gh-aw 0.35.1

🌟 Release Highlights

Version 0.35.1 brings powerful GitHub Projects V2 integration, enhanced safe outputs with reference control, and significant reliability improvements across compilation, security, and developer experience.

✨ What's New

GitHub Projects V2 Management

• Copy Projects - Duplicate Projects V2 boards with copy-project safe output, preserving structure, custom fields, views, and workflows (#9081)
• Project Status Updates - Create status updates with create-project-status-update to track campaign progress, KPIs, and milestones (#9085)
• Campaign Integration - Orchestrators automatically generate status updates and can copy project templates (#9116, #9121)

Safe Outputs Enhancements

• Reference Control - New allowed-github-references field restricts GitHub-style references (#123, owner/repo#456) to prevent unwanted timeline items in cross-repo workflows (#9033)
• Missing Tool Issues - Auto-create GitHub issues when agents report missing tools, with expiration support (#9117)
• Asset Handling Fix - Resolved upload_assets job failures by creating separate artifact for safe-outputs assets (#9064)

Developer Experience

• Upgrade Agent - New upgrade-agentic-workflows custom agent created by gh aw init provides automated upgrade guidance with codemod support (#9032)
• Debugging Skill - Added comprehensive debugging skill with log download scripts, audit commands, and troubleshooting guides (#9036)
• String Utilities - Consolidated scattered string manipulation functions into pkg/stringutil for better discoverability (#9138)

🐛 Bug Fixes & Improvements

Compilation & Validation

• Fixed compiler bug preventing safe output jobs when threat-detection: false (#9097)
• Campaign validation now scoped to specific files instead of all campaigns (#9022)
• Prevented action pinning version flipping between equivalent tags (#9023)
• Implemented semver-compatible action pin resolution (#9027)
• Reduced campaign validation warning verbosity by 55% (#9072)

MCP & Tools

• Added fix tool to MCP server for applying codemods (#9035)
• Split MCP Gateway into download and start steps with gh CLI authentication (#9053)
• Added resource operation tests for MCP gateway (#9059)
• Created install-awmg.sh for standalone MCP gateway CLI (#9056)

Security

• Replaced deprecated COPILOT_TOKEN with COPILOT_GITHUB_TOKEN (#9052)
• Fixed file permissions in interactive workflow builder (Alert #371) (#9067)
• Fixed unhandled error in semantic version parsing (Alert #477) (#9141)
• Suppressed false positive hardcoded credentials warnings (Alerts #469, #468, #467, #466) (#9091)

Code Quality

• Refactored run_command.go into focused modules (1,043 → 597 lines) with comprehensive test coverage (#9139)
• Removed go.yaml.in/yaml/v3 as direct dependency, using goccy/go-yaml uniformly (#9083)
• Replaced "denied" with "blocked" terminology in firewall reporting (#9118)

📚 Documentation

• Updated campaign documentation for orchestrator architecture with improvement proposals (#9000)
• Documented allowed-github-references field in SideRepoOps guide (#9128)
• Streamlined homepage, removing duplicates and improving structure (#9112)
• Added Ubuntu 24.04 Actions Runner Image Analysis (#9137)

🔧 Infrastructure

• Updated GitHub MCP Server to v0.27.0 (#9025)
• Updated AWF (gh-aw-firewall) to v0.8.1 (#9038)
• Pinned @anthropic-ai/sandbox-runtime version in SRT installation (#9037)
• Added awmg CLI compilation to release workflow (#9054)
• Enable edit and bash tools by default when sandbox is enabled (#9065)

---

For complete details, see CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Optimize action pinning and caching: eliminate redundant JSON parsing and I/O by @Copilot in #9016
• [docs] Unbloat campaigns/getting-started.md - 29% reduction by @github-actions[bot] in #9004
• Update campaign documentation for orchestrator architecture and propose improvements by @Copilot in #9000
• Prevent action pinning version comment flipping between equivalent tags by @Copilot in #9023
• Scope campaign validation to specific files when compiling by name by @Copilot in #9022
• Update create-safe-output-type custom agent to document handler manager architecture by @Copilot in #9026
• Fix Go formatting in compile_campaign.go by @Copilot in #9031
• Implement semver-compatible action pin resolution by @Copilot in #9027
• [security-fix] Fix path traversal false positive in dispatch_workflow_validation.go (Alert #465) by @github-actions[bot] in #9029
• Update GitHub MCP Server v0.26.3 → v0.27.0 by @Copilot in #9025
• Display campaign validation problems in console output by @Copilot in #9028
• Move Agentic campaigns section after Examples in docs navigation by @Copilot in #9034
• Add fix tool to MCP server by @Copilot in #9035
• Add debugging-workflows Agent Skill by @Copilot in #9036
• Add upgrade-agentic-workflows custom agent to init command by @Copilot in #9032
• Add allowed-github-references safe-output field to restrict markdown references by @Copilot in #9033
• Update AWF to v0.8.1 by @Copilot in #9038
• Pin @anthropic-ai/sandbox-runtime version in SRT installation by @Copilot in #9037
• Replace deprecated COPILOT_TOKEN with COPILOT_GITHUB_TOKEN by @Copilot in #9052
• Split MCP Gateway into download and start steps with gh CLI authentication by @Copilot in #9053
• Add awmg CLI compilation to release workflow by @Copilot in #9054
• Add install-awmg.sh for standalone MCP gateway CLI by @Copilot in #9056
• Add resource operation tests for MCP gateway by @Copilot in #9059
• Add daily workflow to monitor secrets in lock.yml files by @Copilot in #9060
• [security-fix] Fix file permissions in interactive.go (Alert #371) by @github-actions[bot] in #9067
• Enable edit and bash tools by default when sandbox is enabled by @Copilot in #9065
• Create separate safe-outputs-assets artifact for upload_assets job by @Copilot in #9064
• Consolidate workspace path info into temp_folder_prompt and remove edit_tool_prompt by @Copilot in #9071
• Reduce campaign validation warning verbosity by 55% by @Copilot in #9072
• Replace manual prompt handling with console.ConfirmAction in trial command by @Copilot in #9078
• [WIP] Split daily-news shell script into multiple steps by @Copilot in #9080
• Fix campaign field name inconsistency: use 'repository' instead of 'repo' by @Copilot in #9084
• Add copy-project safe output for GitHub Projects V2 by @Copilot in #9081
• Recompile workflows with consolidated tool permissions by @Copilot in #9082
• Security Fix: Suppress false positive hardcoded credentials warnings in compiler_safe_outputs_steps.go (alerts #469, #468, #467,
  [Content truncated due...

gh-aw 0.34.5

🌟 Release Highlights

This release brings powerful new safe-input capabilities, enhanced developer workflows, and critical security improvements across 51 merged pull requests.

✨ What's New

Go Language Support for Safe Inputs (#8941)
Go joins JavaScript, Python, and Shell as a fully-supported safe-inputs scripting language. Write type-safe input handlers with Go's performance and tooling ecosystem.

Dispatch Workflow Safe Output (#8940)
New dispatch-workflow safe output type enables workflows to trigger other workflows with dynamic per-workflow tool permissions. Perfect for multi-stage pipelines and hierarchical agent orchestration.

Enhanced Run Command with --push Flag (#8971)
The gh aw run command now supports --push to automatically commit compiled workflows and dispatch them to GitHub Actions - streamlining the workflow development cycle.

Multiple Slash Command Identifiers (#8943)
Configure workflows to respond to multiple slash commands (e.g., /deploy, /ship, /release), making workflows more discoverable and intuitive for teams.

Safe Output Domain Validation (#9017)
New validation ensures safe-outputs.allowed-domains configurations are properly specified, catching configuration errors before workflows run.

🔒 Security Enhancements

File Permission Hardening (#8928, #8950, #8967, #8991, #9014)
Resolved 7 CodeQL security alerts by restricting file permissions in download, tracking, fix, metadata generation, and git operations. All affected files now use secure 0600/0700 permissions.

Dispatch Workflow Path Traversal Prevention (#8977)
Fixed path traversal vulnerabilities (alerts #465, #464, #463) in dispatch-workflow validation to prevent malicious workflow references.

🐛 Bug Fixes & Improvements

MCP Server Compile Tool Error Handling (#8938, #8939)
The MCP compile tool now returns proper validation errors instead of protocol errors, improving debugging experience and CI test coverage.

Token Counting Improvements (#8927, #8942, #8948)
Enhanced Copilot and Codex log parsers to extract total_tokens from multiple log formats, with comprehensive debug logging and artifact flattening support.

Logs Command Filtering (#8949, #8998)
Reduced noise in gh aw logs output and fixed stdout corruption in JSON mode for cleaner, more reliable log analysis.

Artifact Structure Fixes (#8958, #8963)
Corrected artifact flattening and file detection after refactored artifact structure, ensuring proper session log discovery.

🔧 Developer Experience

Safe Output Refactoring (#9012, #8996)
Major refactoring reduces duplication in safe output subsystem by splitting core functionality into focused modules - improving maintainability and extensibility.

Campaign System Improvements (#8973, #8978, #8987, #8988, #8992)
Enhanced campaign orchestration with deterministic discovery, proper lock filename handling, fixed metrics validation, and corrected cursor path mapping.

Test Quality Enhancements (#8960, #8961, #8962)
Fixed testifylint violations, configured golangci-lint for Go 1.25, and improved code formatting consistency across the test suite.

📚 Documentation

Feature Documentation Updates (#8946, #9020, #8956)
Comprehensive documentation for --push flag functionality, hourly fuzzy schedule feature, and features from 2026-01-04 release cycle.

Comparative Analysis (#8952)
Added oh-my-opencode vs GitHub Agentic Workflows comparative analysis for teams evaluating workflow orchestration tools.

---

For complete details, see the CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Security Fix: Restrict file permissions in download_workflow.go (Alert #379) by @github-actions[bot] in #8928
• Remove GitHub Actions annotations from setup.sh logging by @Copilot in #8931
• Update docs campaign project by @mnkiefer in #8929
• Update campaign name for documentation quality project by @mnkiefer in #8933
• Use GitHub MCP get_file_contents instead of web-fetch for runner image docs by @Copilot in #8932
• Add total_tokens extraction support for Codex logs by @Copilot in #8927
• Remove || true from static analysis compile step and update agent to read compile-output.txt by @Copilot in #8937
• Recompile campaign workflows to use 'repo' field instead of 'repository' by @Copilot in #8926
• Add CI test for MCP server compile tool error handling by @Copilot in #8938
• Fix MCP compile tool to return validation errors instead of protocol errors by @Copilot in #8939
• Add Go (golang) support to safe-inputs scripting languages by @Copilot in #8941
• Review and verify Copilot Go log parser token counting implementation by @Copilot in #8942
• Add support for multiple slash command identifiers by @Copilot in #8943
• [docs] Update documentation for features from 2026-01-04 by @github-actions[bot] in #8946
• Filter noise from logs command output by @Copilot in #8949
• Security Fix: Restrict file permissions in file_tracker.go (Alert #378) by @github-actions[bot] in #8950
• Add dispatch-workflow safe output type with dynamic per-workflow tools by @Copilot in #8940
• Add oh-my-opencode vs GitHub Agentic Workflows comparative analysis by @Copilot in #8952
• Run safe-inputs JavaScript handlers in separate Node.js processes by @Copilot in #8953
• Fix Copilot token parsing: Add debug logging, tests, and artifact flattening by @Copilot in #8948
• [WIP] Fix issues in JavaScript tests by @Copilot in #8955
• Document hourly fuzzy schedule feature by @Copilot in #8956
• Fix testifylint violations in test assertions by @Copilot in #8960
• Configure golangci-lint to use Go 1.25 by @Copilot in #8961
• Replace markdown headers with styled section headers in audit command output by @Copilot in #8959
• Fix artifact flattening and file detection for refactored artifact structure by @Copilot in #8958
• Format Go code: Fix indentation in logs_noop_test.go by @Copilot in #8962
• Add beads worker workflow with beads-sync branch integration and persistent credential management by @Copilot in #8954
• Fix Copilot parser to find session logs after artifact flattening by @Copilot in #8963
• [security-fix] Fix file permissions in fix_command.go (Alert #377) by @github-actions[bot] in #8967
• [WIP] Add safe outputs to the beads worker agentic workflow by @Copilot in #8965
• [WIP] Update beads worker for shallow checkout of .beads folder by @Copilot in #8966
• Add deterministic campaign discovery precomputation with runtime worker output manifest by @Copilot in #8973
• Security Fix: Prevent path traversal in dispatch-workflow validation (Alerts #465, #464, #463) by @github-actions[bot] in #8977
• Fix campaign orchestrator lock filename in activation job timestamp check by @Copilot in #8978
• [specs] Update layout specification - 2026-01-05 by @github-actions[bot] in #8975
• Fix push_repo_memory metrics validation by removing omitempty from required fields by @Copilot in #8987
• Fix campaign metrics validation by documenting required fields in orchestrator instructions by @Copilot in #8988
• Fix campaign cursor path mapping in orchestrator instructions by @Copilot in #8992
• Security Fix: Restrict file permissions in generate_action_metadata_command.go (Alerts #376, #375, #374) by @github-actions[bot] in #8991
• Add debug logging and guide for action pinning version comment flipping by @Copilot in #8999
• Fix stdout corruption in logs command JSON output by @Copilot in #8998
• Refactor compiler_safe_outputs_core.go: Complete file split into 4 focused modules by @Copilot in #8996
• [security-fix] Fix file permissions in git.go (Alerts #373, #372) by @github-actions[bot] in #9014
• [slides] Update slide deck configuration syntax by @github-actions[bot] in #9013
• Add --push flag to run command for automatic workflow commit and dispatch by @Copilot in #8971
• Refactor safe outputs subsystem to reduce duplication by @Copilot in #9012
• [jsweep] Clean add_labels.cjs by @github...

gh-aw 0.34.4

🌟 Release Highlights

This release brings significant improvements to safe outputs, security hardening, and project management capabilities, with 64 PRs merged focused on reliability and developer experience.

✨ What's New

Cross-Repository Safe Outputs
Safe output operations now support allowed-repos field, enabling secure cross-repository workflows for multi-repo orchestration. Learn more

Inline File References
New inline reference syntax (@./path, @../path, @url) enables embedding file contents and URLs directly in workflows with path security validation (#8880)

Epic Issue Creation
Campaign orchestrators can now create Epic issues to track complex multi-phase initiatives, with automatic project linking and field management (#8895)

Enhanced Project Management
update-project safe output now supports NUMBER, ITERATION, and DATE field types, with intelligent type mismatch detection and validation (#8863, #8910, #8920, #8925)

Unified Artifact System
Consolidated agent artifact handling into single agent-artifacts upload/download pattern, reducing complexity and improving reliability (#8835, #8846, #8851)

Actions Runtime Update
Upgraded to actions/github-script v8 with Node.js 24 support for improved performance and compatibility (#8882)

🔒 Security Enhancements

• Restricted file permissions to 0600 for agent configuration files (CWE-732 prevention) (#8831, #8903, #8911)
• Fixed hardcoded credentials false positives in Copilot execution (#8840, #8888)
• Corrected directory permissions in logs and downloads (#8855)

🐛 Key Bug Fixes

• Fixed safe-outputs import conflicts from shared workflows (#8827)
• Resolved missing workflow_path field in logs JSON output (#8834)
• Fixed repo-memory path inconsistencies blocking meta-orchestrator metrics (#8848)
• Corrected threat detection artifact path resolution (#8915, #8918)
• Fixed gh aw update treating commit SHAs as branch names (#8874)
• Resolved date field creation issues in project updates (#8910)

🔧 Improvements

• Added exit code and stderr logging for GitHub CLI failures with intelligent error detection (#8906)
• Removed misleading network requirement in strict mode validation (#8852)
• Enhanced GitHub CLI command error visibility with comprehensive diagnostics
• Improved TypeScript type safety in repository validation (#8870)
• Better string utility documentation for ShortenCommand vs Truncate (#8923)

📚 Documentation

• Consolidated developer specifications into unified instructions file (#8861)
• Reduced campaign project management docs by 63% for better clarity (#8893)
• Added deep technical analysis comparing mdflow vs gh-aw architectures (#8830)

---

For complete details, see the CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Use FormatVerboseMessage for action SHA validation success message by @Copilot in #8826
• Security Fix: Restrict file permissions in copilot-agents.go (Alert #383) by @github-actions[bot] in #8831
• Add deep technical analysis of mdflow vs gh-aw with custom engine opportunities by @Copilot in #8830
• Fix Go linting issues: convert if-else chains to switch statements and use testify best practices by @Copilot in #8832
• Fix safe-outputs import double-processing causing job merge conflicts by @Copilot in #8827
• Fix missing workflow_path field in logs JSON output by @Copilot in #8834
• [security-fix] Fix hardcoded credentials false positive in copilot execution (Alert #440) by @github-actions[bot] in #8840
• Add test coverage for importing neutral tools (edit, web-fetch, web-search, safety-prompt, timeout, startup-timeout) by @Copilot in #8838
• Consolidate agent job artifact uploads into single step by @Copilot in #8835
• Add builtin web_fetch tool support to Copilot engine with correct tool name mapping by @Copilot in #8833
• Update tests and PR helpers for unified agent artifact structure by @Copilot in #8846
• Add allowed-repos field to safe output types for cross-repository operations by @Copilot in #8837
• Fix repo-memory path inconsistencies blocking meta-orchestrator metrics access by @Copilot in #8848
• Refactor large workflows into modular shared components by @Copilot in #8849
• Fix artifact downloads to use unified agent-artifacts and remove duplicates by @Copilot in #8851
• Remove misleading network requirement in strict mode validation by @Copilot in #8852
• feat: improve campaign orchestrator & project update contract by @mnkiefer in #8857
• Rename file-size-reduction campaign from project64 to project68 by @Copilot in #8862
• Add support for NUMBER and ITERATION field types in update-project by @Copilot in #8863
• Security Fix: Correct directory permissions in logs_download.go (Alerts #461, #460) by @github-actions[bot] in #8855
• [docs] Consolidate developer specifications into instructions file by @github-actions[bot] in #8861
• Add explicit date field calculation to campaign orchestrator Phase 2 by @Copilot in #8864
• Remove error suppression and add verbose mode in CI workflows by @Copilot in #8871
• Fix TypeScript type errors in repository validation error handling by @Copilot in #8870
• Remove invalid ProjectV2DateField GraphQL fragment by @Copilot in #8872
• chore: update file reduction campaign project details by @mnkiefer in #8876
• Add fail-fast and verbose logging to logs-token-check CI job by @Copilot in #8875
• Fix update command treating commit SHAs as branch names by @Copilot in #8874
• Migrate detection job artifacts to unified /tmp/gh-aw/artifacts architecture by @Copilot in #8853
• Fix vitest import in file_helpers.test.cjs by @Copilot in #8883
• Remove Campaign - Org-Wide Rollout workflow by @Copilot in #8886
• [security-fix] Fix hardcoded credentials false positive in safe_outputs_steps.go (Alert #433) by @github-actions[bot] in #8888
• Upgrade actions/github-script to v8 with Node.js 24 support by @Copilot in #8882
• Add daily workflow to analyze Ubuntu Actions runner image and generate Docker mimic documentation by @Copilot in #8884
• Fix create-agent-task safe-output: use GH_AW_ prefix instead of reserved GITHUB_ prefix by @Copilot in #8897
• [WIP] Fix assignees configuration in safe-outputs.create-issue by @Copilot in #8887
• Add artifact file location manager with workflow analysis and reference generation by @Copilot in #8873
• [docs] Unbloat campaign project management documentation (63% reduction) by @github-actions[bot] in #8893
• Add Epic issue creation to campaign orchestrators by @Copilot in #8895
• Security: Fix file permissions in copilot_setup.go (alerts #382, #381) by @github-actions[bot] in #8903
• Enable DEBUG logging in logs-token-check CI job by @Copilot in #8900
• Format Go code in artifact manager files by @Copilot in #8899
• Fix create_issue test expectations for assignees field by @Copilot in #8905
• Fix Go linting issues: replace WriteString(fmt.Sprintf) with fmt.Fprintf by @Copilot in #8909
• Add inline file/URL reference syntax (@./path, @../path, @url) with path security validation by @Copilot in #8880
• Fix date field creation in update_project to use DATE type by @Copilot in #8910
• Security: Fix file permissions in devcontainer.go (alert #380) by @github-actions[bot] in #8911
• Update campaign references from project68 to project71 by @mnkiefer in #8907
• Fix JavaScript formatting in update_project.test.cjs by @Copilot in #8914
• Add exit code and stderr logging for GitHub CLI command failures with intelligent error detection by @Copilot in #8906
• Fix threat detection artifact path resolution by @Copilot in #8915
• Refine logs-token-check job: scope to smoke-copilot workflow and remove debug logging by @Copilot in #8919
• Fi...

gh-aw 0.34.3

🌟 Release Highlights

This maintenance release focuses on schema consistency, workflow reliability, and security hardening.

🔒 Security

• Path traversal vulnerability fixed - Resolved critical path traversal issue in workflow compiler (Alert #455) to prevent unauthorized file access

🐛 Bug Fixes & Improvements

• Cleaner SHA-pinned action handling - Actions already pinned to full 40-character commit SHAs no longer emit unnecessary dynamic resolution warnings, reducing noise in compilation output
• Robust logs parsing - Added fallback parser for the logs command when engine detection fails, ensuring log analysis works even with non-standard workflow formats
• Schema validation improvements:
  • Fixed MCP version type inconsistency - schemas now consistently accept both string and number types (e.g., version: 20 or version: "1.0.0")
  • Added validation documentation to stdio_mcp_tool definitions for clearer developer guidance
  • Added default value to engine field in included schema for consistency
• Enhanced JSON output validation - The logs command now validates engine_id and workflow_path fields in JSON output to catch configuration errors early

✅ Quality Assurance

• Comprehensive workflow testing - Verified all 128 agentic workflows in the repository compile successfully, ensuring reliability across the entire workflow ecosystem

---

For complete details, see the CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Fix MCP version type inconsistency in mcp_config_schema.json by @Copilot in #8812
• Add $comment validation documentation to stdio_mcp_tool in included schema by @Copilot in #8813
• Add default value to engine field in included_file_schema.json by @Copilot in #8814
• Skip warnings for actions already pinned to full SHAs by @Copilot in #8815
• Add fallback parser for logs command when engine detection fails by @Copilot in #8817
• Validate engine_id and workflow_path in logs JSON output by @Copilot in #8818
• Verify all 128 agentic workflows compile successfully by @Copilot in #8820
• [security-fix] Fix path traversal vulnerability in workflow compiler (Alert #455) by @github-actions[bot] in #8822

Full Changelog: v0.34.2...v0.34.3

gh-aw 0.34.2

🌟 Release Highlights

This maintenance release delivers 35 improvements focused on security hardening, enhanced CLI experience, and internal architecture refinements. Key highlights include multiple security vulnerability fixes, new interactive UI components with accessibility support, and improved MCP server reliability.

🔒 Security Fixes

Four critical security vulnerabilities were resolved in this release:

• Path traversal prevention in gateway config rewrite (#8732), schema compiler (#8803), and poutine output parsing (#8802)
• Command injection prevention in zizmor Docker execution (#8780)
• All vulnerabilities were identified and fixed proactively through automated security scanning

✨ Enhanced CLI Experience

New interactive components bring a more polished, accessible user experience:

• Interactive list component for workflow and MCP server selection (#8734) - Navigate workflows with keyboard shortcuts
• Progress bars with gradient effects for long-running operations (#8782, #8793) - Visual feedback with indeterminate mode support
• Spinner with accessibility - Uses MiniDot style with ACCESSIBLE environment variable support (#8787)
• Visual regression tests with golden files ensure consistent console rendering (#8794)

🔧 Reliability & Performance

• Improved MCP server reliability with robust health checks and increased timeouts (#8777)
• Optimized golangci-lint for faster CI pipeline execution (#8762, #8772)
• Fixed logs command JSON output when no workflow runs match criteria (#8775)
• Renamed lockdown detection step to determine-automatic-lockdown with runtime token check (#8798)

🏗️ Architecture Improvements

Internal refactoring to improve maintainability and consistency (no user-facing changes):

• Handler factory pattern migration - Safe output handlers now use centralized handler manager (#8776, #8745, #8791)
• Eliminated duplicate control flow in update handlers for cleaner codebase (#8791)
• JavaScript test fixes and improved test coverage across the project (#8773)
• Removed unused script getters from js.go after handler migration (#8784)

📚 Documentation Updates

• Home page improvements with elevator pitch and CLI context (#8717)
• Fixed TOC indexing bug - "Error Copying File" no longer appears in table of contents (#8716)
• Campaign orchestrator updates with required project fields (#8741, #8740)

---

For complete details, see the CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Fix "Error Copying File" appearing in documentation TOC by @Copilot in #8716
• Add elevator pitch and CLI context to documentation home page by @Copilot in #8717
• chore: refactor campaign orchestrator and project update instructions by @mnkiefer in #8740
• [security-fix] Fix path traversal vulnerability in gateway config rewrite (Alert #459) by @github-actions[bot] in #8732
• Add required project fields to campaign orchestrator instructions by @Copilot in #8741
• Refactor hardcoded actions/github-script SHA to dynamic resolution by @Copilot in #8719
• Add interactive list component for workflow and MCP server selection by @Copilot in #8734
• Add progress bar component for workflow run processing by @Copilot in #8731
• Integrate Bubbles spinner for consistent loading indicators by @Copilot in #8735
• Format and lint Go code - fix 6 linting violations by @Copilot in #8746
• Fix add_comment and update_* safe outputs ignoring target configuration by @Copilot in #8753
• Migrate mark-pull-request-as-ready-for-review to handler factory pattern by @Copilot in #8745
• [docs] Unbloat safe-inputs.md reference documentation by @github-actions[bot] in #8770
• Optimize golangci-lint for CI speed using best practices by @Copilot in #8762
• Optimize lint-go job: install only golangci-lint by @Copilot in #8772
• Refactor spinner to use Bubble Tea Cmd system by @Copilot in #8765
• [WIP] Fix JavaScript tests in the project by @Copilot in #8773
• Security Fix: Prevent command injection in zizmor Docker execution (alert #441) by @github-actions[bot] in #8780
• Fix logs command JSON output when no workflow runs match criteria by @Copilot in #8775
• Improve MCP server reliability with robust health checks and increased timeouts by @Copilot in #8777
• Fix gofmt alignment in logs_ci_scenario_test.go by @Copilot in #8783
• Migrate safe output handlers to handler factory pattern by @Copilot in #8776
• Enhance progress bar with scaled gradient effects by @Copilot in #8782
• Remove unused script getter functions from js.go by @Copilot in #8784
• Document and test Copilot token count accumulation behavior by @Copilot in #8786
• Use MiniDot spinner style with ACCESSIBLE environment variable support by @Copilot in #8787
• Security Fix: Add #nosec annotations for validated path operations in gateway.go (Alert #459) by @github-actions[bot] in #8792
• Refactor safe-output update handlers to eliminate duplicate control flow by @Copilot in #8791
• Add indeterminate mode for progress bars with unknown totals by @Copilot in #8793
• Add visual regression tests with golden files for console rendering by @Copilot in #8794
• Fix logs-token-check: capture only JSON stdout in CI test by @Copilot in #8797
• [security-fix] Fix path traversal false positive in poutine output parsing (Alert #458) by @github-actions[bot] in #8802
• [security-fix] Fix path traversal vulnerability in schema compiler (Alert #457) by @github-actions[bot] in #8803
• Rename detect-repo-visibility to determine-automatic-lockdown with runtime token check by @Copilot in #8798
• [WIP] Fix syntax error in lock.yml introduced in last commit by @Copilot in #8810

Full Changelog: v0.34.1...v0.34.2

gh-aw 0.34.1

🌟 Release Highlights

This patch release focuses on security hardening and MCP gateway enhancements, with critical fixes for path traversal and command injection vulnerabilities.

🔒 Security Fixes

Critical path traversal and command injection fixes:

• Path traversal prevention (#8699) - Fixed shell completion config file reads to prevent directory traversal attacks (Alerts #444, #443)
• Command injection validation (#8704) - Enhanced validation in poutine.go to prevent command injection (Alert #442)

These fixes address security vulnerabilities discovered through automated scanning. All users should update immediately.

✨ What's New

MCP Gateway improvements:

• Template substitution & safe inputs (#8700) - AWMG gateway now supports template substitution and safe inputs proxying, enabling more flexible workflow configurations
• Action pinning (#8694) - Setup actions now resolve tags to SHAs in release mode for improved security and reproducibility

Developer experience:

• fix command enhancement (#8693) - Added --dir flag to target specific directories when fixing workflows
• Campaign flexibility (#8706) - Made tracker-label optional in campaign specs, simplifying configuration

🐛 Bug Fixes & Improvements

• Quieter setup logs (#8692) - Reduced setup.sh verbosity by moving file copy messages to debug level
• Refactored threat detection (#8691) - Moved inline JavaScript to dedicated .cjs module for better maintainability
• Handler architecture (#8683) - Converted PR-related safe outputs and hide-comment to handler manager architecture (internal refactor)
• Test fixes (#8689) - Fixed create_pull_request tests for handler factory architecture

📚 Documentation

• Streamlined imports guide (#8709) - Reduced bloat in reference documentation while preserving all technical details (34.8% reduction)
• Enhanced dictation skill (#8708) - Updated with comprehensive project glossary of 250+ technical terms for better speech-to-text support

---

For complete details, see CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Reduce setup.sh log verbosity by moving file copy messages to debug level by @Copilot in #8692
• Add --dir flag to fix command by @Copilot in #8693
• Refactor threat detection parsing step to separate .cjs file by @Copilot in #8691
• Security Fix: Prevent path traversal in shell completion config file reads (Alerts #444, #443) by @github-actions[bot] in #8699
• Resolve Setup action tags to SHAs in release mode using action pin manager by @Copilot in #8694
• Enable template substitution and safeinputs proxying in AWMG gateway by @Copilot in #8700
• [security-fix] Fix command injection validation in poutine.go (Alert #442) by @github-actions[bot] in #8704
• Convert PR-related safe outputs and hide-comment to handler manager architecture by @Copilot in #8683
• Make tracker-label optional in campaign specs by @Copilot in #8706
• [docs] Update dictation skill instructions by @github-actions[bot] in #8708
• [docs] Reduce bloat in imports.md reference documentation by @github-actions[bot] in #8709

Full Changelog: v0.34.0...v0.34.1

gh-aw 0.34.0

🌟 Release Highlights

This release introduces a powerful new standalone CLI for MCP server management, alongside critical improvements to workflow reliability, security, and developer experience.

✨ What's New

🚀 Standalone MCP Gateway CLI (awmg)
A lightweight command-line tool for aggregating and managing MCP servers. Perfect for local development and testing, awmg provides centralized HTTP proxy routing for MCP server calls with built-in health checks and environment configuration. Learn more about MCP Gateway

🔒 Smart GitHub MCP Lockdown
The compiler now auto-detects repository visibility and applies appropriate security settings. Public repositories automatically enable lockdown mode (lockdown: true) while private/internal repositories use relaxed mode (lockdown: false), defaulting to lockdown on API failures for maximum safety.

📦 Importable Tool Definitions
New tool definitions (agentic-workflows, serena, playwright) can now be configured in shared workflow files and merged into consuming workflows during compilation, enabling better workflow reusability.

🐛 Key Bug Fixes

• Fixed MCP Configuration Access - Copilot CLI inside containers can now access MCP configuration via mounted /home/runner/.copilot directory, resolving tool availability issues
• Improved Artifact Handling - Artifact names now comply with upload-artifact@v5 requirements with consistent delimiters and proper path resolution
• Enhanced Secret Passing - Safe-inputs MCP server correctly receives tool secrets via environment blocks, fixing authentication issues
• Shellcheck Compliance - Resolved 31 SC2155 warnings by separating export declarations from command substitutions in PATH setup

⚡ Performance & Developer Experience

• Context Cancellation - Concurrent artifact downloads now support proper context cancellation for better resource management
• CLI Enhancements - Shell completions now include workflow descriptions, and the init command supports --completions flag with automatic shell detection
• Configurable Concurrency - Maximum concurrent downloads configurable via GH_AW_MAX_CONCURRENT_DOWNLOADS environment variable
• Updated Dependencies - GitHub Copilot CLI updated to 0.0.374, actionlint upgraded to v1.7.10

🔧 Internal Improvements

• Refactored system prompts to file-based approach for better maintainability
• Split large validators into focused domain modules for better code organization
• Enhanced error handling for malformed temporary IDs with flexible # prefix support
• Improved CLI command test coverage across all commands

---

For complete details, see CHANGELOG.

---

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Optimize CI parallelization: Remove sequential bench/fuzz dependencies by @Copilot in #7314
• Fix github-agentic-workflows.md embed directive to use correct file by @Copilot in #7313
• Fix type error in MCP gateway integration tests by @Copilot in #7316
• Add verification tests for patch artifact download in safe_outputs job by @Copilot in #7320
• Add debug logging to action pin manager resolution flow by @Copilot in #7317
• chore: support updating of draft issues by @mnkiefer in #7318
• Add tools.go for build-time tool dependency tracking by @Copilot in #7322
• Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.4.0 by @dependabot[bot] in #7324
• Add automated license compliance scanning with go-licenses by @Copilot in #7328
• Add dependency health audit to update command with JSON output and CI integration by @Copilot in #7323
• feat: add compiler version to generated workflow headers for release builds by @Copilot in #7326
• Add ACCESSIBLE environment variable to accessibility mode detection by @Copilot in #7330
• Add spinner feedback for workflow compilation in interactive builder by @Copilot in #7337
• Document version pinning for gh extension install and install-gh-aw.sh by @Copilot in #7341
• Enable GitHub Actions API access for Workflow Health Manager by @Copilot in #7342
• Remove discussion usage from quick start docs, simplify token callout by @Copilot in #7343
• Fix Copilot Requests permissions in quick start guide by @bewuethr in #7347
• Update CLI pinning docs to use @ref syntax instead of --pin flag by @Copilot in #7344
• Add isRelease build flag to reliably mark release binaries by @Copilot in #7340
• Add group titles and descriptions to interactive workflow form by @Copilot in #7349
• [log] Add debug logging to import processing, safe outputs PR compilation, and analysis functions by @github-actions[bot] in #7353
• Add support for "every n days" long-form schedule syntax by @Copilot in #7352
• Remove automatic campaign_id generation from ProjectOps by @Copilot in #7359
• Add explicit permissions to license-check workflow (Alert #74) by @Copilot in #7361
• Add Go network access to hourly CI cleaner workflow by @Copilot in #7355
• Remove go-licenses from build dependencies by @Copilot in #7382
• Use DefaultNodeVersion constant in GenerateNodeJsSetupStep by @Copilot in #7384
• Fix team member skipping in ai-moderator workflow by @Copilot in #7385
• Fix inconsistent command name format in help text (gh-aw → gh aw) by @Copilot in #7397
• [ca] Fix npm availability check in dependabot integration test by @github-actions[bot] in #7398
• Add interactive playground page for GitHub Actions workflow visualization by @Copilot in #7321
• Update golangci-lint to v2.7.2 and migrate configuration by @Copilot in #7386
• Remove playground executor workflow by @Copilot in #7401
• [docs] docs: reduce bloat in safe-outputs.md reference (46.4% reduction) by @github-actions[bot] in #7405
• chore: add org-owned projectOps workflow by @mnkiefer in #7406
• chore: update org projectops workflow for issue updates by @mnkiefer in #7416
• test: projectOps fine grained token usage by @mnkiefer in #7423
• Document network ecosystem identifiers for package registries and CDNs by @Copilot in #7417
• Reduce CI cleaner frequency from hourly to 2-3 hour intervals by @Copilot in #7424
• Remove inline mode and externalize all scripts via setup action by @Copilot in #6912
• Remove examples/*.lock.yml from version control by @Copilot in #7431
• Use release flag instead of version heuristics for action mode detection by @Copilot in #7433
• Fix hardcoded absolute paths and missing mock in JS tests by @Copilot in #7432
• Rewrite lock-issue script to export main and call via require() by @Copilot in #7437
• Add no-op early exit guard to Hourly CI Cleaner by @Copilot in #7425
• Implement streamable-http protocol support for awmg CLI by @Copilot in #7427
• [instructions] Sync github-agentic-workflows.md with release v0.33.12 by @github-actions[bot] in #7438
• Remove project-to-repository linking in update-project safe output by @Copilot in #7439
• chore: clean up comment on github token in workflow by @mnkiefer in #7450
• Fix lock/unlock issue scripts to support both require() and inline modes by @Copilot in #7444
• Fix compute_text.cjs module export and invocation pattern by @Copilot in #7445
• docs: clarify fine-grained PAT requirements for organization-owned Projects v2 by @Copilot in #7449
• Optimize maintenance workflow schedules and fix missing GitHub MCP configuration by @Copilot in #7448
• Bundle shell scripts in setup action and call directly by @Copilot in #7446
• Enable v2 linters: modernize, gocritic, gosec, unconvert by @Copilot in #7447
• Fix YAML compilation error in multiline run blocks by @Copilot in #7451
• Add glob...

gh-aw 0.33.12

🌟 Release Highlights

v0.33.12 brings significant improvements to MCP server flexibility, safe output reliability, and documentation quality.

✨ What's New

🔧 Standalone MCP Gateway CLI (awmg)
Added a new lightweight CLI tool for MCP server aggregation and management, enabling local integration and testing without requiring full workflow execution. The awmg command provides gateway utilities and simplified MCP server orchestration. Learn more

⚙️ Flexible MCP Gateway Configuration
The sandbox.mcp configuration now supports custom command and container-based execution modes, giving you control over how the MCP gateway runs. Configure with command for custom binaries or container for Docker-based execution alongside the default awmg mode. Documentation

📋 Complete mcp-server Command Documentation
The CLI reference now includes comprehensive documentation for the mcp-server command, covering all 7 available tools (status, compile, logs, audit, mcp-inspect, add, update) and both stdio and HTTP transport options.

🐛 Bug Fixes & Improvements

🔒 Security Hardening
Fixed clear-text logging vulnerability (CodeQL Alert #71) by removing secret key parameters from validation functions, preventing potential exposure of infrastructure details in logs.

📦 Upload Assets Processing
Resolved issue where assets uploaded via the MCP server tool weren't being published to the orphaned git branch, ensuring all uploaded files are accessible via raw.githubusercontent.com URLs.

📐 JSON Schema Validation
Fixed type: choice conversion to proper JSON Schema format for safe-output custom jobs, preventing Claude API schema validation failures.

🏷️ Consistent Safe Output Naming
Standardized all references to use singular "upload-asset" (instead of "upload-assets") across schemas, parsing, and processing logic with automated migration support.

📚 Documentation

• Removed documentation bloat from memory reference (12.6% reduction while preserving all essential information)
• Updated GitHub MCP server configuration examples throughout documentation
• Enhanced workflow health monitoring with new operational runbook
• Improved CLI argument syntax consistency across all commands

🔧 Developer Experience

• Extracted validation functions from interactive forms for better testability
• Refactored 1,368-line compiler_safe_outputs_consolidated.go into 6 focused modules
• Enhanced debug logging in parser and CLI compilation stats
• Added interactive confirmation dialog for file overwrites in workflow builder

---

For complete details, see the full changelog.

AI generated by Release

---

What's Changed

• Resolve merge conflict in action_pins_test.go by @Copilot in #7204
• Configure release workflow to allow githubnext.github.io network access by @Copilot in #7206
• Update GitHub MCP server configuration in Agent Performance Analyzer by @Copilot in #7205
• [log] Add debug logging to parser and CLI compilation stats by @github-actions[bot] in #7210
• [WIP] Update workflow health dashboard statistics by @Copilot in #7212
• Remove hour support from expires field schema pattern by @Copilot in #7213
• [security-fix] Security Fix: Remove sensitive key names from secrets validation log messages (Alert #71) by @github-actions[bot] in #7224
• Add interactive confirmation dialog for file overwrite in workflow builder by @Copilot in #7223
• Move "What are Agentic Workflows" to introduction and remove TrialOps badge by @Copilot in #7254
• [security-fix] Security Fix: Prevent logging of secret key names in validation errors (Alert #71) by @github-actions[bot] in #7240
• Extract validation functions from interactive forms by @Copilot in #7243
• [docs] Remove documentation bloat from memory.md by @github-actions[bot] in #7271
• Increase skip-if-match limit to 9 in issue-monster workflow by @Copilot in #7263
• [jsweep] Clean safe_outputs_tools_loader.cjs by @github-actions[bot] in #7272
• Refactor: Split 1,368-line compiler_safe_outputs_consolidated.go into 6 domain-focused modules by @Copilot in #7262
• Bump @sentry/mcp-server from 0.24.0 to 0.26.0 in /.github/workflows by @dependabot[bot] in #7234
• docs: complete mcp-server command documentation in CLI reference by @Copilot in #7286
• Add workflow health monitoring runbook by @Copilot in #7287
• [security-fix] Fix clear-text logging vulnerability by removing secret key parameter from validation by @github-actions[bot] in #7289
• Fix Haskell action SHA in runtime setup test by @Copilot in #7288
• Add standalone awmg CLI for MCP server aggregation by @Copilot in #7050
• [q] Fix upload-assets not processing files from MCP server by @github-actions[bot] in #7293
• Fix choice type conversion to JSON Schema in safe-output jobs by @Copilot in #7291
• Add command/container execution support to sandbox.mcp configuration by @Copilot in #7294
• Standardize CLI argument syntax for consistency by @Copilot in #7296
• [ca] Document hourly-ci-cleaner tool access issue by @github-actions[bot] in #7297
• Replace deprecated --workflows-dir flag with --dir in documentation by @Copilot in #7306
• Deduplicate action pins in lock file by version precision by @Copilot in #7301
• Fix init command documentation - clarify MCP enabled by default by @Copilot in #7303
• Add build steps for gh-aw binary in daily-copilot-token-report workflow by @Copilot in #7302
• [ca] Fix code formatting alignment in argument syntax test by @github-actions[bot] in #7307
• [docs] Update documentation for sandbox.mcp command/container execution modes by @github-actions[bot] in #7305
• Standardize safe output references to singular "upload-asset" and separate job by @Copilot in #7295
• [instructions] Sync github-agentic-workflows.md with v0.33.11 by @github-actions[bot] in #7312

Full Changelog: v0.33.11...v0.33.12

gh-aw 0.33.11

🌟 Release Highlights

This release focuses on robustness and developer experience with 9 quality improvements, including a critical security fix for memory allocation safety.

🔒 Security Fixes

• Memory allocation overflow fix - Resolved allocation size overflow in safe outputs step generation that could cause workflow failures (#7189)

🐛 Bug Fixes & Improvements

• Cleaner compilation output - Warning messages now properly include newlines instead of concatenating together, making error diagnosis much easier (#7184)
• Fixed update command formatting - Removed redundant headers and double error symbols for cleaner terminal output (#7185)
• Git fetch reliability - Fixed failure when creating pull requests with base branch already checked out (#7186)
• Custom agent support - Added infer to valid frontmatter fields for [custom agent format]((redacted) (#7192)
• Smarter action pinning - Action pins are now sorted by semantic version when multiple versions exist for the same repository (#7190)
• GitHub toolset accuracy - Removed non-existent repository-projects permission from projects toolset validation (projects require a PAT, not GITHUB_TOKEN) (#7183)

📦 Dependencies

• Updated actions/ai-inference to v2.0.4 (#7193)

🧪 Testing

• Fixed campaign and PR creation tests to handle empty repository states (#7181)

---

AI generated by Release

---

What's Changed

• Fix campaign and PR creation tests for empty repository state by @Copilot in #7181
• Remove non-existent repository-projects permission from projects toolset by @Copilot in #7183
• Fix missing newlines in compilation warning messages by @Copilot in #7184
• Fix update command output formatting: remove redundant headers and double error symbols by @Copilot in #7185
• Fix git fetch failure in create-pull-request when base branch is checked out by @Copilot in #7186
• [security-fix] Fix allocation size overflow in safe outputs step generation by @github-actions[bot] in #7189
• Add "infer" to valid frontmatter fields for custom agent format by @Copilot in #7192
• Sort action pins by semver when multiple versions exist for same repo by @Copilot in #7190
• Update actions/ai-inference to v2.0.4 by @Copilot in #7193

Full Changelog: v0.33.10...v0.33.11

gh-aw 0.33.10

🌟 Release Highlights

This release focuses on developer experience improvements with powerful new trigger syntax shortcuts and enhanced workflow automation capabilities.

✨ What's New

🎯 Trigger Shorthand Syntax - Write cleaner, more intuitive workflow triggers:

• Daily schedules: Simply use on: daily instead of complex cron syntax (#7138)
• Slash commands: Use on: /command for comment-triggered workflows (#7146)
• Label filters: Shorthand syntax for labeled events with item type support (#7153, #7160)
• Comma-separated labels: Support multiple labels in trigger syntax (#7169)

The new parser includes comprehensive fuzz testing and IDE-integrated error messages for better developer feedback. [Learn more about triggers]((redacted)

🚀 Campaign Launcher - New automation system for managing GitHub Project-based campaigns (#7135):

• Maintains campaign dashboards in sync with Project items
• Governance rules for managing item additions and updates
• Built-in traffic and rate limit management

🔍 Enhanced Dev Hawk - Smarter PR analysis and automation (#7151):

• Deep pull request analysis capabilities
• Automatic agent task creation for follow-up work
• Integration with the agentic-workflows toolset (#7147)

🔒 Security

Critical Fix: Resolved clear-text logging of sensitive information during secrets validation (#7178). Secrets are now properly redacted in all log output.

🐛 Bug Fixes & Improvements

• AI Moderator: Fixed issue_comment failures due to missing lock-for-agent configuration (#7103)
• Safe Outputs: Added proper checkout and Git config for PR creation workflows (#7167)
• Playwright: Enabled --network host for localhost access in Docker containers (#7158)
• Performance: Optimized safe output checkout with shallow clones and targeted branch fetching (#7176)

🛠️ Tool Updates

Updated CLI tool versions for improved compatibility:

• GitHub Copilot CLI: 0.0.372
• Claude Code: 2.0.75
• Codex: 0.77.0
• Playwright MCP: 0.0.53

📚 Documentation

• Comprehensive trigger shorthand syntax documentation (#7173)
• File size monitoring guidelines (#7155)
• Documentation headers added to helper files (#7149)

---

For complete details, see the full changelog.

AI generated by Release

---

What's Changed

• Fix AI Moderator issue_comment failures due to missing lock-for-agent config by @Copilot in #7103
• Remove obsolete go-file-size-reduction campaign (Project 60) by @Copilot in #7130
• Simplify daily schedule syntax to on: daily by @Copilot in #7138
• Enable agentic-workflows tool in dev-hawk workflow by @Copilot in #7147
• feat: add campaign launcher by @mnkiefer in #7135
• Add slash command shorthand syntax: on: /command by @Copilot in #7146
• Add documentation headers to helper files by @Copilot in #7149
• Enhance Dev Hawk with deep PR analysis and automatic agent task creation by @Copilot in #7151
• Add file size monitoring and documentation guidelines by @Copilot in #7155
• Add short trigger syntax for labeled events with explicit item types by @Copilot in #7153
• Comment out lock-for-agent annotation in compiled workflow files by @Copilot in #7156
• Exclude copilot and GitHub Actions bots from ai-moderator review by @Copilot in #7163
• Add --network host to Playwright Docker containers for localhost access by @Copilot in #7158
• Fix linting errors and update test expectations for action pins by @Copilot in #7166
• Update CLI tools: Claude Code 2.0.75, Copilot 0.0.372, Codex 0.77.0, Playwright MCP 0.0.53 by @Copilot in #7165
• Add comprehensive trigger shorthand syntax parser with fuzz testing and IDE-integrated error messages by @Copilot in #7160
• Support comma-separated label names in trigger syntax parser by @Copilot in #7169
• Refactor: Extract normalizeScheduleString to eliminate duplicate preprocessing logic by @Copilot in #7171
• Fix: Add checkout and Git config for create-pull-request and push-to-pull-request-branch safe outputs by @Copilot in #7167
• [docs] Update documentation for shorthand label trigger syntax by @github-actions[bot] in #7173
• [security-fix] Fix clear-text logging of sensitive information in secrets validation by @github-actions[bot] in #7178
• Optimize safe output checkout with shallow clone and targeted branch fetching by @Copilot in #7176
• Consolidate safe_outputs_env_helpers.go into safe_outputs_env.go by @Copilot in #7179
• Align max-turns schema with runtime behavior by @Copilot in #7180

Full Changelog: v0.33.9...v0.33.10