From 737f0c87c83655f4b82c8be3faccf6528df5ed66 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 3 Jun 2026 15:50:37 +0000 Subject: [PATCH 1/4] Initial plan From 84ba84279664328195bfc263a397bd102b541280 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 3 Jun 2026 15:56:39 +0000 Subject: [PATCH 2/4] Plan: diagnose copilot auth-null failure handling Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com> --- .github/workflows/agent-performance-analyzer.lock.yml | 2 +- .github/workflows/architecture-guardian.lock.yml | 2 +- .github/workflows/artifacts-summary.lock.yml | 2 +- .github/workflows/brave.lock.yml | 2 +- .github/workflows/breaking-change-checker.lock.yml | 2 +- .github/workflows/ci-coach.lock.yml | 2 +- .github/workflows/cli-consistency-checker.lock.yml | 2 +- .github/workflows/code-scanning-fixer.lock.yml | 2 +- .github/workflows/copilot-cli-deep-research.lock.yml | 2 +- .github/workflows/copilot-opt.lock.yml | 2 +- .github/workflows/copilot-pr-merged-report.lock.yml | 2 +- .github/workflows/copilot-pr-nlp-analysis.lock.yml | 2 +- .github/workflows/copilot-pr-prompt-analysis.lock.yml | 2 +- .github/workflows/craft.lock.yml | 2 +- .github/workflows/daily-agent-of-the-day-blog-writer.lock.yml | 2 +- .github/workflows/daily-architecture-diagram.lock.yml | 2 +- .github/workflows/daily-assign-issue-to-user.lock.yml | 2 +- .github/workflows/daily-cli-performance.lock.yml | 2 +- .github/workflows/daily-compiler-quality.lock.yml | 2 +- .github/workflows/daily-compiler-threat-spec-optimizer.lock.yml | 2 +- .github/workflows/daily-experiment-report.lock.yml | 2 +- .github/workflows/daily-geo-optimizer.lock.yml | 2 +- .github/workflows/daily-issues-report.lock.yml | 2 +- .github/workflows/daily-malicious-code-scan.lock.yml | 2 +- .github/workflows/daily-mcp-concurrency-analysis.lock.yml | 2 +- .github/workflows/daily-model-inventory.lock.yml | 2 +- .github/workflows/daily-performance-summary.lock.yml | 2 +- .github/workflows/daily-repo-chronicle.lock.yml | 2 +- .github/workflows/daily-safe-output-integrator.lock.yml | 2 +- .github/workflows/daily-secrets-analysis.lock.yml | 2 +- .github/workflows/daily-security-observability.lock.yml | 2 +- .github/workflows/daily-sentrux-report.lock.yml | 2 +- .github/workflows/daily-skill-optimizer.lock.yml | 2 +- .github/workflows/daily-spdd-spec-planner.lock.yml | 2 +- .github/workflows/daily-syntax-error-quality.lock.yml | 2 +- .github/workflows/daily-testify-uber-super-expert.lock.yml | 2 +- .github/workflows/daily-workflow-updater.lock.yml | 2 +- .github/workflows/dead-code-remover.lock.yml | 2 +- .github/workflows/delight.lock.yml | 2 +- .github/workflows/deployment-incident-monitor.lock.yml | 2 +- .github/workflows/dev-hawk.lock.yml | 2 +- .github/workflows/dictation-prompt.lock.yml | 2 +- .github/workflows/discussion-task-miner.lock.yml | 2 +- .github/workflows/docs-noob-tester.lock.yml | 2 +- .github/workflows/draft-pr-cleanup.lock.yml | 2 +- .github/workflows/firewall-escape.lock.yml | 2 +- .github/workflows/firewall.lock.yml | 2 +- .github/workflows/jsweep.lock.yml | 2 +- .github/workflows/layout-spec-maintainer.lock.yml | 2 +- .github/workflows/linter-miner.lock.yml | 2 +- .github/workflows/mcp-inspector.lock.yml | 2 +- .github/workflows/mergefest.lock.yml | 2 +- .github/workflows/metrics-collector.lock.yml | 2 +- .github/workflows/org-health-report.lock.yml | 2 +- .github/workflows/pdf-summary.lock.yml | 2 +- .github/workflows/plan.lock.yml | 2 +- .github/workflows/pr-code-quality-reviewer.lock.yml | 2 +- .github/workflows/pr-nitpick-reviewer.lock.yml | 2 +- .github/workflows/pr-triage-agent.lock.yml | 2 +- .github/workflows/python-data-charts.lock.yml | 2 +- .github/workflows/q.lock.yml | 2 +- .github/workflows/smoke-copilot-sdk.lock.yml | 2 +- 62 files changed, 62 insertions(+), 62 deletions(-) diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml index 3c56b0cbd39..49d0c612032 100644 --- a/.github/workflows/agent-performance-analyzer.lock.yml +++ b/.github/workflows/agent-performance-analyzer.lock.yml @@ -562,7 +562,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/architecture-guardian.lock.yml b/.github/workflows/architecture-guardian.lock.yml index bbb1138d6ab..0615c8541ad 100644 --- a/.github/workflows/architecture-guardian.lock.yml +++ b/.github/workflows/architecture-guardian.lock.yml @@ -480,7 +480,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index 464c467cc10..94fac02a75b 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -460,7 +460,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index fe83efd03f0..23467e58fb3 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -521,7 +521,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml index c40c6c6825d..fd983a18db2 100644 --- a/.github/workflows/breaking-change-checker.lock.yml +++ b/.github/workflows/breaking-change-checker.lock.yml @@ -470,7 +470,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml index b932d35d6df..75103afd1f3 100644 --- a/.github/workflows/ci-coach.lock.yml +++ b/.github/workflows/ci-coach.lock.yml @@ -577,7 +577,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index 9b5aa1013f1..cf5ef20396b 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -458,7 +458,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml index 32c9dd9b321..eab97d35afe 100644 --- a/.github/workflows/code-scanning-fixer.lock.yml +++ b/.github/workflows/code-scanning-fixer.lock.yml @@ -507,7 +507,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/copilot-cli-deep-research.lock.yml b/.github/workflows/copilot-cli-deep-research.lock.yml index 1f95a1e6329..8d2536848c9 100644 --- a/.github/workflows/copilot-cli-deep-research.lock.yml +++ b/.github/workflows/copilot-cli-deep-research.lock.yml @@ -487,7 +487,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/copilot-opt.lock.yml b/.github/workflows/copilot-opt.lock.yml index 9a73567e4a4..8db5738a337 100644 --- a/.github/workflows/copilot-opt.lock.yml +++ b/.github/workflows/copilot-opt.lock.yml @@ -512,7 +512,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index 1e4b7da316c..a2ab9c5ec10 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -452,7 +452,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Download activation artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index 11cd4186275..f11c88283f8 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -558,7 +558,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index 44dd1ad8e71..c34f684e481 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -526,7 +526,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index 61906de90b0..3ea37194161 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -528,7 +528,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-agent-of-the-day-blog-writer.lock.yml b/.github/workflows/daily-agent-of-the-day-blog-writer.lock.yml index 5889643cf78..1adcc95c8b1 100644 --- a/.github/workflows/daily-agent-of-the-day-blog-writer.lock.yml +++ b/.github/workflows/daily-agent-of-the-day-blog-writer.lock.yml @@ -536,7 +536,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/daily-architecture-diagram.lock.yml b/.github/workflows/daily-architecture-diagram.lock.yml index b9bbac2213a..770d823d439 100644 --- a/.github/workflows/daily-architecture-diagram.lock.yml +++ b/.github/workflows/daily-architecture-diagram.lock.yml @@ -526,7 +526,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml index 048ee27701f..6e123b2bb01 100644 --- a/.github/workflows/daily-assign-issue-to-user.lock.yml +++ b/.github/workflows/daily-assign-issue-to-user.lock.yml @@ -455,7 +455,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml index 53f282b7a02..5ed4f7bafb0 100644 --- a/.github/workflows/daily-cli-performance.lock.yml +++ b/.github/workflows/daily-cli-performance.lock.yml @@ -523,7 +523,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml index 59e1d810041..e8f8e4749f7 100644 --- a/.github/workflows/daily-compiler-quality.lock.yml +++ b/.github/workflows/daily-compiler-quality.lock.yml @@ -564,7 +564,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-compiler-threat-spec-optimizer.lock.yml b/.github/workflows/daily-compiler-threat-spec-optimizer.lock.yml index 3515fb97dc9..17111bd6473 100644 --- a/.github/workflows/daily-compiler-threat-spec-optimizer.lock.yml +++ b/.github/workflows/daily-compiler-threat-spec-optimizer.lock.yml @@ -471,7 +471,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-experiment-report.lock.yml b/.github/workflows/daily-experiment-report.lock.yml index 1278eee8393..23bf0038d25 100644 --- a/.github/workflows/daily-experiment-report.lock.yml +++ b/.github/workflows/daily-experiment-report.lock.yml @@ -514,7 +514,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-geo-optimizer.lock.yml b/.github/workflows/daily-geo-optimizer.lock.yml index 2b980fbf702..e2344744a8a 100644 --- a/.github/workflows/daily-geo-optimizer.lock.yml +++ b/.github/workflows/daily-geo-optimizer.lock.yml @@ -477,7 +477,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml index a4248079606..ed7560033cf 100644 --- a/.github/workflows/daily-issues-report.lock.yml +++ b/.github/workflows/daily-issues-report.lock.yml @@ -718,7 +718,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml index f884441e578..d1776fcc966 100644 --- a/.github/workflows/daily-malicious-code-scan.lock.yml +++ b/.github/workflows/daily-malicious-code-scan.lock.yml @@ -461,7 +461,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml index 114122f0b43..5c7336cf90d 100644 --- a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml +++ b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml @@ -521,7 +521,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-model-inventory.lock.yml b/.github/workflows/daily-model-inventory.lock.yml index cdfd753c0d4..48ca19bc64b 100644 --- a/.github/workflows/daily-model-inventory.lock.yml +++ b/.github/workflows/daily-model-inventory.lock.yml @@ -488,7 +488,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Install Playwright CLI run: npm install -g @playwright/cli@0.1.13 diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml index ae5818c330b..cfe583ac86b 100644 --- a/.github/workflows/daily-performance-summary.lock.yml +++ b/.github/workflows/daily-performance-summary.lock.yml @@ -516,7 +516,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index e4a3a0ea8f4..e88f34dd3d1 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -509,7 +509,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-safe-output-integrator.lock.yml b/.github/workflows/daily-safe-output-integrator.lock.yml index 645eba48cd4..4811d2f19a8 100644 --- a/.github/workflows/daily-safe-output-integrator.lock.yml +++ b/.github/workflows/daily-safe-output-integrator.lock.yml @@ -462,7 +462,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml index ffb8e5cf1b0..a826c382ce9 100644 --- a/.github/workflows/daily-secrets-analysis.lock.yml +++ b/.github/workflows/daily-secrets-analysis.lock.yml @@ -460,7 +460,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-security-observability.lock.yml b/.github/workflows/daily-security-observability.lock.yml index 5087f7fd158..de3968eb380 100644 --- a/.github/workflows/daily-security-observability.lock.yml +++ b/.github/workflows/daily-security-observability.lock.yml @@ -587,7 +587,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-sentrux-report.lock.yml b/.github/workflows/daily-sentrux-report.lock.yml index c5f3645e1f4..56619b26352 100644 --- a/.github/workflows/daily-sentrux-report.lock.yml +++ b/.github/workflows/daily-sentrux-report.lock.yml @@ -495,7 +495,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-skill-optimizer.lock.yml b/.github/workflows/daily-skill-optimizer.lock.yml index 33067da92f3..14dbb045cf9 100644 --- a/.github/workflows/daily-skill-optimizer.lock.yml +++ b/.github/workflows/daily-skill-optimizer.lock.yml @@ -467,7 +467,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-spdd-spec-planner.lock.yml b/.github/workflows/daily-spdd-spec-planner.lock.yml index 1bc444832ba..d230594b6ff 100644 --- a/.github/workflows/daily-spdd-spec-planner.lock.yml +++ b/.github/workflows/daily-spdd-spec-planner.lock.yml @@ -488,7 +488,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml index f25b336c86a..b3fd4965a4c 100644 --- a/.github/workflows/daily-syntax-error-quality.lock.yml +++ b/.github/workflows/daily-syntax-error-quality.lock.yml @@ -469,7 +469,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml index 699a1660c5d..ac7a2ec8460 100644 --- a/.github/workflows/daily-testify-uber-super-expert.lock.yml +++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml @@ -530,7 +530,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index b1054ebb2e1..5f83a15fa3d 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -457,7 +457,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/dead-code-remover.lock.yml b/.github/workflows/dead-code-remover.lock.yml index 93669f535c6..983ed540b4a 100644 --- a/.github/workflows/dead-code-remover.lock.yml +++ b/.github/workflows/dead-code-remover.lock.yml @@ -509,7 +509,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml index 95e4a32c3f8..3545e876927 100644 --- a/.github/workflows/delight.lock.yml +++ b/.github/workflows/delight.lock.yml @@ -485,7 +485,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/deployment-incident-monitor.lock.yml b/.github/workflows/deployment-incident-monitor.lock.yml index f916e47a119..9ffcb91c6e2 100644 --- a/.github/workflows/deployment-incident-monitor.lock.yml +++ b/.github/workflows/deployment-incident-monitor.lock.yml @@ -472,7 +472,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 9414139878f..470cdfebbc9 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -526,7 +526,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index e07e8bd6f09..724c2932fe6 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -459,7 +459,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml index 36325872c86..e2fa5bd6cda 100644 --- a/.github/workflows/discussion-task-miner.lock.yml +++ b/.github/workflows/discussion-task-miner.lock.yml @@ -484,7 +484,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index 15da8a93199..519de0a0b83 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -470,7 +470,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Install Playwright CLI run: npm install -g @playwright/cli@0.1.13 diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml index d34c81cd80d..0dad82ec569 100644 --- a/.github/workflows/draft-pr-cleanup.lock.yml +++ b/.github/workflows/draft-pr-cleanup.lock.yml @@ -454,7 +454,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index 3360990777e..bd21888a7d5 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -529,7 +529,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index ed6ae9db0ad..997599e4371 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -455,7 +455,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index d6f1de2a507..dad2e571140 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -497,7 +497,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index 6d866656da7..4f02516fe01 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -473,7 +473,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/linter-miner.lock.yml b/.github/workflows/linter-miner.lock.yml index 3013a1b309d..cbc23241602 100644 --- a/.github/workflows/linter-miner.lock.yml +++ b/.github/workflows/linter-miner.lock.yml @@ -523,7 +523,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 9670eb238e3..de66c110425 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -620,7 +620,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index d52cdb115d4..cc9284590ec 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -526,7 +526,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml index af2fe05d472..e7ec44a33dc 100644 --- a/.github/workflows/metrics-collector.lock.yml +++ b/.github/workflows/metrics-collector.lock.yml @@ -527,7 +527,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index 7fa8a32f031..d3e907fd920 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -514,7 +514,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index 99b1bb0343c..4398f8b3125 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -567,7 +567,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index b36120f14b7..a868b8e9074 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -524,7 +524,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/pr-code-quality-reviewer.lock.yml b/.github/workflows/pr-code-quality-reviewer.lock.yml index 35359326316..09a7fa6c56d 100644 --- a/.github/workflows/pr-code-quality-reviewer.lock.yml +++ b/.github/workflows/pr-code-quality-reviewer.lock.yml @@ -523,7 +523,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index 5988d320ab4..a04dcd172b0 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -526,7 +526,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/pr-triage-agent.lock.yml b/.github/workflows/pr-triage-agent.lock.yml index 851b4511a69..08dd253b942 100644 --- a/.github/workflows/pr-triage-agent.lock.yml +++ b/.github/workflows/pr-triage-agent.lock.yml @@ -492,7 +492,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index a95771d61cd..f22195905cd 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -541,7 +541,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index d5332c0c0b3..dbc2393a37a 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -596,7 +596,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Parse integrity filter lists id: parse-guard-vars diff --git a/.github/workflows/smoke-copilot-sdk.lock.yml b/.github/workflows/smoke-copilot-sdk.lock.yml index c866bf30780..f20ae0a6c12 100644 --- a/.github/workflows/smoke-copilot-sdk.lock.yml +++ b/.github/workflows/smoke-copilot-sdk.lock.yml @@ -510,7 +510,7 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.58 - - name: Install GitHub Copilot SDK + - name: Install GitHub Copilot SDK (Node.js) run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.0 - name: Determine automatic lockdown mode for GitHub MCP Server id: determine-automatic-lockdown From 1c631e782e0fcdc15d79bd38c71c04a2313f0f60 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 3 Jun 2026 16:00:06 +0000 Subject: [PATCH 3/4] Add copilot auth-null preflight diagnostics and bounded retry Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com> --- actions/setup/js/copilot_harness.cjs | 54 ++++++++++++++++++++++- actions/setup/js/copilot_harness.test.cjs | 43 +++++++++++++++++- 2 files changed, 94 insertions(+), 3 deletions(-) diff --git a/actions/setup/js/copilot_harness.cjs b/actions/setup/js/copilot_harness.cjs index 002800a5c72..efacdc52796 100644 --- a/actions/setup/js/copilot_harness.cjs +++ b/actions/setup/js/copilot_harness.cjs @@ -22,8 +22,9 @@ * (without `--continue`) so env-var auth can succeed. Mid-stream context is lost but the * job has a recovery path. * - On a fresh run (attempt 0 or after a `--continue`-auth fallback): the env-var token is - * genuinely absent or invalid. All further retries will produce the same failure, so the - * driver bails immediately. + * usually genuinely absent or invalid. The driver bails immediately except for scheduled + * runs with all auth env vars absent, where it performs one bounded fresh retry to cover + * token-provisioning races. * - Null-type tool_call errors (400 "Invalid type for '...tool_calls[N].type': ... got null") * poison the conversation history. Retrying with `--continue` re-injects the same broken * state on every subsequent attempt. The driver restarts fresh to discard the poisoned @@ -73,6 +74,9 @@ const MAX_DELAY_MS = 60000; // Additional startup retry budget for scheduled runs when Copilot exits with code 2 // before producing any output (typically transient API interruption at startup). const MAX_SCHEDULED_EXIT2_RETRIES = 1; +// Additional startup retry budget for scheduled runs when Copilot reports +// missing authentication info on a fresh run and no auth env vars are present. +const MAX_SCHEDULED_AUTH_NULL_RETRIES = 1; // If prompt files are larger than this threshold, avoid inlining into argv. const PROMPT_FILE_INLINE_THRESHOLD_BYTES = 100 * 1024; const PROMPT_FILE_INLINE_THRESHOLD_LABEL = "100KB"; @@ -318,6 +322,32 @@ function isAuthenticationFailedError(output) { return AUTHENTICATION_FAILED_PATTERN.test(output); } +/** + * Return true when an environment variable is set to a non-empty string. + * @param {unknown} value + * @returns {boolean} + */ +function isNonEmptyEnvValue(value) { + return typeof value === "string" && value.trim().length > 0; +} + +/** + * Build a mask-safe snapshot of Copilot auth token env presence. + * @param {NodeJS.ProcessEnv | undefined} env + * @returns {{ copilotGitHubTokenPresent: boolean, ghTokenPresent: boolean, githubTokenPresent: boolean, anyTokenPresent: boolean }} + */ +function buildCopilotAuthEnvPresence(env = process.env) { + const copilotGitHubTokenPresent = isNonEmptyEnvValue(env?.COPILOT_GITHUB_TOKEN); + const ghTokenPresent = isNonEmptyEnvValue(env?.GH_TOKEN); + const githubTokenPresent = isNonEmptyEnvValue(env?.GITHUB_TOKEN); + return { + copilotGitHubTokenPresent, + ghTokenPresent, + githubTokenPresent, + anyTokenPresent: copilotGitHubTokenPresent || ghTokenPresent || githubTokenPresent, + }; +} + /** * Extract provider auth failure details from Copilot output when available. * @param {string} output @@ -686,6 +716,7 @@ async function main() { const isScheduledRun = process.env.GITHUB_EVENT_NAME === "schedule"; let scheduledExit2Retries = 0; let scheduledExit2RetryAttempted = false; + let scheduledAuthNullRetries = 0; let useContinueOnRetry = false; let modelNotSupportedReflectRetryAttempted = false; // Once set to true, --continue is never re-enabled for the remainder of this run. @@ -802,6 +833,13 @@ async function main() { // Redact --prompt / -p value from logs to avoid leaking prompt content const safeArgs = currentArgs.map((arg, i) => (currentArgs[i - 1] === "--prompt" || currentArgs[i - 1] === "-p" ? "" : arg)); + const authEnvPresence = buildCopilotAuthEnvPresence(childEnv ?? process.env); + log( + `attempt ${attempt + 1}: auth preflight` + + ` COPILOT_GITHUB_TOKEN=${authEnvPresence.copilotGitHubTokenPresent ? "present" : "absent"}` + + ` GH_TOKEN=${authEnvPresence.ghTokenPresent ? "present" : "absent"}` + + ` GITHUB_TOKEN=${authEnvPresence.githubTokenPresent ? "present" : "absent"}` + ); let result; if (copilotSDKDriverMode) { // Driver mode: run copilot_sdk_driver.cjs as a normal subprocess. The harness has @@ -935,6 +973,16 @@ async function main() { log(`attempt ${attempt + 1}: auth error on --continue — retrying as fresh run (session credential may be corrupted; context will be lost)`); continue; } + if (isScheduledRun && !authEnvPresence.anyTokenPresent && scheduledAuthNullRetries < MAX_SCHEDULED_AUTH_NULL_RETRIES && attempt < MAX_RETRIES) { + scheduledAuthNullRetries += 1; + useContinueOnRetry = false; + continueDisabledPermanently = true; + log(`attempt ${attempt + 1}: no authentication info on fresh run with all auth env vars absent` + ` — retrying once after delay (authNullRetry=${scheduledAuthNullRetries}/${MAX_SCHEDULED_AUTH_NULL_RETRIES})`); + continue; + } + if (!authEnvPresence.anyTokenPresent) { + emitInfrastructureIncomplete("copilot_auth_token_missing: Copilot authentication token was unavailable at runtime (COPILOT_GITHUB_TOKEN, GH_TOKEN, and GITHUB_TOKEN were all absent)."); + } log(`attempt ${attempt + 1}: no authentication information found — not retrying (COPILOT_GITHUB_TOKEN, GH_TOKEN, and GITHUB_TOKEN are all absent or invalid)`); break; } @@ -1047,6 +1095,8 @@ if (typeof module !== "undefined" && module.exports) { extractPromptFromArgs, readSDKOptionsFromStdin, parseCopilotSDKServerArgsFromEnv, + buildCopilotAuthEnvPresence, + isNonEmptyEnvValue, runWithCopilotSDK, }; } diff --git a/actions/setup/js/copilot_harness.test.cjs b/actions/setup/js/copilot_harness.test.cjs index 84af138801b..30074e43bce 100644 --- a/actions/setup/js/copilot_harness.test.cjs +++ b/actions/setup/js/copilot_harness.test.cjs @@ -16,6 +16,7 @@ const { buildInfrastructureIncompletePayload, buildCopilotProxyAuthFailureDiagnostic, buildPromptFileFallbackInstruction, + buildCopilotAuthEnvPresence, countPermissionDeniedIssues, detectCopilotErrors, emitInfrastructureIncomplete, @@ -42,6 +43,7 @@ const { writeCopilotOutputs, readSDKOptionsFromStdin, parseCopilotSDKServerArgsFromEnv, + isNonEmptyEnvValue, } = require("./copilot_harness.cjs"); describe("copilot_harness.cjs", () => { @@ -1123,6 +1125,27 @@ describe("copilot_harness.cjs", () => { expect(isAuthenticationFailedError("Authentication failed (Request ID: C818:3ED713:19D401B:1C446B7:69D653CA)")).toBe(true); }); + describe("Copilot auth env presence helpers", () => { + it("treats undefined, empty, and whitespace values as absent", () => { + expect(isNonEmptyEnvValue(undefined)).toBe(false); + expect(isNonEmptyEnvValue("")).toBe(false); + expect(isNonEmptyEnvValue(" ")).toBe(false); + }); + + it("treats non-empty values as present", () => { + expect(isNonEmptyEnvValue("token")).toBe(true); + }); + + it("builds a mask-safe auth env presence snapshot", () => { + expect(buildCopilotAuthEnvPresence({ COPILOT_GITHUB_TOKEN: "", GH_TOKEN: " ", GITHUB_TOKEN: "ghs_x" })).toEqual({ + copilotGitHubTokenPresent: false, + ghTokenPresent: false, + githubTokenPresent: true, + anyTokenPresent: true, + }); + }); + }); + it("does not match no-auth-info error", () => { expect(isAuthenticationFailedError("Error: No authentication information found.")).toBe(false); }); @@ -1173,20 +1196,27 @@ describe("copilot_harness.cjs", () => { const MCP_POLICY_BLOCKED_PATTERN = /MCP servers were blocked by policy:/; const NO_AUTH_INFO_PATTERN = /No authentication information found/; const MAX_RETRIES = 3; + const MAX_SCHEDULED_AUTH_NULL_RETRIES = 1; /** * @param {{hasOutput: boolean, exitCode: number, output: string}} result * @param {number} attempt * @param {boolean} useContinueOnRetry - whether the current attempt used --continue + * @param {boolean} isScheduledRun + * @param {boolean} anyTokenPresent + * @param {number} scheduledAuthNullRetries * @returns {boolean} */ - function shouldRetry(result, attempt, useContinueOnRetry = false) { + function shouldRetry(result, attempt, useContinueOnRetry = false, isScheduledRun = false, anyTokenPresent = true, scheduledAuthNullRetries = 0) { if (result.exitCode === 0) return false; // MCP policy errors are persistent — never retry if (MCP_POLICY_BLOCKED_PATTERN.test(result.output)) return false; if (attempt === 0 && isAuthenticationFailedError(result.output)) return false; // Auth error on --continue: fall back to fresh run once; on fresh run: bail if (NO_AUTH_INFO_PATTERN.test(result.output)) { + if (isScheduledRun && !anyTokenPresent && scheduledAuthNullRetries < MAX_SCHEDULED_AUTH_NULL_RETRIES && attempt < MAX_RETRIES) { + return true; + } return useContinueOnRetry && attempt < MAX_RETRIES; } return attempt < MAX_RETRIES && result.hasOutput; @@ -1224,6 +1254,17 @@ describe("copilot_harness.cjs", () => { expect(shouldRetry(result, 0, false)).toBe(false); }); + it("retries once for scheduled auth-null fresh failures when all auth env vars are absent", () => { + const result = { exitCode: 1, hasOutput: true, output: "Error: No authentication information found." }; + expect(shouldRetry(result, 0, false, true, false, 0)).toBe(true); + expect(shouldRetry(result, 1, false, true, false, 1)).toBe(false); + }); + + it("does not apply scheduled auth-null retry when any auth token env var is present", () => { + const result = { exitCode: 1, hasOutput: true, output: "Error: No authentication information found." }; + expect(shouldRetry(result, 0, false, true, true, 0)).toBe(false); + }); + it("still retries non-auth errors with output (CAPIError 400)", () => { const result = { exitCode: 1, hasOutput: true, output: "CAPIError: 400 Bad Request" }; expect(shouldRetry(result, 0, false)).toBe(true); From 60828db47198c9ac87c466423d89df7b25d3df96 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 3 Jun 2026 16:04:20 +0000 Subject: [PATCH 4/4] Refine auth-null retry tests and harness logging style Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com> --- actions/setup/js/copilot_harness.cjs | 2 +- actions/setup/js/copilot_harness.test.cjs | 34 +++++++++++------------ 2 files changed, 17 insertions(+), 19 deletions(-) diff --git a/actions/setup/js/copilot_harness.cjs b/actions/setup/js/copilot_harness.cjs index efacdc52796..4a207d5818c 100644 --- a/actions/setup/js/copilot_harness.cjs +++ b/actions/setup/js/copilot_harness.cjs @@ -977,7 +977,7 @@ async function main() { scheduledAuthNullRetries += 1; useContinueOnRetry = false; continueDisabledPermanently = true; - log(`attempt ${attempt + 1}: no authentication info on fresh run with all auth env vars absent` + ` — retrying once after delay (authNullRetry=${scheduledAuthNullRetries}/${MAX_SCHEDULED_AUTH_NULL_RETRIES})`); + log(`attempt ${attempt + 1}: no authentication info on fresh run with all auth env vars absent — retrying once after delay (authNullRetry=${scheduledAuthNullRetries}/${MAX_SCHEDULED_AUTH_NULL_RETRIES})`); continue; } if (!authEnvPresence.anyTokenPresent) { diff --git a/actions/setup/js/copilot_harness.test.cjs b/actions/setup/js/copilot_harness.test.cjs index 30074e43bce..fe3fad5dce6 100644 --- a/actions/setup/js/copilot_harness.test.cjs +++ b/actions/setup/js/copilot_harness.test.cjs @@ -1201,13 +1201,11 @@ describe("copilot_harness.cjs", () => { /** * @param {{hasOutput: boolean, exitCode: number, output: string}} result * @param {number} attempt - * @param {boolean} useContinueOnRetry - whether the current attempt used --continue - * @param {boolean} isScheduledRun - * @param {boolean} anyTokenPresent - * @param {number} scheduledAuthNullRetries + * @param {{useContinueOnRetry?: boolean, isScheduledRun?: boolean, anyTokenPresent?: boolean, scheduledAuthNullRetries?: number}} options * @returns {boolean} */ - function shouldRetry(result, attempt, useContinueOnRetry = false, isScheduledRun = false, anyTokenPresent = true, scheduledAuthNullRetries = 0) { + function shouldRetry(result, attempt, options = {}) { + const { useContinueOnRetry = false, isScheduledRun = false, anyTokenPresent = true, scheduledAuthNullRetries = 0 } = options; if (result.exitCode === 0) return false; // MCP policy errors are persistent — never retry if (MCP_POLICY_BLOCKED_PATTERN.test(result.output)) return false; @@ -1224,55 +1222,55 @@ describe("copilot_harness.cjs", () => { it("does not retry when auth fails on first attempt (no real work done)", () => { const result = { exitCode: 1, hasOutput: true, output: "Error: No authentication information found." }; - expect(shouldRetry(result, 0, false)).toBe(false); + expect(shouldRetry(result, 0, { useContinueOnRetry: false })).toBe(false); }); it("does not retry when first attempt reports authentication failed", () => { const result = { exitCode: 1, hasOutput: true, output: "Authentication failed (Request ID: ABC123)" }; - expect(shouldRetry(result, 0, false)).toBe(false); + expect(shouldRetry(result, 0, { useContinueOnRetry: false })).toBe(false); }); it("retries as fresh run when auth fails on a --continue attempt", () => { // This replicates the fix: attempt 1 ran for 3+ min then failed mid-stream, // attempt 2 (--continue) fails with auth error — driver retries once as fresh run. const continueResult = { exitCode: 1, hasOutput: true, output: "Error: No authentication information found." }; - expect(shouldRetry(continueResult, 1, true)).toBe(true); // --continue attempt: triggers fresh retry - expect(shouldRetry(continueResult, 2, true)).toBe(true); // still within retry budget - expect(shouldRetry(continueResult, 3, true)).toBe(false); // budget exhausted + expect(shouldRetry(continueResult, 1, { useContinueOnRetry: true })).toBe(true); // --continue attempt: triggers fresh retry + expect(shouldRetry(continueResult, 2, { useContinueOnRetry: true })).toBe(true); // still within retry budget + expect(shouldRetry(continueResult, 3, { useContinueOnRetry: true })).toBe(false); // budget exhausted }); it("does not retry when auth fails on a fresh-run recovery attempt (useContinueOnRetry=false)", () => { // After falling back to a fresh run, useContinueOnRetry is reset to false. // If the fresh run also hits auth error, the driver bails immediately. const freshResult = { exitCode: 1, hasOutput: true, output: "Error: No authentication information found." }; - expect(shouldRetry(freshResult, 1, false)).toBe(false); - expect(shouldRetry(freshResult, 2, false)).toBe(false); + expect(shouldRetry(freshResult, 1, { useContinueOnRetry: false })).toBe(false); + expect(shouldRetry(freshResult, 2, { useContinueOnRetry: false })).toBe(false); }); it("does not retry auth error even when output is mixed with other content", () => { const result = { exitCode: 1, hasOutput: true, output: "Some output\nError: No authentication information found.\nMore output" }; - expect(shouldRetry(result, 0, false)).toBe(false); + expect(shouldRetry(result, 0, { useContinueOnRetry: false })).toBe(false); }); it("retries once for scheduled auth-null fresh failures when all auth env vars are absent", () => { const result = { exitCode: 1, hasOutput: true, output: "Error: No authentication information found." }; - expect(shouldRetry(result, 0, false, true, false, 0)).toBe(true); - expect(shouldRetry(result, 1, false, true, false, 1)).toBe(false); + expect(shouldRetry(result, 0, { useContinueOnRetry: false, isScheduledRun: true, anyTokenPresent: false, scheduledAuthNullRetries: 0 })).toBe(true); + expect(shouldRetry(result, 1, { useContinueOnRetry: false, isScheduledRun: true, anyTokenPresent: false, scheduledAuthNullRetries: 1 })).toBe(false); }); it("does not apply scheduled auth-null retry when any auth token env var is present", () => { const result = { exitCode: 1, hasOutput: true, output: "Error: No authentication information found." }; - expect(shouldRetry(result, 0, false, true, true, 0)).toBe(false); + expect(shouldRetry(result, 0, { useContinueOnRetry: false, isScheduledRun: true, anyTokenPresent: true, scheduledAuthNullRetries: 0 })).toBe(false); }); it("still retries non-auth errors with output (CAPIError 400)", () => { const result = { exitCode: 1, hasOutput: true, output: "CAPIError: 400 Bad Request" }; - expect(shouldRetry(result, 0, false)).toBe(true); + expect(shouldRetry(result, 0, { useContinueOnRetry: false })).toBe(true); }); it("still retries generic partial-execution errors with output", () => { const result = { exitCode: 1, hasOutput: true, output: "Failed to get response from the AI model; retried 5 times" }; - expect(shouldRetry(result, 0, false)).toBe(true); + expect(shouldRetry(result, 0, { useContinueOnRetry: false })).toBe(true); }); });