Skip to content

feat: add create-wiki-page safe output#61

Merged
jamesadevine merged 3 commits into
mainfrom
copilot/create-wiki-page-safe-output
Mar 20, 2026
Merged

feat: add create-wiki-page safe output#61
jamesadevine merged 3 commits into
mainfrom
copilot/create-wiki-page-safe-output

Conversation

Copilot AI commented Mar 19, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Adds create-wiki-page as a new safe output tool, complementing edit-wiki-page. Creation fails if the page already exists (directing the agent to use edit-wiki-page instead), while edit-wiki-page fails if the page doesn't exist.

Changes

  • src/tools/create_wiki_page.rs — New tool implementation mirroring edit-wiki-page:

    • Same config shape: wiki-name, wiki-project, path-prefix, title-prefix, comment
    • GET-then-guard pattern: rejects if page already exists, then PUTs with If-Match: "" for atomic create-only semantics (412 from the API is surfaced as a clean conflict failure, closing the TOCTOU race)
    • Validation rejects bare / and slash-only paths in addition to the standard checks (empty, null bytes, ..)
    • Default commit comment: "Created by agent"
    • Full sanitization, path traversal protection, and path-prefix enforcement

  • src/compile/common.rs — Added create-wiki-page to WRITE_REQUIRING_SAFE_OUTPUTS; compilation fails without permissions.write

  • src/execute.rs — Dispatch case for create-wiki-page

  • src/mcp.rs — Exposes create-wiki-page as an MCP tool with identical sanitization pipeline to edit-wiki-page

Example front matter

permissions:
  write: my-write-sc
safe-outputs:
  create-wiki-page:
    wiki-name: "MyProject.wiki"
    path-prefix: "/agent-output"
    title-prefix: "[Agent] "
    comment: "Created by agent"

⌨️ Start Copilot coding agent tasks without leaving your editor — available in VS Code, Visual Studio, JetBrains IDEs and Eclipse.

@jamesadevine
feat: add create-wiki-page safe output tool
2be4efe 
Co-authored-by: jamesadevine <4742697+jamesadevine@users.noreply.github.com>
Copilot AI changed the title [WIP] Add create wiki page safe output feat: add create-wiki-page safe output Mar 19, 2026
Copilot AI requested a review from jamesadevine March 19, 2026 22:53
@jamesadevine

jamesadevine commented Mar 19, 2026

Copy link
Copy Markdown
Collaborator

/rust-review

@github-actions

github-actions Bot commented Mar 19, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Rust PR Reviewer completed successfully!

@github-actions

github-actions Bot commented Mar 19, 2026

Copy link
Copy Markdown
Contributor

🔍 Rust PR Review

Summary: Looks good overall — solid security posture with a couple of correctness/testing concerns worth addressing.

Findings

🐛 Bugs / Logic Issues

  • src/tools/create_wiki_page.rs:280-293 — PUT without If-Match is an upsert, not a create-only
    The ADO Wiki Pages API (PUT pages) [creates or edits]((learn.microsoft.com/redacted) when no If-Match header is provided. The GET-then-guard pattern correctly blocks the common case, but a TOCTOU race between the GET (404) and the PUT allows a concurrent request to create the page first — then the second PUT will silently update the existing page, violating the stated "create-only" contract. To make the guarantee atomic, consider using If-Match: "" (an empty ETag string), which some ADO APIs interpret as "create only — fail with 412 if the resource already exists." If the API supports it, a 412 response should then be surfaced as a clean failure message rather than an opaque HTTP error.

⚠️ Suggestions

  • src/tools/create_wiki_page.rs:742-773 — Guard tests don't cover execute_impl
    test_page_already_exists_guard_returns_failure and test_new_page_passes_guard duplicate the guard logic inline and test a local if page_exists { … } conditional, not the actual code path inside execute_impl. If the guard were accidentally removed from execute_impl, both tests would still pass. Consider replacing them with a direct call to result.execute_impl(&ctx).await using a mock HTTP layer, or at minimum leave a comment noting these test the logic prototype rather than the live code.

  • src/tools/create_wiki_page.rs:29-50path = "/" passes validation
    A bare / passes all three validate() checks (non-empty, no null bytes, no ..). After apply_title_prefix("/", "[Agent] "), this yields "/[Agent] " — a page with a trailing-space title. If this matters to you, add ensure!(self.path.trim_matches('/') != "", "path must contain at least one non-slash segment"). The path-prefix config mitigates this in practice, but an unconfigured deployment is exposed.

✅ What Looks Good

  • Defense-in-depth sanitization: path control-char stripping happens at MCP layer (Stage 1) and again via Executor::execute_sanitized (Stage 2) — the layering is correct and matches the existing edit_wiki_page pattern.
  • Belt-and-suspenders path traversal check: .. is rejected at validate() time and re-checked after normalize_wiki_path in execute_impl before any network call. Good.
  • Path-prefix enforcement: The prefix check correctly uses starts_with("{prefix}/") (not bare starts_with(prefix)), so /agent-output-extra/foo is not incorrectly allowed under /agent-output. Well done.
  • URL encoding: wiki_name and project are utf8_percent_encode-d into base_url; path and comment are passed via reqwest's .query() which URL-encodes them automatically. No injection risk.
  • Test coverage: Comprehensive unit tests for validation edge cases, sanitization, path helpers, config deserialization, and executor error paths. The integration tests for the write-SC requirement gate compile correctly too.

Generated by Rust PR Reviewer for issue #61 ·

@jamesadevine

jamesadevine commented Mar 20, 2026

Copy link
Copy Markdown
Collaborator

@copilot 🐛 Bugs / Logic Issues
src/tools/create_wiki_page.rs:280-293 — PUT without If-Match is an upsert, not a create-only
The ADO Wiki Pages API (PUT pages) [creates or edits]((learn.microsoft.com/redacted) when no If-Match header is provided. The GET-then-guard pattern correctly blocks the common case, but a TOCTOU race between the GET (404) and the PUT allows a concurrent request to create the page first — then the second PUT will silently update the existing page, violating the stated "create-only" contract. To make the guarantee atomic, consider using If-Match: "" (an empty ETag string), which some ADO APIs interpret as "create only — fail with 412 if the resource already exists." If the API supports it, a 412 response should then be surfaced as a clean failure message rather than an opaque HTTP error.
⚠️ Suggestions
src/tools/create_wiki_page.rs:742-773 — Guard tests don't cover execute_impl
test_page_already_exists_guard_returns_failure and test_new_page_passes_guard duplicate the guard logic inline and test a local if page_exists { … } conditional, not the actual code path inside execute_impl. If the guard were accidentally removed from execute_impl, both tests would still pass. Consider replacing them with a direct call to result.execute_impl(&ctx).await using a mock HTTP layer, or at minimum leave a comment noting these test the logic prototype rather than the live code.

src/tools/create_wiki_page.rs:29-50 — path = "/" passes validation
A bare / passes all three validate() checks (non-empty, no null bytes, no ..). After apply_title_prefix("/", "[Agent] "), this yields "/[Agent] " — a page with a trailing-space title. If this matters to you, add ensure!(self.path.trim_matches('/') != "", "path must contain at least one non-slash segment"). The path-prefix config mitigates this in practice, but an unconfigured deployment is exposed.

@jamesadevine
fix: harden create-wiki-page with If-Match and bare-slash validation
ecd27a0 
Co-authored-by: jamesadevine <4742697+jamesadevine@users.noreply.github.com>

Copilot AI commented Mar 20, 2026
edited
Loading

Copy link
Copy Markdown
Contributor Author

@copilot 🐛 Bugs / Logic Issues
src/tools/create_wiki_page.rs:280-293 — PUT without If-Match is an upsert, not a create-only
The ADO Wiki Pages API (PUT pages) [creates or edit...

Addressed all three points in ecd27a0:

Bug (TOCTOU / upsert): The PUT now sends If-Match: "", which the ADO API interprets as create-only and returns 412 if the page already exists. A 412 response is caught before the generic error handler and surfaced as a clean, actionable message pointing to edit-wiki-page.

Guard tests: Added clarifying doc-comments to test_page_already_exists_guard_returns_failure and test_new_page_passes_guard explaining that they test the logic prototype in isolation, not execute_impl directly, and pointing to the higher-level tests that cover the live code path.

Bare-slash path: Added ensure!(self.path.trim_matches('/') != "", …) in validate() plus two new test cases (test_validation_rejects_bare_slash_path and test_validation_rejects_multiple_slash_only_path).

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • api.github.com (HTTP Only)
    • Triggering command: /home/REDACTED/work/ado-aw/ado-aw/target/debug/ado-aw /home/REDACTED/work/ado-aw/ado-aw/target/debug/ado-aw proxy --allow api.github.com mcp_macros.3372feaf42b34d35-cgu.4.rcgu.o mcp_macros.3372feaf42b34d35-cgu.5.rcgu.o 1adf0aea8ce.rlib-Wl,-Bstatic 2gtxvzvfdqzv74loo4o5qz89.rcgu.o nt-f46ef8ed01dd1cc lib/rustlib/x86_-Wl,--version-script=/home/REDACTED/work/ado-aw/ado-aw/target/debug/de�� ib dc.rlib b lib/rustlib/x86_/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/thiserror_impl-3723d82190d9318cc .rlib f/document-featu/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/thiserror_impl-3723d82190d9318/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/rustcII71ev/symbols.o s/displaydoc-bc1bash s/displaydoc-bc1--norc s/displaydoc-bc1--noprofile s/displaydoc-bc1/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/thiserror_impl-3723d82190d9318/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/compiler_tests-5a5efbd9feebf11b.0dx997ws7aolj1y340bx0d6e5.0pstvk5.rcgu.o (packet block)
  • dev.azure.com
    • Triggering command: /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/ado_aw-65dae42eaa050fb2 /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/ado_aw-65dae42eaa050fb2 create_wiki -C embed-bitcode=no -C debuginfo=2 --warn=unused_qualifications ed-0.7.1/src/lib.rs --warn=unused_extern_crates --warn=unreachable_pub --warn=unnameable_types --warn=unexpected_cfgs lib/�� lib/rustlib/x86_/home/REDACTED/work/ado-aw/ado-aw/target/debug/build/thiserror-3e48c07ae3edde61/bucc lib/rustlib/x86_-Wl,--as-needed bin/rustc lib/rustlib/x86_/home/REDACTED/.rustup/toolchains/stable-x86_64-REDACTED-linux-gnu/bin/rustc 0b7c67-cgu.0.rcg--crate-name u.o bin/rustc (dns block)
    • Triggering command: /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/ado_aw-65dae42eaa050fb2 /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/ado_aw-65dae42eaa050fb2 /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/async_trait-0d9946b44b5e2a43.a/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/mcp_firewall_tests-551a308b9470e408.2ap69xa5jhcu8bzvi8nf665ru.13u5ck2.rcgu.o /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/async_trait-0d9946b44b5e2a43.a/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/mcp_firewall_tests-551a308b9470e408.2l7sln5w36yyxwfvup96uk3iy.13u5ck2.rcgu.o /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/async_trait-0d9946b44b5e2a43.a/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/mcp_firewall_tests-551a308b9470e408.2z3o4ny3w29nexl27pg3lovk0.13u5ck2.rcgu.o /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/async_trait-0d9946b44b5e2a43.a/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/mcp_firewall_tests-551a308b9470e408.31ku1szu3n6wt3joczv7xzi8i.13u5ck2.rcgu.o /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/async_trait-0d9946b44b5e2a43.a/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/mcp_firewall_tests-551a308b9470e408.3q1z69vza816v6i52bhfjdqwn.13u5ck2.rcgu.o 05cul8qphqegfqe5vic.0nhp5vj.rcgu.o bchxj5yr94ahs4uiq41.0nhp5vj.rcgu.o 42tewky4t3axv1e0v3o.0nhp5vj.rcgu.o tamcv8pelds7pg803nq.0nhp5vj.rcgu.o o1qt1fu51yw4s960xxh.0nhp5vj.rcgu.o 9jfck0qlt9cucd11yai.0nhp5vj.rcgu.o 1q7pujhh1t2ayzuhlwh.0nhp5vj.rcgu.o r86157martb2448fzwm.0nhp5vj.rcgu.o t8m3ffxun9cl6hrf8bh.0nhp5vj.rcgu.o lkh6kzls2sf8jzzx78f.0nhp5vj.rcgu.o volwpbh40xx446gvcm4.0nhp5vj.rcgu.o ev4plz0odikumibizcr.0nhp5vj.rcgu.o flzgx6ry7ccfo5lsi4s.0nhp5vj.rcgu.o qhyocllqa2erwplpitv.0nhp5vj.rcgu.o (dns block)
    • Triggering command: /home/REDACTED/work/ado-aw/ado-aw/target/debug/ado-aw /home/REDACTED/work/ado-aw/ado-aw/target/debug/ado-aw proxy --allow api.github.com --allow dev.azure.com --allow *.visualstudio.com nt-f46ef8ed01dd1cc lib/rustlib/x86_-Wl,--version-script=/home/REDACTED/work/ado-aw/ado-aw/target/debug/de�� ib dc.rlib b lib/rustlib/x86_/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/thiserror_impl-3723d82190d9318cc .rlib mbols.o res-29c722fcdd0cbash res-29c722fcdd0c--norc res-29c722fcdd0c--noprofile res-29c722fcdd0c/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/thiserror_impl-3723d82190d9318/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/compiler_tests-5a5efbd9feebf11b.0dx997ws7aolj1y340bx0d6e5.0pstvk5.rcgu.o (dns block)
  • msazuresphere.visualstudio.com
    • Triggering command: /home/REDACTED/work/ado-aw/ado-aw/target/debug/ado-aw /home/REDACTED/work/ado-aw/ado-aw/target/debug/ado-aw proxy --allow api.github.com --allow dev.azure.com --allow *.visualstudio.com nt-f46ef8ed01dd1cc lib/rustlib/x86_-Wl,--version-script=/home/REDACTED/work/ado-aw/ado-aw/target/debug/de�� ib dc.rlib b lib/rustlib/x86_/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/thiserror_impl-3723d82190d9318cc .rlib mbols.o res-29c722fcdd0cbash res-29c722fcdd0c--norc res-29c722fcdd0c--noprofile res-29c722fcdd0c/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/thiserror_impl-3723d82190d9318/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/compiler_tests-5a5efbd9feebf11b.0dx997ws7aolj1y340bx0d6e5.0pstvk5.rcgu.o (dns block)
  • raw.github.com
    • Triggering command: /home/REDACTED/work/ado-aw/ado-aw/target/debug/ado-aw /home/REDACTED/work/ado-aw/ado-aw/target/debug/ado-aw proxy --allow *.github.com /lib64/ld-linux-x86-64.so.2 -pie -z now -z relro -o /home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/ado_aw-5c39ca9a324ebf83 b lib/rustlib/x86_/home/REDACTED/work/ado-aw/ado-aw/target/debug/deps/thiserror_impl-3723d82190d9318/usr/libexec/gcc/x86_64-linux-gnu/13/collect2 .rlib lib/rustlib/x86_64-REDACTED-linux-gnu/bin/self-contained/cc lib/rustlib/x86_/home/REDACTED/.rustup/toolchains/stable-x86_64-REDACTED-linux-gnu/lib/rustlib/x86_-plugin-opt=/usr/libexec/gcc/x86_64-linux-gnu/13/lto-wrapper lib/rustlib/x86_-flavor lib/rustlib/x86_gnu lib/rustlib/x86_-plugin (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

@jamesadevine jamesadevine marked this pull request as ready for review March 20, 2026 10:34
@jamesadevine jamesadevine merged commit 87d6527 into main Mar 20, 2026
9 of 11 checks passed
@github-actions github-actions Bot mentioned this pull request Mar 20, 2026
Merged
@github-actions github-actions Bot mentioned this pull request Apr 1, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@jamesadevine jamesadevine jamesadevine approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@jamesadevine jamesadevine

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jamesadevine