fix: wire negative max-daily-effective-tokens validation and populate TokenUsage in audit test fixture#37001
Merged
Merged
Conversation
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
pelikhan
June 4, 2026 22:52
View session
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates a large set of GitHub Actions workflow lock files to write a Copilot CLI settings file (/home/runner/.copilot/settings.json) during execution, disabling the built-in rubberDuck agent and cleaning up the file on step exit.
Changes:
- Add a
trap+ settings.json write to disablebuiltInAgents.rubberDuckin Copilot CLI run steps across many.lock.ymlworkflows. - Ensure the Copilot settings file is cleaned up at the end of the step via
trap ... EXIT.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/daily-mcp-concurrency-analysis.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-malicious-code-scan.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-issues-report.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-hippo-learn.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-geo-optimizer.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-firewall-report.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-file-diet.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-experiment-report.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-compiler-threat-spec-optimizer.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-compiler-quality.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-community-attribution.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-cli-tools-tester.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-cli-performance.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-byok-ollama-test.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-assign-issue-to-user.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-architecture-diagram.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-ambient-context-optimizer.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/daily-agent-of-the-day-blog-writer.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/craft.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/copilot-pr-prompt-analysis.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/copilot-pr-nlp-analysis.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/copilot-pr-merged-report.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/copilot-opt.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/copilot-cli-deep-research.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/contribution-check.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/constraint-solving-potd.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/code-simplifier.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/code-scanning-fixer.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/cli-consistency-checker.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/ci-coach.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/chaos-pr-bundle-fuzzer.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/breaking-change-checker.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/brave.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/bot-detection.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/auto-triage-issues.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/artifacts-summary.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/architecture-guardian.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/archie.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/agent-persona-explorer.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/agent-performance-analyzer.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/ace-editor.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
| .github/workflows/ab-testing-advisor.lock.yml | Disable Copilot built-in rubberDuck via settings.json during CLI execution. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 42/42 changed files
- Comments generated: 1
Comment on lines
+939
to
+941
| trap 'rm -f /home/runner/.copilot/settings.json' EXIT | ||
| mkdir -p /home/runner/.copilot | ||
| printf '%s' '{"builtInAgents":{"rubberDuck":false}}' > /home/runner/.copilot/settings.json |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Two tests introduced in recent commits failed on
mainbecause the implementation lagged behind the test assertions.TestDailyETGuardrailNegativeValueRejectedvalidateMaxDailyEffectiveTokensFrontmatterwas missing — the compiler acceptedmax-daily-effective-tokens: -1without error. Added the validator and wired it intocompiler_validators.go.TestAgentFriendlyOutputExample/Console_OutputThe
steering=assertion (added alongsiderenderConsole's new tokens line) was unreachable because the test'sProcessedRunhad noTokenUsageset, sodata.FirewallTokenUsagewasniland the tokens line was never rendered. Fixed by populatingTokenUsagein the test fixture: