🌟 Release Highlights

This release delivers a focused wave of reliability improvements, infrastructure hardening, and safe-outputs enhancements — making your agentic workflows more robust and predictable.

✨ What's New

• merge-pull-request schema parity (#39767) — The merge-pull-request safe-output now supports samples and cross-repo targeting, bringing it to full feature parity with other safe-output operations.
• GHES-friendly action pinning (#39908) — gh aw no longer applies its hardcoded action-pin fallback when GH_HOST targets a non-github.com host, removing friction for GitHub Enterprise Server users.
• Cleaner UX for personal repos (#39923) — The copilot-requests onboarding tip is now suppressed for individual (non-org) repository owners, reducing noise where it doesn't apply.

🐛 Bug Fixes & Improvements

• Fixed phantom asset failures (#39900) — Aligned the safe-outputs staging path with RUNNER_TEMP to eliminate spurious asset-not-found errors.
• Fixed MCP container tmp access (#39950) — Added the /tmp/gh-aw bind mount to the safeoutputs MCP container so tools that write there during workflow runs work correctly.
• Fixed assign-to-agent mutations (#39941) — Corrected the GraphQL mutations used to assign issues to agents, following the official API docs.
• Fixed silent add_comment skips (#39926) — add_comment no longer silently no-ops when the integration token lacks discussion write permissions; the error is now surfaced clearly.
• Fixed SDK driver timeouts (#39933) — Increased sendAndWait timeout in sample SDK drivers from 60 s to 10 min, preventing premature failures on longer agent tasks.
• Fixed null-byte corruption in step summaries (#39910) — Stripped null bytes from gateway.md before writing to the step summary to prevent rendering errors.
• Fixed unintended dependabot.yml writes (#39909) — gh aw no longer modifies dependabot.yml unless the --dependabot flag is explicitly passed.
• Hardened PR Sous Chef emission path (#39951) — Reinforced the safe-output emission path for PR Sous Chef to prevent dropped outputs under edge-case conditions.
• Isolated SDK driver test state (#39940) — copilot_sdk_driver tests now write session state in isolation, eliminating false-positive tool-denial failures.

📚 Documentation

• Terminology update (#39913) — Renamed "Copilot Skills" → "Skills" throughout the custom-agent-for-aw reference to align with current product naming.

Generated by 🚀 Release

What's Changed

• docs: rename "Copilot Skills" → "Skills" in custom-agent-for-aw reference by @Copilot in #39913
• fix: strip null bytes from gateway.md before writing to step summary by @Copilot in #39910
• Skip hardcoded action pin fallback when GH_HOST targets a non-github.com host by @Copilot in #39908
• fix: only touch dependabot.yml when --dependabot flag is used by @Copilot in #39909
• Fix phantom asset failures: align safe-outputs staging path with RUNNER_TEMP by @Copilot in #39900
• Skip copilot-requests tip for individual (non-org) repository owners by @dsyme in #39923
• safe-outputs: add merge-pull-request schema parity for samples and cross-repo targeting by @Copilot in #39767
• fix: add_comment silently skips when integration token can't write to discussions by @Copilot in #39926
• fix: correct assign-to-agent GraphQL mutations per official docs by @Copilot in #39941
• fix: isolate copilot_sdk_driver test session state writes to prevent false-positive tool-denial issues by @Copilot in #39940
• fix: increase sendAndWait timeout in sample SDK drivers from 60s to 10min by @Copilot in #39933
• Extract hardcoded file paths to named constants by @Copilot in #39938
• [aw] Harden PR Sous Chef safe-output emission path by @Copilot in #39951
• fix: add /tmp/gh-aw bind mount to safeoutputs MCP container by @Copilot in #39950

Full Changelog: v0.80.3...v0.80.4

🌟 Release Highlights

v0.80.3 brings smarter MCP server configuration, improved Copilot billing detection in the setup wizard, and a focused set of reliability fixes across compilation, logs, and push workflows.

✨ What's New

• repo-memory JSON formatting (#39540) — New format-json: true option ensures AI-written JSON memory files are always pretty-printed before committing, making diffs reviewable and files easy to edit. Learn more

• mcp-scripts.dependencies fully wired (#39739) — The dependencies field in MCP script tool configs is now parsed, propagated through the runtime, and installed with pinned release-tag validation — eliminating late module not found failures.

• Smarter add-wizard billing detection (#39810) — The setup wizard probes the org's Copilot CLI billing status before rendering the auth prompt. copilot-requests is pre-selected when billing is enabled and visually blocked (with a clear label) when it is not.

• MCP server tool allowlist (#39863, #39866) — github-agentic-workflows MCP server now explicitly exposes only its six declared tools (compile, audit, logs, inspect, status, audit-diff). The server now runs directly from the local binary, removing the need for a globally installed gh aw extension in dev and CI environments.

• Failure category filtering for report-failure-as-issue (#39721) — Workflows can now pass an array of failure categories to suppress transient infrastructure noise (Docker timeouts, AI 5xx, MCP image pulls) without losing signals from real failures.

• Improved outcome intent attribution (#39718) — A dedicated intent resolver replaces ad-hoc outcome root tracing, adding attribution status and source to reports and marking PRs with multiple closing issues as ambiguous rather than silently selecting one.

⚡ Performance

• Faster action pin resolution (#39707) — ActionResolver now checks the embedded action pins table first, eliminating ~1.2 s gh-api subprocess calls for built-in actions whose SHA is already compiled into the binary.

🐛 Bug Fixes & Improvements

• Compilation: Stale container pins are pruned before compilation and UpdateContainerPins runs after, preventing stale-pin conflicts (#39770).
• Git: Resolved "dubious ownership" errors on checkout by adding git safe.directory and moving git config to a shell script (#39771).
• Logs: Fixed pagination in all-workflows mode when a full batch filters to zero runs (#39741).
• Push: push_signed_commits now recovers gracefully from shallow/partial-clone object failures during rebase (#39859).
• Copilot assignment: Both GraphQL-Features flags are always sent when assigning Copilot to an issue (#39719).
• Safe-outputs: Rate-limit failures during PR review safe-output operations are mitigated (#39797).
• Linters: regexpcompileinfunction resolves package identity via the type checker; uncheckedtypeassertion now recognises safe comma-ok forms in var initialisers and parenthesised assertions (#39773, #39774).
• Installer: ANSI colour codes are suppressed in CI and NO_COLOR environments for cleaner log output (#39875).

📚 Documentation

• New billing reference page — detailed guidance on Copilot billing configuration. Read more
• Improved billing setup tip — the copilot-requests auth tip now includes the org requirement note and links directly to the billing docs (#39873).

Generated by 🚀 Release

What's Changed

• fix: always send both GraphQL-Features flags when assigning Copilot to an issue by @Copilot in #39719
• ci: store Windows Defender scan logs as artifact on cross-platform build by @Copilot in #39726
• Improve outcome intent attribution by @mnkiefer in #39718
• Use IssueOrPRNumber for submit_pull_request_review.pull_request_number by @Copilot in #39723
• Consolidate ~25 duplicate helper implementations by @Copilot in #39720
• Fix misplaced zizmor ignore comment in GHES host step generator by @Copilot in #39740
• logs: keep paging in all-workflows mode when full batches filter to zero runs by @Copilot in #39741
• chore: bump Claude Code 2.1.178→2.1.179, Pi 0.79.4→0.79.6 by @Copilot in #39772
• fix(regexpcompileinfunction): resolve package identity via type checker instead of identifier name by @Copilot in #39773
• perf(workflow): check embedded action pins before gh-api network call in ActionResolver by @dsyme in #39707
• fix: prune stale container pins and move UpdateContainerPins to after compilation by @Copilot in #39770
• uncheckedtypeassertion: recognize safe comma-ok form in var init and parenthesized assertions by @Copilot in #39774
• feat(repo-memory): add format-json option to pretty-print JSON files before commit by @Copilot in #39540
• Add failure category filtering to report-failure-as-issue by @Copilot in #39721
• Mitigate safe-output PR review rate-limit failures by @Copilot in #39797
• Fix Impact report objective mapping guidance to match resolver outputs and available datasets by @Copilot in #39784
• Implement mcp-scripts.dependencies end-to-end with runtime-manager install flow and pinned release-tag validation by @Copilot in #39739
• fix: retry defender scan on transient WinDefend service unavailability by @Copilot in #39847
• add-wizard: detect org Copilot billing and pre-select/disable copilot-requests accordingly by @Copilot in #39810
• docs: add billing reference page by @dsyme in #39854
• Add tools array to github-agentic-workflows by @pelikhan in #39863
• fix(push_signed_commits): recover from shallow/partial-clone object failures during rebase by @dsyme in #39859
• fix(daily-formal-spec-verifier): add sed -n to bash allowlist by @Copilot in #39864
• Update MCP server command and arguments by @pelikhan in #39866
• Suppress ANSI installer colors in CI and explicit no-color environments by @Copilot in #39875
• Improve copilot billing tip: add org requirement note and billing docs link by @Copilot in #39873
• Clarify Test Quality Sentinel safe-output comment invocation to prevent Copilot engine permission failures by @Copilot in #39867
• fix: add git safe.directory and refactor git config to shell script to resolve dubious ownership error by @Copilot in #39771

Full Changelog: v0.80.2...v0.80.3

🌟 Release Highlights

v0.80.2 is a focused reliability and polish release that tightens Copilot API compatibility, hardens the safe-outputs tooling, clarifies CLI flag semantics, and improves documentation precision.

🐛 Bug Fixes & Improvements

• Copilot assignment API fix — Resolved an issue where only one of the two required GraphQL-Features header flags was sent when assigning Copilot to an issue, which could cause silent failures against the GitHub API. Both issues_copilot_assignment_api_support and coding_agent_model_selection flags are now always included. (#39719)
• Prevent placeholder release note submissions — update_release now enforces a minimum body length, blocking accidental placeholder payloads (e.g. {"body":"test"}) from overwriting real release content when max:1 is in effect. (#39713)

✨ What's New

• Mutually exclusive compile flags enforced — --gh-aw-ref, --action-tag, and --action-mode are now declared mutually exclusive in the compile command. Previously --gh-aw-ref silently overwrote the other flags; now the CLI returns a clear error. The help text also no longer lists the removed inline mode and correctly documents the valid action mode. (#39697)
• Safe-outputs runtime image pinned — The ghcr.io/github/gh-aw-node image used by safe-outputs is now included in the default container predownload list and recorded in the compiled gh-aw-manifest. Workflows automatically prefetch it and lock headers include it, improving cold-start reliability. (#39644)

📚 Documentation

• Safeoutputs deferred-write semantics clarified — Updated safe_outputs_prompt.md with explicit guidance: agents should trust a successful tool response without re-verifying the effect via gh or other read paths, since deferred writes are applied after the agent finishes. (#39694)

Generated by 🚀 Release

What's Changed

• fix: enforce minLength on update_release body to block placeholder submissions by @Copilot in #39713
• compile: clarify --action-mode/--action-tag/--gh-aw-ref relationship, enforce mutual exclusivity by @Copilot in #39697
• docs: clarify safeoutputs deferred writes by @pelikhan in #39694
• Include and pin safe-outputs gh-aw-node image in default container predownload and manifest by @Copilot in #39644

Full Changelog: v0.80.1...v0.80.2

test

Generated by 🚀 Release

What's Changed

• docs: sharpen workflow-authoring guidance for PR scoping, backend compatibility checks, and coverage fallback networking by @Copilot in #39622
• chore: bump CLI tool versions (Claude 2.1.178, Copilot 1.0.63, Codex 0.140.0, Pi 0.79.4, GH MCP Server v1.3.0, Playwright v1.61.0) by @Copilot in #39624
• Add missing issues: read permission to pr-code-quality-reviewer by @Copilot in #39625
• chore: expand pr to issue tracing for impact report mapped outcomes by @Copilot in #39620
• Sync MCP server toolset/permissions mapping to v1.3.0 by @Copilot in #39650
• Propagate Copilot BYOK provider hosts into threat-detection allowlists by @Copilot in #39653
• Clarify github_api_calls provenance and recover snapshot-only core_consumed accounting by @Copilot in #39623
• Ensure inline sub-agents always trigger interpolation step generation by @Copilot in #39651
• Consolidate near-duplicate WorkflowListItem ⊂ WorkflowStatus structs in pkg/cli by @Copilot in #39637
• Add configurable OTLP resource attributes to workflow observability by @Copilot in #39636
• Support array/object runner specs for runs-on-slim and safe-outputs runner fields by @Copilot in #39654
• fix: restore interaction permissions for workflow_call workflows with reaction/status-comment by @Copilot in #39652
• schema: add normalize-closing-keywords to create-issue, add-comment, create-pull-request branches by @Copilot in #39643
• schema: allow required-category in safe-outputs.create-discussion and add regression coverage by @Copilot in #39640
• fix: sanitize HTML error pages in getErrorMessage to avoid noisy safe_outputs logs by @Copilot in #39655
• Record compiler ref in lock metadata for --action-tag compiles by @Copilot in #39687
• fix: restore MCP CLI concept explanation and fix safeoutputs framing by @dsyme in #39689

Full Changelog: v0.80.0...v0.80.1

🌟 Release Highlights

v0.80.0 expands CI/CD orchestration to ARC/DinD environments, adds powerful new portfolio and centralization-optimizer workflows, sharpens AI-credit management, and raises the bar on observability and diagnostics.

✨ What's New

ARC/DinD Container Support — Agentic workflows can now run inside Docker-in-Docker environments (ARC runners). The compiler emits chroot.binariesSourcePath, chroot.identity, and the `(redacted) Docker host, enabling full end-to-end agent execution on self-hosted container runners. (#38911, #38913)

Copilot Centralization Optimizer — New workflows identify redundant or inefficient Copilot invocations across your org and surface consolidation opportunities, helping teams reduce costs and improve consistency. (#39394, #39437, #39439)
Learn more →

Portfolio Analyst Workflow — A revived strategic-reporting workflow that generates cross-workflow portfolio summaries for executive visibility. (#39450)

Objective Impact Report — Executive-grade reports now restrict outcomes to issues linked via PR, include a simplified summary table, and compute AIC efficiency metrics, making ROI measurement actionable at a glance. (#39484, #39490, #39535, #39543)

OTel cicd.automation.* Standard — Proposed new OpenTelemetry semantic conventions for CI/CD automation signals, with W3C TRACEPARENT now propagated through all engine execution steps for end-to-end distributed tracing. (#38953, #39435, #39596)

Expanded gh aw forecast — Forecast output now includes threat-detection credits, exposes monthly low/high/stdev ranges, and inspects all completed runs—giving a more complete picture of your AI-credit spend. (#39101, #39102)
Forecast reference →

Smarter AI-Credit Guardrail — The daily guardrail is now skipped for user-initiated and command-routed runs, eliminating false blocks during development and testing. An actions/cache-based usage cache removes the need to download artifacts on every run. (#39123, #38856)

runs-on-slim: Array & Runner-Group Support — runs-on-slim now accepts label arrays and runner-group object forms, matching the full GitHub Actions runs-on syntax. (#39579, #38965)

Max Patch Size Raised to 4 MB — The default max-patch-size is increased from 1 MB to 4 MB, with clearer error messages when the limit is exceeded. Larger diffs no longer cause silent truncation. (#39118)

Token-Optimization Hints in Failure Issues — When a guardrail triggers, failure issues now include an "Optimize token consumption" section with actionable guidance. Tool-denial issues also include the last 5 tool calls for faster root-cause analysis. (#39069, #39122)

Anthropic WIF Auth (Claude) — Workload Identity Federation is now a first-class Claude authentication option, documented alongside the existing token-based flow. (#39241)
Setup →

🐛 Bug Fixes & Improvements

• AIC usage cache always empty — Fixed an activation-job bug where cache entries were never written, causing unnecessary artifact downloads. (#39130)
• Bundle prerequisite commit fetch — gh aw bundle now fetches prerequisite commits by SHA instead of a broad --deepen, preventing shallow-clone failures. (#39466)
• time.After timer leaks eliminated — Looped time.After calls are replaced with proper ticker management; timeafterleak linter now enforces this in CI. (#39188, #39133)
• Copilot 429 quota-exceeded retries stopped — The Copilot harness no longer retries CAPIError: 429 quota exceeded responses, preventing runaway retry storms. (#39581)
• Codex active-goal router retries stopped — Codex harness no longer retries on active-goal router failures, avoiding wasted credits on unrecoverable states. (#39156)
• Script injection S7630 fixed — Maintenance workflow Record outputs steps are hardened against shell script injection. (#39578)
• set_issue_field discovery query fixed — Removed an invalid IssueField fragment that caused field-discovery failures. (#39586)
• Parallel-process test flakes fixed — Environment-dependent and parallel-process test failures in the test suite are resolved. (#39467)
• Preserve engine.env scalar types — Numeric and boolean engine.env values are now preserved through compilation instead of being coerced to strings. (#39582)
• Inline sub-agent frontmatter preserved — Sub-agent frontmatter is no longer dropped during extraction. (#39577)
• Cache-memory threat-detection narrowed — False positives from AIC guardrail steps in cache-memory assertions are eliminated. (#39281)
• Ambient-context token reduction — First-request token overhead in smoke-copilot and test-quality-sentinel workflows is significantly reduced. (#39157, #39280)

📚 Documentation

• Anthropic WIF is now a first-class Claude auth option in setup docs (#39241)
• experiments docs clarified with model, sub-agent, and subskill examples (#39226)
• Cache-memory branch scoping and default-branch fallback behavior documented (#39265)
• max-ai-credits: 5M removed from reference examples to prevent misconfiguration (#39128)
• Workflow authoring guidance tightened for trigger selection, noop behavior, and workflow_run scoping (#39119, #39583)

Generated by 🚀 Release

What's Changed

• Add logging to publish-safe-outputs-node scripts by @Copilot in #39085
• reduce node image cooldown from 7d to 1d by @Copilot in #39086
• fix: enforce 48h data retention on AIC usage cache entries by @Copilot in #39084
• Harden Defender signature update with retries and failure diagnostics in release workflow by @Copilot in #39096
• Clarify Appendix A AI credits example with explicit §3.5 cache-read deduction by @Copilot in #39098
• Use ✅ for run-success in Test Quality Sentinel messages by @Copilot in #39099
• Inspect all completed forecast runs in gh aw forecast by @Copilot in #39102
• Tighten workflow authoring guidance for trigger selection, scenario mapping, and visual-regression network scope by @Copilot in #39119
• Skip daily AI-credit guardrail for user-initiated and command-routed runs by @Copilot in #39123
• docs: remove max-ai-credits: 5M examples from reference docs by @Copilot in #39128
• Include last 5 tool calls in tool-denials failure issues by @Copilot in #39122
• Emit Copilot auth migration tip for copilot-requests workflows by @Copilot in #39129
• Include threat-detection credits in forecast totals, expose monthly low/high/stdev, and fix formal-verifier tool denials by @Copilot in #39101
• [linter-miner] linter: add timeafterleak — flag time.After in for+select cases by @github-actions[bot] in #39133
• Increase default max-patch-size from 1 MB to 4 MB and improve patch-size-exceeded error messages by @Copilot in #39118
• fix(unbloat-docs): fetch LFS objects during checkout to fix docs build by @Copilot in #39145
• Reduce ambient-context payload in daily/PR workflows and shared prompt imports by @Copilot in #39157
• [spec-enforcer] Enforce specifications for github, typeutil by @github-actions[bot] in #39219
• [docs] Update documentation for features from 2026-06-14 by @github-actions[bot] in #39214
• [spec-extractor] Update package specifications for envutil, fileutil, gitutil, logger by @github-actions[bot] in #39211
• [instructions] Sync instruction files with release v0.79.8 by @github-actions[bot] in #39207
• [docs] Update dictation skill instructions by @github-actions[bot] in #39195
• Fix AIC usage cache always empty in activation job by @Copilot in #39130
• Clarify the experiments docs and add model, sub-agent, and subskill examples by @Copilot in #39226
• Clarify sub-skill progressive disclosure in token/cost optimization guidance by @Copilot in #39227
• Eliminate looped time.After timer leaks, propagate cancellation correctly, and enforce timeafterleak in CI by @Copilot in #39188
• docs: add Anthropic WIF as a first-class Claude auth option by @Copilot in #39241
• docs(playwright): align CLI visual regression version with npm package semantics by @Copilot in #39245
• Replace raw fmt.Fprintf output in outcomes_history.go with console package by @Copilot in #39248
• Replace raw fmt.Fprintf verbose debug output with console.LogVerbose in token_usage.go by @Copilot in #39247
• Extract inline lipgloss styles and harden ShowWelcomeBanner styling by @Copilot in #39246
• docs: clarify cache-memory branch scoping and default-branch fallback by @Copilot i...

🌟 Release Highlights

v0.79.8 brings two new Go linters for code quality enforcement, a wave of targeted bug fixes improving reliability and portability, a performance boost for workflow run queries, and codemod improvements to complete the max-effective-tokens → max-ai-credits migration.

✨ What's New

• httpnoctx linter (#38888) — Automatically flags Go HTTP calls made without a context.Context parameter, helping catch a common source of non-cancellable requests before they reach production.
• hardcodedfilepath linter (#38742) — Detects hard-coded file path string literals in Go code, surfacing brittle path assumptions that break across environments.
• Code Simplifier budget caps (#38851) — Per-run hard budgets with graceful noop exit prevent runaway simplification loops from consuming unbounded AI credits.
• --gh-aw-ref resolved to commit SHA at compile time (#38689) — Branch and tag references passed via --gh-aw-ref are now pinned to their commit SHA during compilation, ensuring deterministic and auditable workflow builds.
• AOAI Entra smoke workflow (#38706) — New end-to-end smoke workflow validates Azure OpenAI Entra authentication for Copilot, extending CI coverage to AOAI-backed runs.

🐛 Bug Fixes & Improvements

• environment: propagation fixed (#38918) — Top-level environment: blocks are now correctly propagated to the detection job, resolving a compilation gap that silently dropped environment bindings.
• set_issue_field GraphQL fix (#38882) — Corrects an invalid GraphQL query in fetchIssueFields that caused set_issue_field calls to fail at runtime.
• String-form create_issue.labels handled (#38738) — Safe-output validation and schema definitions now correctly handle labels provided as a comma-separated string in addition to arrays, fixing label assignment failures.
• False-positive AI credits failures eliminated (#38737) — Prevents erroneous failure issues from being filed on successful runs that happened to trigger unknown-model detection logic.
• Copilot supports arbitrary HOME directories (#38725) — The Copilot engine integration no longer assumes /home/runner as the home directory, improving portability for non-standard runner environments.
• Designer Drift Audit permissions fix (#38855) — Added the missing pull-requests: read scope so the Designer Drift Audit workflow can read PR data without permission errors.

⚡ Performance

• Faster workflow run queries (#38779) — listWorkflowRuns pagination now stops as soon as the 24-hour cutoff is reached rather than fetching all pages, significantly reducing API calls on active repositories.

🔧 Migration

• max-effective-tokens: -1 codemod completed (#38850) — The effective-tokens-to-ai-credits codemod (gh aw fix --write) now correctly rewrites the -1 sentinel value for max-effective-tokens, closing the last gap in the legacy budget migration. Run gh aw fix --write if you still see max-effective-tokens: -1 in your workflows.

📚 Documentation

• Updated docs covering features shipped through 2026-06-12 (#38828) including spec audits for fileutil, constants, timeutil, and tty packages (#38848).

Generated by 🚀 Release · 110.8 AIC · ⊞ 28.8K

What's Changed

• Prevent false-positive AI credits/unknown-model failure issues on successful runs by @Copilot in #38737
• Scale homepage hero slides correctly on mobile by @Copilot in #38740
• Add hardcodedfilepath linter to detect hard-coded file path string literals by @Copilot in #38742
• fix(copilot): support arbitrary HOME directory, not just /home/runner by @Copilot in #38725
• Add AOAI Entra smoke workflow for Copilot by @Copilot in #38706
• Handle string-form create_issue.labels across safe-output validation and schema/tool definitions by @Copilot in #38738
• [community] Update community contributions in README by @github-actions[bot] in #38771
• Resolve --gh-aw-ref branch/tag to commit SHA at compile time by @dsyme in #38689
• Fix lint-go CGO failure by normalizing ResolveGhAwRef formatting and string construction by @Copilot in #38778
• [spec-enforcer] Enforce specifications for styles, syncutil, testutil by @github-actions[bot] in #38831
• [docs] Update documentation for features from 2026-06-12 by @github-actions[bot] in #38828
• [spec-extractor] Update package specifications for tty, types, typeutil, workflow by @github-actions[bot] in #38822
• optimize: stop paginating listWorkflowRuns once 24h cutoff is reached by @Copilot in #38779
• Add debug-scoped /tmp/gh-aw file inventory to setup post cleanup by @Copilot in #38780
• refactor: semantic function clustering — dedup, shared helpers, and generics consolidation by @Copilot in #38776
• deps(go): bump golang.org/x/tools to v0.46.0 by @Copilot in #38849
• Add SEC-004 transport-body exemption to artifact client by @Copilot in #38853
• docs: spec audit — add github README, update fileutil/constants/timeutil/tty specs by @Copilot in #38848
• Add missing pull-requests: read scope to Designer Drift Audit workflow by @Copilot in #38855
• [aw-compat] Migrate max-effective-tokens: -1 to max-ai-credits: -1 in codemod by @Copilot in #38850
• Add SEC-005 exemption annotation for apply_samples replay driver by @Copilot in #38852
• [dead-code] chore: remove dead functions — 1 function removed by @github-actions[bot] in #38858
• Cap Code Simplifier runaways with hard per-run budgets and graceful noop exit by @Copilot in #38851
• [jsweep] Clean validate_context_variables.cjs by @github-actions[bot] in #38785
• [linter-miner] feat(linters): add httpnoctx linter — flag HTTP calls without context by @github-actions[bot] in #38888
• ctxbackground: resolve Background() calls by package identity, not identifier text by @Copilot in #38854
• Refactor engine log parsing to canonical Copilot event format by @Copilot in #38781
• [caveman] Optimize instruction verbosity — serena-tool, skills, subagents (2026-06-12) by @github-actions[bot] in #38930
• Move auto-generated notice to first line with debugging skill URL by @Copilot in #38923
• fix: propagate top-level environment: to the detection job by @Copilot in #38918
• Correct OTLP CLI version attribution for scope/service/span fields by @Copilot in #38916
• fix(set_issue_field): fix invalid GraphQL query in fetchIssueFields by @Copilot in #38882

Full Changelog: v0.79.7...v0.79.8

🌟 Release Highlights

This release focuses on AI credit management hardening, codemod reliability, and expanded tooling support — with stronger guardrail enforcement and cleaner failure diagnostics throughout.

⚠️ Notable Changes

• daily_effective_workflow_* metrics renamed to daily_ai_credits_* (#38611): Workflow run metrics are now standardized under the daily_ai_credits_* namespace. If you reference these metrics in dashboards, queries, or configurations, update them to the new names. See the migration guide for details.

✨ What's New

• Codemod exclusion flags for fix and upgrade (#38688): gh aw fix and gh aw upgrade now accept exclusion flags, giving you fine-grained control over which codemods are applied during automated maintenance runs.
• Pi CLI support (#38724): The @earendil-works/pi-coding-agent CLI is now tracked in the cli-version-checker, expanding agent compatibility monitoring.

🐛 Bug Fixes & Improvements

• Guardrail enforcement hardened (#38639): The max_daily_ai_credits guardrail now fails as a hard stop, preventing cost overruns while correctly preserving workflow conclusion failure handling.
• Guardrail coverage expanded (#38705): Daily AI credit guardrails now apply to label-triggered and slash-command-triggered workflows, closing a gap where these trigger paths were previously unenforced.
• Codemod shell comment handling (#38682): Shell comment lines are now correctly skipped when scanning run: blocks for expression hoisting, preventing false-positive codemod transformations.
• Actionable COPILOT_GITHUB_TOKEN error messages (#38722): When COPILOT_GITHUB_TOKEN is missing, agent failure issues now include a permissions.copilot-requests: write suggestion, making the fix immediately actionable.
• Faster OIDC api-proxy startup (#38718): The initial awf-reflect models probe is deferred until after startup, reducing cold-start latency for the harness.

📚 Documentation

• Azure Foundry OpenAI v1 BYOK (#38641): Documentation now covers Bring Your Own Key (BYOK) configuration for Azure Foundry OpenAI v1 deployments.

Generated by 🚀 Release · 111.2 AIC · ⊞ 28.8K

What's Changed

• [dead-code] chore: remove dead functions — 5 functions removed by @github-actions[bot] in #38640
• Add codemod exclusion flags to fix and upgrade by @Copilot in #38688
• Fail max_daily_ai_credits guardrail as a hard stop while preserving conclusion failure handling by @Copilot in #38639
• docs: Document Azure Foundry OpenAI v1 BYOK support by @Copilot in #38641
• chore: update slides and place on hero page by @mnkiefer in #38690
• fix: enhance slide loading and error handling in WorkflowHero by @mnkiefer in #38712
• fix(codemod): skip shell comment lines when scanning run blocks for expression hoisting by @Copilot in #38682
• fix: run daily AIC guardrail for label and slash command triggers by @Copilot in #38705
• Eliminate setup-time @actions/artifact install by inlining required artifact client features by @Copilot in #38684
• Remove legacy model_multipliers.json artifacts and file-based multiplier merge path by @Copilot in #38642
• [linter-miner] feat(linters): add timesleepnocontext linter by @github-actions[bot] in #38704
• feat(harness): defer initial awf-reflect models probe during OIDC api-proxy startup by @Copilot in #38718
• Track Pi CLI (@earendil-works/pi-coding-agent) in cli-version-checker by @Copilot in #38724
• Fix Smoke Pi: no safe outputs due to wrong prompt order and missing gh CLI instruction by @Copilot in #38719
• rename daily_effective_workflow_* → daily_ai_credits_* by @Copilot in #38611
• Suggest permissions.copilot-requests: write in agent failure issue when COPILOT_GITHUB_TOKEN is missing by @Copilot in #38722

Full Changelog: v0.79.6...v0.79.7

🌟 Release Highlights

This release focuses on observability improvements, Windows CLI reliability, and security hardening for the AWF firewall runtime — keeping your agentic workflows stable and easier to debug.

✨ What's New

• AI Credit Observability — gh-aw.aic is now emitted as a doubleValue on OTLP conclusion spans, fixing Sentry EAP type inference and ensuring AI credit cap attributes appear consistently even when INPUT_JOB_NAME is absent. Richer data means faster cost diagnosis. (#38550, #38510, #38580)

• Go MCP Server Process Guardrail — A 4-process limit is now enforced on child gh invocations spawned by the Go MCP server, preventing runaway process trees and improving resource safety in constrained runners. (#38544)

• Prefetch Strategy A/B Experiment — The weekly-blog-post-writer workflow gains a prefetch_strategy experiment flag, enabling controlled rollout of prefetch optimizations across agentic runs. (#38622)

• Maintenance Trigger Logging — The first trigger reason for agentics-maintenance generation is now logged, giving operators clear visibility into what kicked off a maintenance cycle. (#38616)

🐛 Bug Fixes & Improvements

• Windows CLI Deadlock Fixed — A process wrapper deadlock in the Windows CLI integration has been resolved, unblocking workflows that stalled when spawning child processes on Windows. (#38592)

• Smarter Failure Titles — The conclusion job now uses failure-specific issue titles and detects the unknown_model_ai_credits failure mode, making auto-filed failure issues more actionable. (#38615, #38610)

• Windows Test Coverage Expanded — The Windows CLI integration test suite is restructured into a scenario matrix covering shell, environment, path, and chaos scenarios for broader coverage. (#38526)

🔒 Security & Reliability

• AWF 0.27.2 Update — Upgraded to the latest AWF firewall runtime, incorporating upstream security and stability fixes. (#38660)

• Digest Pinning Restored — Container image digest pinning for AWF 0.27.0 firewall sidecar images has been restored, and the release pipeline now gates on resolved SHA pins before pushing tags — ensuring supply chain integrity. (#38595, #38608)

📚 Documentation

• LLM/Agent Discovery — Replaced starlight-llms-txt with a custom llms.txt/agents.txt that points directly to .github/aw/*.md workflow sources, making this repo more discoverable by LLM-based tooling. (#38630)

• copilot-requests: write Permission Guidance — Instruction docs now recommend the copilot-requests: write permission for Copilot-targeted workflows. (#38410)

Generated by 🚀 Release · 107.7 AIC · ⊞ 28.8K

What's Changed

• Replace remaining sort.Slice call sites with type-safe slices.SortFunc by @Copilot in #38498
• [jsweep] Clean write_large_content_to_file.cjs by @github-actions[bot] in #38504
• Ensure gh-aw.aic is emitted on conclusion spans when INPUT_JOB_NAME is missing by @Copilot in #38510
• Restructure Windows CLI integration into scenario matrix with missing shell/env/path/chaos coverage by @Copilot in #38526
• Add AI credit cap observability attributes to OTLP conclusion spans by @Copilot in #38550
• [instructions] Sync instruction files with release v0.79.4 by @github-actions[bot] in #38567
• [docs] Update documentation for features from 2026-06-11 by @github-actions[bot] in #38593
• [docs] Update glossary - daily scan by @github-actions[bot] in #38585
• Recommend copilot-requests: write for Copilot-targeted workflows in instruction docs by @Copilot in #38410
• Fix Windows CLI integration deadlock in process wrapper by @Copilot in #38592
• release: gate on resolved container SHA pins before push_tag by @Copilot in #38608
• Restore digest pinning for AWF 0.27.0 firewall sidecar images by @Copilot in #38595
• fix: always emit gh-aw.aic as doubleValue to fix Sentry EAP type inference by @Copilot in #38580
• Add a 4-process guardrail for Go MCP server child gh invocations by @Copilot in #38544
• Log first trigger reason for agentics-maintenance generation by @Copilot in #38616
• Detect unknown_model_ai_credits failure in conclusion job by @Copilot in #38610
• Use failure-specific issue titles in conclusion job by @Copilot in #38615
• Add prefetch_strategy A/B experiment to weekly-blog-post-writer by @Copilot in #38622
• docs: replace starlight-llms-txt with custom llms.txt/agents.txt pointing to .github/aw/*.md by @Copilot in #38630
• updated to awf 0.27.2 by @pelikhan in #38660

Full Changelog: v0.79.5...v0.79.6

🌟 Release Highlights

This release focuses on AI cost visibility and control: the legacy “effective tokens” metric is now called AI Credits across all surfaces, threat detection gets a configurable cost cap, and the add-wizard gains smarter Copilot org billing guidance. Several reliability improvements round out the release.

✨ What’s New

• AI Credits Terminology — “Effective tokens” is now AI Credits (AIC) throughout the UI and workflow metrics, providing clearer cost reporting aligned with the primary billing metric. (#38481)

• Threat Detection Cost Cap — safe-outputs.threat-detection now supports a max-ai-credits field (default: 400) with runtime override, giving you independent budget control over security-scan runs. Learn more (#38456)

• Smarter Copilot Org Billing Setup — gh aw add-wizard now asks Copilot users whether they want to use copilot-requests (org billing via Actions token, no PAT required) or a traditional PAT, simplifying enterprise onboarding. (#38449)

• AI Metrics in Failure Comments — Agent failure issue comments now include AI credit metrics from detection jobs, making cost attribution transparent even when runs fail. (#38453)

🐛 Bug Fixes & Improvements

• Fixed false secret validation warnings for Copilot org billing mode — no more spurious warnings when secrets are correctly configured. (#38459)

• Improved safe-outputs error surfacing — comment_memory now fails (instead of silently skipping) in non-PR contexts, and add_comment hard-fails on unrecognized message targets. (#38447)

• Fixed Docker Hub dependency in safe-outputs — Safe-outputs no longer pulls node:lts-alpine from Docker Hub, restoring reliability for environments with restricted container registries. (#38452)

• Fixed push_to_pull_request_branch — Branch derivation now always uses the PR’s actual head ref, resolving incorrect branch targeting. (#37863)

• Fixed numeric telemetry — gh-aw.aic is now always emitted as a numeric value for agent/detection spans, ensuring consistent OpenTelemetry ingestion. (#38432)

📚 Documentation

• Automated self-healing documentation fixes applied from issue analysis. (#38464)

Generated by 🚀 Release · 95.1 AIC · ⊞ 28.8K

What's Changed

• fix: always emit gh-aw.aic as numeric for agent/detection spans by @Copilot in #38432
• Update .github/aw guidance for frontier-model cost architecture (triage, context pull, bounded sub-agents) by @Copilot in #38429
• [caveman] Optimize instruction verbosity — network, pr-reviewer, report, reuse, workflow-health (2026-06-10) by @github-actions[bot] in #38440
• Creating integration tests for gh aw mcp server by @Copilot in #38448
• Fix #37835: always derive push_to_pull_request_branch from PR head ref by @dsyme in #37863
• fix: safe outputs — comment_memory fails instead of skips in non-PR context; add_comment hard-fails on unrecognized message target by @Copilot in #38447
• Include detection job AI metrics in agent failure issue comment footer by @Copilot in #38453
• Fix secret validation false warnings for copilot org billing mode by @Copilot in #38459
• fix: stop pulling node:lts-alpine for safe-outputs (Docker Hub unreachable) by @Copilot in #38452
• feat: add-wizard prompts Copilot users to choose copilot-requests (org billing) vs PAT by @Copilot in #38449
• [docs] Self-healing documentation fixes from issue analysis - 2026-06-11 by @github-actions[bot] in #38464
• Add threat-detection max-ai-credits with 400 default and runtime override by @Copilot in #38456
• Bump gh-aw-firewall to v0.27.1 by @Copilot in #38480
• Replace "effective tokens" with "AI Credits" in user-facing text by @Copilot in #38481
• [community] Update community contributions in README by @github-actions[bot] in #38493

Full Changelog: v0.79.4...v0.79.5

🌟 Release Highlights

v0.79.4 delivers significant improvements to AI credit (AIC) cost tracking and telemetry accuracy, introduces new workflow authoring controls for custom model pricing and configurable timeouts, and hardens sandbox security. A focused round of bug fixes improves milestone caching, SHA-pinning reliability, and failure reporting.

⚠️ Breaking Changes

• dangerously-disable-sandbox-agent now requires an operator-authored string justification (#38325). Boolean true is no longer accepted — workflows must supply a plain-text reason (≥ 20 characters) explaining why the trust boundary is being removed. Update any workflow using dangerously-disable-sandbox-agent: true to a descriptive string.

• user-invokable and disable-model-invocation fields removed from the gh-aw schema (#38328). These Copilot-specific fields have no meaning in gh-aw workflows and will now produce a validation error. Remove them from any .github/workflows/*.md files.

✨ What's New

• Custom model pricing via models frontmatter (#38276). Declare custom cost tables for private or non-catalog models directly in your workflow frontmatter. Overlays merge over the built-in models.json at runtime with main-workflow precedence. Learn more

• Configurable safe-outputs timeout (#38361). The default safe_outputs job timeout has been raised from 30 to 45 minutes, and a new safe-outputs.timeout-minutes frontmatter field lets you tune it per workflow. Learn more

• create_check_run now supports PR targeting (#38237). Pass target: "pr" or target: "*" to attach check runs to the triggering pull request in addition to the existing commit-based flow.

• Steering messages visible in unified log view (#38277). Mid-run steering messages from operators are now rendered inline in the unified workflow log.

🐛 Bug Fixes & Improvements

• AIC telemetry accuracy across all engines (#38314, #38364, #38327, #38412). The github_models provider alias is now recognised; zero-AIC firewall proxy responses correctly fall back to engine-reported values; AIC credits are properly wired through the agent failure handler and propagated into the failure footer.

• Milestone cache now scoped per owner/repo (#38342). Milestone lookups in assign_milestone no longer bleed across repositories in multi-repo runs.

• SHA-pinning for runtime setup-cli in custom steps: workflows (#38344). The emitted setup-cli step in steps: workflows now receives a SHA pin, aligning with the security posture of standard compiled workflows.

• Failure-issue permission denials handled gracefully (#38273). Workflows lacking issues: write no longer crash on failure reporting; timeout-specific failure messages are now enforced separately.

• Usage tracking fixed for engine jobs (#38353). sendJobConclusionSpan now correctly records token usage for engine-backed jobs.

📚 Documentation

• Auth reference page restructured for clarity (#38390)
• copilot-requests: write now recommended for Copilot authentication (#38404) — see permissions reference
• AIC pricing documentation now links to the live models.dev catalog (#38371)

Generated by 🚀 Release · 164.2 AIC · ⊞ 28.8K

What's Changed

• [caveman] Optimize instruction verbosity — memory, mcp-clis, messages, network (2026-06-10) by @github-actions[bot] in #38263
• [WIP] Fix failing GitHub Actions job Integration: Workflow Misc Part 2 by @Copilot in #38265
• Handle failure-issue permission denials and enforce timeout-specific failure messaging by @Copilot in #38273
• Add steering message rendering in unified log view by @Copilot in #38277
• emit gh-aw.aic as OTLP Sum metric for backend-native consumption by @Copilot in #38279
• Add objective mapping constants and tests by @mnkiefer in #38293
• Fix empty AIC cells in daily guardrail summary when no prior runs exist in 24h window by @Copilot in #38304
• Remove gh_aw.aic OTLP metric emission and keep AIC on traces only by @Copilot in #38312
• fix: emit gh-aw.aic for all engines by recognizing github_models provider alias by @Copilot in #38314
• Add PR-targeting support to create_check_run (including target: "*" flows) by @Copilot in #38237
• [instructions] Sync instruction files with release v0.79.3 by @github-actions[bot] in #38316
• [spec-extractor] Update package specifications for tty, types, typeutil, workflow by @github-actions[bot] in #38334
• feat: require operator-authored justification for dangerously-disable-sandbox-agent by @Copilot in #38325
• fix: wire GH_AW_AIC and GH_AW_MAX_AI_CREDITS to Handle agent failure step by @Copilot in #38327
• Cap impacted Go test selection at ~1 minute via sampled unit tests by @Copilot in #38343
• CJS: ignore impacted JS runs when no matching test files exist by @Copilot in #38339
• pkg/linters: extract inspector helper, migrate to Cursor API, add autofixes by @Copilot in #38317
• fix: usage tracking for engine jobs in sendJobConclusionSpan by @mnkiefer in #38353
• [docs] Update documentation for features from 2026-06-10 by @github-actions[bot] in #38351
• chore: remove user-invokable and disable-model-invocation from the gh-aw schema by @Copilot in #38328
• Updating daily token consumption report to new AIC format by @Copilot in #38362
• fix(assign_milestone): scope milestone cache by owner/repo to prevent cross-repo pollution by @Copilot in #38342
• docs: source AIC pricing from models.dev catalog by @Copilot in #38371
• Bound sampled impacted Go test patterns to prevent go test argv overflow by @Copilot in #38381
• Add models frontmatter field for custom model pricing by @Copilot in #38276
• Record agent failure categories as OTLP attribute for counting by @Copilot in #38331
• feat: raise safe_outputs default timeout to 45m and add safe-outputs.timeout-minutes frontmatter by @Copilot in #38361
• fix: SHA-pin the runtime setup-cli step emitted for custom steps: workflows by @Copilot in #38344
• Replace /reference/auth engine-secret table with header/list reference blocks by @Copilot in #38390
• fix(telemetry): emit gh-aw.aic=0 and fall back to engine-reported AIC when firewall proxy reports zero by @Copilot in #38364
• optimize: reduce claude-code-user-docs-review AIC cost ~20–33% by eliminating redundant main-agent work by @Copilot in #38401
• docs: recommend copilot-requests: write for Copilot authentication by @Copilot in #38404
• Expand Daily AIC report to include Grafana telemetry and backend-specific AIC gaps by @Copilot in #38400
• [docs] docs: unbloat monitoring-with-projects.md by @github-actions[bot] in #38417
• [WIP] Fix failing GitHub Actions job 'js-typecheck' by @Copilot in #38397
• [WIP] Explore agent persona and scenarios for agentic workflows by @Copilot in #38407
• Propagate resolved AI credits into failure footer context by @Copilot in #38412

Full Changelog: v0.79.3...v0.79.4