Other list subcommands correctly reject --limit 0 but 'release list'
does not validate the limit, causing an infinite loop.
Add validation consistent with other subcommands and a test.
Closes#13078
The github.com/golang/snappy repository was archived and is no longer
maintained. klauspost/compress provides a drop-in replacement, which
is actively maintained, and the klauspost/compress module is already
an existing (indirect) dependency.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
getViewer was building a new HTTP client from scratch, losing
AppVersion and InvokingAgent from the plain client already passed
into AuthFlow. Reuse the existing client by shallow-copying it and
wrapping its transport with AddAuthTokenHeader for the new token.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The gh api command builds its own HTTP client inline without
forwarding InvokingAgent, so the User-Agent header was missing
the Agent/<name> suffix when invoked by AI coding agents.
Thread InvokingAgent through Factory → ApiOptions → HTTPClientOptions,
mirroring the existing AppVersion pattern.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Replace the OptionsFunc-based MultiSelectWithSearch with a custom huh
Field implementation. huh's OptionsFunc runs in a goroutine, causing
data races with selection state and stale cache issues that made
selections disappear on toggle or search changes.
The custom field (multiSelectSearchField) combines a text input and
multi-select list in a single field with full control over the update
loop. Search runs asynchronously via tea.Cmd when the user presses
Enter, with a themed spinner during loading. Selections are stored in
a simple map — no goroutine races, no Eval cache, no syncAccessor.
Also adds defensive validation for mismatched Keys/Labels slices from
searchFunc.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add 'Type to search, Ctrl+U to clear' placeholder to the
MultiSelectWithSearch search input. Set WithWidth(80) in the test
harness to prevent textinput placeholder rendering panics when
there is no terminal.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Replace Value() pointer bindings with syncAccessor in
MultiSelectWithSearch. huh's OptionsFunc runs in a goroutine while
the main event loop writes field values, causing a data race on
shared variables. syncAccessor implements huh's Accessor interface
with a shared mutex, ensuring all reads and writes are synchronized.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Fix accessible prompter tests that broke with the huh v2 upgrade:
- Replace 'Input a number' with 'Enter a number' (huh v2 changed text)
- Remove trailing CRLF from ExpectString calls that now fail due to
ANSI color codes wrapping the title text
- Allow ANSI escape codes in password masking regex assertions
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Replace manual model updates with an io.Pipe-based test harness that
drives forms through bubbletea's real event loop. Interaction helpers
(tab(), toggle(), typeKeys(), enter(), etc.) send raw terminal bytes
through io.Pipe to form.Run() in a goroutine.
Add tests for AuthToken, ConfirmDeletion, and InputHostname including
validation rejection paths. Add MultiSelectWithSearch coverage for
persistent options and empty search results.
30 tests, ~1s, all build*Form methods at 94-100% coverage.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Extract build*Form() methods from each huhPrompter method, separating
form construction from form.Run(). This enables testing the real form
construction code by driving it with direct model updates, adapted
from huh's own test patterns.
Tests cover Input, Select, MultiSelect, Confirm, Password,
MarkdownEditor, and MultiSelectWithSearch including a persistence
test that verifies selections survive across search query changes.
Also fixes a search cache initialization bug where the first
buildOptions("") call would skip the searchFunc due to
cachedSearchQuery defaulting to "".
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Migrate from github.com/charmbracelet/huh v1 to charm.land/huh/v2,
updating ThemeBase16 to the new ThemeFunc API.
Fix selected options being lost across searches in the huhPrompter's
MultiSelectWithSearch. The root cause was huh's internal Eval cache:
when the user returned to a previously-seen search query, cached
options with stale .selected state overwrote the current selections
via updateValue(). The fix includes selectedValues in the OptionsFunc
binding hash (via searchOptionsBinding) so the cache key changes
whenever selections change, preventing stale cache hits. A local
searchFunc result cache avoids redundant API calls when only the
selection state (not the query) has changed.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Implement a huh-native MultiSelectWithSearch that renders the search
input and multi-select list simultaneously using LayoutStack. The
search input is in Group 0 and the multi-select in Group 1, with
OptionsFunc bound to the search query so results update when the
user presses Enter to advance focus. Users can Shift+Tab back to
refine their search, and selections persist across queries.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Introduce a new Prompter implementation (huhPrompter) that uses the
charmbracelet/huh library in its standard interactive mode, as an
alternative to the survey-based default prompter. The new implementation
is gated behind the GH_EXPERIMENTAL_PROMPTER environment variable,
following the same truthy/falsey pattern as GH_ACCESSIBLE_PROMPTER.
Key differences from the accessible prompter:
- No WithAccessible(true) flag (full interactive TUI)
- Uses EchoModePassword (masked with *) instead of EchoModeNone
- No default value annotations appended to prompt text
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Commit dd424d85f added NameWithOwner to PRRepository for agent-task
listings but didn't update the headRepository GraphQL query to fetch it.
This caused gh pr view --json headRepository to emit an empty
"nameWithOwner":"" field, breaking the pr-create-respects-simple-
pushdefault acceptance test.
Fetch nameWithOwner in the query and update the test assertion to expect
it.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
GitHub's Artifact API now rejects artifact names like '..' server-side
with a 400 Bad Request, making it impossible to create artifacts with
path traversal names. This means the scenario this test was verifying
(that gh run download catches traversal names) can no longer be
reproduced through normal artifact creation.
The client-side traversal check in gh run download remains in place as a
defense-in-depth measure.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The sandbox overrides HOME so git cannot find the user's global config,
causing 'Author identity unknown' errors when acceptance test scripts
make commits. Write a minimal .gitconfig with user.name and user.email
into the sandbox working directory during sharedSetup.
Co-Authored-By: Copilot <223556219+Copilot@users.noreply.github.com>
