diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index a218ccd3ba..6f39dfc648 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -1373,7 +1373,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index 4bed58e600..f02bef3277 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -1878,7 +1878,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml index aea19a8daa..d79adbc596 100644 --- a/.github/workflows/blog-auditor.lock.yml +++ b/.github/workflows/blog-auditor.lock.yml @@ -1804,7 +1804,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index de923408bd..adbfec8974 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -2463,7 +2463,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/changeset-generator.lock.yml b/.github/workflows/changeset-generator.lock.yml index ab528642ca..38231dc21d 100644 --- a/.github/workflows/changeset-generator.lock.yml +++ b/.github/workflows/changeset-generator.lock.yml @@ -2171,7 +2171,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index e49f633e11..d230d13485 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -1901,7 +1901,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index 168f0a46e1..397d45138f 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -1743,7 +1743,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml index 6fd830ed82..e6432d9feb 100644 --- a/.github/workflows/commit-changes-analyzer.lock.yml +++ b/.github/workflows/commit-changes-analyzer.lock.yml @@ -1696,7 +1696,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml index eb0f73d806..4d1eae8940 100644 --- a/.github/workflows/copilot-agent-analysis.lock.yml +++ b/.github/workflows/copilot-agent-analysis.lock.yml @@ -1985,7 +1985,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml index ce7b0ba017..69630698d4 100644 --- a/.github/workflows/daily-doc-updater.lock.yml +++ b/.github/workflows/daily-doc-updater.lock.yml @@ -1659,7 +1659,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index 476f0de294..f7e111ede5 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -1546,7 +1546,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/daily-perf-improver.lock.yml b/.github/workflows/daily-perf-improver.lock.yml index 1e19285ce7..c538bb3bd2 100644 --- a/.github/workflows/daily-perf-improver.lock.yml +++ b/.github/workflows/daily-perf-improver.lock.yml @@ -1896,7 +1896,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/daily-test-improver.lock.yml b/.github/workflows/daily-test-improver.lock.yml index 2ceb941412..d7275e6f66 100644 --- a/.github/workflows/daily-test-improver.lock.yml +++ b/.github/workflows/daily-test-improver.lock.yml @@ -1870,7 +1870,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 742ccd624f..0063fc899f 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -1803,7 +1803,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/dev.firewall.lock.yml b/.github/workflows/dev.firewall.lock.yml index 48518f36b3..8949ff4799 100644 --- a/.github/workflows/dev.firewall.lock.yml +++ b/.github/workflows/dev.firewall.lock.yml @@ -518,7 +518,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index cdec08ce99..17888f2f75 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -497,7 +497,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index 2772f9622b..8218c28879 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -1457,7 +1457,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml index 7208ccd9ce..6a19b841ec 100644 --- a/.github/workflows/duplicate-code-detector.lock.yml +++ b/.github/workflows/duplicate-code-detector.lock.yml @@ -1523,7 +1523,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index b6c3ab1811..e44d86960a 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -1431,7 +1431,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml index f89fd10af8..4b04563442 100644 --- a/.github/workflows/github-mcp-tools-report.lock.yml +++ b/.github/workflows/github-mcp-tools-report.lock.yml @@ -1925,7 +1925,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml index c843be7c6a..2601c6cb14 100644 --- a/.github/workflows/go-logger.lock.yml +++ b/.github/workflows/go-logger.lock.yml @@ -1705,7 +1705,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index 4d078534c8..47167bbdfa 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -1600,7 +1600,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml index 0cf73fac61..691e562d9a 100644 --- a/.github/workflows/instructions-janitor.lock.yml +++ b/.github/workflows/instructions-janitor.lock.yml @@ -1656,7 +1656,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/issue-classifier.lock.yml b/.github/workflows/issue-classifier.lock.yml index fa2af899f7..c44f863f6d 100644 --- a/.github/workflows/issue-classifier.lock.yml +++ b/.github/workflows/issue-classifier.lock.yml @@ -2025,7 +2025,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml index bb1d50e49c..aa24cf2a52 100644 --- a/.github/workflows/lockfile-stats.lock.yml +++ b/.github/workflows/lockfile-stats.lock.yml @@ -1868,7 +1868,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index a6fbf90d27..efa35de3fc 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -2286,7 +2286,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index de6963611c..d068685a18 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -1307,7 +1307,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index 7b04ddf893..680b9196e4 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -2432,7 +2432,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index c846c2f61e..dd78217f15 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -1922,7 +1922,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index 3b0a3a0f81..6d33a9ac7b 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -2676,7 +2676,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index f8017d7fa3..11e97cd288 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -2734,7 +2734,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index 87fed77c64..67374dc8e4 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -1405,7 +1405,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index 5ef310c73e..5cfe037268 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -1327,7 +1327,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml index e7f0306271..c142721c10 100644 --- a/.github/workflows/schema-consistency-checker.lock.yml +++ b/.github/workflows/schema-consistency-checker.lock.yml @@ -1835,7 +1835,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index 386c02fa62..255542319d 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -3059,7 +3059,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/security-fix-pr.lock.yml b/.github/workflows/security-fix-pr.lock.yml index ab33b598af..6799427a10 100644 --- a/.github/workflows/security-fix-pr.lock.yml +++ b/.github/workflows/security-fix-pr.lock.yml @@ -1602,7 +1602,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml index 3f75376923..b0251caa02 100644 --- a/.github/workflows/semantic-function-refactor.lock.yml +++ b/.github/workflows/semantic-function-refactor.lock.yml @@ -1873,7 +1873,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index b438acb093..f3a4845af5 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -1440,7 +1440,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml index e9a3c7641b..66af8e4fb8 100644 --- a/.github/workflows/smoke-codex.lock.yml +++ b/.github/workflows/smoke-codex.lock.yml @@ -1260,7 +1260,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 6e1ddde4a4..a10acee652 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -1278,7 +1278,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/smoke-detector.lock.yml b/.github/workflows/smoke-detector.lock.yml index 648709ce22..607de7db19 100644 --- a/.github/workflows/smoke-detector.lock.yml +++ b/.github/workflows/smoke-detector.lock.yml @@ -2022,7 +2022,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/smoke-genaiscript.lock.yml b/.github/workflows/smoke-genaiscript.lock.yml index a9dc4917e0..a8e06f9ceb 100644 --- a/.github/workflows/smoke-genaiscript.lock.yml +++ b/.github/workflows/smoke-genaiscript.lock.yml @@ -1260,7 +1260,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/smoke-opencode.lock.yml b/.github/workflows/smoke-opencode.lock.yml index c2130e0ec4..94407a4825 100644 --- a/.github/workflows/smoke-opencode.lock.yml +++ b/.github/workflows/smoke-opencode.lock.yml @@ -1289,7 +1289,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index a425ee540f..cb6a4e4236 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -2335,7 +2335,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/test-jqschema.lock.yml b/.github/workflows/test-jqschema.lock.yml index c029013103..6ded2a4aa6 100644 --- a/.github/workflows/test-jqschema.lock.yml +++ b/.github/workflows/test-jqschema.lock.yml @@ -570,7 +570,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/test-post-steps.lock.yml b/.github/workflows/test-post-steps.lock.yml index d8faea94a9..98616f0e6d 100644 --- a/.github/workflows/test-post-steps.lock.yml +++ b/.github/workflows/test-post-steps.lock.yml @@ -468,7 +468,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/test-svelte.lock.yml b/.github/workflows/test-svelte.lock.yml index 62f1253725..e9f038f88a 100644 --- a/.github/workflows/test-svelte.lock.yml +++ b/.github/workflows/test-svelte.lock.yml @@ -505,7 +505,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index d198e74557..c276f410c6 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -1809,7 +1809,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml index 98344616b3..7970326c47 100644 --- a/.github/workflows/unbloat-docs.lock.yml +++ b/.github/workflows/unbloat-docs.lock.yml @@ -2573,7 +2573,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index 9c426d9d10..12dec30f55 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -1573,7 +1573,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 38036cce0b..0ba24399ba 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -1296,7 +1296,7 @@ jobs: return; } core.info(`Found ${secretValues.length} secret(s) to redact`); - const targetExtensions = [".txt", ".json", ".log"]; + const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"]; const files = findFiles("/tmp/gh-aw", targetExtensions); core.info(`Found ${files.length} file(s) to scan for secrets`); let totalRedactions = 0; diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json index 1382dc1f5f..61c3401e6a 100644 --- a/pkg/parser/schemas/main_workflow_schema.json +++ b/pkg/parser/schemas/main_workflow_schema.json @@ -903,6 +903,7 @@ "rocket", "eyes" ], + "default": "eyes", "description": "AI reaction to add/remove on triggering item (one of: +1, -1, laugh, confused, heart, hooray, rocket, eyes). Defaults to 'eyes' if not specified." } }, diff --git a/pkg/workflow/compiler.go b/pkg/workflow/compiler.go index b80551c1d4..55e6608e22 100644 --- a/pkg/workflow/compiler.go +++ b/pkg/workflow/compiler.go @@ -1442,6 +1442,10 @@ func (c *Compiler) parseOnSection(frontmatter map[string]any, workflowData *Work if reactionValue, hasReactionField := onMap["reaction"]; hasReactionField { hasReaction = true if reactionStr, ok := reactionValue.(string); ok { + // Validate reaction value + if !isValidReaction(reactionStr) { + return fmt.Errorf("invalid reaction value '%s': must be one of %v", reactionStr, getValidReactions()) + } workflowData.AIReaction = reactionStr } } diff --git a/pkg/workflow/compiler_test.go b/pkg/workflow/compiler_test.go index 1526bed757..971919808b 100644 --- a/pkg/workflow/compiler_test.go +++ b/pkg/workflow/compiler_test.go @@ -2904,6 +2904,61 @@ Test command workflow with custom reaction override. } } +// TestInvalidReactionValue tests that invalid reaction values are rejected +func TestInvalidReactionValue(t *testing.T) { + // Create temporary directory for test files + tmpDir, err := os.MkdirTemp("", "invalid-reaction-test") + if err != nil { + t.Fatal(err) + } + defer os.RemoveAll(tmpDir) + + // Test invalid reaction value + testContent := `--- +on: + issues: + types: [opened] + reaction: invalid_emoji +permissions: + contents: read + issues: write +tools: + github: + allowed: [get_issue] +--- + +# Invalid Reaction Test + +Test workflow with invalid reaction value. +` + + testFile := filepath.Join(tmpDir, "test-invalid-reaction.md") + if err := os.WriteFile(testFile, []byte(testContent), 0644); err != nil { + t.Fatal(err) + } + + compiler := NewCompiler(false, "", "test") + + // Parse the workflow - should fail with validation error + _, err = compiler.ParseWorkflowFile(testFile) + if err == nil { + t.Fatal("Expected error for invalid reaction value, but got none") + } + + // Verify error message mentions the invalid value and valid options + // The error can come from either schema validation or custom validation + errMsg := err.Error() + hasInvalidValue := strings.Contains(errMsg, "invalid_emoji") || strings.Contains(errMsg, "reaction") + hasValidOptions := strings.Contains(errMsg, "must be one of") || strings.Contains(errMsg, "+1") || strings.Contains(errMsg, "eyes") + + if !hasInvalidValue { + t.Errorf("Error message should mention the invalid reaction value, got: %v", err) + } + if !hasValidOptions { + t.Errorf("Error message should mention valid reaction options, got: %v", err) + } +} + // TestPullRequestDraftFilter tests the pull_request draft: false filter functionality func TestPullRequestDraftFilter(t *testing.T) { // Create temporary directory for test files diff --git a/pkg/workflow/reactions.go b/pkg/workflow/reactions.go new file mode 100644 index 0000000000..87d96f14e3 --- /dev/null +++ b/pkg/workflow/reactions.go @@ -0,0 +1,27 @@ +package workflow + +// validReactions defines the set of valid reaction values +var validReactions = map[string]bool{ + "+1": true, + "-1": true, + "laugh": true, + "confused": true, + "heart": true, + "hooray": true, + "rocket": true, + "eyes": true, +} + +// isValidReaction checks if a reaction value is valid according to the schema +func isValidReaction(reaction string) bool { + return validReactions[reaction] +} + +// getValidReactions returns the list of valid reaction entries +func getValidReactions() []string { + reactions := make([]string, 0, len(validReactions)) + for reaction := range validReactions { + reactions = append(reactions, reaction) + } + return reactions +}