Conversation
Documents the following new features from PR #17769 (safe outputs refactor): - New `unassign-from-user` safe output type with blocked deny-list support - Blocked deny-list glob patterns for `assign-to-user` and `unassign-from-user` - Standardized error code registry (7 categories: ERR_VALIDATION, ERR_PERMISSION, etc.) - Templatable integer fields: `max`/`expires` accept `${{ inputs.* }}` expressions - Safe outputs prompt template system (actions/setup/md/ with XML wrapping) - XPIA (Cross-Prompt Injection Attack) defense section in Security Best Practices - MCP template expression escaping in heredocs to prevent template injection - Configuration breaking changes: status-comment decoupling and sandbox.agent migration - Agent instruction files documentation (.github/agents/) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
✅ Pull request created: #17794 |
github-actions
bot
added
automation
documentation
…-f141a5e25f759039
pelikhan
deleted the
docs/consolidate-dev-instructions-2026-02-23-f141a5e25f759039
branch
There was a problem hiding this comment.
Pull request overview
This PR updates the developer documentation (scratchpad/dev.md) from version 2.6 to 2.8, consolidating specifications for features introduced in PR #17769 (safe outputs refactor). The update adds comprehensive documentation for the new safe outputs prompt template system, security enhancements, and configuration changes.
Changes:
- Added documentation for safe outputs enhancements: templatable integer fields (
max/expires), blocked deny-lists for user assignment operations, and standardized error code registry (7 categories) - Documented safe outputs prompt template system with XML-wrapped files in
actions/setup/md/ - Added XPIA (Cross-Prompt Injection Attack) defense policy and MCP template expression escaping guidance
- Documented configuration breaking changes:
status-commentdecoupling from reaction triggers andsandbox.agent: falsemigration
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| The `max` and `expires` fields accept both literal integers and GitHub Actions template expressions (`${{ inputs.* }}`). The expression is evaluated at runtime to allow workflow inputs to control limits. | ||
|
|
||
| **Blocked Deny-List** (for `assign-to-user` and `unassign-from-user`): |
There was a problem hiding this comment.
The heading "Blocked Deny-List" is redundant since "blocked" and "deny-list" convey similar meanings. Consider simplifying to either "User Deny-List", "Blocked Users", or "User Blocking" for clarity.
| **Blocked Deny-List** (for `assign-to-user` and `unassign-from-user`): | |
| **Blocked Users** (for `assign-to-user` and `unassign-from-user`): |
| - v2.6 (2026-02-20): Fixed 8 tone issues across 4 spec files, documented post-processing extraction pattern and CLI flag propagation rule from PR #17316, analyzed 61 files | ||
| - v2.5 (2026-02-19): Fixed 6 tone issues in engine review docs, added Engine-Specific MCP Config Delivery section (Gemini pattern), analyzed 61 files |
There was a problem hiding this comment.
The version jumps from v2.6 to v2.8, skipping v2.7. If this is intentional (e.g., v2.7 was never published or was rolled back), consider adding a note to clarify why v2.7 is absent from the version history to avoid confusion.
| - v2.6 (2026-02-20): Fixed 8 tone issues across 4 spec files, documented post-processing extraction pattern and CLI flag propagation rule from PR #17316, analyzed 61 files | |
| - v2.5 (2026-02-19): Fixed 6 tone issues in engine review docs, added Engine-Specific MCP Config Delivery section (Gemini pattern), analyzed 61 files | |
| - v2.7: Version skipped; internal draft was rolled back before publication and never released. | |
| - v2.6 (2026-02-20): Fixed 8 tone issues across 4 spec files, documented post-processing extraction pattern and CLI flag propagation rule from PR #17316, analyzed 61 files |
| # ❌ Old behavior: reaction trigger auto-enabled status comment | ||
| on: | ||
| reaction: "+1" | ||
|
|
||
| # ✅ New: enable each independently | ||
| on: | ||
| reaction: "+1" | ||
| status-comment: true # Explicitly enable the started/completed comment | ||
| ``` |
There was a problem hiding this comment.
Potential discrepancy with issue #15831: The issue description uses ai-reaction: eyes as the configuration field, but this documentation shows reaction: "+1" in the on: section. Please verify that the field name and location in the configuration are accurate. If reaction: is the correct field name as a trigger under on:, and ai-reaction: was just shorthand in the issue description, this is fine. Otherwise, the examples should be updated to match the actual configuration schema.
1 participant
Updates
scratchpad/dev.mdfrom v2.6 to v2.8 to document features introduced in PR #17769 (safe outputs refactor).Changes Made
scratchpad/— 0 tone issues, 0 formatting issuesscratchpad/dev.md: v2.6 → v2.8 (+158 lines, 1794 → 1949)New Sections Added
Safe Outputs System
max/expiresaccept$\{\{ inputs.* }}expressionsassign-to-userandunassign-from-userERR_VALIDATION,ERR_PERMISSION,ERR_API,ERR_CONFIG,ERR_NOT_FOUND,ERR_PARSE,ERR_SYSTEM)actions/setup/md/with XML wrappingSecurity Best Practices
Workflow Patterns
status-commentdecoupling (Decoupleai-reactionemoji from status comment #15831) andsandbox.agent: falsemigrationAdditional Resources
.github/agents/developer.instructions.mdandcreate-safe-output-type.agent.mdUpdated Content
unassign-from-userassign-to-userandunassign-from-userrows with note on templatable fieldsValidation
✅ All markdown validated
✅ 9 Mermaid diagrams maintained
✅ 90 code blocks with language tags
✅ Consistent technical tone throughout
✅ Logical structure maintained
Review Notes
Please review:
assign_to_user.goandunassign_from_user.goactions/setup/js/error_codes.cjsSee the discussion [Developer Documentation Consolidation - 2026-02-23] for the full consolidation report.
References: