Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changeset/patch-escape-shell-env-vars.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/ai-moderator.lock.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/auto-triage-issues.lock.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions actions/setup/sh/check_mcp_servers.sh
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ echo ""
# Validate configuration file exists
CONFIG_VALIDATION_START=$(date +%s%3N)
if [ ! -f "$GATEWAY_CONFIG_PATH" ]; then
echo "ERROR: Gateway configuration file not found: $GATEWAY_CONFIG_PATH" >&2
echo "ERROR: Gateway configuration file not found: ${GATEWAY_CONFIG_PATH@Q}" >&2
exit 1
fi

Expand Down Expand Up @@ -184,8 +184,8 @@ while IFS= read -r SERVER_NAME; do
SERVERS_SUCCEEDED=$((SERVERS_SUCCEEDED + 1))
else
echo "✗ $SERVER_NAME: failed to connect"
echo " URL: $SERVER_URL"
echo " Last error: $LAST_ERROR"
echo " URL: ${SERVER_URL@Q}"
echo " Last error: ${LAST_ERROR@Q}"
echo " Retries attempted: $MAX_RETRIES"
SERVERS_FAILED=$((SERVERS_FAILED + 1))
fi
Expand Down
4 changes: 2 additions & 2 deletions actions/setup/sh/clean_git_credentials.sh
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,11 @@ set -euo pipefail
WORKSPACE="${GITHUB_WORKSPACE:-.}"
GIT_CONFIG_PATH="${WORKSPACE}/.git/config"

echo "Cleaning git credentials from ${GIT_CONFIG_PATH}"
echo "Cleaning git credentials from ${GIT_CONFIG_PATH@Q}"

# Check if .git/config exists
if [ ! -f "${GIT_CONFIG_PATH}" ]; then
echo "No .git/config found at ${GIT_CONFIG_PATH}, nothing to clean"
echo "No .git/config found at ${GIT_CONFIG_PATH@Q}, nothing to clean"
exit 0
fi

Expand Down
40 changes: 20 additions & 20 deletions actions/setup/sh/generate_git_patch.sh
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Diagnostic logging: Show environment information
echo "=== Diagnostic: Environment Information ==="
echo "GITHUB_SHA: ${GITHUB_SHA}"
echo "DEFAULT_BRANCH: ${DEFAULT_BRANCH}"
echo "GITHUB_SHA: ${GITHUB_SHA@Q}"
echo "DEFAULT_BRANCH: ${DEFAULT_BRANCH@Q}"
echo "Current HEAD: $(git rev-parse HEAD 2>/dev/null || echo 'unknown')"
echo "Current branch: $(git branch --show-current 2>/dev/null || echo 'detached HEAD')"

Expand Down Expand Up @@ -30,7 +30,7 @@ if [ -f "$GH_AW_SAFE_OUTPUTS" ]; then
# Extract branch value using sed
BRANCH_NAME="$(echo "$line" | sed -n 's/.*"branch"[[:space:]]*:[[:space:]]*"\([^"]*\)".*/\1/p')"
if [ -n "$BRANCH_NAME" ]; then
echo "Extracted branch name from create_pull_request: $BRANCH_NAME"
echo "Extracted branch name from create_pull_request: ${BRANCH_NAME@Q}"
break
fi
# Extract branch from push_to_pull_request_branch line using simple grep and sed
Expand All @@ -40,15 +40,15 @@ if [ -f "$GH_AW_SAFE_OUTPUTS" ]; then
# Extract branch value using sed
BRANCH_NAME="$(echo "$line" | sed -n 's/.*"branch"[[:space:]]*:[[:space:]]*"\([^"]*\)".*/\1/p')"
if [ -n "$BRANCH_NAME" ]; then
echo "Extracted branch name from push_to_pull_request_branch: $BRANCH_NAME"
echo "Extracted branch name from push_to_pull_request_branch: ${BRANCH_NAME@Q}"
break
fi
fi
fi
done < "$GH_AW_SAFE_OUTPUTS"
else
echo ""
echo "GH_AW_SAFE_OUTPUTS file not found at: $GH_AW_SAFE_OUTPUTS"
echo "GH_AW_SAFE_OUTPUTS file not found at: ${GH_AW_SAFE_OUTPUTS@Q}"
fi

# If no branch found in JSONL, log it but don't give up yet
Expand All @@ -63,30 +63,30 @@ PATCH_GENERATED=false
if [ -n "$BRANCH_NAME" ]; then
echo ""
echo "=== Strategy 1: Using named branch from JSONL ==="
echo "Looking for branch: $BRANCH_NAME"
echo "Looking for branch: ${BRANCH_NAME@Q}"
# Check if the branch exists
if git show-ref --verify --quiet "refs/heads/$BRANCH_NAME"; then
echo "Branch $BRANCH_NAME exists, generating patch from branch changes"
echo "Branch ${BRANCH_NAME@Q} exists, generating patch from branch changes"

# Check if origin/$BRANCH_NAME exists to use as base
if git show-ref --verify --quiet "refs/remotes/origin/$BRANCH_NAME"; then
echo "Using origin/$BRANCH_NAME as base for patch generation"
echo "Using origin/${BRANCH_NAME@Q} as base for patch generation"
BASE_REF="origin/$BRANCH_NAME"
else
echo "origin/$BRANCH_NAME does not exist, using merge-base with default branch"
echo "origin/${BRANCH_NAME@Q} does not exist, using merge-base with default branch"
# Use the default branch name from environment variable
echo "Default branch: $DEFAULT_BRANCH"
echo "Default branch: ${DEFAULT_BRANCH@Q}"
# Fetch the default branch to ensure it's available locally
git fetch origin "$DEFAULT_BRANCH"
# Find merge base between default branch and current branch
BASE_REF="$(git merge-base "origin/$DEFAULT_BRANCH" "$BRANCH_NAME")"
echo "Using merge-base as base: $BASE_REF"
echo "Using merge-base as base: ${BASE_REF@Q}"
fi

# Diagnostic logging: Show diff stats before generating patch
echo ""
echo "=== Diagnostic: Diff stats for patch generation ==="
echo "Command: git diff --stat $BASE_REF..$BRANCH_NAME"
echo "Command: git diff --stat ${BASE_REF@Q}..${BRANCH_NAME@Q}"
git diff --stat "$BASE_REF".."$BRANCH_NAME" || echo "Failed to show diff stats"

# Diagnostic logging: Count commits to be included
Expand All @@ -102,14 +102,14 @@ if [ -n "$BRANCH_NAME" ]; then
# Diagnostic logging: Show the exact command being used
echo ""
echo "=== Diagnostic: Generating patch ==="
echo "Command: git format-patch $BASE_REF..$BRANCH_NAME --stdout > /tmp/gh-aw/aw.patch"
echo "Command: git format-patch ${BASE_REF@Q}..${BRANCH_NAME@Q} --stdout > /tmp/gh-aw/aw.patch"

# Generate patch from the determined base to the branch
git format-patch "$BASE_REF".."$BRANCH_NAME" --stdout > /tmp/gh-aw/aw.patch || echo "Failed to generate patch from branch" > /tmp/gh-aw/aw.patch
echo "Patch file created from branch: $BRANCH_NAME (base: $BASE_REF)"
echo "Patch file created from branch: ${BRANCH_NAME@Q} (base: ${BASE_REF@Q})"
PATCH_GENERATED=true
else
echo "Branch $BRANCH_NAME does not exist locally"
echo "Branch ${BRANCH_NAME@Q} does not exist locally"
fi
fi

Expand All @@ -120,8 +120,8 @@ if [ "$PATCH_GENERATED" = false ]; then

# Get current HEAD SHA
CURRENT_HEAD="$(git rev-parse HEAD 2>/dev/null || echo '')"
echo "Current HEAD: $CURRENT_HEAD"
echo "Checkout SHA (GITHUB_SHA): $GITHUB_SHA"
echo "Current HEAD: ${CURRENT_HEAD@Q}"
echo "Checkout SHA (GITHUB_SHA): ${GITHUB_SHA@Q}"

if [ -z "$CURRENT_HEAD" ]; then
echo "ERROR: Could not determine current HEAD SHA"
Expand Down Expand Up @@ -150,15 +150,15 @@ if [ "$PATCH_GENERATED" = false ]; then
# Show diff stats
echo ""
echo "=== Diagnostic: Diff stats for patch generation ==="
echo "Command: git diff --stat ${GITHUB_SHA}..HEAD"
echo "Command: git diff --stat ${GITHUB_SHA@Q}..HEAD"
git diff --stat "${GITHUB_SHA}..HEAD" || echo "Failed to show diff stats"

# Generate patch from GITHUB_SHA to HEAD
echo ""
echo "=== Diagnostic: Generating patch ==="
echo "Command: git format-patch ${GITHUB_SHA}..HEAD --stdout > /tmp/gh-aw/aw.patch"
echo "Command: git format-patch ${GITHUB_SHA@Q}..HEAD --stdout > /tmp/gh-aw/aw.patch"
git format-patch "${GITHUB_SHA}..HEAD" --stdout > /tmp/gh-aw/aw.patch || echo "Failed to generate patch from HEAD" > /tmp/gh-aw/aw.patch
echo "Patch file created from commits on HEAD (base: $GITHUB_SHA)"
echo "Patch file created from commits on HEAD (base: ${GITHUB_SHA@Q})"
PATCH_GENERATED=true
else
echo "No commits found between GITHUB_SHA and HEAD"
Expand Down
4 changes: 2 additions & 2 deletions actions/setup/sh/install_awf_binary.sh
Original file line number Diff line number Diff line change
Expand Up @@ -41,10 +41,10 @@ TEMP_DIR=$(mktemp -d)
trap 'rm -rf "$TEMP_DIR"' EXIT

# Download binary and checksums
echo "Downloading binary from ${BINARY_URL}..."
echo "Downloading binary from ${BINARY_URL@Q}..."
curl -fsSL -o "${TEMP_DIR}/${AWF_BINARY}" "${BINARY_URL}"

echo "Downloading checksums from ${CHECKSUMS_URL}..."
echo "Downloading checksums from ${CHECKSUMS_URL@Q}..."
curl -fsSL -o "${TEMP_DIR}/checksums.txt" "${CHECKSUMS_URL}"

# Verify checksum
Expand Down
2 changes: 1 addition & 1 deletion actions/setup/sh/start_mcp_gateway.sh
Original file line number Diff line number Diff line change
Expand Up @@ -426,5 +426,5 @@ echo ""
{
echo "gateway-pid=$GATEWAY_PID"
echo "gateway-port=${MCP_GATEWAY_PORT}"
echo "gateway-api-key=${MCP_GATEWAY_API_KEY}"
echo "gateway-api-key=${MCP_GATEWAY_API_KEY@Q}"
} >> $GITHUB_OUTPUT
2 changes: 1 addition & 1 deletion actions/setup/sh/start_safe_inputs_server.sh
Original file line number Diff line number Diff line change
Expand Up @@ -128,5 +128,5 @@ done
# Output the configuration for the MCP client
{
echo "port=$GH_AW_SAFE_INPUTS_PORT"
echo "api_key=$GH_AW_SAFE_INPUTS_API_KEY"
echo "api_key=${GH_AW_SAFE_INPUTS_API_KEY@Q}"
} >> "$GITHUB_OUTPUT"
2 changes: 1 addition & 1 deletion actions/setup/sh/start_safe_outputs_server.sh
Original file line number Diff line number Diff line change
Expand Up @@ -128,5 +128,5 @@ done
# Output the configuration for the MCP client
{
echo "port=$GH_AW_SAFE_OUTPUTS_PORT"
echo "api_key=$GH_AW_SAFE_OUTPUTS_API_KEY"
echo "api_key=${GH_AW_SAFE_OUTPUTS_API_KEY@Q}"
} >> "$GITHUB_OUTPUT"
6 changes: 3 additions & 3 deletions actions/setup/sh/validate_gatewayed_server.sh
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ GATEWAY_URL="$3"
# Validate that MCP config file exists
validate_config_file_exists() {
if [ ! -f "$MCP_CONFIG_PATH" ]; then
echo "ERROR: MCP config file not found: $MCP_CONFIG_PATH" >&2
echo "ERROR: MCP config file not found: ${MCP_CONFIG_PATH@Q}" >&2
return 1
fi
return 0
Expand Down Expand Up @@ -104,8 +104,8 @@ validate_gateway_url() {

if ! echo "$server_url" | grep -q "$GATEWAY_URL"; then
echo "ERROR: ${SERVER_NAME} server URL does not point to gateway" >&2
echo "Expected gateway URL: $GATEWAY_URL" >&2
echo "Actual URL: $server_url" >&2
echo "Expected gateway URL: ${GATEWAY_URL@Q}" >&2
echo "Actual URL: ${server_url@Q}" >&2
return 1
fi

Expand Down
4 changes: 2 additions & 2 deletions actions/setup/sh/validate_multi_secret.sh
Original file line number Diff line number Diff line change
Expand Up @@ -70,14 +70,14 @@ if [ "$all_empty" = true ]; then
echo "❌ Error: $error_msg"
echo "$requirement_msg"
echo "Please configure one of these secrets in your repository settings."
echo "Documentation: $DOCS_URL"
echo "Documentation: ${DOCS_URL@Q}"
} >> "$GITHUB_STEP_SUMMARY"

# Print to stderr
echo "Error: $error_msg" >&2
echo "$requirement_msg" >&2
echo "Please configure one of these secrets in your repository settings." >&2
echo "Documentation: $DOCS_URL" >&2
echo "Documentation: ${DOCS_URL@Q}" >&2

# Set step output to indicate verification failed
if [ -n "$GITHUB_OUTPUT" ]; then
Expand Down
2 changes: 1 addition & 1 deletion docs/src/content/docs/agent-factory-status.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ These are experimental agentic workflows used by the GitHub Next team to learn,
| [Automated Portfolio Analyst](https://github.com/github/gh-aw/blob/main/.github/workflows/portfolio-analyst.md) | copilot | [![Automated Portfolio Analyst](https://github.com/github/gh-aw/actions/workflows/portfolio-analyst.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/portfolio-analyst.lock.yml) | - | - |
| [Basic Research Agent](https://github.com/github/gh-aw/blob/main/.github/workflows/research.md) | copilot | [![Basic Research Agent](https://github.com/github/gh-aw/actions/workflows/research.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/research.lock.yml) | - | - |
| [Blog Auditor](https://github.com/github/gh-aw/blob/main/.github/workflows/blog-auditor.md) | claude | [![Blog Auditor](https://github.com/github/gh-aw/actions/workflows/blog-auditor.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/blog-auditor.lock.yml) | - | - |
| [Bot Detection Agent 🔍🤖](https://github.com/github/gh-aw/blob/main/.github/workflows/bot-detection.md) | copilot | [![Bot Detection Agent 🔍🤖](https://github.com/github/gh-aw/actions/workflows/bot-detection.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/bot-detection.lock.yml) | - | - |
| [Brave Web Search Agent](https://github.com/github/gh-aw/blob/main/.github/workflows/brave.md) | copilot | [![Brave Web Search Agent](https://github.com/github/gh-aw/actions/workflows/brave.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/brave.lock.yml) | - | `/brave` |
| [Breaking Change Checker](https://github.com/github/gh-aw/blob/main/.github/workflows/breaking-change-checker.md) | copilot | [![Breaking Change Checker](https://github.com/github/gh-aw/actions/workflows/breaking-change-checker.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/breaking-change-checker.lock.yml) | - | - |
| [Changeset Generator](https://github.com/github/gh-aw/blob/main/.github/workflows/changeset.md) | codex | [![Changeset Generator](https://github.com/github/gh-aw/actions/workflows/changeset.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/changeset.lock.yml) | - | - |
Expand Down Expand Up @@ -143,7 +144,6 @@ These are experimental agentic workflows used by the GitHub Next team to learn,
| [Test Create PR Error Handling](https://github.com/github/gh-aw/blob/main/.github/workflows/test-create-pr-error-handling.md) | claude | [![Test Create PR Error Handling](https://github.com/github/gh-aw/actions/workflows/test-create-pr-error-handling.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/test-create-pr-error-handling.lock.yml) | - | - |
| [Test Dispatcher Workflow](https://github.com/github/gh-aw/blob/main/.github/workflows/test-dispatcher.md) | copilot | [![Test Dispatcher Workflow](https://github.com/github/gh-aw/actions/workflows/test-dispatcher.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/test-dispatcher.lock.yml) | - | - |
| [Test Project URL Explicit Requirement](https://github.com/github/gh-aw/blob/main/.github/workflows/test-project-url-default.md) | copilot | [![Test Project URL Explicit Requirement](https://github.com/github/gh-aw/actions/workflows/test-project-url-default.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/test-project-url-default.lock.yml) | - | - |
| [Test Rate Limiting](https://github.com/github/gh-aw/blob/main/.github/workflows/test-rate-limit.md) | copilot | [![Test Rate Limiting](https://github.com/github/gh-aw/actions/workflows/test-rate-limit.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/test-rate-limit.lock.yml) | - | - |
| [Test Workflow](https://github.com/github/gh-aw/blob/main/.github/workflows/test-workflow.md) | copilot | [![Test Workflow](https://github.com/github/gh-aw/actions/workflows/test-workflow.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/test-workflow.lock.yml) | - | - |
| [The Daily Repository Chronicle](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-repo-chronicle.md) | copilot | [![The Daily Repository Chronicle](https://github.com/github/gh-aw/actions/workflows/daily-repo-chronicle.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-repo-chronicle.lock.yml) | `0 16 * * 1-5` | - |
| [The Great Escapi](https://github.com/github/gh-aw/blob/main/.github/workflows/firewall-escape.md) | copilot | [![The Great Escapi](https://github.com/github/gh-aw/actions/workflows/firewall-escape.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/firewall-escape.lock.yml) | - | - |
Expand Down
6 changes: 3 additions & 3 deletions docs/src/content/docs/reference/frontmatter-full.md
Original file line number Diff line number Diff line change
Expand Up @@ -3513,11 +3513,11 @@ bots: []
# (optional)
rate-limit:
# Maximum number of workflow runs allowed per user within the time window.
# Defaults to 5.
# (optional)
# Required field.
max: 1

# Time window in minutes for rate limiting. Defaults to 60 (1 hour).
# Time window in minutes for rate limiting. Defaults to 60 (1 hour). Maximum: 180
# (3 hours).
# (optional)
window: 1

Expand Down