Skip to content

Commit 09ce366

Browse files
committed
Merge remote-tracking branch 'origin/main' into copilot/create-custom-action-setup-activation
# Conflicts: # .github/workflows/campaign-manager.lock.yml # .github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml
2 parents 7214a67 + 02dd2ec commit 09ce366

27 files changed

Lines changed: 231 additions & 504 deletions

.github/workflows/ai-moderator.lock.yml

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.github/workflows/ai-moderator.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ jobs:
5151
const excludedBots = ['github-actions[bot]', 'github-actions', 'copilot[bot]'];
5252
if (actor.endsWith('[bot]') && excludedBots.includes(actor)) {
5353
core.info(`⏭️ Skipping workflow - issue opened by bot: ${actor}`);
54-
core.setOutput('should_run', 'false');
54+
core.setOutput('should_run', '');
5555
return;
5656
}
5757
@@ -72,7 +72,7 @@ jobs:
7272
const teamPermissions = ['admin', 'maintain', 'write'];
7373
if (teamPermissions.includes(userPermission)) {
7474
core.info(`⏭️ Skipping workflow - ${actor} is a team member with ${userPermission} access`);
75-
core.setOutput('should_run', 'false');
75+
core.setOutput('should_run', '');
7676
} else {
7777
core.info(`✅ Running workflow - ${actor} is external user with ${userPermission} access`);
7878
core.setOutput('should_run', 'true');

.github/workflows/hourly-ci-cleaner.lock.yml

Lines changed: 3 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.github/workflows/hourly-ci-cleaner.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,10 @@ permissions:
1111
pull-requests: read
1212
tracker-id: hourly-ci-cleaner
1313
engine: copilot
14+
network:
15+
allowed:
16+
- defaults
17+
- go
1418
tools:
1519
bash: ["*"]
1620
edit:

.github/workflows/license-check.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@ on:
1212
jobs:
1313
license-check:
1414
runs-on: ubuntu-latest
15+
permissions:
16+
contents: read
1517
steps:
1618
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
1719

CONTRIBUTING.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -275,10 +275,10 @@ GitHub Copilot Agent automatically checks licenses when adding dependencies. How
275275
The project includes automated license compliance checking:
276276

277277
- **CI Workflow**: `.github/workflows/license-check.yml` runs on every PR that changes `go.mod`
278-
- **Local Check**: Run `make license-check` to verify all dependencies
278+
- **Local Check**: Run `make license-check` to verify all dependencies (installs `go-licenses` on-demand)
279279
- **License Report**: Run `make license-report` to see detailed license information
280280

281-
All dependencies are automatically scanned using Google's `go-licenses` tool, which classifies licenses by type and identifies potential compliance issues.
281+
All dependencies are automatically scanned using Google's `go-licenses` tool in CI, which classifies licenses by type and identifies potential compliance issues. Note that `go-licenses` is not actively maintained, so we install it on-demand rather than as a regular build dependency.
282282

283283
## 🤝 Community
284284

docs/src/content/docs/reference/safe-outputs.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -358,7 +358,9 @@ safe-outputs:
358358
github-token: ${{ secrets.GH_AW_PROJECT_GITHUB_TOKEN }} # required: PAT with Projects access
359359
```
360360

361-
Agent output **must include a full GitHub project URL** in the `project` field (e.g., `https://github.com/orgs/myorg/projects/42` or `https://github.com/users/username/projects/5`). Project names or numbers alone are not accepted. Can also supply `content_number`, `content_type`, `fields`, and `campaign_id`. When `campaign_id` is provided, `update-project` treats it as the campaign tracker identifier and applies the `campaign:<id>` label (for example, `campaign_id: security-sprint` results in `campaign:security-sprint`). See [Agentic Campaign Workflows](/gh-aw/guides/campaigns/) for the end-to-end campaign model.
361+
Agent output **must include a full GitHub project URL** in the `project` field (e.g., `https://github.com/orgs/myorg/projects/42` or `https://github.com/users/username/projects/5`). Project names or numbers alone are not accepted. Can also supply `content_number`, `content_type`, and `fields` to add items and update their fields.
362+
363+
**Campaign tracking (optional)**: When `campaign_id` is provided, `update-project` applies a `campaign:<id>` label to newly added issues/PRs for tracking purposes (for example, `campaign_id: security-sprint` results in `campaign:security-sprint`). This is used for [Agentic Campaign Workflows](/gh-aw/guides/campaigns/) but is not required for general project board management. ProjectOps workflows typically do not need `campaign_id`.
362364

363365
The job adds the issue or PR to the board, updates custom fields, and exposes `project-id`, `project-number`, `project-url`, `campaign-id`, and `item-id` outputs. Cross-repository targeting not supported.
364366

go.mod

Lines changed: 0 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,6 @@ require (
1111
github.com/fsnotify/fsnotify v1.9.0
1212
github.com/goccy/go-yaml v1.19.1
1313
github.com/golangci/golangci-lint v1.62.2
14-
github.com/google/go-licenses v1.6.0
1514
github.com/google/jsonschema-go v0.4.0
1615
github.com/modelcontextprotocol/go-sdk v1.1.1-0.20251212184941-875d1d30c2af
1716
github.com/rhysd/actionlint v1.7.9
@@ -86,7 +85,6 @@ require (
8685
github.com/davecgh/go-spew v1.1.1 // indirect
8786
github.com/denis-tingaikin/go-header v0.5.0 // indirect
8887
github.com/dustin/go-humanize v1.0.1 // indirect
89-
github.com/emirpasic/gods v1.12.0 // indirect
9088
github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect
9189
github.com/ettle/strcase v0.2.0 // indirect
9290
github.com/fatih/camelcase v1.0.0 // indirect
@@ -111,7 +109,6 @@ require (
111109
github.com/go-xmlfmt/xmlfmt v1.1.2 // indirect
112110
github.com/gobwas/glob v0.2.3 // indirect
113111
github.com/gofrs/flock v0.12.1 // indirect
114-
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
115112
github.com/golang/protobuf v1.5.4 // indirect
116113
github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a // indirect
117114
github.com/golangci/go-printf-func-name v0.1.0 // indirect
@@ -122,7 +119,6 @@ require (
122119
github.com/golangci/revgrep v0.5.3 // indirect
123120
github.com/golangci/unconvert v0.0.0-20240309020433-c5143eacb3ed // indirect
124121
github.com/google/go-cmp v0.7.0 // indirect
125-
github.com/google/licenseclassifier v0.0.0-20210722185704-3043a050f148 // indirect
126122
github.com/google/s2a-go v0.1.9 // indirect
127123
github.com/google/uuid v1.6.0 // indirect
128124
github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
@@ -139,13 +135,11 @@ require (
139135
github.com/henvic/httpretty v0.1.4 // indirect
140136
github.com/hexops/gotextdiff v1.0.3 // indirect
141137
github.com/inconshreveable/mousetrap v1.1.0 // indirect
142-
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
143138
github.com/jgautheron/goconst v1.7.1 // indirect
144139
github.com/jingyugao/rowserrcheck v1.1.1 // indirect
145140
github.com/jjti/go-spancheck v0.6.2 // indirect
146141
github.com/julz/importas v0.1.0 // indirect
147142
github.com/karamaru-alpha/copyloopvar v1.1.0 // indirect
148-
github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd // indirect
149143
github.com/kisielk/errcheck v1.8.0 // indirect
150144
github.com/kkHAIKE/contextcheck v1.1.5 // indirect
151145
github.com/kulti/thelper v0.6.3 // indirect
@@ -181,7 +175,6 @@ require (
181175
github.com/nunnatsa/ginkgolinter v0.18.3 // indirect
182176
github.com/olekukonko/tablewriter v0.0.5 // indirect
183177
github.com/openai/openai-go/v3 v3.8.1 // indirect
184-
github.com/otiai10/copy v1.14.0 // indirect
185178
github.com/pelletier/go-toml v1.9.5 // indirect
186179
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
187180
github.com/pmezard/go-difflib v1.0.0 // indirect
@@ -205,7 +198,6 @@ require (
205198
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
206199
github.com/sashamelentyev/interfacebloat v1.1.0 // indirect
207200
github.com/sashamelentyev/usestdlibvars v1.27.0 // indirect
208-
github.com/sergi/go-diff v1.2.0 // indirect
209201
github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c // indirect
210202
github.com/sirupsen/logrus v1.9.3 // indirect
211203
github.com/sivchari/containedctx v1.0.3 // indirect
@@ -217,7 +209,6 @@ require (
217209
github.com/spf13/jwalterweatherman v1.1.0 // indirect
218210
github.com/spf13/pflag v1.0.10 // indirect
219211
github.com/spf13/viper v1.12.0 // indirect
220-
github.com/src-d/gcfg v1.4.0 // indirect
221212
github.com/ssgreg/nlreturn/v2 v2.2.1 // indirect
222213
github.com/stbenjam/no-sprintf-host-port v0.1.1 // indirect
223214
github.com/stretchr/objx v0.5.2 // indirect
@@ -237,7 +228,6 @@ require (
237228
github.com/ultraware/whitespace v0.1.1 // indirect
238229
github.com/uudashr/gocognit v1.1.3 // indirect
239230
github.com/uudashr/iface v1.2.1 // indirect
240-
github.com/xanzy/ssh-agent v0.2.1 // indirect
241231
github.com/xen0n/gosmopolitan v1.2.2 // indirect
242232
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
243233
github.com/yagipy/maintidx v1.0.0 // indirect
@@ -247,7 +237,6 @@ require (
247237
gitlab.com/bosi/decorder v0.4.2 // indirect
248238
go-simpler.org/musttag v0.13.0 // indirect
249239
go-simpler.org/sloglint v0.7.2 // indirect
250-
go.opencensus.io v0.24.0 // indirect
251240
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
252241
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
253242
go.opentelemetry.io/otel v1.37.0 // indirect
@@ -274,12 +263,8 @@ require (
274263
google.golang.org/grpc v1.75.0 // indirect
275264
google.golang.org/protobuf v1.36.8 // indirect
276265
gopkg.in/ini.v1 v1.67.0 // indirect
277-
gopkg.in/src-d/go-billy.v4 v4.3.2 // indirect
278-
gopkg.in/src-d/go-git.v4 v4.13.1 // indirect
279-
gopkg.in/warnings.v0 v0.1.2 // indirect
280266
gopkg.in/yaml.v2 v2.4.0 // indirect
281267
honnef.co/go/tools v0.7.0-0.dev.0.20251022135355-8273271481d0 // indirect
282-
k8s.io/klog/v2 v2.80.1 // indirect
283268
mvdan.cc/gofumpt v0.8.0 // indirect
284269
mvdan.cc/unparam v0.0.0-20240528143540-8a5130ca722f // indirect
285270
mvdan.cc/xurls/v2 v2.6.0 // indirect

0 commit comments

Comments
 (0)