Skip to content

fix(audit): return absolute paths in downloaded_files#21331

Merged
pelikhan merged 2 commits intomainfrom
copilot/cli-tools-test-update-downloaded-files-paths
Mar 17, 2026
Merged

fix(audit): return absolute paths in downloaded_files#21331
pelikhan merged 2 commits intomainfrom
copilot/cli-tools-test-update-downloaded-files-paths

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 17, 2026
edited
Loading

audit report's downloaded_files[*].path entries were relative to the process working directory instead of absolute, producing unusable paths like ../../../../../tmp/gh-aw/aw-mcp/logs/run-23169016246/agent-stdio.log for all callers.

Changes

  • pkg/cli/audit_report.go: Remove os.Getwd() + filepath.Rel() logic in extractDownloadedFiles; replace with filepath.Abs() to guarantee absolute paths regardless of working directory
  • pkg/cli/audit_report_helpers_test.go: Add filepath.IsAbs assertion to TestDownloadedFilesInAuditData; update stale comments that described paths as relative

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git 1607589492 GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/orgs/test-owner/actions/secrets
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE erignore env tformat GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name --write **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.prettinpx prettier --check '**/*.cjs' '**/*.ts' '**/*.json' --ignore-path ../../../.pr**/*.json sh -c "prettier" --wriGOSUMDB git 64/bin/go rror FpiJ9ENbZatjTay5-c /usr/bin/git go (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha /tmp/TestHashStability_SameInputSameOutput1779994242/001/stability-test.md resolved$ /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel node /usr/bin/git --check **/*.cjs 64/bin/go git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha -json GO111MODULE /usr/bin/git GOINSECURE GOMOD GOMODCACHE git -c log.showsignature=false log /usr/bin/git -n1 --format=format:rev-parse f9b2fd75d10d git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE aw.test GOINSECURE GOMOD GOMODCACHE aw.test (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel /opt/hostedtoolcache/go/1.25.0/xGO111MODULE /opt/hostedtoolcache/node/24.14.0/x64/bin/node /tmp/go-build248git -trimpath 64/bin/go /opt/hostedtoolcache/node/24.14.0/x64/bin/node /tmp�� Value: ${{ github.actor }} go /usr/bin/git -json GO111MODULE x_amd64/vet git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/compile /usr/bin/git g_.a GO111MODULE ache/go/1.25.0/x--show-toplevel git rev-�� --show-toplevel go /usr/bin/git FvJ6xXaZA GO111MODULE ache/go/1.25.0/x--show-toplevel git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha GOMODCACHE ache/go/1.25.0/xGO111MODULE /usr/bin/git 5574846/b405/_pkgit GO111MODULE 64/bin/go git init�� GOMODCACHE go /usr/bin/git -xvv/AwQmrSaUAlsgit GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq ache/node/24.14.0/x64/bin/node 5574846/b411/_pkgit GO111MODULE 64/bin/go ache/node/24.14.0/x64/bin/node s-12�� .actor }}, Unsafe: ${{ secrets.TOKEN }} go /usr/bin/git lEww/v3WPDkTri9Xgit GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel go /usr/bin/git -json GO111MODULE 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/link /usr/bin/git .test GO111MODULE ortcfg.link git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE go m/_n�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -json GO111MODULE 64/bin/go "; \ else \ echo "��� Warning: .github/aw/actions-lock.json does not exist yet"; \ fi GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha go1.25.0 -c=4 -nolocalimports -importcfg /tmp/go-build3960353869/b395/importcfg -pack /tmp/go-build3960353869/b395/_testmain.go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq /opt/hostedtoolcache/node/24.14.0/x64/bin/node 5574846/b409/_pkgit GO111MODULE 64/bin/go node /tmp�� /tmp/TestHashStability_SameInputSameOutput1779994242/001/stability-test.md go /usr/bin/git f-ea/531FAd_edHFgit GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha GOMODCACHE ache/go/1.25.0/xGO111MODULE ache/node/24.14.0/x64/bin/node 5574846/b407/_pkgit GO111MODULE 64/bin/go ache/node/24.14.0/x64/bin/node s-47�� ub.actor }} go /usr/bin/git QjYA/_Y8N-A6N0WZgit GO111MODULE 64/bin/go git (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE .cfg GOINSECURE GOMOD GOMODCACHE go env runs/20260317-034401-28188/test-840985615/.github/workflows GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go l GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha 0353869/b402/logger.test GO111MODULE 0353869/b402/importcfg.link GOINSECURE GOMOD GOMODCACHE I_9a60CKVjggF/xhVqh7QChbBs18WVNtQl/oquH83jWyDYw0zAo1mM_/ucRcfTiI_9a60CKVjggF env ry=1 GO111MODULE 0353869/b402/_pkg_.a GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env hub/workflows GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go Action pins syngit GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE x_amd64/asm GOINSECURE GOMOD GOMODCACHE x_amd64/asm env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE x_amd64/cgo GOINSECURE GOMOD GOMODCACHE x_amd64/cgo env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/link GOINSECURE GOMOD GOMODCACHE x_amd64/link (http block)
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE 64/bin/go N files are not /opt/hostedtoolcache/node/24.14.0/x64/bin/node GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE x_amd64/link GOINSECURE GOMOD GOMODCACHE x_amd64/link env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE ache/go/1.25.0/xGO111MODULE env 5574846/b369/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/tmp GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 b/gh-aw/pkg/cli GOMODCACHE go env V6C2/JmlwCqs-SyYGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 5574846/b354/imp-trimpath (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE At,event,headBranch,headSha,displayTitle GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha 5574846/b409/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env f-ea/531FAd_edHF--format=%H:%ct GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 5574846/b409/impconfig (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha --write ../../../**/*.jsGOWORK 64/bin/go --ignore-path ../../../.pretti+x /usr/bin/git go /pre�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha 5574846/b412/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/pkg/testfor-each-ref GOMODCACHE go env pAbU/df2Fx0C0xZw--merged GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 5574846/b412/imprev-parse (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha 5574846/b415/_pkGOINSECURE GO111MODULE 7527279665e48f36-d GOINSECURE GOMOD GOMODCACHE go env hep9/bNFF9tA-sz6GOSUMDB GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 5574846/b415/imprev-parse (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha 5574846/b374/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/cmd/gh-a-V=full GOMODCACHE go env 5LsA/jjliT2ZEO4aGOSUMDB GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 5574846/b374/importcfg (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha 5574846/b411/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env lEww/v3WPDkTri9XGOSUMDB GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 5574846/b411/importcfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha --write ../../../**/*.jsGOWORK 64/bin/go --ignore-path ../../../.prettibuild /usr/bin/git go /pre�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE 7c/71D7Ue6qDcptIrev-parse GOMODCACHE go env 682554222/.github/workflows GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE GOMOD GOMODCACHE go estl�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE GOMOD GOMODCACHE x_amd64/vet env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE ache/go/1.25.0/xGO111MODULE env 5574846/b354/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/pkg/cli GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD ode-gyp-bin/node-json ache/go/1.25.0/xGO111MODULE env 5574846/b384/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go **/*.json --ignore-path ../../../.prettinpx prettier --check '**/*.cjs' '**/*.ts' '**/*.json' --ignore-path ../../../.pr**/*.json sh -c "prettier" --wriGOSUMDB git 64/bin/go rror go (http block)
  • https://api.github.com/repos/owner/repo/contents/file.md
    • Triggering command: /tmp/go-build3960353869/b383/cli.test /tmp/go-build3960353869/b383/cli.test -test.testlogfile=/tmp/go-build3960353869/b383/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE go env ck 'scripts/**/*GOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /tmp/go-build563639417/b383/cli.test /tmp/go-build563639417/b383/cli.test -test.testlogfile=/tmp/go-build563639417/b383/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true --show-toplevel WRSg2KuupdWPFniBenv /usr/bin/git sh -c npx prettier --wGOINSECURE git 64/bin/go "; \ else \ echo "��� Warning: .github/aw/actions-lock.json does not exist yet"; \ fi ache/go/1.25.0/x/home/REDACTED/work/gh-aw/gh-aw/actions/setup/js/node_modules/.bin/prettier /usr/bin/git go (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE erignore env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name --write **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.prettinpx prettier --check '**/*.cjs' '**/*.ts' '**/*.json' --ignore-path ../../../.pr**/*.json sh -c "prettier" --wriGOSUMDB git /sh rror go /usr/bin/git go (http block)

If you need me to access, download, or install something from one of these locations, you can either:

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

Copilot AI linked an issue Mar 17, 2026 that may be closed by this pull request
[cli-tools-test] Audit report: downloaded_files paths are relative instead of absolute #21308
Closed
@pelikhan
fix: use absolute paths for downloaded_files in audit report
d90d4de 
The extractDownloadedFiles function was converting absolute paths to
relative paths using filepath.Rel(cwd, fullPath), producing confusing
paths like ../../../../../tmp/gh-aw/... when the cwd is deep in the
repo directory.

Replace the relative path calculation with filepath.Abs to always
return absolute paths that are directly usable by callers.

Fixes #<issue>

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] [cli-tools-test] Fix downloaded_files paths to be absolute fix(audit): return absolute paths in downloaded_files Mar 17, 2026
Copilot AI requested a review from pelikhan March 17, 2026 03:51
@pelikhan pelikhan marked this pull request as ready for review March 17, 2026 03:53
Copilot AI review requested due to automatic review settings March 17, 2026 03:53
Copilot AI reviewed Mar 17, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes audit report output so downloaded_files[*].path values are absolute (instead of being relative to the process working directory), making paths directly usable by callers.

Changes:

  • Update extractDownloadedFiles to emit absolute file paths via filepath.Abs (removing prior Getwd/filepath.Rel behavior).
  • Extend audit report helper tests to assert downloaded file paths are absolute.
  • Refresh test comments that previously referred to relative paths.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
pkg/cli/audit_report.go Switch downloaded file path generation to absolute paths for reliable downstream consumption.
pkg/cli/audit_report_helpers_test.go Add filepath.IsAbs assertions and update comments to align with absolute-path behavior.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

@pelikhan pelikhan merged commit 5183372 into main Mar 17, 2026
115 checks passed
@pelikhan pelikhan deleted the copilot/cli-tools-test-update-downloaded-files-paths branch March 17, 2026 04:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[cli-tools-test] Audit report: downloaded_files paths are relative instead of absolute

3 participants

@pelikhan