From 3a74223c791d3fa4edf22b5e232f147b638eac4f Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 24 Feb 2026 16:12:42 +0000 Subject: [PATCH 1/3] Initial plan From f497a88d681550e5bd8d0880358d60dfc006b984 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 24 Feb 2026 16:17:43 +0000 Subject: [PATCH 2/3] initial plan Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .github/workflows/code-scanning-fixer.lock.yml | 2 -- .github/workflows/codex-github-remote-mcp-test.lock.yml | 2 -- .github/workflows/commit-changes-analyzer.lock.yml | 2 -- .github/workflows/example-permissions-warning.lock.yml | 2 -- .github/workflows/firewall.lock.yml | 2 -- .github/workflows/notion-issue-summary.lock.yml | 2 -- .github/workflows/python-data-charts.lock.yml | 2 -- .github/workflows/release.lock.yml | 2 -- .github/workflows/repo-audit-analyzer.lock.yml | 2 -- .github/workflows/research.lock.yml | 2 -- .github/workflows/technical-doc-writer.lock.yml | 2 -- .github/workflows/test-create-pr-error-handling.lock.yml | 2 -- .github/workflows/test-dispatcher.lock.yml | 2 -- .github/workflows/test-project-url-default.lock.yml | 2 -- .github/workflows/test-workflow.lock.yml | 2 -- .github/workflows/video-analyzer.lock.yml | 2 -- 16 files changed, 32 deletions(-) diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml index 93cded9aca..eb3485cb63 100644 --- a/.github/workflows/code-scanning-fixer.lock.yml +++ b/.github/workflows/code-scanning-fixer.lock.yml @@ -229,8 +229,6 @@ jobs: contents: read pull-requests: read security-events: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/codex-github-remote-mcp-test.lock.yml b/.github/workflows/codex-github-remote-mcp-test.lock.yml index 08a79efe70..2ee992a9f1 100644 --- a/.github/workflows/codex-github-remote-mcp-test.lock.yml +++ b/.github/workflows/codex-github-remote-mcp-test.lock.yml @@ -204,8 +204,6 @@ jobs: permissions: contents: read issues: read - concurrency: - group: "gh-aw-codex-${{ github.workflow }}" env: GH_AW_WORKFLOW_ID_SANITIZED: codexgithubremotemcptest outputs: diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml index ac4cb5bacc..7fc028305d 100644 --- a/.github/workflows/commit-changes-analyzer.lock.yml +++ b/.github/workflows/commit-changes-analyzer.lock.yml @@ -227,8 +227,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-claude-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml index 9f3a3a1ade..0369cc372c 100644 --- a/.github/workflows/example-permissions-warning.lock.yml +++ b/.github/workflows/example-permissions-warning.lock.yml @@ -204,8 +204,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: GH_AW_WORKFLOW_ID_SANITIZED: examplepermissionswarning outputs: diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index f995f6c588..a6d844b889 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -206,8 +206,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: GH_AW_WORKFLOW_ID_SANITIZED: firewall outputs: diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index d8d91e53c8..6a23ebc71b 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -225,8 +225,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index a9efd030dd..548accf432 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -236,8 +236,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index 814feb8bce..942e907b17 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -230,8 +230,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/repo-audit-analyzer.lock.yml b/.github/workflows/repo-audit-analyzer.lock.yml index 9ec1a819bb..7bdd9a23be 100644 --- a/.github/workflows/repo-audit-analyzer.lock.yml +++ b/.github/workflows/repo-audit-analyzer.lock.yml @@ -234,8 +234,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index d432f268ab..c4ed63cf6e 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -231,8 +231,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index 71251e83c1..86f14d831f 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -242,8 +242,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg" diff --git a/.github/workflows/test-create-pr-error-handling.lock.yml b/.github/workflows/test-create-pr-error-handling.lock.yml index f352073d15..c88c7ef70d 100644 --- a/.github/workflows/test-create-pr-error-handling.lock.yml +++ b/.github/workflows/test-create-pr-error-handling.lock.yml @@ -219,8 +219,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-claude-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/test-dispatcher.lock.yml b/.github/workflows/test-dispatcher.lock.yml index acfbea6831..88c7f2200d 100644 --- a/.github/workflows/test-dispatcher.lock.yml +++ b/.github/workflows/test-dispatcher.lock.yml @@ -207,8 +207,6 @@ jobs: permissions: contents: read issues: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/test-project-url-default.lock.yml b/.github/workflows/test-project-url-default.lock.yml index c866f0da56..19e33d8ed1 100644 --- a/.github/workflows/test-project-url-default.lock.yml +++ b/.github/workflows/test-project-url-default.lock.yml @@ -206,8 +206,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" diff --git a/.github/workflows/test-workflow.lock.yml b/.github/workflows/test-workflow.lock.yml index c5dbae4531..345ec25577 100644 --- a/.github/workflows/test-workflow.lock.yml +++ b/.github/workflows/test-workflow.lock.yml @@ -206,8 +206,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: GH_AW_WORKFLOW_ID_SANITIZED: testworkflow outputs: diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index fb8cc30ec0..23cd6aae1c 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -227,8 +227,6 @@ jobs: contents: read issues: read pull-requests: read - concurrency: - group: "gh-aw-copilot-${{ github.workflow }}" env: DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} GH_AW_ASSETS_ALLOWED_EXTS: "" From 55b7230f89404b7b3bcbaa5daec6708820d4a03c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 24 Feb 2026 16:19:20 +0000 Subject: [PATCH 3/3] fix: add len(part) >= 2 guard in FuzzParseInputDefinition options parsing to prevent slice bounds panic Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- pkg/workflow/workflow_dispatch_inputs_fuzz_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkg/workflow/workflow_dispatch_inputs_fuzz_test.go b/pkg/workflow/workflow_dispatch_inputs_fuzz_test.go index f93659fd1d..05fe4c2ced 100644 --- a/pkg/workflow/workflow_dispatch_inputs_fuzz_test.go +++ b/pkg/workflow/workflow_dispatch_inputs_fuzz_test.go @@ -111,6 +111,7 @@ func FuzzParseInputDefinition(f *testing.F) { f.Add(`{"type":"choice","options":[1,2,3]}`) f.Add(`{"type":"choice","options":[true,false]}`) f.Add(`{"type":"choice","options":["",""]}`) + f.Add(`{"options":[" ]`) // malformed: truncated before closing quote/bracket // Run the fuzzer f.Fuzz(func(t *testing.T, jsonStr string) { @@ -219,7 +220,7 @@ func FuzzParseInputDefinition(f *testing.F) { options := []string{} for _, part := range parts { part = strings.TrimSpace(part) - if strings.HasPrefix(part, `"`) && strings.HasSuffix(part, `"`) { + if len(part) >= 2 && strings.HasPrefix(part, `"`) && strings.HasSuffix(part, `"`) { options = append(options, part[1:len(part)-1]) } }