Skip to content

Use AWF audit JSONL as source for effective token failure parsing#31104

Merged
pelikhan merged 9 commits into
mainfrom
copilot/update-max-effective-tokens-parsing
May 9, 2026
Merged

Use AWF audit JSONL as source for effective token failure parsing#31104
pelikhan merged 9 commits into
mainfrom
copilot/update-max-effective-tokens-parsing

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented May 8, 2026
edited
Loading

Bug Fix

What was the bug?

Failure handling relied on raw/env outputs for effective-token failure context. While max-effective-tokens was being moved to AWF firewall audit records, effective_tokens and ET rate-limit error signaling could still drift from the canonical runtime values in audit JSONL.

How did you fix it?

  • Audit log as source of truth

    • Added parser logic to extract max effective token budget from AWF firewall audit JSONL entries.
    • Supports both schema field shapes: max_effective_tokens and maxEffectiveTokens (including nested objects).
    • Added parsing for effective-token error metadata from audit JSONL, including:
      • effective_tokens / effectiveTokens
      • effective_tokens_rate_limit_error / effectiveTokensRateLimitError
      • text-based ET rate-limit indicators in common error fields.

  • Effective-token logic extracted to dedicated module

    • Moved effective-token parsing/computation into actions/setup/js/effective_tokens_context.cjs.
    • Updated handle_agent_failure.cjs to consume the new module while preserving behavior and existing fallbacks.

  • Audit file resolution and compatibility

    • Added audit path resolution that prefers sandbox/firewall/audit/log.jsonl.
    • Preserves backward compatibility by falling back to sandbox/firewall/audit/audit.jsonl.

  • Failure context wiring

    • Updated failure-path budget resolution to use parsed audit value first, then fall back to GH_AW_MAX_EFFECTIVE_TOKENS when audit data is unavailable.
    • Updated effective-token failure context to prefer parsed audit effective_tokens and ET rate-limit signals, with existing env vars as fallback.
    • Reused the same audit path resolver in auth-error parsing to keep behavior consistent.

  • Coverage updates

    • Added focused unit tests for missing-file behavior, nested/camelCase extraction, log.jsonl preference over audit.jsonl, and effective-token error info parsing from JSONL.

  • Branch maintenance from feedback

    • Merged latest main into this PR branch and recompiled workflows to refresh generated lock artifacts while keeping the original fix unchanged.

Testing

  • Ran targeted JS tests for failure handling (handle_agent_failure.test.cjs).
  • Ran targeted Go tests for touched packages (./pkg/cli/..., ./pkg/workflow/..., ./pkg/parser/...).

Example

const parsedEffectiveTokensErrorInfo = parseEffectiveTokensErrorInfoFromAuditLog();
const effectiveTokens =
  parsedEffectiveTokensErrorInfo.effectiveTokens ||
  process.env.GH_AW_EFFECTIVE_TOKENS ||
  "";

const maxEffectiveTokens =
  parseMaxEffectiveTokensFromAuditLog() ||
  process.env.GH_AW_MAX_EFFECTIVE_TOKENS ||
  "";

const effectiveTokensRateLimitError =
  parsedEffectiveTokensErrorInfo.rateLimitError ||
  process.env.GH_AW_EFFECTIVE_TOKENS_RATE_LIMIT_ERROR === "true";

Copilot AI and others added 2 commits May 8, 2026 23:56
@pelikhan
Plan max effective tokens parsing update
3aed2aa 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Parse max effective tokens from firewall audit log
62ff1b7 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title Parse max effective tokens from AWF audit log JSONL Use AWF audit JSONL as source for max effective tokens parsing May 8, 2026
Copilot AI requested a review from pelikhan May 8, 2026 23:58
@pelikhan pelikhan marked this pull request as ready for review May 9, 2026 00:03
Copilot AI review requested due to automatic review settings May 9, 2026 00:03
Copilot AI reviewed May 9, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes max-effective-tokens reporting in failure handling by using AWF firewall audit JSONL records as the canonical source of the max effective token budget (with env var fallback), and updates compiled workflows to propagate effective-token rate-limit context.

Changes:

  • Added audit-log parsing in handle_agent_failure.cjs to extract max effective tokens (supports max_effective_tokens and maxEffectiveTokens, including nested shapes) and prefer sandbox/firewall/audit/log.jsonl over audit.jsonl.
  • Wired failure-path budget resolution to prefer the parsed audit value, and reused the same audit-log path resolver for firewall auth error parsing.
  • Updated workflow lock files to surface effective_tokens_rate_limit_error outputs and configure/export max effective tokens consistently; added unit tests for audit parsing and path preference.
Show a summary per file
File Description
actions/setup/js/handle_agent_failure.cjs Adds audit-log path resolution + max-effective-tokens parsing and uses it in failure reporting.
actions/setup/js/handle_agent_failure.test.cjs Adds unit coverage for audit parsing (missing file, nested/camelCase extraction, log.jsonl preference).
.github/workflows/video-analyzer.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/test-workflow.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/test-project-url-default.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/test-dispatcher.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/smoke-opencode.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/smoke-gemini.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/smoke-crush.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/smoke-ci.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/release.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/poem-bot.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/jsweep.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/issue-triage-agent.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/hippo-embed.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/gpclean.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/firewall.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/example-permissions-warning.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/dev.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/daily-malicious-code-scan.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/copilot-token-optimizer.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/codex-github-remote-mcp-test.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/code-simplifier.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/changeset.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/brave.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/bot-detection.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/ai-moderator.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.
.github/workflows/ace-editor.lock.yml Propagates effective token rate-limit output and configures maxEffectiveTokens / GH_AW_MAX_EFFECTIVE_TOKENS.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 70/219 changed files
  • Comments generated: 1

Comment thread actions/setup/js/handle_agent_failure.cjs
Comment on lines 1075 to 1079
function parseFirewallAuthErrors(auditJsonlPath) {
try {
if (!fs.existsSync(auditJsonlPath)) {
const resolvedPath = resolveFirewallAuditLogPath(auditJsonlPath);
if (!fs.existsSync(resolvedPath)) {
return [];
pelikhan
pelikhan reviewed May 9, 2026
View reviewed changes
Comment thread .github/workflows/ci-coach.lock.yml
with:
script: |
try {
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
Copy link
Copy Markdown
Collaborator

@pelikhan pelikhan May 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot move to .cjs file in actions/setup/js + parse the effective token error info from JSONL as well

Copy link
Copy Markdown
Contributor Author

Copilot AI May 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implemented in 515fd17. Effective-token error info is now parsed directly in actions/setup/js/handle_agent_failure.cjs from AWF firewall audit JSONL (including nested snake_case/camelCase fields and text-based ET rate-limit signals), with existing env vars kept as fallback. Added targeted tests in handle_agent_failure.test.cjs.

Copilot AI and others added 4 commits May 9, 2026 00:27
@pelikhan
Parse effective token error info from firewall audit JSONL
7ea7701 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Refine audit parser constants and precedence notes
a6da3e2 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Document effective-token rate-limit pattern matching
ad44ee8 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Harden effective-token rate-limit signal parsing
515fd17 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title Use AWF audit JSONL as source for max effective tokens parsing Use AWF audit JSONL as source for effective token failure parsing May 9, 2026
Copilot AI requested a review from pelikhan May 9, 2026 00:31
@pelikhan
Copy link
Copy Markdown
Collaborator

pelikhan commented May 9, 2026

@copilot move effective token computation in own JavaScript file

@pelikhan
Copy link
Copy Markdown
Collaborator

pelikhan commented May 9, 2026

@copilot merge main and recompile

Copilot AI and others added 2 commits May 9, 2026 00:51
@pelikhan
Extract effective token failure computation into dedicated module
09b1a7e 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Extract effective token parsing into dedicated helper module
5205148 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented May 9, 2026

@copilot move effective token computation in own JavaScript file

Done in 5205148. Effective-token parsing and failure-state computation are now moved into actions/setup/js/effective_tokens_context.cjs, and handle_agent_failure.cjs consumes that module.

@pelikhan
Copy link
Copy Markdown
Collaborator

pelikhan commented May 9, 2026

@copilot merge main and recompile

@pelikhan
Merge origin/main and recompile workflows
3643611 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented May 9, 2026

@copilot merge main and recompile

Done in 3643611. I merged main into this branch and ran make recompile, then validated with targeted JS and Go tests.

@pelikhan pelikhan merged commit b527231 into main May 9, 2026
1 check failed
@pelikhan pelikhan deleted the copilot/update-max-effective-tokens-parsing branch May 9, 2026 01:09
Copilot stopped work on behalf of pelikhan due to an error May 9, 2026 01:09
The session was cancelled by the user.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pelikhan