Merged
Conversation
Add three new glossary entries from March 4 daily scan: - Activation Token (on.github-token, on.github-app) - Integrity (safe output security metadata) - Secrecy (safe output security metadata) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
github-actions
bot
added
documentation
pelikhan
approved these changes
Mar 4, 2026
pelikhan
deleted the
docs/glossary-daily-scan-2026-03-04-dcf8fd8b03beda09
branch
Contributor
There was a problem hiding this comment.
Pull request overview
Updates the documentation glossary with newly introduced configuration and metadata terms from recent changes.
Changes:
- Adds glossary entries for safe output security metadata fields: Secrecy and Integrity
- Adds a glossary entry for Activation Token configuration (
on.github-token,on.github-app) used by the activation job
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
|
|
||
| ### Activation Token (`on.github-token:`, `on.github-app:`) | ||
|
|
||
| Custom GitHub token or GitHub App used by the activation job to post reactions and status comments on the triggering item. Configured via `github-token:` (for a PAT or token expression) or `github-app:` (to mint a short-lived installation token) inside the `on:` section. Affects only the activation job — agent job tokens are configured separately via `tools.github.github-token` or `safe-outputs.github-app`. See [Authentication Reference](/gh-aw/reference/auth/). |
There was a problem hiding this comment.
The Activation Token entry’s last sentence lists token configuration paths inconsistently/incompletely. It currently mentions only tools.github.github-token and safe-outputs.github-app, but the docs elsewhere describe both token+app options for both tools.github and safe-outputs (e.g., tools.github.github-token/tools.github.github-app and safe-outputs.github-token/safe-outputs.github-app). Consider updating this sentence to include the full set (or align wording with docs/reference/triggers.md:350).
Suggested change
| Custom GitHub token or GitHub App used by the activation job to post reactions and status comments on the triggering item. Configured via `github-token:` (for a PAT or token expression) or `github-app:` (to mint a short-lived installation token) inside the `on:` section. Affects only the activation job — agent job tokens are configured separately via `tools.github.github-token` or `safe-outputs.github-app`. See [Authentication Reference](/gh-aw/reference/auth/). | |
| Custom GitHub token or GitHub App used by the activation job to post reactions and status comments on the triggering item. Configured via `github-token:` (for a PAT or token expression) or `github-app:` (to mint a short-lived installation token) inside the `on:` section. Affects only the activation job — agent job tokens are configured separately via `tools.github.github-token`/`tools.github.github-app` or `safe-outputs.github-token`/`safe-outputs.github-app`. See [Authentication Reference](/gh-aw/reference/auth/). |
This was referenced Mar 4, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Glossary Updates - 2026-03-04
Scan Type
Terms Added
on.github-token:,on.github-app:): New configuration fields added in Add configuration for activation GitHub token #19427 for customizing the GitHub token or GitHub App used by the activation job.Terms Updated
None.
Changes Analyzed
4e5e198(secrecy/integrity fields),f03bfa1(activation token impl),7bd718b(activation token docs)Related Changes
4e5e198: Display secrecy and integrity fields in safe output step summary renderer (Display secrecy and integrity fields in safe output step summary renderer #19552)f03bfa1: Add configuration for activation GitHub token (Add configuration for activation GitHub token #19427)7bd718b: Update documentation for on.github-token and on.github-app fields