Sourced from github/gh-aw's releases.

v0.74.4

🌟 Release Highlights

This release delivers significant improvements to safe-outputs reliability, submodule checkout support, enhanced agent failure reporting, stronger security hardening against integer overflow, and a wave of community-requested fixes across MCP, protected-files, repo-memory, and lockdown checks.

✨ What's New

• Submodule-safe credential cleanup — New checkout.clean-git-credentials option prevents credential leaks when workflows use submodules, resolving a long-standing issue with persist-credentials: false in compiled lock files. (#32819)
• Automatic pull-requests: read permission inference — The compiler now infers pull-requests: read for activation jobs that include Vale pre-steps using gh pr diff, eliminating a common silent permission gap. (#32849)
• Larger repo-memory file cap — Default MaxFileSize raised from 10 KB to 100 KB, unblocking analysis of real-world source files. (#32826)
• Denied-command surfacing in failure reports — Agent failure reports now surface denied commands and include improved prompts for actionable debugging. (#32759)
• ctxbackground linter — New Go linter flags context.Background() calls when a ctx parameter already exists, enforcing consistent context propagation. (#32865)

🐛 Bug Fixes & Improvements

• Mentions policy respected in add_comment — Allowed mentions were being escaped due to a missing config pass-through; now correctly applied. (#32805)
• update_pull_request.update_branch permission failures non-fatal — Workflow-permission errors from branch-update calls are now treated as warnings rather than hard failures. (#32900)
• CLI not-found detection unified — Lowercase "not found" errors were previously missed; detection is now case-insensitive and centralized. (#32888)
• Cache-memory artifact upload path fixed — Threat-detection workflows were generating invalid artifact paths; upload now succeeds reliably. (#32733)
• Integer overflow guards — MergeUnique allocation sizing and the run-step sanitizer are both hardened against allocation-size overflow (addresses CodeQL finding #592). (#32842, #32841)
• create_pull_request chaos fallback — Prevents a spurious fallback when the branch already exists. (#32770)

📚 Documentation

• Multi-engine guidance in README — Explicit signal added to help users choose the right engine for their workflow. (#32889)
• LLM discoverability — llms.md and llms-full.txt added for LLM tool configuration and GEO discoverability. (#32744, #32867)
• Broken links fixed — Pattern links in patterns.md and engine link in engines.md repaired. (#32804, #32743)

🌍 Community Contributions

@askpaisa

• Can GitHub Copilot Agent (Jira integration) use a branch specified in the Jira issue description? (direct issue)

@clementbolin

• MCP gateway fails on ARC self-hosted runners with dind sidecar — "Invalid container ID format" + "Docker socket not found" (direct issue)

@cogni-ai-ee

• docs: Non-existing patterns (direct issue)
• engines.md: Fix broken link to crush repo (direct issue)

@corygehr

• Feature request: first-class file attachments in safe-outputs comments (direct issue)

... (truncated)

• 2c1a237 Handle update_pull_request.update_branch workflow-permission failures as no...
• 16e873b Add UK AI operational resilience workflow with recent-change triage and sub-a...
• 95dca68 Add checkout.clean-git-credentials to support submodule-safe checkout crede...
• 4600ad8 Centralize default HTTP client timeout in pkg/constants and remove duplicat...
• f6afa1a Remove duplicate gh CLI install step in deep-report workflow (#32894)
• 7dacb99 Consolidate CLI not-found detection and fix lowercase “not found” miss (#32888)
• 15584a3 docs: add explicit multi-engine signal in README and make engine guidance nee...
• d2866a6 feat: infer gh CLI permissions for activation job pre-steps (#32849)
• 1bd3ac7 Improve sanitize test assertions in pkg/stringutil/sanitize_test.go (#32872)
• 9205d55 Expose and advertise llms-full.txt for docs GEO discoverability (#32867)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)