[q] fix(functional-pragmatist): avoid make with len() to prevent CodeQL violations #23684
Description
Fixes the functional-pragmatist workflow prompt to avoid recommending make([]T, len(x)) and make([]T, 0, len(x)) patterns that trigger CodeQL violations.
Changes Made
.github/workflows/functional-pragmatist.md
Replaced all make(slice, len(...)) patterns with CodeQL-safe alternatives:
| Before | After |
|---|---|
make([]U, len(slice)) in Map helper |
var result []U + append |
make([]T, 0, len(slice)) in Filter helper |
var result []T + append |
make([]Filter, len(names)) in example |
var filters []Filter + append |
make([]string, 0, len(items)) inline example |
var activeNames []string + append |
make([]Item, len(s.items)) defensive copy |
slices.Clone(s.items) |
Guideline recommending make([]T, len(input)) |
Explicit warning to avoid this pattern |
Rationale
CodeQL flags make([]T, len(x)) and make([]T, 0, len(x)) as violations. The idiomatic CodeQL-safe alternatives are:
- Use
var result []T+appendfor dynamic slices - Use
slices.Clone(s)for defensive copies (Go 1.21+, already used in this codebase)
Validation
- ✅
functional-pragmatistworkflow compiled successfully with no errors or warnings
Closes #23658 (triggered by @pelikhan's /q comment)
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.
Create the pull request manually
# Download the patch from the workflow run
gh run download 23796028932 -n agent -D /tmp/agent-23796028932
# Create a new branch
git checkout -b q/fix-functional-pragmatist-codeql-bc122f2fc4b66c2d main
# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-23796028932/aw-q-fix-functional-pragmatist-codeql.patch
# Push the branch and create the pull request
git push origin q/fix-functional-pragmatist-codeql-bc122f2fc4b66c2d
gh pr create --title '[q] fix(functional-pragmatist): avoid make with len() to prevent CodeQL violations' --base main --head q/fix-functional-pragmatist-codeql-bc122f2fc4b66c2d --repo github/gh-aw
- expires on Apr 2, 2026, 12:04 PM UTC