Skip to content

fix(safe-outputs): bridge git safe.directory trust via GIT_CONFIG_* env vars#46057

Open
pelikhan with Copilot wants to merge 9 commits into
mainfrom
copilot/deep-report-safe-outputs-fix
Open

fix(safe-outputs): bridge git safe.directory trust via GIT_CONFIG_* env vars#46057
pelikhan with Copilot wants to merge 9 commits into
mainfrom
copilot/deep-report-safe-outputs-fix

Conversation

Copilot AI commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

The push_to_pull_request_branch bridge (Process Safe Outputs step) runs outside the safeoutputs Docker container, potentially as a different uid/HOME. The in-container git config --global safe.directory never reaches this process, causing git to reject the workspace with "detected dubious ownership" — silently leaving the Changeset Generator read-only.

Changes

  • git_helpers.cjs — Extracted ensureSafeDirectoryTrust(gitCwd) from safe_outputs_handlers.cjs into the shared helper module and exported it. Sets GIT_CONFIG_COUNT/KEY/VALUE env vars in-process (git ≥2.31), bypassing ~/.gitconfig entirely:

    // Before: only lived inside the MCP server container
    function ensureSafeDirectoryTrust(gitCwd, server) { ... server.debug(...) }
    
    // After: shared, no server param, uses core.debug
    ensureSafeDirectoryTrust(process.env.GITHUB_WORKSPACE || process.cwd());
  • safe_outputs_handlers.cjs — Replaced local definition with import from git_helpers.cjs; removed server arg from three call sites.

  • push_to_pull_request_branch.cjs — Added two call sites in the bridge path:

    • main() factory: trusts GITHUB_WORKSPACE at handler init (covers all messages)
    • Per-message: trusts repoCwd for cross-repo subdirectory checkouts
    • Improved bundle-apply failure error message to include the actual git error (was a static string).
  • git_helpers.test.cjs — 8 new unit tests: no-op on falsy input, deduplication, multi-directory accumulation, coexistence with existing GIT_CONFIG_* entries (e.g. from getGitAuthEnv), malformed-count guard.

…ship

Extract ensureSafeDirectoryTrust from safe_outputs_handlers.cjs to
git_helpers.cjs so it is available to the bridge (Process Safe Outputs
step) as well as the MCP server container.

The bridge runs outside the Docker container as a potentially different
user/HOME, so the in-container `git config --global safe.directory`
never reaches it. Using GIT_CONFIG_* env vars in the bridge process
directly ensures git trusts the checkout regardless of HOME or uid.

- Extract ensureSafeDirectoryTrust to git_helpers.cjs (uses core.debug,
  no server param), export it
- Update safe_outputs_handlers.cjs to import from git_helpers.cjs and
  remove local definition; update 3 call sites to drop server param
- Call ensureSafeDirectoryTrust in push_to_pull_request_branch.cjs:
  - In main() factory with GITHUB_WORKSPACE (covers all messages)
  - Per-message for cross-repo repoCwd subdirectory checkouts
- Fix bundle apply error message to include actual error text
- Add 8 new unit tests for ensureSafeDirectoryTrust

Closes #46028

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix dubious ownership issue in Changeset Generator fix(safe-outputs): bridge git safe.directory trust via GIT_CONFIG_* env vars Jul 16, 2026
Copilot AI requested a review from pelikhan July 16, 2026 18:31
@pelikhan
pelikhan marked this pull request as ready for review July 16, 2026 19:02
Copilot AI review requested due to automatic review settings July 16, 2026 19:02

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Bridges Git safe-directory trust into safe-output processes that may use a different user or home directory.

Changes:

  • Extracts and exports the shared trust helper.
  • Applies trust to workspace and cross-repository checkouts.
  • Adds unit coverage and improves bundle errors.
Show a summary per file
File Description
actions/setup/js/git_helpers.cjs Adds the shared safe-directory helper.
actions/setup/js/git_helpers.test.cjs Tests environment configuration behavior.
actions/setup/js/safe_outputs_handlers.cjs Uses the shared helper.
actions/setup/js/push_to_pull_request_branch.cjs Trusts bridge checkouts and reports bundle errors.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 4/4 changed files
  • Comments generated: 1
  • Review effort level: Medium

Comment thread actions/setup/js/git_helpers.cjs Outdated
@pelikhan

Copy link
Copy Markdown
Collaborator

@copilot run pr-finisher skill

Copilot AI and others added 2 commits July 16, 2026 21:33
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI commented Jul 16, 2026

Copy link
Copy Markdown
Contributor Author

@copilot run pr-finisher skill

Ran pr-finisher and pushed 6077c7b.

This follow-up hardens malformed GIT_CONFIG_COUNT handling and makes ensureSafeDirectoryTrust() safe when core is not shimmed, with expanded tests for the malformed-count cases and the non-shimmed path.

Focused JS tests passed, make lint passed, and final parallel validation is clean. Full make test-unit in this sandbox still has unrelated existing failures in pkg/cli / host-dependent tests outside this change. This head has no CI runs yet because agent pushes do not trigger workflows, so a maintainer will need to re-trigger CI before merge.

@pelikhan

Copy link
Copy Markdown
Collaborator

/matt

@github-actions

github-actions Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

🧠 Matt Pocock Skills Reviewer has completed the skills-based review. ✅

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skills-Based Review

Applied /diagnosing-bugs and /tdd — two minor issues worth addressing, no blockers.

Positive highlights

  • Root cause properly addressed: bridge now gets safe.directory trust via GIT_CONFIG_* env vars, bypassing ~/.gitconfig for cross-uid/HOME scenarios.
  • Deduplication and malformed-count guards (Number.isSafeInteger) prevent subtle env-var chain corruption.
  • Factory-level + per-message call pattern in push_to_pull_request_branch.cjs covers both GITHUB_WORKSPACE and cross-repo subdirectory checkouts.
  • Comprehensive test coverage: falsy input, dedup, multi-directory, auth coexistence, malformed counts, missing core global.
  • Improved bundle-apply error message surfaces the actual git error.

Two issues raised (see inline comments)

  1. Debug logging regression — server.debug() in the MCP container path is silently dropped after removing the server arg.
  2. Test fragility — auth-coexistence test hardcodes index 0 instead of deriving it from getGitAuthEnv's actual count.

@copilot please address the review comments above.

🧠 Reviewed using Matt Pocock's skills by Matt Pocock Skills Reviewer · 37 AIC · ⌖ 4.61 AIC · ⊞ 6.7K
Comment /matt to run again

@pelikhan

Copy link
Copy Markdown
Collaborator

@copilot review #46057 (review)

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

Skills-Based Review

Applied /diagnosing-bugs and /tdd — two minor issues worth addressing, no blockers....

Addressed in d4d78eb: ensureSafeDirectoryTrust() now accepts an optional logger so the MCP server path keeps its debug logging, and the auth-coexistence test now derives the appended index from the existing GIT_CONFIG_COUNT with coverage for the provided-logger path.

@copilot review #46057 (review)

Addressed in d4d78eb. I restored the bridge-path debug logging via an optional logger parameter in ensureSafeDirectoryTrust() and made the auth-coexistence test derive its appended index from the existing GIT_CONFIG_COUNT, with added coverage for the provided-logger path.

@gh-aw-bot

Copy link
Copy Markdown
Collaborator

@copilot please run the pr-finisher skill, review the latest maintainer feedback, and rerun checks once updated.

Generated by 👨🍳 PR Sous Chef

Generated by 👨‍🍳 PR Sous Chef · 17.1 AIC · ⌖ 6.79 AIC · ⊞ 7.5K ·
Comment /souschef to run again

Copilot AI commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

@copilot please run the pr-finisher skill, review the latest maintainer feedback, and rerun checks once updated.

Generated by [👨🍳 PR Sous Chef](https://github.com/github/gh-aw/actions/runs/...

Ran the PR finisher pass. No new maintainer feedback required additional code changes beyond d4d78eb.

Re-ran checks on the current head:

  • make fmt
  • make lint
  • targeted JS tests (git_helpers.test.cjs, push_to_pull_request_branch.test.cjs, safe_outputs_handlers.test.cjs) ✅
  • make test-unit still fails in pre-existing unrelated pkg/cli tests, not in this PR’s safe-output files

CI on this head is still unverified until a maintainer re-triggers it, since agent pushes do not start workflows.

Copilot AI requested a review from gh-aw-bot July 17, 2026 05:17
@github-actions

Copy link
Copy Markdown
Contributor

🤖 PR Triage

Field Value
Category bug
Risk medium
Score 60/100 (impact:25, urgency:20, quality:15)
Action fast_track

Rationale: Safe-outputs git safe.directory trust bridge — prevents 'dubious ownership' rejections on push_to_pull_request_branch for cross-uid runners. CI running. Expedite.

Generated by 🔧 PR Triage Agent · 166.4 AIC · ⌖ 6.15 AIC · ⊞ 5.6K ·

@gh-aw-bot

Copy link
Copy Markdown
Collaborator

@copilot please run the pr-finisher skill, address the unresolved review feedback, investigate the failed checks listed below, and rerun checks once the branch is up to date.

Failed checks:

Generated by PR Sous Chef: https://github.com/github/gh-aw/actions/runs/29563491899

Generated by 👨‍🍳 PR Sous Chef · 7.53 AIC · ⌖ 9 AIC · ⊞ 6K ·
Comment /souschef to run again

Copilot AI and others added 2 commits July 17, 2026 07:49
Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>

Copilot AI commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

@copilot please run the pr-finisher skill, address the unresolved review feedback, investigate the failed checks listed below, and rerun checks once the branch is up to date.

Failed checks:...

Addressed in 06ce580.

I traced the failed agent job to a rootless AWF startup error, not an unresolved PR review thread: AWF hit EACCES opening /tmp/awf-chroot-*/hosts during writeConfigs. The fix now cleans stale /tmp/awf-chroot-* directories alongside the existing /tmp/awf-*-chroot-home cleanup in the install, post, and clean paths, with coverage in actions/setup/js/chroot_home_cleanup.test.js.

Re-ran checks on the updated branch:

  • make fmt
  • make lint
  • focused JS tests including chroot_home_cleanup.test.js and the touched safe-output tests ✅
  • make test-unit
  • make test

There are no unresolved in-scope review threads left from the PR feedback I could access. CI on this head still needs a maintainer re-trigger to verify the new commit.

@gh-aw-bot

Copy link
Copy Markdown
Collaborator

@copilot please run the pr-finisher skill, review the outstanding feedback status on this PR, and make sure any unresolved review thread is either answered and resolved or fixed in a follow-up commit. Then rerun checks so maintainers can reassess merge readiness.

Generated by 👨‍🍳 PR Sous Chef · 11.9 AIC · ⌖ 6.58 AIC · ⊞ 7.5K ·
Comment /souschef to run again

Copilot AI commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

@copilot please run the pr-finisher skill, review the outstanding feedback status on this PR, and make sure any unresolved review thread is either answered and resolved or fixed in a follow-up commi...

Checked the current PR state on 06ce580.

  • No unresolved in-scope review threads are exposed by the PR review API; the only review thread on the PR is already resolved.
  • Re-ran local checks on the current head: make fmt, make lint, make test-unit, make test, and make recompile all passed. I reverted the unrelated generated workflow cron diff from make recompile, so there is no follow-up code change from this pass.
  • The earlier failed agent job remains addressed by 06ce580; the newer workflow runs on this head are bot/action-required states, so CI on the current head still needs a maintainer re-trigger to verify post-push status.

@gh-aw-bot

Copy link
Copy Markdown
Collaborator

@copilot please run the pr-finisher skill, rerun checks once the branch is up to date.

Generated by PR Sous Chef: https://github.com/github/gh-aw/actions/runs/29569653113

Generated by 👨‍🍳 PR Sous Chef · 5.53 AIC · ⌖ 5.1 AIC · ⊞ 6K ·
Comment /souschef to run again

Copilot AI commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

@copilot please run the pr-finisher skill, rerun checks once the branch is up to date.

Generated by PR Sous Chef: https://github.com/github/gh-aw/actions/runs/29569653113...

Checked the current head again on 06ce580.

  • Re-ran make fmt, make lint, make test-unit, make test, and make recompile; all passed. I reverted the unrelated generated cron diff from /home/runner/work/gh-aw/gh-aw/.github/workflows/agentic-auto-upgrade.yml, so there is no follow-up commit from this pass.
  • There are still no unresolved in-scope review threads on the PR.
  • The last completed Copilot run succeeded; CI for the current head still needs a maintainer re-trigger for fresh post-push verification.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[deep-report] [safe-outputs] Tracking: Changeset Generator push_to_pull_request_branch dubious-ownership hardfail (bridge safe.directory)

4 participants