Skip to content

Releases: github/gh-aw

v0.82.2

v0.82.2 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 02 Jul 17:11
Immutable release. Only release title and notes can be modified.
0b1173e

🌟 Release Highlights

This release focuses on ARC/DinD (Actions Runner Controller + Docker-in-Docker) reliability, expanded skills: frontmatter capabilities, and a wave of quality improvements to ESLint rules, safe-outputs, and the Windows CI matrix.

✨ What's New

  • ARC/DinD topology is now fully supported. Three coordinated fixes (#42815, #42855, #42906) redirect runtime-critical paths to daemon-visible locations (${RUNNER_TEMP}/gh-aw), redirect DOTNET_INSTALL_DIR and GOPATH, and pre-create required mount directories — so compiled workflows run reliably on ARC/DinD runners without path-visibility failures. Requires AWF firewall ≥ v0.27.22.

  • Per-skill GitHub auth in skills: frontmatter. Each skill entry can now carry its own github-token or github-app credential, enabling multi-org or multi-repo skill installs with distinct authentication. (#42594)

  • Runtime reviewers, team-reviewers, and assignees in create-pull-request. Reviewer and assignee fields now accept template expressions resolved at runtime — routing the created PR to the triggering actor or any dynamically computed value. (#42621)

  • PR Sous Chef auto-dismisses stale bot reviews. After an agent addresses feedback, pr-sous-chef can now dismiss stale CHANGES_REQUESTED reviews from github-actions[bot], letting PRs proceed without manual cleanup. (#42626)

  • reasoning_depth A/B experiment in plan workflow. A three-variant experiment (shallow, baseline, deep) measures whether lighter or deeper prompts improve sub-issue quality and cost. (#42955)

🐛 Bug Fixes & Improvements

  • Safe-outputs pre-flight full-branch validation — the allowed_files check now validates the full commit history reachable from a pushed ref, preventing false-safe pushes when older commits touched .github/workflows/. (#42585)
  • Skill install failures surface as agent failure context — when gh skill install fails, the failure is detected and attached to the agent's failure context for clearer diagnostics. (#42642)
  • BYOK provider inheritance for sub-agents — fixes sub-agents not inheriting the BYOK provider from the headless sidecar environment. (#42613)
  • Windows cmd/direct quoting fix — resolves a .NET vs cmd.exe quote escaping mismatch causing cmd/direct scenario failures in the Windows CI matrix. (#42951)
  • Workspace wipe prevention during local-actions checkout — generated checkout steps now include clean: false so .git state is preserved for subsequent local-action post-steps. (#42611)
  • ESLint rule improvementsno-unsafe-promise-catch-error-property brought to parity with its sibling rule, null-safe companion requirement for typeof err === "object" catch guards, and new require-async-entrypoint-catch rule. (#42953, #42568, #42935)
  • timesleepnocontext linter boundary fix — stops incorrectly crossing non-Go/defer FuncLit boundaries when attributing time.Sleep calls. (#42946)

📚 Documentation

  • skills: frontmatter reference — new documentation covering pinned refs, per-skill auth, and a real-world complex example. (#42747)
  • Safe outputs reference slimmed down — the safe outputs reference is now significantly shorter and easier to scan. (#42814)
  • app:github-app: migration completedgh aw fix now covers top-level app: blocks in addition to nested occurrences. (#42794)

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by 🚀 Release · 42.4 AIC · ⊞ 7.7K


What's Changed

  • fix(pr-code-quality-reviewer): prevent timeout by launching grumpy-coder early by @pelikhan with @Copilot in #42583
  • doc-healer/doc-updater: classify site-build/UI issues as non-content, skip them from docs-PR path by @pelikhan with @Copilot in #42590
  • Align sandbox integration tests with rootless AWF command default by @pelikhan with @Copilot in #42606
  • Add tone_variant A/B campaign to breaking-change-checker workflow by @pelikhan with @Copilot in #42597
  • Promote errortypeassertion and execcommandwithoutcontext to blocking CI gate by @pelikhan with @Copilot in #42580
  • fix(eslint-factory): require-parseInt-radix false negative on radix 0/undefined by @pelikhan with @Copilot in #42581
  • fix: detect "no model endpoints available" as http_400_response_error by @pelikhan with @Copilot in #42593
  • eslint-factory: require null-safe companion for typeof err === "object" catch guards by @pelikhan with @Copilot in #42568
  • fix: wire BYOK provider into headless sidecar env so sub-agents inherit it by @pelikhan with @Copilot in #42613
  • docs: add opt-in, participant-targeted recruitment banner to Starlight docs by @pelikhan with @Copilot in #42595
  • Prevent workspace wipe during local-actions checkout in generated workflows by @pelikhan with @Copilot in #42611
  • Refactor schema compilation to use a single shared helper by @pelikhan with @Copilot in #42614
  • build(deps-dev): bump starlight-github-alerts from 0.3.0 to 0.4.0 in /docs by @dependabot[bot] in #42462
  • build(deps): bump mermaid from 11.15.0 to 11.16.0 in /docs by @dependabot[bot] in #42459
  • build(deps-dev): bump prettier from 3.8.4 to 3.9.4 in /actions/setup/js by @dependabot[bot] in #42458
  • build(deps): bump starlight-blog from 0.26.1 to 0.27.0 in /docs by @dependabot[bot] in #42455
  • build(deps-dev): bump vite from 8.0.16 to 8.1.0 in /actions/setup/js by @dependabot[bot] in #42456
  • [community] Update community contributions in README by @github-actions[bot] in #42616
  • Support per-skill GitHub auth in frontmatter skills by @pelikhan with @Copilot in #42594
  • PR Sous Chef: dismiss stale github-actions[bot] blocking reviews after feedback is addressed by @pelikhan with @Copilot in #42626
  • docs: move trigger decision matrix to triggers.md, add coverage/digest fallback guidance by @pelikhan with @Copilot in #42618
  • Extend windows-cli-integration scenario matrix: add cmd/direct and path-launch for non-default shells by @pelikhan with @Copilot in #42622
  • Add clean: false to agentics-maintenance.yml checkout steps by @pelikhan with @Copilot in #42623
  • compact Test Quality Sentinel report template (~480 chars saved) by @pelikhan with @Copilot in #42633
  • Add improvement issue creation to daily GEO optimizer by @pelikhan with @Copilot in #42635
  • fix(pr-sous-chef): use sonnet alias for pr-processor sub-agent to resolve HTTP 400 by @pelikhan with @Copilot in #42634
  • feat(uk-ai-resilience): create up to 2 labeled issues for top-priority findings by @pelikhan with @Copilot in #42636
  • [log] Add debug logging to 5 pkg/ files by @github-actions[bot] in #42640
  • refactor: extract helpers to bring 3 functions under the 60-line largefunc limit by @pelikhan with @Copilot in #42624
  • refactor: skip gh CLI upgrade when already at minimum version for skill support by @pelikhan with @Copilot in #42639
  • [code-simplifier] simplify: reduce duplication in discussion comment handlers by @github-actions[bot] in #42641
  • safe-outputs: pre-flight workflow scope check + full-branch allowed_files validation by @pelikhan with @Copilot in #42585
  • Improve time-delta validation diagnostics to satisfy error-message lint quality by @pelikhan with @Copilot in #42651
  • Cover wasm-only files in custom li...
Read more

v0.82.1

v0.82.1 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 30 Jun 22:58
Immutable release. Only release title and notes can be modified.
b5fdd69

🌟 Release Highlights

v0.82.1 focuses on a major dashboard overhaul, new workflow authoring primitives, expanded static analysis coverage, and reliability fixes across the compiler and runtime.

⚠️ Behavioral Change: sandbox.agent.sudo Defaults to false

The global default for sandbox.agent.sudo has changed from true to false (network isolation / rootless mode). Workflows that relied on elevated sandbox access must now explicitly set sandbox.agent.sudo: true. This aligns the default with the recommended security posture.

✨ What's New

  • Frontmatter skills support — Workflows can now declare SHA-pinned skills directly in frontmatter. At activation time, gh aw automatically installs them via gh skill install and wires them into the engine. Learn more (#42426, #42543)

  • Model policy controls — New models.allowed and models.disallowed frontmatter fields let you restrict which AI models a workflow can use, with environment-variable overrides for flexibility. (#41824)

  • ARC/DinD rootless topologyrunner.topology: arc-dind is now a first-class frontmatter option, enabling GitHub ARC runners with Docker-in-Docker rootless execution. (#42371)

  • branding field in aw.yml — Package manifests can now include a GitHub Actions branding block without failing schema validation. (#42454)

  • Per-model Copilot SDK wireApi — Updated for Copilot SDK v1.0.4's multi-provider BYOK registry, where transport behavior can vary by model. (#42497)

🖥️ Dashboard Overhaul

The agentic workflows dashboard received extensive polish this release:

  • TypeScript migration — Backend modules migrated from ESM .mjs to strict TypeScript, eliminating all any types and narrowing unknown (#42321, #42353)
  • Bundled into single artifacts — Alpine.js and Node.js code are now bundled into self-contained app.js — no external CDN dependencies (#42300, #42352)
  • Skeleton loaders & spinners — Loading states are now visually communicated while runs and definitions fetch (#42345)
  • Cross-session log caching — Downloaded logs are cached in a shared user-level directory, reducing redundant fetches (#42349)
  • Compact single-line rows — Definitions and Runs lists now render in tighter, more scannable single-line format (#42344)
  • Missing gh binary detection — Dashboard shows a targeted install prompt when the gh CLI is not found (#42303)
  • Fixed hang on inherited handles — Detached spawn prevents gh aw from hanging when dashboard subprocess inherits stdio handles (#42311)

🐛 Bug Fixes & Improvements

  • Fixed concurrent schedule overlapevery N minutes cron expressions are now scattered across different offsets, preventing all same-interval workflows from firing simultaneously (#42524)
  • Hardened API fallbacks — Unauthenticated api.github.com calls now carry a 30-second timeout and request context, eliminating potential goroutine hangs during compilation (#42521)
  • Fixed AWF access.log path — Firewall log analysis now correctly finds access.log in the squid-logs/ subdirectory (#42513)
  • Codex retry loop fix — Codex harness no longer retries on TPM exhaustion or unfinished-goal errors, avoiding run quota drain (#42420)
  • Better engine typo detection — Invalid engine: values now surface as the primary error rather than being masked by downstream schema failures (#42235)
  • Auto-derive checkout path: — Compiler now warns and auto-derives the path: for cross-repo checkout entries where it was missing (#42257)

🔍 New Static Analysis Rules

  • sprintfint Go linter — Flags fmt.Sprintf("%d", x) where x is int, suggesting strconv.Itoa for clarity (#42538)
  • errortypeassertion Go analyzer — Catches direct error-to-concrete type assertions and steers code toward errors.As (#42323)
  • httpnoctx enhancement — Now detects the http.NewRequest(...) + client.Do(req) path, not just helper functions (#42536)
  • ESLint no-core-setoutput-non-string — Flags non-string values passed to core.setOutput, preventing type coercion bugs in Actions JavaScript (#42453)

📚 Documentation

  • Aligned gh aw CLI help text with docs for version, deploy, strict, and secrets flags (#42496)
  • Streamlined MemoryOps guide and troubleshooting common issues pages (#42533, #42308)
  • Added sandbox.agent.sudo glossary entry documenting the AWF privilege model (#42466)

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by 🚀 Release · 64.3 AIC · ⊞ 7.7K


What's Changed

  • Use Sonnet consistently in pr-sous-chef by @pelikhan with @Copilot in #42292
  • feat: add audit logging to comment_release_prs job by @pelikhan with @Copilot in #42306
  • [docs] docs: unbloat troubleshooting common issues by @github-actions[bot] in #42308
  • Skip signed/jsweep/* branches in PR Description Updater by @pelikhan with @Copilot in #42296
  • Refactor forecast command into focused modules and isolate render helper tests by @pelikhan with @Copilot in #42274
  • fix(dashboard): button group styling and Alpine.js FOUC prevention by @pelikhan with @Copilot in #42309
  • fix(aw-dashboard): use detached spawn to prevent gh-aw hang on inherited handles by @pelikhan in #42311
  • Add maintenance view to the agentic workflows dashboard by @pelikhan with @Copilot in #42297
  • Scale MCP logs timeout for larger fetch windows by @pelikhan with @Copilot in #42295
  • feat(dashboard): detect missing gh binary and show targeted install prompt by @pelikhan with @Copilot in #42303
  • fix(contribution-check): eliminate E002 safe-output collisions and retry loops by @pelikhan with @Copilot in #42316
  • docs(aw): add compliance and design-governance patterns to authoring guidance by @pelikhan with @Copilot in #42315
  • Bundle Alpine.js into the dashboard extension by @pelikhan with @Copilot in #42300
  • Simplify gh aw status table output by @pelikhan with @Copilot in #42312
  • Prioritize invalid engine typos over downstream schema/import failures by @pelikhan with @Copilot in #42235
  • Honor global mention allowlists in add-comment sanitization by @pelikhan with @Copilot in #42313
  • Normalize report-style prompts in Priority 1 workflows (h3+ headers + <details> guidance) by @pelikhan with @Copilot in #42324
  • Migrate dashboard backend modules from ESM .mjs to strict TypeScript by @pelikhan with @Copilot in #42321
  • Allow create_pull_request bundle transport to fall back when branch pinning is unavailable by @pelikhan with @Copilot in #42318
  • dashboard: memoize binary detection and robust JSON parsing by @pelikhan in #42334
  • fix(dashboard): alert box spacing and scrollbar polish by @pelikhan with @Copilot in #42335
  • dashboard: add left margin to Counter badges by @pelikhan with @Copilot in #42337
  • dashboard: structured logging, fix cwd/spawn bugs, add build:ts + AGENTS.md by @pelikhan in #42338
  • Extract shared SafeOutputAllowBlockConfig across safe-output handlers by @pelikhan with @Copilot in #42322
  • dashboard: compact single-line rows for Definitions and Ru...
Read more

v0.82.0

v0.82.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 29 Jun 17:02
Immutable release. Only release title and notes can be modified.
be745b1

🌟 Release Highlights

This release brings a new Copilot Canvas extension for agentic workflow operations, significant dashboard improvements, experimental LSP frontmatter support, and an expanded ESLint Factory with new safety rules.

✨ What's New

  • 🎨 Copilot Canvas Extension — A new project-scoped GitHub Copilot canvas extension (agentic-workflows-dashboard) lets you browse workflow definitions and runs, review safe markdown step summaries, and dispatch workflows directly from the Copilot chat panel. (#42137)

  • 📊 Dashboard: Experiments Tab — The dashboard canvas now surfaces A/B experiment branch data via a dedicated Experiments tab backed by gh aw experiments list. (#42213)

  • 📈 Dashboard: Usage Reporting & Continuation-Aware Log Windows — Run details now include token usage reporting and context-aware log windows that track continuation state. (#42226)

  • 🔬 Dashboard: Audit Data with Progressive Disclosure — Run detail panels now surface structured audit data inline, with progressive disclosure to keep the view clean. (#42269)

  • 🛠️ LSP Frontmatter Support (Experimental) — Workflows can now declare lsp: frontmatter configuration so Copilot CLI automatically receives generated lspServers config and required server dependencies during agent setup. Non-Copilot engines fail fast with a clear error. (#41777)

  • 📏 ESLint Factory — New Safety Rules — Three new rules land in the ESLint Factory: no-unsafe-catch-error-property (flags unsafe .message, .stack, .status, .cause, .name access), no-unsafe-promise-catch-error-property (same for promise .catch() callbacks), and require-parseInt-radix (enforces explicit radix argument). (#42057, #42221, #41961)

  • 🔁 Templatable report-failure-as-issue — Reusable workflows can now parameterize the safe-outputs.report-failure-as-issue field without post-compile lock-file edits, enabling flexible failure reporting across shared workflow definitions. (#41821)

  • 📁 Repo-Local Instruction Overlays — Installed gh-aw agents now support repo-local instruction overlay files, allowing per-repository customization of agent behavior without forking upstream workflows. (#42053)

🐛 Bug Fixes & Improvements

  • Safe-outputs set_issue_type — Fixed incorrect GraphQL query and field name in the set_issue_type intent path. (#42232)
  • MCP Gateway config — Fixed invalid JSON escape sequences in GitHub remote MCP gateway config generation. (#41864)
  • Setup cleanupgh aw setup now properly cleans up root-owned /tmp/awf-*-chroot-home directories. (#41852)
  • Copilot HTTP 400 failures — HTTP 400 responses from Copilot are now surfaced in workflow conclusions rather than silently discarded. (#42228)
  • dispatch-repository key — Enforced canonical dispatch-repository safe-output key and deprecated the underscore alias dispatch_repository. (#42150)
  • Audit job steps — Structured audit output now correctly populates individual job step data. (#42222)
  • Enterprise host context — Enterprise host configuration is now properly propagated into the curated DIFC/CLI proxy environment. (#41912)

📚 Documentation

  • Corrected gh aw mcp add argument order in the setup guide. (#42272)
  • Added dedup checklist, PR escalation guidance, and linked-reference patterns to developer docs. (#42111)
  • Added Agent Finder discovery guidance with direct REST API examples for skill selection. (#42078)

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by 🚀 Release · 35.4 AIC · ⊞ 7.7K


What's Changed

  • fix: apply_samples derivePrHeadRef uses target-repo config for siderepo PR lookups by @dsyme with @Copilot in #41295
  • Enable templatable report-failure-as-issue and shared-workflow propagation by @pelikhan with @Copilot in #41821
  • Add nolint suppression parity for 5 remaining gh-aw analyzers by @pelikhan with @Copilot in #41849
  • fix(fmterrorfnoverbs): treat %% as escaped literal, not a real verb by @pelikhan with @Copilot in #41850
  • [instructions] Sync instruction files with release v0.81.6 by @github-actions[bot] in #41871
  • [spec-extractor] Update package specifications for envutil, fileutil, gitutil, logger by @github-actions[bot] in #41873
  • [docs] Consolidate developer specifications: v9.19 maintenance tone scan by @github-actions[bot] in #41887
  • [docs] Update editor preview screenshots – 2026-06-27 by @github-actions[bot] in #41868
  • Fix invalid JSON escapes in GitHub remote MCP gateway config generation by @pelikhan with @Copilot in #41864
  • Bump Claude Code to 2.1.195 and Codex to 0.142.3 by @pelikhan with @Copilot in #41865
  • fix(log_parser_bootstrap): guard Claude guardrail with safeOutputEntriesCount escape hatch by @pelikhan with @Copilot in #41886
  • fix(setup): clean up root-owned /tmp/awf-*-chroot-home directories by @pelikhan with @Copilot in #41852
  • Gate CI coverage uploads behind code-quality opt-in variable by @pelikhan with @Copilot in #41922
  • Add Copilot-only lsp frontmatter support with schema, codegen, engine guardrails, and LSP instructions (experimental) by @pelikhan with @Copilot in #41777
  • Strengthen anomaly detector edge coverage and remove order-dependent test behavior by @pelikhan with @Copilot in #41916
  • [linter-miner] linter: add httpstatuscode analyzer — flag magic HTTP status code literals by @github-actions[bot] in #41914
  • [formal-spec] Add OTEL observability formal compatibility test suite (v0.4.0 L1/L2) by @pelikhan with @Copilot in #41906
  • Add run-again footer hints for slash and label command triggers by @pelikhan with @Copilot in #41920
  • refactor: extract shared CLI engine execution logic; make Pi backend resolution configurable by @pelikhan with @Copilot in #41921
  • fix(changeset): restrict safe-outputs allowed-files to .changeset/*.md by @pelikhan with @Copilot in #41937
  • [caveman] Optimize instruction verbosity — memory.md, mcp-clis.md (2026-06-27) by @github-actions[bot] in #41943
  • safeoutputs: disambiguate submit_pull_request_review.event from action by @pelikhan with @Copilot in #41948
  • Establish ESLint Linter Factory for actions/setup/js and add dedicated ESLint daily workflows by @pelikhan with @Copilot in #41938
  • pr-sous-chef: auto-resolve outdated addressed review threads via thread-resolver sub-agent by @pelikhan with @Copilot in #41959
  • feat(ambient-context): trim prompt size in daily-code-metrics, test-quality-sentinel, smoke-copilot-aoai-entra by @pelikhan with @Copilot in #41960
  • eslint-factory: add hasSuggestions, enriched diagnostic message, and try/catch suggest fix by @pelikhan with @Copilot in #41966
  • [eslint-miner] feat(eslint): add require-parseInt-radix rule — ESLint Miner 2026-06-27 by @github-actions[bot] in #41961
  • Clarify LSP capabilities and prompt patterns in lsp.md for authoring efficiency by @pelikhan with @Copilot in #41977
  • Add ready_for_review workflow for Impeccable (needex) skills-based PR review by @pelikhan with @Copilot in #41978
  • Moving ESLint factory to new location by @pelikhan with @Copilot in #41975
  • eslint-factory: fix require-json-parse-try-catch to catch computed JSON["parse"] access by @pelikhan with @Copilot in #42000
  • Bump gh-aw-firewall to v0.27.12 and gh-aw-mcpg to v0.3.31 by @lpcox with @Copilot in...
Read more

v0.81.6

Choose a tag to compare

@github-actions github-actions released this 27 Jun 05:44
Immutable release. Only release title and notes can be modified.
eed4304

🌟 Release Highlights

This release focuses on stability and observability — restoring broken fleet-wide token tracking, hardening CI quality gates, and adding release traceability for merged PRs.

✨ What's New

  • Release PR notifications — A new post-agent release job now automatically comments on every PR included in each release, making it easy to trace which release shipped your changes (#41834).
  • Loop engineering playbook.github/aw/loop.md codifies patterns from autoloop, goal, and crane into a unified reference for building robust agentic loops (#41833).
  • Benchstat regression gate — The CI bench job now compares against a stored baseline using benchstat, preventing silent performance regressions from merging (#41813).

🐛 Bug Fixes & Improvements

  • Restored fleet-wide token usage collectionTokenUsage had been reporting 0 across the entire fleet since June 20 due to two co-conspirating bugs in the conclusion job. Both are fixed, restoring accurate AI credit tracking (#41823).
  • Security: pinned govulncheck to go.mod version — CI vulnerability scans now use the exact version declared in go.mod and produce reproducible SARIF reports. A local make vuln-sarif target is also available (#41815).
  • Hardened BYOK Ollama startup — The daily BYOK Ollama test now gates on explicit model and API readiness before proceeding, eliminating pre-agent failures from incomplete startup (#41838).
  • Stabilized Go Logger Enhancement compile — Fixed exit code 126 caused by unsafe shell glob expansion in the workflow tool allowlist (#41840).
  • Enforced safe output completion in quality workflow — The daily compiler quality workflow now requires an explicit safe output call, preventing silent no-op runs (#41841).

🔧 Internal

  • Refactored 5 extreme function-length hotspots (145–650 lines) in pkg/workflow and pkg/cli into focused, testable units (#41800).
  • SortedKeys sweep and deduplication logic consolidation across the codebase (#41829).

Generated by 🚀 Release · 32.9 AIC · ⊞ 8.3K


What's Changed

  • refactor: split 5 extreme function-length hotspots in pkg/workflow and pkg/cli by @pelikhan with @Copilot in #41800
  • fix(security): pin govulncheck to go.mod version in CI, add local SARIF target by @pelikhan with @Copilot in #41815
  • Add benchstat regression gate to CI bench job by @pelikhan with @Copilot in #41813
  • fix(token-usage): restore fleet-wide TokenUsage collection via non-empty copy guard and correct priority order by @pelikhan with @Copilot in #41823
  • Add post-agent release job to comment on PRs included in each release by @pelikhan with @Copilot in #41834
  • [community] Update community contributions in README by @github-actions[bot] in #41836
  • Require explicit safe output completion in daily compiler quality workflow by @pelikhan with @Copilot in #41841
  • Harden Daily BYOK Ollama startup path with explicit model/API readiness gating by @pelikhan with @Copilot in #41838
  • [aw] Stabilize Go Logger Enhancement compile invocation by @pelikhan with @Copilot in #41840
  • refactor: SortedKeys sweep, deduplicate dedup logic, redistribute misplaced helpers by @pelikhan with @Copilot in #41829
  • Add .github/aw/loop.md playbook synthesizing loop-engineering patterns from autoloop/goal/crane by @pelikhan with @Copilot in #41833

Full Changelog: v0.81.5...v0.81.6

v0.81.5

v0.81.5 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 27 Jun 00:54
Immutable release. Only release title and notes can be modified.
f414fc7

🌟 Release Highlights

This release focuses on org-mode maturity, performance optimizations, and sandbox hardening — making gh aw update/upgrade --org more robust and production-ready while delivering meaningful speed improvements across the compiler and validator.

✨ What's New

  • Action-pin mapping in aw.json (#41579) — Define action-pin overrides directly in your aw.json configuration, giving you centralized control over pinned action versions.

  • manifest-version now optional in aw.yml (#41687) — Reduces boilerplate in new workflow files; the field is inferred when omitted.

  • Non-TTY fallback for gh aw add wizard (#41717) — The interactive add wizard now gracefully falls back to text prompts in non-interactive environments (CI, scripts), unblocking automation pipelines.

  • Org-mode improvements for update/upgrade --org (#41617, #41627, #41719) — Workflow-targeted updates, repo prefiltering, version-tag display, unified repo discovery, and per-repo confirmation prompts (with --yes for CI). The --org flag is now significantly more useful for managing fleets of repositories.

  • Sandbox hardening at 50% baseline (#41786) — Half of all eligible agentic workflows now run with sandbox.agent.sudo: false, reducing the blast radius of runaway agent steps.

  • Daily detection analysis report workflow (#41802) — New built-in workflow that generates automated detection analysis reports.

⚡ Performance

  • Lazy-loaded embedded JSON datasets (#41587) — Embedded compile-time JSON is no longer loaded at startup, reducing memory footprint for CLI commands that do not compile.
  • Lazy-loaded GitHub toolset permissions (#41755) — Loaded via sync.Once so permission data is only read when needed.
  • Cached regexp in applySanitizePattern (#41762) — Eliminates repeated regex compilation on hot code paths.
  • Faster ParseWorkflow (#41772) — Model-alias cycle detection overhead reduced.

🐛 Bug Fixes & Improvements

  • Secret double-escape fix (#41801) — Custom MCP server env/header secrets are no longer double-escaped in generated lock files.
  • Agent-supplied branch accepted in push_to_pull_request_branch (#41654) — Fixes a regression where agent-provided branch names were rejected.
  • MODEL_NOT_SUPPORTED detection extended (#41792) — The pattern now catches 404 "Model not found" responses, improving resilience for unsupported model errors.
  • Bundle manifest path resolution (#41790) — .github/ paths are now resolved as repo-root-relative in nested bundle manifests.
  • MCP post-completion relaunch is non-fatal (#41713) — A failed MCP server relaunch after job completion no longer fails the workflow.
  • PR Sous Chef cooldown (#41759) — Prevents back-to-back comments by enforcing a 30-minute cooldown.
  • Harness exits cleanly (#41675) — Exits with code 0 when expected safe-outputs were already produced, even when subsequent steps encounter permission-denied errors.
  • GH_AW_POLICY_STRICT enforced at runtime (#41682) — Non-strict compiled workflows now properly respect the strict policy flag at runtime.

📚 Documentation

  • Blog: Custom Linters, Sergo, Linter Miner & LintMonster (#41663) — A new blog post walking through the custom linter ecosystem. Read it →
  • gh aw env governance guide (#41758) — New documentation covering defaults and scope inheritance for environment configuration.

Generated by 🚀 Release · 41.2 AIC · ⊞ 8.3K


What's Changed

  • Add action-pin mapping support in aw.json by @pelikhan with @Copilot in #41579
  • pkg/workflow: lazy-load embedded JSON datasets used only at compile-time paths by @pelikhan with @Copilot in #41587
  • feat: add XML markers, deduplication, labels, and release links to org runner PRs/issues by @pelikhan with @Copilot in #41580
  • fix: resource lifecycle and context propagation (lint-monster) by @pelikhan with @Copilot in #41589
  • Replace lint-monster path literals with repository constants in CLI/workflow codepaths by @pelikhan with @Copilot in #41611
  • [UX] Professionalize Architecture Guardian safe-output status messages by @pelikhan with @Copilot in #41612
  • [jsweep] Clean update_context_helpers.cjs by @github-actions[bot] in #41608
  • fix: accept agent-supplied branch in push_to_pull_request_branch (fixes #41643) by @dsyme in #41654
  • fix: replace deprecated gpt-5-mini with gpt-5.4-mini in daily-model-resolution workflow by @pelikhan with @Copilot in #41625
  • Enable sandbox.agent.sudo: false on 20 agentic workflows by @pelikhan with @Copilot in #41628
  • [docs] Update glossary - daily scan by @github-actions[bot] in #41657
  • [spec-extractor] Update package specifications for agentdrain, cli, console, constants by @github-actions[bot] in #41653
  • [code-scanning-fix] Fix js/http-to-file-access: validate Content-Type and size for LFS PDF download by @github-actions[bot] in #41635
  • Update gh aw update --org to support workflow-targeted updates and repo prefiltering by @pelikhan with @Copilot in #41617
  • panicinlibrarycode: enforce FuncLit boundaries for init/doc panic exemptions by @pelikhan with @Copilot in #41631
  • [instructions] Sync instruction files with release 0.81.4 by @github-actions[bot] in #41644
  • Replace AWF runtime Python patch with shared JavaScript helper by @pelikhan with @Copilot in #41623
  • Add blog post on custom linters, Sergo, Linter Miner, and LintMonster by @pelikhan with @Copilot in #41663
  • reduce instructions-janitor max lines target from 500 to 400 by @pelikhan with @Copilot in #41673
  • Retry one completed Copilot BYOK proxy auth failure as a fresh run by @pelikhan with @Copilot in #41629
  • Make manifest-version optional in aw.yml by @pelikhan with @Copilot in #41687
  • Harden API consumption log collection against continuation timeouts by @pelikhan with @Copilot in #41676
  • [spec-enforcer] Enforce specifications for setutil by @github-actions[bot] in #41684
  • Refactor duplicated key sorting, engine env assembly, and engine max-* codemods by @pelikhan with @Copilot in #41674
  • fix(harness): exit 0 when expected safe-outputs already produced despite numerous permission-denied by @pelikhan with @Copilot in #41675
  • improve update/upgrade --org: version tags, current version display, unified repo discovery by @pelikhan with @Copilot in #41627
  • Fix go-logger preflight manifest generation failing on jq filter quoting by @pelikhan with @Copilot in #41695
  • fix(USE-001): add standardized error codes to pr_review_buffer and set_issue_type handlers by @pelikhan with @Copilot in #41692
  • Enforce GH_AW_POLICY_STRICT at runtime for non-strict compiled workflows by @pelikhan with @Copilot in #41682
  • parser: add schema validation tests for sandbox.agent.sudo (regression guard for #41679) by @dsyme with @Copilot in #41681
  • logs: populate message field with actionable guidance when no runs found by @pelikhan with @Copilot in #41693
  • docs: resolve spec audit — pkg/intent spec, actionpins Mappings field, linters 4 new subpackages by @pelikhan with @Copilot in #41723
  • fix: post-completion MCP relaunch failure is non-fatal; audit-diff surfaces removed denied domains by @pelikhan with @Copilot in #41713
  • Normalize report-format guidance across non-compliant agentic workflows by @pelikhan with @Copilot in #41728
  • Harden Super Linter workflow against generated-summary linting and log art...
Read more

v0.81.4

v0.81.4 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 26 Jun 04:17
Immutable release. Only release title and notes can be modified.
1db7b9b

🌟 Release Highlights

This release focuses on reliability, performance, and new operational capabilities — fixing silent failures across the compiler and agent harnesses, reducing wasted credits on hot paths, and adding important new tooling.

✨ What's New

  • --org flag for upgrade command (#41335) — The upgrade command now supports --org and --repos flags, matching the org-wide mode already available in update. Bulk-preview or open upgrade PRs across an entire organization with a single command.

  • Daily YAML Lint Fixer workflow (#41574) — A new agentic workflow automatically fixes yamllint violations in generated *.lock.yml files, keeping CI lint checks clean without manual intervention.

  • AWF Firewall startup failure detection (#41472) — Firewall proxy startup failures (e.g., DNS not yet resolving at probe time) are now detected and surfaced in the agent failure issue — making previously silent infra failures immediately actionable.

  • Spec-driven engine.env allowlist (#41465) — The engine environment variable allowlist is now derived from GetSupportedEnvVarKeys rather than a fragile runtime heuristic, enabling strict: false to be safely removed from smoke workflows.

  • Copilot engine launched from ${GITHUB_WORKSPACE} (#41459) — The Copilot engine now starts from the workspace root, enabling APM skill discovery for context-aware agent behaviour.

🐛 Bug Fixes & Improvements

  • Silent YAML parse errors fixed (#41577) — Five yaml.Unmarshal call sites in workflow_builder.go were silently discarding errors, producing empty step lists on malformed YAML with no diagnostic. All errors now propagate correctly.

  • Copilot SDK hang bounded by idle watchdog (#41572) — After an agent's final tool result, sendAndWait could hang indefinitely until the step timeout killed the runner. A post-completion idle watchdog now bounds this wait, preventing wasted runner minutes.

  • Codex harness no longer drains tokens on rate-limit reconnects (#41385) — When Codex hit a TPM rate limit and exhausted reconnect retries, the harness kept retrying unnecessarily. It now recognises exhausted-reconnect exits and stops, preserving credits.

  • Claude harness stops retrying on max_runs_exceeded (#41361) — Fresh-run fallbacks no longer burn the full quota when a session has already hit its 20-invocation limit.

  • Issue Monster false-positive 429 detection eliminated (#41471) — Rate-limit false positives no longer trigger spurious failure handling.

  • assign_to_agent no longer posts error comments on PRs (#41475) — Error comments are now only posted to issues, matching expected behaviour.

  • Daily schedule runs restored (#41362) — Daily schedule runs broken since June 5 are now fixed.

  • workflow_call permissions use union of caller + worker (#41387) — Imported workflow_call permissions in generated call jobs are now correctly annotated.

⚡ Performance

  • YAML generation is faster (#41333) — Duplicate run-script scans in the skip-validation fast path collapsed to a single pass, restoring compilation performance.

  • Design Decision Gate costs reduced (#41332) — Now defaults to Sonnet instead of Opus and skips issue lookups on no-op paths, meaningfully reducing AI credit consumption per run.

🔒 Security

  • Safe-output detection hardened (#41547) — Detection stays in warn mode on parser/agent failures, ensuring non-reviewable safe outputs are blocked rather than passed through silently.

  • Pi threat-detection model normalisation (#41545) — Pi threat-detection models are now normalised before Copilot fallback, preventing misclassification due to model name variance.

🔧 Internal

  • Bumped gh-aw-firewall to v0.27.11 and regenerated pinned workflow artifacts (#41555)
  • Bumped Codex 0.142.1 and Copilot SDK 1.0.4 (#41430)
  • Extracted shared org-wide runner for update and upgrade commands (#41553)

Generated by 🚀 Release · 44.1 AIC · ⊞ 8.3K


What's Changed

  • [community] Update community contributions in README by @github-actions[bot] in #41359
  • Lower Design Decision Gate runtime cost with Sonnet default and conditional issue lookups by @pelikhan with @Copilot in #41332
  • Add GitHub lockdown guard-policy warning and sync security specs by @pelikhan with @Copilot in #41331
  • Reduce YAMLGeneration time by collapsing duplicate run-script scans by @pelikhan with @Copilot in #41333
  • fix(go-logger): restore daily schedule runs broken since June 5 by @pelikhan with @Copilot in #41362
  • feat: add --org to upgrade command by @pelikhan with @Copilot in #41335
  • Surface assign-to-agent auth/availability failures in agent failure issues/comments by @pelikhan with @Copilot in #41336
  • chore: set sandbox.agent.sudo: false on 30% of agentic workflows by @pelikhan with @Copilot in #41380
  • [ubuntu-image] research: update Ubuntu runner image analysis for 20260622.220.1 by @github-actions[bot] in #41373
  • [code-scanning-fix] Fix workflow-graphql-static-concat: extract GraphQL query to named constant by @github-actions[bot] in #41357
  • fix(manualmutexunlock): distinguish struct instances sharing a mutex field by @pelikhan with @Copilot in #41383
  • Add nolint parity to non-enforced context-family linters by @pelikhan with @Copilot in #41382
  • Fix stale frontmatter hash in design-decision-gate.lock.yml by @pelikhan with @Copilot in #41390
  • Enable Copilot assignment permissions in Issue Monster workflow by @pelikhan with @Copilot in #41389
  • [jsweep] Clean upload_assets.cjs by @github-actions[bot] in #41371
  • fix: improve agent assignment failure issue reports by @pelikhan with @Copilot in #41392
  • [spec-extractor] Update package specifications for tty, types, typeutil, workflow by @github-actions[bot] in #41414
  • fix: stop codex harness retry loop draining tokens on exhausted rate-limit reconnects by @pelikhan with @Copilot in #41385
  • refactor: consolidate triplicate merge helpers and add sliceutil.SortedKeys by @pelikhan with @Copilot in #41388
  • fix: use union of caller + worker permissions for call-workflow jobs by @pelikhan with @Copilot in #41387
  • fix: revert sandbox.agent.sudo to true in glossary-maintainer workflow by @pelikhan with @Copilot in #41426
  • Handle known Windows ConPTY runner failure in daily CLI integration by @pelikhan with @Copilot in #41428
  • fix(firewall): skip non-Squid diagnostic lines in generate_usage_activity_summary by @pelikhan with @Copilot in #41429
  • chore: bump Codex 0.142.1, Copilot SDK 1.0.4 by @pelikhan with @Copilot in #41430
  • Send GraphQL-Features header for issue intent mutations when issue_intents runtime feature is enabled by @pelikhan with @Copilot in #41425
  • Issue Monster: eliminate false-positive 429 rate-limit detection by @pelikhan with @Copilot in #41471
  • Standardize CLI help section order and GHE note wording by @pelikhan with @Copilot in #41461
  • feat: spec-driven engine.env allowlist via GetSupportedEnvVarKeys; remove strict: false from smoke workflows by @pelikhan with @Copilot in #41465
  • Annotate imported workflow_call permissions in generated call jobs by @pelikhan with @Copilot in #41464
  • fix: prevent assign_to_agent from posting error comments on PRs by @pelikhan with @Copilot in #41475
  • Reduce sandbox.agent.sudo: false usage to policy target across agentic workflows by @pelikhan with @Copilot in #41463
  • Update existing MCP configs with required gh-aw server fields by @pelikhan with @Copilot in #41462
  • feat: detect AWF firewall startup failures and surface them in the agent failure issue by @pelikhan with @Copilot in #4...
Read more

v0.81.3

v0.81.3 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 25 Jun 03:19
Immutable release. Only release title and notes can be modified.
77e1097

🌟 Release Highlights

This release focuses on expanded automation reach with org-wide update management, greater expressiveness through GitHub Actions expression support in more places, and a round of critical fixes across Windows, rootless installs, and assignee resolution.

⚠️ Breaking Changes

sandbox.agent.network-isolation renamed to sandbox.agent.default-route

The frontmatter key sandbox.agent.network-isolation has been renamed to sandbox.agent.default-route (#41302). Update any workflows using this key to use the new name.

✨ What's New

  • Organization-wide gh aw update — Run gh aw update across an entire org with dry-run PR previews before applying changes, making fleet-wide workflow upgrades safer and more auditable (#41247).
  • Templatable safe-outputs.staged valuessafe-outputs.staged now accepts GitHub Actions expressions (${{ ... }}), enabling dynamic output values at workflow runtime (#41296).
  • link-sub-issue accepts GitHub expressions — The allowed-repos field in link-sub-issue now supports GitHub Actions expressions for more flexible cross-repo linking (#41237).
  • ready_for_review trigger supportpull_request_target workflows can now trigger on the ready_for_review event, enabling automation when draft PRs are marked ready (#41161).
  • GH_HOST support in gh aw trialgh aw trial --clone-repo now correctly honors the GH_HOST environment variable for GHES environments (#41159).
  • Sudo enabled in agentic sandboxes — All agentic workflow sandboxes now have sudo available by default, unblocking common agent install patterns (#41313).
  • Firewall v0.27.10 + mcpg v0.3.30 — Network-isolated workflows omit unnecessary sudo from generated lock files; bundled firewall and MCP gateway updated (#41269).

⚡ Performance

  • Parallelized audit analysisgh aw audit now runs analysis tasks in parallel, significantly reducing latency for long-running workflows (#41185).

🐛 Bug Fixes

  • Windows ConPTY crash fixed — Removed a compat import that caused gh aw to crash on startup on Windows (#41235).
  • Rootless AWF installgh aw installs correctly into $HOME/.local without root and properly exports $GITHUB_PATH in rootless environments (#41310).
  • Copilot assignee resolution restored — Assignee checks now prefer issue-scoped resolution, fixing cases where the wrong user was assigned (#41306).
  • UpdateContainerPins no longer wipes containers — Fixed a regression where gh aw update erased the entire containers section on every run (#41262).
  • Locked-PR 422 handled gracefully — Safe outputs now treats HTTP 422 on locked PRs as a soft skip with retry rather than a hard failure (#41155).
  • Compiler error quality improved — Errors now include accurate YAML context offsets, import hints, and early engine validation to help authors fix issues faster (#41234).
  • set_issue_type migrated to REST API — Replaced the GraphQL-based set_issue_type safe output with a single REST call for better reliability (#41241).
  • Linter fixeslenstringsplit false positives with empty separators and ctxbackground false negatives in closures are resolved (#41188, #41187).
  • Codex MCP CLI wrapper resolution — Fixed safe output path resolution for the Codex MCP CLI wrapper (#41242).

📚 Documentation

  • Safe rollout guidance streamlined for clarity (#41272).
  • Glossary updated with latest terminology (#41211).

Generated by 🚀 Release · 36.2 AIC · ⊞ 8.3K


What's Changed

  • Remove redundant python-dataviz imports from daily reporting workflows by @pelikhan with @Copilot in #41158
  • Support ready_for_review for pull_request_target triggers by @pelikhan with @Copilot in #41161
  • fix: treat locked-PR 422 as soft skip with retry in safe_outputs by @pelikhan with @Copilot in #41155
  • Add SEC-005 exemption for issue_intents.cjs false positive by @pelikhan with @Copilot in #41182
  • Allow AgentRx native package installs in Daily AgentRx Trace Optimizer by @pelikhan with @Copilot in #41183
  • Pin Daily Sub-Agent Model Resolution Audit sub-agent to a valid Codex model by @pelikhan with @Copilot in #41184
  • Pin RGS-007 workflow action refs to immutable SHAs by @pelikhan with @Copilot in #41189
  • [docs] Update glossary - daily scan by @github-actions[bot] in #41211
  • Add replace-label to Safe Output Mapping in agentic workflow designer SKILL.md by @pelikhan with @Copilot in #41190
  • Honor GH_HOST in gh aw trial --clone-repo repository URLs by @pelikhan with @Copilot in #41159
  • fix(lenstringsplit): empty raw-string separator escapes non-empty guard — false positive + wrong autofix by @pelikhan with @Copilot in #41188
  • ctxbackground: fix false negative and unsafe autofix for closures by @pelikhan with @Copilot in #41187
  • Add explicit permissions to error-message-lint workflow by @pelikhan with @Copilot in #41233
  • [jsweep] Clean update_entity_helpers.cjs by @github-actions[bot] in #41166
  • fix(footer): render correct trigger type in attribution suffix by @pelikhan with @Copilot in #41186
  • Fix false negatives in docs npm update detection by @pelikhan with @Copilot in #41240
  • fix: normalize report formatting for daily-rendering-scripts-verifier.md by @pelikhan with @Copilot in #41245
  • perf: parallelize audit analysis tasks to cut latency for long-running workflows by @pelikhan with @Copilot in #41185
  • refactor(workflow): split threat_detection.go (1542 lines) into focused modules by @pelikhan with @Copilot in #41231
  • feat: link-sub-issue allowed-repos accepts GitHub Actions expressions by @pelikhan with @Copilot in #41237
  • Migrate set_issue_type safe output from GraphQL to single REST issues.update call by @pelikhan with @Copilot in #41241
  • ci: align build-wasm node setup to setup-node@v6 / Node 24 by @pelikhan with @Copilot in #41243
  • feat: omit sudo from generated lock.yml when network-isolation is enabled; bump firewall to v0.27.10 and mcpg to v0.3.30 by @lpcox with @Copilot in #41269
  • [review] Migrate set_issue_type safe output from GraphQL to single REST issues.update call by @github-actions[bot] in #41284
  • [docs] docs: unbloat safe rollout guidance by @github-actions[bot] in #41272
  • fix(windows): remove compat import to prevent ConPTY startup crash by @pelikhan with @Copilot in #41235
  • Fix compiler error quality: YAML context offset, import hint, early engine validation by @pelikhan with @Copilot in #41234
  • [docs] Update Astro dependencies - 2026-06-24 by @github-actions[bot] in #41258
  • [linter-miner] feat(linters): add stringreplaceminusone linter by @github-actions[bot] in #41285
  • fix: UpdateContainerPins wipes containers section on every gh aw update run by @pelikhan with @Copilot in #41262
  • Fix Codex MCP CLI wrapper resolution for safe outputs by @pelikhan with @Copilot in #41242
  • [rendering-scripts] Render Codex experimental JSONL logs in the run step summary by @github-actions[bot] in #41201
  • build(deps-dev): Bump starlight-github-alerts from 0.2.0 to 0.3.0 in /docs by @dependabot[bot] in #41000
  • build(deps): Bump sharp from 0.35.1 to 0.35.2 in /docs by @dependabot[bot] in #40999
  • [caveman] Optimize instruction verbosity — agentic-chat, campaign, developer.instructions (2026-06-24) by @github-actions[bot] in #41301
  • Reduce ambient-context bloat in shared Python dataviz import by @pelikhan with @Copilot in #41304
  • fix: use python3 -m pip install for ...
Read more

v0.81.2

v0.81.2 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 24 Jun 04:05
Immutable release. Only release title and notes can be modified.
433c534

🌟 Release Highlights

This release introduces a new observability workflow for model resolution auditing, ships updated firewall and MCP gateway defaults, and improves internal GitHub MCP rendering consistency.

✨ What's New

  • Daily Model Resolution Audit — A new daily-model-resolution workflow detects model size mismatches in inlined sub-agents by cross-referencing workflow declarations against api-proxy event logs. It runs on a daily schedule (or on demand) and opens a scoped daily issue with a per-workflow, per-sub-agent table showing declared alias vs. observed model vs. resolution status (✅ / ⚠️ / ❓). This makes it much easier to catch accidental large-model usage where a small model was intended. (#41130)

🐛 Bug Fixes & Improvements

  • Integration test stability — Fixed a failing Integration: Workflow Features GitHub Actions job to restore CI reliability. (#41153)
  • GitHub MCP serialization refactor — Consolidated duplicated map-serialization and section-closing logic across local, remote, and custom GitHub MCP rendering paths into shared helpers. Token passthrough, GITHUB_HOST/toolset propagation, and guard-policy footer handling are now consistently applied across all modes, reducing the risk of future drift. (#41038)

🔧 Dependency Updates

  • Default firewall & MCP gateway bumpedgh-aw-firewall default updated to v0.27.9 and gh-aw-mcpg to v0.3.29. Compiled workflows now reference new immutable container digests for the AWF agent, squid, api-proxy, cli-proxy, and MCP gateway. (#41129)
  • @types/node 25 → 26 — TypeScript type declarations in actions/setup/js updated to the Node.js v26 API surface. Dev-only; no runtime impact. (#40998)

Generated by 🚀 Release · 28.1 AIC · ⊞ 8.3K


What's Changed

  • Refactor GitHub MCP serialization into shared section helpers by @pelikhan with @Copilot in #41038
  • feat: daily sub-agent model resolution audit workflow by @pelikhan with @Copilot in #41130
  • build(deps-dev): Bump @types/node from 25.9.2 to 26.0.0 in /actions/setup/js by @dependabot[bot] in #40998
  • Bump default gh-aw-firewall to v0.27.9 and gh-aw-mcpg to v0.3.29 by @lpcox with @Copilot in #41129
  • [WIP] Fix failing GitHub Actions job 'Integration: Workflow Features' by @pelikhan with @Copilot in #41153

Full Changelog: v0.81.1...v0.81.2

v0.81.1

v0.81.1 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 23 Jun 22:36
Immutable release. Only release title and notes can be modified.
698d8d4

🌟 Release Highlights

This release focuses on reliability and resilience — fixing common workflow failure modes, hardening remote fetch operations, and expanding platform support with a new network-isolation topology for ARC/DinD runners.

✨ What's New

  • Network-isolation topology mode for ARC/DinD runners (#41088): Compiler now emits the --network-isolation topology for AWF workflows, enabling egress control without requiring NET_ADMIN or host iptables. This unblocks deployments on Actions Runner Controller (ARC) with Docker-in-Docker.

  • issue_intents runtime support (#41092): Issue mutations can now carry structured rationale, confidence, and suggest metadata when the server supports the issue_intents feature flag, with automatic fallback to the legacy format — no workflow changes required.

  • Automatic threat-detection engine fallback for pi (#41098): When a workflow targets the pi engine (which does not support threat-detect directly), the compiler now automatically defaults to Copilot for threat detection — eliminating the need to configure this per workflow.

🐛 Bug Fixes & Improvements

  • Safe-outputs graceful no-op (#41037): Fixes a leading cause of workflow failures where a missing or empty safe-outputs file caused safe_outputs job failures. The runtime now treats a missing file as an empty collection and continues cleanly.

  • Improved assign-to-agent diagnostics (#41047): Copilot assignee lookup during safe-outputs now searches across all known Copilot bot aliases, preventing silent resolution failures that blocked agent assignment.

  • Hardened go-gh remote fetch (#41036): Contents API path construction is now properly escaped, REST clients are bounded, and client creation logic is deduplicated — reducing reliability gaps on remote repository operations.

  • Accurate audit pre-activation diagnostics (#41022): gh aw audit no longer incorrectly reports "failed before agent activation" for runs that did execute but exported no telemetry. Diagnosis now correctly distinguishes pre-activation failures from agent-run failures. See audit reference.

📚 Documentation

  • Editing workflows guide streamlined (#41086): Dense sub-sections replaced with readable inline prose for faster scanning.
  • Release cadence clarified (#41087): Docs now reflect the weekly/bi-weekly minor release clock (not best-effort semver).

Generated by 🚀 Release · 48.4 AIC · ⊞ 8.3K


What's Changed

  • audit: distinguish pre-activation failures from agent-run failures without telemetry by @pelikhan with @Copilot in #41022
  • [docs] docs: unbloat editing workflows guide by @github-actions[bot] in #41086
  • Improve assign-to-agent diagnostics for Copilot assignee alias lookup by @pelikhan with @Copilot in #41047
  • docs: release cadence is weekly/bi-weekly minor, not best-effort semver by @pelikhan with @Copilot in #41087
  • [linter-miner] linter: add lenstringsplit analyzer by @github-actions[bot] in #41090
  • Harden go-gh remote fetch callsites with escaped contents paths/refs and bounded REST clients by @pelikhan with @Copilot in #41036
  • Default threat detection to Copilot when engine is pi by @pelikhan with @Copilot in #41098
  • Add compiler support for AWF --network-isolation topology mode (ARC/DinD-compatible egress) by @lpcox with @Copilot in #41088
  • [caveman] Optimize instruction verbosity — adr-writer.agent.md, workflow-constraints.md (2026-06-23) by @github-actions[bot] in #41105
  • Add issue_intents runtime support for issue labels, type, and fields by @pelikhan with @Copilot in #41092
  • fix: treat missing safe-outputs file as empty collection (graceful no-op) by @pelikhan with @Copilot in #41037

Full Changelog: v0.81.0...v0.81.1

v0.81.0

v0.81.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 23 Jun 17:34
Immutable release. Only release title and notes can be modified.
165beb4

🌟 Release Highlights

This release delivers expanded engine configurability, a batch of high-impact bug fixes across the compiler and CLI, and tighter security defaults — making workflows more reliable and cost-efficient out of the box.

⚠️ Breaking Changes

  • CLI flag rename (#40822): The --skip-secret, --disable-security-scanner, and --disable-release-bump flags have been renamed to the --no-secret, --no-security-scanner, and --no-release-bump convention. Update any scripts or CI configurations that pass these flags.

✨ What's New

  • Model provider selection (#40903): Workflows can now declare an engine-level model-provider field, enabling provider-aware runtime wiring — including running Claude models via the Copilot engine. A new Claude-on-Copilot smoke workflow validates the path end-to-end.
  • engine.driver field (#40897): A new shared engine.driver field allows specifying the Pi agent core as a built-in driver, simplifying engine configuration.
  • sandbox.agent.platform frontmatter (#40877): Workflows can now read the AWF platform type via sandbox.agent.platform, making platform-conditional logic easier to express.
  • GH_AW_RUNTIME_FEATURES flag support (#40824): Built-in workflow jobs now honor the GH_AW_RUNTIME_FEATURES environment variable for progressive feature rollout.
  • replace-label safe-output type (#40423): A new experimental replace-label safe-output type lets workflows atomically swap issue/PR labels.
  • Smarter merge-pull-request (#40915): The merge-pull-request safe-output now refuses to merge when the target branch has no upstream open PR, preventing accidental merges into stale branches.
  • Slash-command status tracking (#40928): Centralized slash-command status comments are now updated with a link to the dispatched workflow run, so you always know where the work went.
  • Firewall activity backfill (#41046): Activity reports can now be backfilled from usage artifact domain aggregates, filling gaps in firewall observability data.

🐛 Bug Fixes & Improvements

  • Compiler: fix hyphenated workflow_call inputs (#41019): Workflows with hyphenated input names in workflow_call events now compile correctly.
  • Compiler: fix on.bots/on.roles state leakage (#41018): A state leak that could corrupt workflow_run trigger generation when on.bots or on.roles were set has been fixed.
  • Compiler: reduce template-injection noise (#41025): The compiler now emits fewer false-positive template-injection diagnostics in generated workflow run blocks.
  • Linter: wgdonenotdeferred loop-scope fix (#41026): The linter no longer incorrectly flags deferred WaitGroup.Done() calls inside goroutine closures in loop bodies.
  • Status comments: correct run URL and name (#40831): Centralized repo status comments now display the actual workflow name and a working link to the run.
  • Detection: honor continue-on-error (#40790): Detection jobs now respect continue-on-error when the external detector result file is missing.
  • Detection: always run on safe outputs (#40882): Cache-memory detection is now guaranteed to run even on noop and boop safe-output types.
  • Ollama reachability (#40888): Ollama is now bound to 0.0.0.0 so the api-proxy Docker container can reach it correctly.
  • Action ref pass-through (#40887): Supported local and Docker action refs are now passed through without triggering pin resolution.
  • --engine log filter (#40793): gh aw logs --engine now correctly filters runs by engine ID.
  • Telemetry: Copilot/Pi turn and token reporting (#40792): Turn count and token usage are now emitted correctly for the Copilot and Pi engines.
  • Portfolio analyst turn runaway (#40858): The portfolio analyst workflow now has max-turns and max-ai-credits guardrails to prevent unbounded execution.

⚡ Performance

  • ~9,600 chars trimmed from ambient context (#40874): Per-run token usage is meaningfully reduced by pruning verbose ambient context that agents did not need.
  • Failure investigator cost reduction (#40880): The aw-failure-investigator workflow has been optimized to use fewer AI credits per run.

🔒 Security

  • Hardened checkout credential defaults (#40794): Generated checkout steps now default to persist-credentials: false, reducing the credential exposure window in generated workflows.

📚 Documentation

  • max-daily-ai-credits cost warnings (#41055): Docs now warn about the API unit cost implications of max-daily-ai-credits and include examples for disabling the field, with a recommendation to configure at the org level.
  • Authoring guidance improvements (#40819, #40820): Tightened guidance on noop semantics, workflow_run triage, report window scoping, and permissions documentation.

Generated by 🚀 Release · 36.8 AIC · ⊞ 8.2K


What's Changed

  • [docs] Update glossary - weekly full scan by @github-actions[bot] in #40776
  • Sync workflow designer skill with safe-output and network reference docs by @pelikhan with @Copilot in #40742
  • Reduce tool-denial failures in Daily Compiler Threat Spec Optimizer by @pelikhan with @Copilot in #40743
  • Align threshold linters with sibling analyzer behavior by @pelikhan with @Copilot in #40740
  • fix(seenmapbool): eliminate duplicate diagnostics for set-maps in closures by @pelikhan with @Copilot in #40741
  • [architecture] Update architecture diagram - 2026-06-22 by @github-actions[bot] in #40769
  • [schema-coverage] feat: Add schema coverage demo for max-turn-cache-misses field by @github-actions[bot] in #40753
  • safe-outputs: make create-pull-request bundling resilient to diverged-history replay conflicts by @pelikhan with @Copilot in #40720
  • [code-scanning-fix] Fix workflow-graphql-id-unescaped: eliminate string interpolation in GraphQL mutations via variables by @github-actions[bot] in #40757
  • [code-simplifier] simplify: dedup validateAllowedIssueFields and extract parseUnknownModelAICreditsFromAuditEntry by @github-actions[bot] in #40725
  • fix: increase timeout-minutes from 10 to 30 in example-workflow-analyzer by @pelikhan with @Copilot in #40788
  • [jsweep] Clean validate_lockdown_requirements_templates.cjs by @github-actions[bot] in #40730
  • fix: resolve SEC-004 false-positive sanitization flags on assign_agent_helpers and update_pull_request by @pelikhan with @Copilot in #40791
  • fix: update actions toolset to consolidated tool names (actions_get/actions_list) by @pelikhan with @Copilot in #40787
  • refactor: centralise symlink guard into shared lstatGuard helper by @pelikhan with @Copilot in #40795
  • fix: restore AIC data in usage-only log collection by @pelikhan with @Copilot in #40786
  • pi: propagate GH_AW_NODE_BIN into AWF execution path for Daily News by @pelikhan with @Copilot in #40789
  • docs(permissions): move read-only constraint note and add group descriptions by @pelikhan with @Copilot in #40820
  • Docs: tighten workflow authoring guidance for noop semantics, workflow_run triage, and report window scoping by @pelikhan with @Copilot in #40819
  • fix(logs): --engine filter correctly filters runs by engine ID by @pelikhan with @Copilot in #40793
  • fix(telemetry): emit turns/tokens for Copilot/Pi; trim cli-version-checker prompt; foreground recompile by @pelikhan with @Copilot in #40792
  • Add GH_AW_RUNTIME_FEATURES support to built-in workflow jobs by @pelikhan with @Copilot in #40824
  • fix(cli): rename --skip-secret, --disable-security-scanner, --disable-release-bump to --no-* convention; fix docs gaps by @pelikhan with @Copilot in #40822
  • refactor(cli): extract ReportProvenance f...
Read more