Add permission checks for dependabot toolset

[Copilot]

Ensures the compiler automatically requests security-events: read when the dependabot toolset is configured in tools.github, and validates it end-to-end in the smoke-codex workflow.

Changes Made

• tools.go: Added isDependabotToolsetEnabled helper and injectDependabotPermission — called from applyDefaults so security-events: read is injected into data.Permissions before validation runs, respecting any explicitly set level.
• compiler_activation_jobs.go: Updated buildMainJob to use isDependabotToolsetEnabled as a safety net for programmatic compilation paths that bypass applyDefaults.
• permissions_validator_test.go: Added TestCollectRequiredPermissions cases for the dependabot toolset and TestInjectDependabotPermission covering injection, no-op for existing levels, and non-dependabot configurations (7 cases total).
• smoke-codex.md: Added security-events: read permission, configured tools.github with toolsets: [default, dependabot], and added a Dependabot test step that calls list_dependabot_alerts for up to 1 alert (empty result is acceptable).
• smoke-codex.lock.yml: Recompiled to reflect the updated permissions and toolsets.

Testing

• ✅ Build, lint, and full test suite pass with 0 errors
• ✅ TestInjectDependabotPermission — 7 cases covering all injection scenarios
• ✅ smoke-codex.md compiles cleanly; agent job contains security-events: read
• ✅ Smoke-codex workflow exercises the dependabot toolset at runtime

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

---

Add permission checks for dependabot toolset

Ensures the compiler automatically requests security-events: read when the dependabot toolset is configured in tools.github, and validates it end-to-end in the smoke-codex workflow.

Changes Made

• tools.go: Added isDependabotToolsetEnabled helper and injectDependabotPermission — called from applyDefaults so security-events: read is injected into data.Permissions before validation runs, respecting any explicitly set level.
• compiler_activation_jobs.go: Updated buildMainJob to use isDependabotToolsetEnabled as a safety net for programmatic compilation paths that bypass applyDefaults.
• permissions_validator_test.go: Added TestCollectRequiredPermissions cases for the dependabot toolset and TestInjectDependabotPermission covering injection, no-op for existing levels, and non-dependabot configurations (7 cases total).
• smoke-codex.md: Added security-events: read permission, configured tools.github with toolsets: [default, dependabot], and added a Dependabot test step that calls list_dependabot_alerts for up to 1 alert (empty result is acceptable).
• smoke-codex.lock.yml: Recompiled to reflect the updated permissions and toolsets.

Testing

• ✅ Build, lint, and full test suite pass with 0 errors
• ✅ TestInjectDependabotPermission — 7 cases covering all injection scenarios
• ✅ smoke-codex.md compiles cleanly; agent job contains security-events: read
• ✅ Smoke-codex workflow exercises the dependabot toolset at runtime

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more [Copilot coding agent tips]((gh.io/redacted) in the docs.

Changeset

• Type: patch
• Description: Ensure the dependabot toolset automatically requests security-events: read and runs through the smoke-codex validation.

Generated by Changeset Generator for issue #17983

Warning

⚠️ Firewall blocked 2 domains

The following domains were blocked by the firewall during workflow execution:

• codeload.github.com
• github.com

---

---

✨ PR Review Safe Output Test - Run 22330477648

💥 [THE END] — Illustrated by Smoke Claude

[pelikhan]

@copilot update smoke-codex to query 1 dependabot issue and make sure it receives some answer (can be empty).

[Copilot]

@copilot update smoke-codex to query 1 dependabot issue and make sure it receives some answer (can be empty).

Done in dbd7942. Updated smoke-codex.md with:

• security-events: read permission added
• github toolsets changed to [default, dependabot] to enable the Dependabot MCP tools
• New test step 8: calls list_dependabot_alerts for up to 1 alert (empty result is acceptable)

The compiled smoke-codex.lock.yml now includes security-events: read in the agent job permissions.

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

Commit pushed: 5524770

[github-actions]

Smoke test results for §22330477639

Test
GitHub MCP	✅
Safe Inputs GH CLI	✅
Serena MCP	❌ unavailable
Playwright	✅
Web Fetch	✅
File Writing + Bash	✅
Discussion Interaction	✅
Build gh-aw	✅
Discussion Creation	✅
Workflow Dispatch	✅
PR Review	✅

Overall: ⚠️ PARTIAL PASS (Serena MCP not configured)

@pelikhan

📰 BREAKING: Report filed by Smoke Copilot

[github-actions]

Two small inline notes: the dependabot toolset addition and corresponding security-events: read permission look correct. No blocking issues.

📰 BREAKING: Report filed by Smoke Copilot

[github-actions]

Adding security-events: read permission looks correct for Dependabot toolset support. Make sure the corresponding smoke-copilot workflow gets the same permission if it also uses dependabot toolsets.

[github-actions]

Overall status: FAIL
PRs: #17999 [docs] Consolidate engine architecture, JS sanitization pipeline, activation output transforms into dev.md v2.9; #17996 [instructions] Sync github-agentic-workflows.md with release v0.40.1
GitHub MCP (2 merged PRs): ✅
Serena MCP (activate + find_symbol>=3): ✅
Playwright (title contains GitHub): ✅
Web Fetch (contains GitHub): ✅
File write: ✅
Bash cat verify: ✅
Build (make build): ✅
Dependabot alerts (list 1): ❌ (403)

🔮 The oracle has spoken through Smoke Codex

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

Commit pushed: ee356bc

[github-actions]

Smoke Test Results — Run §22330477648

Test	Status
1. GitHub MCP (merged PRs)	✅
2. Safe Inputs GH CLI	✅
3. Serena MCP (activate ✅ / find_symbol)	⚠️ EOF
4. Make Build	✅
5. Playwright (GitHub title)	✅
6. Tavily Web Search	✅
7. File Writing	✅
8. Bash Verification	✅
9. Discussion Comment	✅
10. Agentic Workflows MCP	✅
11. Update PR body	✅
12. PR Review Comments	✅
13. Submit PR Review	✅
14. Resolve Review Thread	✅
15. Add Reviewer	✅
16. Push to PR Branch	✅
17. Close PR	⚠️ skipped

Overall: PARTIAL (Serena find_symbol MCP EOF; test #17 intentionally skipped)

💥 [THE END] — Illustrated by Smoke Claude

[github-actions]

💥 Automated smoke test review - all systems nominal!

💥 [THE END] — Illustrated by Smoke Claude