Skip copilot-requests tip for individual (non-org) repository owners#39923
Merged
Conversation
The copilot-requests: write tip recommends GitHub Actions token-based inference, which requires centralized Copilot billing only available to organizations. Suppress the tip when the repository owner is confirmed to be an individual User account via the GitHub API, while preserving prior behavior (tip shown) whenever the owner type cannot be determined.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR refines the permissions validation “tip” shown for Copilot workflows by suppressing the permissions.copilot-requests: write recommendation when the repository owner is confirmed (via the GitHub API) to be an individual user account, since centralized Copilot billing is org-only.
Changes:
- Gate the Copilot “token-based inference” tip behind a new compiler check that confirms the repo owner type is not an individual
User. - Add a per-compiler cache for owner type lookups to avoid repeated GitHub API calls during batch compilation.
Show a summary per file
| File | Description |
|---|---|
| pkg/workflow/permissions_compiler_validator.go | Adds repositoryOwnerIsIndividualUser() and uses it to suppress the copilot-requests tip for personal repo owners. |
| pkg/workflow/compiler_types.go | Adds an ownerTypeCache field on Compiler to memoize owner type lookups by owner login. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 2/2 changed files
- Comments generated: 1
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Contributor
|
✅ smoke-ci: safeoutputs CLI comment + comment-memory run (27728264206)
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Skip
copilot-requeststip for individual (non-org) repository ownersSummary
The
copilot-requests: writepermission tip advises users to enable GitHub Actions token-based Copilot inference instead of a personal access token. That feature requires centralized Copilot billing, which is only available to GitHub organizations — individual user accounts cannot use it. Previously the tip was always emitted whenever a workflow met the eligibility conditions, generating confusing noise for personal-repo owners who can never act on it.This PR suppresses the tip whenever the repository owner is confirmed to be an individual
Useraccount via the GitHub API, while preserving the prior behaviour (tip shown) in every case where the owner type cannot be determined.Changes
pkg/workflow/compiler_types.goownerTypeCache map[string]stringfield to theCompilerstruct.Caches GitHub API owner-type results (e.g.
"User","Organization","") keyed by owner login to avoid redundant API round-trips within a single compilation.pkg/workflow/permissions_compiler_validator.gorepositoryOwnerIsIndividualUser() boolmethod onCompiler.c.repositorySlugintoowner/repocomponents; returnsfalseif the slug is absent or malformed.gh api /users/{owner} --jq .typeand writes the result intoownerTypeCache.trueonly when the API confirms the type is"User".false(tip shown) on any API error, authentication failure, or network issue, preserving the previous default behaviour for ambiguous cases.copilot-requests: writetip emission with!c.repositoryOwnerIsIndividualUser(), so the tip is suppressed only for confirmed individual owners.Motivation / Design decisions
falseis returned forOrganizationtype → tip is shown as beforefalse→ tip shown; no regressionownerTypeCacheprevents multiple API calls for the same owner within one sessionfalse→ tip shown; no panicThe fail-safe default (
false→ show tip) means this change is strictly a noise-reduction improvement for individual users with zero regression risk for org users or offline environments.Commits
dda145e14aaa71Risk
Low. The change is additive: a new cached API call gates an informational tip. No permissions are altered, no compilation output changes for org-owned repos, and all error paths preserve the prior behaviour.