gh-aw 0.34.5

🌟 Release Highlights

This release brings powerful new safe-input capabilities, enhanced developer workflows, and critical security improvements across 51 merged pull requests.

✨ What's New

Go Language Support for Safe Inputs (#8941)
Go joins JavaScript, Python, and Shell as a fully-supported safe-inputs scripting language. Write type-safe input handlers with Go's performance and tooling ecosystem.

Dispatch Workflow Safe Output (#8940)
New dispatch-workflow safe output type enables workflows to trigger other workflows with dynamic per-workflow tool permissions. Perfect for multi-stage pipelines and hierarchical agent orchestration.

Enhanced Run Command with --push Flag (#8971)
The gh aw run command now supports --push to automatically commit compiled workflows and dispatch them to GitHub Actions - streamlining the workflow development cycle.

Multiple Slash Command Identifiers (#8943)
Configure workflows to respond to multiple slash commands (e.g., /deploy, /ship, /release), making workflows more discoverable and intuitive for teams.

Safe Output Domain Validation (#9017)
New validation ensures safe-outputs.allowed-domains configurations are properly specified, catching configuration errors before workflows run.

🔒 Security Enhancements

File Permission Hardening (#8928, #8950, #8967, #8991, #9014)
Resolved 7 CodeQL security alerts by restricting file permissions in download, tracking, fix, metadata generation, and git operations. All affected files now use secure 0600/0700 permissions.

Dispatch Workflow Path Traversal Prevention (#8977)
Fixed path traversal vulnerabilities (alerts #465, #464, #463) in dispatch-workflow validation to prevent malicious workflow references.

🐛 Bug Fixes & Improvements

MCP Server Compile Tool Error Handling (#8938, #8939)
The MCP compile tool now returns proper validation errors instead of protocol errors, improving debugging experience and CI test coverage.

Token Counting Improvements (#8927, #8942, #8948)
Enhanced Copilot and Codex log parsers to extract total_tokens from multiple log formats, with comprehensive debug logging and artifact flattening support.

Logs Command Filtering (#8949, #8998)
Reduced noise in gh aw logs output and fixed stdout corruption in JSON mode for cleaner, more reliable log analysis.

Artifact Structure Fixes (#8958, #8963)
Corrected artifact flattening and file detection after refactored artifact structure, ensuring proper session log discovery.

🔧 Developer Experience

Safe Output Refactoring (#9012, #8996)
Major refactoring reduces duplication in safe output subsystem by splitting core functionality into focused modules - improving maintainability and extensibility.

Campaign System Improvements (#8973, #8978, #8987, #8988, #8992)
Enhanced campaign orchestration with deterministic discovery, proper lock filename handling, fixed metrics validation, and corrected cursor path mapping.

Test Quality Enhancements (#8960, #8961, #8962)
Fixed testifylint violations, configured golangci-lint for Go 1.25, and improved code formatting consistency across the test suite.

📚 Documentation

Feature Documentation Updates (#8946, #9020, #8956)
Comprehensive documentation for --push flag functionality, hourly fuzzy schedule feature, and features from 2026-01-04 release cycle.

Comparative Analysis (#8952)
Added oh-my-opencode vs GitHub Agentic Workflows comparative analysis for teams evaluating workflow orchestration tools.

---

For complete details, see the CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Security Fix: Restrict file permissions in download_workflow.go (Alert #379) by @github-actions[bot] in #8928
• Remove GitHub Actions annotations from setup.sh logging by @Copilot in #8931
• Update docs campaign project by @mnkiefer in #8929
• Update campaign name for documentation quality project by @mnkiefer in #8933
• Use GitHub MCP get_file_contents instead of web-fetch for runner image docs by @Copilot in #8932
• Add total_tokens extraction support for Codex logs by @Copilot in #8927
• Remove || true from static analysis compile step and update agent to read compile-output.txt by @Copilot in #8937
• Recompile campaign workflows to use 'repo' field instead of 'repository' by @Copilot in #8926
• Add CI test for MCP server compile tool error handling by @Copilot in #8938
• Fix MCP compile tool to return validation errors instead of protocol errors by @Copilot in #8939
• Add Go (golang) support to safe-inputs scripting languages by @Copilot in #8941
• Review and verify Copilot Go log parser token counting implementation by @Copilot in #8942
• Add support for multiple slash command identifiers by @Copilot in #8943
• [docs] Update documentation for features from 2026-01-04 by @github-actions[bot] in #8946
• Filter noise from logs command output by @Copilot in #8949
• Security Fix: Restrict file permissions in file_tracker.go (Alert #378) by @github-actions[bot] in #8950
• Add dispatch-workflow safe output type with dynamic per-workflow tools by @Copilot in #8940
• Add oh-my-opencode vs GitHub Agentic Workflows comparative analysis by @Copilot in #8952
• Run safe-inputs JavaScript handlers in separate Node.js processes by @Copilot in #8953
• Fix Copilot token parsing: Add debug logging, tests, and artifact flattening by @Copilot in #8948
• [WIP] Fix issues in JavaScript tests by @Copilot in #8955
• Document hourly fuzzy schedule feature by @Copilot in #8956
• Fix testifylint violations in test assertions by @Copilot in #8960
• Configure golangci-lint to use Go 1.25 by @Copilot in #8961
• Replace markdown headers with styled section headers in audit command output by @Copilot in #8959
• Fix artifact flattening and file detection for refactored artifact structure by @Copilot in #8958
• Format Go code: Fix indentation in logs_noop_test.go by @Copilot in #8962
• Add beads worker workflow with beads-sync branch integration and persistent credential management by @Copilot in #8954
• Fix Copilot parser to find session logs after artifact flattening by @Copilot in #8963
• [security-fix] Fix file permissions in fix_command.go (Alert #377) by @github-actions[bot] in #8967
• [WIP] Add safe outputs to the beads worker agentic workflow by @Copilot in #8965
• [WIP] Update beads worker for shallow checkout of .beads folder by @Copilot in #8966
• Add deterministic campaign discovery precomputation with runtime worker output manifest by @Copilot in #8973
• Security Fix: Prevent path traversal in dispatch-workflow validation (Alerts #465, #464, #463) by @github-actions[bot] in #8977
• Fix campaign orchestrator lock filename in activation job timestamp check by @Copilot in #8978
• [specs] Update layout specification - 2026-01-05 by @github-actions[bot] in #8975
• Fix push_repo_memory metrics validation by removing omitempty from required fields by @Copilot in #8987
• Fix campaign metrics validation by documenting required fields in orchestrator instructions by @Copilot in #8988
• Fix campaign cursor path mapping in orchestrator instructions by @Copilot in #8992
• Security Fix: Restrict file permissions in generate_action_metadata_command.go (Alerts #376, #375, #374) by @github-actions[bot] in #8991
• Add debug logging and guide for action pinning version comment flipping by @Copilot in #8999
• Fix stdout corruption in logs command JSON output by @Copilot in #8998
• Refactor compiler_safe_outputs_core.go: Complete file split into 4 focused modules by @Copilot in #8996
• [security-fix] Fix file permissions in git.go (Alerts #373, #372) by @github-actions[bot] in #9014
• [slides] Update slide deck configuration syntax by @github-actions[bot] in #9013
• Add --push flag to run command for automatic workflow commit and dispatch by @Copilot in #8971
• Refactor safe outputs subsystem to reduce duplication by @Copilot in #9012
• [jsweep] Clean add_labels.cjs by @github...

gh-aw 0.34.4

🌟 Release Highlights

This release brings significant improvements to safe outputs, security hardening, and project management capabilities, with 64 PRs merged focused on reliability and developer experience.

✨ What's New

Cross-Repository Safe Outputs
Safe output operations now support allowed-repos field, enabling secure cross-repository workflows for multi-repo orchestration. Learn more

Inline File References
New inline reference syntax (@./path, @../path, @url) enables embedding file contents and URLs directly in workflows with path security validation (#8880)

Epic Issue Creation
Campaign orchestrators can now create Epic issues to track complex multi-phase initiatives, with automatic project linking and field management (#8895)

Enhanced Project Management
update-project safe output now supports NUMBER, ITERATION, and DATE field types, with intelligent type mismatch detection and validation (#8863, #8910, #8920, #8925)

Unified Artifact System
Consolidated agent artifact handling into single agent-artifacts upload/download pattern, reducing complexity and improving reliability (#8835, #8846, #8851)

Actions Runtime Update
Upgraded to actions/github-script v8 with Node.js 24 support for improved performance and compatibility (#8882)

🔒 Security Enhancements

• Restricted file permissions to 0600 for agent configuration files (CWE-732 prevention) (#8831, #8903, #8911)
• Fixed hardcoded credentials false positives in Copilot execution (#8840, #8888)
• Corrected directory permissions in logs and downloads (#8855)

🐛 Key Bug Fixes

• Fixed safe-outputs import conflicts from shared workflows (#8827)
• Resolved missing workflow_path field in logs JSON output (#8834)
• Fixed repo-memory path inconsistencies blocking meta-orchestrator metrics (#8848)
• Corrected threat detection artifact path resolution (#8915, #8918)
• Fixed gh aw update treating commit SHAs as branch names (#8874)
• Resolved date field creation issues in project updates (#8910)

🔧 Improvements

• Added exit code and stderr logging for GitHub CLI failures with intelligent error detection (#8906)
• Removed misleading network requirement in strict mode validation (#8852)
• Enhanced GitHub CLI command error visibility with comprehensive diagnostics
• Improved TypeScript type safety in repository validation (#8870)
• Better string utility documentation for ShortenCommand vs Truncate (#8923)

📚 Documentation

• Consolidated developer specifications into unified instructions file (#8861)
• Reduced campaign project management docs by 63% for better clarity (#8893)
• Added deep technical analysis comparing mdflow vs gh-aw architectures (#8830)

---

For complete details, see the CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Use FormatVerboseMessage for action SHA validation success message by @Copilot in #8826
• Security Fix: Restrict file permissions in copilot-agents.go (Alert #383) by @github-actions[bot] in #8831
• Add deep technical analysis of mdflow vs gh-aw with custom engine opportunities by @Copilot in #8830
• Fix Go linting issues: convert if-else chains to switch statements and use testify best practices by @Copilot in #8832
• Fix safe-outputs import double-processing causing job merge conflicts by @Copilot in #8827
• Fix missing workflow_path field in logs JSON output by @Copilot in #8834
• [security-fix] Fix hardcoded credentials false positive in copilot execution (Alert #440) by @github-actions[bot] in #8840
• Add test coverage for importing neutral tools (edit, web-fetch, web-search, safety-prompt, timeout, startup-timeout) by @Copilot in #8838
• Consolidate agent job artifact uploads into single step by @Copilot in #8835
• Add builtin web_fetch tool support to Copilot engine with correct tool name mapping by @Copilot in #8833
• Update tests and PR helpers for unified agent artifact structure by @Copilot in #8846
• Add allowed-repos field to safe output types for cross-repository operations by @Copilot in #8837
• Fix repo-memory path inconsistencies blocking meta-orchestrator metrics access by @Copilot in #8848
• Refactor large workflows into modular shared components by @Copilot in #8849
• Fix artifact downloads to use unified agent-artifacts and remove duplicates by @Copilot in #8851
• Remove misleading network requirement in strict mode validation by @Copilot in #8852
• feat: improve campaign orchestrator & project update contract by @mnkiefer in #8857
• Rename file-size-reduction campaign from project64 to project68 by @Copilot in #8862
• Add support for NUMBER and ITERATION field types in update-project by @Copilot in #8863
• Security Fix: Correct directory permissions in logs_download.go (Alerts #461, #460) by @github-actions[bot] in #8855
• [docs] Consolidate developer specifications into instructions file by @github-actions[bot] in #8861
• Add explicit date field calculation to campaign orchestrator Phase 2 by @Copilot in #8864
• Remove error suppression and add verbose mode in CI workflows by @Copilot in #8871
• Fix TypeScript type errors in repository validation error handling by @Copilot in #8870
• Remove invalid ProjectV2DateField GraphQL fragment by @Copilot in #8872
• chore: update file reduction campaign project details by @mnkiefer in #8876
• Add fail-fast and verbose logging to logs-token-check CI job by @Copilot in #8875
• Fix update command treating commit SHAs as branch names by @Copilot in #8874
• Migrate detection job artifacts to unified /tmp/gh-aw/artifacts architecture by @Copilot in #8853
• Fix vitest import in file_helpers.test.cjs by @Copilot in #8883
• Remove Campaign - Org-Wide Rollout workflow by @Copilot in #8886
• [security-fix] Fix hardcoded credentials false positive in safe_outputs_steps.go (Alert #433) by @github-actions[bot] in #8888
• Upgrade actions/github-script to v8 with Node.js 24 support by @Copilot in #8882
• Add daily workflow to analyze Ubuntu Actions runner image and generate Docker mimic documentation by @Copilot in #8884
• Fix create-agent-task safe-output: use GH_AW_ prefix instead of reserved GITHUB_ prefix by @Copilot in #8897
• [WIP] Fix assignees configuration in safe-outputs.create-issue by @Copilot in #8887
• Add artifact file location manager with workflow analysis and reference generation by @Copilot in #8873
• [docs] Unbloat campaign project management documentation (63% reduction) by @github-actions[bot] in #8893
• Add Epic issue creation to campaign orchestrators by @Copilot in #8895
• Security: Fix file permissions in copilot_setup.go (alerts #382, #381) by @github-actions[bot] in #8903
• Enable DEBUG logging in logs-token-check CI job by @Copilot in #8900
• Format Go code in artifact manager files by @Copilot in #8899
• Fix create_issue test expectations for assignees field by @Copilot in #8905
• Fix Go linting issues: replace WriteString(fmt.Sprintf) with fmt.Fprintf by @Copilot in #8909
• Add inline file/URL reference syntax (@./path, @../path, @url) with path security validation by @Copilot in #8880
• Fix date field creation in update_project to use DATE type by @Copilot in #8910
• Security: Fix file permissions in devcontainer.go (alert #380) by @github-actions[bot] in #8911
• Update campaign references from project68 to project71 by @mnkiefer in #8907
• Fix JavaScript formatting in update_project.test.cjs by @Copilot in #8914
• Add exit code and stderr logging for GitHub CLI command failures with intelligent error detection by @Copilot in #8906
• Fix threat detection artifact path resolution by @Copilot in #8915
• Refine logs-token-check job: scope to smoke-copilot workflow and remove debug logging by @Copilot in #8919
• Fi...

gh-aw 0.34.3

🌟 Release Highlights

This maintenance release focuses on schema consistency, workflow reliability, and security hardening.

🔒 Security

• Path traversal vulnerability fixed - Resolved critical path traversal issue in workflow compiler (Alert #455) to prevent unauthorized file access

🐛 Bug Fixes & Improvements

• Cleaner SHA-pinned action handling - Actions already pinned to full 40-character commit SHAs no longer emit unnecessary dynamic resolution warnings, reducing noise in compilation output
• Robust logs parsing - Added fallback parser for the logs command when engine detection fails, ensuring log analysis works even with non-standard workflow formats
• Schema validation improvements:
  • Fixed MCP version type inconsistency - schemas now consistently accept both string and number types (e.g., version: 20 or version: "1.0.0")
  • Added validation documentation to stdio_mcp_tool definitions for clearer developer guidance
  • Added default value to engine field in included schema for consistency
• Enhanced JSON output validation - The logs command now validates engine_id and workflow_path fields in JSON output to catch configuration errors early

✅ Quality Assurance

• Comprehensive workflow testing - Verified all 128 agentic workflows in the repository compile successfully, ensuring reliability across the entire workflow ecosystem

---

For complete details, see the CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Fix MCP version type inconsistency in mcp_config_schema.json by @Copilot in #8812
• Add $comment validation documentation to stdio_mcp_tool in included schema by @Copilot in #8813
• Add default value to engine field in included_file_schema.json by @Copilot in #8814
• Skip warnings for actions already pinned to full SHAs by @Copilot in #8815
• Add fallback parser for logs command when engine detection fails by @Copilot in #8817
• Validate engine_id and workflow_path in logs JSON output by @Copilot in #8818
• Verify all 128 agentic workflows compile successfully by @Copilot in #8820
• [security-fix] Fix path traversal vulnerability in workflow compiler (Alert #455) by @github-actions[bot] in #8822

Full Changelog: v0.34.2...v0.34.3

gh-aw 0.34.2

🌟 Release Highlights

This maintenance release delivers 35 improvements focused on security hardening, enhanced CLI experience, and internal architecture refinements. Key highlights include multiple security vulnerability fixes, new interactive UI components with accessibility support, and improved MCP server reliability.

🔒 Security Fixes

Four critical security vulnerabilities were resolved in this release:

• Path traversal prevention in gateway config rewrite (#8732), schema compiler (#8803), and poutine output parsing (#8802)
• Command injection prevention in zizmor Docker execution (#8780)
• All vulnerabilities were identified and fixed proactively through automated security scanning

✨ Enhanced CLI Experience

New interactive components bring a more polished, accessible user experience:

• Interactive list component for workflow and MCP server selection (#8734) - Navigate workflows with keyboard shortcuts
• Progress bars with gradient effects for long-running operations (#8782, #8793) - Visual feedback with indeterminate mode support
• Spinner with accessibility - Uses MiniDot style with ACCESSIBLE environment variable support (#8787)
• Visual regression tests with golden files ensure consistent console rendering (#8794)

🔧 Reliability & Performance

• Improved MCP server reliability with robust health checks and increased timeouts (#8777)
• Optimized golangci-lint for faster CI pipeline execution (#8762, #8772)
• Fixed logs command JSON output when no workflow runs match criteria (#8775)
• Renamed lockdown detection step to determine-automatic-lockdown with runtime token check (#8798)

🏗️ Architecture Improvements

Internal refactoring to improve maintainability and consistency (no user-facing changes):

• Handler factory pattern migration - Safe output handlers now use centralized handler manager (#8776, #8745, #8791)
• Eliminated duplicate control flow in update handlers for cleaner codebase (#8791)
• JavaScript test fixes and improved test coverage across the project (#8773)
• Removed unused script getters from js.go after handler migration (#8784)

📚 Documentation Updates

• Home page improvements with elevator pitch and CLI context (#8717)
• Fixed TOC indexing bug - "Error Copying File" no longer appears in table of contents (#8716)
• Campaign orchestrator updates with required project fields (#8741, #8740)

---

For complete details, see the CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Fix "Error Copying File" appearing in documentation TOC by @Copilot in #8716
• Add elevator pitch and CLI context to documentation home page by @Copilot in #8717
• chore: refactor campaign orchestrator and project update instructions by @mnkiefer in #8740
• [security-fix] Fix path traversal vulnerability in gateway config rewrite (Alert #459) by @github-actions[bot] in #8732
• Add required project fields to campaign orchestrator instructions by @Copilot in #8741
• Refactor hardcoded actions/github-script SHA to dynamic resolution by @Copilot in #8719
• Add interactive list component for workflow and MCP server selection by @Copilot in #8734
• Add progress bar component for workflow run processing by @Copilot in #8731
• Integrate Bubbles spinner for consistent loading indicators by @Copilot in #8735
• Format and lint Go code - fix 6 linting violations by @Copilot in #8746
• Fix add_comment and update_* safe outputs ignoring target configuration by @Copilot in #8753
• Migrate mark-pull-request-as-ready-for-review to handler factory pattern by @Copilot in #8745
• [docs] Unbloat safe-inputs.md reference documentation by @github-actions[bot] in #8770
• Optimize golangci-lint for CI speed using best practices by @Copilot in #8762
• Optimize lint-go job: install only golangci-lint by @Copilot in #8772
• Refactor spinner to use Bubble Tea Cmd system by @Copilot in #8765
• [WIP] Fix JavaScript tests in the project by @Copilot in #8773
• Security Fix: Prevent command injection in zizmor Docker execution (alert #441) by @github-actions[bot] in #8780
• Fix logs command JSON output when no workflow runs match criteria by @Copilot in #8775
• Improve MCP server reliability with robust health checks and increased timeouts by @Copilot in #8777
• Fix gofmt alignment in logs_ci_scenario_test.go by @Copilot in #8783
• Migrate safe output handlers to handler factory pattern by @Copilot in #8776
• Enhance progress bar with scaled gradient effects by @Copilot in #8782
• Remove unused script getter functions from js.go by @Copilot in #8784
• Document and test Copilot token count accumulation behavior by @Copilot in #8786
• Use MiniDot spinner style with ACCESSIBLE environment variable support by @Copilot in #8787
• Security Fix: Add #nosec annotations for validated path operations in gateway.go (Alert #459) by @github-actions[bot] in #8792
• Refactor safe-output update handlers to eliminate duplicate control flow by @Copilot in #8791
• Add indeterminate mode for progress bars with unknown totals by @Copilot in #8793
• Add visual regression tests with golden files for console rendering by @Copilot in #8794
• Fix logs-token-check: capture only JSON stdout in CI test by @Copilot in #8797
• [security-fix] Fix path traversal false positive in poutine output parsing (Alert #458) by @github-actions[bot] in #8802
• [security-fix] Fix path traversal vulnerability in schema compiler (Alert #457) by @github-actions[bot] in #8803
• Rename detect-repo-visibility to determine-automatic-lockdown with runtime token check by @Copilot in #8798
• [WIP] Fix syntax error in lock.yml introduced in last commit by @Copilot in #8810

Full Changelog: v0.34.1...v0.34.2

gh-aw 0.34.1

🌟 Release Highlights

This patch release focuses on security hardening and MCP gateway enhancements, with critical fixes for path traversal and command injection vulnerabilities.

🔒 Security Fixes

Critical path traversal and command injection fixes:

• Path traversal prevention (#8699) - Fixed shell completion config file reads to prevent directory traversal attacks (Alerts #444, #443)
• Command injection validation (#8704) - Enhanced validation in poutine.go to prevent command injection (Alert #442)

These fixes address security vulnerabilities discovered through automated scanning. All users should update immediately.

✨ What's New

MCP Gateway improvements:

• Template substitution & safe inputs (#8700) - AWMG gateway now supports template substitution and safe inputs proxying, enabling more flexible workflow configurations
• Action pinning (#8694) - Setup actions now resolve tags to SHAs in release mode for improved security and reproducibility

Developer experience:

• fix command enhancement (#8693) - Added --dir flag to target specific directories when fixing workflows
• Campaign flexibility (#8706) - Made tracker-label optional in campaign specs, simplifying configuration

🐛 Bug Fixes & Improvements

• Quieter setup logs (#8692) - Reduced setup.sh verbosity by moving file copy messages to debug level
• Refactored threat detection (#8691) - Moved inline JavaScript to dedicated .cjs module for better maintainability
• Handler architecture (#8683) - Converted PR-related safe outputs and hide-comment to handler manager architecture (internal refactor)
• Test fixes (#8689) - Fixed create_pull_request tests for handler factory architecture

📚 Documentation

• Streamlined imports guide (#8709) - Reduced bloat in reference documentation while preserving all technical details (34.8% reduction)
• Enhanced dictation skill (#8708) - Updated with comprehensive project glossary of 250+ technical terms for better speech-to-text support

---

For complete details, see CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Reduce setup.sh log verbosity by moving file copy messages to debug level by @Copilot in #8692
• Add --dir flag to fix command by @Copilot in #8693
• Refactor threat detection parsing step to separate .cjs file by @Copilot in #8691
• Security Fix: Prevent path traversal in shell completion config file reads (Alerts #444, #443) by @github-actions[bot] in #8699
• Resolve Setup action tags to SHAs in release mode using action pin manager by @Copilot in #8694
• Enable template substitution and safeinputs proxying in AWMG gateway by @Copilot in #8700
• [security-fix] Fix command injection validation in poutine.go (Alert #442) by @github-actions[bot] in #8704
• Convert PR-related safe outputs and hide-comment to handler manager architecture by @Copilot in #8683
• Make tracker-label optional in campaign specs by @Copilot in #8706
• [docs] Update dictation skill instructions by @github-actions[bot] in #8708
• [docs] Reduce bloat in imports.md reference documentation by @github-actions[bot] in #8709

Full Changelog: v0.34.0...v0.34.1

gh-aw 0.34.0

🌟 Release Highlights

This release introduces a powerful new standalone CLI for MCP server management, alongside critical improvements to workflow reliability, security, and developer experience.

✨ What's New

🚀 Standalone MCP Gateway CLI (awmg)
A lightweight command-line tool for aggregating and managing MCP servers. Perfect for local development and testing, awmg provides centralized HTTP proxy routing for MCP server calls with built-in health checks and environment configuration. Learn more about MCP Gateway

🔒 Smart GitHub MCP Lockdown
The compiler now auto-detects repository visibility and applies appropriate security settings. Public repositories automatically enable lockdown mode (lockdown: true) while private/internal repositories use relaxed mode (lockdown: false), defaulting to lockdown on API failures for maximum safety.

📦 Importable Tool Definitions
New tool definitions (agentic-workflows, serena, playwright) can now be configured in shared workflow files and merged into consuming workflows during compilation, enabling better workflow reusability.

🐛 Key Bug Fixes

• Fixed MCP Configuration Access - Copilot CLI inside containers can now access MCP configuration via mounted /home/runner/.copilot directory, resolving tool availability issues
• Improved Artifact Handling - Artifact names now comply with upload-artifact@v5 requirements with consistent delimiters and proper path resolution
• Enhanced Secret Passing - Safe-inputs MCP server correctly receives tool secrets via environment blocks, fixing authentication issues
• Shellcheck Compliance - Resolved 31 SC2155 warnings by separating export declarations from command substitutions in PATH setup

⚡ Performance & Developer Experience

• Context Cancellation - Concurrent artifact downloads now support proper context cancellation for better resource management
• CLI Enhancements - Shell completions now include workflow descriptions, and the init command supports --completions flag with automatic shell detection
• Configurable Concurrency - Maximum concurrent downloads configurable via GH_AW_MAX_CONCURRENT_DOWNLOADS environment variable
• Updated Dependencies - GitHub Copilot CLI updated to 0.0.374, actionlint upgraded to v1.7.10

🔧 Internal Improvements

• Refactored system prompts to file-based approach for better maintainability
• Split large validators into focused domain modules for better code organization
• Enhanced error handling for malformed temporary IDs with flexible # prefix support
• Improved CLI command test coverage across all commands

---

For complete details, see CHANGELOG.

---

Ahoy! This treasure was crafted by 🏴‍☠️ Release

---

What's Changed

• Optimize CI parallelization: Remove sequential bench/fuzz dependencies by @Copilot in #7314
• Fix github-agentic-workflows.md embed directive to use correct file by @Copilot in #7313
• Fix type error in MCP gateway integration tests by @Copilot in #7316
• Add verification tests for patch artifact download in safe_outputs job by @Copilot in #7320
• Add debug logging to action pin manager resolution flow by @Copilot in #7317
• chore: support updating of draft issues by @mnkiefer in #7318
• Add tools.go for build-time tool dependency tracking by @Copilot in #7322
• Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.4.0 by @dependabot[bot] in #7324
• Add automated license compliance scanning with go-licenses by @Copilot in #7328
• Add dependency health audit to update command with JSON output and CI integration by @Copilot in #7323
• feat: add compiler version to generated workflow headers for release builds by @Copilot in #7326
• Add ACCESSIBLE environment variable to accessibility mode detection by @Copilot in #7330
• Add spinner feedback for workflow compilation in interactive builder by @Copilot in #7337
• Document version pinning for gh extension install and install-gh-aw.sh by @Copilot in #7341
• Enable GitHub Actions API access for Workflow Health Manager by @Copilot in #7342
• Remove discussion usage from quick start docs, simplify token callout by @Copilot in #7343
• Fix Copilot Requests permissions in quick start guide by @bewuethr in #7347
• Update CLI pinning docs to use @ref syntax instead of --pin flag by @Copilot in #7344
• Add isRelease build flag to reliably mark release binaries by @Copilot in #7340
• Add group titles and descriptions to interactive workflow form by @Copilot in #7349
• [log] Add debug logging to import processing, safe outputs PR compilation, and analysis functions by @github-actions[bot] in #7353
• Add support for "every n days" long-form schedule syntax by @Copilot in #7352
• Remove automatic campaign_id generation from ProjectOps by @Copilot in #7359
• Add explicit permissions to license-check workflow (Alert #74) by @Copilot in #7361
• Add Go network access to hourly CI cleaner workflow by @Copilot in #7355
• Remove go-licenses from build dependencies by @Copilot in #7382
• Use DefaultNodeVersion constant in GenerateNodeJsSetupStep by @Copilot in #7384
• Fix team member skipping in ai-moderator workflow by @Copilot in #7385
• Fix inconsistent command name format in help text (gh-aw → gh aw) by @Copilot in #7397
• [ca] Fix npm availability check in dependabot integration test by @github-actions[bot] in #7398
• Add interactive playground page for GitHub Actions workflow visualization by @Copilot in #7321
• Update golangci-lint to v2.7.2 and migrate configuration by @Copilot in #7386
• Remove playground executor workflow by @Copilot in #7401
• [docs] docs: reduce bloat in safe-outputs.md reference (46.4% reduction) by @github-actions[bot] in #7405
• chore: add org-owned projectOps workflow by @mnkiefer in #7406
• chore: update org projectops workflow for issue updates by @mnkiefer in #7416
• test: projectOps fine grained token usage by @mnkiefer in #7423
• Document network ecosystem identifiers for package registries and CDNs by @Copilot in #7417
• Reduce CI cleaner frequency from hourly to 2-3 hour intervals by @Copilot in #7424
• Remove inline mode and externalize all scripts via setup action by @Copilot in #6912
• Remove examples/*.lock.yml from version control by @Copilot in #7431
• Use release flag instead of version heuristics for action mode detection by @Copilot in #7433
• Fix hardcoded absolute paths and missing mock in JS tests by @Copilot in #7432
• Rewrite lock-issue script to export main and call via require() by @Copilot in #7437
• Add no-op early exit guard to Hourly CI Cleaner by @Copilot in #7425
• Implement streamable-http protocol support for awmg CLI by @Copilot in #7427
• [instructions] Sync github-agentic-workflows.md with release v0.33.12 by @github-actions[bot] in #7438
• Remove project-to-repository linking in update-project safe output by @Copilot in #7439
• chore: clean up comment on github token in workflow by @mnkiefer in #7450
• Fix lock/unlock issue scripts to support both require() and inline modes by @Copilot in #7444
• Fix compute_text.cjs module export and invocation pattern by @Copilot in #7445
• docs: clarify fine-grained PAT requirements for organization-owned Projects v2 by @Copilot in #7449
• Optimize maintenance workflow schedules and fix missing GitHub MCP configuration by @Copilot in #7448
• Bundle shell scripts in setup action and call directly by @Copilot in #7446
• Enable v2 linters: modernize, gocritic, gosec, unconvert by @Copilot in #7447
• Fix YAML compilation error in multiline run blocks by @Copilot in #7451
• Add glob...

gh-aw 0.33.12

🌟 Release Highlights

v0.33.12 brings significant improvements to MCP server flexibility, safe output reliability, and documentation quality.

✨ What's New

🔧 Standalone MCP Gateway CLI (awmg)
Added a new lightweight CLI tool for MCP server aggregation and management, enabling local integration and testing without requiring full workflow execution. The awmg command provides gateway utilities and simplified MCP server orchestration. Learn more

⚙️ Flexible MCP Gateway Configuration
The sandbox.mcp configuration now supports custom command and container-based execution modes, giving you control over how the MCP gateway runs. Configure with command for custom binaries or container for Docker-based execution alongside the default awmg mode. Documentation

📋 Complete mcp-server Command Documentation
The CLI reference now includes comprehensive documentation for the mcp-server command, covering all 7 available tools (status, compile, logs, audit, mcp-inspect, add, update) and both stdio and HTTP transport options.

🐛 Bug Fixes & Improvements

🔒 Security Hardening
Fixed clear-text logging vulnerability (CodeQL Alert #71) by removing secret key parameters from validation functions, preventing potential exposure of infrastructure details in logs.

📦 Upload Assets Processing
Resolved issue where assets uploaded via the MCP server tool weren't being published to the orphaned git branch, ensuring all uploaded files are accessible via raw.githubusercontent.com URLs.

📐 JSON Schema Validation
Fixed type: choice conversion to proper JSON Schema format for safe-output custom jobs, preventing Claude API schema validation failures.

🏷️ Consistent Safe Output Naming
Standardized all references to use singular "upload-asset" (instead of "upload-assets") across schemas, parsing, and processing logic with automated migration support.

📚 Documentation

• Removed documentation bloat from memory reference (12.6% reduction while preserving all essential information)
• Updated GitHub MCP server configuration examples throughout documentation
• Enhanced workflow health monitoring with new operational runbook
• Improved CLI argument syntax consistency across all commands

🔧 Developer Experience

• Extracted validation functions from interactive forms for better testability
• Refactored 1,368-line compiler_safe_outputs_consolidated.go into 6 focused modules
• Enhanced debug logging in parser and CLI compilation stats
• Added interactive confirmation dialog for file overwrites in workflow builder

---

For complete details, see the full changelog.

AI generated by Release

---

What's Changed

• Resolve merge conflict in action_pins_test.go by @Copilot in #7204
• Configure release workflow to allow githubnext.github.io network access by @Copilot in #7206
• Update GitHub MCP server configuration in Agent Performance Analyzer by @Copilot in #7205
• [log] Add debug logging to parser and CLI compilation stats by @github-actions[bot] in #7210
• [WIP] Update workflow health dashboard statistics by @Copilot in #7212
• Remove hour support from expires field schema pattern by @Copilot in #7213
• [security-fix] Security Fix: Remove sensitive key names from secrets validation log messages (Alert #71) by @github-actions[bot] in #7224
• Add interactive confirmation dialog for file overwrite in workflow builder by @Copilot in #7223
• Move "What are Agentic Workflows" to introduction and remove TrialOps badge by @Copilot in #7254
• [security-fix] Security Fix: Prevent logging of secret key names in validation errors (Alert #71) by @github-actions[bot] in #7240
• Extract validation functions from interactive forms by @Copilot in #7243
• [docs] Remove documentation bloat from memory.md by @github-actions[bot] in #7271
• Increase skip-if-match limit to 9 in issue-monster workflow by @Copilot in #7263
• [jsweep] Clean safe_outputs_tools_loader.cjs by @github-actions[bot] in #7272
• Refactor: Split 1,368-line compiler_safe_outputs_consolidated.go into 6 domain-focused modules by @Copilot in #7262
• Bump @sentry/mcp-server from 0.24.0 to 0.26.0 in /.github/workflows by @dependabot[bot] in #7234
• docs: complete mcp-server command documentation in CLI reference by @Copilot in #7286
• Add workflow health monitoring runbook by @Copilot in #7287
• [security-fix] Fix clear-text logging vulnerability by removing secret key parameter from validation by @github-actions[bot] in #7289
• Fix Haskell action SHA in runtime setup test by @Copilot in #7288
• Add standalone awmg CLI for MCP server aggregation by @Copilot in #7050
• [q] Fix upload-assets not processing files from MCP server by @github-actions[bot] in #7293
• Fix choice type conversion to JSON Schema in safe-output jobs by @Copilot in #7291
• Add command/container execution support to sandbox.mcp configuration by @Copilot in #7294
• Standardize CLI argument syntax for consistency by @Copilot in #7296
• [ca] Document hourly-ci-cleaner tool access issue by @github-actions[bot] in #7297
• Replace deprecated --workflows-dir flag with --dir in documentation by @Copilot in #7306
• Deduplicate action pins in lock file by version precision by @Copilot in #7301
• Fix init command documentation - clarify MCP enabled by default by @Copilot in #7303
• Add build steps for gh-aw binary in daily-copilot-token-report workflow by @Copilot in #7302
• [ca] Fix code formatting alignment in argument syntax test by @github-actions[bot] in #7307
• [docs] Update documentation for sandbox.mcp command/container execution modes by @github-actions[bot] in #7305
• Standardize safe output references to singular "upload-asset" and separate job by @Copilot in #7295
• [instructions] Sync github-agentic-workflows.md with v0.33.11 by @github-actions[bot] in #7312

Full Changelog: v0.33.11...v0.33.12

gh-aw 0.33.11

🌟 Release Highlights

This release focuses on robustness and developer experience with 9 quality improvements, including a critical security fix for memory allocation safety.

🔒 Security Fixes

• Memory allocation overflow fix - Resolved allocation size overflow in safe outputs step generation that could cause workflow failures (#7189)

🐛 Bug Fixes & Improvements

• Cleaner compilation output - Warning messages now properly include newlines instead of concatenating together, making error diagnosis much easier (#7184)
• Fixed update command formatting - Removed redundant headers and double error symbols for cleaner terminal output (#7185)
• Git fetch reliability - Fixed failure when creating pull requests with base branch already checked out (#7186)
• Custom agent support - Added infer to valid frontmatter fields for [custom agent format]((redacted) (#7192)
• Smarter action pinning - Action pins are now sorted by semantic version when multiple versions exist for the same repository (#7190)
• GitHub toolset accuracy - Removed non-existent repository-projects permission from projects toolset validation (projects require a PAT, not GITHUB_TOKEN) (#7183)

📦 Dependencies

• Updated actions/ai-inference to v2.0.4 (#7193)

🧪 Testing

• Fixed campaign and PR creation tests to handle empty repository states (#7181)

---

AI generated by Release

---

What's Changed

• Fix campaign and PR creation tests for empty repository state by @Copilot in #7181
• Remove non-existent repository-projects permission from projects toolset by @Copilot in #7183
• Fix missing newlines in compilation warning messages by @Copilot in #7184
• Fix update command output formatting: remove redundant headers and double error symbols by @Copilot in #7185
• Fix git fetch failure in create-pull-request when base branch is checked out by @Copilot in #7186
• [security-fix] Fix allocation size overflow in safe outputs step generation by @github-actions[bot] in #7189
• Add "infer" to valid frontmatter fields for custom agent format by @Copilot in #7192
• Sort action pins by semver when multiple versions exist for same repo by @Copilot in #7190
• Update actions/ai-inference to v2.0.4 by @Copilot in #7193

Full Changelog: v0.33.10...v0.33.11

gh-aw 0.33.10

🌟 Release Highlights

This release focuses on developer experience improvements with powerful new trigger syntax shortcuts and enhanced workflow automation capabilities.

✨ What's New

🎯 Trigger Shorthand Syntax - Write cleaner, more intuitive workflow triggers:

• Daily schedules: Simply use on: daily instead of complex cron syntax (#7138)
• Slash commands: Use on: /command for comment-triggered workflows (#7146)
• Label filters: Shorthand syntax for labeled events with item type support (#7153, #7160)
• Comma-separated labels: Support multiple labels in trigger syntax (#7169)

The new parser includes comprehensive fuzz testing and IDE-integrated error messages for better developer feedback. [Learn more about triggers]((redacted)

🚀 Campaign Launcher - New automation system for managing GitHub Project-based campaigns (#7135):

• Maintains campaign dashboards in sync with Project items
• Governance rules for managing item additions and updates
• Built-in traffic and rate limit management

🔍 Enhanced Dev Hawk - Smarter PR analysis and automation (#7151):

• Deep pull request analysis capabilities
• Automatic agent task creation for follow-up work
• Integration with the agentic-workflows toolset (#7147)

🔒 Security

Critical Fix: Resolved clear-text logging of sensitive information during secrets validation (#7178). Secrets are now properly redacted in all log output.

🐛 Bug Fixes & Improvements

• AI Moderator: Fixed issue_comment failures due to missing lock-for-agent configuration (#7103)
• Safe Outputs: Added proper checkout and Git config for PR creation workflows (#7167)
• Playwright: Enabled --network host for localhost access in Docker containers (#7158)
• Performance: Optimized safe output checkout with shallow clones and targeted branch fetching (#7176)

🛠️ Tool Updates

Updated CLI tool versions for improved compatibility:

• GitHub Copilot CLI: 0.0.372
• Claude Code: 2.0.75
• Codex: 0.77.0
• Playwright MCP: 0.0.53

📚 Documentation

• Comprehensive trigger shorthand syntax documentation (#7173)
• File size monitoring guidelines (#7155)
• Documentation headers added to helper files (#7149)

---

For complete details, see the full changelog.

AI generated by Release

---

What's Changed

• Fix AI Moderator issue_comment failures due to missing lock-for-agent config by @Copilot in #7103
• Remove obsolete go-file-size-reduction campaign (Project 60) by @Copilot in #7130
• Simplify daily schedule syntax to on: daily by @Copilot in #7138
• Enable agentic-workflows tool in dev-hawk workflow by @Copilot in #7147
• feat: add campaign launcher by @mnkiefer in #7135
• Add slash command shorthand syntax: on: /command by @Copilot in #7146
• Add documentation headers to helper files by @Copilot in #7149
• Enhance Dev Hawk with deep PR analysis and automatic agent task creation by @Copilot in #7151
• Add file size monitoring and documentation guidelines by @Copilot in #7155
• Add short trigger syntax for labeled events with explicit item types by @Copilot in #7153
• Comment out lock-for-agent annotation in compiled workflow files by @Copilot in #7156
• Exclude copilot and GitHub Actions bots from ai-moderator review by @Copilot in #7163
• Add --network host to Playwright Docker containers for localhost access by @Copilot in #7158
• Fix linting errors and update test expectations for action pins by @Copilot in #7166
• Update CLI tools: Claude Code 2.0.75, Copilot 0.0.372, Codex 0.77.0, Playwright MCP 0.0.53 by @Copilot in #7165
• Add comprehensive trigger shorthand syntax parser with fuzz testing and IDE-integrated error messages by @Copilot in #7160
• Support comma-separated label names in trigger syntax parser by @Copilot in #7169
• Refactor: Extract normalizeScheduleString to eliminate duplicate preprocessing logic by @Copilot in #7171
• Fix: Add checkout and Git config for create-pull-request and push-to-pull-request-branch safe outputs by @Copilot in #7167
• [docs] Update documentation for shorthand label trigger syntax by @github-actions[bot] in #7173
• [security-fix] Fix clear-text logging of sensitive information in secrets validation by @github-actions[bot] in #7178
• Optimize safe output checkout with shallow clone and targeted branch fetching by @Copilot in #7176
• Consolidate safe_outputs_env_helpers.go into safe_outputs_env.go by @Copilot in #7179
• Align max-turns schema with runtime behavior by @Copilot in #7180

Full Changelog: v0.33.9...v0.33.10

gh-aw 0.33.9

🌟 Release Highlights

This release introduces hierarchical agent orchestration, comprehensive developer experience improvements, and significant workflow optimization features. With 35 merged PRs, v0.33.9 marks a major step forward in managing complex multi-agent ecosystems.

✨ What's New

🤖 Hierarchical Meta-Orchestrators with Shared Memory
Manage your growing agent ecosystem with three specialized meta-orchestrators that coordinate through a shared memory system. Campaign Manager handles portfolio-level strategy, Workflow Health Manager monitors system reliability, and Agent Performance Analyzer tracks output quality—all working together through a common memory branch to avoid duplicate actions and provide unified insights. Perfect for repositories with 100+ agentic workflows. [Learn more about hierarchical agents]((redacted)

⚡ Workflow Optimization
Reduced workflow prompt token usage by 70% in shared files through intelligent prompt optimization. Added quiet flags to package managers (npm --quiet, pip --quiet) to dramatically reduce workflow log noise. These changes improve both runtime efficiency and developer experience when debugging workflows.

🎯 Scheduled Trigger Shorthand
New shorthand syntax for common scheduled triggers makes workflows more readable:

on: daily  # Equivalent to schedule with daily cron

🛠️ Serena MCP Server Integration
Built-in support for Serena MCP server with Go and TypeScript configurations, providing advanced semantic code analysis capabilities directly in your workflows.

📋 VSCode Schema Validation
Configure YAML schema validation for agentic workflow frontmatter with gh aw init. Get real-time validation, autocomplete, and hover documentation for 100+ workflow properties using the RedHat YAML extension.

🔧 Developer Experience

Make Update Command
New make update command automatically updates GitHub Actions pins and rebuilds with synchronized versions, handling actions in subfolders correctly. Validated in CI to prevent drift.

Compilation Error Reports
Enhanced compile command now provides detailed error reports to help diagnose workflow issues faster.

Daily Update Checks
The compile command now checks for new releases daily and notifies you when updates are available.

🐛 Bug Fixes & Improvements

• Safe Outputs Job Environment: Added GH_AW_ASSETS_BRANCH to safe_outputs job environment for better asset management
• Pull Request Handling: Fixed issue locking to skip pull requests in lock-for-agent workflows
• Workflow Dispatch Cleanup: Removed null values from workflow_dispatch in generated .lock.yml files for cleaner output
• Linter Fixes: Resolved gosimple S1008 violation and actionlint timeout issues
• Test Stability: Fixed engine firewall validation and npm install command checks

📚 Documentation

• Comprehensive validation and parsing organization documentation
• Label guidelines for AI-generated workflow tracking
• Enhanced GenerateOutputSchema documentation
• Validation documentation for frontmatter parsing
• Updated safe-outputs documentation with environment variable requirements

🏗️ Code Quality

Major Refactoring Initiatives:

• Refactored pkg/parser/frontmatter.go from 1,294 lines into 6 focused, maintainable modules
• Eliminated sanitization pipeline duplication between core and full modules
• Extracted generic field parser for update entity configs with table-driven helpers
• Consolidated update entity JS wrappers using factory pattern
• Extracted shared context validation helpers to reduce duplication
• Moved github-script version to constants and centralized action pin management

These refactorings improve maintainability and reduce technical debt while maintaining full backward compatibility.

---

Full Changelog: v0.33.8...v0.33.9
For setup instructions, see the [Quick Start Guide]((redacted)

AI generated by Release

---

What's Changed

• Add hierarchical meta-orchestrators with shared memory for agent ecosystem management by @Copilot in #7021
• Configure VSCode YAML schema validation for agentic workflow frontmatter by @Copilot in #7030
• Document environment variable requirements for safe output jobs by @Copilot in #7033
• Refactor: eliminate sanitization pipeline duplication between core and full modules by @Copilot in #7031
• Add integration tests for safe output job configurations by @Copilot in #7034
• Move misplaced extraction functions to frontmatter_extraction.go by @Copilot in #7043
• Add daily release update check to compile command by @Copilot in #7032
• Simplify GenerateOutputSchema to use idiomatic ForT pattern by @Copilot in #7046
• Refactor: Extract generic field parser for update entity configs by @Copilot in #7052
• Set common environment variables at job level in consolidated safe_outputs job by @Copilot in #7049
• Clarify PAT requirements for user-owned vs org-owned Projects v2 by @Copilot in #7041
• Add Serena MCP server configuration for Go and TypeScript by @Copilot in #7053
• Refactor pkg/parser/frontmatter.go from 1,294 lines into 6 focused modules by @Copilot in #7051
• Add Serena as built-in MCP tool for listing and inspection by @Copilot in #7055
• Update init --codespaces to merge with existing devcontainer.json by @Copilot in #7060
• Add quiet flags to package managers to reduce workflow log noise by @Copilot in #7061
• Fix test failures: engine firewall validation and npm install command checks by @Copilot in #7064
• Remove RedHat YAML extension and yaml.* settings from VSCode configuration by @Copilot in #7066
• Add comprehensive documentation for validation and parsing organization by @Copilot in #7065
• Document label guidelines for AI-generated workflow tracking by @Copilot in #7068
• Fix gosimple S1008 linter violation in update_check.go by @Copilot in #7071
• Add comprehensive documentation to GenerateOutputSchema by @Copilot in #7072
• [WIP] Add compilation error report to compile command by @Copilot in #7074
• Add shorthand syntax for scheduled triggers: on: daily by @Copilot in #7073
• Add make update command to update actions and rebuild with synced pins by @Copilot in #7075
• Fix update command to handle actions in subfolders by @Copilot in #7078
• Add update command validation to CI workflow by @Copilot in #7082
• Optimize workflow prompts: reduce token usage by 70% in shared files by @Copilot in #7081
• Consolidate update entity config parsing with table-driven helper by @Copilot in #7083
• Clean null values from workflow_dispatch in generated .lock.yml files by @Copilot in #7084
• Extract github-script version constant and use action pin manager by @Copilot in #7086
• Fix actionlint timeout and improve Go formatting errors by @Copilot in #7085
• Skip issue locking for pull requests in lock-for-agent by @Copilot in #7090
• Refactor update entity JS wrappers using factory pattern by @Copilot in #7092
• Add GH_AW_ASSETS_BRANCH to safe_outputs job environment by @Copilot in #7100

Full Changelog: v0.33.8...v0.33.9