8000
Skip to content

[WIP] Fix daily mcp concurrency analysis by adding jq and git log to bash allowlist #23886

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pelikhan merged 2 commits into from
Apr 1, 2026
+22 −16
Merged

[WIP] Fix daily mcp concurrency analysis by adding jq and git log to bash allowlist #23886

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4409c29
Initial plan
Copilot Apr 1, 2026
a5266ae
fix(daily-mcp-concurrency-analysis): add jq and git log to bash allow…
Copilot Apr 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 19 additions & 16 deletions .github/workflows/daily-mcp-concurrency-analysis.lock.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions .github/workflows/daily-mcp-concurrency-analysis.md
8000
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,14 @@ tools:
edit:
bash:
- "cat pkg/workflow/js/safe_outputs_tools.json"
- "jq -r '.[].name' pkg/workflow/js/safe_outputs_tools.json"
Copy link
Copilot AI Apr 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow instructions later recommend running cat pkg/workflow/js/safe_outputs_tools.json | jq -r '.[].name' | sort, but the bash allowlist here only permits cat ..., jq -r '.[].name' pkg/..., and sort as separate commands (a piped command likely won’t match the allowlist). Consider updating the instructions to use the allowlisted standalone jq ... file | sort (or explicitly allow the piped form) so the agent doesn’t get blocked following the documented steps.

Suggested change
- "jq -r '.[].name' pkg/workflow/js/safe_outputs_tools.json"
- "jq -r '.[].name' pkg/workflow/js/safe_outputs_tools.json"
- "cat pkg/workflow/js/safe_outputs_tools.json | jq -r '.[].name' | sort"

Copilot uses AI. Check for mistakes.
- "find actions/setup/js -name '*.cjs' ! -name '*.test.cjs' -type f"
- "cat actions/setup/js/*.cjs"
- "grep -r 'let \\|var \\|const ' actions/setup/js --include='*.cjs'"
- "grep -r 'module.exports' actions/setup/js --include='*.cjs'"
- "head -n * actions/setup/js/*.cjs"
- "git log -1 --format='%ai' -- actions/setup/js/*.cjs"
- "git log -3 --format='%ai %s' -- actions/setup/js/*.cjs"
Comment on lines +46 to +47
Copy link
Copilot AI Apr 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The allowlisted git log commands use single quotes and a glob (actions/setup/js/*.cjs), but the instructions later in this workflow show per-tool invocations like git log -1 --format="%ai" -- actions/setup/js/<tool_name>.cjs. If the agent follows the documented command shape (double quotes / specific file), it may still be denied by the sandbox allowlist. Align the documented command(s) with the allowlist, or broaden the allowlist to cover the per-file form that Step 3 describes.

Suggested change
- "git log -1 --format='%ai' -- actions/setup/js/*.cjs"
- "git log -3 --format='%ai %s' -- actions/setup/js/*.cjs"
- "git log -1 --format=\"%ai\" -- actions/setup/js/<tool_name>.cjs"
- "git log -3 --format=\"%ai %s\" -- actions/setup/js/<tool_name>.cjs"

Copilot uses AI. Check for mistakes.
Copy link
Copilot AI Apr 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

git log -3 --format='%ai %s' ... exposes commit subjects to the agent prompt. If commit messages can contain sensitive/internal info, consider limiting this to timestamps only (e.g., omit %s) unless the subject is strictly needed for the selection logic.

Suggested change
- "git log -3 --format='%ai %s' -- actions/setup/js/*.cjs"
- "git log -3 --format='%ai' -- actions/setup/js/*.cjs"

Copilot uses AI. Check for mistakes.

timeout-minutes: 45
strict: true
Expand Down
Loading
0