Fix: vulnerability-alerts incorrectly emitted as job-level workflow permission in compiled lock file

[Copilot]

Fixes a bug where vulnerability-alerts: read (and other GitHub App-only permissions) were incorrectly copied verbatim into the compiled job-level permissions: block of .lock.yml files, causing GitHub Actions to reject the workflow with a parse error at queue time.

Root Cause

buildMainJob in compiler_main_job.go used data.Permissions (the raw frontmatter YAML string) directly as the job-level permissions string. This bypassed the existing RenderToYAML() filter that already skips GitHub App-only scopes (e.g. vulnerability-alerts, members, administration). Those scopes are not valid GitHub Actions workflow permissions and must only appear as permission-* inputs to actions/create-github-app-token.

Changes Made

• pkg/workflow/permissions_operations.go: Added filterJobLevelPermissions() that routes the raw frontmatter permissions YAML through the Permissions struct (NewPermissionsParser → ToPermissions → RenderToYAML), ensuring the existing App-only scope filter is applied before job-level rendering.
• pkg/workflow/compiler_main_job.go: Updated buildMainJob to call filterJobLevelPermissions(data.Permissions) instead of using data.Permissions directly.
• pkg/workflow/permissions_operations_test.go: Added TestFilterJobLevelPermissions unit tests covering empty, standard, App-only-only, mixed, and shorthand permission inputs — including an explicit assertion that the function returns an empty string when all scopes are App-only.
• pkg/workflow/github_mcp_app_token_test.go: Extended TestGitHubMCPAppTokenWithDependabotToolset to assert that vulnerability-alerts does not appear in any job-level permissions block in the compiled lock file.
• pkg/cli/workflows/test-vulnerability-alerts-permission.md: Added canonical workflow fixture with vulnerability-alerts: read and a Dependabot GitHub App toolset, used by the integration test.
• pkg/cli/compile_permissions_integration_test.go: Added TestCompileVulnerabilityAlertsPermissionFiltered integration test that compiles the canonical workflow via the binary, parses the YAML lock file, and asserts vulnerability-alerts is absent from all job-level permissions blocks while remaining present in the App token step inputs.

Result

vulnerability-alerts: read no longer appears in the job-level permissions: block. It correctly remains only in create-github-app-token step inputs as permission-vulnerability-alerts: read.

Testing

• ✅ TestFilterJobLevelPermissions — all 8 unit test cases pass
• ✅ TestGitHubMCPAppTokenWithDependabotToolset — end-to-end lock file validation passes
• ✅ TestCompileVulnerabilityAlertsPermissionFiltered — integration test compiles canonical workflow and validates job-level permissions
• ✅ TestWasmGolden_CompileFixtures — golden file tests pass
• ✅ make fmt and make lint clean (pre-existing node_modules lint warnings unrelated to this change)

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[Copilot]

Copilot wasn't able to review any files in this pull request.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[pelikhan]

@copilot keep working

[Copilot]

@copilot keep working

Done — commit 4ba1c79 implements the fix:

• Added filterJobLevelPermissions() in permissions_operations.go that routes the raw frontmatter permissions YAML through the Permissions struct before job-level rendering. RenderToYAML() already skips App-only scopes, so the fix ensures that path is taken for buildMainJob.
• Updated buildMainJob in compiler_main_job.go to call filterJobLevelPermissions(data.Permissions) instead of using the raw string directly.
• vulnerability-alerts: read now only appears in the create-github-app-token step inputs (permission-vulnerability-alerts: read) and no longer in the job-level permissions: block.
• Added TestFilterJobLevelPermissions unit tests and extended TestGitHubMCPAppTokenWithDependabotToolset to assert the fix holds end-to-end.

[pelikhan]

@copilot add integration test in pkg/cli/workflows

[pelikhan]

@copilot fix CI / Integration: Workflow Misc Part 2 (pull_request)Failing after 44s

[Copilot]

@copilot add integration test in pkg/cli/workflows

Done in commit f5c11c9:

• pkg/cli/workflows/test-vulnerability-alerts-permission.md — canonical workflow with vulnerability-alerts: read + Dependabot GitHub App toolset
• pkg/cli/compile_permissions_integration_test.go — TestCompileVulnerabilityAlertsPermissionFiltered compiles the workflow via the binary, parses the YAML lock file, and asserts:
  • permission-vulnerability-alerts: read is present in the App token minting step inputs ✅
  • vulnerability-alerts does not appear in any job-level permissions: block ✅
  • vulnerability-alerts: read as a bare string only occurs as part of the permission-vulnerability-alerts: read line (no stray occurrences) ✅

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/repos/actions/github-script/git/ref/tags/v8
  • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha issions g/cli/logs_timeout_integration_t/home/REDACTED/work/gh-aw/gh-aw/pkg/cli/add_source_test.go 64/bin/grep issions (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)