Skip to content

fix: remove unused exports from public API surface (batch 2)#3265

Merged
lpcox merged 2 commits into
mainfrom
fix/export-audit-batch-2
May 16, 2026
Merged

fix: remove unused exports from public API surface (batch 2)#3265
lpcox merged 2 commits into
mainfrom
fix/export-audit-batch-2

Conversation

@lpcox
Copy link
Copy Markdown
Collaborator

@lpcox lpcox commented May 16, 2026

Summary

Removes three unnecessary exports from the public API surface, addressing the remaining open [Export Audit] issues.

Changes

Issue File Symbol Fix
#3242 src/config-file.ts AwfFileConfig Removed export — callers use type inference, no external imports
#3244 src/host-iptables-network.ts cleanupFirewallNetwork Made module-private, exposed via testHelpers for tests
#3245 src/commands/subcommands.ts validateFormat, handlePredownloadAction Removed export — internal helpers, existing tests already assert these must not be in public API

Verification

  • Build passes (npm run build)
  • All 135 affected tests pass
  • No external consumers of any removed export

Closes #3242, closes #3244, closes #3245

@lpcox
fix: remove unused exports from public API surface
a6f5640 
- Remove export from AwfFileConfig interface in config-file.ts (#3242)
  Callers use type inference, no external imports exist.

- Remove export from cleanupFirewallNetwork in host-iptables-network.ts (#3244)
  Only used in tests; exposed via testHelpers object.

- Remove export from validateFormat and handlePredownloadAction in
  subcommands.ts (#3245) — internal helpers, tests already assert
  these must not be in public API.

Closes #3242, closes #3244, closes #3245

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings May 16, 2026 18:55
@lpcox lpcox requested a review from Mossaka as a code owner May 16, 2026 18:55
Copilot AI reviewed May 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Removes three unused exports from the public API surface to keep internal helpers from leaking into module barrels, addressing the export-audit issues #3242, #3244, and #3245.

Changes:

  • Drops export from AwfFileConfig interface in src/config-file.ts (annotated @internal).
  • Makes cleanupFirewallNetwork module-private and exposes it to tests via a testHelpers object; test file updated to import via the helper.
  • Drops export from validateFormat and handlePredownloadAction internal helpers in src/commands/subcommands.ts.
Show a summary per file
File Description
src/config-file.ts De-exports the internal AwfFileConfig interface.
src/host-iptables-network.ts Makes cleanupFirewallNetwork private; re-exposes via testHelpers for tests.
src/host-iptables-network.test.ts Updates import to access cleanupFirewallNetwork via testHelpers.
src/commands/subcommands.ts Removes export from validateFormat and handlePredownloadAction.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 4/4 changed files
  • Comments generated: 1

Comment thread src/commands/subcommands.ts Outdated
@lpcox
Potential fix for pull request finding
1726984 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
This was referenced May 16, 2026
Closed
Open
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 16, 2026

Smoke Test Results

FAIL (2 of 3 tests passed)

Test Result Details
GitHub API HTTP 401: gh CLI authentication failed
Playwright Successfully navigated to github.com, title contains "GitHub"
File verify smoke-test-claude-25970175866.txt exists with expected content

To fix: The gh CLI needs authentication. Use gh auth login to authenticate with GitHub.

💥 [THE END] — Illustrated by Smoke Claude

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 16, 2026

🔬 Smoke Test: Copilot BYOK (Offline) Mode

Test Result
1. GitHub MCP connectivity ❌ GitHub MCP returned 401 (no auth in sandbox)
2. GitHub.com HTTP connectivity ⚠️ Pre-step data not expanded (template vars unexpanded)
3. File write/read ⚠️ Pre-step data not expanded
4. BYOK inference (this response) ✅ Agent responding via api-proxy → api.githubcopilot.com

Running in BYOK offline mode (COPILOT_OFFLINE=true) via api-proxy → api.githubcopilot.com.

Overall: FAIL — workflow template variables (${{ steps.smoke-data.outputs.* }}) were not substituted before reaching the agent, so pre-computed test data is unavailable. Tests 2 & 3 cannot be verified.

🔑 BYOK report filed by Smoke Copilot BYOK

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 16, 2026

🔬 Smoke Test Results

Test Result
GitHub MCP connectivity ❌ 401 Bad credentials
GitHub.com HTTP connectivity ❌ Template vars not expanded (${{ steps.smoke-data.outputs.SMOKE_HTTP_CODE }})
File write/read ❌ Template vars not expanded

Overall: FAIL

Pre-computed step outputs were not passed to the agent (template variables unexpanded). The smoke test infrastructure needs fixing.

📰 BREAKING: Report filed by Smoke Copilot

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 16, 2026

#3259 refactor: split src/host-env.ts into focused modules
#3261 fix: handle grep no-match exit in claude-token-optimizer step
✅ PR title review, Playwright, file write/read, AWF build
❌ safeinputs-gh unavailable; Tavily has zero tools; discussion query unavailable
Overall status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "registry.npmjs.org"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 16, 2026

Chroot Smoke Test Results

Runtime Host Version Chroot Version Match?
Python Python 3.12.13 Python 3.12.3
Node.js v24.15.0 v20.20.2
Go go1.22.12 go1.22.12

Overall: ❌ Not all tests passed — Python and Node.js versions differ between host and chroot.

Tested by Smoke Chroot

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 16, 2026

🏗️ Build Test Suite Results

Ecosystem Project Build/Install Tests Status
Bun elysia 1/1 passed ✅ PASS
Bun hono 1/1 passed ✅ PASS
C++ fmt N/A ✅ PASS
C++ json N/A ✅ PASS
Deno oak N/A 1/1 passed ✅ PASS
Deno std N/A 1/1 passed ✅ PASS
.NET hello-world N/A ✅ PASS
.NET json-parse N/A ✅ PASS
Go color 1/1 passed ✅ PASS
Go env 1/1 passed ✅ PASS
Go uuid 1/1 passed ✅ PASS
Java gson N/A ❌ FAIL
Java caffeine N/A ❌ FAIL
Node.js clsx passed ✅ PASS
Node.js execa passed ✅ PASS
Node.js p-limit passed ✅ PASS
Rust fd 1/1 passed ✅ PASS
Rust zoxide 1/1 passed ✅ PASS

Overall: 7/8 ecosystems passed — ❌ FAIL

❌ Failure Details

Java (gson, caffeine) — Both projects failed with the same error:

[ERROR] Plugin org.apache.maven.plugins:maven-resources-plugin:3.4.0 or one of its
dependencies could not be resolved:
Could not transfer artifact ... from/to central (https://repo.maven.apache.org/maven2):
Network is unreachable

Maven cannot reach Maven Central (repo.maven.apache.org) from this environment. The Maven proxy settings (squid-proxy:3128) were configured in settings.xml, but Maven Central is not in the firewall's allowed domains list for this runner — or the network is otherwise unreachable to that host. All other ecosystems passed successfully.

Generated by Build Test Suite for issue #3265 · ● 4.2M ·

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 16, 2026

Smoke Test Results: FAIL

  • PR Titles: [Unable to fetch merged PRs - mcpscripts tool missing]
  • GitHub MCP Testing: ❌
  • GitHub.com Connectivity: ❌ (SSL error: wrong version number)
  • File Writing Testing: ✅
  • Bash Tool Testing: ✅

Overall Status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • localhost

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "localhost"

See Network Configuration for more information.

💎 Faceted by Smoke Gemini

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 16, 2026

Smoke Test Results

  • Redis PING: ❌ timeout (no response from host.docker.internal:6379)
  • PostgreSQL pg_isready: ❌ no response (host.docker.internal:5432)
  • PostgreSQL SELECT 1: ❌ skipped (pg_isready failed)

Overall: FAIL — Service containers are not reachable via host.docker.internal from this environment.

🔌 Service connectivity validated by Smoke Services

@lpcox lpcox merged commit d487d78 into main May 16, 2026
65 of 68 checks passed
@lpcox lpcox deleted the fix/export-audit-batch-2 branch May 16, 2026 21:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@Mossaka Mossaka Awaiting requested review from Mossaka Mossaka is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

2 participants

@lpcox