Fix resolution comment length bug when migrating Secret Scanning alerts

[Copilot]

Problem

When migrating secret scanning alerts with gh gei migrate-secret-alerts, if the new comment format [@resolverName] originalComment exceeds 270 characters, the GitHub API call fails with an error about comment length limits.

This was introduced in PR #1337 which added the resolver name prefix to resolution comments, but didn't account for the 270 character limit.

Solution

Added length validation before using the prefixed comment format:

• If [@resolverName] originalComment is < 270 characters: use the prefixed format (preserves existing behavior)
• If [@resolverName] originalComment is >= 270 characters: fall back to using only the original comment

This ensures migration completes successfully while preserving the most important content when length limits are exceeded.

Changes

• SecretScanningAlertService.cs: Added comment length check with fallback logic
• SecretScanningAlertServiceTests.cs: Added test cases for both scenarios:
  • Update_With_Long_Comment_Uses_Original_Comment_Only - verifies fallback behavior
  • Update_With_Short_Comment_Uses_Prefixed_Comment - ensures existing behavior preserved

Example

// Before: Always used prefixed format, could fail on long comments
var targetResolutionComment = $"[@{resolverName}] {originalComment}";

// After: Length-aware with fallback
var prefixedComment = $"[@{resolverName}] {originalComment}";
var targetResolutionComment = prefixedComment.Length < 270 
    ? prefixedComment 
    : originalComment ?? string.Empty;

All existing tests pass. The fix is minimal and preserves all existing functionality while gracefully handling the edge case.

Fixes #1348.

Warning

Firewall rules blocked me from connecting to one or more addresses

I tried to connect to the following addresses, but was blocked by firewall rules:

• http://www.microsoft.com:80/pkiops/crl/Microsoft%20Identity%20Verification%20Root%20Certificate%20Authority%202020.crl
  • Triggering command: dotnet build src/OctoshiftCLI.sln (http block)
• http://www.microsoft.com:80/pkiops/crl/Microsoft%20Public%20RSA%20Timestamping%20CA%202020.crl
  • Triggering command: dotnet build src/OctoshiftCLI.sln (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to my firewall allow list

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.