Skip to content

docs: clarify safeoutputs deferred writes#39694

Merged
pelikhan merged 3 commits into
mainfrom
ace/01KV9A5A6V21FRTXZ33CK21EW7
Jun 17, 2026
Merged

docs: clarify safeoutputs deferred writes#39694
pelikhan merged 3 commits into
mainfrom
ace/01KV9A5A6V21FRTXZ33CK21EW7

Conversation

@pelikhan

@pelikhan pelikhan commented Jun 16, 2026
edited by github-actions Bot
Loading

Copy link
Copy Markdown
Collaborator

Summary

Two targeted documentation improvements to safe_outputs_prompt.md that reduce agent confusion around deferred write semantics and the safeoutputs invocation model.

  1. Return-code trust guidance (dc0356091): adds an explicit paragraph instructing agents not to re-verify a successful safe-output transaction via gh / gh api. Because safe-output writes are applied after the agent finishes, the current sandbox will never reflect them; polling for confirmation is both wasteful and misleading.

  2. Deferred-write & temporary_id clarifications (0ef5d6ca8): tightens the temporary_id description to read "cross-reference field for future resources created by safe outputs" — making clear that the field is meaningful only for resources that do not exist yet at call time.

Changed files

File Type Description
actions/setup/md/safe_outputs_prompt.md modified New "Trust successful tool responses" rule block; temporary_id scoped to future resources

Detailed changes

actions/setup/md/safe_outputs_prompt.md

Added — trust rule (dc0356091)

Addresses a recurring agent failure mode: the agent calls a safe-output tool successfully, then immediately calls gh api to check whether the PR/issue was created, gets a 404 (because the write has not landed yet), and either retries or calls report_incomplete unnecessarily.

Modified — temporary_id description (0ef5d6ca8)

  • Before: optional cross-reference field
  • After: optional cross-reference field for future resources created by safe outputs

Clarifies scope: only relevant when the safe-output call will create a resource that does not exist yet.

Impact

Dimension Assessment
Breaking No
Audience Agents reading the safe-outputs prompt at runtime
Risk Low — documentation only; no code or schema changes
Urgency Medium — the trust-successful-responses rule addresses an active failure pattern

Generated by PR Description Updater for issue #39694 ·

@pelikhan
docs: add safe-output return code trust guidance
dc03560 
Co-authored-by: Peli de Halleux <4175913+pelikhan@users.noreply.github.com>
Copilot AI review requested due to automatic review settings June 16, 2026 23:00
Copilot AI reviewed Jun 16, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the safe-outputs prompt documentation to clarify how agents should interpret successful safe-output tool calls, with the goal of preventing unnecessary and potentially misleading post-write verification attempts in the sandbox environment.

Changes:

  • Added guidance to treat successful safe-output tool calls as authoritative confirmation of persistence.
  • Discouraged verifying safe-output writes via gh api or other read paths due to potential sandbox staleness.
Show a summary per file
File Description
actions/setup/md/safe_outputs_prompt.md Adds a documentation paragraph clarifying trust in successful safe-output tool calls and discouraging independent verification reads.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 1/1 changed files
  • Comments generated: 1

Comment thread actions/setup/md/safe_outputs_prompt.md Outdated

**Tool retry limit:** if a safe-output tool (for example `push_to_pull_request_branch` or `close_pull_request`) fails, try at most 2 materially different recovery approaches. If the tool still fails, call `report_incomplete` with the error and the approaches attempted, then continue with other work. Do NOT debug underlying infrastructure after repeated failures.

**Trust tool return codes.** A successful (exit 0) safe-output call means the action was persisted. Do NOT independently verify writes via `gh api` or other read paths — the sandbox may return stale data that does not reflect safe-output writes. Treat a zero exit code as authoritative confirmation.
@github-actions

This comment has been minimized.

Sign in to view
@github-actions

This comment has been minimized.

Sign in to view
dsyme
dsyme reviewed Jun 16, 2026
View reviewed changes
Comment thread actions/setup/md/safe_outputs_prompt.md Outdated

**Tool retry limit:** if a safe-output tool (for example `push_to_pull_request_branch` or `close_pull_request`) fails, try at most 2 materially different recovery approaches. If the tool still fails, call `report_incomplete` with the error and the approaches attempted, then continue with other work. Do NOT debug underlying infrastructure after repeated failures.

**Trust tool return codes.** A successful (exit 0) safe-output call means the action was persisted. Do NOT independently verify writes via `gh api` or other read paths — the sandbox may return stale data that does not reflect safe-output writes. Treat a zero exit code as authoritative confirmation.

@dsyme dsyme Jun 16, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the sandbox may return stale data that does not reflect safe-output writes

This doesn't feel right - shouldn't we just say that the safe outputs are actually written in a subsequent separate job?

@pelikhan pelikhan Jun 16, 2026

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

refining.

@pelikhan

pelikhan commented Jun 16, 2026

Copy link
Copy Markdown
Collaborator Author

@copilot describe what safeoutputs does: safeoutputs records transactions that will be applied after the agent is done. Therefore, effects of the safeoutputs are not visible when running gh or github tools. Use temporary ids to refer to "future" resources that will be created by safe outputs.

@github-actions

github-actions Bot commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

✅ smoke-ci: safeoutputs CLI comment + comment-memory run (27654928777)

Generated by 🧪 Smoke CI for issue #39694 ·

@pelikhan
docs: clarify safeoutputs deferred writes
0ef5d6c 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

@copilot describe what safeoutputs does: safeoutputs records transactions that will be applied after the agent is done. Therefore, effects of the safeoutputs are not visible when running gh or github ...

Updated in 0ef5d6c to describe safeoutputs as recording deferred transactions that are applied after the agent completes, and to clarify that temporary IDs are for referring to those future resources.

Copilot AI changed the title docs: clarify safe-output tool authority docs: clarify safeoutputs deferred writes Jun 16, 2026
@github-actions github-actions Bot mentioned this pull request Jun 17, 2026
Closed
@pelikhan pelikhan merged commit f443b82 into main Jun 17, 2026
@pelikhan pelikhan deleted the ace/01KV9A5A6V21FRTXZ33CK21EW7 branch June 17, 2026 02:16
@github-actions github-actions Bot mentioned this pull request Jun 17, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dsyme dsyme dsyme left review comments

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pelikhan @dsyme