Fix merge conflicts with main branch #1949
Merged
+11,400
−4,932
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… in repo (#1682) * change list workflow runs to allow empty resource id to list all runs in repo * update docs
Bumps [actions/github-script](https://github.com/actions/github-script) from 7 to 8. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@v7...v8) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
This guide was already added as part of #1340. Update README.md to point to this
Add explicit Docker image URL (ghcr.io/github/github-mcp-server) to the Prerequisites section for better discoverability. Fixes #1505 Signed-off-by: majiayu000 <1835304752@qq.com>
Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
Change the parameter name in assign_copilot_to_issue tool from 'issueNumber' (camelCase) to 'issue_number' (snake_case) to match the naming convention used by all other tools in the issues toolset. This improves API consistency and makes the tool parameters more predictable for users and AI models. Fixes #1239 Signed-off-by: majiayu000 <1835304752@qq.com>
Update auto-generated documentation to reflect the issueNumber -> issue_number parameter rename in assign_copilot_to_issue tool.
* Add API Error annotations to GitHub issue errors * Return an error back. --------- Co-authored-by: Matt Holloway <mattdholloway@github.com>
…ltering When multiple tools share the same name but have different feature flags (like GetJobLogs and ActionsGetJobLogs both named "get_job_logs"), filterToolsByName was only returning the first match. This caused the remote server to fail with "unknown tool" error when the first matching tool was disabled by feature flags, even though another variant was enabled. The fix modifies filterToolsByName to return ALL tools with matching names, allowing the feature flag filtering in AvailableTools to select the correct variant based on the enabled flags. Fixes #1714 Signed-off-by: majiayu000 <1835304752@qq.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Fallback to default branch in get_file_contents when main doesn't exist * Addressing review comments * Improvements to push_files tool * Fixed copilot comments * Addressing review comments * Remove debug statement
- Created pkg/scopes package with OAuth scope constants - Added RequiredScopes and AcceptedScopes fields to ServerTool - Added NewToolWithScopes helpers in dependencies.go - Updated context tools (get_me, get_teams, get_team_members) with scopes Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
- Updated 60+ tools with required and accepted OAuth scopes - Added scopes to: gists, git, notifications, projects, code scanning, dependabot, secret scanning, security advisories, actions, discussions, issues (partial), labels, pull requests (partial), repositories (partial), search (partial) - Remaining: ~20 tools in issues, pullrequests, repositories, and search files Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
- Updated all remaining tools with OAuth scope information - Added scope documentation generation to generate-docs command - Documentation now shows Required and Accepted OAuth scopes for each tool - All 100+ tools now have scope information defined - Tests pass, linter passes, documentation generated successfully Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
- Replace NewToolWithScopes with updated NewTool that includes scope parameters - All tools now use the same constructor with explicit scope requirements - Documentation only shows accepted scopes when they differ from required - Removed NewToolWithScopes and NewToolFromHandlerWithScopes helper functions Co-authored-by: SamMorrowDrums <4811358+SamMorrowDrums@users.noreply.github.com>
- Add ScopeHierarchy map defining parent-child scope relationships - Add ExpandScopes() function to derive accepted scopes from required scopes - Update NewTool/NewToolFromHandler to take []scopes.Scope and auto-derive AcceptedScopes - Add new scope constants: NoScope, User, ReadUser, UserEmail, ReadPackages, WritePackages - Update all tool files to use new signature with typed scopes - Add comprehensive tests for ExpandScopes The scope hierarchy allows automatic derivation of accepted scopes: - repo → public_repo, security_events - admin:org → write:org → read:org - project → read:project - write:packages → read:packages - user → read:user, user:email This enables the remote server to consume scope info directly from OSS tools.
public_repo is implicit - the GitHub API handles the distinction between public and private repos. Using repo as the required scope is more consistent with our enforcement model: - PATs: tools visible if token has repo scope - OAuth: scope challenge requests repo scope
Map iteration in Go is non-deterministic, which causes doc generation to produce different output on each run. Sort the scope slices in: - ScopeSet.ToSlice() - ScopeSet.ToStringSlice() - ExpandScopes()
Add the ability to filter tools based on token scopes for PAT users. This uses an HTTP HEAD request to GitHub's API to discover token scopes. New components: - pkg/scopes/filter.go: HasRequiredScopes checks if scopes satisfy tool requirements - pkg/scopes/fetcher.go: FetchTokenScopes gets scopes via HTTP HEAD to GitHub API - pkg/github/scope_filter.go: CreateScopeFilter creates inventory.ToolFilter Integration: - Add --filter-by-scope flag to stdio command (disabled by default) - When enabled, fetches token scopes on startup - Tools requiring unavailable scopes are hidden from tool list - Gracefully continues without filtering if scope fetch fails (logs warning) This allows the OSS server to have similar scope-based tool visibility as the remote server, and the filter logic can be reused by remote server.
Scope filtering is now a built-in feature rather than a configurable option. The server automatically fetches token scopes at startup and filters tools accordingly. If scope detection fails, it logs a warning and continues with all tools available.
- Scope filtering only applies to classic PATs which return X-OAuth-Scopes - Fine-grained PATs and other token types skip filtering (all tools shown) - Updated docs to clarify PAT filtering vs OAuth scope challenges
Previously, generateInstructions() iterated over AvailableToolsets() which returns all toolsets that have tools defined, rather than only the enabled toolsets based on WithToolsets() configuration. This caused instructions for all toolsets to be included regardless of which toolsets were actually enabled, leading to bloated instructions (e.g., 5886 chars vs 1226 chars when only 'repos' toolset is enabled). Changes: - Add EnabledToolsets() method to return only enabled toolset metadata - Update generateInstructions() to use EnabledToolsets() - Add regression test for the fix Fixes #1897
Updates to v2.2.0 which includes server instructions diff support for detecting issues like #1897.
Add toolsets-context and toolsets-issues,context configurations to improve test coverage for instruction generation with different toolset combinations.
Bumps [SamMorrowDrums/mcp-server-diff](https://github.com/sammorrowdrums/mcp-server-diff) from 2.2.0 to 2.3.5. - [Release notes](https://github.com/sammorrowdrums/mcp-server-diff/releases) - [Commits](SamMorrowDrums/mcp-server-diff@v2.2.0...v2.3.5) --- updated-dependencies: - dependency-name: SamMorrowDrums/mcp-server-diff dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps golang from 1.25.4-alpine to 1.25.6-alpine. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.6-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
- Extract storeLine() and accumulate() helper closures to eliminate duplicated line processing and truncation logic - Simplify main loop by using early return pattern (newlineIdx < 0 -> break) - Add test for empty response body edge case - Add test for exact maxLineSize boundary condition (10MB) The refactored code reduces nesting and makes the flow clearer: accumulate handles byte collection with truncation detection, storeLine handles ring buffer storage with truncation markers.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
10 tasks
Resolved merge conflicts by: - Keeping the removal of old non-consolidated actions tools - Removing the FeatureFlagHoldbackConsolidatedActions flag - Deleting all associated toolsnap files for removed tools
Co-authored-by: mattdholloway <918573+mattdholloway@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Remove old non-consolidated actions tools
Fix merge conflicts with main branch
Feb 3, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
This PR resolves merge conflicts between the old-tools-removal branch and main by maintaining the removal of non-consolidated workflow action tools while integrating recent changes from main. The key work involves resolving conflicts in workflow tooling code, updating toolsnaps for removed tools, and incorporating new features from main including scope filtering, projects consolidation, and various infrastructure improvements.
Changes:
- Resolved merge conflicts in GitHub Actions tooling (actions.go, actions_test.go)
- Removed 14 workflow tool functions and their corresponding toolsnap files
- Integrated scope filtering functionality for PAT-based authentication
- Added consolidated projects tools (projects_list, projects_get, projects_write)
- Updated dependency management and build configuration
- Enhanced error handling and context management
Reviewed changes
Copilot reviewed 157 out of 188 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| pkg/github/actions.go | Resolved conflicts maintaining tool removal while adding scope requirements |
| pkg/github/tools.go | Added consolidated project tools and error handling for Build() calls |
| pkg/github/dependencies.go | Added feature flag checking and scope support to tool dependencies |
| pkg/github/scope_filter.go | New file implementing PAT scope-based tool filtering |
| pkg/github/toolsnaps/*.snap | Updated toolsnaps for JSON key ordering and removed obsolete tools |
| internal/toolsnaps/toolsnaps.go | Added JSON key sorting for consistent snapshot output |
| pkg/buffer/buffer.go | Rewrote log processing to handle extremely long lines without bufio.Scanner |
| docs/*.md | Added scope filtering documentation and updated installation guides |
| .github/workflows/*.yml | Updated workflows for new MCP diff testing and license checking |
| go.mod | Removed go-github-mock dependency, updated mapstructure version |
| Dockerfile | Updated Go version and build command |
| @@ -133,7 +136,6 @@ func initConfig() { | |||
| viper.SetEnvPrefix("github") | |||
| viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_")) | |||
| viper.AutomaticEnv() | |||
There was a problem hiding this comment.
Removed blank line before closing brace reduces readability. While not a functional issue, the blank line separation between configuration setup and function close is a common Go style convention that aids readability.
Suggested change
| viper.AutomaticEnv() | |
| viper.AutomaticEnv() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Resolved merge conflicts between the old-tools-removal branch and main by maintaining the removal of non-consolidated actions tools while incorporating recent changes from main.
Why
Main branch had diverged with conflicting changes to the same workflow tooling code that this PR removes.
What changed
Conflict resolution strategy:
FeatureFlagHoldbackConsolidatedActionsconstant added in main (obsolete with tools removed)MCP impact
No new behavior—maintains the original PR intent of removing old tools while incorporating main's other changes.
Prompts tested (tool changes only)
No new tool changes—this only resolves merge conflicts.
Security / limits
Tool renaming
Lint & tests
./script/lint./script/testDocs
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.