fix: insert -- end-of-options separator before prompt to prevent ENAMETOOLONG#32114
Conversation
|
Hey A few things to address before this is ready:
When you're ready to implement, here's a prompt you can assign to your coding agent:
|
…OLONG Claude Code 2.x treats any non-flag positional argument following --mcp-config as an additional config file path (variadic flag). When a long prompt (>4096 bytes) is appended after --mcp-config <path> without a separator, Claude tries to open `CWD/<prompt-text>` as a file, which exceeds PATH_MAX and fails with ENAMETOOLONG. Fix: insert -- before the prompt content in resolveClaudePromptFileArgs so that Claude's arg parser stops treating subsequent positional args as --mcp-config values. The -- separator is a POSIX end-of-options marker supported by all standard CLI parsers. This was root-caused via the agent-stdio.log artifact from CI run 25859784223: [ERROR] MCP config read error for /home/runner/work/gh-aw/gh-aw/<system> (scope=dynamic): Error: ENAMETOOLONG: name too long, open The GitHub MCP Structural Analysis workflow's prompt is 31KB, well above PATH_MAX, causing every fresh run to fail immediately (duration=0s) while --continue retries (which omit the prompt) succeeded. Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
@copilot merge main and recompile |
…-mcp-structural-analysis Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
@copilot upgrade Claude code to latest release and recompile |
Merged main and recompiled. All 301 JS test files pass (8674 tests). The recompile produced no workflow changes. |
… lock files Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
✅ Smoke OTEL Backends completed successfully! |
|
🚀 Smoke Gemini MISSION COMPLETE! Gemini has spoken. ✨ Caution Security scanning requires review for Smoke Gemini DetailsThe threat detection results could not be parsed. The workflow output should be reviewed before merging. Review the workflow run logs for details. |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
💫 TO BE CONTINUED... Smoke Claude failed to deliver outputs! Our hero faces unexpected challenges... |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
🚀 Smoke Pi MISSION COMPLETE! Pi delivered. 🥧 |
|
✅ Smoke OTEL — OTEL telemetry verified |
|
Commit pushed:
|
Agent Container Tool Check
Result: 12/12 tools available ✅ Overall Status: PASS
|
|
Caution Security scanning requires review for Smoke Gemini DetailsThe threat detection results could not be parsed. The workflow output should be reviewed before merging. Review the workflow run logs for details. Smoke Test Results
Overall Status: FAIL Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "localhost"See Network Configuration for more information.
|
There was a problem hiding this comment.
Pull request overview
This pull request addresses a Claude Code CLI argument-parsing regression that caused large prompt content to be misinterpreted as an extra --mcp-config file path (triggering ENAMETOOLONG). The fix ensures the prompt is always separated from options by inserting the POSIX end-of-options marker -- before the prompt argument.
Changes:
- Update
resolveClaudePromptFileArgsto append--before inline prompt content and adjust log-redaction slicing accordingly. - Update/add unit tests to validate the new
["--", <prompt>]behavior and include anENAMETOOLONGregression case. - Bump pinned Claude Code CLI version to
2.1.141and refresh various workflow lockfiles / golden test fixtures accordingly.
Show a summary per file
| File | Description |
|---|---|
actions/setup/js/claude_harness.cjs |
Inserts -- before the resolved prompt content; updates log-safe arg redaction. |
actions/setup/js/claude_harness.test.cjs |
Updates existing tests and adds regression coverage for --mcp-config + long prompt. |
pkg/constants/version_constants.go |
Bumps default Claude Code CLI version to 2.1.141. |
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden |
Updates compiled fixture output (includes DOCKER_HOST conditional change). |
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/playwright-cli-mode.golden |
Updates compiled fixture output (includes DOCKER_HOST conditional change). |
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden |
Updates compiled fixture output (includes DOCKER_HOST conditional change). |
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden |
Updates compiled fixture output (includes DOCKER_HOST conditional change). |
.github/workflows/unbloat-docs.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/typist.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/test-create-pr-error-handling.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/step-name-alignment.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/static-analysis-report.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/spec-enforcer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/smoke-claude.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/smoke-agent-scoped-approved.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/smoke-agent-public-none.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/smoke-agent-public-approved.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/smoke-agent-all-none.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/smoke-agent-all-merged.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/sergo.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/semantic-function-refactor.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/scout.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/schema-consistency-checker.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/safe-output-health.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/prompt-clustering-analysis.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/lockfile-stats.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/instructions-janitor.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/hourly-ci-cleaner.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/go-pattern-detector.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/go-logger.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/go-fan.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/github-mcp-tools-report.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/github-mcp-structural-analysis.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/example-workflow-analyzer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/developer-docs-consolidator.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/design-decision-gate.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/deep-report.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-token-consumption-report.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-team-evolution-insights.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-subagent-optimizer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-security-red-team.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-safe-outputs-conformance.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-safe-output-optimizer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-rendering-scripts-verifier.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-otel-instrumentation-advisor.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-multi-device-docs-tester.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-grafana-otel-instrumentation-advisor.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-function-namer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-doc-updater.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-doc-healer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-choice-test.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-caveman-optimizer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-aw-cross-repo-compile-check.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-astrostylelite-markdown-spellcheck.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/daily-agentrx-trace-optimizer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/copilot-agent-analysis.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/commit-changes-analyzer.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/cloclo.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/cli-version-checker.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/claude-code-user-docs-review.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/ci-doctor.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/blog-auditor.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/aw-failure-investigator.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/audit-workflows.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/approach-validator.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
.github/workflows/api-consumption-report.lock.yml |
Updates pinned Claude Code version/env metadata to 2.1.141. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 69/69 changed files
- Comments generated: 2
| // Safe arg list for logging: when --prompt-file was present, the last two elements of | ||
| // initialArgs are the -- end-of-options marker and the resolved prompt content. | ||
| // Strip both and replace with a placeholder so task instructions are never written | ||
| // to stderr or captured in agent logs. | ||
| const safeInitialArgs = hadPromptFile && initialArgs.length > 0 ? [...initialArgs.slice(0, -2), "<prompt omitted>"] : initialArgs; | ||
| const safeFreshRetryArgs = hadPromptFile && freshRetryArgs.length > 0 ? [...freshRetryArgs.slice(0, -2), "<prompt omitted>"] : freshRetryArgs; |
| // DefaultClaudeCodeVersion is the default version of the Claude Code CLI. | ||
| const DefaultClaudeCodeVersion Version = "2.1.133" | ||
| const DefaultClaudeCodeVersion Version = "2.1.141" | ||
|
|
|
Smoke Codex 25863982671: FAIL Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
|
🤖 The smoke test agent was here! Beep boop. Just passing through to verify all systems are operational. Nothing to see here... except that everything is working perfectly! 🎉 Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
|
🤖 Smoke test PASS for run §25863982738
Overall: ✅ PASS — PR: fix: insert -- end-of-options separator before prompt to prevent ENAMETOOLONG Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Smoke test review: This PR bumps DefaultClaudeCodeVersion from 2.1.133 to 2.1.141 and regenerates golden/lock files. Changes look consistent and mechanical. No logic issues found.
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.com
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
📰 BREAKING: Report filed by Smoke Copilot · ● 14.7M
|
|
||
| // DefaultClaudeCodeVersion is the default version of the Claude Code CLI. | ||
| const DefaultClaudeCodeVersion Version = "2.1.133" | ||
| const DefaultClaudeCodeVersion Version = "2.1.141" |
There was a problem hiding this comment.
✅ Version bump from 2.1.133 to 2.1.141 — straightforward constant update. Make sure the corresponding golden files and lock files are regenerated consistently (which this PR appears to do). Consider adding a comment in the code or changelog to track why version bumps happen, for easier audit trails.
|
📰 DEVELOPING STORY: Smoke Copilot reports failed to deliver outputs. Our correspondents are investigating the incident... |
Smoke Test: Claude — Run 25863982829Core (#1–#12): ✅ all green Overall: PASS Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
There was a problem hiding this comment.
💥 Automated smoke test review - all systems nominal!
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.com
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
💥 [THE END] — Illustrated by Smoke Claude · ● 9.4M
| "gh-aw": patch | ||
| --- | ||
|
|
||
| Fix prompt handling in `resolveClaudePromptFileArgs` by inserting `--` before the prompt content so Claude Code does not misinterpret the prompt as an additional `--mcp-config` path and fail with `ENAMETOOLONG`. |
There was a problem hiding this comment.
Nice and clear changeset entry — the explanation of why -- is needed (preventing ENAMETOOLONG from prompt being parsed as --mcp-config) makes future debugging much easier. 👍
|
|
||
| // DefaultClaudeCodeVersion is the default version of the Claude Code CLI. | ||
| const DefaultClaudeCodeVersion Version = "2.1.133" | ||
| const DefaultClaudeCodeVersion Version = "2.1.141" |
There was a problem hiding this comment.
Version bump to 2.1.141 looks good. Consider adding a brief note in the changeset (or PR description) listing the Claude Code upstream changes pulled in — helps reviewers correlate behavior changes to specific upstream versions.
Bug Fix
What was the bug?
Claude Code 2.1.133 changed
--mcp-configto accept variadic values: any non-flag positional argument following--mcp-config <path>is treated as an additional config file path. The harness appended the prompt text directly after--mcp-config, so Claude constructedCWD/<31KB-prompt>as a file path →ENAMETOOLONG(exceeds Linux PATH_MAX of 4096 bytes). Every fresh run failed instantly (duration=0s);--continueretries (which omit the prompt) succeeded, confirming the prompt adjacency as the cause.From
agent-stdio.log(run 25859784223):How did you fix it?
Insert the POSIX end-of-options marker
--before the prompt content inresolveClaudePromptFileArgs. Claude's arg parser stops consuming--mcp-configvalues at--, and the prompt is unambiguously a positional argument.Also updated
safeInitialArgsto useslice(0, -2)to strip both--and the prompt from log output (wasslice(0, -1)).Testing
["--", <content>]instead of[<content>]<system>(the exact pattern that triggered the failure) verifying--is placed between--mcp-configand the promptChangeset\n\n- Type: patch\n- Description: Fix prompt handling in so Claude Code stops parsing the prompt as an extra path and avoids .
✨ PR Review Safe Output Test - Run 25863982829
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.comSee Network Configuration for more information.