Address review feedback: always set both go and toolchain
directives via go mod edit, then let go mod tidy normalize.
This eliminates complex conditional toolchain handling.
Additional fixes:
- Add go mod tidy after edits to reconcile dependencies
- Commit go.sum alongside go.mod
- Filter PR search to open PRs only (--state open)
- Use GITHUB_REPOSITORY for repo instead of hardcoding
- Use git diff to detect no-op bumps post-tidy
- Read go.mod state via go mod edit -json instead of grep
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The jq -r flag with // "" operator already returns empty string
for null/missing values, never the literal string "null".
The checks for == "null" are unnecessary.
Co-authored-by: babakks <36728931+babakks@users.noreply.github.com>
Replace manual parsing and editing with go mod edit:
- Use 'go mod edit -json' to read current go and toolchain directives
- Use 'go mod edit -go' to update go directive
- Use 'go mod edit -toolchain' to update toolchain directive
- Remove manual sed/grep parsing and .bak file handling
- More reliable and maintainable than custom text manipulation
Co-authored-by: williammartin <1611510+williammartin@users.noreply.github.com>
- Clarify comment to say "matches" instead of "matches or exceeds"
- Update PR body to accurately reflect final go.mod state
- Show actual toolchain if present, or note it's not specified
- Provide clear explanation when toolchain is omitted
Co-authored-by: williammartin <1611510+williammartin@users.noreply.github.com>
- Compare major.minor versions instead of exact string match
- Preserve go directive if already at latest major.minor
- Handle cases where go.mod has full patch version (e.g., 1.25.6)
- Update PR body to use actual go directive from modified go.mod
- Add detailed comments explaining version handling logic
Co-authored-by: williammartin <1611510+williammartin@users.noreply.github.com>
- Add early trap setup to avoid exit code issues
- Handle missing toolchain directive gracefully with `|| true`
- Add logic to detect when toolchain is expected to be missing
- Add informative messages about missing toolchain
- Implement smart toolchain handling:
- Skip toolchain when go version matches latest (redundant)
- Add toolchain when go version is older than latest
- Update toolchain when it exists but is outdated
Co-authored-by: williammartin <1611510+williammartin@users.noreply.github.com>
When the copilot binary is found in PATH but exec fails (e.g., due to
unusual characters like parentheses in the path on Windows), append a
hint suggesting the user run `copilot` directly without `gh`.
The hint is only shown when the binary was already present on the host,
not when it was freshly downloaded and installed by `gh`.
Closescli/cli#13106
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
DETACHED_PROCESS leaves the gh send-telemetry child with no console at
all. When the transitive dependency thlib/go-timezone-local invokes
`tzutil /g` to resolve the local IANA timezone, the console-subsystem
tzutil binary allocates a fresh conhost — producing a visible window
flash on every gh invocation, which accumulates as orphan terminals
under terminal configurations that keep windows open on exit.
CREATE_NO_WINDOW gives the child a non-visible console that descendants
inherit, suppressing the flash. CREATE_NEW_PROCESS_GROUP is preserved
so Ctrl+C still does not propagate to the detached telemetry child.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
When a PR is opened as draft and later marked ready for review, the
check-requirements job's if filter excluded the ready_for_review action,
so the screening workflow never ran and unmet-requirements was never
applied. Add ready_for_review to the action filter so screening runs
when a draft PR transitions to requesting review.
Companion fix in desktop/gh-cli-and-desktop-shared-workflows updates the
called workflow's own filters to handle ready_for_review consistently.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The Go toolchain infers constraints from _darwin/_linux filename suffixes,
but explicit //go:build tags make the constraint visible without relying
on filename conventions, consistent with modern Go style.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Rename echo_test_{linux,darwin}.go to echo_{linux,darwin}_test.go so
they are only compiled during tests
- Narrow build tag from !windows to linux || darwin to avoid compile
failures on other Unix platforms
- Return error from waitForEchoDisabled instead of calling t.Fatal,
since the function is called from goroutines where FailNow would only
terminate the calling goroutine
Replace the fixed-duration sleep with a polling loop that checks the
actual TTY echo flag before sending password input. This eliminates the
race condition where huh has not yet disabled echo mode, which caused
flaky test failures in slow environments.
Follow-up to #13304.
https://github.com/actions/attest-build-provenance#usage
> As of version 4, actions/attest-build-provenance is simply a wrapper
> on top of actions/attest.
>
> Existing applications may continue to use the attest-build-provenance
> action, but new implementations should use actions/attest instead.
