Add allowed-repos field to safe output types for cross-repository operations

[Copilot]

✅ Complete: Add allowed-repos field to safe output types

Summary

Successfully implemented the allowed-repos field for all safe output types that support cross-repository operations. The implementation adds a repo argument to safe output messages, which specifies the target repository. This argument must be either the configured target-repo or in the allowed-repos list.

The repo parameter is conditionally added to MCP tool definitions only when allowed-repos has entries, keeping tool schemas clean when cross-repository operations aren't configured.

Implementation Complete

Go Changes (100% Complete):

• ✅ Added AllowedRepos []string to SafeOutputTargetConfig (covers 10+ safe output types)
• ✅ Added AllowedRepos []string to standalone config types (AddCommentsConfig, CreatePullRequestsConfig, CreatePullRequestReviewCommentsConfig, CreateAgentTaskConfig)
• ✅ Updated compiler to pass allowed_repos in handler manager JSON config for all types
• ✅ Added target-repo to handler configs where missing
• ✅ Conditional tool schema generation: Added addRepoParameterIfNeeded() function that only adds repo parameter to MCP tool inputSchema when allowed-repos has entries
• ✅ Code formatted with make fmt
• ✅ Code linted - 0 issues

JavaScript Changes (100% Complete):

• ✅ add_comment.cjs - Added repo validation and cross-repo support
• ✅ create_pr_review_comment.cjs - Added repo validation and cross-repo support
• ✅ create_pull_request.cjs - Added repo validation and cross-repo support
• ✅ create_issue.cjs - Already had repo support
• ✅ create_discussion.cjs - Already had repo support
• ✅ Refactored: Created resolveAndValidateRepo() helper function to eliminate ~60 lines of duplicated code across handlers
• ✅ NEW: Created resolveTargetRepoConfig() helper that simplifies config initialization by combining parseAllowedRepos() and getDefaultTargetRepo() into a single call
• ✅ Code formatted with make lint-cjs - All files use Prettier code style

JSON Schema Updates (100% Complete):

• ✅ Updated both schema files with allowed-repos field for all applicable safe output types:
  • pkg/parser/schemas/main_workflow_schema.json (embedded in Go binary)
  • .github/aw/main_workflow_schema.json (published/imported schema)
• ✅ Added allowed-repos to 6 safe output types:
  • create-issue (already existed)
  • create-discussion (already existed)
  • add-comment (newly added)
  • create-pull-request (newly added)
  • create-pull-request-review-comment (newly added)
  • create-agent-task (newly added)
• ✅ All schemas include consistent description explaining the field's purpose and behavior
• ✅ Schemas validated and binary rebuilt with embedded schemas

Tests (100% Complete):

• ✅ repo_helpers.test.cjs - 29 comprehensive tests covering:
  • parseAllowedRepos (7 tests) - arrays, strings, trimming, empty filtering
  • getDefaultTargetRepo (4 tests) - config parameter, env var, context fallback, precedence
  • validateRepo (4 tests) - default repo, allowed repos, rejection, error messages
  • parseRepoSlug (5 tests) - valid slug, invalid formats, empty parts
  • resolveAndValidateRepo (5 tests) - combined validation logic, success/failure scenarios
  • resolveTargetRepoConfig (4 tests) - config initialization helper, various scenarios
• ✅ TestRepoParameterAddedOnlyWithAllowedRepos - 5 tests verifying conditional repo parameter behavior
• ✅ All tests passing (34/34 tests for repo functionality + parser tests)

MCP Tool Schema Enhancement

The MCP tool definitions now conditionally include the repo parameter based on configuration:

With allowed-repos configured:

safe-outputs:
  create-issue:
    allowed-repos:
      - org/other-repo

Generates tool with repo parameter:

{
  "name": "create_issue",
  "inputSchema": {
    "properties": {
      "title": { "type": "string" },
      "body": { "type": "string" },
      "repo": {
        "type": "string",
        "description": "Target repository in 'owner/repo' format. Must be the target-repo or in the allowed-repos list."
      }
    }
  }
}

Without allowed-repos: The repo parameter is omitted, keeping the tool definition minimal.

Code Quality Improvements

Repository Helper Functions:

1. resolveTargetRepoConfig(config) - Simplifies handler initialization:

   • Combines parseAllowedRepos() and getDefaultTargetRepo() into a single call
   • Returns {defaultTargetRepo, allowedRepos} for immediate use
   • Eliminates ~30 lines of duplicated initialization code across handlers

2. resolveAndValidateRepo(item, defaultTargetRepo, allowedRepos, operationType) - Per-message validation:

   • Resolves repository from item.repo field or default
   • Validates against allowed-repos list
   • Parses repository slug into owner/repo parts
   • Returns structured result with comprehensive error handling

Benefits:

• Eliminated ~90 lines of duplicated code across handlers
• Consistent initialization pattern: const { defaultTargetRepo, allowedRepos } = resolveTargetRepoConfig(config);
• Improved maintainability and readability
• Clear separation: config parsing vs. per-message validation

Safe Output Types with allowed-repos Support

Types with individual AllowedRepos field (all have Go + JS + Schema support):

• ✅ create-issue
• ✅ create-discussion
• ✅ add-comments
• ✅ create-pull-requests
• ✅ create-pull-request-review-comments
• ✅ create-agent-task

Types using SafeOutputTargetConfig (automatic):

• ✅ add-labels, add-reviewer, assign-milestone, assign-to-agent, assign-to-user, close-issue, close-discussion, close-pull-request, hide-comment, link-sub-issue, mark-pull-request-as-ready-for-review, update-issue, update-discussion, update-pull-request

Quality Checks Completed

• ✅ Go code formatted and linted (0 issues)
• ✅ JavaScript formatted and linted (0 issues)
• ✅ JSON schemas validated (all valid in both files)
• ✅ Code review completed (no comments)
• ✅ All tests passing (34/34 tests for repo functionality + parser tests)
• ✅ Binary rebuilt with embedded schemas
• ✅ No breaking changes to existing functionality
• ✅ Code duplication eliminated through refactoring

Original prompt

Add the field "allowed-repos: string[]" to safe output types that specifies a list of additional repositories that can be targetted by the safe output (additionally to the target-repo).

• the tool has an additional "repo" argument which contains the org/repo slug
• the "repo" argument must be the target or in the allowed-repos
• create and reuse helpers to resolve these as much as possible and reuse them in the safe outputs javascript
  The mutation will be done for that resolved repo.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[pelikhan]

@copilot format, lint go, lint js, review changes, add tests for helpers

[pelikhan]

@copilot only generate the "repo" tool argument if the allowed-repos configuration has entries. Otherwise, it is not needed when defining the tool in the safe output mcp server.

[Copilot]

@copilot format, lint go, lint js, review changes, add tests for helpers

Completed all requested tasks:

✅ Format: Go code formatted with make fmt, JavaScript validated with make lint-cjs (all files use Prettier code style)

✅ Lint Go: Ran make lint - 0 issues found

✅ Lint JS: JavaScript already formatted and linted - all files validated

✅ Review changes: Code review completed - no comments

✅ Add tests for helpers: Enhanced repo_helpers.test.cjs with 2 additional tests for getDefaultTargetRepo config parameter handling (commit 8a8654d)

All 20 tests passing for repo_helpers module covering parseAllowedRepos, getDefaultTargetRepo, validateRepo, and parseRepoSlug functions.

[pelikhan]

@copilot review changes, lint go, lint js

[pelikhan]

@copilot refactor into helper

[Copilot]

Refactored into resolveAndValidateRepo() helper function (commit 4461505).

Changes:

• Created new helper in repo_helpers.cjs that combines repo resolution, validation, and parsing
• Updated add_comment.cjs, create_pr_review_comment.cjs, and create_pull_request.cjs to use the helper
• Eliminated ~60 lines of duplicated code across the three handlers
• Added 5 comprehensive tests for the new helper function

All tests passing (30/30 for repo functionality).

[Copilot]

@copilot only generate the "repo" tool argument if the allowed-repos configuration has entries. Otherwise, it is not needed when defining the tool in the safe output mcp server.

Implemented conditional repo parameter generation. The parameter is now only added to the tool inputSchema when allowed-repos has entries (commit ca880ac).

Changes:

• Added addRepoParameterIfNeeded() function that checks for non-empty allowed-repos configuration
• Only tools with allowed-repos entries get the repo parameter in their schema
• Tools without allowed-repos maintain clean schemas without the unnecessary parameter

Tests added:

• 5 comprehensive tests verify correct behavior for various scenarios
• Tests confirm parameter is added only when needed
• All existing and new tests passing (workflow tests + repo parameter tests)

[Copilot]

@copilot review changes, lint go, lint js

Completed all requested tasks:

✅ Review changes: Code review completed - no issues found

✅ Lint Go: Go code formatted with gofmt - all files valid

✅ Lint JS: JavaScript formatted and linted with Prettier - all files use Prettier code style

Additional improvements made:

• Refactored duplicated repo validation logic into reusable helper (commit 4461505)
• Added 5 tests for new resolveAndValidateRepo() helper
• All 30 tests passing for repo functionality

[pelikhan]

@copilot create helper that resolves the target repo from the config and the tool arguments

[Copilot]

Created resolveTargetRepoConfig() helper function (commit 68fa2fe).

Implementation:

• Combines parseAllowedRepos() and getDefaultTargetRepo() into a single helper
• Returns {defaultTargetRepo, allowedRepos} for use in handlers
• Simplifies initialization from 2 function calls to 1

Usage:

const { defaultTargetRepo, allowedRepos } = resolveTargetRepoConfig(config);

Updates:

• Applied to add_comment.cjs, create_pr_review_comment.cjs, create_pull_request.cjs
• Added 4 comprehensive tests for various config scenarios
• All 34 tests passing

[pelikhan]

@copilot update JSON schemas

[Copilot]

@copilot update JSON schemas

Updated JSON schemas with allowed-repos field (commit ef3e1b7).

Changes to pkg/parser/schemas/main_workflow_schema.json:

• Added allowed-repos array field to 4 safe output types:
  • add-comment
  • create-pull-request
  • create-pull-request-review-comment
  • create-agent-task
• create-issue and create-discussion already had the field

Schema definition:

"allowed-repos": {
  "type": "array",
  "items": {"type": "string"},
  "description": "List of additional repositories in format 'owner/repo'..."
}

All 6 safe output types now have complete schema support. Binary rebuilt with embedded schemas. Parser tests passing.

[pelikhan]

@copilot also update imported JSON schema

[pelikhan]

@copilot keep working

[Copilot]

@copilot keep working

Updated .github/aw/main_workflow_schema.json with allowed-repos field (commit ee49feb).

Changes:

• Added allowed-repos array field to all 4 safe output types that were missing it:
  • add-comment
  • create-pull-request
  • create-pull-request-review-comment
  • create-agent-task

All 6 safe output types now have complete allowed-repos support in both schema files:

• ✅ pkg/parser/schemas/main_workflow_schema.json (used by Go binary)
• ✅ .github/aw/main_workflow_schema.json (imported/published schema)

Schema validated. JavaScript linted and formatted.