Fix Windows path separator bug silently dropping Merge remote .github folder step#31102
Merged
Conversation
Co-authored-by: pelikhan <[email protected]>
Use filepath.ToSlash to normalize item.fullPath before substring checks for /.github/agents/ and /.github/ to ensure cross-platform compatibility. On Windows, filepath.Join produces backslashes which caused the agent file detection to silently fail, dropping the Merge remote .github folder step. Co-authored-by: pelikhan <[email protected]>
Copilot
AI
changed the title
[WIP] Fix gh aw compile issue on Windows with .lock.yml generation
Fix Windows path separator bug silently dropping May 8, 2026
Merge remote .github folder step
Contributor
There was a problem hiding this comment.
Pull request overview
Fixes a Windows-only path normalization bug in the import BFS logic that prevented detecting custom agent files under .github/agents, which could cause compiled outputs to silently omit agent-related behavior (notably the remote .github merge step) compared to Linux.
Changes:
- Normalize
item.fullPathviafilepath.ToSlashbefore performing"/.github/..."substring checks inpkg/parser/import_bfs.go. - Regenerate multiple workflow lockfiles to propagate MCP-gateway-derived outputs (e.g.,
effective_tokens_rate_limit_error) and includeapiProxy.maxEffectiveTokensin embedded AWF config JSON. - Adjust threat-detection error handling in lockfiles to avoid downgrading errors to warnings when the detection execution itself failed.
Show a summary per file
| File | Description |
|---|---|
| pkg/parser/import_bfs.go | Normalizes import paths to forward slashes to make .github/agents detection work on Windows. |
| .github/workflows/video-analyzer.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/test-workflow.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation and AWF maxEffectiveTokens. |
| .github/workflows/test-project-url-default.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/test-dispatcher.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/smoke-opencode.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/smoke-gemini.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/smoke-crush.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/smoke-ci.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/release.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/poem-bot.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/jsweep.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/issue-triage-agent.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/hippo-embed.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/gpclean.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/firewall.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/example-permissions-warning.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/dev.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/daily-malicious-code-scan.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/copilot-token-optimizer.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/codex-github-remote-mcp-test.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/code-simplifier.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/changeset.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/brave.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens, and threat-detection guard logic. |
| .github/workflows/bot-detection.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/ai-moderator.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
| .github/workflows/ace-editor.lock.yml | Regenerated lockfile: adds ET rate-limit output propagation, AWF maxEffectiveTokens. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 70/218 changed files
- Comments generated: 1
Comment on lines
+344
to
+348
| @@ -345,6 +345,7 @@ jobs: | |||
| agentic_engine_timeout: ${{ steps.detect-copilot-errors.outputs.agentic_engine_timeout || 'false' }} | |||
| checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }} | |||
| effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }} | |||
| effective_tokens_rate_limit_error: ${{ steps.parse-mcp-gateway.outputs.effective_tokens_rate_limit_error || 'false' }} | |||
Collaborator
|
@copilot review all comments |
These lockfile updates (effective_tokens_rate_limit_error output, apiProxy.maxEffectiveTokens config, etc.) were unrelated to the Windows path separator fix and were accidentally included in a previous commit. Restore all 217 lockfiles to their base state. Co-authored-by: pelikhan <[email protected]>
Contributor
Author
The 217 lockfile changes were unrelated to the Windows path separator fix — they were accidentally picked up from the working tree during an earlier |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bug Fix
What was the bug?
On Windows,
filepath.Joinproduces backslash-separated paths.import_bfs.gowas comparingitem.fullPathagainst the forward-slash literal"/.github/agents/", so the match always failed on Windows. This leftacc.agentFileandacc.agentImportSpecempty, causingneedsGithubMergeto evaluatefalsein the compiler and silently omitting theMerge remote .github folderstep from compiled lockfiles — producing a lockfile that differs from Linux output and breaksgh-aw-lockfile-checkCI for Windows contributors.How did you fix it?
Normalize
item.fullPathwithfilepath.ToSlashbefore all forward-slash substring operations, mirroring the pattern already used inisCustomAgentFile(remote_fetch.go):The original
item.fullPathis preserved only for log lines that should reflect the OS-native path.Testing
TestAgentImportWithToolsArrayinagent_import_integration_test.gois the existing regression test for this path — it was already written to catch this failure but was only run on Linux. On Windows with the fix applied, it passes andgh aw compileproduces a lockfile byte-identical to Linux output.