v8.0.1 --jq [.object.sha, .object.type] | @tsv INVALID,NEW -j DROP (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv Actor: ${{ github.actor }}, Repo: ${{ github.repository }} go Name,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle t358532554/.githgit GO111MODULE ache/go/1.25.8/xHEAD git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE ache/go/1.25.8/x--show-toplevel git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v9
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv 0 -j ACCEPT (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv user.email test@example.com /opt/hostedtoolcache/node/24.14.1/x64/bin/node ub/workflows GO111MODULE 64/bin/go node /tmp�� /home/REDACTED/work/gh-aw/gh-aw/.github/workflows/agentic-observability-kit.md go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv user.name Test User /usr/bin/git ub/workflows GO111MODULE 64/bin/go git rev-�� --show-toplevel l /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 6379819/b306/vet.cfg GOINSECURE GOMOD GOMODCACHE go env licyBlockedUsersApprovalLabelsCo@{u} GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/link GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/link (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v7.0.1
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v7.0.1 --jq [.object.sha, .object.type] | @tsv (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv GOMODCACHE go /usr/bin/git b/workflows GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv sistency_GoAndJavaScript1935152115/001/test-complex-frontmatter-with-tools.md GO111MODULE 6379819/b411/vet.cfg GOINSECURE GOMOD GOMODCACHE go env licyTrustedUsersExpressionCompiledOutput312156794/001 GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv sistency_GoAndJavaScript1935152115/001/test-complex-frontmatter-remote.origin.url GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env licyTrustedUsersExpressionCompiledOutput312156794/001 GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/link GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/link (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 go bject.type] | @tsv -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name go ache/node/24.14.1/x64/bin/node -json GO111MODULE 64/bin/go git t-29�� k/gh-aw/gh-aw/.github/workflows/architecture-guardian.md go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go e/git -json GO111MODULE 64/bin/go e/git (http block)
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name go /usr/bin/infocmp -json GO111MODULE 64/bin/go infocmp -1 xterm-color go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git le-frontmatter.mgit GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name go ache/node/24.14.1/x64/bin/node -json GO111MODULE 64/bin/go git t-40�� k/gh-aw/gh-aw/.github/workflows/artifacts-summary.md go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name go 1/x64/bin/node -json GO111MODULE 64/bin/go 1/x64/bin/node rev-�� --show-toplevel (http block)
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path l1Z2/iyGmPU59CBcGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 8612188/b424/impGO111MODULE -c che/go-build/f5/GOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go /opt/hostedtoolc-buildtags (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 GOMOD GOMODCACHE go env lGitmaster_branc-errorsas lGitmaster_branc-ifaceassert 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv inputs.version go /usr/bin/git 1150296036 GO111MODULE ache/go/1.25.8/x--show-toplevel git conf�� --get remote.origin.url /usr/bin/git -json GO111MODULE ache/go/1.25.8/x/tmp/gh-aw/aw-feature-branch.patch git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv log.showsignaturGOSUMDB log 64/bin/go -n1 --format=format:init --end-of-options--bare go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv 585577012/001 585577012/002/work 64/bin/go GOINSECURE GOMOD GOMODCACHE go env ub/workflows GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv 21003959/001 21003959/002/work 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env 725202/001 GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 88TbS46/d-CnAbDVymM865o2zkiw env repo3250914680/001 GO111MODULE 0ce79495b431c5f03829ea5c5b2e9bbd-d GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv --end-of-optionsGOSUMDB blob 64/bin/go "prettier" --wrigit-upload-pack (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion -json GO111MODULE 64/bin/go 1/x64/bin/node rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c "prettier" --cheGOINSECURE GOPROXY 64/bin/go iles use Prettie/opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet GOWORK 64/bin/go go (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c GoFiles,CompiledGOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK run-script/lib/n--show-toplevel go (http block)
  • https://api.github.com/repos/owner/repo/contents/file.md
    • Triggering command: /tmp/go-build2956379819/b400/cli.test /tmp/go-build2956379819/b400/cli.test -test.testlogfile=/tmp/go-build2956379819/b400/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE go env 1Edy/KDmvmme1i-QGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 8612188/b426/impGO111MODULE (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name lPHN/lwisn-bXa0UGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 8612188/b412/impGO111MODULE -c che/go-build/1d/GOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go /opt/hostedtoolcGOPROXY (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI changed the title Harden MCP stdout handling and add stdout pollution coverage Harden MCP stdout handling and add compile stdio pollution coverage Apr 18, 2026
Copilot AI requested a review from pelikhan April 18, 2026 01:33
Copy link
Copy Markdown
Contributor Author

Copilot AI commented Apr 18, 2026

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GO111MODULE .cfg git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE ache/go/1.25.8/x--show-toplevel git (http block)
  • https://api.github.com/orgs/test-owner/actions/secrets
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c "prettier" --cheGOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go /opt/hostedtoolc-buildtags (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv --get remote.origin.url /usr/bin/git -json GO111MODULE 64/bin/go git conf�� --get remote.upstream.url /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv 3953-32432/test-3674473364 -tests /usr/bin/git cd actions/setupgit GOPROXY 64/bin/go git rev-�� --show-toplevel node /opt/hostedtoolcache/node/24.14.1/x64/bin/node 01 --check 64/bin/go node (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv ty-test.md GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /usr/bin/git 6120/001/stabiligit GO111MODULE ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel go /usr/bin/git 3659055171 GO111MODULE k git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv -v go 64/bin/node sistency_GoAndJagit GO111MODULE /usr/bin/cp gh 1/x6�� /repos/actions/upload-artifact/git/ref/tags/v4 --jq /usr/bin/git actions/setup-clgit GOPROXY /usr/lib/git-cor--show-toplevel git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6.0.2
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6.0.2 --jq [.object.sha, .object.type] | @tsv (http block)
  • https://api.github.com/repos/actions/download-artifact/git/ref/tags/v8.0.1
    • Triggering command: /usr/bin/gh gh api /repos/actions/download-artifact/git/ref/tags/v8.0.1 --jq [.object.sha, .object.type] | @tsv (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --get remote.origin.url (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v9
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE /usr/bin/php8.3 (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv che/go-build/4b/GOINSECURE **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-bool /opt/hostedtoolc-buildtags -o /tmp/go-build369-errorsas -trimpath 64/bin/go -p main -lang=go1.25 go (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /usr/bin/git /workflows GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv /home/REDACTED/work/gh-aw/gh-aw/.github/workflows/architecture-guardian.md go ache/node/24.14.1/x64/bin/node ned-imports-enabgit GO111MODULE 64/bin/go ache/node/24.14.1/x64/bin/node s-18�� .actor }}, Unsafe: ${{ secrets.TOKEN }} go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv actions/setup-cli/install.sh GOPROXY /usr/lib/git-core/git GOSUMDB GOWORK 64/bin/go /usr/lib/git-core/git main�� g/cli --auto /usr/bin/git --detach GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v7.0.1
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v7.0.1 --jq [.object.sha, .object.type] | @tsv (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel go om/org1/repo1.git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv ithub-script/git/ref/tags/v9 GOPROXY bject.type] | @tsv GOSUMDB GOWORK 64/bin/go git init�� --bare --initial-branch=my-default /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv runs/20260418-013953-32432/test-3659055171/custom/workflows GOPROXY /bin/sh GOSUMDB GOWORK 64/bin/go /bin/sh -c git-upload-pack '/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitcustom_branch2724013002/001' git-upload-pack '/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitcustom_branch2724013002/001' /opt/hostedtoolcache/node/24.14.1/x64/bin/node -json GO111MODULE 64/bin/go node (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env 57 GO111MODULE /usr/lib/git-core/git GOINSECURE GOMOD GOMODCACHE /usr/lib/git-core/git (http block)
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE /usr/bin/git GOINSECURE GOMOD GOMODCACHE git -c runs/20260418-013953-32432/test-3070009781/.github/workflows log 1/x64/bin/node --format=%H:%ct GOWORK 64/bin/go 1/x64/bin/node (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env tructions-test-3480926208/.github/workflows GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linutest-branch (http block)
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env 977804926/001 GO111MODULE /usr/bin/git GOINSECURE GOMOD GOMODCACHE git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name GO111MODULE 8172435/b415/vet.cfg GOINSECURE GOMOD GOMODCACHE go env tructions-test-3480926208/.github/workflows GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet l GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE ache/node/24.14.1/x64/bin/node GOINSECURE GOMOD GOMODCACHE go t-33�� sistency_WithImports3618083008/001/main.md GO111MODULE /usr/bin/infocmp GOINSECURE GOMOD GOMODCACHE infocmp (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go l GOMOD GOMODCACHE go env -json l ache/node/24.14.1/x64/bin/node GOINSECURE GOMOD GOMODCACHE /bin/sh (http block)
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE /usr/bin/gcc GOINSECURE GOMOD GOMODCACHE gcc -###�� -x c /usr/lib/git-core/git - GOWORK 64/bin/go /usr/lib/git-core/git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name GO111MODULE epo.git GOINSECURE GOMOD GOMODCACHE go env runs/20260418-013953-32432/test-1475791970 GO111MODULE 1/x64/bin/node GOINSECURE GOMOD GOMODCACHE 1/x64/bin/node (http block)
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE /usr/bin/git GOINSECURE GOMOD GOMODCACHE git -c ithub-script/git/ref/tags/v9 log bject.type] | @tsv -n1 --format=format:rev-parse --end-of-options--show-toplevel git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env runs/20260418-013953-32432/test-1475791970 GO111MODULE ache/node/24.14.1/x64/bin/node l GOMOD GOMODCACHE /usr/lib/git-core/git (http block)
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE /usr/bin/git l GOMOD GOMODCACHE git stat�� runs/20260418-013953-32432/test-3070009781/.github/workflows GOPROXY /bin/sh l GOWORK 64/bin/go /bin/sh (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env runs/20260418-013953-32432/test-1475791970 GO111MODULE (http block)
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE /bin/sh GOINSECURE GOMOD GOMODCACHE /bin/sh -c go build -ldflags "-s -w -X main.version=fd1dc63-dirty" -o gh-aw ./cmd/gh-aw GOPROXY /usr/bin/git GOSUMDB GOWORK 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path RFc5/naiXZktQ6MLGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 3352021/b404/impGO111MODULE /hom�� che/go-build/b7/GOINSECURE **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-bool /opt/hostedtoolc-buildtags (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 GOMOD GOMODCACHE go env runs/20260418-013953-32432/test-1965339528/.github/workflows GO111MODULE 8172435/b432/vet.cfg GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /usr/bin/git -json GO111MODULE ache/go/1.25.8/x--show-toplevel git rev-�� 4 -type d -name bin 2>/dev/null | tr '\n' ':')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/git go /usr/bin/git sRemoteWithRealGcut sRemoteWithRealG-f1 ache/go/1.25.8/x64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env Gitcustom_branchremote.origin.url Gitcustom_branch2724013002/001' 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv /tmp/go-build369GOSUMDB -trimpath 64/bin/go -p main -lang=go1.25 go 1735�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go 7240�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv d/gh-aw-wasm GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env Gitbranch_with_hyphen3046702511/001' Gitbranch_with_hyphen3046702511/001' 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go 7240�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOSUMDB GOWORK 64/bin/go git ls-r�� --symref origin /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD run-script/lib/n-json 3352021/b418/impGO111MODULE /hom�� che/go-build/98/GOINSECURE **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-bool /opt/hostedtoolc-buildtags (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE 3352021/b426/impGO111MODULE /hom�� che/go-build/4b/GOINSECURE **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-bool /opt/hostedtoolc-buildtags (http block)
  • https://api.github.com/repos/owner/repo/contents/file.md
    • Triggering command: /tmp/go-build2608172435/b400/cli.test /tmp/go-build2608172435/b400/cli.test -test.testlogfile=/tmp/go-build2608172435/b400/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE go env 3MHh/LvmlcEoIKo0GOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 3352021/b416/impGO111MODULE (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c "prettier" --cheGOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go git (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI changed the title Harden MCP stdout handling and add compile stdio pollution coverage Harden compile MCP stdout handling and add compile stdio pollution coverage Apr 18, 2026
@pelikhan pelikhan marked this pull request as ready for review April 18, 2026 01:57
Copilot AI review requested due to automatic review settings April 18, 2026 01:57
Copilot AI reviewed Apr 18, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds regression coverage to ensure the MCP compile tool’s successful responses are sourced from subprocess stdout only, and that the MCP server’s stdio stdout remains JSON-RPC-only during compile calls.

Changes:

  • Added a unit test asserting compile responses do not include subprocess stderr/log noise on success.
  • Added an integration test that drives the mcp-server over stdio and verifies stdout traffic is valid JSON-RPC and compile result text is clean JSON.
Show a summary per file
File Description
pkg/cli/mcp_tools_output_streams_test.go New unit test to prevent stderr/log pollution in successful compile tool output
pkg/cli/mcp_server_stdio_integration_test.go New integration test validating MCP stdio stdout remains JSON-RPC-only while calling compile

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 2/2 changed files
  • Comments generated: 2

Comment thread pkg/cli/mcp_tools_output_streams_test.go
Comment on lines +16 to +20
func mockCommandWithOutput(stdoutText, stderrText string) execCmdFunc {
return func(ctx context.Context, args ...string) *exec.Cmd {
script := fmt.Sprintf("printf %q; printf %q 1>&2", stdoutText, stderrText)
return exec.CommandContext(ctx, "sh", "-c", script)
}
Comment thread pkg/cli/mcp_server_stdio_integration_test.go
Comment on lines +145 to +147
}
defer func() {
_ = stdin.Close()
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 18, 2026

🧪 Test Quality Sentinel Report

Test Quality Score: 100/100

Excellent test quality

Metric Value
New/modified tests analyzed 2
✅ Design tests (behavioral contracts) 2 (100%)
⚠️ Implementation tests (low value) 0 (0%)
Tests with error/edge cases 2 (100%)
Duplicate test clusters 0
Test inflation detected No
🚨 Coding-guideline violations 0

Test Classification Details

Test File Classification Issues Detected
TestMCPServer_CompileAllWorkflows_StdoutOnlyJSONRPC pkg/cli/mcp_server_stdio_integration_test.go ✅ Design None
TestCompileTool_UsesOnlyStdoutOnSuccess pkg/cli/mcp_tools_output_streams_test.go ✅ Design None

Per-Test Analysis

📋 Detailed test analysis

TestMCPServer_CompileAllWorkflows_StdoutOnlyJSONRPC (integration)

Build tag: //go:build integration
Classification: Design test (behavioral contract)
What invariant does it enforce? Enforces that the MCP server's stdout channel is exclusively valid JSON-RPC 2.0 messages — no log lines, diagnostics, or non-JSON text may appear on stdout. This is a critical protocol contract: any stdout pollution would break MCP clients.
What would break if deleted? A regression where compile or any other tool writes non-JSON-RPC output to stdout could silently break every MCP client without being detected.
Error/edge cases: Yes — waitForJSONRPCResponse calls t.Fatalf on any non-JSON line or any non-JSON-RPC message; the compile result text is validated as parseable JSON to detect log pollution.
Assertion messages: All t.Fatalf calls include descriptive format strings ✅
Mock usage: None — spins up the real binary via exec.CommandContext

TestCompileTool_UsesOnlyStdoutOnSuccess (unit)

Build tag: //go:build !integration
Classification: Design test (behavioral contract)
What invariant does it enforce? Enforces that registerCompileTool's handler returns only the subprocess's stdout as its MCP result and never leaks stderr content into the tool response.
What would break if deleted? A regression where registerCompileTool accidentally included stderr output in the MCP response would go undetected, corrupting JSON payloads returned to MCP clients.
Error/edge cases: Yes — the mock intentionally produces both stdout and stderr; the test asserts NotContains(stderr_noise) as the critical negative-case check.
Assertion messages: All require.* and assert.* calls include descriptive messages ✅
Mock usage: mockCommandWithOutput creates a real exec.Cmd via sh -c — this is legitimate external-I/O mocking, not business-logic mocking ✅

Language Support

Tests analyzed:

  • 🐹 Go (*_test.go): 2 tests — 1 unit (//go:build !integration), 1 integration (//go:build integration)
  • 🟨 JavaScript (*.test.cjs, *.test.js): 0 tests

Verdict

Check passed. 0% of new tests are implementation tests (threshold: 30%). Both tests directly enforce observable behavioral contracts — that the MCP stdio protocol is not polluted by diagnostic output — at both the unit and end-to-end integration levels. No guideline violations detected.

📖 Understanding Test Classifications

Design Tests (High Value) verify what the system does:

  • Assert on observable outputs, return values, or state changes
  • Cover error paths and boundary conditions
  • Would catch a behavioral regression if deleted
  • Remain valid even after internal refactoring

Implementation Tests (Low Value) verify how the system does it:

  • Assert on internal function calls (mocking internals)
  • Only test the happy path with typical inputs
  • Break during legitimate refactoring even when behavior is correct
  • Give false assurance: they pass even when the system is wrong

Goal: Shift toward tests that describe the system's behavioral contract — the promises it makes to its users and collaborators.

References:

🧪 Test quality analysis by Test Quality Sentinel · ● 923K ·

github-actions[bot]
github-actions bot approved these changes Apr 18, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Test Quality Sentinel: 100/100. Test quality is excellent — 0% of new tests are implementation tests (threshold: 30%). Both tests enforce observable behavioral contracts with no guideline violations.

@github-actions @claude
docs(adr): add draft ADR-26968 for MCP compile tool stdout-only seman…
0332f9f 
…tics

Generated by Design Decision Gate to document the architectural decision
that the compile MCP tool must source success responses exclusively from
subprocess stdout, with stderr reserved for diagnostics.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 18, 2026

Commit pushed: 1b4adf3

🏗️ ADR gate enforced by Design Decision Gate 🏗️

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 18, 2026

🏗️ Design Decision Gate — ADR Required

This PR makes significant changes to core business logic (229 new lines in pkg/cli/) but does not have a linked Architecture Decision Record (ADR).

AI has analyzed the PR diff and generated a draft ADR to help you get started:

📄 Draft ADR: docs/adr/26968-mcp-compile-tool-stdout-only-success-response.md

The draft captures the key design decision embedded in this PR: the compile MCP tool sources its success response exclusively from subprocess stdout, with stderr reserved for diagnostics that must not appear in the JSON-RPC channel. It also documents the binary-level integration test strategy introduced to enforce this invariant.

What to do next

  1. Review the draft ADR committed to your branch — it was generated from the PR diff
  2. Complete the missing sections — add context the AI couldn't infer, refine the decision rationale, and list real alternatives you considered
  3. Commit the finalized ADR to docs/adr/ on your branch
  4. Reference the ADR in this PR body by adding a line such as:

    ADR: ADR-26968: MCP Compile Tool Uses Subprocess Stdout Exclusively for Success Responses

Once an ADR is linked in the PR body, this gate will re-run and verify the implementation matches the decision.

Why ADRs Matter

"AI made me procrastinate on key design decisions. Because refactoring was cheap, I could always say 'I'll deal with this later.' Deferring decisions corroded my ability to think clearly."

ADRs create a searchable, permanent record of why the codebase looks the way it does. Future contributors (and your future self) will thank you.

📋 Michael Nygard ADR Format Reference

An ADR must contain these four sections to be considered complete:

  • Context — What is the problem? What forces are at play?
  • Decision — What did you decide? Why?
  • Alternatives Considered — What else could have been done?
  • Consequences — What are the trade-offs (positive and negative)?

All ADRs are stored in docs/adr/ as Markdown files numbered by PR number (e.g., 26968-mcp-compile-tool-stdout-only-success-response.md for PR #26968).

🔒 This PR cannot merge until an ADR is linked in the PR body.

References: §24594338493

🏗️ ADR gate enforced by Design Decision Gate 🏗️ · ● 163.3K ·

@pelikhan
Copy link
Copy Markdown
Collaborator

pelikhan commented Apr 18, 2026

@copilot review all comments

@pelikhan
test: address review feedback on MCP stdio tests
4af17a2 
Agent-Logs-Url: https://github.com/github/gh-aw/sessions/e4f0478b-70ee-4aea-a26a-440476876a8b

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented Apr 18, 2026
edited
Loading

@copilot review all comments

Done in 4af17a2 — I addressed the open review items: made the shell-based stdout/stderr test helper POSIX-safe (no %q) and fixed integration test cleanup order to cancel before wait. No UI changes in this PR.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GO111MODULE .cfg git rev-�� --show-toplevel go /usr/bin/git 727220533 GO111MODULE flow.lock.yml git (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw sh ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel go /usr/bin/git /ref/tags/v9 GO111MODULE sv git (http block)
  • https://api.github.com/orgs/test-owner/actions/secrets
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c npx prettier --cGOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go node (http block)
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv /tmp/shared-actions-test419301284 show /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /usr/bin/git echo &#34;Running wagit GO111MODULE 64/bin/go git conf�� --get remote.origin.url /usr/bin/git ck &#39;scripts/**/*git GO111MODULE layTitle git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv -bool -buildtags /opt/hostedtoolcache/node/24.14.1/x64/bin/node -errorsas -ifaceassert -nilfunc node /tmp�� /tmp/TestHashConsistency_GoAndJavaScript367014812/001/test-frontmatter-with-arraremote.origin.urgit -tests /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv /tmp/gh-aw-test-runs/20260418-022252-50738/test-3602893757/.github/workflows l /usr/bin/git on&#39; --ignore-patgit GO111MODULE 64/bin/go git -C ErrorFormatting3091611445/001 remote e/git -json GO111MODULE 64/bin/go e/git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env ub/workflows GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --git-dir go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE ache/go/1.25.8/x--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /usr/bin/git runs/20260418-02git GO111MODULE 3490172/b453/vet--show-toplevel git rev-�� --show-toplevel go /usr/bin/git runs/20260418-02git GO111MODULE /tmp/go-build301--show-toplevel git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6.0.2
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6.0.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git /tmp/gh-aw-test-git remote /usr/bin/git git rev-�� --show-toplevel git /usr/bin/infocmp :latest remote.origin.ur--norc /opt/hostedtoolc--noprofile infocmp (http block)
  • https://api.github.com/repos/actions/download-artifact/git/ref/tags/v8.0.1
    • Triggering command: /usr/bin/gh gh api /repos/actions/download-artifact/git/ref/tags/v8.0.1 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git /tmp/gh-aw-test-git rev-parse /usr/bin/git git rev-�� tags/v5 git sv ly&#34;; \ else \ echo &#34;��� Warning: .github/aw/actions-lock.json does not exist yet&#34;; \ fi l ache/node/24.14.1 /usr/bin/git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /usr/bin/git -json GO111MODULE 1/x64/bin/node git rev-�� --show-toplevel go /usr/bin/git SameOutput324080git GO111MODULE ache/go/1.25.8/x--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv ACCEPT sh /usr/bin/git &#34;prettier&#34; --chemkdir GOPROXY ache/go/1.25.8/x/tmp/gh-aw git rev-�� --show-toplevel /opt/hostedtoolctest@example.com /usr/bin/git 2252-50738/test-iptables sh ache/go/1.25.8/x-t git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v9
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv prettier --check 64/bin/go **/*.ts **/*.json --ignore-path go list�� -mod=readonly -e 64/bin/go tierignore --oneline 64/bin/go go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv che/go-build/d6/GOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go /opt/hostedtoolcGOPROXY -o /tmp/go-build394GOSUMDB -trimpath 64/bin/go -p main -lang=go1.25 go (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv runs/20260418-021102-32253/test-983205457 remote.origin.url /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel 64/pkg/tool/linuremote /usr/bin/git ub/workflows GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -pzhluwPR GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /opt/hostedtoolcache/node/24.14.1/x64/bin/node b/workflows GO111MODULE 64/bin/go /opt/hostedtoolcache/node/24.14.1/x64/bin/node /tmp�� inputs.version go /opt/hostedtoolcache/node/24.14.1/x64/bin/node -json GO111MODULE 64/bin/go /opt/hostedtoolcache/node/24.14.1/x64/bin/node (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git ub/workflows GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git WkDDvRp6b GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv &#39;/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitcustom_branch2281611276/001&#39; &#39;/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitcustom_branch2281611276/001&#39; /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env licyMinIntegrityOnlymin-integrity_with_explicit_repo1288602958/0remote.origin.url GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go l GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv if [ -f .github/aw/actions-lock.json ]; then \ cp .github/aw/actions-lock.json remote.origin.urgh GOPROXY /usr/lib/git-core/git GOSUMDB GOWORK 64/bin/go /usr/lib/git-core/git --gi�� for-each-ref --format=%(objectname) ache/node/24.14.1/x64/bin/node -json GO111MODULE nch,headSha,disp--show-toplevel git (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v7.0.1
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v7.0.1 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git nostic noise shogit config /usr/bin/git git rev-�� --show-toplevel git /usr/bin/gh --show-toplevel 5551659/b426/imp--norc /usr/bin/git gh (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /opt/hostedtoolcache/node/24.14.1/x64/bin/node -json GO111MODULE 64/bin/go /opt/hostedtoolcache/node/24.14.1/x64/bin/node /tmp�� env.NODE_VERSION go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git ub/workflows GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git i6ujluZn4 GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 3490172/b001/vet.cfg GOINSECURE GOMOD GOMODCACHE go env licyBlockedUsersApprovalLabelsCompiledOutput2250873847/001 GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/cgo l GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/cgo (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv GOPATH GOPROXY /usr/lib/git-core/git GOSUMDB GOWORK 64/bin/go /usr/lib/git-core/git rev-�� 2252-50738/test-2792603368 --stdin /usr/bin/git --exclude-hiddengit --all --quiet git (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv faultBranchFromLsRemoteWithRealGitbranch_with_hyphen3068247625/0remote.origin.url faultBranchFromLsRemoteWithRealGitbranch_with_hyphen3068247625/002/work /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/asm GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/asm (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv --end-of-options l /usr/lib/git-core/git GOSUMDB GOWORK 64/bin/go /usr/lib/git-core/git pack�� --all-progress-implied (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name /opt/hostedtoolcgit-receive-pack &#39;/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitmain_branch2rev-parse /usr/bin/infocmp /tmp/go-build394git -trimpath 64/bin/go infocmp -1 xterm-color go /usr/bin/git Gitcustom_branchgit Gitcustom_branchrev-parse 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env licyBlockedUsersCommaSeparatedCompiledOutput108139820/001 GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go sions.md GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name git /opt/hostedtoolcache/node/24.14.1/x64/bin/node log.showsignaturgit log 64/bin/go node /tmp�� /home/REDACTED/work/gh-aw/gh-aw/.github/workflows/approach-validator.md go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 /opt/hostedtoolc/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitmain_branch2713020387/002/workrev-parse ow-with-reaction.lock.yml /tmp/go-build394git -trimpath 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env runs/20260418-022252-50738/test-2913015945/.github/workflows GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go l GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name git /usr/bin/git --format=%(refnagit --merged=0332f9frev-parse 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 /opt/hostedtoolc--initial-branch=main /usr/bin/git /tmp/go-build394git -trimpath 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name =master /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env runs/20260418-022252-50738/test-2913015945/.github/workflows GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name /opt/hostedtoolc-q /usr/bin/git /tmp/go-build394git -trimpath 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -frontmatter.md GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 go ache/node/24.14.1/x64/bin/node -json GO111MODULE 64/bin/go ache/node/24.14.1/x64/bin/node -248�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE cho &#34;��� Warning: .github/aw/actions-lock.json does not exist yet&#34;; \ fi env licyBlockedUsersCommaSeparatedCompiledOutput108139820/001 GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/asm GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linu--auto (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name /opt/hostedtoolcGOPROXY ache/node/24.14.1/x64/bin/node /tmp/go-build394git -trimpath 64/bin/go ache/node/24.14.1/x64/bin/node -288�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git Gitbranch_with_hgit Gitbranch_with_hrev-parse 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env licyBlockedUsersCommaSeparatedCompiledOutput108139820/001 GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile l GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/xremote.origin.url (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name /opt/hostedtoolc--revs /usr/bin/git /tmp/go-build394git -trimpath 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel l /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name /opt/hostedtoolc--stdin At,event,headBranch,headSha,displayTitle /tmp/go-build394git -trimpath 64/bin/go git rev-�� --show-toplevel go /usr/bin/docker -json GO111MODULE 64/bin/go docker (http block)
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name GO111MODULE 1886719/b001/vet.cfg GOINSECURE GOMOD GOMODCACHE go env licyTrustedUsersCompiledOutput1038896297/001 GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/cgo l GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.8/xremote.origin.url (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE npx pret�� --check **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-bool node (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 unsafe 64/bin/go go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 **/*.cjs 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel go /usr/bin/git 1686375284 GO111MODULE ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE ache/go/1.25.8/x/tmp/gh-aw/aw-feature-branch.patch git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv r/repo.git go /usr/bin/git 4256773317 GO111MODULE ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel sh /usr/bin/git &#34;prettier&#34; --che/usr/lib/git-core/git GOPROXY ache/go/1.25.8/xrun git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv &#34;prettier&#34; --cheGOSUMDB /bin/sh 64/bin/go tierignore f() { test &#34;$1&#34; /tmp/TestParseDefaultBranchFromLsRemoteWithRealGitbranch_with_hyphen�� 64/bin/go go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE bin/node GOINSECURE GOMOD GOMODCACHE go tion�� 49089913/001 49089913/002/work 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 86_64/sh GOINSECURE GOMOD GOMODCACHE go env 33f7e8cf3e76ec1097335b7ccfaa2b19GOINSECURE GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env matter-with-arraremote.origin.url GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env ub/workflows GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env ty-test.md GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE tions/setup/node_modules/.bin/noGOMODCACHE GOINSECURE GOMOD GOMODCACHE go tion�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv &#34;prettier&#34; --cheGOSUMDB bash 64/bin/go -d (http block)
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv -json GO111MODULE tions/setup/js/node_modules/.binGOMODCACHE GOINSECURE GOMOD GOMODCACHE go tion�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion -json GO111MODULE 64/bin/go git conf�� user.email test@example.com /usr/bin/git matter-with-nest/usr/bin/git GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE GOMOD GOMODCACHE git cat-�� k/gh-aw/gh-aw blob /usr/lib/git-core/git GOSUMDB GOWORK 64/bin/go /usr/lib/git-core/git (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE node /opt�� prettier --check 64/bin/go **/*.ts **/*.json --ignore-path go (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/owner/repo/contents/file.md
    • Triggering command: /tmp/go-build3013490172/b400/cli.test /tmp/go-build3013490172/b400/cli.test -test.testlogfile=/tmp/go-build3013490172/b400/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh (http block)
    • Triggering command: /tmp/go-build2881886719/b400/cli.test /tmp/go-build2881886719/b400/cli.test -test.testlogfile=/tmp/go-build2881886719/b400/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE go env 2be869d7c2d885beGOINSECURE GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c npx prettier --cGOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go node (http block)
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)

If you need me to access, download, or install something from one of these locations, you can either:

@pelikhan pelikhan merged commit bd8b264 into main Apr 18, 2026
@pelikhan pelikhan deleted the copilot/add-mcp-server-integration-test branch April 18, 2026 02:39
@github-actions github-actions bot mentioned this pull request Apr 18, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@github-actions github-actions[bot] github-actions[bot] approved these changes

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pelikhan