Commit 1742990
authored
![tryghost-renovate[bot]](https://avatars.githubusercontent.com/u/2178663?v=4&size=40){kind=avatar}
Update github/gh-aw action to v0.79.4 (#28582)
> ℹ️ **Note**
>
> This PR body was truncated due to platform limits.
This PR contains the following updates:
| Package | Type | Update | Change | Pending |
|---|---|---|---|---|
| [github/gh-aw](https://redirect.github.com/github/gh-aw) | action |
minor | `v0.68.3` → `v0.79.4` | `v0.79.9` (+1) |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/28155) for more information.
---
### Release Notes
<details>
<summary>github/gh-aw (github/gh-aw)</summary>
###
[`v0.79.4`](https://redirect.github.com/github/gh-aw/releases/tag/v0.79.4)
[Compare
Source](https://redirect.github.com/github/gh-aw/compare/v0.79.3...v0.79.4)
#### 🌟 Release Highlights
v0.79.4 delivers significant improvements to AI credit (AIC) cost
tracking and telemetry accuracy, introduces new workflow authoring
controls for custom model pricing and configurable timeouts, and hardens
sandbox security. A focused round of bug fixes improves milestone
caching, SHA-pinning reliability, and failure reporting.
##### ⚠️ Breaking Changes
- **`dangerously-disable-sandbox-agent` now requires an
operator-authored string justification**
([#​38325](https://redirect.github.com/github/gh-aw/pull/38325)).
Boolean `true` is no longer accepted — workflows must supply a
plain-text reason (≥ 20 characters) explaining why the trust boundary is
being removed. Update any workflow using
`dangerously-disable-sandbox-agent: true` to a descriptive string.
- **`user-invokable` and `disable-model-invocation` fields removed from
the gh-aw schema**
([#​38328](https://redirect.github.com/github/gh-aw/pull/38328)).
These Copilot-specific fields have no meaning in gh-aw workflows and
will now produce a validation error. Remove them from any
`.github/workflows/*.md` files.
##### ✨ What's New
- **Custom model pricing via `models` frontmatter**
([#​38276](https://redirect.github.com/github/gh-aw/pull/38276)).
Declare custom cost tables for private or non-catalog models directly in
your workflow frontmatter. Overlays merge over the built-in
`models.json` at runtime with main-workflow precedence. [Learn
more](https://github.github.com/gh-aw/reference/cost-management/)
- **Configurable safe-outputs timeout**
([#​38361](https://redirect.github.com/github/gh-aw/pull/38361)).
The default `safe_outputs` job timeout has been raised from 30 to **45
minutes**, and a new `safe-outputs.timeout-minutes` frontmatter field
lets you tune it per workflow. [Learn
more](https://github.github.com/gh-aw/reference/safe-outputs/)
- **`create_check_run` now supports PR targeting**
([#​38237](https://redirect.github.com/github/gh-aw/pull/38237)).
Pass `target: "pr"` or `target: "*"` to attach check runs to the
triggering pull request in addition to the existing commit-based flow.
- **Steering messages visible in unified log view**
([#​38277](https://redirect.github.com/github/gh-aw/pull/38277)).
Mid-run steering messages from operators are now rendered inline in the
unified workflow log.
##### 🐛 Bug Fixes & Improvements
- **AIC telemetry accuracy across all engines**
([#​38314](https://redirect.github.com/github/gh-aw/pull/38314),
[#​38364](https://redirect.github.com/github/gh-aw/pull/38364),
[#​38327](https://redirect.github.com/github/gh-aw/pull/38327),
[#​38412](https://redirect.github.com/github/gh-aw/pull/38412)).
The `github_models` provider alias is now recognised; zero-AIC firewall
proxy responses correctly fall back to engine-reported values; AIC
credits are properly wired through the agent failure handler and
propagated into the failure footer.
- **Milestone cache now scoped per owner/repo**
([#​38342](https://redirect.github.com/github/gh-aw/pull/38342)).
Milestone lookups in `assign_milestone` no longer bleed across
repositories in multi-repo runs.
- **SHA-pinning for runtime setup-cli in custom `steps:` workflows**
([#​38344](https://redirect.github.com/github/gh-aw/pull/38344)).
The emitted `setup-cli` step in `steps:` workflows now receives a SHA
pin, aligning with the security posture of standard compiled workflows.
- **Failure-issue permission denials handled gracefully**
([#​38273](https://redirect.github.com/github/gh-aw/pull/38273)).
Workflows lacking `issues: write` no longer crash on failure reporting;
timeout-specific failure messages are now enforced separately.
- **Usage tracking fixed for engine jobs**
([#​38353](https://redirect.github.com/github/gh-aw/pull/38353)).
`sendJobConclusionSpan` now correctly records token usage for
engine-backed jobs.
##### 📚 Documentation
- Auth reference page restructured for clarity
([#​38390](https://redirect.github.com/github/gh-aw/pull/38390))
- `copilot-requests: write` now recommended for Copilot authentication
([#​38404](https://redirect.github.com/github/gh-aw/pull/38404)) —
[see permissions
reference](https://github.github.com/gh-aw/reference/permissions/)
- AIC pricing documentation now links to the live
[models.dev](\(models.dev/redacted\)) catalog
([#​38371](https://redirect.github.com/github/gh-aw/pull/38371))
> Generated by [🚀
Release](https://redirect.github.com/github/gh-aw/actions/runs/27300999944)
· 164.2 AIC · ⊞ 28.8K
<!-- gh-aw-agentic-workflow: Release, engine: copilot, version: 1.0.60,
model: claude-sonnet-4.6, id: 27300999944, workflow_id: release, run:
https://github.com/github/gh-aw/actions/runs/27300999944 -->
***
#### What's Changed
- \[caveman] Optimize instruction verbosity — memory, mcp-clis,
messages, network (2026-06-10) by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38263](https://redirect.github.com/github/gh-aw/pull/38263)
- \[WIP] Fix failing GitHub Actions job Integration: Workflow Misc Part
2 by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38265](https://redirect.github.com/github/gh-aw/pull/38265)
- Handle failure-issue permission denials and enforce timeout-specific
failure messaging by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38273](https://redirect.github.com/github/gh-aw/pull/38273)
- Add steering message rendering in unified log view by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38277](https://redirect.github.com/github/gh-aw/pull/38277)
- emit gh-aw\.aic as OTLP Sum metric for backend-native consumption by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38279](https://redirect.github.com/github/gh-aw/pull/38279)
- Add objective mapping constants and tests by
[@​mnkiefer](https://redirect.github.com/mnkiefer) in
[#​38293](https://redirect.github.com/github/gh-aw/pull/38293)
- Fix empty AIC cells in daily guardrail summary when no prior runs
exist in 24h window by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38304](https://redirect.github.com/github/gh-aw/pull/38304)
- Remove `gh_aw.aic` OTLP metric emission and keep AIC on traces only by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38312](https://redirect.github.com/github/gh-aw/pull/38312)
- fix: emit gh-aw\.aic for all engines by recognizing github\_models
provider alias by [@​Copilot](https://redirect.github.com/Copilot)
in [#​38314](https://redirect.github.com/github/gh-aw/pull/38314)
- Add PR-targeting support to `create_check_run` (including `target:
"*"` flows) by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38237](https://redirect.github.com/github/gh-aw/pull/38237)
- \[instructions] Sync instruction files with release v0.79.3 by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38316](https://redirect.github.com/github/gh-aw/pull/38316)
- \[spec-extractor] Update package specifications for tty, types,
typeutil, workflow by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38334](https://redirect.github.com/github/gh-aw/pull/38334)
- feat: require operator-authored justification for
dangerously-disable-sandbox-agent by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38325](https://redirect.github.com/github/gh-aw/pull/38325)
- fix: wire GH\_AW\_AIC and GH\_AW\_MAX\_AI\_CREDITS to Handle agent
failure step by [@​Copilot](https://redirect.github.com/Copilot)
in [#​38327](https://redirect.github.com/github/gh-aw/pull/38327)
- Cap impacted Go test selection at \~1 minute via sampled unit tests by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38343](https://redirect.github.com/github/gh-aw/pull/38343)
- CJS: ignore impacted JS runs when no matching test files exist by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38339](https://redirect.github.com/github/gh-aw/pull/38339)
- pkg/linters: extract inspector helper, migrate to Cursor API, add
autofixes by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38317](https://redirect.github.com/github/gh-aw/pull/38317)
- fix: usage tracking for engine jobs in sendJobConclusionSpan by
[@​mnkiefer](https://redirect.github.com/mnkiefer) in
[#​38353](https://redirect.github.com/github/gh-aw/pull/38353)
- \[docs] Update documentation for features from 2026-06-10 by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38351](https://redirect.github.com/github/gh-aw/pull/38351)
- chore: remove `user-invokable` and `disable-model-invocation` from the
gh-aw schema by [@​Copilot](https://redirect.github.com/Copilot)
in [#​38328](https://redirect.github.com/github/gh-aw/pull/38328)
- Updating daily token consumption report to new AIC format by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38362](https://redirect.github.com/github/gh-aw/pull/38362)
- fix(assign\_milestone): scope milestone cache by owner/repo to prevent
cross-repo pollution by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38342](https://redirect.github.com/github/gh-aw/pull/38342)
- docs: source AIC pricing from models.dev catalog by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38371](https://redirect.github.com/github/gh-aw/pull/38371)
- Bound sampled impacted Go test patterns to prevent `go test` argv
overflow by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38381](https://redirect.github.com/github/gh-aw/pull/38381)
- Add `models` frontmatter field for custom model pricing by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38276](https://redirect.github.com/github/gh-aw/pull/38276)
- Record agent failure categories as OTLP attribute for counting by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38331](https://redirect.github.com/github/gh-aw/pull/38331)
- feat: raise safe\_outputs default timeout to 45m and add
safe-outputs.timeout-minutes frontmatter by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38361](https://redirect.github.com/github/gh-aw/pull/38361)
- fix: SHA-pin the runtime setup-cli step emitted for custom `steps:`
workflows by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38344](https://redirect.github.com/github/gh-aw/pull/38344)
- Replace `/reference/auth` engine-secret table with header/list
reference blocks by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38390](https://redirect.github.com/github/gh-aw/pull/38390)
- fix(telemetry): emit gh-aw\.aic=0 and fall back to engine-reported AIC
when firewall proxy reports zero by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38364](https://redirect.github.com/github/gh-aw/pull/38364)
- optimize: reduce claude-code-user-docs-review AIC cost \~20–33% by
eliminating redundant main-agent work by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38401](https://redirect.github.com/github/gh-aw/pull/38401)
- docs: recommend `copilot-requests: write` for Copilot authentication
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38404](https://redirect.github.com/github/gh-aw/pull/38404)
- Expand Daily AIC report to include Grafana telemetry and
backend-specific AIC gaps by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38400](https://redirect.github.com/github/gh-aw/pull/38400)
- \[docs] docs: unbloat monitoring-with-projects.md by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38417](https://redirect.github.com/github/gh-aw/pull/38417)
- \[WIP] Fix failing GitHub Actions job 'js-typecheck' by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38397](https://redirect.github.com/github/gh-aw/pull/38397)
- \[WIP] Explore agent persona and scenarios for agentic workflows by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38407](https://redirect.github.com/github/gh-aw/pull/38407)
- Propagate resolved AI credits into failure footer context by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38412](https://redirect.github.com/github/gh-aw/pull/38412)
**Full Changelog**:
<https://github.com/github/gh-aw/compare/v0.79.3...v0.79.4>
###
[`v0.79.3`](https://redirect.github.com/github/gh-aw/releases/tag/v0.79.3)
[Compare
Source](https://redirect.github.com/github/gh-aw/compare/v0.79.2...v0.79.3)
#### 🌟 Release Highlights
v0.79.3 focuses on **security hardening** — stricter sandbox controls,
enforced AI credit guardrails, and improved error surfacing for
misconfigured model names.
##### ⚠️ Breaking Changes
- **`imports.if` removed** — Conditional frontmatter imports have been
removed to keep import chains security-stable. Migrate experiment-driven
conditional imports to runtime body-level imports.
([#​38247](https://redirect.github.com/github/gh-aw/pull/38247))
- **`sandbox.agent: false` requires explicit feature flag** — Disabling
the agent sandbox now requires the `dangerously-disable-sandbox-agent`
feature flag. Workflows without it will fail to compile, ensuring the
security trade-off is always intentional.
([#​38205](https://redirect.github.com/github/gh-aw/pull/38205))
- **Sandbox-disable justification enforced** — Sandbox-disable
declarations must now include a justification string; new AWF import and
safe-output constraints are enforced at compile time.
([#​38228](https://redirect.github.com/github/gh-aw/pull/38228))
##### ✨ What's New
- **Clearer model error messages** — Invalid model names (Copilot,
Codex, Claude) are now detected and routed to actionable conclusion
failures instead of cryptic errors.
([#​38258](https://redirect.github.com/github/gh-aw/pull/38258))
- **AI credit guardrails with built-in defaults** — Credit limits now
default to **5,000/day** and **1,000/run**, with a consistent resolution
order: frontmatter → imported config → GitHub variable → built-in
constant.
([#​38197](https://redirect.github.com/github/gh-aw/pull/38197))
- **Dynamic `checkout.repository` expressions unblocked** — Checkout
manifest generation now uses `github-script`, enabling dynamic
repository expressions in workflow definitions.
([#​38154](https://redirect.github.com/github/gh-aw/pull/38154))
- **New `execcommandwithoutcontext` linter** — Auto-mined linter
[#​24](https://redirect.github.com/github/gh-aw/issues/24) flags
bare `exec.Command` calls in context-aware functions and provides an
auto-fix to `exec.CommandContext`.
([#​38185](https://redirect.github.com/github/gh-aw/pull/38185))
##### 🐛 Bug Fixes & Improvements
- Init file writers now recursively create parent directories,
preventing failures when output paths do not yet exist.
([#​38204](https://redirect.github.com/github/gh-aw/pull/38204))
- Caller context is properly threaded into `pushWorkflowFiles` git
subprocesses for better tracing and correctness.
([#​38208](https://redirect.github.com/github/gh-aw/pull/38208))
- GitHub API rate limit is now measured and logged around the daily AI
credit guardrail check.
([#​38256](https://redirect.github.com/github/gh-aw/pull/38256))
##### 📚 Documentation
- **`on.roles` clarified** — `on.roles` is an exact-match allowlist, not
a privilege threshold.
([#​38209](https://redirect.github.com/github/gh-aw/pull/38209))
- Cost Management reference updated with default runaway-cost guardrails
and improved formatting.
([#​38186](https://redirect.github.com/github/gh-aw/pull/38186),
[#​38224](https://redirect.github.com/github/gh-aw/pull/38224))
- OpenTelemetry references and docs updated.
([#​38196](https://redirect.github.com/github/gh-aw/pull/38196))
- Fixed `mcp list-tools` example to use the correct `--server` flag.
([#​38188](https://redirect.github.com/github/gh-aw/pull/38188))
- Quick-start guide clarifies the `githubnext/agentics` origin and
simplifies the `.lock.yml` explanation.
([#​38189](https://redirect.github.com/github/gh-aw/pull/38189))
> Generated by [🚀
Release](https://redirect.github.com/github/gh-aw/actions/runs/27250284911)
· 109.6 AIC · ⊞ 28.8K
<!-- gh-aw-agentic-workflow: Release, engine: copilot, version: 1.0.60,
model: claude-sonnet-4.6, id: 27250284911, workflow_id: release, run:
https://github.com/github/gh-aw/actions/runs/27250284911 -->
***
#### What's Changed
- Compile: move checkout-manifest generation to github-script to unblock
dynamic checkout.repository expressions by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38154](https://redirect.github.com/github/gh-aw/pull/38154)
- docs: add default runaway-cost guardrails to Cost Management reference
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38186](https://redirect.github.com/github/gh-aw/pull/38186)
- docs: fix `mcp list-tools` example to use `--server` flag by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38188](https://redirect.github.com/github/gh-aw/pull/38188)
- Add formal compiler threat-detection test suite for
CTR-001/011/014/015/016 by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38166](https://redirect.github.com/github/gh-aw/pull/38166)
- docs(quick-start): clarify githubnext/agentics origin and simplify
.lock.yml paragraph by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38189](https://redirect.github.com/github/gh-aw/pull/38189)
- \[linter-miner] feat(linters): add execcommandwithoutcontext linter by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38185](https://redirect.github.com/github/gh-aw/pull/38185)
- Remove extra otlp test/advisor workflows by
[@​mnkiefer](https://redirect.github.com/mnkiefer) in
[#​38200](https://redirect.github.com/github/gh-aw/pull/38200)
- Update OpenTelemetry references and docs by
[@​mnkiefer](https://redirect.github.com/mnkiefer) in
[#​38196](https://redirect.github.com/github/gh-aw/pull/38196)
- docs: clarify on.roles is an exact-match allowlist, not a privilege
threshold by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38209](https://redirect.github.com/github/gh-aw/pull/38209)
- Require `dangerously-disable-sandbox-agent` feature flag to allow
`sandbox.agent: false` by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38205](https://redirect.github.com/github/gh-aw/pull/38205)
- Ensure init file writers create parent directories recursively by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38204](https://redirect.github.com/github/gh-aw/pull/38204)
- docs(cost-management): replace all tables with headers and lists by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38224](https://redirect.github.com/github/gh-aw/pull/38224)
- \[caveman] Optimize instruction verbosity — context.md, experiments.md
(2026-06-09) by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38215](https://redirect.github.com/github/gh-aw/pull/38215)
- Thread caller context into `pushWorkflowFiles` git subprocesses by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38208](https://redirect.github.com/github/gh-aw/pull/38208)
- docs: widen Starlight content column on large screens without
mid-width TOC regressions by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38230](https://redirect.github.com/github/gh-aw/pull/38230)
- Enforce AI credit resolution order; set built-in defaults to 5000
(daily) and 1000 (per-run) by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38197](https://redirect.github.com/github/gh-aw/pull/38197)
- Enforce sandbox-disable justification strings and surface new AWF
import/safe-output constraints by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38228](https://redirect.github.com/github/gh-aw/pull/38228)
- chore: bump gh-aw-firewall to v0.27.0 and sync AWF schema artifacts by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38235](https://redirect.github.com/github/gh-aw/pull/38235)
- Remove `imports.if` and migrate experiment-driven import usage to
runtime imports by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38247](https://redirect.github.com/github/gh-aw/pull/38247)
- \[WIP] Fix failing GitHub Actions job 'Integration: CLI Compile &
Poutine' by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38262](https://redirect.github.com/github/gh-aw/pull/38262)
- Measure and log GitHub API rate limit around daily AIC guardrail by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38256](https://redirect.github.com/github/gh-aw/pull/38256)
- Detect invalid model names across Copilot/Codex/Claude and surface as
specialized conclusion failures by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38258](https://redirect.github.com/github/gh-aw/pull/38258)
- \[WIP] Fix failing GitHub Actions job Integration: Workflow Features
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38261](https://redirect.github.com/github/gh-aw/pull/38261)
**Full Changelog**:
<https://github.com/github/gh-aw/compare/v0.79.2...v0.79.3>
###
[`v0.79.2`](https://redirect.github.com/github/gh-aw/releases/tag/v0.79.2)
[Compare
Source](https://redirect.github.com/github/gh-aw/compare/v0.79.1...v0.79.2)
#### 🌟 Release Highlights
This release sharpens the AI credits experience with clearer failure
messaging and better observability, closes two compilation edge cases,
and raises the quality bar for safe-outputs issue bodies.
##### ✨ What's New
- **Redesigned max-ai-credits failure template** — When a workflow
exhausts its AI credit budget, the failure issue now presents inline
metrics, a collapsible "Increase the limit" section with a copy-paste
snippet, and a cleaner layout that surfaces the fix immediately.
([#​38164](https://redirect.github.com/github/gh-aw/pull/38164))
- **Richer 429 guardrail context** — Engine `429 Maximum AI credits
exceeded` errors now include the specific `max-ai-credits` guardrail
details in the failure issue, eliminating generic rate-limit noise.
([#​38131](https://redirect.github.com/github/gh-aw/pull/38131))
- **AI credit usage tracked in OpenTelemetry** — AIC consumption is now
reported in OTel spans, making it easier to correlate credit spend with
workflow trace data.
([#​38163](https://redirect.github.com/github/gh-aw/pull/38163))
- **Actionable syntax-error recovery hints** — Duplicate frontmatter
keys and invalid permission scopes now produce targeted, actionable
hints instead of generic messages.
([#​38129](https://redirect.github.com/github/gh-aw/pull/38129))
- **Minimum body length enforced for `create_issue`** — Safe outputs now
reject placeholder or near-empty issue bodies at the schema and
validator level, preventing low-signal content from reaching GitHub.
([#​38114](https://redirect.github.com/github/gh-aw/pull/38114))
##### 🐛 Bug Fixes
- **Dynamic `checkout.repository` expressions now compile correctly** —
`gh aw compile` was failing in v0.78.3+ when `checkout.repository` was a
`workflow_dispatch` input expression (e.g. `${{
github.event.inputs.trigger_ref }}`). The checkout-manifest generation
step has been moved to a `github-script` action to handle dynamic
expressions correctly.
([#​38154](https://redirect.github.com/github/gh-aw/pull/38154))
- **`assertTrustedCheckoutRuntime` fixed for bot/app actors** — Calls
with GitHub App actors like `Copilot` or `dependabot` were returning
HTTP 404 because the API does not accept App login names for
collaborator permission checks. The function now detects and handles
bot/app actors correctly.
([#​38152](https://redirect.github.com/github/gh-aw/pull/38152))
##### 📚 Documentation
- **Feature-sync example page streamlined** — Seven near-identical
`create-pull-request` examples were consolidated, making the multi-repo
feature synchronization pattern easier to scan.
([#​38182](https://redirect.github.com/github/gh-aw/pull/38182))
- **Upstream-managed workflow provenance documented in AGENTS.md** —
Workflows with a `source:` frontmatter entry (e.g. from
`githubnext/agentic-ops`) are now explicitly flagged as read-only, with
the approved update path (`gh aw update`) spelled out for contributors.
([#​38087](https://redirect.github.com/github/gh-aw/pull/38087))
> Generated by [🚀
Release](https://redirect.github.com/github/gh-aw/actions/runs/27225935284)
· 121.3 AIC · ⊞ 28.6K
<!-- gh-aw-agentic-workflow: Release, engine: copilot, version: 1.0.60,
model: claude-sonnet-4.6, id: 27225935284, workflow_id: release, run:
https://github.com/github/gh-aw/actions/runs/27225935284 -->
***
#### What's Changed
- Enforce minimum `create_issue` body length in safe outputs schema and
validator by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38114](https://redirect.github.com/github/gh-aw/pull/38114)
- Expand daily Windows terminal integration builder with systematic
Windows chaos scenarios by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38132](https://redirect.github.com/github/gh-aw/pull/38132)
- Document upstream-managed workflow provenance and update path in
AGENTS.md by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38087](https://redirect.github.com/github/gh-aw/pull/38087)
- Standardize workflow YAML unmarshalling on goccy/go-yaml by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38130](https://redirect.github.com/github/gh-aw/pull/38130)
- Implementing AIC usage in otel by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38163](https://redirect.github.com/github/gh-aw/pull/38163)
- Improve syntax-error recovery hints for duplicate keys and invalid
permission scopes by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38129](https://redirect.github.com/github/gh-aw/pull/38129)
- Surface max-ai-credits guardrail context for 429 engine failures by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38131](https://redirect.github.com/github/gh-aw/pull/38131)
- Refactor linters to share AST helpers and eliminate helper drift by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38020](https://redirect.github.com/github/gh-aw/pull/38020)
- Fix assertTrustedCheckoutRuntime for bot/app actors (Copilot,
dependabot) by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38152](https://redirect.github.com/github/gh-aw/pull/38152)
- \[docs] docs: unbloat feature-sync example page by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38182](https://redirect.github.com/github/gh-aw/pull/38182)
- feat: redesign max-ai-credits exceeded failure template by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38164](https://redirect.github.com/github/gh-aw/pull/38164)
**Full Changelog**:
<https://github.com/github/gh-aw/compare/v0.79.1...v0.79.2>
###
[`v0.79.1`](https://redirect.github.com/github/gh-aw/releases/tag/v0.79.1)
[Compare
Source](https://redirect.github.com/github/gh-aw/compare/v0.79.0...v0.79.1)
#### 🌟 Release Highlights
This patch release sharpens agent resilience, expands automated testing
coverage, and delivers targeted bug fixes across codemods, linters, and
safe-output handlers.
##### ✨ What's New
- **Daily safeoutputs git simulator workflow**
([#​38108](https://redirect.github.com/github/gh-aw/pull/38108)) —
A new daily agentic workflow continuously validates the safeoutputs git
simulation path, catching regressions before they reach users.
- **Two new codemods for persistent cross-repo compile failures**
([#​38097](https://redirect.github.com/github/gh-aw/pull/38097)) —
Automated codemods now resolve recurring compile failures in `maui` and
`azure-rest-api-specs`, reducing manual triage for common build
patterns.
- **Dedicated daily Windows CLI integration workflow**
([#​38048](https://redirect.github.com/github/gh-aw/pull/38048)) —
Windows-specific CLI smoke tests now run on a dedicated daily schedule,
giving earlier signal on platform regressions.
- **Compact MCP CLI help**
([#​38056](https://redirect.github.com/github/gh-aw/pull/38056)) —
MCP CLI help output now fits full command and option names within 20–30
lines, making it easier to scan available tools at a glance.
##### 🐛 Bug Fixes & Improvements
- **Standardized error codes on safe-output handlers**
([#​38100](https://redirect.github.com/github/gh-aw/pull/38100)) —
Four safe-output handlers now emit structured `USE-001` error codes,
making failures easier to identify and debug programmatically.
- **Tool-denial handling hardened**
([#​38051](https://redirect.github.com/github/gh-aw/pull/38051),
[#​38036](https://redirect.github.com/github/gh-aw/pull/38036),
[#​38101](https://redirect.github.com/github/gh-aw/pull/38101)) —
Workflow prompts and failure reports now handle repeated
permission-denial patterns more accurately: repeated denials surface
before generic warnings, and the last denied request is formatted for
clarity.
- **sortslice linter precision fix**
([#​38053](https://redirect.github.com/github/gh-aw/pull/38053)) —
The `sortslice` analyzer now matches stdlib sort calls by type identity
rather than identifier text, eliminating false positives from
identically-named non-stdlib functions.
- **Windows PowerShell `--help`/`version` check fixed**
([#​38115](https://redirect.github.com/github/gh-aw/pull/38115)) —
Corrects flag detection in the Windows CLI integration workflow so
PowerShell-specific invocation patterns are properly validated.
- **Hardened `validate-yaml` lockfile detection in CGO workflow**
([#​38112](https://redirect.github.com/github/gh-aw/pull/38112)) —
Lockfile presence checks during release builds are now more reliable,
preventing false failures in CGO compilation workflows.
- **Compacted system prompt blocks**
([#​38049](https://redirect.github.com/github/gh-aw/pull/38049)) —
Generated system prompts are smaller by flattening redundant XML
wrappers and deduplicating guidance, reducing token usage on every agent
invocation.
##### 📚 Documentation
- **sortslice** added to linters namespace docs and public-API spec
list, now covering 23 analyzers
([#​38052](https://redirect.github.com/github/gh-aw/pull/38052)).
- Daily documentation and glossary updates for features shipped in this
cycle
([#​38098](https://redirect.github.com/github/gh-aw/pull/38098),
[#​38092](https://redirect.github.com/github/gh-aw/pull/38092)).
> Generated by [🚀
Release](https://redirect.github.com/github/gh-aw/actions/runs/27213155622)
· 108.7 AIC · ⊞ 28.4K
<!-- gh-aw-agentic-workflow: Release, engine: copilot, version: 1.0.60,
model: claude-sonnet-4.6, id: 27213155622, workflow_id: release, run:
https://github.com/github/gh-aw/actions/runs/27213155622 -->
***
#### What's Changed
- Align workflow designer skill mappings with current AW reference
surface by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38033](https://redirect.github.com/github/gh-aw/pull/38033)
- Prioritize repeated-permission-denial context over generic
missing-tool warning by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38036](https://redirect.github.com/github/gh-aw/pull/38036)
- Add dedicated daily Windows CLI integration workflow by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38048](https://redirect.github.com/github/gh-aw/pull/38048)
- \[instructions] Sync instruction files with release v0.79.0 by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38077](https://redirect.github.com/github/gh-aw/pull/38077)
- Bump [@​types/node](https://redirect.github.com/types/node) from
25.9.1 to 25.9.2 in /actions/setup/js by
[@​dependabot](https://redirect.github.com/dependabot)\[bot] in
[#​38082](https://redirect.github.com/github/gh-aw/pull/38082)
- Bump golang.org/x/crypto from 0.52.0 to 0.53.0 by
[@​dependabot](https://redirect.github.com/dependabot)\[bot] in
[#​38081](https://redirect.github.com/github/gh-aw/pull/38081)
- \[docs] Update glossary - daily scan by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38092](https://redirect.github.com/github/gh-aw/pull/38092)
- \[spec-extractor] Update package specifications for stringutil,
styles, testutil, timeutil by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38088](https://redirect.github.com/github/gh-aw/pull/38088)
- Bump golang.org/x/mod from 0.36.0 to 0.37.0 by
[@​dependabot](https://redirect.github.com/dependabot)\[bot] in
[#​38084](https://redirect.github.com/github/gh-aw/pull/38084)
- \[docs] Update documentation for features from 2026-06-09 by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38098](https://redirect.github.com/github/gh-aw/pull/38098)
- Sync `sortslice` into linters namespace docs and public-API spec list
(23 analyzers) by [@​Copilot](https://redirect.github.com/Copilot)
in [#​38052](https://redirect.github.com/github/gh-aw/pull/38052)
- \[jsweep] Clean validate\_secrets.cjs by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​38031](https://redirect.github.com/github/gh-aw/pull/38031)
- chore: remove committed snapshot file and gitignore **snapshots** by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38104](https://redirect.github.com/github/gh-aw/pull/38104)
- feat: daily safeoutputs git simulator agentic workflow by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38108](https://redirect.github.com/github/gh-aw/pull/38108)
- sortslice: match stdlib sort calls by type identity, not identifier
text by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38053](https://redirect.github.com/github/gh-aw/pull/38053)
- Fix Windows PowerShell `--help`/`version` checks in Windows CLI
integration workflow by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38115](https://redirect.github.com/github/gh-aw/pull/38115)
- Harden `validate-yaml` release-build lockfile detection in CGO
workflow by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38112](https://redirect.github.com/github/gh-aw/pull/38112)
- Improve tool-denial failure report formatting for last denied request
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38101](https://redirect.github.com/github/gh-aw/pull/38101)
- Harden workflow prompts against systemic tool-denial patterns by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38051](https://redirect.github.com/github/gh-aw/pull/38051)
- feat: add two codemods for persistent cross-repo compile failures
(maui, azure-rest-api-specs) by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38097](https://redirect.github.com/github/gh-aw/pull/38097)
- \[ab-advisor] A/B experiment: prefetch\_strategy for
daily-safe-output-optimizer by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38096](https://redirect.github.com/github/gh-aw/pull/38096)
- fix(USE-001): add standardized error codes to four safe-output
handlers by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38100](https://redirect.github.com/github/gh-aw/pull/38100)
- Compact MCP CLI help to show full command/option names within 20/30
lines by [@​Copilot](https://redirect.github.com/Copilot) in
[#​38056](https://redirect.github.com/github/gh-aw/pull/38056)
- Removing snapshot test by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38124](https://redirect.github.com/github/gh-aw/pull/38124)
- Compact generated system prompt blocks by flattening XML wrappers and
removing duplicated guidance by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38049](https://redirect.github.com/github/gh-aw/pull/38049)
- Enforce trusted-reviewer triage in pr-finisher/copilot-review and
expand gh PR query filters by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​38127](https://redirect.github.com/github/gh-aw/pull/38127)
**Full Changelog**:
<https://github.com/github/gh-aw/compare/v0.79.0...v0.79.1>
###
[`v0.79.0`](https://redirect.github.com/github/gh-aw/releases/tag/v0.79.0)
[Compare
Source](https://redirect.github.com/github/gh-aw/compare/v0.78.3...v0.79.0)
#### 🌟 Release Highlights
v0.79.0 is a significant milestone release centered on the **AI Credits
(AIC)** naming migration, smarter budget guardrails, Windows platform
support, and a wave of compiler and tooling improvements.
##### ⚠️ Breaking Changes
- **`setup-steps` rejected on activation/pre-activation jobs** — The
compiler now fails fast if `setup-steps` is attached to `activation` or
`pre_activation` jobs, where it could bypass built-in protection
sequencing. Remove `setup-steps` from these job types before upgrading.
([#​37441](https://redirect.github.com/github/gh-aw/pull/37441))
- **`max-runs` deprecated → `max-turns`** — The top-level `max-runs`
field is deprecated in favor of the canonical `max-turns`. Automated
migration is available via `gh aw fix --write`.
([#​37587](https://redirect.github.com/github/gh-aw/pull/37587))
##### ✨ What's New
- **AI Credits (AIC) — complete migration** — The project has fully
migrated from "Effective Tokens" terminology to "AI Credits (AIC)"
across all docs, workflow templates, telemetry, and OpenTelemetry
attributes. The [cost management
docs](https://github.github.com/gh-aw/reference/cost-management/)
reflect the new language.
([#​37692](https://redirect.github.com/github/gh-aw/pull/37692),
[#​37693](https://redirect.github.com/github/gh-aw/pull/37693),
[#​37691](https://redirect.github.com/github/gh-aw/pull/37691))
- **`max-ai-credits` enabled by default** — Workflows now default to a
`1000` AI Credit budget with no configuration needed. Set
`max-ai-credits: -1` to disable enforcement entirely for unrestricted
runs.
([#​37585](https://redirect.github.com/github/gh-aw/pull/37585),
[#​37437](https://redirect.github.com/github/gh-aw/pull/37437))
- **AIC exhaustion detection & smart retry halting** — The harness now
detects budget exhaustion from the firewall audit log and correctly
classifies it separately from provider HTTP 429 throttling, preventing
misleading failure reports and stopping unnecessary retries on credit
exhaustion.
([#​37936](https://redirect.github.com/github/gh-aw/pull/37936),
[#​38022](https://redirect.github.com/github/gh-aw/pull/38022),
[#​38018](https://redirect.github.com/github/gh-aw/pull/38018))
- **Windows platform support** — A new `CWI.yml` push-triggered workflow
builds the CLI for Windows and runs integration tests to validate
cross-OS compatibility.
([#​37844](https://redirect.github.com/github/gh-aw/pull/37844))
- **`pr-finisher` skill** — New skill that guides agents through taking
an in-flight PR to merge-ready state: local validation order, failing CI
inspection, and iteration discipline.
([#​37873](https://redirect.github.com/github/gh-aw/pull/37873))
- **`add-comment`: exact-match comment minimization** —
`hide-older-comments.match` now supports exact multi-workflow comment
minimization, giving workflows precise control over which older comments
are hidden.
([#​37977](https://redirect.github.com/github/gh-aw/pull/37977))
- **`temporary_id` enforcement** — `create-issue` and
`create-pull-request` safe-output calls now require valid `#aw_*` IDs
enforced at the frontmatter and MCP validation layer, preventing stale
references leaking into user-facing artifacts.
([#​37469](https://redirect.github.com/github/gh-aw/pull/37469))
- **`gh aw compile --use-samples`** — New hidden flag for deterministic
safe-outputs replay, replacing live agentic execution with recorded
samples for reproducible testing.
([#​37359](https://redirect.github.com/github/gh-aw/pull/37359))
##### 🐛 Bug Fixes & Improvements
- **Fix `gh aw add` for long hyphenated repository names** — Workflow
specs with long hyphenated repo names were incorrectly rejected; parsing
is now accurate for all valid `owner/repo/path` forms.
([#​37960](https://redirect.github.com/github/gh-aw/pull/37960))
- **Fix bundle refs on non-main branch dispatch** —
`refs/heads/<branch>` is now correctly included in bundles when the
agent HEAD is on the target branch during non-main dispatches.
([#​37929](https://redirect.github.com/github/gh-aw/pull/37929))
- **Stop retrying Copilot CLI PAT-rejection 400 as transient** — 400
errors from PAT rejection are now treated as permanent failures,
avoiding wasteful retries.
([#​37937](https://redirect.github.com/github/gh-aw/pull/37937))
- **Compiler: quote env scalars with `: ` in YAML** — Env values
containing `: ` are now properly quoted in compiled YAML, preventing
parse errors in generated workflows.
([#​37706](https://redirect.github.com/github/gh-aw/pull/37706))
- **TTY guard for `ConfirmAction`** — Matches existing non-TTY fallback
in `list.go` to prevent hangs in non-interactive environments.
([#​37933](https://redirect.github.com/github/gh-aw/pull/37933))
- **Windows terminal startup guard** — Terminal probing on Windows is
now skipped when stderr is redirected, preventing hangs in CI
environments.
([#​37823](https://redirect.github.com/github/gh-aw/pull/37823))
##### ⚡ Performance
- **Reduced `set-memory` overhead** — High-traffic workflow and CLI
paths now use `map[string]struct{}` sets instead of `map[string]bool`,
reducing allocations in hot paths.
([#​37480](https://redirect.github.com/github/gh-aw/pull/37480))
##### 📚 Documentation
- **AI Credits terminology** — All user-facing documentation migrated
from "Effective Tokens" to "AI Credits" including the [cost management
reference](https://github.github.com/gh-aw/reference/cost-management/).
([#​37692](https://redirect.github.com/github/gh-aw/pull/37692))
- **`GH_AW_GITHUB_TOKEN` reference and Go cache guidance** — New docs
covering secure token configuration and Go build cache best practices.
([#​37583](https://redirect.github.com/github/gh-aw/pull/37583))
- **PR lifecycle and `setup-steps` docs** — CONTRIBUTING and DEVGUIDE
updated with PR lifecycle guidance; `setup-steps` docs clarify
pre-activation constraints.
([#​37964](https://redirect.github.com/github/gh-aw/pull/37964),
[#​37436](https://redirect.github.com/github/gh-aw/pull/37436))
> Generated by [🚀
Release](https://redirect.github.com/github/gh-aw/actions/runs/27185452532)
· 185.4 AIC · ⊞ 28.5K
<!-- gh-aw-agentic-workflow: Release, engine: copilot, version: 1.0.60,
model: claude-sonnet-4.6, id: 27185452532, workflow_id: release, run:
https://github.com/github/gh-aw/actions/runs/27185452532 -->
***
#### What's Changed
- Enforce bash parser specification invariants in JS Copilot SDK parser
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37394](https://redirect.github.com/github/gh-aw/pull/37394)
- Align token-usage tests with table-based summary output (JS shard 3/4)
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37399](https://redirect.github.com/github/gh-aw/pull/37399)
- Resolve `lint-js` failure by formatting new fuzz/parser JS files and
preserve fuzz test coverage in CJS CI by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37406](https://redirect.github.com/github/gh-aw/pull/37406)
- \[aw] Update legacy ET rate-limit guidance to AI Credits-first format
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37400](https://redirect.github.com/github/gh-aw/pull/37400)
- Emit compact `usage` artifact from conclusion job for forecast data
access by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37408](https://redirect.github.com/github/gh-aw/pull/37408)
- Trim ambient-context wording from generated footer metrics by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37414](https://redirect.github.com/github/gh-aw/pull/37414)
- Refactor Antigravity log metrics parsing to meet function-length
linter by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37413](https://redirect.github.com/github/gh-aw/pull/37413)
- feat: add daily-formal-spec-verifier agentic workflow by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37407](https://redirect.github.com/github/gh-aw/pull/37407)
- Stabilize Daily Caveman Optimizer by keeping model-size experiment and
fixing small-agent alias by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37402](https://redirect.github.com/github/gh-aw/pull/37402)
- recompile: regenerate lock files with dev build by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37422](https://redirect.github.com/github/gh-aw/pull/37422)
- agentics-maintenance: run forecast directly without log predownload by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37423](https://redirect.github.com/github/gh-aw/pull/37423)
- Use repo UTC for computed expiration times in generated footers by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37424](https://redirect.github.com/github/gh-aw/pull/37424)
- Forecast: prefer `usage` artifact for token AIC, retain legacy agent
fallback by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37427](https://redirect.github.com/github/gh-aw/pull/37427)
- Use AIC in forecast issue report and consume AIC projection fields by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37428](https://redirect.github.com/github/gh-aw/pull/37428)
- Normalize agentic workflow AI budgets to `max-ai-credits: 1500` by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37431](https://redirect.github.com/github/gh-aw/pull/37431)
- Refresh wasm golden fixtures for compiler output drift by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37433](https://redirect.github.com/github/gh-aw/pull/37433)
- Standardize agent failure warnings on GitHub alert callouts by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37430](https://redirect.github.com/github/gh-aw/pull/37430)
- Add AIC, ambient context metrics, and history link to noop comments by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37439](https://redirect.github.com/github/gh-aw/pull/37439)
- feat(compile): add hidden `--use-samples` flag for deterministic
safe-outputs replay by
[@​dsyme](https://redirect.github.com/dsyme) in
[#​37359](https://redirect.github.com/github/gh-aw/pull/37359)
- Use usage-only forecast artifacts and cache forecast run logs in
maintenance workflow by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37440](https://redirect.github.com/github/gh-aw/pull/37440)
- Surface `jobs.<job>.setup-steps` in `.github/aw` syntax docs and
clarify setup vs pre hook semantics by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37436](https://redirect.github.com/github/gh-aw/pull/37436)
- feat(max-ai-credits): allow -1 to disable budget enforcement and
steering by [@​dsyme](https://redirect.github.com/dsyme) in
[#​37437](https://redirect.github.com/github/gh-aw/pull/37437)
- Target effective-token terminology updates to AI credits in
instruction docs by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37432](https://redirect.github.com/github/gh-aw/pull/37432)
- Safe-outputs: add schema-driven synonym mapping (incl. camelCase
aliases), keep synonym metadata internal to MCP/CLI prompts, and enforce
strict unknown-parameter errors; clarify schema constraints by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37421](https://redirect.github.com/github/gh-aw/pull/37421)
- Reject `setup-steps` on activation and pre-activation jobs by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37441](https://redirect.github.com/github/gh-aw/pull/37441)
- Improve forecast maintenance diagnostics and timeout behavior by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37447](https://redirect.github.com/github/gh-aw/pull/37447)
- Pin Daily Documentation Healer to explicit Claude model variants by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37445](https://redirect.github.com/github/gh-aw/pull/37445)
- Include detection AIC in no-op comment footer totals by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37446](https://redirect.github.com/github/gh-aw/pull/37446)
- Fix Copilot SDK sample driver BYOK session configuration in Daily
Model Inventory workflow by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37454](https://redirect.github.com/github/gh-aw/pull/37454)
- Refactor import-input substitution to shared resolver/serializer
utility by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37455](https://redirect.github.com/github/gh-aw/pull/37455)
- Preserve agent AIC in create-issue footer breakdown by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37464](https://redirect.github.com/github/gh-aw/pull/37464)
- Include AIC + ambient metrics in auto-triage agent-failure issue
footer by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37463](https://redirect.github.com/github/gh-aw/pull/37463)
- feat: forecast — context-aware downloads, no workflow logs, partial
results on timeout, enriched report with repo aggregate by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37457](https://redirect.github.com/github/gh-aw/pull/37457)
- Enforce required `temporary_id` for
`create-issue`/`create-pull-request` via frontmatter and MCP validation
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37469](https://redirect.github.com/github/gh-aw/pull/37469)
- Use usage artifact JSONL aggregation for max daily AI credits
guardrail by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37474](https://redirect.github.com/github/gh-aw/pull/37474)
- \[community] Update community contributions in README by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​37475](https://redirect.github.com/github/gh-aw/pull/37475)
- Reduce set-memory overhead in high-traffic workflow/CLI paths by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37480](https://redirect.github.com/github/gh-aw/pull/37480)
- Address json.Marshal error handling gaps and refactor effective token
computation API by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37481](https://redirect.github.com/github/gh-aw/pull/37481)
- \[aw] Unblock Daily Compiler Quality by removing overly strict bash
tool allowlist by [@​Copilot](https://redirect.github.com/Copilot)
in [#​37485](https://redirect.github.com/github/gh-aw/pull/37485)
- Require explicit safe-output completion in Code Simplifier workflow by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37489](https://redirect.github.com/github/gh-aw/pull/37489)
- Forecast: recover missing AIC costs and enrich report ranking/links by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37472](https://redirect.github.com/github/gh-aw/pull/37472)
- internal/nolint: correctly match comma-separated directives and
enforce exact linter tokens by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37495](https://redirect.github.com/github/gh-aw/pull/37495)
- tolowerequalfold: detect local ToLower/ToUpper aliases in literal
comparisons by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37496](https://redirect.github.com/github/gh-aw/pull/37496)
- \[jsweep] Clean workflow\_metadata\_helpers.cjs by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​37490](https://redirect.github.com/github/gh-aw/pull/37490)
- fix: add max-ai-credits: 1500 to safe-output-health workflow by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37506](https://redirect.github.com/github/gh-aw/pull/37506)
- Fix Copilot SDK tool-permission parsing for multiline shell scripts
and restore least-privilege workflow allowlist by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37487](https://redirect.github.com/github/gh-aw/pull/37487)
- Stabilize daily-doc-healer model selection by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37505](https://redirect.github.com/github/gh-aw/pull/37505)
- Accept `milestone_title` in `assign_milestone` safe-output validation
by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37529](https://redirect.github.com/github/gh-aw/pull/37529)
- Harden sample replay JSON-RPC framing and move shim logs off stdout by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37528](https://redirect.github.com/github/gh-aw/pull/37528)
- Accept runtime ${{ ... }} expressions in safe-outputs samples by
[@​dsyme](https://redirect.github.com/dsyme) in
[#​37537](https://redirect.github.com/github/gh-aw/pull/37537)
- Make safe-outputs sample runtime-expression substitution schema-aware
by [@​dsyme](https://redirect.github.com/dsyme) in
[#​37539](https://redirect.github.com/github/gh-aw/pull/37539)
- \[instructions] Sync instruction files with release v0.78.3 by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​37520](https://redirect.github.com/github/gh-aw/pull/37520)
- \[spec-extractor] Update package specifications for envutil, fileutil,
gitutil, logger by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​37525](https://redirect.github.com/github/gh-aw/pull/37525)
- \[spec-enforcer] Enforce specifications for cli, console, constants by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​37542](https://redirect.github.com/github/gh-aw/pull/37542)
- \[mcp-tools] Add list\_issue\_fields to issues toolset mapping by
[@​github-actions](https://redirect.github.com/github-actions)\[bot]
in [#​37548](https://redirect.github.com/github/gh-aw/pull/37548)
- Fix golint stringsseq modernize finding in nolint.go by
[@​dsyme](https://redirect.github.com/dsyme) in
[#​37567](https://redirect.github.com/github/gh-aw/pull/37567)
- \[aw] Enforce explicit safe-output completion in Dictation Prompt
Generator by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37556](https://redirect.github.com/github/gh-aw/pull/37556)
- Annotate `resolve_transport_paths` with SEC-005 exemption to avoid
false cross-repo validation failure by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37560](https://redirect.github.com/github/gh-aw/pull/37560)
- Raise Test Quality Sentinel signal for runtime-expression safe-output
tests by [@​Copilot](https://redirect.github.com/Copilot) in
[#​37562](https://redirect.github.com/github/gh-aw/pull/37562)
- Rename file-close AST walker helper for clearer intent by
[@​Copilot](https://redirect.github.com/Copilot) in
[#​37568](https://redirect.github.com/github/gh-aw/pull/37568)
- Fix sample replay multi-repo lookup when Configure Git credentials
clobbers origin
([#​37545](https://redirect.github.com/github/gh-aw/issues/37545))
by [@​dsyme](https:
> ✂ **Note**
>
> PR body was truncated to here.
</details>
---
### Configuration
📅 **Schedule**: (in timezone Etc/UTC)
- Branch creation
- Only on Sunday and Saturday (`* * * * 0,6`)
- Between 11:00 PM and 11:59 PM, Monday through Friday (`* 23 * * 1-5`)
- Between 12:00 AM and 04:59 AM, Monday through Saturday (`* 0-4 * *
1-6`)
- Automerge
- Only on Sunday and Saturday (`* * * * 0,6`)
- Between 11:00 PM and 11:59 PM, Monday through Friday (`* 23 * * 1-5`)
- Between 12:00 AM and 04:59 AM, Monday through Saturday (`* 0-4 * *
1-6`)
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://redirect.github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMjAuMCIsInVwZGF0ZWRJblZlciI6IjQzLjIyMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Co-authored-by: tryghost-renovate[bot] <269725441+tryghost-renovate[bot]@users.noreply.github.com>1 parent 1dc9dba commit 1742990
1 file changed
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
21 | 21 | | |
22 | 22 | | |
23 | 23 | | |
24 | | - | |
| 24 | + | |
25 | 25 | | |
26 | 26 | | |
0 commit comments