Skip to content

Add PR Tooling Safety Check — scanner for detecting changes in design/build/agentic-time behavior #19680

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
T-Gro wants to merge 34 commits into
base: main
Choose a base branch
from
Open

Add PR Tooling Safety Check — scanner for detecting changes in design/build/agentic-time behavior #19680

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
29192e7
Add LabelOps PR security scan workflow
T-Gro Apr 29, 2026
b9c3813
LabelOps: PR security scan — text-only, no bash, no checkout
T-Gro Apr 30, 2026
5c6a3e1
LabelOps security scan: labels only, no comments
T-Gro Apr 30, 2026
11fc636
Security scan: trusted authors get AI-Security-Scan-Clean immediately
T-Gro Apr 30, 2026
6bde1ed
Security scan: add attack patterns and cited defense learnings
T-Gro Apr 30, 2026
09b1035
PR Tooling Safety Check: reframe, add phases, SAGE taxonomy
T-Gro May 4, 2026
720cbc5
Backtest results: add bot authors to trusted list
T-Gro May 4, 2026
30cb7e9
Skip full scan for non-fork PRs (write-access authors)
T-Gro May 4, 2026
26804f9
Inline docs into workflow file, delete separate docs page
T-Gro May 4, 2026
0297241
Rename Prompt-Injection-Risk → Affects-Agent-Config
T-Gro May 4, 2026
67a0f29
Narrow Affects-Test-Infra to execution infrastructure only
T-Gro May 4, 2026
d13e9aa
Drop Affects-Test-Infra — test execution is out of scope
T-Gro May 4, 2026
c9c784f
Re-add Affects-Test-Tooling (narrowed from Test-Infra)
T-Gro May 4, 2026
f933438
Split generic vs repo-specific rules, trim name-dropped references
T-Gro May 5, 2026
72100a3
Inline everything — no separate rules file
T-Gro May 5, 2026
40b830c
Restore 3 dropped references with honest framing
T-Gro May 5, 2026
566f7a0
Fix 3 blocking issues from adversarial review
T-Gro May 5, 2026
c2d0b0a
Add untrusted-input rule, diff-size cap, labels-not-gates caveat
T-Gro May 5, 2026
0ba75c5
Remove bogus rules: diff-size cap, labels-not-gates
T-Gro May 5, 2026
fedb8c5
Rewrite categories as principles, not file lists
T-Gro May 5, 2026
e242b73
Add short comment when flagged, retest with novel vectors
T-Gro May 5, 2026
5842f33
Add comment on flagged PRs, reduce .fsproj noise
T-Gro May 5, 2026
21a9712
Apply Anthropic prompt engineering best practices
T-Gro May 5, 2026
297593b
Tighten safe-outputs: max 10 labels, max 1 comment
T-Gro May 5, 2026
43433c2
Separate generic workflow from repo-specific rules
T-Gro May 5, 2026
c454874
Strip non-agent content from prompt: safety, methodology, setup, stat…
T-Gro May 5, 2026
244f95f
Strip ALL non-agent content: refs, setup, methodology
T-Gro May 5, 2026
3d4c97e
Fix state management: comment SHA is the memory
T-Gro May 5, 2026
99e8acb
Remove trusted-author list — non-fork bypass is sufficient
T-Gro May 5, 2026
bfd1ead
Protect against repo-rules tampering via PR
T-Gro May 5, 2026
a008f62
Expand Affects-Agent-Config with full SAGE taxonomy + OWASP context
T-Gro May 5, 2026
bba01b2
Split: Affects-Agent-Config (files) vs Suspicious-Prompting (content)
T-Gro May 5, 2026
1bdb66c
Merge branch 'main' into labelops-experimental-scal
T-Gro May 5, 2026
7f526f1
Add repo context to rules file, verify label consistency
T-Gro May 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions .github/tooling-check-repo-rules.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Repo-specific rules for PR Tooling Safety Check
# Read by the labelops-pr-security-scan workflow at runtime.
# Edit this file to customize for your repo.

## Repo context

This is the dotnet/fsharp repository — the F# compiler, core library, and tooling. The compiler builds itself (bootstrap): a PROTO compiler builds the new compiler, which then builds everything else.

## Non-fork bypass

If the PR's head repository is `dotnet/fsharp` (not a fork), apply `AI-Tooling-Check-Bypassed`. This means the author has write access to the repo. Full scans are only for **fork PRs** where the contributor has no repo permissions.

Compare the `headRepository.owner.login` and `headRepository.name` fields from the GitHub API — not the author's username, not the PR title/body.

## Repo-specific categories

<category name="Affects-Bootstrap">
PR modifies anything in the compiler bootstrap chain. This repo's compiler builds itself — a PROTO compiler builds the new compiler, which then builds everything else. Any change that could influence which compiler binary is used, how the bootstrap stages work, or what tools (lexer/parser generators) produce during bootstrap belongs here.
</category>

<category name="Affects-Compiler-Output">
PR modifies anything that controls what bytes end up in compiled binaries — IL emission, code generation, binary serialization, or MSBuild tasks that ship with the compiler SDK. If the change could make compiled output differ from what a source review suggests, flag it.
</category>

<category name="Affects-Design-Time">
PR modifies anything that executes code at design time — type provider infrastructure (which loads and runs arbitrary assemblies), the `#r "nuget:..."` dependency manager (which resolves and loads packages at runtime in FSI), or IDE integration that runs code when a project is opened.
</category>

<category name="Affects-Test-Tooling">
PR modifies test infrastructure that controls how tests are built, discovered, or executed — not individual test cases. Changes to test runner configuration, test framework code that spawns external processes, or end-to-end build test infrastructure belong here. Adding a new test helper method or test case does not.
</category>
Loading
Loading