fix: move sub-issue and PR review tools to READ_WRITE_OPERATIONS

lpcox · Copilot · lpcox · commit dbc012367481 · 2026-04-15T08:11:42.000-07:00
Address review feedback: granular sub-issue management tools and PR
review tools are decomposed versions of composites already classified
as read-write (sub_issue_write, pull_request_review_write). Keeping
them as pure write would skip read-side secrecy checks and
LabelResponse(), allowing private repo content to bypass enforcement.

Changes:
- Move add_sub_issue, remove_sub_issue, reprioritize_sub_issue from
  WRITE_OPERATIONS to READ_WRITE_OPERATIONS
- Move 7 PR review tools (add_pull_request_review_comment, etc.) from
  WRITE_OPERATIONS to READ_WRITE_OPERATIONS
- Update tests to check is_read_write_operation() consistently
- Add apply_tool_labels tests for all 3 new tool groups (issue update,
  sub-issue management, PR review) asserting writer integrity

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;
diff --git a/guards/github-guard/rust-guard/src/labels/mod.rs b/guards/github-guard/rust-guard/src/labels/mod.rs
@@ -4735,6 +4735,102 @@ mod tests {
         assert_eq!(integrity, writer_integrity(repo_id, &ctx), "sub_issue_write should have writer integrity");
     }
 
+    #[test]
+    fn test_apply_tool_labels_granular_issue_update_writer_integrity() {
+        let ctx = default_ctx();
+        let repo_id = "github/copilot";
+        let tool_args = json!({
+            "owner": "github",
+            "repo": "copilot",
+            "issue_number": 1
+        });
+
+        for tool in &[
+            "update_issue_assignees",
+            "update_issue_body",
+            "update_issue_labels",
+            "update_issue_milestone",
+            "update_issue_state",
+            "update_issue_title",
+            "update_issue_type",
+        ] {
+            let (secrecy, integrity, _desc) = apply_tool_labels(
+                tool,
+                &tool_args,
+                repo_id,
+                vec![],
+                vec![],
+                String::new(),
+                &ctx,
+            );
+
+            // Repo-scoped secrecy (public repo in default_ctx → empty)
+            assert_eq!(secrecy, vec![] as Vec<String>, "{tool} secrecy mismatch");
+            assert_eq!(integrity, writer_integrity(repo_id, &ctx), "{tool} should have writer integrity");
+        }
+    }
+
+    #[test]
+    fn test_apply_tool_labels_granular_sub_issue_tools_writer_integrity() {
+        let ctx = default_ctx();
+        let repo_id = "github/copilot";
+        let tool_args = json!({
+            "owner": "github",
+            "repo": "copilot",
+            "issue_number": 1,
+            "sub_issue_id": 2
+        });
+
+        for tool in &["add_sub_issue", "remove_sub_issue", "reprioritize_sub_issue"] {
+            let (secrecy, integrity, _desc) = apply_tool_labels(
+                tool,
+                &tool_args,
+                repo_id,
+                vec![],
+                vec![],
+                String::new(),
+                &ctx,
+            );
+
+            assert_eq!(secrecy, vec![] as Vec<String>, "{tool} secrecy mismatch");
+            assert_eq!(integrity, writer_integrity(repo_id, &ctx), "{tool} should have writer integrity");
+        }
+    }
+
+    #[test]
+    fn test_apply_tool_labels_granular_pr_review_tools_writer_integrity() {
+        let ctx = default_ctx();
+        let repo_id = "github/copilot";
+        let tool_args = json!({
+            "owner": "github",
+            "repo": "copilot",
+            "pullNumber": 42
+        });
+
+        for tool in &[
+            "add_pull_request_review_comment",
+            "create_pull_request_review",
+            "delete_pending_pull_request_review",
+            "request_pull_request_reviewers",
+            "resolve_review_thread",
+            "submit_pending_pull_request_review",
+            "unresolve_review_thread",
+        ] {
+            let (secrecy, integrity, _desc) = apply_tool_labels(
+                tool,
+                &tool_args,
+                repo_id,
+                vec![],
+                vec![],
+                String::new(),
+                &ctx,
+            );
+
+            assert_eq!(secrecy, vec![] as Vec<String>, "{tool} secrecy mismatch");
+            assert_eq!(integrity, writer_integrity(repo_id, &ctx), "{tool} should have writer integrity");
+        }
+    }
+
     #[test]
     fn test_apply_tool_labels_fork_repository_writer_integrity() {
         let ctx = default_ctx();
diff --git a/guards/github-guard/rust-guard/src/tools.rs b/guards/github-guard/rust-guard/src/tools.rs
@@ -74,19 +74,6 @@ pub const WRITE_OPERATIONS: &[&str] = &[
     // Pre-emptive: gist deletion (gh gist delete)
     "delete_gist", // DELETE /gists/{gist_id}
 
-    // Sub-issue management tools (alongside sub_issue_write composite)
-    "add_sub_issue",          // POST  /repos/.../issues/{number}/sub_issues
-    "remove_sub_issue",       // DELETE/POST — remove sub-issue link
-    "reprioritize_sub_issue", // PATCH — reorder sub-issues
-
-    // PR review tools (alongside pull_request_review_write composite)
-    "add_pull_request_review_comment",    // POST /repos/.../pulls/{number}/comments
-    "create_pull_request_review",         // POST /repos/.../pulls/{number}/reviews
-    "delete_pending_pull_request_review", // DELETE /repos/.../pulls/{number}/reviews/{id}
-    "request_pull_request_reviewers",     // POST /repos/.../pulls/{number}/requested_reviewers
-    "resolve_review_thread",              // PUT  /graphql — resolveReviewThread
-    "submit_pending_pull_request_review", // POST /repos/.../pulls/{number}/reviews/{id}/events
-    "unresolve_review_thread",            // PUT  /graphql — unresolveReviewThread
 ];
 
 /// Read-write operations that both read and modify data
@@ -113,6 +100,20 @@ pub const READ_WRITE_OPERATIONS: &[&str] = &[
     "update_issue_title",     // PATCH — modifies issue title
     "update_issue_type",      // PATCH — modifies issue type
 
+    // Sub-issue management tools (alongside sub_issue_write composite)
+    "add_sub_issue",          // POST  /repos/.../issues/{number}/sub_issues
+    "remove_sub_issue",       // DELETE/POST — remove sub-issue link
+    "reprioritize_sub_issue", // PATCH — reorder sub-issues
+
+    // PR review tools (alongside pull_request_review_write composite)
+    "add_pull_request_review_comment",    // POST /repos/.../pulls/{number}/comments
+    "create_pull_request_review",         // POST /repos/.../pulls/{number}/reviews
+    "delete_pending_pull_request_review", // DELETE /repos/.../pulls/{number}/reviews/{id}
+    "request_pull_request_reviewers",     // POST /repos/.../pulls/{number}/requested_reviewers
+    "resolve_review_thread",              // PUT  /graphql — resolveReviewThread
+    "submit_pending_pull_request_review", // POST /repos/.../pulls/{number}/reviews/{id}/events
+    "unresolve_review_thread",            // PUT  /graphql — unresolveReviewThread
+
     // Granular PR update tools (alongside update_pull_request composite)
     "update_pull_request_body",        // PATCH — modifies PR body
     "update_pull_request_draft_state", // PATCH — converts to/from draft
@@ -362,18 +363,23 @@ mod tests {
     }
 
     #[test]
-    fn test_sub_issue_management_tools_are_write_operations() {
+    fn test_sub_issue_management_tools_are_read_write_operations() {
         for op in &["add_sub_issue", "remove_sub_issue", "reprioritize_sub_issue"] {
             assert!(
-                is_write_operation(op),
-                "{} must be classified as a write operation",
+                is_read_write_operation(op),
+                "{} must be classified as a read-write operation",
+                op
+            );
+            assert!(
+                !is_write_operation(op),
+                "{} should not be in WRITE_OPERATIONS (it is in READ_WRITE_OPERATIONS)",
                 op
             );
         }
     }
 
     #[test]
-    fn test_pr_review_tools_are_write_operations() {
+    fn test_pr_review_tools_are_read_write_operations() {
         for op in &[
             "add_pull_request_review_comment",
             "create_pull_request_review",
@@ -384,8 +390,13 @@ mod tests {
             "unresolve_review_thread",
         ] {
             assert!(
-                is_write_operation(op),
-                "{} must be classified as a write operation",
+                is_read_write_operation(op),
+                "{} must be classified as a read-write operation",
+                op
+            );
+            assert!(
+                !is_write_operation(op),
+                "{} should not be in WRITE_OPERATIONS (it is in READ_WRITE_OPERATIONS)",
                 op
             );
         }
