Releases: github/gh-aw
v0.66.1
π Release Highlights
This release focuses on richer observability from gh aw logs β flat classification fields, per-tool-call metrics, and consolidated security reporting β along with several community-driven bug fixes and feature additions.
β οΈ Breaking Changes
gh aw audit report has been removed. Cross-run security reports are now generated directly by gh aw logs --format:
# Before
gh aw audit report --workflow "agent-task" --last 10
gh aw audit report --format pretty
gh aw audit report --last 5 --json
# After
gh aw logs agent-task --format markdown --count 10
gh aw logs --format pretty
gh aw logs --format markdown --last 5 --jsonThe new --last flag is available as an alias for --count to ease migration. All existing --json output continues to work.
β¨ What's New
-
Flat run classification in
gh aw logs --json: Each run now carries a top-levelclassificationstring ("risky","normal","baseline", or"unclassified"), eliminating the need to null-guard against deeply nestedcomparison.classification.label. Query it directly:gh aw logs --json | jq '.runs[] | {id: .database_id, classification}'
-
Per-tool-call metrics in logs: Episode responses now include granular tool-call metrics β token usage, failure counts, and latency per tool β making it possible to identify which tools consume the most resources or fail most frequently.
-
Discussion thread reply support: The
add-commentsafe output now accepts areply_to_idfield, enabling agents to post threaded replies within GitHub Discussions. -
authfield accepted in HTTP MCP server config: Frontmatter validation no longer rejects theauthfield on HTTP MCP servers, unblocking workflows that use authenticated remote MCP endpoints. -
Fuzzy schedule no longer requires an
originremote: Workflows using fuzzy/relative schedules now work correctly in repositories without a configuredoriginremote.
π Bug Fixes & Improvements
- Token analysis workflows fixed: All four token workflows (Copilot/Claude analyzers and optimizers) now correctly parse
gh aw logs --jsonoutput β extracting.runs[]and using snake_case field names. A new sharedtoken-logs-fetchworkflow pre-fetches logs once daily to avoid redundant API calls. - Null-safe jq aggregations: Token optimizer workflows no longer crash with a division-by-zero error when runs have zero token usage.
π Documentation
- Agent-assisted workflow import guide: The packaging and imports guide now includes a step-by-step walkthrough for using a coding agent to import and adapt a workflow from another repository, with tabbed prompt examples for common use cases.
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@bbonafed
@corygehr
@jaroslawgajewski
- feat(mcp): Add per-tool-call metrics to
logsresponse (direct issue) - feat(mcp): Include classification label in
logstool response (direct issue)
@jeffhandley
- Fuzzy schedule requires an 'origin' remote (direct issue)
For complete details, see CHANGELOG.
Generated by Release Β· β 1.9M
What's Changed
- [log] Add debug logging to agentdrain package by @github-actions[bot] in #24383
- Wrap token usage step summary in a details section by @Copilot in #24375
- fix: add
authfield tohttp_mcp_toolfrontmatter schema by @Copilot in #24369 - [actions] Update GitHub Actions versions - 2026-04-03 by @github-actions[bot] in #24378
- Proactively ignore .dockerbuild artifacts in logs download by @Copilot in #24386
- feat(add-comment): support reply_to_id for discussion threading from any trigger by @Copilot in #24367
- fix: reduce API rate limit pressure in train-drain3-weights workflow by @Copilot in #24392
- feat(mcp): Surface repository and organization in logs tool response by @Copilot in #24391
- fix: fuzzy schedule scattering works with non-
originremote names by @Copilot in #24390 - feat(logs): add top-level
classificationfield toRunDatain logs response by @Copilot in #24394 - feat(mcp): Add per-tool-call metrics to
logsepisode response by @Copilot in #24389 - docs: add agent-assisted import & adapt section to packaging-imports guide by @Copilot in #24397
- feat: merge
gh aw audit reportintogh aw logs --formatby @Copilot in #24396 - fix: align token workflows with gh-aw logs --json schema and add shared log caching by @lpcox in #24395
Full Changelog: v0.66.0...v0.66.1
Contributors
Assets 18
- 24.6 MB
2026-04-04T00:41:38Z - 1.02 KB
2026-04-04T00:41:38Z - 24.8 MB
2026-04-04T00:41:38Z - 23 MB
2026-04-04T00:41:38Z - 23.2 MB
2026-04-04T00:41:38Z - 24.3 MB
2026-04-04T00:41:38Z - 22.4 MB
2026-04-04T00:41:40Z - 4.59 MB
2026-04-04T00:41:40Z - 23.4 MB
2026-04-04T00:41:40Z - 24.3 MB
2026-04-04T00:41:40Z -
2026-04-03T23:17:58Z -
2026-04-03T23:17:58Z - Loading
v0.66.0
π Release Highlights
This release focuses on AI observability, workflow reliability, and threat detection extensibility β making it easier to monitor agent token usage, debug anomalies, and customize security pre/post-steps.
β¨ What's New
-
Token Usage Artifact (#24315) β Agent token counts are now bundled as an
agent_usage.jsonartifact alongside each run, enabling third-party tooling and dashboards to consume structured token data without parsing step summaries. -
Log Pattern Mining in Audit & Logs (#24328) β
gh aw audit reportnow includes an Agent Event Pattern Analysis section powered by Drain3 log template mining. Use the newgh aw logs --trainflag to train weights from your own run history, improving anomaly detection accuracy over time. -
Threat Detection Pre-Steps & Post-Steps (#24250) β The threat detection job now supports custom
pre-stepsandpost-steps, giving security teams the ability to run custom checks before and after detection without modifying the compiled workflow. -
create_labelsMaintenance Operation (#24341) β A newagentics-maintenance.ymloperation automatically creates any missing repository labels referenced in safe-outputs. Also,compile --jsonnow includes alabelsfield perValidationResultand exposes a--no-emitoption. -
GitHub App Token Minting Moved to Activation Job (#24251) β GitHub App token minting now happens in the activation job, improving security posture and reducing token lifetime exposure in downstream jobs.
π Bug Fixes & Improvements
-
GH_HOST regression fixed (#24321) β The
Install GitHub Copilot CLIstep no longer silently drops theGH_HOST: github.comenvironment pin introduced in v0.65.6, restoring CLI functionality for users behind proxy configurations. -
SARIF upload overhauled (#24322) β Code scanning SARIF uploads now use a dedicated job with proper artifact transfer, direct checkout token computation, and GitHub App checkout support β resolving failures that required additional git commit references.
-
push_repo_memoryguarded against failed/skipped agents (#24363) β The repo-memory push job now requiresneeds.agent.result == 'success', preventing stale or incomplete memory from being written when the agent fails or is skipped. -
Pipefail SIGPIPE fixes in token optimizer workflows (#24350, #24354) β Token analyzer and optimizer workflows were silently aborting artifact download loops due to SIGPIPE (exit 141) under
set -euo pipefail. Replaced pipedwhile readpatterns with temp-file approaches. -
Bundle transport fix for HEAD commits (#24317) β Fixed a bug where the bundle transport failed when the agent committed directly to HEAD instead of a named branch.
-
Compiler error formatting (#24316) β Eliminated spurious
file:1:1:prefix from double-wrapped compiler errors, making diagnostics cleaner. -
Daily Issues Report Generator restored (#24349) β Fixed 11 consecutive days of failures caused by PATH issues on GPU runners and a proxy-related
gh issue listcrash, with graceful fallback to an empty dataset.
π Documentation
- Updated CLI reference with
--trainflag docs,--no-emitoption,labelsJSON field, Agent Event Pattern Analysis, andagent_usage.jsonartifact table entry (#24377). - Expanded the Manual Maintenance Operations guide with a full table of available operations including the new
create_labelsentry (#24377).
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@adamhenson
@chrisfregly
- Missing Threat Detection Custom Pre-Steps (direct issue)
@jaroslawgajewski
- Suspected regression in v0.65.6:
Install GitHub Copilot CLIno longer emitsGH_HOST: github.com(direct issue)
@kbreit-insight
- SARIF upload requires additional git commit references (direct issue)
For complete details, see CHANGELOG.
Generated by Release Β· β 1.2M
What's Changed
- [dead-code] chore: remove dead functions β 4 functions removed by @github-actions[bot] in #24288
- [docs] docs: consolidate dev.md to v5.1 β add 3 previously uncovered spec files by @github-actions[bot] in #24275
- [instructions] Sync github-agentic-workflows.md with release v0.65.6 by @github-actions[bot] in #24273
- [docs] Update glossary - daily scan (imports and import-schema) by @github-actions[bot] in #24267
- [community] Update community contributions in README by @github-actions[bot] in #24271
- [architecture] Update architecture diagram - 2026-04-03 by @github-actions[bot] in #24264
- Rename
isEmptyDiffβisEmptyFirewallDifffor consistency by @Copilot in #24277 - fix: remove stale
action-tag: v0from daily-fact.md and recompile by @Copilot in #24310 - refactor: eliminate duplicated AWF injection, secret validation, and MCP secret collection across engine implementations by @Copilot in #24283
- [q] fix: show effective tokens (ET) in discussion footer by @github-actions[bot] in #24320
- ci: skip
go mod downloadon cache hit for 9 jobs by @Copilot in #24319 - perf: eliminate repeated O(n) action pin scans and redundant permissions parsing in MCP workflow compilation by @Copilot in #24256
- feat: add pre-steps and post-steps to threat detection job by @Copilot in #24250
- Fix double-wrapped compiler errors emitting spurious
file:1:1:prefix by @Copilot in #24316 - fix: restore
GH_HOST: github.compin on Install GitHub Copilot CLI step by @Copilot in #24321 - Move github-app token minting to activation job by @Copilot in #24251
- fix: bundle transport fails when agent commits to HEAD instead of named branch by @Copilot in #24317
- feat: bundle token usage as agent artifact by @Copilot in #24315
- fix: update wasm golden files to include GH_HOST env var in Copilot CLI install step by @Copilot in #24330
- fix: install gh-aw CLI extension in workflow pre-steps by @lpcox in #24335
- Fix workflow network allowlist gaps from 2026-04-03 firewall report by @Copilot in #24332
- Upgrade charmbracelet/huh to charm.land/huh/v2 v2.0.3 by @Copilot in #24331
- Migrate HuhTheme to huh v2 ThemeFunc API by @Copilot in #24343
- feat: integrate log template mining into audit report and logs by @Copilot in #24328
- fix: replace piped while loops with temp files to avoid pipefail SIGPIPE by @lpcox in #24350
- Add create-labels maintenance operation and compile --json label reporting by @Copilot in #24341
- fix: eliminate piped while loops in token optimizer workflows by @lpcox in #24354
- fix: restore Daily Issues Report Generator β AWF binary install + issues data fetch resilience by @Copilot in #24349
- Fix copy dictation instructions button on agentic-authoring page by @Copilot in #24362
- fix: push_repo_memory should not run when agent job is skipped or failed by @Copilot in #24363
- fix: dedicated upload_code_scanning_sarif job with SARIF artifact transfer, direct checkout token computation, and github-app checkout support by @Copilot in #24322
- ci: skip GitHub API-heavy jobs on non-main branches by @Copilot in #24370
- [docs] Update documentation for features from 2026-04-03 by @github-actions[bot] in #24377
- chore: update drain3 default log pattern weights by @github-actions[bot] in #24381
Full Changelog: v0.65.7...v0.66.0
Contributors
Assets 18
v0.65.7
π Release Highlights
This release focuses on cross-repo workflow reliability, safe-outputs improvements, and new token optimization tooling β along with a handful of highly-requested community fixes.
β¨ What's New
-
MCP Gateway keepalive configuration β Expose
keepalive-intervalas a first-class frontmatter option undersandbox.mcp, preventing session expiry during long-running agent tasks. Learn more -
Dynamic
github-tokenexpressions βgithub-tokenfields in safe-outputs now accept$\{\{ needs.JOB.outputs.OUTPUT }}expressions, enabling short-lived tokens minted by upstream jobs (e.g., viaactions/create-github-app-tokenor Octo STS) to be used seamlessly with built-in safe outputs. Learn more -
Daily token usage analysis workflows β New
daily-token-usage-analysisanddaily-safe-output-optimizerworkflows help you identify unused tools and reduce per-turn token costs β the same pattern that has already produced concrete savings in gh-aw-firewall. -
Agent failure footers now include effective token count β The token consumption of each run is now surfaced directly in agent failure issue/comment footers, making cost investigation faster.
π Bug Fixes & Improvements
-
Cross-repo
workflow_call integrity check fixedβGITHUB_WORKFLOW_REFenv var always reflects the top-level caller, not the callee. The integrity check now correctly usesgithub.workflow_ref(the Actions context expression) to resolve the called workflow's source. Fixes long-standing failures for reusable remote workflows. Learn more -
Stale
GH_HOSTand false fork-PR detection resolved βconfigure_gh_for_ghe.shreturned early forgithub.comwithout clearing a previously-setGH_HOST, causinggh pr checkoutand related commands to fail against the wrong host. A secondary false-positive fork detection was also removed. Closes #24208, #24217, #24218. -
Detection gate wired for imported safe-outputs β Workflows that declare no
safe-outputs:in their own frontmatter but pull it in viaimports:were compiled without adetectionjob gate. This is now correctly enforced. -
CI Cleaner always produces safe outputs β The CI Cleaner agent now has a mandatory exit protocol ensuring at least one safe-output tool is called before it exits, preventing silent "no safe outputs generated" failures.
π Documentation
-
Frontmatter hash clarified β Documentation now accurately describes the frontmatter hash as a stale-lock detection mechanism, not a tamper-protection or security boundary, to avoid misleading security assumptions. See reference
-
Copilot Agent Files reference page reduced from 167 β 125 lines (25% leaner) while preserving all essential information.
π§ Maintenance
- Playwright Browser bumped to v1.59.1 (Windows regression fix)
- MCP Gateway bumped to v0.2.12
- AWF Firewall bumped to v0.25.13
- 6 GitHub Actions updated to latest SHA-pinned releases
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@ferryhinardi
@salekseev
@strawgate
- Remote workflow_call appears broken (direct issue)
- Integrity check fails for cross-repo workflow_call: GITHUB_WORKFLOW_REF points to caller, not callee (direct issue)
@virenpepper
For complete details, see CHANGELOG.
Generated by Release Β· β 716.4K
What's Changed
- [docs] Update documentation for 2026-04-02 features by @github-actions[bot] in #24170
- fix: wire detection gate for safe-outputs assembled entirely from imports by @Copilot in #24155
- fix(ci-cleaner): add mandatory exit protocol to always produce safe outputs by @Copilot in #24182
- [actions] Update GitHub Actions versions - 2026-04-02 by @Copilot in #24181
- [log] Add debug logging to 4 Go files by @Copilot in #24180
- chore: Bump AWF firewall version to v0.25.13 by @lpcox in #24185
- feat: Add daily token usage analysis and optimization workflows by @Copilot in #24192
- Include effective token count in agent failure issue/comment footer by @Copilot in #24196
- fix(workflows): normalize report headers to h3+ and add progressive disclosure by @Copilot in #24201
- docs: clarify frontmatter hash is stale-lock detection, not tamper protection by @Copilot in #24198
- fix: Clear stale GH_HOST and remove false fork PR detection (#24208) by @lpcox in #24221
- feat: Expose MCP gateway keepalive-interval in workflow config schema by @Copilot in #24220
- [docs] docs: reduce bloat in Copilot Agent Files reference page by @github-actions[bot] in #24223
- fix: unset stale GH_HOST when configuring gh for github.com by @Copilot in #24222
- feat: Allow
${{ needs.JOB.outputs.OUTPUT }}expressions ingithub-tokenfields by @Copilot in #24215 - Fix cross-repo workflow_call integrity check: use github.workflow_ref instead of GITHUB_WORKFLOW_REF by @Copilot in #24200
- [jsweep] Clean add_reaction_and_edit_comment.cjs by @github-actions[bot] in #24228
- Use details/summary for progressive disclosure of failure reporting tip by @Copilot in #24229
- chore: update Playwright Browser v1.59.1, MCP Gateway v0.2.12 by @Copilot in #24226
Full Changelog: v0.65.6...v0.65.7
Contributors
Assets 18
v0.65.6
π Release Highlights
This release centers on Effective Tokens β a new end-to-end feature that tracks and surfaces AI token usage across workflow runs β alongside five community-reported bug fixes and a set of reliability improvements.
β¨ What's New
-
Effective Tokens visibility β Token usage is now tracked from the MCP gateway log through the agent job outputs and surfaced directly in workflow footer comments. Footer templates gain three new variables:
{effective_tokens}(raw integer),{effective_tokens_formatted}(compact string like1.2K), and{effective_tokens_suffix}(a ready-to-use suffix likeΒ· β 1.2K). All built-in footer templates have been updated to include{effective_tokens_suffix}by default. (#24150, #24132, #24122, #24029) -
Custom model token weights β The
enginefrontmatter now supports custom token weight overrides per model, enabling more accurate effective-token calculations for non-default deployments. (#24134) -
Native web-fetch for Codex and Gemini β The
mcp/fetchfallback has been removed; Codex and Gemini workflows now use native web-fetch, reducing latency and eliminating an unnecessary MCP dependency. (#24017) -
Staggered cron schedules β Approximately 30 workflows previously fired simultaneously at the top of each hour, exhausting the GitHub App rate limit. The compiler now hashes each workflow's identity to scatter execution within Β±30 minutes, eliminating rate-limit bursts. (#24144)
π Bug Fixes & Improvements
-
Safe outputs MCP server now receives
GH_AW_SAFE_OUTPUTSβ The environment variable was not passed to the safe-outputs MCP HTTP server startup step, causingoutputs.jsonlto appear empty even on success. (#24126) -
Discussion reply threading fixed β
add-commentnow correctly threads replies when the triggering comment is itself a reply inside a discussion thread. (#24031) -
Lenient temporary ID validation β Invalid temporary IDs (e.g. containing underscores) now emit a warning instead of failing PR creation. (#24030)
-
Conclusion job concurrency now customizable β A
concurrency.job-discriminatorfield can be applied to theconclusionjob, allowing users to control grouping independently of the agent job. (#24043) -
Lock file integrity check works across organizations β Reusable workflow lock files are now resolved from the source repository rather than the calling repository, fixing cross-org integrity validation. (#24057)
-
add_commentno longer fails on scheduled runs β When no triggering context is available (e.g. ascheduletrigger), theadd_commenthandler now silently skips instead of erroring. (#24131, #24098) -
MCP gateway tool allowlist enforced at gateway layer β Tool allow/deny lists are now enforced at the gateway itself with restricted config file permissions, improving security posture. (#23933)
-
Protocol-relative URLs blocked in safe-outputs sanitizer β URLs like
//evil.comare now treated as blocked domains, closing a sanitization bypass. (#23930)
π Documentation
- Added the Effective Tokens specification documenting the token-tracking architecture, formula, and template variables.
- Developer spec consolidated into
dev.md v5.0. (#24067)
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@corygehr
@dsyme
- Invalide temporary ID should probably not fail PR creation (direct issue)
@jaroslawgajewski
- Lock file integrity check should resolve the lock file from the reusable workflow source repository (direct issue)
@szabta89
@yaananth
For complete details, see CHANGELOG.
Generated by Release Β· β 747.2K
What's Changed
- fix: treat protocol-relative URLs as blocked domains in safe-outputs sanitizer by @Copilot in #23930
- Enforce MCP gateway tool allowlist at the gateway layer and restrict config file permissions by @Copilot in #23933
- feat: remove mcp/fetch fallback and wire native web-fetch for Codex and Gemini by @Copilot in #24017
- [jsweep] jsweep: Clean add_comment.cjs by @github-actions[bot] in #24020
- docs: expand security architecture section on homepage for non-security audiences by @Copilot in #24026
- feat(logs): parse events.jsonl as primary metrics source for Copilot CLI runs by @Copilot in #24027
- fix: use events.jsonl from copilot session-state for log parsing by @Copilot in #24028
- feat: render token-usage.jsonl in the MCP gateway step summary by @Copilot in #24029
- [code-simplifier] refactor: simplify token usage parsing in parse_mcp_gateway_log.cjs by @github-actions[bot] in #24032
- Fix discussion reply threading when triggering comment is itself a reply by @Copilot in #24031
- [ca] fix: correct JSDoc type annotation in parse_mcp_gateway_log.cjs by @github-actions[bot] in #24033
- fix: lenient temporary ID validation β support underscores, warn instead of fail by @Copilot in #24030
- fix: increase timeout for daily-architecture-diagram workflow by @Copilot in #24042
- [docs] Update glossary - daily scan by @github-actions[bot] in #24044
- Apply
concurrency.job-discriminatorto theconclusionjob by @Copilot in #24043 - [community] Update community contributions in README by @github-actions[bot] in #24062
- [instructions] Sync github-agentic-workflows.md with release v0.65.5 by @github-actions[bot] in #24061
- fix: use Python venv for pip installs in shared Python workflows by @Copilot in #24053
- Set max branch limit to 10 and enable deletion on scheduled runs by @Copilot in #24064
- [docs] Consolidate developer specs into dev.md v5.0 (2026-04-02) by @github-actions[bot] in #24067
- Fix lock file integrity check for cross-org reusable workflows by @Copilot in #24057
- [rendering-scripts] fix: add pretty-print format support to copilot log parser by @github-actions[bot] in #24070
- Prevent copilot-maintenance workflow from running on forks by @Copilot in #24082
- Fix JS typecheck failures introduced by TypeScript v6 strict catch variable typing by @Copilot in #24089
- Remove unnecessary
[]bytecasts inpkg/consolegolden tests by @Copilot in #24086 - Implement conclusion job step improvements by @Copilot in #24063
- Migrate pkg/repoutil tests to testify assertions by @Copilot in #24085
- [dead-code] chore: remove dead functions β 4 functions removed by @github-actions[bot] in #24094
- Return structured JSON instead of MCP protocol errors for invalid inputs in logs/audit/compile tools by @Copilot in #24058
- fix: silently skip add_comment when no triggering context (schedule runs) by @Copilot in #24098
- Extract Go source code analysis tools bundle into shared component by @Copilot in #24084
- fix(docs): add aria-label to Expressive Code copy-to-clipboard buttons by @Copilot in #24099
- refactor: split mixed-concern files identified by semantic function clustering analysis by @Copilot in #24101
- fix: add-wizard ls-remote de...
Contributors
Assets 18
v0.65.5
π Release Highlights
This release focuses on security hardening, observability improvements, and setup performance β with a meaningful reduction in firewall install time and new token usage visibility for AI cost tracking.
β¨ What's New
-
Token Usage Visibility β The Agentic Workflow Firewall now logs per-model token consumption to
token-usage.jsonl.gh aw auditandgh aw logssurface a full breakdown (input, output, cache read/write tokens, cache hit %, avg request duration) per model. A new step summary step appends a markdown table to your workflow run's summary page. (#23943) -
140Γ Faster Firewall Install β AWF v0.25.10 ships a single
awf-bundle.jsfile (~357 KB). On GitHub-hosted runners with Node.js β₯ 20 (the default), setup now downloads 357 KB instead of ~50 MB β a 140Γ reduction. Self-hosted runners without Node.js β₯ 20 automatically fall back to the platform binary. (#23993) -
Richer Threat Detection Context β The detection job now performs a conditional repository checkout when a patch is present, giving the threat detection engine full codebase context to review code changes. Previously, the engine saw diffs in isolation without surrounding source files. (#23961)
-
GitHub Actions Expression Support β
timeout-minutes,engine.version,tools.timeout, andtools.startup-timeoutnow accept GitHub Actions expressions (e.g.,$\{\{ inputs.timeout }}), enabling reusableworkflow_callworkflows where callers can customize these values without forking the workflow. (docs)
π Bug Fixes & Improvements
-
Session Logs Now Collected β
events.jsonlfiles written by Copilot CLI inside session subdirectories were silently missed by the log-copy step (flat glob only matched the top level). Fixed with a recursivefind-based copy that preserves session IDs in filenames. (#23992) -
Security: Git Hook Injection Prevented β Cache-memory git repos now have
.git/hooks/cleared andcore.hooksPathset to/dev/nullon every setup. Previously, a compromised run could plant executable hooks that fired on the host runner before the AWF sandbox was active. (#23929) -
gh aw add-wizardNo Longer Loses Work on Push Failure β If the branch push failed after downloading workflow files, the command previously rolled back everything and left users with nothing. Files and the local commit are now preserved, with actionable recovery instructions printed to the console. (#23926) -
Label Pagination Fixed for Large Repos β
create_discussionandupdate_discussionsilently dropped any labels beyond the first 100 when resolving label names to IDs. The paginated fetch now loops until all labels are loaded. (#23915) -
CLI Help Text Fixes β Dynamic column width in root command usage (fixing truncated
hash-frontmatter), correctedlogs --timeoutflag description, and improvedmcp addhelp text. (#23912)
π Documentation
- Updated reference docs for expression support in
frontmatter.md,engines.md, andtools.mdβ including new "Tool Timeout Configuration" section. - Condensed verbose troubleshooting sections in
common-issues.md(β49 lines, β8%).
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@ajfeldman6
- Error: "Failed to add workflow" during Quick Start Guide for creating an agentic workflow (direct issue)
@yskopets
For complete details, see CHANGELOG.
Generated by Release
What's Changed
- Fix 4 CLI consistency issues: dynamic column width, flag description, mcp add docs, command group tests by @Copilot in #23912
- refactor: split checkout_manager.go into state management, step generation, and config parsing by @Copilot in #23911
- Split pkg/constants/constants.go into domain-grouped files by @Copilot in #23913
- fix: paginate label fetch in create_discussion and update_discussion by @Copilot in #23915
- refactor: split trial_command.go (1,007 lines) into focused files by @Copilot in #23917
- fix: preserve workflow files and guide user on manual push when branch push fails by @Copilot in #23926
- feat: Add conditional workspace checkout to detection job for patch context by @lpcox in #23961
- [docs] Update documentation for GitHub Actions expression support in frontmatter fields by @github-actions[bot] in #23947
- fix(security): clear .git/hooks/ and disable hooksPath in cache-memory git setup by @Copilot in #23929
- feat: bump firewall to v0.25.8 and surface token-usage.jsonl by @lpcox in #23943
- feat: bump AWF to v0.25.10 and use lightweight esbuild bundle by @Mossaka in #23993
- fix: events.jsonl not collected β copy step uses flat glob, misses session subdirectories by @lpcox in #23992
- [docs] condense verbose sections in common-issues.md by @github-actions[bot] in #24010
Full Changelog: v0.65.4...v0.65.5
Contributors
Assets 18
v0.65.4
π Release Highlights
This release focuses on workflow parameterization for workflow_call reuse, automatic service container access, and a strong set of community-driven bug fixes and features.
β¨ What's New
-
Expression parameterization for
workflow_callβ Multiple frontmatter fields now accept GitHub Actions expressions, enabling reusable workflows to customize behavior at call time:timeout-minutes: $\{\{ inputs.timeout }}engine.version: $\{\{ inputs.engine-version }}tools.timeout,tools.startup-timeout, andtools.playwright.version
-
Auto-generate
--allow-host-service-portsfromservices:mappings β Workflows using GitHub Actions service containers (PostgreSQL, Redis, etc.) no longer need manual port configuration. The compiler now extracts declared port mappings and emits runtime$\{\{ job.services.<name>.ports['<port>'] }}expressions automatically, so agents can reach service containers out of the box. -
Step templating support β Workflows can now use templating patterns for steps, enabling more expressive and reusable workflow definitions.
-
Restrict Copilot CLI built-in tools via frontmatter β Fine-grained control over which Copilot CLI built-in tools are available to agents in a workflow.
-
Discussion post commenting and editing β Workflows can now comment on and edit posts within GitHub Discussions, expanding discussion interaction capabilities.
π Bug Fixes & Improvements
- Cross-repo org ruleset timestamp check fixed β The "Check workflow file timestamps" step no longer fails with
ERR_CONFIGwhen workflows run cross-repo via organization rulesets. <safe-output-tools>prompt expression inlining resolved β Compiled prompts no longer inline$\{\{ }}expressions verbatim, which was re-triggering the expression-size limit.create-code-scanning-alertsafe-output fixed β The code scanning alert safe-output handler now works correctly for all supported alert configurations.- Cross-repo import path resolution corrected β
gh aw addno longer rewrites\{\\{\#import shared/X.md}}with an incorrect path; imports now resolve from.github/workflows/as expected. - Audit tool: Codex metrics and firewall root cause β
gh aw auditnow surfaces token/turn metrics and firewall-blocked domain root causes for failed Codex runs.
π Documentation
- New "Supported Languages & Ecosystems" reference page β A dedicated reference mapping popular languages (Python, Go, Java, Rust, TypeScript, etc.) to their ecosystem identifiers, package managers, and configuration examples. Learn more
β‘ Dependency Updates
- Playwright v1.59.0 β New Screencast API (
page.screencast), Browser Interoperability (browser.bind()), Observability Dashboard, and CLI debugger for agents. - MCP Gateway v0.2.11 β WASM guard startup time reduced (wazero compilation cache), accurate
/healthendpoint, embedded config schema. - Playwright MCP v0.0.70 β Tracks Playwright v1.59.0.
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@corygehr
- Request: Allow commenting, editing posts within a Discussion (direct issue)
@deyaaeldeen
@ericstj
- Feature request: allow for templating of steps (direct issue)
@jaroslawgajewski
- "Check workflow file timestamps" step fails with ERR_CONFIG when workflow runs cross-repo via org rulesets (direct issue)
@johnpreed
- gh aw add rewrites {\{#import shared/X.md}} with incorrect cross-repo path (resolves from repo root instead of .github/workflows/) (direct issue)
@kbreit-insight
@strawgate
For complete details, see CHANGELOG.
Generated by Release
What's Changed
- [docs] docs: remove duplicate Claude plugins section and condense create-discussion FAQ by @github-actions[bot] in #23816
- fix: extract
${{ }}expressions from<safe-output-tools>max: values to avoid 21KB heredoc limit by @Copilot in #23812 - feat: auto-generate --allow-host-service-ports from services: port mappings by @Mossaka in #23760
- fix: use GITHUB_WORKFLOW_REF to resolve source repo for cross-repo lock file hash check by @Copilot in #23808
- [jsweep] Clean messages_run_status.cjs by @github-actions[bot] in #23824
- feat: bump MCP Gateway v0.2.11, Playwright Browser v1.59.0, Playwright MCP 0.0.70, Firewall v0.25.6 by @Copilot in #23821
- fix: body-level {{#import shared/X.md}} rewritten with wrong cross-repo path in gh aw add by @Copilot in #23817
- [ca] fix: update golden files for awf v0.25.6 and mcpg v0.2.11 by @github-actions[bot] in #23846
- [instructions] Sync github-agentic-workflows.md with v0.65.2 by @github-actions[bot] in #23856
- [docs] Update glossary - daily scan by @github-actions[bot] in #23853
- [docs] Developer Documentation Consolidation v4.9 by @github-actions[bot] in #23858
- [code-simplifier] refactor: simplify imports.go and add_command.go from PR #23817 by @github-actions[bot] in #23844
- fix: use
tokeninstead ofgithub-tokenforupload-sarifaction by @Copilot in #23837 - fix: thread discussion replies when add_comment triggered by discussion_comment event by @Copilot in #23836
- Docs: Add "Supported Languages & Ecosystems" reference page by @Copilot in #23833
- docs: add concrete steps/mcp-servers/jobs import examples to imports reference by @Copilot in #23835
- docs: update APM to use shared/apm.md imported workflow by @Copilot in #23877
- bump: gh-aw-firewall v0.25.6, gh-aw-mcpg v0.2.11 by @Copilot in #23879
- Remove noisy negative-result messages from compile output by @Copilot in #23878
- fix: update_cache_memory must not run if agent job failed by @Copilot in #23876
- Improve test quality: pkg/parser/frontmatter_utils_test.go by @Copilot in #23868
- [q] fix: improve patch size logging with warning level and diff stat breakdown (#23865) by @github-actions[bot] in #23871
- [dead-code] chore: remove dead functions β 4 functions removed by @github-actions[bot] in #23882
- feat: allow
timeout-minutesto accept GitHub Actions expressions by @Copilot in #23863 - feat: parameterize engine.version to accept GitHub Actions expressions (injection-safe) by @Copilot in #23870
- [WIP] Fix daily mcp concurrency analysis by adding jq and git log to bash allowlist by @Copilot in #23886
- fix: integer/bool step env values silently dropped during workflow compilation by @Copilot in #23887
- fix: YAML syntax error in ci.yml caused by heredoc body at column 0 by @Copilot in #23895
- fix: align qmd step names with established naming conventions by @Copilot in #23891
- feat: parameterize tools.timeout and tools.startup-timeout to accept GitHub Actions expressions by @Copilot in #23888
- fix(audit): surface Codex firewall blocks from agent-stdio.log and populate action_minutes by @Copilot in #23889
- fix: use assert.Positive instead of assert.Greater with 0 in testifylint by @Copilot in #23910
Full Changelog: v0.65.3...v0.65.4
Contributors
Assets 18
v0.65.3
π Release Highlights
This release focuses on improving the gh aw update experience, prerelease handling, and release channel management β with important fixes for import path preservation and service container documentation.
β οΈ Breaking Changes
- Stable release channel removed (#23755): The
releases.jsonaliases and stable release channel have been removed. If you were pinned to thestablechannel, switch tolatest. Theupdate-stable-release.ymlworkflow has also been removed.
β¨ What's New
- Prerelease-aware updates (#23810):
gh aw updatenow skips prerelease versions when resolving the latest release, so you'll always land on a stable rele 5797 ase by default. - Release promotion workflow (#23811): A new internal workflow makes it easy to promote a prerelease to the latest stable channel with a single trigger.
π Bug Fixes & Improvements
gh aw updateno longer rewrites local imports (#23809): Fixed a bug where runninggh aw updatewould overwrite local relativeimports:paths with cross-repo paths that fail at runtime.- DeepReport workflow reliability (#23807): Switched from Codex to Claude engine and corrected the memory path so the deep-report workflow runs reliably.
π Documentation
- Service containers from the agent sandbox (#23776): Clarified that services (e.g., Postgres) started via
services:are bound to the runner host and must be reached from the agent container usinghost.docker.internal:<port>β notlocalhost.
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@johnpreed
@srgibbs99
- BUG: AWF agent cannot reach Postgres started via
services:(direct issue)
For complete details, see CHANGELOG.
Generated by Release
What's Changed
- [log] Add debug logging to metrics, observability, and workflow compilation by @github-actions[bot] in #23785
- [actions] Update GitHub Actions versions - 2026-03-31 by @github-actions[bot] in #23778
- fix(deep-report): switch to claude engine and fix memory path by @Copilot in #23807
- [docs] docs: clarify service container accessibility from agent sandbox by @github-actions[bot] in #23776
- Remove releases.json aliases and stable release channel support by @Copilot in #23755
- Add workflow to promote a release to latest/non-prerelease by @Copilot in #23811
- Ignore prerelease releases when fetching GitHub releases by @Copilot in #23810
- fix: preserve local relative imports during gh aw update by @Copilot in #23809
Full Changelog: v0.65.2...v0.65.3
v0.65.2
π Release Highlights
This patch release brings a new configurability option for pull request workflows, a reliable fix for external-repository checkout scenarios, and a round of CLI consistency improvements β plus three community-reported issues resolved.
β¨ What's New
- Configurable
create-pull-requestauto-close behavior β Thecreate-pull-requestsafe-output now lets you control whether the triggering issue is automatically closed when the PR is merged. Previously this was always-on; now it can be tuned per workflow. (Requested by the community β see #23736)
π Bug Fixes & Improvements
-
Restore
actions/setupafter external root checkout β When a workflow checks out an external repository to the workspace root (nopath:specified),actions/checkoutwas overwriting$GITHUB_WORKSPACEand deleting the locally checked-outactions/setupdirectory, causing a post-step failure (Can't find 'action.yml'). The compiler now appends aRestore actions folderstep (if: always()) in dev mode when this pattern is detected. (#23751) -
CLI consistency improvements β Addressed redundant flags, unexplained jargon, and discrepancies between help text and documentation to make the CLI more approachable. (#23750)
-
MCP table output routing β
mcp list-toolsandmcp inspectnow route table output through explicitconsole.RenderTable()calls with unambiguous stdout routing, aligning with the established pattern inmcp list. (#23752) -
WASM golden files updated for firewall v0.25.5 (#23743)
-
Release tooling β New releases are now created as pre-releases by default, preventing automated releases from being promoted to "latest" without explicit maintainer action. (#23754)
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@abillingsley
@Rubyj
- MCP safe-output tools not accessible to Codex in AWF chroot on self-hosted runners (file permission issue) (direct issue)
@strawgate
- AWF agent PATH misses GITHUB_PATH additions (direct issue)
For complete details, see CHANGELOG.
Generated by Release
What's Changed
- fix: update WASM golden files for firewall version v0.25.5 by @Copilot in #23743
- fix: reduce docs-noob-tester scope to prevent timeout by @Copilot in #23742
- Make
create-pull-requestauto-close issue behavior configurable by @Copilot in #23738 - [slides] Fix mcp-servers allowed field syntax in slides by @github-actions[bot] in #23749
- fix: address CLI consistency issues - redundant flags, unexplained jargon, and doc discrepancies by @Copilot in #23750
- Migrate MCP list/inspect table output to explicit console.RenderTable() with stdout routing by @Copilot in #23752
- Mark new releases as pre-release and suppress auto-latest promotion by @Copilot in #23754
- fix: restore actions/setup after external root checkout in agent job by @Copilot in #23751
Full Changelog: v0.65.1...v0.65.2
v0.65.1
What's Changed
- feat: default to stable version and resolve aliases in install-gh-aw.sh by @Copilot in #23628
- Add CI job to test install-gh-aw.sh with stable release by @Copilot in #23633
- fix: sync install.sh with install-gh-aw.sh and update test for stable version default by @Copilot in #23632
- docs: add Releases and Versioning reference page by @Copilot in #23635
- [jsweep] Clean add_reaction.cjs by @github-actions[bot] in #23639
- feat: add approval-label cookie to all workflows with min-integrity: approved by @Copilot in #23627
- Fix qmd indexing job failure due to TypeScript peer dependency conflict by @Copilot in #23645
- chore: bump @playwright/mcp 0.0.68β0.0.69 and MCP Gateway v0.2.9βv0.2.10 by @Copilot in #23644
- fix: correct YAML indentation for detection job permissions block by @Copilot in #23647
- [architecture] Update architecture diagram - 2026-03-31 by @github-actions[bot] in #23657
- Recompile workflows to sync lock files with source markdown by @Copilot in #23676
- [docs] Update Astro dependencies - 2026-03-31 by @github-actions[bot] in #23670
- [instructions] Sync github-agentic-workflows.md with release v0.65.0 by @github-actions[bot] in #23669
- [docs] Consolidate developer specs into dev.md v4.8 by @github-actions[bot] in #23671
- [community] Update community contributions in README by @github-actions[bot] in #23667
- [docs] Update glossary - daily scan by @github-actions[bot] in #23665
- [code-simplifier] refactor: simplify detection job permissions and WASM result building by @github-actions[bot] in #23651
- chore(deps): bump github.com/rhysd/actionlint from 1.7.11 to 1.7.12 by @dependabot[bot] in #23661
- fix(functional-pragmatist): replace make+len patterns to avoid CodeQL violations by @Copilot in #23685
- [dead-code] chore: remove dead functions β 7 functions removed by @github-actions[bot] in #23693
- chore: update @se 5797 ntry/mcp-server to 0.31.0 by @Copilot in #23697
- chore(deps): bump @sentry/mcp-server from 0.29.0 to 0.31.0 in /.github/workflows by @dependabot[bot] in #23660
- feat: add Release Punter workflow by @Copilot in #23694
- [q] refactor(console): migrate list.go from Bubble Tea to huh Select (#23690) by @github-actions[bot] in #23700
- fix: move protected files details section inside alert block by @Copilot in #23702
- Fix engine failure message: include engine ID and use blob URL for workflow source by @Copilot in #23703
- chore: bump gh-aw-firewall (AWF) to v0.25.5 by @Copilot in #23711
- Improve test quality: scripts/lint_error_messages_test.go by @Copilot in #23706
- Skip update_cache_memory job when agent job is skipped by @Copilot in #23720
- refactor: eliminate semanticVersion duplicate struct and findGitRoot passthrough wrapper by @Copilot in #23707
- [docs] Self-healing documentation fixes from issue analysis - 2026-03-31 by @github-actions[bot] in #23728
- Remove unused
integrityLevelOrdervariable to fix lint by @Copilot in #23721 - fix: close @mention neutralization bypass via U+200E/200F/00AD/034F invisible chars by @Copilot in #23735
Full Changelog: v0.65.0...v0.65.1
Contributors
Assets 17
v0.65.0
π Release Highlights
v0.65.0 is a feature-rich release focused on MCP Gateway security controls, GitHub App org-level API access, and workflow lifecycle management β alongside a new Microsoft APM shared workflow and significant compiled output improvements.
β¨ What's New
π GitHub App Token: Org-Level Permissions
You can now grant org-scoped API access (e.g. members: read, organization-administration: read) directly in your workflow frontmatter β no more silent null responses when calling org-level GitHub APIs:
tools:
github:
toolsets: [orgs, users]
github-app:
app-id: $\{\{ vars.APP_ID }}
private-key: $\{\{ secrets.APP_PRIVATE_KEY }}
permissions:
members: readπ‘οΈ MCP Gateway: Trusted Users & OIDC Authentication
Two powerful new MCP Gateway security features ship in this release:
trusted-usersβ Elevate specific GitHub usernames toapprovedintegrity without lowering the globalmin-integritypolicy. Useful for contractors or partner developers who need elevated access without becoming repo collaborators.- GitHub OIDC authentication β HTTP MCP servers can now authenticate using GitHub Actions OIDC tokens, enabling secure server-to-server trust without static credentials:
tools:
mcp-servers:
my-server:
type: http
url: "(myserver.example.com/redacted)
auth:
type: github-oidc
audience: "(myserver.example.com/redacted)"π Version Update Check on Activation
Workflows now check at runtime whether the compiled gh-aw version is still supported. Blocked versions fail fast; below-recommended versions emit a warning. This protects against running workflows compiled with revoked or outdated versions. Disable with check-for-updates: false (emits a compile-time warning).
π¦ Microsoft APM via shared/apm.md
APM package support is now available as a clean shared workflow import, replacing the deprecated dependencies: field:
imports:
- uses: shared/apm.md
with:
packages:
- microsoft/apm-sample-package𧹠Cleaner Compiled Lock Files
The prompt heredoc consolidation refactor reduces compiled .lock.yml output by ~900 lines across the repo, making diffs dramatically easier to review when prompt content changes.
π Bug Fixes & Improvements
- Fix
actions/setuprestore after cross-repo checkout insafe_outputsandupload_assetsjobs β prevents runner post-step failures in dev mode (#23587, #23604) - Fix
add_labelsschema βlabelsfield is now correctly markedrequiredin the safe-outputs inputSchema, preventing silent omission by JSONL-mode agents (#23610) - Fix Daily Doc Updater β
cookie-labeled issues (filed by automation workflows) are now surfaced correctly withapproval-labels: [cookie](#23613) - Remove unused APM constants from
pkg/constantsand CI checks (#23624)
π Documentation
- Fixed sitemap (
sitemap-index.xml) and RSS feed (blog/rss.xml) 404s on the docs site (#23585)
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@bbonafed
@dholmes
- Can not fetch members from org when using an app token (direct issue)
For complete details, see CHANGELOG.
Generated by Release
What's Changed
- feat: group all concatenations in "Create prompt with built-in context" into a single section by @Copilot in #23588
- fix(step-names): align cache-memory git setup step with
Setup <component>convention by @Copilot in #23586 - docs: fix sitemap and RSS feed 404s by @Copilot in #23585
- fix: restore actions/setup after cross-repo checkout in safe_outputs job by @Copilot in #23587
- [log] add debug logging to 5 pkg files (batch 2) by @github-actions[bot] in #23593
- feat: add version update check for compile-agentic activation by @Copilot in #23575
- [actions] Update GitHub Actions versions - 2026-03-30 by @Copilot in #23599
- fix: restore actions/setup in upload_assets job after git branch switch (dev mode) by @Copilot in #23604
- feat: Allow extra permissions on
tools.github.github-apptoken for org-level API access by @Copilot in #23600 - fix(daily-doc-updater): add cookie-label approval and Step 1d to surface automation-filed doc gaps by @Copilot in #23613
- feat: add shared/apm.md shared workflow with Microsoft APM support by @Copilot in #23509
- feat: add trusted-users to MCP Gateway guard policy by @Copilot in #23608
- MCP Gateway: Add upstream OIDC authentication to schema, spec, and compiler by @Copilot in #23611
- fix(safeoutputs): add
required: ["labels"]toadd_labelsinputSchema by @Copilot in #23610 - fix(instructions-janitor): use GitHub MCP get_latest_release instead of git describe by @Copilot in #23625
- fix: remove unused APM constants and references by @Copilot in #23624
- Add release alias map to releases.json by @Copilot in #23626
Full Changelog: v0.64.5...v0.65.0