Add ifc label for get_me tool#2432
Merged
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds an IFC (Information Flow Control) label to the get_me tool’s call result metadata when InsidersMode is enabled, backed by a new pkg/ifc package implementing lattice structures and reader-based confidentiality labels.
Changes:
- Introduces a new
pkg/ifcpackage with core lattice types, inverse lattice support, and a reader-set powerset lattice used to construct IFC labels. - Adds a
LabelGetMe()helper that returns a “public + trusted” readers-based security label. - Updates
get_meto include the IFC label inCallToolResult.Metain insiders mode, and adds a focused test to validate meta behavior.
Show a summary per file
| File | Description |
|---|---|
| pkg/ifc/readers_lattice.go | Adds reader-set powerset lattice and ReadersSecurityLabel (incl. JSON serialization) for reader-based confidentiality. |
| pkg/ifc/lattice.go | Adds generic lattice interfaces and basic confidentiality/integrity lattice implementations plus product/inverse lattice helpers. |
| pkg/ifc/labelling_engine_readers.go | Adds LabelGetMe() helper for the get_me tool’s IFC label. |
| pkg/github/context_tools.go | Conditionally attaches the IFC label to get_me call result metadata when insiders mode is enabled. |
| pkg/github/context_tools_test.go | Adds tests asserting get_me includes/omits IFC meta depending on insiders mode. |
Copilot's findings
- Files reviewed: 5/5 changed files
- Comments generated: 7
Comment on lines
+107
to
+113
| result := MarshalledTextResult(minimalUser) | ||
| if deps.GetFlags(ctx).InsidersMode { | ||
| result.Meta = mcp.Meta{ | ||
| "ifc": ifc.LabelGetMe(), | ||
| } | ||
| } | ||
| return result, nil, nil |
…tion, and tests - Fix grammar in ReadersSecurityLabelFromDict godoc - Sort GetReaders and FiniteReaderSet.String output for determinism - Fix godoc example to use UniversalReaders for public label - Panic on unsupported ReaderSet types in Union/Intersection/IsSubset - Add universe mismatch validation in PowersetLattice Join/Meet/Leq - Add comprehensive unit tests for pkg/ifc (lattice laws, serialization, panics)
gokhanarkan
reviewed
May 6, 2026
gokhanarkan
reviewed
May 6, 2026
gokhanarkan
reviewed
May 6, 2026
Member
gokhanarkan
left a comment
There was a problem hiding this comment.
Some comments to make sure we align on the spec!
omgitsads
approved these changes
May 11, 2026
This was referenced May 11, 2026
gokhanarkan
added a commit
that referenced
this pull request
May 12, 2026
* Add ifc label for list_issues tool Emits an IFC SecurityLabel on the list_issues tool result when the InsidersMode flag is enabled, mirroring the pattern landed for get_me in #2432. Public repositories are labelled PublicUntrusted; private repositories are labelled PrivateUntrusted with the repository owner as a placeholder reader (full collaborator enumeration is intentionally deferred to a follow-up shared helper). A new IsPrivate field is added to the ListIssues GraphQL query types so visibility is available without a second round trip. Refs github/copilot-mcp-core#1623, github/copilot-mcp-core#1389. * list_issues: populate readers with repo collaborators Addresses Joanna's review feedback: for private repositories, populate the IFC confidentiality reader set with the repository's collaborator logins instead of the [owner] placeholder. Adds an exported FetchRepoCollaborators helper in pkg/github/repositories.go that paginates through Repositories.ListCollaborators. Mirrors the helper in github-mcp-server-remote (without the cache for now; cache can land in a follow-up). The lookup is invoked only for private repos under InsidersMode; if it fails we fall back to [owner] so the reader set is never empty for a private repo.
This was referenced May 12, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds minimal IFC security label annotations to
get_metool output behind--insidersflag.What changed
pkg/ifc/lattice implementation with a lightweightSecurityLabelstruct usingIntegrityandConfidentialityenums — annotation only, no lattice algebra. The enforcement engine lives in a separate service.get_mesetsresult.Meta["ifc"]with{"integrity":"trusted","confidentiality":["public"]}when insiders mode is enabled.script/get-meto reliably capture and display the label.MCP impact
get_meresult includes_meta.ifcin insiders mode only. No change to stable behavior.Security / limits
Tool renaming
Lint & tests
./script/lint./script/testDocs