[copilot-pr-merged-report] Daily Copilot PR Merged Report - 2026-04-06

[github-actions[bot]]

Summary

Analysis Period: Last 24 hours (2026-04-05 15:26 UTC → 2026-04-06 15:26 UTC)
Total Merged PRs: 58
Total Lines Added: 46,911
Total Lines Deleted: 28,055
Net Code Change: +18,856 lines
PRs with Test Files: 26 of 58 (45%)
Total Test Files Modified/Added: 28

💡 Insights

• Massive OTel observability sprint: A large fraction of PRs (~20) were focused on OpenTelemetry improvements — adding span attributes (github.ref, github.sha, deployment.environment, run.attempt), fixing span kinds, enriching error spans with agent output, and wiring the MCP gateway to OTLP tracing. This represents a coordinated platform instrumentation effort.
• PR Convert Write Safe Outputs Tools step to actions/github-script with JSON env vars #24872 dominates the line count: The conversion of "Write Safe Outputs Tools" step to actions/github-script accounts for 23K+ additions and 22K+ deletions — almost entirely lock file recompilation across 178 workflow files. The real feature code change is small (~100 lines).
• Strong security focus: Multiple security-related PRs landed — SEC-002 (secrets from inline to env), SEC-004 (OTLP payload sanitization), OTLP header masking, and --ignore-scripts for npm installs as supply chain protection.

View All Merged Pull Requests (58)

PR #	Title	+Lines	-Lines	Test Files	Merged At
#24872	Convert Write Safe Outputs Tools step to actions/github-script	23,144	22,428	1	2026-04-06
#24871	test(agentdrain): migrate miner_test.go to testify	233	103	1	2026-04-06
#24870	refactor: consolidate duplicate logic in role_checks.go	26	0	0	2026-04-06
#24869	spec(mcp-gateway): allow opentelemetry headers as name=value string	106	17	0	2026-04-06
#24864	Add validation: safe-outputs max field validation	353	0	1	2026-04-06
#24863	Add run-install-scripts flag (--ignore-scripts default)	545	158	2	2026-04-06
#24861	rename: awInfoHasMCPServers → extractMCPServerNamesFromAwInfo	5	4	0	2026-04-06
#24859	fix: use Math.floor instead of Math.round for OTEL job start ms	1	1	0	2026-04-06
#24823	fix: normalize INPUT_JOB_NAME hyphen variant for OTLP spans	68	2	0	2026-04-06
#24821	fix: remove unrecognized breadcrumbs key from Starlight config	0	1	0	2026-04-06
#24818	fix: add checks tool to MCP server tool tests	2	1	1	2026-04-06
#24817	fix(lint): use require.NoError in gitutil_test.go	2	1	1	2026-04-06
#24807	Remove --disable-slash-commands flag for Claude Code 1.0.0	87	94	1	2026-04-06
#24805	Add ::add-mask:: for OTEL_EXPORTER_OTLP_HEADERS	637	0	0	2026-04-06
#24796	Add report_incomplete safe output type	8,258	1,900	1	2026-04-06
#24792	Surface pre-activation denial reason in job summary	195	9	0	2026-04-06
#24787	fix: correct Go module path for runner-guard v2 install	17	17	0	2026-04-05
#24786	feat(otel): add github.ref and github.sha to span resource attributes	132	0	1	2026-04-06
#24785	fix(SEC-004): sanitize OTLP payload before sending	183	1	1	2026-04-05
#24767	fix(daily-issues-report): switch engine from codex to copilot	91	106	0	2026-04-05
#24766	fix: error quality improvements (duplicate scopes, position info)	174	16	0	2026-04-05
#24765	test(gitutil): extend coverage to 100% of exported functions	1,020	0	1	2026-04-05
#24764	refactor: consolidate codemod_bots/roles, rename filterMapKeys	1,087	367	0	2026-04-05
#24763	docs: enable breadcrumbs and document sitemap dev-mode limitation	889	0	0	2026-04-05
#24758	fix: preserve .endpoint decorator in rate-limit-aware github proxy	60	1	0	2026-04-05
#24757	Add checks as first-class MCP tool to gh-aw MCP server	181	0	1	2026-04-05
#24753	Remove dead code in audit_report.go	15	37	0	2026-04-05
#24750	Remove observability.job-summary opt-in, auto-render when OTLP enabled	122	114	0	2026-04-05
#24749	feat: add runner-guard to static-analysis-report workflow	223	28	0	2026-04-05
#24748	Add GitHub API rate limit analysis to logs, audit, audit diff	799	36	2	2026-04-05
#24747	feat(otel): add deployment.environment to setup span	69	0	1	2026-04-05
#24746	fix(SEC-002): move secrets from run: inline to env: mapping	938	447	0	2026-04-05
#24742	fix: daily issues report documentation new-file gap	11	1	0	2026-04-05
#24712	rename: classifyFirewallDomainStatus, renderFirewallStatusEmoji	25	25	0	2026-04-05
#24711	Add gh-aw.staged and deployment.environment to OTLP conclusion spans	85	3	1	2026-04-05
#24701	fix(otel): use SPAN_KIND_INTERNAL for job lifecycle spans	55	3	1	2026-04-05
#24697	Configure MCP gateway OpenTelemetry from observability.otlp	954	165	0	2026-04-06
#24694	Add GitHub API rate limit JSONL artifact logging and OTLP enrichment	1,420	73	1	2026-04-05
#24691	feat(otel): add github.actions.run_url resource attribute	117	0	1	2026-04-05
#24689	chore: upgrade gh-aw-mcpg to v0.2.14	387	441	0	2026-04-05
#24688	test: add coverage for tool call result preview in generatePlainTextSummary	72	0	1	2026-04-05
#24687	docs: add stateful scanning (repo-memory baseline diff) pattern	64	70	0	2026-04-05
#24685	docs: add pre-step data-fetching pattern to create-agentic-workflow	67	69	0	2026-04-05
#24680	fix: OTel conclusion spans record actual job execution duration	162	77	1	2026-04-05
#24675	enrich OTel error conclusion spans with agent_output.json errors	208	1	1	2026-04-05
#24670	feat: add gh-aw.run.attempt to setup and conclusion OTel spans	58	2	1	2026-04-05
#24666	fix(otel): show real OTLP trace ID in observability job summary	23	3	1	2026-04-05
#24661	feat(otel-advisor): query live Sentry OTel data to ground analysis	32	5	0	2026-04-05
#24659	feat(otel): add github.repository and service attributes as resources	233	3	1	2026-04-05
#24655	feat: add daily-otel-instrumentation-advisor workflow	1,443	0	0	2026-04-05
#24650	feat: report agent failure in OTEL conclusion span	138	6	1	2026-04-05
#24648	fix: use actual job name in OTLP span names	18	18	1	2026-04-05
#24626	refactor: extract shared OTLP observability config	1,165	959	0	2026-04-05
#24623	ci-cleaner: switch to Claude with max-turns, scope recompile	271	121	0	2026-04-05
#24621	fix(docs): correct file-glob pattern docs for repo-memory	106	105	0	2026-04-05
#24620	fix: update stale anchor in glossary for gh aw audit diff	1	1	0	2026-04-05
#24610	Fix invalid Tavily MCP package name and mcp inspect missing servers bug	36	15	0	2026-04-05
#24609	fix: deduplicate GitHub App token minting step names	98	0	0	2026-04-05

Code Generation Metrics

Lines of Code

• Total Lines Added: 46,911
• Total Lines Deleted: 28,055
• Net Code Change: +18,856 lines

Note: PR #24872 (compiler refactor) accounts for ~23K+ additions and ~22K+ deletions that are largely lock file regeneration across 178 workflow YAML files. The actual feature code represents a small fraction of those numbers.

Test Coverage

• Total Test Files Modified/Added: 28 across 26 PRs
• 45% of merged PRs included test file changes
• Test types: Go test files (*_test.go), JavaScript test files (*.test.cjs)

Category Breakdown

Category	PRs	Description
OpenTelemetry improvements	~20	Span attributes, kinds, error enrichment, MCP gateway OTLP
Security fixes	3	SEC-002 (secrets), SEC-004 (OTLP payload), npm --ignore-scripts
Test improvements	6	gitutil, agentdrain, miner, safe-outputs validation
Bug fixes	12	Claude compatibility, docs build, lint, CI fixes
Features	8	checks MCP tool, report_incomplete, rate limit analysis
Documentation	5	Memory patterns, pre-step fetching, breadcrumbs
Refactoring	4	Dead code removal, shared OTLP config, codemod consolidation

Notable PRs

Largest by impact:

• #24872 — Compiler refactor to actions/github-script (178 files, 181 lock files recompiled)
• #24796 — New report_incomplete safe output type (199 files)
• #24694 — GitHub API rate limit observability (195 files, 3 new helpers)

Security-focused:

• #24746 — SEC-002: 422 secrets expressions moved to env vars (190 files)
• #24785 — SEC-004: OTLP payload sanitization (redaction + truncation)
• #24863 — --ignore-scripts default for npm installs (supply chain protection)

Highest test coverage:

• #24765 — gitutil: 2/5 → 5/5 exported functions covered
• #24871 — agentdrain miner: 5 new test scenarios added
• #24748 — GitHub rate limit analysis: 14 new unit tests

---

Note: Token consumption data is not directly available via GitHub API. Workflow execution time data was not collected for this report.

References:

• Workflow Run §24037851766

Generated by Daily Copilot PR Merged Report · ● 2.3M · ◷

• expires on Apr 7, 2026, 3:34 PM UTC

[github-actions[bot]]

This discussion has been marked as outdated by Daily Copilot PR Merged Report.

A newer discussion is available at Discussion #25123.