Skip to content

Refactor workflow env access in github_cli/features to injected lookup#43104

Merged
pelikhan merged 6 commits into
mainfrom
copilot/lint-monster-process-environment-cleanup
Jul 3, 2026
Merged

Refactor workflow env access in github_cli/features to injected lookup#43104
pelikhan merged 6 commits into
mainfrom
copilot/lint-monster-process-environment-cleanup

Conversation

Copilot AI commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

This PR addresses a focused subset of process-environment coupling findings by removing direct environment reads from lower-level workflow helpers. The change targets pkg/workflow/github_cli.go and pkg/workflow/features.go, and threads access through an injectable lookup boundary.

  • Scope and intent

    • Replace direct os.Getenv usage in selected workflow library code with explicit, injectable environment lookup.
    • Keep behavior unchanged while establishing a reusable dependency-injection pattern for follow-up slices.
  • Workflow env lookup abstraction

    • Added pkg/workflow/process_env_lookup.go with:
      • SetProcessEnvLookup(func(string) (string, bool)) for caller/test injection.
      • internal lookupProcessEnv(string) string used by workflow helpers.
    • Default lookup remains process-backed (os.LookupEnv), but no longer hardwired at call sites.
  • github_cli decoupling

    • setupGHCommand now resolves GH_TOKEN, GITHUB_TOKEN, and GH_HOST via lookupProcessEnv(...) instead of direct process reads.
    • Existing command/env behavior is preserved (token fallback and default host application semantics unchanged).
  • features decoupling

    • isFeatureInEnvironment now resolves GH_AW_FEATURES via lookupProcessEnv(...).
    • Feature precedence semantics remain intact (frontmatter still overrides env).
  • Targeted tests for injection path

    • Extended github_cli tests to validate configured lookup behavior (token fallback present/absent cases).
    • Extended features tests to validate configured lookup behavior (feature present/missing cases).
// pkg/workflow/process_env_lookup.go
func SetProcessEnvLookup(lookup func(string) (string, bool)) {
    // nil resets to default process lookup
}

func lookupProcessEnv(key string) string {
    value, _ := processEnvLookup(key) // preserves os.Getenv-like semantics
    return value
}

Generated by 👨‍🍳 PR Sous Chef · 6.86 AIC · ⌖ 7.55 AIC · ⊞ 6.4K ·

Copilot AI and others added 2 commits July 3, 2026 04:41
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Cleanup process-environment coupling in lint-monster Refactor workflow env access in github_cli/features to injected lookup Jul 3, 2026
Copilot AI requested a review from pelikhan July 3, 2026 04:54
@pelikhan pelikhan marked this pull request as ready for review July 3, 2026 05:06
Copilot AI review requested due to automatic review settings July 3, 2026 05:06

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR reduces direct coupling to the process environment in pkg/workflow helpers by routing environment lookups through an injectable lookup function, enabling more controllable tests and future dependency-injection work while preserving existing runtime behavior.

Changes:

  • Introduced a package-level, configurable process environment lookup (SetProcessEnvLookup + internal lookupProcessEnv) with a default backed by os.LookupEnv.
  • Updated setupGHCommand to read GH_TOKEN, GITHUB_TOKEN, and GH_HOST via the injected lookup boundary rather than direct os.Getenv calls.
  • Updated feature-flag environment detection to read GH_AW_FEATURES via the injected lookup boundary and added tests validating the injection path.
Show a summary per file
File Description
pkg/workflow/process_env_lookup.go Adds injectable environment lookup used by workflow helpers.
pkg/workflow/github_cli.go Switches GH token/host environment reads to the injected lookup helper.
pkg/workflow/github_cli_test.go Adds coverage ensuring GH CLI helpers honor the configured lookup behavior.
pkg/workflow/features.go Switches feature env reads (GH_AW_FEATURES) to the injected lookup helper.
pkg/workflow/features_test.go Adds coverage ensuring feature detection honors the configured lookup behavior.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 5/5 changed files
  • Comments generated: 1
  • Review effort level: Low

Comment on lines +27 to +34
func lookupProcessEnv(key string) string {
processEnvLookupMu.RLock()
defer processEnvLookupMu.RUnlock()
// Intentionally ignore the existence flag to preserve os.Getenv semantics:
// missing variables and explicitly empty variables are both treated as "".
value, _ := processEnvLookup(key)
return value
}
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Test Quality Sentinel completed test quality analysis.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

⚠️ PR Code Quality Reviewer failed during code quality review.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Design Decision Gate 🏗️ completed the design decision gate check.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🧠 Matt Pocock Skills Reviewer has completed the skills-based review. ✅

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🏗️ Design Decision Gate — ADR Required

This PR makes significant changes to core business logic (118 new lines in pkg/workflow/) but does not have a linked Architecture Decision Record (ADR).

📄 Draft ADR committed: docs/adr/43104-inject-process-env-lookup-for-workflow-helpers.md — review and complete it before merging.

🔒 This PR cannot merge until an ADR is linked in the PR body.

📋 What to do next
  1. Review the draft ADR committed to your branch — it was generated from the PR diff
  2. Complete the missing sections — add context the AI could not infer, refine the decision rationale, and list real alternatives you considered
  3. Commit the finalized ADR to docs/adr/ on your branch
  4. Reference the ADR in this PR body by adding a line such as:

    ADR: ADR-43104: Inject Process Env Lookup for Workflow Helpers via Global Setter

Once an ADR is linked in the PR body, this gate will re-run and verify the implementation matches the decision.

🔍 Note on relation to ADR-42984

A prior ADR (ADR-42984) decided to use constructor injection (EnvGetter func(string) string) for compilerenv and action_mode. This PR introduces a different pattern — a package-level mutex-protected global setter (SetProcessEnvLookup) — for github_cli and features. The draft ADR documents this divergence and the reasoning behind it. Please review that section in particular.

❓ Why ADRs Matter

"AI made me procrastinate on key design decisions. Because refactoring was cheap, I could always say 'I'll deal with this later.' Deferring decisions corroded my ability to think clearly."

ADRs create a searchable, permanent record of why the codebase looks the way it does. Future contributors (and your future self) will thank you.

📋 Michael Nygard ADR Format Reference

An ADR must contain these four sections to be considered complete:

  • Context — What is the problem? What forces are at play?
  • Decision — What did you decide? Why?
  • Alternatives Considered — What else could have been done?
  • Consequences — What are the trade-offs (positive and negative)?

All ADRs are stored in docs/adr/ as Markdown files numbered by PR number (e.g., 0042-use-postgresql.md for PR #42).

🏗️ ADR gate enforced by Design Decision Gate 🏗️ · 45 AIC · ⌖ 10.5 AIC · ⊞ 8.5K ·
Comment /review to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🧪 Test Quality Sentinel Report

Test Quality Score: 90/100 — Excellent

Analyzed 2 test(s): 2 design, 0 implementation, 0 violation(s).

📊 Metrics (2 tests)
Metric Value
Analyzed 2 (Go: 2, JS: 0)
✅ Design 2 (100%)
⚠️ Implementation 0 (0%)
Edge/error coverage 2 (100%)
Duplicate clusters 0
Inflation YES (contextually justified — see note)
🚨 Violations 0
Test File Classification Issues
TestIsFeatureEnabledUsesConfiguredProcessEnvLookup pkg/workflow/features_test.go:83 ✅ design_test None
TestExecGHUsesConfiguredProcessEnvLookup pkg/workflow/github_cli_test.go:114 ✅ design_test Minor: some assertions lack descriptive failure messages
⚠️ Flagged Tests (1 — minor)

TestExecGHUsesConfiguredProcessEnvLookup (github_cli_test.go:114) — Several assertions (require.NotNil, assert.Contains, assert.False + slices.ContainsFunc) omit a descriptive failure message. This is a soft recommendation only — not a hard violation. Adding messages such as "token from injected lookup should appear as GH_TOKEN" makes failures immediately actionable without re-reading the test.

Test inflation note: features_test.go adds 33 lines vs features.go +1 line (33:1); github_cli_test.go adds 47 lines vs github_cli.go +3 lines (15.7:1). Both ratios nominally exceed the 2:1 threshold. However the actual production target is the newly introduced process_env_lookup.go (+34 lines), which is the shared helper exercised by both new test functions. Measured against the real production delta (80 test lines / 34 production lines ≈ 2.35:1) the ratio is only marginally over threshold and is contextually justified.

Verdict

Passed. 0% implementation tests (threshold: 30%). No guideline violations.

Both new test functions directly verify the behavioral contract of the injected env-lookup mechanism — isFeatureEnabled and ExecGH must route through the configured SetProcessEnvLookup hook rather than calling os.LookupEnv directly. These are high-value design tests: deleting either one would silently allow the injection to be bypassed. Positive and negative paths are both covered in each function.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🧪 Test quality analysis by Test Quality Sentinel · 55.3 AIC · ⌖ 10.6 AIC · ⊞ 6.8K ·
Comment /review to run again

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Test Quality Sentinel: 90/100. 0% implementation tests (threshold: 30%). No violations. Both new tests verify the behavioral contract of the injected env-lookup mechanism with positive and negative paths covered.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Review Summary 🧠

Applied /codebase-design, /improve-codebase-architecture, and /tdd to PR #43104. One correctness issue warrants a fix before merge; the rest are test-quality improvements.

📋 Issues found (7 inline comments)
# File Issue Skill
1 process_env_lookup.go:32 Potential deadlock: RLock held while calling injected function — copy pointer first /codebase-design
2 process_env_lookup.go:17 Global mutable state unsafe for parallel tests; add a doc comment warning /codebase-design
3 github_cli.go:64 os.Environ() base env bypasses the injection boundary — document or close gap /codebase-design
4 github_cli_test.go:139 require.NotNil(cmd.Env) is trivially true; replace with content assertion /tdd
5 github_cli_test.go:153 Same issue in "both absent" sub-test /tdd
6 features_test.go:95 Missing test: GH_AW_FEATURES set-but-blank should be treated as absent /tdd
7 process_env_lookup.go:8 envLookupFunc unexported type may need promotion as follow-up slices expand /improve-codebase-architecture

@copilot please address the review comments above.

🧠 Reviewed using Matt Pocock's skills by Matt Pocock Skills Reviewer · 90 AIC · ⌖ 6.8 AIC · ⊞ 6.6K ·
Comment /matt to run again

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skills-Based Review 🧠

Applied /codebase-design, /improve-codebase-architecture, and /tdd — requesting changes on a correctness issue in the locking implementation and weak test assertions.

📋 Key Themes & Highlights

Key Issues

  • Potential deadlock (process_env_lookup.go L32): RLock is held while calling the user-supplied function. If that function calls SetProcessEnvLookup, a write-lock deadlock follows. Fix: copy the pointer under the lock, then release before calling.
  • Incomplete injection boundary (github_cli.go L62): os.Environ() still snapshots the real process environment for the base command env slice — worth documenting or closing the gap in a follow-up.
  • Weak test assertions (github_cli_test.go L139, L153): Two require.NotNil(t, cmd.Env) guards are always true given the test setup; they should be replaced with targeted content assertions.
  • Missing edge case (features_test.go L95): No test for GH_AW_FEATURES set-but-blank, which is the key semantic parity check between old os.Getenv and new lookupProcessEnv.
  • Global mutable state (process_env_lookup.go L17): SetProcessEnvLookup is package-level and unsafe for parallel tests. Documenting this limitation on the function would prevent silent test pollution.

Positive Highlights

  • ✅ Clean, minimal new file — process_env_lookup.go is a well-scoped abstraction
  • ✅ Nil reset to default (SetProcessEnvLookup(nil)) is a thoughtful API decision
  • ✅ All call sites correctly use t.Cleanup for teardown — no leaked state
  • ✅ Both positive and negative injection paths are tested
  • ✅ PR description accurately describes scope and preserves existing semantics

🧠 Reviewed using Matt Pocock's skills by Matt Pocock Skills Reviewer · 90 AIC · ⌖ 6.8 AIC · ⊞ 6.6K
Comment /matt to run again

Comment thread pkg/workflow/process_env_lookup.go Outdated
defer processEnvLookupMu.RUnlock()
// Intentionally ignore the existence flag to preserve os.Getenv semantics:
// missing variables and explicitly empty variables are both treated as "".
value, _ := processEnvLookup(key)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[/codebase-design] The RLock is held for the full duration of the user-supplied processEnvLookup(key) call — if that function ever calls SetProcessEnvLookup (acquiring the write lock) you have a self-deadlock. The standard fix is to copy the function pointer under the lock, release it, then call the copy.

💡 Suggested fix
func lookupProcessEnv(key string) string {
    processEnvLookupMu.RLock()
    fn := processEnvLookup
    processEnvLookupMu.RUnlock()
    value, _ := fn(key)
    return value
}

This is the standard copy-then-call pattern for guarded function-pointer fields. It also shortens the critical section and avoids arbitrary work inside the injected function from holding the lock.

@copilot please address this.


// SetProcessEnvLookup configures how workflow helpers resolve environment values.
// Passing nil restores the default process environment lookup.
func SetProcessEnvLookup(lookup func(string) (string, bool)) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[/codebase-design] SetProcessEnvLookup is package-level mutable state — callers across goroutines (production code plus concurrent tests) can race on it without realising. Consider whether the injection point belongs on a context value or a per-call struct rather than a global.

💡 Why this matters

Global test helpers like SetProcessEnvLookup pair well with t.Cleanup (which this PR does correctly), but package-level state still means sub-tests or parallel tests that call the same workflow helpers share the same slot. If two parallel t.Parallel() sub-tests each call SetProcessEnvLookup, they race. A context.WithValue or an explicit env-lookup parameter threaded through each helper would be fully parallel-safe and would make the dependency visible at each call site.

The current approach is a pragmatic first step, but documenting the known limitation ("not safe for parallel tests") on the function would prevent surprises.

@copilot please address this.

cmd.Env = append(os.Environ(), "GH_TOKEN="+githubToken)
}
if os.Getenv("GH_HOST") == "" {
if lookupProcessEnv("GH_HOST") == "" {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[/codebase-design] GH_HOST is read via lookupProcessEnv (injectable) but os.Environ() on line 62 still snapshots the real process environment — so the token injection path (GH_TOKEN=...) bypasses the injection boundary. Test environments that stub SetProcessEnvLookup will still inherit real GH_TOKEN/GITHUB_TOKEN from the process if those are set, which can cause test pollution.

💡 Suggested approach

Either:

  1. Also build the env slice from the injected lookup (fuller DI), or
  2. Explicitly document that cmd.Env is seeded from os.Environ() and the injected lookup only controls the token-selection logic, not the base environment.

Option 2 is fine for now, but worth a comment so the next slice of this work doesn't silently re-couple.

@copilot please address this.

})

cmd := ExecGH("auth", "status")
require.NotNil(t, cmd.Env)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[/tdd] require.NotNil(t, cmd.Env) is weaker than it looks: cmd.Env will be non-nil precisely because the test injected a token, so this assertion is always trivially true and never catches a regression where the env slice is constructed but empty. Assert on the length or specific contents only.

💡 Suggested replacement
// Instead of require.NotNil(t, cmd.Env)
assert.Contains(t, cmd.Env, "GH_TOKEN=lookup-token")
assert.Contains(t, cmd.Env, "GH_HOST=configured.ghe.com")

The two assert.Contains calls below already cover the interesting invariants — the require.NotNil guard only triggers if cmd.Env is literally nil, which can't happen once tokens are appended. Removing it keeps the test specification clean.

@copilot please address this.

})

cmd := ExecGH("auth", "status")
require.NotNil(t, cmd.Env)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[/tdd] The "both tokens absent" sub-test asserts cmd.Env is non-nil, but when neither token is set setupGHCommand doesn't append to cmd.Env — it stays nil unless SetGHHostEnv sets it. The test should assert explicitly that cmd.Env contains no GH_TOKEN= entry rather than a NotNil guard.

💡 Why the current assertion may pass for the wrong reason

cmd.Env is non-nil here because SetGHHostEnv appends GH_HOST=... even when tokens are absent. The require.NotNil therefore passes, but it says nothing about the absence of an injected token. Replace it with the exact negative assertion that is already on line 154 and remove the redundant guard.

@copilot please address this.

SetProcessEnvLookup(nil)
})

result := isFeatureEnabled(constants.FeatureFlag("firewall"), nil)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[/tdd] There is no test for the case where GH_AW_FEATURES returns an empty string from the lookup (i.e. the variable exists but is blank). lookupProcessEnv preserves os.Getenv semantics and treats this as "not set", which is arguably the most important edge case to lock down now that the lookup is injectable.

💡 Suggested additional test
t.Run("empty GH_AW_FEATURES disables feature", func(t *testing.T) {
    SetProcessEnvLookup(func(key string) (string, bool) {
        if key == "GH_AW_FEATURES" {
            return "", true // set but blank
        }
        return "", false
    })
    t.Cleanup(func() { SetProcessEnvLookup(nil) })
    require.False(t, isFeatureEnabled(constants.FeatureFlag("firewall"), nil))
})

This exercises the branch in isFeatureInEnvironment where features == "" is treated the same as absent, ensuring the semantic parity with the old os.Getenv path is maintained.

@copilot please address this.

"sync"
)

type envLookupFunc func(string) (string, bool)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[/improve-codebase-architecture] envLookupFunc is an unexported type alias. As follow-up slices extend the injection boundary, this type will likely appear in more packages (or in test helpers). Consider whether it belongs as a named exported type in a small envlookup or envutil package so consumers don't have to redeclare the function signature.

💡 Future-proofing note

Right now the type is only used within the workflow package, so unexported is correct. But if the PR description's "follow-up slices" plan to apply the same pattern to sibling packages, each will have to duplicate the signature. Exporting the type (or providing it via a shared internal package) would keep the injection contract in one place.

This is a forward-looking suggestion — no change needed now, but worth noting before the pattern proliferates.

@copilot please address this.

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review: Refactor workflow env access to injected lookup

The abstraction design is clean and the injection pattern is well-structured. process_env_lookup.go correctly uses sync.RWMutex and restores the default on nil reset — no issues there.

Two related test-isolation bugs in the new tests need fixing before merge.

Root cause (shared)

When cmd.Env is nil (because neither token injection block ran), SetGHHostEnv seeds cmd.Env via append(os.Environ(), ...). This copies the real process environment into cmd.Env, so any GH_TOKEN present in the actual runner process bleeds in. Both new sub-tests in TestExecGHUsesConfiguredProcessEnvLookup fail to isolate from this.

Fix (both sub-tests): Add t.Setenv("GH_TOKEN", "") and t.Setenv("GITHUB_TOKEN", "") before calling ExecGH in each sub-test. t.Setenv automatically restores on cleanup.

The production code change itself (lines 44–45, 64 in github_cli.go and line 92 in features.go) is correct.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • proxy.golang.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "proxy.golang.org"

See Network Configuration for more information.

🧵 Reviewed using Impeccable skills by Impeccable Skills Reviewer · 107 AIC · ⌖ 5.79 AIC · ⊞ 4.9K


cmd := ExecGH("auth", "status")
require.NotNil(t, cmd.Env)
assert.False(t, slices.ContainsFunc(cmd.Env, func(e string) bool {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The assertion on line 154 has a subtle but real false-negative risk.

When both tokens are absent via the injected lookup, the cmd.Env injection at setupGHCommand line 62 is skipped — so cmd.Env is nil going into SetGHHostEnv. Inside SetGHHostEnv, when cmd.Env == nil, it calls append(os.Environ(), "GH_HOST="+host), seeding cmd.Env from the real process environment.

Any environment where GH_TOKEN is set in the process (CI runners, developer machines with a token) will include GH_TOKEN=<real_value> in cmd.Env, causing this assertion to pass falsely — or fail unexpectedly — depending on the token's presence.

Fix: isolate this sub-test from the real process environment:

t.Run("does not inject gh token when both tokens are absent", func(t *testing.T) {
    t.Setenv("GH_TOKEN", "")        // isolate from real process env
    t.Setenv("GITHUB_TOKEN", "")
    SetProcessEnvLookup(...)
    ...
})

@copilot please address this.


cmd := ExecGH("auth", "status")
require.NotNil(t, cmd.Env)
assert.Contains(t, cmd.Env, "GH_TOKEN=lookup-token")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The same process-environment isolation issue applies here. When ghToken == "" and githubToken != "", line 62 does:

cmd.Env = append(os.Environ(), "GH_TOKEN="+githubToken)

os.Environ() captures the real process env. If GH_TOKEN is already set in the real environment, both GH_TOKEN=<real> and GH_TOKEN=lookup-token end up in cmd.Env. The test passes (Contains finds the injected value), but the subprocess would use the earlier (real) token, not the injected one.

Add t.Setenv("GH_TOKEN", "") before calling ExecGH to ensure the injected token is actually the only one present:

t.Setenv("GH_TOKEN", "")
t.Setenv("GITHUB_TOKEN", "")
SetProcessEnvLookup(...)

@copilot please address this.

@gh-aw-bot

Copy link
Copy Markdown
Collaborator

@copilot please run the pr-finisher skill, Address unresolved review feedback first. Ensure the branch is up to date and rerun checks.

Generated by 👨‍🍳 PR Sous Chef · 6.86 AIC · ⌖ 7.55 AIC · ⊞ 6.4K ·

Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>

Copilot AI commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

@copilot please run the pr-finisher skill, Address unresolved review feedback first. Ensure the branch is up to date and rerun checks.

...

Fixed in commit fix: copy fn pointer under RLock before calling in lookupProcessEnv. lookupProcessEnv now copies the function pointer under the read lock, then releases the lock before invoking the function — eliminating the blocking/deadlock risk from slow or re-entrant custom lookups. Local make fmt and make test-unit pass.

Copilot AI requested a review from gh-aw-bot July 3, 2026 05:53
@pelikhan

pelikhan commented Jul 3, 2026

Copy link
Copy Markdown
Collaborator

/souschef

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🚀 pr-sous-chef has started processing this pull request comment

@pelikhan

pelikhan commented Jul 3, 2026

Copy link
Copy Markdown
Collaborator

@copilot run pr-finisher

Copilot AI commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

@copilot run pr-finisher

PR is in a merge-ready state:

  • Reviews — The one review thread (mutex held during lookup call) was addressed in a prior commit; thread was replied to and resolved.
  • Checks (local)make fmt, make lint, and make test-unit all pass on the current HEAD.
  • Checks (CI) — Stale after agent push; needs a human re-trigger (close/reopen PR, workflow_dispatch, or a maintainer push) before merge.
  • Mergeable — Branch is up to date with origin, no conflicts.

Hand-off: CI re-trigger required before merge.

@pelikhan pelikhan merged commit cb307db into main Jul 3, 2026
41 of 42 checks passed
@pelikhan pelikhan deleted the copilot/lint-monster-process-environment-cleanup branch July 3, 2026 07:17
@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

🎉 This pull request is included in a new release.

Release: v0.82.3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[lint-monster] lint-monster: process-environment coupling cleanup

4 participants