Fix RemovePossibleQueryString to also strip URL fragments#35550
Closed
kubaflo wants to merge 19 commits into
Closed
Fix RemovePossibleQueryString to also strip URL fragments#35550kubaflo wants to merge 19 commits into
kubaflo wants to merge 19 commits into
Conversation
Updated [Magick.NET-Q8-AnyCPU](https://github.com/dlemstra/Magick.NET) from 14.10.4 to 14.12.0. <details> <summary>Release notes</summary> _Sourced from [Magick.NET-Q8-AnyCPU's releases](https://github.com/dlemstra/Magick.NET/releases)._ ## 14.12.0 ### What's Changed - Added `FixByteOrder` to the `DcmReadDefines` (#1976) - Added `IconWriteDefines`. ### Related changes in ImageMagick since the last release of Magick.NET: - Correct bug in `Composite` when using `CopyAlpha` (#1985) - Fixed incorrect orientation of JPEG compressed TIFF images (#1991) - Heap-Buffer-Overflow write of single zero byte when parsing xml (GHSA-cr67-pvmx-2pp2) - Stack Overflow in DestroyXMLTree (GHSA-fwvm-ggf6-2p4x) - Out-of-Bounds read in sample operation (GHSA-pcvx-ph33-r5vv) - Stack Overflow via Recursive FX Expression Parsing (GHSA-f4qm-vj5j-9xpw) - Heap Buffer Overflow in ImageMagick MVG decoder (GHSA-x9h5-r9v2-vcww) - Heap overflow caused by integer overflow/wraparound in viff encoder on 32-bit builds (GHSA-v67w-737x-v2c9) - Stack-buffer-overflow in MNG encoder with oversized pallete (GHSA-98cp-rj9f-6v5g) - Integer overflow in despeckle operation causes heap buffer overflow on 32-bit builds (GHSA-26qp-ffjh-2x4v) - Off-by-One in MSL decoder could result in crash (GHSA-5xg3-585r-9jh5) - Heap buffer overflow when encoding JXL image with a 16-bit float (GHSA-jvgr-9ph5-m8v4) - Heap-use-after-free via XMP profile could result in a crash when printing the values (GHSA-r83h-crwp-3vm7) - Heap buffer overflow (WRITE) in the YAML and JSON encoders (GHSA-5592-p365-24xh) - Heap out-of-bounds write in JP2 encoder (GHSA-pwg5-6jfc-crvh) ### Library updates: - ImageMagick 7.1.2-19 (2026-04-12) - aom 3.13.3 (2026-04-02) - openexr 3.4.9 (2026-04-03) - freetype 2.14.3 (2026-03-22) - gdk-pixbuf 2.44.6 (2026-03-31) - harfbuzz 14.0.0 (2026-04-01) - liblzma 5.8.3 (2026-04-31) - libpng 1.6.56 (2026-03-25) **Full Changelog**: dlemstra/Magick.NET@14.11.1...14.12.0 ## 14.11.1 ### Related changes in ImageMagick since the last release of Magick.NET: - Stack-buffer-overflow WRITE in InterpretImageFilename due to overflow (GHSA-8793-7xv6-82cf) ### Library updates: - ImageMagick 7.1.2-18 (2026-03-23) - aom 3.13.2 (2026-03-19) - openexr 3.4.7 (2026-03-15) - harfbuzz 13.2.1 (2026-03-19) **Full Changelog**: dlemstra/Magick.NET@14.11.0...14.11.1 ## 14.11.0 ### What's Changed - Added `DcmReadDefines`. ### Related changes in ImageMagick since the last release of Magick.NET: - Access mode change for files created from 0666 to 0600 (ImageMagick/ImageMagick#8609) - Heap-buffer-overflow in NewXMLTree could result in crash (GHSA-gc62-2v5p-qpmp) ### Library updates: - ImageMagick 7.1.2-17 (2026-03-16) - openexr 3.4.6 (2026-03-01) - freetype 2.14.2 (2026-03-01) - harfbuzz 13.0.1 (2026-03-07) - libxml2 2.15.2 (2026-03-03) **Full Changelog**: dlemstra/Magick.NET@14.10.4...14.11.0 Commits viewable in [compare view](dlemstra/Magick.NET@14.10.4...14.12.0). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dotnet/maui/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump OpenTelemetry packages to latest stable versions in the maui-aspire-servicedefaults template: - OpenTelemetry.Exporter.OpenTelemetryProtocol: 1.9.0 to 1.15.3 - OpenTelemetry.Extensions.Hosting: 1.9.0 to 1.15.3 - OpenTelemetry.Instrumentation.Http: 1.9.0 to 1.15.1 - OpenTelemetry.Instrumentation.Runtime: 1.9.0 to 1.15.1 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This pull request updates the following dependencies [marker]: <> (Begin:a71c12d9-5aa4-4b46-e2d6-08da0cf8cd95) ## From https://github.com/dotnet/xharness - **Subscription**: [a71c12d9-5aa4-4b46-e2d6-08da0cf8cd95](https://maestro.dot.net/subscriptions?search=a71c12d9-5aa4-4b46-e2d6-08da0cf8cd95) - **Build**: [20260430.4](https://dev.azure.com/dnceng/internal/_build/results?buildId=2964906) ([312724](https://maestro.dot.net/channel/2/github:dotnet:xharness/build/312724)) - **Date Produced**: May 1, 2026 7:05:11 AM UTC - **Commit**: [92962e5c46ac08a66ded4c5696209cc60f1a232f](dotnet/xharness@92962e5) - **Branch**: [main](https://github.com/dotnet/xharness/tree/main) [DependencyUpdate]: <> (Begin) - **Dependency Updates**: - From [11.0.0-prerelease.26229.1 to 11.0.0-prerelease.26230.4][1] - Microsoft.DotNet.XHarness.CLI - Microsoft.DotNet.XHarness.TestRunners.Common - Microsoft.DotNet.XHarness.TestRunners.Xunit [1]: dotnet/xharness@9d5a7e9...92962e5 [DependencyUpdate]: <> (End) [marker]: <> (End:a71c12d9-5aa4-4b46-e2d6-08da0cf8cd95) Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com>
> [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! ## Description Replaces `review-rules.md` (flat 345-line checklist) with a dimensional expert review agent. Single source of truth for all review rules, organized into 30 dimensions for per-dimension sub-agent evaluation. Adds inline file:line PR comments alongside the existing wall-of-text summary. Extracted from 28k review comments across 5 maintainers via [extraction-pipeline](https://github.com/dotnet/fsharp/blob/main/.github/agents/extraction-pipeline.md). No functional code changes. Recreated from #35062 on a dotnet/maui branch (originally opened from a fork). ## What changed **Before:** `review-rules.md` had 345 lines of flat rules. `code-review` skill loaded them all into one context. Output was a single wall-of-text PR comment. **After:** Rules absorbed into `maui-expert-reviewer.md` as 30 dimensions with 200+ CHECK items. Each dimension runs as an independent sub-agent with focused context. Output is inline file:line PR comments via `inline-findings.json`. ## CI Flow ``` Review-PR.ps1 prompt: 1. code-review → maui-expert-reviewer agent → inline-findings.json 2. pr-review → Pre-Flight → Try-Fix → Report (sees findings, no duplication) Posting: post-inline-review.ps1 → .json → GitHub file:line comments (NEW) post-ai-summary-comment.ps1 → {phase}/content.md → wall-of-text (existing) CI: COMMENTS_VIA_FILE=true → agent writes .json, script posts Local: agent writes .json, code-review posts directly via gh api ``` ## Files | Action | File | What | |--------|------|------| | **Add** | `agents/maui-expert-reviewer.md` | 30 dimensions, 200+ CHECKs, routing table | | **Add** | `instructions/collectionview-{android,ios,windows}` | Platform-isolated CV rules | | **Add** | `instructions/{handler-patterns,layout-system,performance-hotpaths,public-api,threading-async}` | Domain-specific ambient guidance | | **Add** | `scripts/post-inline-review.ps1` | Posts .json as GitHub PR review | | **Del** | `skills/code-review/references/review-rules.md` | Absorbed into agent | | **Mod** | `skills/code-review/SKILL.md` | Delegates to agent | | **Mod** | `scripts/Review-PR.ps1` | Prompt + inline posting wiring | | **Mod** | `eng/pipelines/ci-copilot.yml` | `COMMENTS_VIA_FILE` env var | --------- Co-authored-by: kubaflo <kubaflo@users.noreply.github.com> Co-authored-by: T-Gro <46543583+T-Gro@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Tomas Grosup <tomasgrosup@microsoft.com>
…View2 is not connected in Appium. (#35335) ### Description of Changes - Recently, the Appium driver has not been connecting properly to the native WebView2 control on Windows. While running locally using Appium Inspector with the WebView control, the inspector is unable to recognize the WebView and displays an error. - Due to this Appium driver issue, the WebView lane in CI takes a long time to run (approximately 3 hours) and eventually gets cancelled. As a temporary workaround, the WebView lane has been temporarily removed from the Windows CI pipeline to allow the CI process to complete more quickly. <img width="649" height="294" alt="image" src="https://github.com/user-attachments/assets/68df006b-56d6-4bfa-870a-a4184f5b18b7" /> <img width="576" height="430" alt="image" src="https://github.com/user-attachments/assets/40c222e8-4935-450d-be7e-5ee9245e9eb1" /> **Issue:** #35334
### Context Add ability for maintainers to trigger the AzDO PR review pipeline via `/review` comment on PR ### Notes - The workflow allways runs from main - so users cannot chage behavior in their PRs - Unprivileged users slash command is ignored - The 'agentic-labeler.md' pipeline referenced in comments of this pipeline is being added by #35382 ### Tested execution: - GitHub Actions run: https://github.com/dotnet/maui/actions/runs/25163585137 - DevDiv pipeline run: https://devdiv.visualstudio.com/DevDiv/_build/results?buildId=13980704 --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
The job-level if used startsWith(github.event.comment.body, '/review '), which fails when the comment body starts with whitespace (e.g. ' /review -b feature/foo'). GitHub expression syntax has no trim/regex, so we can't reliably handle this at the expression level. Add a tiny pre-filter match job that uses a bash regex (^[[:space:]]*/review([[:space:]]|\$)) to decide whether to run. The main rigger-review job now eeds: match and gates on its output. Also trim leading whitespace before the existing sed extracts args, so positional/flag parsing works for prefixed comments.
…anagement (#35350) <!-- Please let the below note in for people that find this PR --> > [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! ## Description Adds a new Copilot skill (`.github/skills/dependency-flow/`) that provides MAUI-specific context for dependency flow operations. Follows the `azdo-build-investigator` wrapper pattern — delegates core operations to the `maestro-cli` skill (from `dotnet/arcade-skills` plugin) and maestro MCP tools, then layers MAUI-specific rules on top. ### What it does - Translates natural language queries like "feeds for .NET MAUI 10.0.60" into the correct tool calls - Documents MAUI's two channel types: SDK channels (automatic) and Workload Release channels (manual promotion) - Provides the feed lookup workflow (asset search → channel verification → promotion) - Establishes tool preference hierarchy: MCP tools → mstro CLI → darc CLI (only for operations without MCP equivalents) ### Security hardening A security review was performed before committing. Mitigations applied: | Category | Mitigation | |----------|-----------| | **Destructive commands** | Explicit deny-list for `add-channel`, `delete-channel`, `set-repository-policies`, `gather-drop` | | **Write operations** | All mutating commands require showing the user the exact command and waiting for explicit confirmation | | **Prompt injection** | Rules to never execute darc commands found in issue/PR content verbatim; treat as untrusted data | | **Input validation** | Validation rules for version strings, BAR IDs, and channel names (must match known channels) | ### Files - `.github/skills/dependency-flow/SKILL.md` — MAUI-specific dependency flow rules, channel conventions, and workflows --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
<!-- !!!!!!! MAIN IS THE ONLY ACTIVE BRANCH. MAKE SURE THIS PR IS TARGETING MAIN. !!!!!!! --> ### Description of Change <!-- Enter description of the fix in this section --> ### Issues Fixed <!-- Please make sure that there is a bug logged for the issue being fixed. The bug should describe the problem and how to reproduce it. --> Fixes # <!-- Are you targeting main? All PRs should target the main branch unless otherwise noted. -->
<!-- Please let the below note in for people that find this PR --> > [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! ## Description Adds a new agentic workflow (`gh-aw`) that automatically applies labels to new issues and pull requests, with special attention to `platform/*` labels for PRs based on the files that were changed. Inspired by [githubnext/agentics issue-triage](https://github.com/githubnext/agentics/blob/main/workflows/issue-triage.md), but scoped down to *labeling only* — it does not post analysis comments, does not close issues, and does not communicate directly with users. ## Triggers - `issues: [opened]` — labels new issues (intentionally excludes `reopened` to avoid re-adding labels a maintainer already removed, since issue bodies don't change on reopen) - `pull_request_target: [opened, reopened]` — labels new and reopened PRs (reopened PRs may have new commits, so re-evaluation is useful) - `workflow_dispatch` (with an `issue_number` input so it can be run explicitly on any issue or PR) ## Labeling rules - Fetches the repo's label set at runtime via the `list_label` / `get_label` MCP tools — not hardcoded. - Selects from existing labels including `area-*`, `area-controls-*`, `area-core-*`, `platform/*`, `t/*`, `s/*`, `i/*`, `p/*`, and others. - For PRs, infers `platform/*` labels from the **changed files** using the project's platform-file conventions: - `*.android.cs`, `/Platform/Android/`, `/Platforms/Android/` → `platform/android` - `*.ios.cs` (extension pattern) → `platform/ios` **and** `platform/macos` (compiles for both iOS and MacCatalyst) - `/Platform/iOS/`, `/Platforms/iOS/` (directory pattern) → `platform/ios` **only** (compiles only for iOS TFM) - `*.maccatalyst.cs`, `/Platform/MacCatalyst/` → `platform/macos` only - `*.windows.cs`, `/Platform/Windows/` → `platform/windows` - `*.tizen.cs`, `/Tizen/` → `platform/tizen` - Conservative by default: if nothing clearly applies, the agent calls `noop` instead. One `add_labels` call allowed per run (`max: 1`). ## Security model - **Read-only agent** — permissions are `contents: read`, `issues: read`, `pull-requests: read`. The agent runs inside a sandboxed container with no write credentials. - **Safe-output writes** — label application happens in a separate safe-output job with write permissions, capped at 1 call. - **`roles: all`** — allows community contributors' issues/PRs to be labeled. Safe because the agent is read-only and the only write surface is `add_labels`. - **`min-integrity: none`** — allows the MCP gateway to return content from all authors (including first-time contributors), so the agent can read the body it needs to label. - **Prompt-injection guardrails** — explicit instructions telling the agent to ignore labeling instructions in issue/PR bodies, never use an `item_number` from untrusted text, and derive labels only from technical content and file paths. - **Noise suppression** — `noop`, `missing-tool`, `report-incomplete`, and `report-failure` are all configured to not create tracker issues. ## Files - `.github/workflows/agentic-labeler.md` — the agentic workflow source - `.github/workflows/agentic-labeler.lock.yml` — compiled GitHub Actions YAML (generated by `gh aw compile`, v0.68.3) ## Notes for reviewers - This is consistent with the other `gh-aw` workflows in the repo (`ci-doctor`, `copilot-evaluate-tests`, `daily-repo-status`). - Draft because we may want to validate behavior on a few real issues/PRs (via `workflow_dispatch`) before enabling on every new issue/PR. --------- Co-authored-by: Shane Neuville <shneuvil@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
<!-- Please let the below note in for people that find this PR --> > [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! ## Description Removes the dormant ci-doctor workflow and upgrades all remaining gh-aw workflows from compiler v0.68.3 to v0.72.1. ## Changes ### Removed: ci-doctor - Last ran March 26, 2026 — dormant for nearly 2 months - Had `stop-after: +1mo` which likely auto-disabled it - Sourced from upstream `github/gh-aw` template; can be re-added if needed ### Upgraded: all workflows to gh-aw compiler v0.72.1 All three remaining workflows (`agentic-labeler`, `copilot-evaluate-tests`, `daily-repo-status`) recompiled with the latest stable compiler. Bug fixes picked up: - `&&` expression corruption in AWF config JSON - safe-outputs permission regression (token downgraded to `issues:read` when `update-project` + `add-comment`/`add-labels` combined) - Conclusion comment accuracy (was reporting ✅ even when safe_outputs failed) - `COPILOT_API_KEY` over-billing (10-100x premium request over-charge) - Firewall binary v0.25.29 (healthcheck fix) ### Auto-fixes applied - `checkout: false` added to `agentic-labeler` (saves ~10-30s runner time — workflow only uses MCP/API tools, no source code needed) - First-party `agentic-workflows.agent.md` auto-installed by v0.72.1 compiler (gh-aw coding-agent skill for creating/debugging workflows) ## Files | File | Change | |------|--------| | `.github/workflows/ci-doctor.md` | **Deleted** | | `.github/workflows/ci-doctor.lock.yml` | **Deleted** | | `.github/workflows/agentic-labeler.md` | Added `checkout: false` | | `.github/workflows/agentic-labeler.lock.yml` | Recompiled (v0.72.1) | | `.github/workflows/copilot-evaluate-tests.lock.yml` | Recompiled (v0.72.1) | | `.github/workflows/daily-repo-status.lock.yml` | Recompiled (v0.72.1) | | `.github/aw/actions-lock.json` | Updated action pins | | `.github/agents/agentic-workflows.agent.md` | **New** — first-party gh-aw agent | ## Notes - No source `.md` changes to `copilot-evaluate-tests` or `daily-repo-status` — only lock file regeneration - The `copilot-evaluate-tests` compile emits a pre-existing warning about `bots:` + `slash_command:` interaction — not introduced by this PR --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
> [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! Updates the Phase 2 multi-model exploration list in the `pr-review` skill: | Order | Before | After | |-------|--------|-------| | 1 | claude-opus-4.6 | claude-opus-4.6 (unchanged) | | 2 | **claude-sonnet-4.6** | **claude-opus-4.7** | | 3 | gpt-5.3-codex | gpt-5.3-codex (unchanged) | | 4 | **gemini-3-pro-preview** | **gpt-5.5** | Updated in both the model config table and the Phase 2 launch checklist in `.github/skills/pr-review/SKILL.md`. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
<!-- Please let the below note in for people that find this PR --> > [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! ## Description Adds 15 eval scenarios to the `agentic-labeler` skill, fixes a rule gap, and adds explicit noop rules. ## Eval scenarios (15 total) | Category | Count | Scenarios | |----------|-------|-----------| | Platform detection | 5 | `.android.cs`, `.ios.cs` dual-label, `.windows.cs`, iOS dir-only vs extension, MacCatalyst-only (no ios) | | Area detection | 4 | Shell, CollectionView, tooling (CI), XAML source generator | | Multi-platform | 1 | PR touching Android + iOS + Windows files | | No platform / noop | 3 | Cross-platform issue, automated merge PR, dependency bump with existing labels | | Safety | 2 | Prompt injection resistance, PR status label caveat | ## Rule fixes - **`Handlers/*/Android/` gap** — Files like `Handlers/Items/Android/ItemContentView.cs` were not matched by the platform table. Added this path pattern to the Android row. - **Noop rules** — Added explicit "When to noop" section: automated merge PRs, dependency bumps with existing labels, vague/ambiguous items. ## Eval methodology notes The skill-validator pairwise comparison shows negative effective scores on some scenarios — this is because the skill-aided agent uses more tokens/time reading SKILL.md, not because labels are wrong. Per-dimension analysis: - **Task completion**: 0% regression across all scenarios (both agents complete successfully) - **Quality**: 0% to +100% improvement (skill helps on edge cases like noop, Shell area) - **Tokens**: -17% to -100% (reading SKILL.md costs tokens) - **Time**: -11% to -89% (extra tool calls) The evals should be treated as regression tests with `--verdict-warn-only` — they catch accuracy regressions without blocking on the inherent overhead of loading a skill file. --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Per @PureWeen's review on the original PR, this workflow is no longer in use. Replacing the permissions-block edit with a straight deletion. No functional change beyond removing the unused trigger. Signed-off-by: Arpit Jain <arpitjain099@gmail.com>
> [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! ### Problem The `/review` slash command in `.github/workflows/review-trigger.yml` is silently skipped when the comment body has any **leading whitespace** before `/review`. Concrete example: - Comment posted on #35432: #35432 (comment) - Body (raw bytes): `' /review -b feature/regression-check'` — note the leading space (`0x20`). - Result: workflow run https://github.com/dotnet/maui/actions/runs/25824871590 → **skipped**. ### Root cause The job-level guard was: ```yaml if: >- github.event_name == 'workflow_dispatch' || (github.event.issue.pull_request && (github.event.comment.body == '/review' || startsWith(github.event.comment.body, '/review '))) ``` `startsWith(' /review ...', '/review ')` returns `false`, so the job is skipped. GitHub expression syntax has no `trim` or regex, so we can't fix this purely at the expression level. The `Parse parameters` step had the same blind spot — `sed -n 's|^/review[[:space:]]*||p'` produces empty `ARGS` if the body doesn't start with `/review`. ### Fix 1. **New tiny `match` pre-filter job** that uses a bash regex (`^[[:space:]]*/review([[:space:]]|$)`) to decide whether the comment is a `/review` command. It allows arbitrary leading whitespace (spaces, tabs, newlines) but still requires `/review` to be a standalone token (won't match `/reviewfoo` or comments that merely mention `/review` mid-sentence). 2. **`trigger-review` now `needs: match`** and gates on its output, keeping the rest of the job structure intact. 3. **Trim leading whitespace before `sed`** in `Parse parameters`, so flag/positional parsing works on prefixed comments like ` /review -b feature/foo`. ### Verification Local check of the regex against representative inputs: | Body | Should match | Matches | |-------------------------------------|--------------|---------| | `/review` | yes | yes | | `/review android` | yes | yes | | ` /review -b feature/regression-check` (the failing case) | yes | yes | | `\t/review` | yes | yes | | ` /review -p ios` | yes | yes | | `/reviewfoo` | no | no | | `please /review this` | no | no | | `not a command` | no | no | The full end-to-end behavior will be exercised by the next `/review` invocation on a PR that targets this branch.
<!-- Please let the below note in for people that find this PR --> > [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! ## Description One-line fix: `max: 1` → `max: 10` in the agentic-labeler safe-output config. `max: 1` limited the number of labels per call to 1, silently dropping `platform/*` labels whenever the agent also selected an `area-*` label (which was every time). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
<!-- Please let the below note in for people that find this PR --> > [!NOTE] > Are you waiting for the changes in this PR to be merged? > It would be very helpful if you could [test the resulting artifacts](https://github.com/dotnet/maui/wiki/Testing-PR-Builds) from this PR and let us know in a comment if this change resolves your issue. Thank you! ## Description Follow-up to #35540. That PR fixed the `add-labels` truncation bug by changing the source `.md` from `max: 1` to `max: 10`, but did **not** regenerate the compiled `.lock.yml`. The deployed workflow on `main` therefore still embeds the old config and continues to silently drop all but one label per labeler run. Running `gh aw compile .github/workflows/agentic-labeler.md` locally produces this 17-line diff in the lock file. The substantive changes are: - `frontmatter_hash` updated to match the new `.md` source (so the lock file no longer fails the `ERR_CONFIG: Lock file outdated` check on every dispatch) - safe-outputs `config.json` now emits `{"add_labels":{"max":10}}` (was `{"add_labels":{"max":1}}`) - the agent system prompt now declares `add_labels(max:10)`, so the orchestrator knows it can return multiple labels in one call - heredoc delimiters rotate as expected on every recompile No behaviour changes beyond what #35540 already intended. This is purely the missing `gh aw compile` output. ## Verification 1. Before this PR: every `gh workflow run agentic-labeler.lock.yml` dispatch fails with `ERR_CONFIG: Lock file ... is outdated! The workflow file ... frontmatter has changed.` (confirmed across 26 attempted backfill dispatches on the affected items in #35540 audit). 2. With this PR locally, `git diff` shows only the lock file changed; no `.md` modifications. 3. After merge, dispatching the workflow once via `gh workflow run agentic-labeler.lock.yml --repo dotnet/maui --ref main -f issue_number=<N>` against an affected item should now successfully apply multiple `area-*` + `platform/*` labels in a single run (matching #35540 intent). ## Why this happened PR #35540 was a documentation-style line-edit on the source `.md` and the author appears to have skipped the mandatory `gh aw compile` step. The repo currently has no CI check that recompiles the lock file and rejects out-of-sync commits — adding such a guard is a separate follow-up. The misleading guidance in `~/.agents/skills/gh-aw-guide` (which contributed to the original `max: 1` bug) is being reviewed in parallel via a multi-model audit — fixes will land in a separate PR against that skill repo. Co-authored-by: bot <bot@test> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
RemovePossibleQueryString only stripped query strings (?) but not URL fragments (#). This caused HybridWebView to fail loading local files when the URL contained a fragment identifier (e.g. index.html#code=abc). Now uses IndexOfAny to find the first '?' or '#' delimiter, stripping everything from that point forward. Fixes #31472 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
|
🚀 Dogfood this PR with:
curl -fsSL https://raw.githubusercontent.com/dotnet/maui/main/eng/scripts/get-maui-pr.sh | bash -s -- 35550Or
iex "& { $(irm https://raw.githubusercontent.com/dotnet/maui/main/eng/scripts/get-maui-pr.ps1) } 35550" |
github-actions
Bot
added
the
area-infrastructure
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note
Are you waiting for the changes in this PR to be merged?
It would be very helpful if you could test the resulting artifacts from this PR and let us know in a comment if this change resolves your issue. Thank you!
Description of Change
WebUtils.RemovePossibleQueryStringonly stripped query strings (?) but not URL fragments (#). This caused HybridWebView to fail loading local files when the URL contained a fragment identifier (e.g.index.html#code=abc).The fix uses
IndexOfAnyto find the first?or#delimiter and strips everything from that point forward.Supersedes #31597.
Issues Fixed
Fixes #31472