Releases: github/gh-aw
Release list
v0.82.2
🌟 Release Highlights
This release focuses on ARC/DinD (Actions Runner Controller + Docker-in-Docker) reliability, expanded skills: frontmatter capabilities, and a wave of quality improvements to ESLint rules, safe-outputs, and the Windows CI matrix.
✨ What's New
-
ARC/DinD topology is now fully supported. Three coordinated fixes (#42815, #42855, #42906) redirect runtime-critical paths to daemon-visible locations (
${RUNNER_TEMP}/gh-aw), redirectDOTNET_INSTALL_DIRandGOPATH, and pre-create required mount directories — so compiled workflows run reliably on ARC/DinD runners without path-visibility failures. Requires AWF firewall ≥ v0.27.22. -
Per-skill GitHub auth in
skills:frontmatter. Each skill entry can now carry its owngithub-tokenorgithub-appcredential, enabling multi-org or multi-repo skill installs with distinct authentication. (#42594) -
Runtime reviewers, team-reviewers, and assignees in
create-pull-request. Reviewer and assignee fields now accept template expressions resolved at runtime — routing the created PR to the triggering actor or any dynamically computed value. (#42621) -
PR Sous Chef auto-dismisses stale bot reviews. After an agent addresses feedback,
pr-sous-chefcan now dismiss staleCHANGES_REQUESTEDreviews fromgithub-actions[bot], letting PRs proceed without manual cleanup. (#42626) -
reasoning_depthA/B experiment inplanworkflow. A three-variant experiment (shallow,baseline,deep) measures whether lighter or deeper prompts improve sub-issue quality and cost. (#42955)
🐛 Bug Fixes & Improvements
- Safe-outputs pre-flight full-branch validation — the
allowed_filescheck now validates the full commit history reachable from a pushed ref, preventing false-safe pushes when older commits touched.github/workflows/. (#42585) - Skill install failures surface as agent failure context — when
gh skill installfails, the failure is detected and attached to the agent's failure context for clearer diagnostics. (#42642) - BYOK provider inheritance for sub-agents — fixes sub-agents not inheriting the BYOK provider from the headless sidecar environment. (#42613)
- Windows
cmd/directquoting fix — resolves a .NET vscmd.exequote escaping mismatch causingcmd/directscenario failures in the Windows CI matrix. (#42951) - Workspace wipe prevention during local-actions checkout — generated checkout steps now include
clean: falseso.gitstate is preserved for subsequent local-action post-steps. (#42611) - ESLint rule improvements —
no-unsafe-promise-catch-error-propertybrought to parity with its sibling rule, null-safe companion requirement fortypeof err === "object"catch guards, and newrequire-async-entrypoint-catchrule. (#42953, #42568, #42935) timesleepnocontextlinter boundary fix — stops incorrectly crossing non-Go/deferFuncLitboundaries when attributingtime.Sleepcalls. (#42946)
📚 Documentation
skills:frontmatter reference — new documentation covering pinned refs, per-skill auth, and a real-world complex example. (#42747)- Safe outputs reference slimmed down — the safe outputs reference is now significantly shorter and easier to scan. (#42814)
app:→github-app:migration completed —gh aw fixnow covers top-levelapp:blocks in addition to nested occurrences. (#42794)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 42.4 AIC · ⊞ 7.7K
What's Changed
- fix(pr-code-quality-reviewer): prevent timeout by launching grumpy-coder early by @pelikhan with @Copilot in #42583
- doc-healer/doc-updater: classify site-build/UI issues as non-content, skip them from docs-PR path by @pelikhan with @Copilot in #42590
- Align sandbox integration tests with rootless AWF command default by @pelikhan with @Copilot in #42606
- Add
tone_variantA/B campaign tobreaking-change-checkerworkflow by @pelikhan with @Copilot in #42597 - Promote errortypeassertion and execcommandwithoutcontext to blocking CI gate by @pelikhan with @Copilot in #42580
- fix(eslint-factory): require-parseInt-radix false negative on radix 0/undefined by @pelikhan with @Copilot in #42581
- fix: detect "no model endpoints available" as http_400_response_error by @pelikhan with @Copilot in #42593
- eslint-factory: require null-safe companion for
typeof err === "object"catch guards by @pelikhan with @Copilot in #42568 - fix: wire BYOK provider into headless sidecar env so sub-agents inherit it by @pelikhan with @Copilot in #42613
- docs: add opt-in, participant-targeted recruitment banner to Starlight docs by @pelikhan with @Copilot in #42595
- Prevent workspace wipe during local-actions checkout in generated workflows by @pelikhan with @Copilot in #42611
- Refactor schema compilation to use a single shared helper by @pelikhan with @Copilot in #42614
- build(deps-dev): bump starlight-github-alerts from 0.3.0 to 0.4.0 in /docs by @dependabot[bot] in #42462
- build(deps): bump mermaid from 11.15.0 to 11.16.0 in /docs by @dependabot[bot] in #42459
- build(deps-dev): bump prettier from 3.8.4 to 3.9.4 in /actions/setup/js by @dependabot[bot] in #42458
- build(deps): bump starlight-blog from 0.26.1 to 0.27.0 in /docs by @dependabot[bot] in #42455
- build(deps-dev): bump vite from 8.0.16 to 8.1.0 in /actions/setup/js by @dependabot[bot] in #42456
- [community] Update community contributions in README by @github-actions[bot] in #42616
- Support per-skill GitHub auth in frontmatter
skillsby @pelikhan with @Copilot in #42594 - PR Sous Chef: dismiss stale
github-actions[bot]blocking reviews after feedback is addressed by @pelikhan with @Copilot in #42626 - docs: move trigger decision matrix to triggers.md, add coverage/digest fallback guidance by @pelikhan with @Copilot in #42618
- Extend windows-cli-integration scenario matrix: add cmd/direct and path-launch for non-default shells by @pelikhan with @Copilot in #42622
- Add clean: false to agentics-maintenance.yml checkout steps by @pelikhan with @Copilot in #42623
- compact Test Quality Sentinel report template (~480 chars saved) by @pelikhan with @Copilot in #42633
- Add improvement issue creation to daily GEO optimizer by @pelikhan with @Copilot in #42635
- fix(pr-sous-chef): use
sonnetalias for pr-processor sub-agent to resolve HTTP 400 by @pelikhan with @Copilot in #42634 - feat(uk-ai-resilience): create up to 2 labeled issues for top-priority findings by @pelikhan with @Copilot in #42636
- [log] Add debug logging to 5 pkg/ files by @github-actions[bot] in #42640
- refactor: extract helpers to bring 3 functions under the 60-line largefunc limit by @pelikhan with @Copilot in #42624
- refactor: skip gh CLI upgrade when already at minimum version for skill support by @pelikhan with @Copilot in #42639
- [code-simplifier] simplify: reduce duplication in discussion comment handlers by @github-actions[bot] in #42641
- safe-outputs: pre-flight workflow scope check + full-branch allowed_files validation by @pelikhan with @Copilot in #42585
- Improve time-delta validation diagnostics to satisfy error-message lint quality by @pelikhan with @Copilot in #42651
- Cover wasm-only files in custom li...
v0.82.1
🌟 Release Highlights
v0.82.1 focuses on a major dashboard overhaul, new workflow authoring primitives, expanded static analysis coverage, and reliability fixes across the compiler and runtime.
⚠️ Behavioral Change: sandbox.agent.sudo Defaults to false
The global default for sandbox.agent.sudo has changed from true to false (network isolation / rootless mode). Workflows that relied on elevated sandbox access must now explicitly set sandbox.agent.sudo: true. This aligns the default with the recommended security posture.
✨ What's New
-
Frontmatter
skillssupport — Workflows can now declare SHA-pinned skills directly in frontmatter. At activation time,gh awautomatically installs them viagh skill installand wires them into the engine. Learn more (#42426, #42543) -
Model policy controls — New
models.allowedandmodels.disallowedfrontmatter fields let you restrict which AI models a workflow can use, with environment-variable overrides for flexibility. (#41824) -
ARC/DinD rootless topology —
runner.topology: arc-dindis now a first-class frontmatter option, enabling GitHub ARC runners with Docker-in-Docker rootless execution. (#42371) -
brandingfield inaw.yml— Package manifests can now include a GitHub Actionsbrandingblock without failing schema validation. (#42454) -
Per-model Copilot SDK
wireApi— Updated for Copilot SDK v1.0.4's multi-provider BYOK registry, where transport behavior can vary by model. (#42497)
🖥️ Dashboard Overhaul
The agentic workflows dashboard received extensive polish this release:
- TypeScript migration — Backend modules migrated from ESM
.mjsto strict TypeScript, eliminating allanytypes and narrowingunknown(#42321, #42353) - Bundled into single artifacts — Alpine.js and Node.js code are now bundled into self-contained
app.js— no external CDN dependencies (#42300, #42352) - Skeleton loaders & spinners — Loading states are now visually communicated while runs and definitions fetch (#42345)
- Cross-session log caching — Downloaded logs are cached in a shared user-level directory, reducing redundant fetches (#42349)
- Compact single-line rows — Definitions and Runs lists now render in tighter, more scannable single-line format (#42344)
- Missing
ghbinary detection — Dashboard shows a targeted install prompt when theghCLI is not found (#42303) - Fixed hang on inherited handles — Detached spawn prevents
gh awfrom hanging when dashboard subprocess inherits stdio handles (#42311)
🐛 Bug Fixes & Improvements
- Fixed concurrent schedule overlap —
every N minutescron expressions are now scattered across different offsets, preventing all same-interval workflows from firing simultaneously (#42524) - Hardened API fallbacks — Unauthenticated
api.github.comcalls now carry a 30-second timeout and request context, eliminating potential goroutine hangs during compilation (#42521) - Fixed AWF access.log path — Firewall log analysis now correctly finds
access.login thesquid-logs/subdirectory (#42513) - Codex retry loop fix — Codex harness no longer retries on TPM exhaustion or unfinished-goal errors, avoiding run quota drain (#42420)
- Better engine typo detection — Invalid
engine:values now surface as the primary error rather than being masked by downstream schema failures (#42235) - Auto-derive checkout
path:— Compiler now warns and auto-derives thepath:for cross-repo checkout entries where it was missing (#42257)
🔍 New Static Analysis Rules
sprintfintGo linter — Flagsfmt.Sprintf("%d", x)wherexisint, suggestingstrconv.Itoafor clarity (#42538)errortypeassertionGo analyzer — Catches directerror-to-concrete type assertions and steers code towarderrors.As(#42323)httpnoctxenhancement — Now detects thehttp.NewRequest(...)+client.Do(req)path, not just helper functions (#42536)- ESLint
no-core-setoutput-non-string— Flags non-string values passed tocore.setOutput, preventing type coercion bugs in Actions JavaScript (#42453)
📚 Documentation
- Aligned
gh awCLI help text with docs forversion,deploy,strict, andsecretsflags (#42496) - Streamlined MemoryOps guide and troubleshooting common issues pages (#42533, #42308)
- Added
sandbox.agent.sudoglossary entry documenting the AWF privilege model (#42466)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 64.3 AIC · ⊞ 7.7K
What's Changed
- Use Sonnet consistently in pr-sous-chef by @pelikhan with @Copilot in #42292
- feat: add audit logging to comment_release_prs job by @pelikhan with @Copilot in #42306
- [docs] docs: unbloat troubleshooting common issues by @github-actions[bot] in #42308
- Skip
signed/jsweep/*branches in PR Description Updater by @pelikhan with @Copilot in #42296 - Refactor forecast command into focused modules and isolate render helper tests by @pelikhan with @Copilot in #42274
- fix(dashboard): button group styling and Alpine.js FOUC prevention by @pelikhan with @Copilot in #42309
- fix(aw-dashboard): use detached spawn to prevent gh-aw hang on inherited handles by @pelikhan in #42311
- Add maintenance view to the agentic workflows dashboard by @pelikhan with @Copilot in #42297
- Scale MCP logs timeout for larger fetch windows by @pelikhan with @Copilot in #42295
- feat(dashboard): detect missing gh binary and show targeted install prompt by @pelikhan with @Copilot in #42303
- fix(contribution-check): eliminate E002 safe-output collisions and retry loops by @pelikhan with @Copilot in #42316
- docs(aw): add compliance and design-governance patterns to authoring guidance by @pelikhan with @Copilot in #42315
- Bundle Alpine.js into the dashboard extension by @pelikhan with @Copilot in #42300
- Simplify
gh aw statustable output by @pelikhan with @Copilot in #42312 - Prioritize invalid engine typos over downstream schema/import failures by @pelikhan with @Copilot in #42235
- Honor global mention allowlists in add-comment sanitization by @pelikhan with @Copilot in #42313
- Normalize report-style prompts in Priority 1 workflows (h3+ headers +
<details>guidance) by @pelikhan with @Copilot in #42324 - Migrate dashboard backend modules from ESM
.mjsto strict TypeScript by @pelikhan with @Copilot in #42321 - Allow
create_pull_requestbundle transport to fall back when branch pinning is unavailable by @pelikhan with @Copilot in #42318 - dashboard: memoize binary detection and robust JSON parsing by @pelikhan in #42334
- fix(dashboard): alert box spacing and scrollbar polish by @pelikhan with @Copilot in #42335
- dashboard: add left margin to Counter badges by @pelikhan with @Copilot in #42337
- dashboard: structured logging, fix cwd/spawn bugs, add build:ts + AGENTS.md by @pelikhan in #42338
- Extract shared SafeOutputAllowBlockConfig across safe-output handlers by @pelikhan with @Copilot in #42322
- dashboard: compact single-line rows for Definitions and Ru...
v0.82.0
🌟 Release Highlights
This release brings a new Copilot Canvas extension for agentic workflow operations, significant dashboard improvements, experimental LSP frontmatter support, and an expanded ESLint Factory with new safety rules.
✨ What's New
-
🎨 Copilot Canvas Extension — A new project-scoped GitHub Copilot canvas extension (
agentic-workflows-dashboard) lets you browse workflow definitions and runs, review safe markdown step summaries, and dispatch workflows directly from the Copilot chat panel. (#42137) -
📊 Dashboard: Experiments Tab — The dashboard canvas now surfaces A/B experiment branch data via a dedicated Experiments tab backed by
gh aw experiments list. (#42213) -
📈 Dashboard: Usage Reporting & Continuation-Aware Log Windows — Run details now include token usage reporting and context-aware log windows that track continuation state. (#42226)
-
🔬 Dashboard: Audit Data with Progressive Disclosure — Run detail panels now surface structured audit data inline, with progressive disclosure to keep the view clean. (#42269)
-
🛠️ LSP Frontmatter Support (Experimental) — Workflows can now declare
lsp:frontmatter configuration so Copilot CLI automatically receives generatedlspServersconfig and required server dependencies during agent setup. Non-Copilot engines fail fast with a clear error. (#41777) -
📏 ESLint Factory — New Safety Rules — Three new rules land in the ESLint Factory:
no-unsafe-catch-error-property(flags unsafe.message,.stack,.status,.cause,.nameaccess),no-unsafe-promise-catch-error-property(same for promise.catch()callbacks), andrequire-parseInt-radix(enforces explicit radix argument). (#42057, #42221, #41961) -
🔁 Templatable
report-failure-as-issue— Reusable workflows can now parameterize thesafe-outputs.report-failure-as-issuefield without post-compile lock-file edits, enabling flexible failure reporting across shared workflow definitions. (#41821) -
📁 Repo-Local Instruction Overlays — Installed
gh-awagents now support repo-local instruction overlay files, allowing per-repository customization of agent behavior without forking upstream workflows. (#42053)
🐛 Bug Fixes & Improvements
- Safe-outputs
set_issue_type— Fixed incorrect GraphQL query and field name in theset_issue_typeintent path. (#42232) - MCP Gateway config — Fixed invalid JSON escape sequences in GitHub remote MCP gateway config generation. (#41864)
- Setup cleanup —
gh aw setupnow properly cleans up root-owned/tmp/awf-*-chroot-homedirectories. (#41852) - Copilot HTTP 400 failures — HTTP 400 responses from Copilot are now surfaced in workflow conclusions rather than silently discarded. (#42228)
dispatch-repositorykey — Enforced canonicaldispatch-repositorysafe-output key and deprecated the underscore aliasdispatch_repository. (#42150)- Audit job steps — Structured audit output now correctly populates individual job step data. (#42222)
- Enterprise host context — Enterprise host configuration is now properly propagated into the curated DIFC/CLI proxy environment. (#41912)
📚 Documentation
- Corrected
gh aw mcp addargument order in the setup guide. (#42272) - Added dedup checklist, PR escalation guidance, and linked-reference patterns to developer docs. (#42111)
- Added Agent Finder discovery guidance with direct REST API examples for skill selection. (#42078)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 35.4 AIC · ⊞ 7.7K
What's Changed
- fix: apply_samples derivePrHeadRef uses target-repo config for siderepo PR lookups by @dsyme with @Copilot in #41295
- Enable templatable
report-failure-as-issueand shared-workflow propagation by @pelikhan with @Copilot in #41821 - Add nolint suppression parity for 5 remaining gh-aw analyzers by @pelikhan with @Copilot in #41849
- fix(fmterrorfnoverbs): treat %% as escaped literal, not a real verb by @pelikhan with @Copilot in #41850
- [instructions] Sync instruction files with release v0.81.6 by @github-actions[bot] in #41871
- [spec-extractor] Update package specifications for envutil, fileutil, gitutil, logger by @github-actions[bot] in #41873
- [docs] Consolidate developer specifications: v9.19 maintenance tone scan by @github-actions[bot] in #41887
- [docs] Update editor preview screenshots – 2026-06-27 by @github-actions[bot] in #41868
- Fix invalid JSON escapes in GitHub remote MCP gateway config generation by @pelikhan with @Copilot in #41864
- Bump Claude Code to 2.1.195 and Codex to 0.142.3 by @pelikhan with @Copilot in #41865
- fix(log_parser_bootstrap): guard Claude guardrail with safeOutputEntriesCount escape hatch by @pelikhan with @Copilot in #41886
- fix(setup): clean up root-owned /tmp/awf-*-chroot-home directories by @pelikhan with @Copilot in #41852
- Gate CI coverage uploads behind code-quality opt-in variable by @pelikhan with @Copilot in #41922
- Add Copilot-only
lspfrontmatter support with schema, codegen, engine guardrails, and LSP instructions (experimental) by @pelikhan with @Copilot in #41777 - Strengthen anomaly detector edge coverage and remove order-dependent test behavior by @pelikhan with @Copilot in #41916
- [linter-miner] linter: add httpstatuscode analyzer — flag magic HTTP status code literals by @github-actions[bot] in #41914
- [formal-spec] Add OTEL observability formal compatibility test suite (v0.4.0 L1/L2) by @pelikhan with @Copilot in #41906
- Add run-again footer hints for slash and label command triggers by @pelikhan with @Copilot in #41920
- refactor: extract shared CLI engine execution logic; make Pi backend resolution configurable by @pelikhan with @Copilot in #41921
- fix(changeset): restrict safe-outputs allowed-files to .changeset/*.md by @pelikhan with @Copilot in #41937
- [caveman] Optimize instruction verbosity — memory.md, mcp-clis.md (2026-06-27) by @github-actions[bot] in #41943
- safeoutputs: disambiguate
submit_pull_request_review.eventfromactionby @pelikhan with @Copilot in #41948 - Establish ESLint Linter Factory for actions/setup/js and add dedicated ESLint daily workflows by @pelikhan with @Copilot in #41938
- pr-sous-chef: auto-resolve outdated addressed review threads via thread-resolver sub-agent by @pelikhan with @Copilot in #41959
- feat(ambient-context): trim prompt size in daily-code-metrics, test-quality-sentinel, smoke-copilot-aoai-entra by @pelikhan with @Copilot in #41960
- eslint-factory: add hasSuggestions, enriched diagnostic message, and try/catch suggest fix by @pelikhan with @Copilot in #41966
- [eslint-miner] feat(eslint): add require-parseInt-radix rule — ESLint Miner 2026-06-27 by @github-actions[bot] in #41961
- Clarify LSP capabilities and prompt patterns in
lsp.mdfor authoring efficiency by @pelikhan with @Copilot in #41977 - Add ready_for_review workflow for Impeccable (needex) skills-based PR review by @pelikhan with @Copilot in #41978
- Moving ESLint factory to new location by @pelikhan with @Copilot in #41975
- eslint-factory: fix require-json-parse-try-catch to catch computed JSON["parse"] access by @pelikhan with @Copilot in #42000
- Bump gh-aw-firewall to v0.27.12 and gh-aw-mcpg to v0.3.31 by @lpcox with @Copilot in...
v0.81.6
🌟 Release Highlights
This release focuses on stability and observability — restoring broken fleet-wide token tracking, hardening CI quality gates, and adding release traceability for merged PRs.
✨ What's New
- Release PR notifications — A new post-agent release job now automatically comments on every PR included in each release, making it easy to trace which release shipped your changes (#41834).
- Loop engineering playbook —
.github/aw/loop.mdcodifies patterns from autoloop, goal, and crane into a unified reference for building robust agentic loops (#41833). - Benchstat regression gate — The CI bench job now compares against a stored baseline using
benchstat, preventing silent performance regressions from merging (#41813).
🐛 Bug Fixes & Improvements
- Restored fleet-wide token usage collection —
TokenUsagehad been reporting0across the entire fleet since June 20 due to two co-conspirating bugs in the conclusion job. Both are fixed, restoring accurate AI credit tracking (#41823). - Security: pinned
govulnchecktogo.modversion — CI vulnerability scans now use the exact version declared ingo.modand produce reproducible SARIF reports. A localmake vuln-sariftarget is also available (#41815). - Hardened BYOK Ollama startup — The daily BYOK Ollama test now gates on explicit model and API readiness before proceeding, eliminating pre-agent failures from incomplete startup (#41838).
- Stabilized Go Logger Enhancement compile — Fixed exit code 126 caused by unsafe shell glob expansion in the workflow tool allowlist (#41840).
- Enforced safe output completion in quality workflow — The daily compiler quality workflow now requires an explicit safe output call, preventing silent no-op runs (#41841).
🔧 Internal
- Refactored 5 extreme function-length hotspots (145–650 lines) in
pkg/workflowandpkg/cliinto focused, testable units (#41800). - SortedKeys sweep and deduplication logic consolidation across the codebase (#41829).
Generated by 🚀 Release · 32.9 AIC · ⊞ 8.3K
What's Changed
- refactor: split 5 extreme function-length hotspots in pkg/workflow and pkg/cli by @pelikhan with @Copilot in #41800
- fix(security): pin govulncheck to go.mod version in CI, add local SARIF target by @pelikhan with @Copilot in #41815
- Add benchstat regression gate to CI bench job by @pelikhan with @Copilot in #41813
- fix(token-usage): restore fleet-wide TokenUsage collection via non-empty copy guard and correct priority order by @pelikhan with @Copilot in #41823
- Add post-agent release job to comment on PRs included in each release by @pelikhan with @Copilot in #41834
- [community] Update community contributions in README by @github-actions[bot] in #41836
- Require explicit safe output completion in daily compiler quality workflow by @pelikhan with @Copilot in #41841
- Harden Daily BYOK Ollama startup path with explicit model/API readiness gating by @pelikhan with @Copilot in #41838
- [aw] Stabilize Go Logger Enhancement compile invocation by @pelikhan with @Copilot in #41840
- refactor: SortedKeys sweep, deduplicate dedup logic, redistribute misplaced helpers by @pelikhan with @Copilot in #41829
- Add
.github/aw/loop.mdplaybook synthesizing loop-engineering patterns from autoloop/goal/crane by @pelikhan with @Copilot in #41833
Full Changelog: v0.81.5...v0.81.6
v0.81.5
🌟 Release Highlights
This release focuses on org-mode maturity, performance optimizations, and sandbox hardening — making gh aw update/upgrade --org more robust and production-ready while delivering meaningful speed improvements across the compiler and validator.
✨ What's New
-
Action-pin mapping in
aw.json(#41579) — Define action-pin overrides directly in youraw.jsonconfiguration, giving you centralized control over pinned action versions. -
manifest-versionnow optional inaw.yml(#41687) — Reduces boilerplate in new workflow files; the field is inferred when omitted. -
Non-TTY fallback for
gh aw addwizard (#41717) — The interactive add wizard now gracefully falls back to text prompts in non-interactive environments (CI, scripts), unblocking automation pipelines. -
Org-mode improvements for
update/upgrade --org(#41617, #41627, #41719) — Workflow-targeted updates, repo prefiltering, version-tag display, unified repo discovery, and per-repo confirmation prompts (with--yesfor CI). The--orgflag is now significantly more useful for managing fleets of repositories. -
Sandbox hardening at 50% baseline (#41786) — Half of all eligible agentic workflows now run with
sandbox.agent.sudo: false, reducing the blast radius of runaway agent steps. -
Daily detection analysis report workflow (#41802) — New built-in workflow that generates automated detection analysis reports.
⚡ Performance
- Lazy-loaded embedded JSON datasets (#41587) — Embedded compile-time JSON is no longer loaded at startup, reducing memory footprint for CLI commands that do not compile.
- Lazy-loaded GitHub toolset permissions (#41755) — Loaded via
sync.Onceso permission data is only read when needed. - Cached regexp in
applySanitizePattern(#41762) — Eliminates repeated regex compilation on hot code paths. - Faster
ParseWorkflow(#41772) — Model-alias cycle detection overhead reduced.
🐛 Bug Fixes & Improvements
- Secret double-escape fix (#41801) — Custom MCP server env/header secrets are no longer double-escaped in generated lock files.
- Agent-supplied branch accepted in
push_to_pull_request_branch(#41654) — Fixes a regression where agent-provided branch names were rejected. - MODEL_NOT_SUPPORTED detection extended (#41792) — The pattern now catches 404 "Model not found" responses, improving resilience for unsupported model errors.
- Bundle manifest path resolution (#41790) —
.github/paths are now resolved as repo-root-relative in nested bundle manifests. - MCP post-completion relaunch is non-fatal (#41713) — A failed MCP server relaunch after job completion no longer fails the workflow.
- PR Sous Chef cooldown (#41759) — Prevents back-to-back comments by enforcing a 30-minute cooldown.
- Harness exits cleanly (#41675) — Exits with code 0 when expected safe-outputs were already produced, even when subsequent steps encounter permission-denied errors.
GH_AW_POLICY_STRICTenforced at runtime (#41682) — Non-strict compiled workflows now properly respect the strict policy flag at runtime.
📚 Documentation
- Blog: Custom Linters, Sergo, Linter Miner & LintMonster (#41663) — A new blog post walking through the custom linter ecosystem. Read it →
gh aw envgovernance guide (#41758) — New documentation covering defaults and scope inheritance for environment configuration.
Generated by 🚀 Release · 41.2 AIC · ⊞ 8.3K
What's Changed
- Add action-pin mapping support in aw.json by @pelikhan with @Copilot in #41579
- pkg/workflow: lazy-load embedded JSON datasets used only at compile-time paths by @pelikhan with @Copilot in #41587
- feat: add XML markers, deduplication, labels, and release links to org runner PRs/issues by @pelikhan with @Copilot in #41580
- fix: resource lifecycle and context propagation (lint-monster) by @pelikhan with @Copilot in #41589
- Replace lint-monster path literals with repository constants in CLI/workflow codepaths by @pelikhan with @Copilot in #41611
- [UX] Professionalize Architecture Guardian safe-output status messages by @pelikhan with @Copilot in #41612
- [jsweep] Clean update_context_helpers.cjs by @github-actions[bot] in #41608
- fix: accept agent-supplied branch in push_to_pull_request_branch (fixes #41643) by @dsyme in #41654
- fix: replace deprecated gpt-5-mini with gpt-5.4-mini in daily-model-resolution workflow by @pelikhan with @Copilot in #41625
- Enable sandbox.agent.sudo: false on 20 agentic workflows by @pelikhan with @Copilot in #41628
- [docs] Update glossary - daily scan by @github-actions[bot] in #41657
- [spec-extractor] Update package specifications for agentdrain, cli, console, constants by @github-actions[bot] in #41653
- [code-scanning-fix] Fix js/http-to-file-access: validate Content-Type and size for LFS PDF download by @github-actions[bot] in #41635
- Update
gh aw update --orgto support workflow-targeted updates and repo prefiltering by @pelikhan with @Copilot in #41617 - panicinlibrarycode: enforce FuncLit boundaries for init/doc panic exemptions by @pelikhan with @Copilot in #41631
- [instructions] Sync instruction files with release 0.81.4 by @github-actions[bot] in #41644
- Replace AWF runtime Python patch with shared JavaScript helper by @pelikhan with @Copilot in #41623
- Add blog post on custom linters, Sergo, Linter Miner, and LintMonster by @pelikhan with @Copilot in #41663
- reduce instructions-janitor max lines target from 500 to 400 by @pelikhan with @Copilot in #41673
- Retry one completed Copilot BYOK proxy auth failure as a fresh run by @pelikhan with @Copilot in #41629
- Make manifest-version optional in aw.yml by @pelikhan with @Copilot in #41687
- Harden API consumption log collection against continuation timeouts by @pelikhan with @Copilot in #41676
- [spec-enforcer] Enforce specifications for setutil by @github-actions[bot] in #41684
- Refactor duplicated key sorting, engine env assembly, and engine max-* codemods by @pelikhan with @Copilot in #41674
- fix(harness): exit 0 when expected safe-outputs already produced despite numerous permission-denied by @pelikhan with @Copilot in #41675
- improve update/upgrade --org: version tags, current version display, unified repo discovery by @pelikhan with @Copilot in #41627
- Fix go-logger preflight manifest generation failing on jq filter quoting by @pelikhan with @Copilot in #41695
- fix(USE-001): add standardized error codes to pr_review_buffer and set_issue_type handlers by @pelikhan with @Copilot in #41692
- Enforce
GH_AW_POLICY_STRICTat runtime for non-strict compiled workflows by @pelikhan with @Copilot in #41682 - parser: add schema validation tests for sandbox.agent.sudo (regression guard for #41679) by @dsyme with @Copilot in #41681
- logs: populate
messagefield with actionable guidance when no runs found by @pelikhan with @Copilot in #41693 - docs: resolve spec audit — pkg/intent spec, actionpins Mappings field, linters 4 new subpackages by @pelikhan with @Copilot in #41723
- fix: post-completion MCP relaunch failure is non-fatal; audit-diff surfaces removed denied domains by @pelikhan with @Copilot in #41713
- Normalize report-format guidance across non-compliant agentic workflows by @pelikhan with @Copilot in #41728
- Harden Super Linter workflow against generated-summary linting and log art...
v0.81.4
🌟 Release Highlights
This release focuses on reliability, performance, and new operational capabilities — fixing silent failures across the compiler and agent harnesses, reducing wasted credits on hot paths, and adding important new tooling.
✨ What's New
-
--orgflag forupgradecommand (#41335) — Theupgradecommand now supports--organd--reposflags, matching the org-wide mode already available inupdate. Bulk-preview or open upgrade PRs across an entire organization with a single command. -
Daily YAML Lint Fixer workflow (#41574) — A new agentic workflow automatically fixes yamllint violations in generated
*.lock.ymlfiles, keeping CI lint checks clean without manual intervention. -
AWF Firewall startup failure detection (#41472) — Firewall proxy startup failures (e.g., DNS not yet resolving at probe time) are now detected and surfaced in the agent failure issue — making previously silent infra failures immediately actionable.
-
Spec-driven
engine.envallowlist (#41465) — The engine environment variable allowlist is now derived fromGetSupportedEnvVarKeysrather than a fragile runtime heuristic, enablingstrict: falseto be safely removed from smoke workflows. -
Copilot engine launched from
${GITHUB_WORKSPACE}(#41459) — The Copilot engine now starts from the workspace root, enabling APM skill discovery for context-aware agent behaviour.
🐛 Bug Fixes & Improvements
-
Silent YAML parse errors fixed (#41577) — Five
yaml.Unmarshalcall sites inworkflow_builder.gowere silently discarding errors, producing empty step lists on malformed YAML with no diagnostic. All errors now propagate correctly. -
Copilot SDK hang bounded by idle watchdog (#41572) — After an agent's final tool result,
sendAndWaitcould hang indefinitely until the step timeout killed the runner. A post-completion idle watchdog now bounds this wait, preventing wasted runner minutes. -
Codex harness no longer drains tokens on rate-limit reconnects (#41385) — When Codex hit a TPM rate limit and exhausted reconnect retries, the harness kept retrying unnecessarily. It now recognises exhausted-reconnect exits and stops, preserving credits.
-
Claude harness stops retrying on
max_runs_exceeded(#41361) — Fresh-run fallbacks no longer burn the full quota when a session has already hit its 20-invocation limit. -
Issue Monster false-positive 429 detection eliminated (#41471) — Rate-limit false positives no longer trigger spurious failure handling.
-
assign_to_agentno longer posts error comments on PRs (#41475) — Error comments are now only posted to issues, matching expected behaviour. -
Daily schedule runs restored (#41362) — Daily schedule runs broken since June 5 are now fixed.
-
workflow_callpermissions use union of caller + worker (#41387) — Importedworkflow_callpermissions in generated call jobs are now correctly annotated.
⚡ Performance
-
YAML generation is faster (#41333) — Duplicate run-script scans in the skip-validation fast path collapsed to a single pass, restoring compilation performance.
-
Design Decision Gate costs reduced (#41332) — Now defaults to Sonnet instead of Opus and skips issue lookups on no-op paths, meaningfully reducing AI credit consumption per run.
🔒 Security
-
Safe-output detection hardened (#41547) — Detection stays in warn mode on parser/agent failures, ensuring non-reviewable safe outputs are blocked rather than passed through silently.
-
Pi threat-detection model normalisation (#41545) — Pi threat-detection models are now normalised before Copilot fallback, preventing misclassification due to model name variance.
🔧 Internal
- Bumped gh-aw-firewall to v0.27.11 and regenerated pinned workflow artifacts (#41555)
- Bumped Codex 0.142.1 and Copilot SDK 1.0.4 (#41430)
- Extracted shared org-wide runner for
updateandupgradecommands (#41553)
Generated by 🚀 Release · 44.1 AIC · ⊞ 8.3K
What's Changed
- [community] Update community contributions in README by @github-actions[bot] in #41359
- Lower Design Decision Gate runtime cost with Sonnet default and conditional issue lookups by @pelikhan with @Copilot in #41332
- Add GitHub lockdown guard-policy warning and sync security specs by @pelikhan with @Copilot in #41331
- Reduce YAMLGeneration time by collapsing duplicate run-script scans by @pelikhan with @Copilot in #41333
- fix(go-logger): restore daily schedule runs broken since June 5 by @pelikhan with @Copilot in #41362
- feat: add --org to upgrade command by @pelikhan with @Copilot in #41335
- Surface assign-to-agent auth/availability failures in agent failure issues/comments by @pelikhan with @Copilot in #41336
- chore: set sandbox.agent.sudo: false on 30% of agentic workflows by @pelikhan with @Copilot in #41380
- [ubuntu-image] research: update Ubuntu runner image analysis for 20260622.220.1 by @github-actions[bot] in #41373
- [code-scanning-fix] Fix workflow-graphql-static-concat: extract GraphQL query to named constant by @github-actions[bot] in #41357
- fix(manualmutexunlock): distinguish struct instances sharing a mutex field by @pelikhan with @Copilot in #41383
- Add nolint parity to non-enforced context-family linters by @pelikhan with @Copilot in #41382
- Fix stale frontmatter hash in design-decision-gate.lock.yml by @pelikhan with @Copilot in #41390
- Enable Copilot assignment permissions in Issue Monster workflow by @pelikhan with @Copilot in #41389
- [jsweep] Clean upload_assets.cjs by @github-actions[bot] in #41371
- fix: improve agent assignment failure issue reports by @pelikhan with @Copilot in #41392
- [spec-extractor] Update package specifications for tty, types, typeutil, workflow by @github-actions[bot] in #41414
- fix: stop codex harness retry loop draining tokens on exhausted rate-limit reconnects by @pelikhan with @Copilot in #41385
- refactor: consolidate triplicate merge helpers and add sliceutil.SortedKeys by @pelikhan with @Copilot in #41388
- fix: use union of caller + worker permissions for call-workflow jobs by @pelikhan with @Copilot in #41387
- fix: revert sandbox.agent.sudo to true in glossary-maintainer workflow by @pelikhan with @Copilot in #41426
- Handle known Windows ConPTY runner failure in daily CLI integration by @pelikhan with @Copilot in #41428
- fix(firewall): skip non-Squid diagnostic lines in generate_usage_activity_summary by @pelikhan with @Copilot in #41429
- chore: bump Codex 0.142.1, Copilot SDK 1.0.4 by @pelikhan with @Copilot in #41430
- Send GraphQL-Features header for issue intent mutations when issue_intents runtime feature is enabled by @pelikhan with @Copilot in #41425
- Issue Monster: eliminate false-positive 429 rate-limit detection by @pelikhan with @Copilot in #41471
- Standardize CLI help section order and GHE note wording by @pelikhan with @Copilot in #41461
- feat: spec-driven engine.env allowlist via GetSupportedEnvVarKeys; remove strict: false from smoke workflows by @pelikhan with @Copilot in #41465
- Annotate imported workflow_call permissions in generated call jobs by @pelikhan with @Copilot in #41464
- fix: prevent assign_to_agent from posting error comments on PRs by @pelikhan with @Copilot in #41475
- Reduce
sandbox.agent.sudo: falseusage to policy target across agentic workflows by @pelikhan with @Copilot in #41463 - Update existing MCP configs with required gh-aw server fields by @pelikhan with @Copilot in #41462
- feat: detect AWF firewall startup failures and surface them in the agent failure issue by @pelikhan with @Copilot in #4...
v0.81.3
🌟 Release Highlights
This release focuses on expanded automation reach with org-wide update management, greater expressiveness through GitHub Actions expression support in more places, and a round of critical fixes across Windows, rootless installs, and assignee resolution.
⚠️ Breaking Changes
sandbox.agent.network-isolation renamed to sandbox.agent.default-route
The frontmatter key sandbox.agent.network-isolation has been renamed to sandbox.agent.default-route (#41302). Update any workflows using this key to use the new name.
✨ What's New
- Organization-wide
gh aw update— Rungh aw updateacross an entire org with dry-run PR previews before applying changes, making fleet-wide workflow upgrades safer and more auditable (#41247). - Templatable
safe-outputs.stagedvalues —safe-outputs.stagednow accepts GitHub Actions expressions (${{ ... }}), enabling dynamic output values at workflow runtime (#41296). link-sub-issueaccepts GitHub expressions — Theallowed-reposfield inlink-sub-issuenow supports GitHub Actions expressions for more flexible cross-repo linking (#41237).ready_for_reviewtrigger support —pull_request_targetworkflows can now trigger on theready_for_reviewevent, enabling automation when draft PRs are marked ready (#41161).- GH_HOST support in
gh aw trial—gh aw trial --clone-reponow correctly honors theGH_HOSTenvironment variable for GHES environments (#41159). - Sudo enabled in agentic sandboxes — All agentic workflow sandboxes now have
sudoavailable by default, unblocking common agent install patterns (#41313). - Firewall v0.27.10 + mcpg v0.3.30 — Network-isolated workflows omit unnecessary
sudofrom generated lock files; bundled firewall and MCP gateway updated (#41269).
⚡ Performance
- Parallelized audit analysis —
gh aw auditnow runs analysis tasks in parallel, significantly reducing latency for long-running workflows (#41185).
🐛 Bug Fixes
- Windows ConPTY crash fixed — Removed a compat import that caused
gh awto crash on startup on Windows (#41235). - Rootless AWF install —
gh awinstalls correctly into$HOME/.localwithout root and properly exports$GITHUB_PATHin rootless environments (#41310). - Copilot assignee resolution restored — Assignee checks now prefer issue-scoped resolution, fixing cases where the wrong user was assigned (#41306).
UpdateContainerPinsno longer wipes containers — Fixed a regression wheregh aw updateerased the entirecontainerssection on every run (#41262).- Locked-PR 422 handled gracefully — Safe outputs now treats HTTP 422 on locked PRs as a soft skip with retry rather than a hard failure (#41155).
- Compiler error quality improved — Errors now include accurate YAML context offsets, import hints, and early engine validation to help authors fix issues faster (#41234).
set_issue_typemigrated to REST API — Replaced the GraphQL-basedset_issue_typesafe output with a single REST call for better reliability (#41241).- Linter fixes —
lenstringsplitfalse positives with empty separators andctxbackgroundfalse negatives in closures are resolved (#41188, #41187). - Codex MCP CLI wrapper resolution — Fixed safe output path resolution for the Codex MCP CLI wrapper (#41242).
📚 Documentation
- Safe rollout guidance streamlined for clarity (#41272).
- Glossary updated with latest terminology (#41211).
Generated by 🚀 Release · 36.2 AIC · ⊞ 8.3K
What's Changed
- Remove redundant
python-datavizimports from daily reporting workflows by @pelikhan with @Copilot in #41158 - Support
ready_for_reviewforpull_request_targettriggers by @pelikhan with @Copilot in #41161 - fix: treat locked-PR 422 as soft skip with retry in safe_outputs by @pelikhan with @Copilot in #41155
- Add SEC-005 exemption for
issue_intents.cjsfalse positive by @pelikhan with @Copilot in #41182 - Allow AgentRx native package installs in Daily AgentRx Trace Optimizer by @pelikhan with @Copilot in #41183
- Pin Daily Sub-Agent Model Resolution Audit sub-agent to a valid Codex model by @pelikhan with @Copilot in #41184
- Pin RGS-007 workflow action refs to immutable SHAs by @pelikhan with @Copilot in #41189
- [docs] Update glossary - daily scan by @github-actions[bot] in #41211
- Add
replace-labelto Safe Output Mapping in agentic workflow designer SKILL.md by @pelikhan with @Copilot in #41190 - Honor GH_HOST in
gh aw trial --clone-reporepository URLs by @pelikhan with @Copilot in #41159 - fix(lenstringsplit): empty raw-string separator escapes non-empty guard — false positive + wrong autofix by @pelikhan with @Copilot in #41188
- ctxbackground: fix false negative and unsafe autofix for closures by @pelikhan with @Copilot in #41187
- Add explicit permissions to error-message-lint workflow by @pelikhan with @Copilot in #41233
- [jsweep] Clean update_entity_helpers.cjs by @github-actions[bot] in #41166
- fix(footer): render correct trigger type in attribution suffix by @pelikhan with @Copilot in #41186
- Fix false negatives in docs npm update detection by @pelikhan with @Copilot in #41240
- fix: normalize report formatting for daily-rendering-scripts-verifier.md by @pelikhan with @Copilot in #41245
- perf: parallelize audit analysis tasks to cut latency for long-running workflows by @pelikhan with @Copilot in #41185
- refactor(workflow): split threat_detection.go (1542 lines) into focused modules by @pelikhan with @Copilot in #41231
- feat: link-sub-issue allowed-repos accepts GitHub Actions expressions by @pelikhan with @Copilot in #41237
- Migrate
set_issue_typesafe output from GraphQL to single RESTissues.updatecall by @pelikhan with @Copilot in #41241 - ci: align build-wasm node setup to setup-node@v6 / Node 24 by @pelikhan with @Copilot in #41243
- feat: omit sudo from generated lock.yml when network-isolation is enabled; bump firewall to v0.27.10 and mcpg to v0.3.30 by @lpcox with @Copilot in #41269
- [review] Migrate
set_issue_typesafe output from GraphQL to single RESTissues.updatecall by @github-actions[bot] in #41284 - [docs] docs: unbloat safe rollout guidance by @github-actions[bot] in #41272
- fix(windows): remove compat import to prevent ConPTY startup crash by @pelikhan with @Copilot in #41235
- Fix compiler error quality: YAML context offset, import hint, early engine validation by @pelikhan with @Copilot in #41234
- [docs] Update Astro dependencies - 2026-06-24 by @github-actions[bot] in #41258
- [linter-miner] feat(linters): add stringreplaceminusone linter by @github-actions[bot] in #41285
- fix: UpdateContainerPins wipes containers section on every gh aw update run by @pelikhan with @Copilot in #41262
- Fix Codex MCP CLI wrapper resolution for safe outputs by @pelikhan with @Copilot in #41242
- [rendering-scripts] Render Codex experimental JSONL logs in the run step summary by @github-actions[bot] in #41201
- build(deps-dev): Bump starlight-github-alerts from 0.2.0 to 0.3.0 in /docs by @dependabot[bot] in #41000
- build(deps): Bump sharp from 0.35.1 to 0.35.2 in /docs by @dependabot[bot] in #40999
- [caveman] Optimize instruction verbosity — agentic-chat, campaign, developer.instructions (2026-06-24) by @github-actions[bot] in #41301
- Reduce ambient-context bloat in shared Python dataviz import by @pelikhan with @Copilot in #41304
- fix: use
python3 -m pip installfor ...
v0.81.2
🌟 Release Highlights
This release introduces a new observability workflow for model resolution auditing, ships updated firewall and MCP gateway defaults, and improves internal GitHub MCP rendering consistency.
✨ What's New
- Daily Model Resolution Audit — A new
daily-model-resolutionworkflow detects model size mismatches in inlined sub-agents by cross-referencing workflow declarations against api-proxy event logs. It runs on a daily schedule (or on demand) and opens a scoped daily issue with a per-workflow, per-sub-agent table showing declared alias vs. observed model vs. resolution status (✅ /⚠️ / ❓). This makes it much easier to catch accidental large-model usage where a small model was intended. (#41130)
🐛 Bug Fixes & Improvements
- Integration test stability — Fixed a failing
Integration: Workflow FeaturesGitHub Actions job to restore CI reliability. (#41153) - GitHub MCP serialization refactor — Consolidated duplicated map-serialization and section-closing logic across local, remote, and custom GitHub MCP rendering paths into shared helpers. Token passthrough,
GITHUB_HOST/toolset propagation, and guard-policy footer handling are now consistently applied across all modes, reducing the risk of future drift. (#41038)
🔧 Dependency Updates
- Default firewall & MCP gateway bumped —
gh-aw-firewalldefault updated tov0.27.9andgh-aw-mcpgtov0.3.29. Compiled workflows now reference new immutable container digests for the AWF agent, squid, api-proxy, cli-proxy, and MCP gateway. (#41129) @types/node25 → 26 — TypeScript type declarations inactions/setup/jsupdated to the Node.js v26 API surface. Dev-only; no runtime impact. (#40998)
Generated by 🚀 Release · 28.1 AIC · ⊞ 8.3K
What's Changed
- Refactor GitHub MCP serialization into shared section helpers by @pelikhan with @Copilot in #41038
- feat: daily sub-agent model resolution audit workflow by @pelikhan with @Copilot in #41130
- build(deps-dev): Bump @types/node from 25.9.2 to 26.0.0 in /actions/setup/js by @dependabot[bot] in #40998
- Bump default gh-aw-firewall to v0.27.9 and gh-aw-mcpg to v0.3.29 by @lpcox with @Copilot in #41129
- [WIP] Fix failing GitHub Actions job 'Integration: Workflow Features' by @pelikhan with @Copilot in #41153
Full Changelog: v0.81.1...v0.81.2
v0.81.1
🌟 Release Highlights
This release focuses on reliability and resilience — fixing common workflow failure modes, hardening remote fetch operations, and expanding platform support with a new network-isolation topology for ARC/DinD runners.
✨ What's New
-
Network-isolation topology mode for ARC/DinD runners (#41088): Compiler now emits the
--network-isolationtopology for AWF workflows, enabling egress control without requiringNET_ADMINor host iptables. This unblocks deployments on Actions Runner Controller (ARC) with Docker-in-Docker. -
issue_intentsruntime support (#41092): Issue mutations can now carry structuredrationale,confidence, andsuggestmetadata when the server supports theissue_intentsfeature flag, with automatic fallback to the legacy format — no workflow changes required. -
Automatic threat-detection engine fallback for
pi(#41098): When a workflow targets thepiengine (which does not supportthreat-detectdirectly), the compiler now automatically defaults to Copilot for threat detection — eliminating the need to configure this per workflow.
🐛 Bug Fixes & Improvements
-
Safe-outputs graceful no-op (#41037): Fixes a leading cause of workflow failures where a missing or empty safe-outputs file caused
safe_outputsjob failures. The runtime now treats a missing file as an empty collection and continues cleanly. -
Improved assign-to-agent diagnostics (#41047): Copilot assignee lookup during safe-outputs now searches across all known Copilot bot aliases, preventing silent resolution failures that blocked agent assignment.
-
Hardened
go-ghremote fetch (#41036): Contents API path construction is now properly escaped, REST clients are bounded, and client creation logic is deduplicated — reducing reliability gaps on remote repository operations. -
Accurate audit pre-activation diagnostics (#41022):
gh aw auditno longer incorrectly reports"failed before agent activation"for runs that did execute but exported no telemetry. Diagnosis now correctly distinguishes pre-activation failures from agent-run failures. See audit reference.
📚 Documentation
- Editing workflows guide streamlined (#41086): Dense sub-sections replaced with readable inline prose for faster scanning.
- Release cadence clarified (#41087): Docs now reflect the weekly/bi-weekly minor release clock (not best-effort semver).
Generated by 🚀 Release · 48.4 AIC · ⊞ 8.3K
What's Changed
- audit: distinguish pre-activation failures from agent-run failures without telemetry by @pelikhan with @Copilot in #41022
- [docs] docs: unbloat editing workflows guide by @github-actions[bot] in #41086
- Improve assign-to-agent diagnostics for Copilot assignee alias lookup by @pelikhan with @Copilot in #41047
- docs: release cadence is weekly/bi-weekly minor, not best-effort semver by @pelikhan with @Copilot in #41087
- [linter-miner] linter: add lenstringsplit analyzer by @github-actions[bot] in #41090
- Harden go-gh remote fetch callsites with escaped contents paths/refs and bounded REST clients by @pelikhan with @Copilot in #41036
- Default threat detection to Copilot when engine is
piby @pelikhan with @Copilot in #41098 - Add compiler support for AWF
--network-isolationtopology mode (ARC/DinD-compatible egress) by @lpcox with @Copilot in #41088 - [caveman] Optimize instruction verbosity — adr-writer.agent.md, workflow-constraints.md (2026-06-23) by @github-actions[bot] in #41105
- Add
issue_intentsruntime support for issue labels, type, and fields by @pelikhan with @Copilot in #41092 - fix: treat missing safe-outputs file as empty collection (graceful no-op) by @pelikhan with @Copilot in #41037
Full Changelog: v0.81.0...v0.81.1
v0.81.0
🌟 Release Highlights
This release delivers expanded engine configurability, a batch of high-impact bug fixes across the compiler and CLI, and tighter security defaults — making workflows more reliable and cost-efficient out of the box.
⚠️ Breaking Changes
- CLI flag rename (#40822): The
--skip-secret,--disable-security-scanner, and--disable-release-bumpflags have been renamed to the--no-secret,--no-security-scanner, and--no-release-bumpconvention. Update any scripts or CI configurations that pass these flags.
✨ What's New
- Model provider selection (#40903): Workflows can now declare an engine-level
model-providerfield, enabling provider-aware runtime wiring — including running Claude models via the Copilot engine. A new Claude-on-Copilot smoke workflow validates the path end-to-end. engine.driverfield (#40897): A new sharedengine.driverfield allows specifying the Pi agent core as a built-in driver, simplifying engine configuration.sandbox.agent.platformfrontmatter (#40877): Workflows can now read the AWF platform type viasandbox.agent.platform, making platform-conditional logic easier to express.GH_AW_RUNTIME_FEATURESflag support (#40824): Built-in workflow jobs now honor theGH_AW_RUNTIME_FEATURESenvironment variable for progressive feature rollout.replace-labelsafe-output type (#40423): A new experimentalreplace-labelsafe-output type lets workflows atomically swap issue/PR labels.- Smarter merge-pull-request (#40915): The
merge-pull-requestsafe-output now refuses to merge when the target branch has no upstream open PR, preventing accidental merges into stale branches. - Slash-command status tracking (#40928): Centralized slash-command status comments are now updated with a link to the dispatched workflow run, so you always know where the work went.
- Firewall activity backfill (#41046): Activity reports can now be backfilled from usage artifact domain aggregates, filling gaps in firewall observability data.
🐛 Bug Fixes & Improvements
- Compiler: fix hyphenated
workflow_callinputs (#41019): Workflows with hyphenated input names inworkflow_callevents now compile correctly. - Compiler: fix
on.bots/on.rolesstate leakage (#41018): A state leak that could corruptworkflow_runtrigger generation whenon.botsoron.roleswere set has been fixed. - Compiler: reduce template-injection noise (#41025): The compiler now emits fewer false-positive template-injection diagnostics in generated workflow run blocks.
- Linter:
wgdonenotdeferredloop-scope fix (#41026): The linter no longer incorrectly flags deferredWaitGroup.Done()calls inside goroutine closures in loop bodies. - Status comments: correct run URL and name (#40831): Centralized repo status comments now display the actual workflow name and a working link to the run.
- Detection: honor
continue-on-error(#40790): Detection jobs now respectcontinue-on-errorwhen the external detector result file is missing. - Detection: always run on safe outputs (#40882): Cache-memory detection is now guaranteed to run even on
noopandboopsafe-output types. - Ollama reachability (#40888): Ollama is now bound to
0.0.0.0so the api-proxy Docker container can reach it correctly. - Action ref pass-through (#40887): Supported local and Docker action refs are now passed through without triggering pin resolution.
--enginelog filter (#40793):gh aw logs --enginenow correctly filters runs by engine ID.- Telemetry: Copilot/Pi turn and token reporting (#40792): Turn count and token usage are now emitted correctly for the Copilot and Pi engines.
- Portfolio analyst turn runaway (#40858): The portfolio analyst workflow now has
max-turnsandmax-ai-creditsguardrails to prevent unbounded execution.
⚡ Performance
- ~9,600 chars trimmed from ambient context (#40874): Per-run token usage is meaningfully reduced by pruning verbose ambient context that agents did not need.
- Failure investigator cost reduction (#40880): The
aw-failure-investigatorworkflow has been optimized to use fewer AI credits per run.
🔒 Security
- Hardened checkout credential defaults (#40794): Generated checkout steps now default to
persist-credentials: false, reducing the credential exposure window in generated workflows.
📚 Documentation
max-daily-ai-creditscost warnings (#41055): Docs now warn about the API unit cost implications ofmax-daily-ai-creditsand include examples for disabling the field, with a recommendation to configure at the org level.- Authoring guidance improvements (#40819, #40820): Tightened guidance on noop semantics,
workflow_runtriage, report window scoping, and permissions documentation.
Generated by 🚀 Release · 36.8 AIC · ⊞ 8.2K
What's Changed
- [docs] Update glossary - weekly full scan by @github-actions[bot] in #40776
- Sync workflow designer skill with safe-output and network reference docs by @pelikhan with @Copilot in #40742
- Reduce tool-denial failures in Daily Compiler Threat Spec Optimizer by @pelikhan with @Copilot in #40743
- Align threshold linters with sibling analyzer behavior by @pelikhan with @Copilot in #40740
- fix(seenmapbool): eliminate duplicate diagnostics for set-maps in closures by @pelikhan with @Copilot in #40741
- [architecture] Update architecture diagram - 2026-06-22 by @github-actions[bot] in #40769
- [schema-coverage] feat: Add schema coverage demo for max-turn-cache-misses field by @github-actions[bot] in #40753
- safe-outputs: make create-pull-request bundling resilient to diverged-history replay conflicts by @pelikhan with @Copilot in #40720
- [code-scanning-fix] Fix workflow-graphql-id-unescaped: eliminate string interpolation in GraphQL mutations via variables by @github-actions[bot] in #40757
- [code-simplifier] simplify: dedup validateAllowedIssueFields and extract parseUnknownModelAICreditsFromAuditEntry by @github-actions[bot] in #40725
- fix: increase timeout-minutes from 10 to 30 in example-workflow-analyzer by @pelikhan with @Copilot in #40788
- [jsweep] Clean validate_lockdown_requirements_templates.cjs by @github-actions[bot] in #40730
- fix: resolve SEC-004 false-positive sanitization flags on assign_agent_helpers and update_pull_request by @pelikhan with @Copilot in #40791
- fix: update actions toolset to consolidated tool names (actions_get/actions_list) by @pelikhan with @Copilot in #40787
- refactor: centralise symlink guard into shared
lstatGuardhelper by @pelikhan with @Copilot in #40795 - fix: restore AIC data in usage-only log collection by @pelikhan with @Copilot in #40786
- pi: propagate GH_AW_NODE_BIN into AWF execution path for Daily News by @pelikhan with @Copilot in #40789
- docs(permissions): move read-only constraint note and add group descriptions by @pelikhan with @Copilot in #40820
- Docs: tighten workflow authoring guidance for noop semantics, workflow_run triage, and report window scoping by @pelikhan with @Copilot in #40819
- fix(logs): --engine filter correctly filters runs by engine ID by @pelikhan with @Copilot in #40793
- fix(telemetry): emit turns/tokens for Copilot/Pi; trim cli-version-checker prompt; foreground recompile by @pelikhan with @Copilot in #40792
- Add GH_AW_RUNTIME_FEATURES support to built-in workflow jobs by @pelikhan with @Copilot in #40824
- fix(cli): rename --skip-secret, --disable-security-scanner, --disable-release-bump to --no-* convention; fix docs gaps by @pelikhan with @Copilot in #40822
- refactor(cli): extract ReportProvenance f...