v0.50.7

🌟 Release Highlights

This release focuses on smarter workflow updates, better enterprise/OIDC integration, and improved developer experience with clearer error messages and actionable guidance when things go wrong.

✨ What's New

• gh aw update now updates all third-party actions — Previously, force-updating to the latest major version only applied to actions/* core actions. Now all actions across every org are upgraded automatically (#18707, #18692). Use --disable-release-bump to opt out and restore the previous behavior.

• Automatic OIDC/vault permission detection — Workflows using OIDC-based secret managers (AWS Secrets Manager, Azure Key Vault, HashiCorp Vault, etc.) in safe-outputs.steps now automatically receive id-token: write permission — no manual configuration required (#18701).

• Firewall block guidance with fix snippets — When the AWF firewall blocks a domain during execution, the footer now includes an actionable code snippet and a documentation link so you can resolve it immediately, rather than just listing the blocked domains (#18676).

🐛 Bug Fixes & Improvements

• Codex policy violation errors now surface in step summaries — When Codex hits a cyber_policy_violation or similar API error, the failure is now clearly reported in the step summary instead of silently producing an empty log (#18699).

• Fixed noop missing from safe-output tools prompt — noop was registered in the MCP server but never listed in the (safe-output-tools) prompt, causing safe-output workflow failures. This is now fixed for all workflows (#18647).

• Fixed context is not defined in safeoutputs MCP backend — The create_pull_request and close_pull_request handlers could fail at runtime due to an unresolved context reference. This regression is now resolved (#18646).

• Fixed Codex tool calls missing from log entries — New-format Codex logs had tool calls detected but never added to logEntries, causing the common renderer to fall back to a blank output. Rendering is now correct (#18678).

📚 Documentation

• Simplified fine-grained PAT setup — PAT creation links now pre-fill the name, description, and permissions, reducing setup friction for new users (#18662, #18682).

🔧 Tool Version Bumps

• Claude Code 2.1.62, GitHub Copilot CLI 0.0.419, Codex 0.106.0, MCP Gateway v0.1.6 (#18669)
• All actions/checkout references upgraded to v6 (#18685)

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• Fix smoke-trigger.yml startup_failure and missing secrets for workflow_call by @Copilot in #18629
• docs: add pre-filled URL parameters to fine-grained PAT creation links by @Copilot in #18662
• fix: include noop in safe-output tools prompt for all workflows by @Copilot in #18647
• Fix context is not defined error in safeoutputs MCP backend by @Copilot in #18646
• Enhance firewall blocked domains footer with fix snippet and docs link by @Copilot in #18676
• refactor(workflow): deduplicate logic, extract cross-engine helpers, fix interface bypass by @Copilot in #18671
• Fix Codex new-format tool calls missing from logEntries for common renderer by @Copilot in #18678
• docs: update fine-grained PAT repository access instructions for Copi… by @mnkiefer in #18682
• Upgrade actions/checkout to v6 across the repo by @Copilot in #18685
• chore: bump CLI tool versions — Claude Code 2.1.62, Copilot 0.0.419, Codex 0.106.0, MCP Gateway v0.1.6 by @Copilot in #18669
• fix: surface Codex model access blocked errors in step summary by @Copilot in #18699
• feat: update command always updates core actions (actions/*) to latest major version by @Copilot in #18692
• Auto-detect OIDC/vault actions in safe-outputs steps and add id-token:write permission by @Copilot in #18701
• feat: force update all actions to latest major version, add --disable-release-bump flag by @Copilot in #18707

Full Changelog: v0.50.6...v0.50.7

v0.50.6

🌟 Release Highlights

This release focuses on cross-repository and fork reliability, delivering a wave of targeted bug fixes that make gh-aw more robust in complex multi-repo and private-repo scenarios, alongside new platform support and improved tooling.

✨ What's New

• Android arm64 support — Workflows can now run on android-arm64 architecture, expanding platform coverage for mobile-native CI environments. (#18609)
• Fork support reference page — New documentation covering how to use gh-aw in forked repositories, including checkout behavior and token configuration. (Learn more)
• Improved gh aw add-wizard resilience — The wizard now skips secrets configuration when the user lacks write access (#18490), preserves existing files and shows recovery instructions on commit failure (#18489), and no longer corrupts frontmatter when the engine is a block mapping (#18486).
• Better fallback instructions on PR failure — When pull request creation fails, agents now receive clearer guidance to open an issue instead. (#18536)

🐛 Bug Fixes & Improvements

• shell(dotnet) no longer blocked — Workflows listing shell(dotnet) in allowed tools no longer hit a spurious "denied" error requiring the env dotnet workaround. (#18612)
• Fork PR checkout fixed — pull_request events in forked repositories now correctly use gh pr checkout instead of failing to resolve the branch. (#18591)
• Private repo PR branch access — In private repositories, workflows triggered by PR comments can now correctly access the PR branch. (#18578)
• Cross-repo base branch resolution — Base branch detection is now accurate for cross-repository PRs and PR comment events. (#18614, #18581)
• Cross-repo audit log download — gh run download now correctly passes owner/repo for cross-repo audits. (#18603)
• safe_outputs checkout for pull_request_review events — Checkout no longer fails when a workflow is triggered by a pull request review. (#18552)
• Duplicate env vars eliminated — When an imported workflow and the main workflow reference the same repository variable, env vars are now deduplicated in the interpolation step. (#18548)
• allowed-domains propagated to safe outputs — Allowlisted domains are now correctly passed through to the Process Safe Outputs step, preventing unintended URL redaction. (#18538)
• "Copilot is not a user" error fixed — compute_text.cjs no longer fails when processing PRs created by GitHub Apps. (#18592)

📚 Documentation

• New Fork Support reference page covering fork workflows end-to-end.
• Improved Cross-Repository Operations reference with checkout: guidance. (#18553)
• Pre-filled PAT creation link added to COPILOT_GITHUB_TOKEN docs to streamline initial setup. (#18594)

🌍 Community Contributions

A huge thank you to the community members who reported issues resolved in this release:

• @BrandonLewis for Add support for the android-arm64 architecture (#18263)
• @ViktorHofer for shell(dotnet) tool denied despite being in allowed tools (#18340)
• @dsyme for PR branch not accessible in private repo comment events (#18574)

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• [WIP] Migrate 50% of agentic workflows to use copilot-requests feature by @Copilot in #18531
• docs: Add fork support reference page by @Copilot in #18537
• Fix: propagate allowed-domains to the Process Safe Outputs step by @Copilot in #18538
• fix: deduplicate env vars in interpolation step when import and main workflow share a variable by @Copilot in #18548
• Improve reference docs for cross-repo operations and checkout: by @dsyme in #18553
• [WIP] Rename title prefixes from '[agentics]' and '[agentic-workflows]' to '[aw]' by @Copilot in #18550
• Fix safe_outputs checkout failure for pull_request_review events by @Copilot in #18552
• DDUw: add open-issue cross-referencing, stale schema drift detection, and example validation by @Copilot in #18555
• [log] Add debug logging to workflow compiler and stringutil packages by @github-actions[bot] in #18564
• Fix add-wizard corrupting frontmatter when engine is a block mapping by @Copilot in #18486
• fix(add-wizard): skip secrets configuration when user lacks write access by @Copilot in #18490
• Improve fallback issue instructions when PR creation fails by @Copilot in #18536
• fix(add-wizard): preserve files and show recovery instructions on commit failure by @Copilot in #18489
• Fix #18574 by @dsyme in #18578
• [instructions] Sync github-agentic-workflows.md with v0.40.1 by @github-actions[bot] in #18583
• [docs] docs: unbloat GitHub Actions Primer guide by @github-actions[bot] in #18584
• [docs] Consolidate developer specifications - fix 42 code fence regressions (v3.2) by @github-actions[bot] in #18586
• Get correct base branch for pull request comments by @dsyme in #18581
• Add pre-filled PAT creation link for COPILOT_GITHUB_TOKEN to docs by @eaftan in #18594
• Fix "Copilot is not a user" error in compute_text.cjs for app-created PRs by @Copilot in #18592
• fix: use gh pr checkout for fork PRs in pull_request events by @Copilot in #18591
• Fix shell(dotnet) denied despite being in allowed tools by @Mossaka in #18612
• Add android-arm64 architecture support by @Mossaka in #18609
• Improve base branch resolution for cross-repo PRs by @dsyme in #18614
• chore(deps): bump fast-xml-parser from 5.3.6 to 5.4.1 in /docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in #18580
• chore(deps): bump minimatch from 9.0.6 to 9.0.9 in /.github/workflows in the npm_and_yarn group across 1 directory by @dependabot[bot] in #18579
• fix: pass owner/repo to gh run download for cross-repo audit by @Copilot in #18603
• fix(ci): guard golangci-lint download against silent HTTP failures by @Copilot in #18619
• fix: add missing repo_helpers.cjs and glob_pattern_helpers.cjs to safe-outputs file list by @Copilot in #18620
• Update report.md: recommend safe-outputs filtering for mentions and backlinks by @Copilot in #18623

Full Changelog: v0.50.5...v0.50.6

v0.50.5

🌟 Release Highlights

This release focuses on fork compatibility, GitHub Enterprise support, and safe-outputs extensibility — making gh-aw more reliable across a wider range of deployment environments.

✨ What's New

• Custom steps in safe-outputs jobs — The new safe-outputs.steps field lets you inject custom steps into the consolidated safe-outputs job, running after checkout/setup but before any safe-output code executes. Steps from imported workflows are automatically merged. (#18460)

• GitHub Enterprise compatibility — Workflows running in GitHub Enterprise environments (e.g., COMPANY.ghe.com) now correctly pass GITHUB_SERVER_URL and GITHUB_API_URL to the Copilot CLI execution step, resolving authentication failures in GHE deployments. (#18504)

• Ecosystem network domains expanded — Added package registry domains for 5 new language ecosystems: R, Julia, OCaml, Bazel, and Lua. (#18405)

• Secret validation moved to activation job — Secrets are now validated earlier (at activation time, not agent job time), providing faster feedback and making secret_verification_result available during activation checks. (#18441)

🐛 Bug Fixes & Improvements

• Fork support for maintenance workflows — Agentic maintenance jobs (compile, scan, secret-validation) now skip automatically on forked repositories, eliminating noisy failures every 2 hours for fork users. (#18532)

• Clearer fork error messages — When a workflow fails in a forked repository due to missing secrets, failure messages now include an explanatory hint about fork secret isolation. (#18529, #18523)

• gh aw update graceful exit — Running gh aw update in a repo where no workflows have a source field now exits cleanly with an info message instead of returning an error. (#18433)

• Copilot CLI updated to v0.0.418 — Upgrades to the GA release of Copilot CLI, which changed its authentication mechanism. Workflows on v0.0.417 were failing immediately with Error: Authentication failed. (#18502)

• CLI tool versions updated — Claude Code bumped to 2.1.59, Codex to 0.105.0. (#18515)

📚 Documentation

• Added URL redirects covering all historical docs file renames — old bookmarked links now resolve correctly. (#18430)
• Streamlined network.md reference for improved scannability. (#18415)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @dsyme for Using gh-aw in forks of repositories (#18481)
• @JoshGreenslade for gh-aw not working in cloud enterprise environments (#18480)
• @dsolteszopyn for gh aw update fails (#18421)
• @Mossaka for directly contributing ecosystem domain support for R, Julia, OCaml, Bazel, and Lua (#18405)

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• Add ecosystem domains for R, Julia, OCaml, Bazel, Lua by @Mossaka in #18405
• [log] Add debug logging to 5 pkg files by @github-actions[bot] in #18401
• [docs] docs: remove bloat from network.md reference by @github-actions[bot] in #18415
• [instructions] Sync github-agentic-workflows.md with v0.40.1 by @github-actions[bot] in #18414
• fix: CLI consistency - usage paths, trial --quiet, pr verbose, secrets examples by @Copilot in #18380
• Add URL redirects for all historical docs file renames by @Copilot in #18430
• [docs] Fix 175 non-standard code fence closing markers across 20 scratchpad spec files by @github-actions[bot] in #18417
• Add Daily Documentation Healer workflow (self-healing DDUw companion) by @Copilot in #18375
• chore(deps): bump rollup from 4.50.1 to 4.59.0 in /docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in #18431
• chore(deps): bump hono from 4.12.0 to 4.12.2 in /.github/workflows in the npm_and_yarn group across 1 directory by @dependabot[bot] in #18432
• fix: gh aw update exits gracefully when no workflows have a source field by @Copilot in #18433
• [docs] Update documentation for features from 2026-02-26 by @github-actions[bot] in #18443
• Move validate-secret step from agent job to activation job by @Copilot in #18441
• fix: correct TestUpdateCommand_NoMergeFlag assertion to match implementation by @Copilot in #18450
• fix: SHA-pin actions/setup in agentics-maintenance.yml generation by @Copilot in #18378
• Add safe-outputs.steps for injecting custom steps into safe-output jobs by @Copilot in #18460
• [fp-enhancer] Improve pkg/cli: immutability and functional initialization by @github-actions[bot] in #18469
• fix: upgrade Copilot CLI default version to 0.0.418 by @Copilot in #18502
• Emit default environment variables for GitHub Enterprise by @Copilot in #18504
• Update CLI versions: Claude Code 2.1.59, Codex 0.105.0 by @Copilot in #18515
• Add fork context warning to validate_secrets.cjs by @Copilot in #18523
• Add fork context hint to workflow failure conclusion messages by @Copilot in #18529
• Skip agentics-maintenance jobs in forked repositories by @Copilot in #18532

Full Changelog: v0.50.4...v0.50.5

v0.50.4

🌟 Release Highlights

This release introduces configurable autopilot continuation limits for agentic engines, improves the auto-triage workflow, and refines scout report formatting.

✨ What's New

• Configurable max-continuations for engine autopilot — You can now set max-continuations in your engine configuration to cap how many times an agent may continue execution in autopilot mode. This gives you fine-grained control over agent run depth and resource usage (currently supported for the Copilot engine).

  engine:
    name: copilot
    max-continuations: 5

• Auto-triage community label — The auto-triage workflow now automatically applies the community label to issues opened by external contributors (NONE, FIRST_TIME_CONTRIBUTOR, FIRST_TIMER associations), making it easier to track and prioritize community feedback.

• Expanded ecosystem domains — Added data.jsdelivr.com, code.jquery.com, cdn.sheetjs.com, and bitbucket.org to the allowed domains list, unblocking Deno/Lume, SheetJS, and Composer-based workflows.

🐛 Bug Fixes & Improvements

• Scout report header normalization — Scout reports now use consistent h3 headers and bold <summary> tags, aligning with the formatting conventions used by ci-coach, ci-doctor, and pr-triage-agent.

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• Add newMCPError helper to eliminate repeated jsonrpc.Error struct literals by @Copilot in #18341
• Reformat footer install message with hyperlinked label and code block by @Copilot in #18345
• feat(auto-triage): assign community label for non-contributor and read-only issues by @Copilot in #18353
• fix(scout): normalize report headers to h3 and bold summary tags by @Copilot in #18364
• Improve test coverage and structure for pkg/parser/import_cache_test.go by @Copilot in #18369
• Add missing domains to ecosystem_domains.json by @Mossaka in #18390
• Add max-continuations field to agentic engine configuration by @Copilot in #18368
• chore: add new slides by @mnkiefer in #18394
• chore: update slides pdf by @mnkiefer in #18395

Full Changelog: v0.50.3...v0.50.4

v0.50.3

🌟 Release Highlights

This release focuses on reliability and correctness improvements — fixing data races, MCP context management, safe-outputs permissions, and compiler diagnostics. Dependency and tooling updates keep everything fresh.

🐛 Bug Fixes & Improvements

• add-comment now emits pull-requests: write by default — Previously, workflows using add-comment safe-outputs would fail with "Resource not accessible by integration" when commenting on PRs because the compiler only emitted issues: write. The compiler now correctly emits both issues: write and pull-requests: write, and provides new issues/pull-requests/discussions flags for fine-grained control. (#18318)

• Eliminated a sync.Once data race in cache-clear functions — A concurrency bug that could cause non-deterministic behavior when clearing caches has been resolved. (#18280)

• MCP request context propagation fixed — checkActorPermission now correctly receives the MCP request context, ensuring timeouts and cancellations propagate correctly throughout the permission-check call chain. (#18281)

• MCP inspector sub-contexts released promptly — connectStdioMCPServer and connectHTTPMCPServer now release WithTimeout sub-contexts immediately after each sequential MCP operation rather than deferring, reducing timer resource hold time. (#18343)

• Preserved ExitError in error chain — ExitError is no longer dropped during run-workflow validation, enabling downstream error handling to correctly inspect exit codes. (#18282 via release notes)

✨ What's New

• Schema path heuristic for misplaced frontmatter fields — When a field appears in the wrong location in a workflow's frontmatter, the compiler now suggests the correct schema path, making it much easier to diagnose configuration errors. (#18320)

• Suppressed actionlint SC1003 false positives — Generated AWF shell commands no longer trigger spurious actionlint SC1003 warnings, reducing noise in CI linting output. (#18316)

• Cleaner footer install message — The workflow footer now links "agentic workflow" directly to the source URL and displays the install command in a formatted code block for better readability. (#18345)

🔧 Internal

• Refactored MCP error construction with a newMCPError helper, eliminating 30+ repeated jsonrpc.Error struct literals across MCP tool files. (#18341)
• Updated Claude Code 2.1.52 → 2.1.56 and Copilot CLI 0.0.415 → 0.0.417. (#18313)
• Updated golang.org/x/tools from v0.41.0 to v0.42.0. (#18319)

🌍 Community Contributions

A huge thank you to the community members who reported issues resolved in this release:

• @ViktorHofer for gh aw compile does not add pull-requests: write to safe_outputs job when add-comment is configured (#18311)

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• fix: preserve ExitError in error chain in run_workflow_validation.go by @Copilot in #18282
• Propagate MCP request context into checkActorPermission by @Copilot in #18281
• fix: eliminate sync.Once reset data race in cache-clear functions by @Copilot in #18280
• [docs] Update glossary - daily scan by @github-actions[bot] in #18308
• Suppress actionlint SC1003 false positives in generated AWF commands by @Copilot in #18316
• Update Claude Code 2.1.52→2.1.56 and Copilot CLI 0.0.415→0.0.417 by @Copilot in #18313
• deps: update golang.org/x/tools from v0.41.0 to v0.42.0 by @Copilot in #18319
• Add schema path heuristic to suggest correct location for misplaced frontmatter fields by @Copilot in #18320
• fix: update wasm golden fixtures to Copilot CLI 0.0.417 by @Copilot in #18331
• fix: add pull-requests:write to safe_outputs job for add-comment by @Copilot in #18318
• Release MCP inspector sub-contexts promptly after each operation by @Copilot in #18343

Full Changelog: v0.50.2...v0.50.3

v0.50.2

🌟 Release Highlights

This release brings a long-awaited gh aw validate command, expanded safe-output capabilities, a new checkout frontmatter field, and a wave of community-reported bug fixes — making workflows more reliable and easier to author.

✨ What's New

• gh aw validate command (#18191) — Validate workflows with a single, discoverable command instead of chaining compile --validate --no-emit --zizmor --actionlint --poutine. Catch issues before they reach CI. Learn more

• checkout frontmatter field (#18223) — Fine-tune how actions/checkout is emitted in the agent job directly from frontmatter, giving you more control over repository checkout depth and behavior.

• duplicate state reason for close-issue (#18257) — Safe-output close-issue now supports state_reason: duplicate, enabling agentic triage workflows to properly categorize and close duplicate issues.

• New built-in prompt files (#18273, #18272, #18221) — Three new reference prompt files added to .github/aw/: test-coverage.md (with artifact-reading guidance), visual-regression.md (Playwright + cache-memory patterns), and report.md (report generation with markup style guidance).

• Smarter create-agentic-workflow prompt (#18274, #18271) — The workflow creation prompt now correctly suggests deployment_status triggers for external deployment monitoring, and expands language ecosystem inference to automatically configure network.allowed based on project type.

🐛 Bug Fixes & Improvements

• threat-detection: false now respected across imports (#18231) — Imported safe-output fragments no longer silently re-enable threat detection when the main workflow has explicitly disabled it, preventing spurious compilation errors with sandbox.agent: false.

• hide-older-comments now correctly identifies previous comments (#18205) — Fixed a matching bug where hide-older-comments on add-comment safe output failed to find previous comments due to a mismatch in XML marker format.

• Fixed relative import resolution for nested remote files (#18190) — Nested remote imports now resolve relative to their immediate parent file's directory instead of the top-level workflow, enabling proper modular workflow composition.

• code-simplifier unblocked for Go projects (#18214) — The go network preset now includes proxy.golang.org so go build, go test, and make lint no longer fail in the code-simplifier workflow.

• ExitError preserved in workflow validation error chain (#18282) — errors.As(err, &exec.ExitError{}) now works correctly in workflow validation, enabling accurate error type detection downstream.

• Fixed invalid Compiler Playground URL (#18206) — The broken 404 link in the editors reference documentation now correctly points to the Compiler Playground.

• GFM Alert syntax for discussion-to-issue fallback warning (#18268) — The fallback warning added to issues when create-discussion fails due to permissions is now rendered as a prominent GFM [!NOTE] alert instead of a plain blockquote.

📚 Documentation

• Updated docs for gh aw validate, checkout field, and threat-detection behavior from this release (#18254)
• Clarified mandatory sudo requirement for self-hosted agentic workflow runners (#18210)
• Condensed and streamlined FAQ page to reduce repetition (#18237)
• Updated init/upgrade/fix help text to remove stale .github/aw/ prompt file references (#18218)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @strawgate for imported safe-output fragments override explicit threat-detection: false (#18226)
• @Nikhil-Anand-DSG for hide-older-comments finds no matching comments despite correct workflow_id marker (#18200)
• @jeremiah-snee-openx for Editor Link is invalid (#18196)

And a special thanks to @dsyme and @bmerkle for their direct code contributions in this release!

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• cleanup fix2 for #18178 by @bmerkle in #18194
• feat: add gh aw validate command by @Copilot in #18191
• [code-simplifier] refactor: extract execGHAPI helper in checks_command (#18164) by @github-actions[bot] in #18197
• 📂 Fix relative import resolution for nested remote files by @dsyme in #18190
• fix: correct invalid Compiler Playground URL in editors reference by @Copilot in #18206
• fix: hide-older-comments fails to match workflow_id in combined XML marker by @Copilot in #18205
• [log] Add debug logging to 5 workflow pkg files by @github-actions[bot] in #18208
• Document mandatory sudo requirement for self-hosted agentic workflows by @Copilot in #18210
• fix(code-simplifier): allow Go module proxy domains via go network preset by @Copilot in #18214
• fix(step-names): standardize Upload charts, compound step names, and Recompile verb across workflows by @Copilot in #18215
• Bump minimatch 9.0.5 → 9.0.6 in .github/workflows by @Copilot in #18224
• docs: update init/upgrade/fix help text to remove stale .github/aw/ prompt file references by @Copilot in #18218
• Improve test quality in pkg/cli/actionlint_test.go: adopt testify, reduce duplication by @Copilot in #18216
• Update awf to v0.23.0 by @Copilot in #18234
• [docs] Consolidate yaml-version-gotchas.md into dev.md (v3.0) by @github-actions[bot] in #18236
• [instructions] Sync github-agentic-workflows.md with v0.40.1 by @github-actions[bot] in #18235
• fix: imported safe-output fragments no longer override explicit threat-detection: false by @Copilot in #18231
• [docs] docs: condense faq.md - remove verbose and repetitive content by @github-actions[bot] in #18237
• [WIP] Create prompt file for report generation by @Copilot in #18221
• fix(SEC-005): remove false-positive cross-repo pattern matches in generate_git_patch.cjs by @Copilot in #18251
• Add checkout field and manager for agent job by @Copilot in #18223
• [docs] Update documentation for features from 2026-02-25 by @github-actions[bot] in #18254
• [jsweep] Clean add_reaction_and_edit_comment.cjs by @github-actions[bot] in #18252
• refactor: semantic function clustering — eliminate duplicates and relocate outlier functions by @Copilot in #18258
• Use GFM Alert syntax for discussion-to-issue fallback warning by @Copilot in #18268
• Expand language ecosystem inference for network.allowed in create-agentic-workflow prompt by @Copilot in #18271
• feat(safe-outputs): add duplicate state_reason to close-issue by @Copilot in #18257
• docs: document intentional exclusion of head_commit.id from numeric validation by @Copilot in #18266
• feat: add test-coverage prompt with artifact-reading guidance by @Copilot in #18273
• Add deployment_status trigger guidance to create-agentic-workflow prompt by @Copilot in #18274
• Add visual regression reference prompt (.github/aw/visual-regression.md) by @Copilot in #18272

Full Changelog: v0.50.1...v0.50.2

v0.50.1

🌟 Release Highlights

This release focuses on safe-outputs reliability, concurrency correctness, and security hardening — with several community-reported bugs resolved and a new gh aw checks command for deterministic CI state classification.

✨ What's New

• gh aw checks command — New command for deterministic PR CI state classification, enabling reliable triage and automation based on check run outcomes. (#18164)
• AI Moderator: Probe detection — The AI moderator now detects probing attempts and tracks ephemeral cross-run spam, improving workflow security against adversarial inputs. (#18157)
• Configurable patch size limit for repo-memory — Safe output updates to repo-memory now support a configurable patch size limit, preventing oversized updates from failing silently. (#18144)
• Merged detection into action job — The threat detection job has been merged into the action job, simplifying workflow structure and reducing overall job overhead. (#18079)

🐛 Bug Fixes & Improvements

• Fixed workflow_dispatch concurrency blocking — Engine-level concurrency is now disabled for workflow_dispatch-only workflows, allowing multiple dispatches to run in parallel as expected. (#18172)
• Fixed GitHub App multi-repo MCP token handling — GitHub MCP tools (e.g., issue_read) are now available when the app token is scoped to multiple repositories. (#18159)
• Fixed blocked constraints dropped from safe-outputs — The compiler now consistently preserves blocked constraints in safe-outputs configurations. (#18140)
• Fixed allowed-repos schema gap — The allowed-repos field is now accepted inline for assign-to-user and remove-labels safe outputs. (#18132)
• Fixed spurious "PR created" comment — Workflows no longer post a "PR created" status comment on the PR that was just created. (#18130)
• Fixed push-to-PR-branch bugs — Multiple bugs with creating and pushing to PR branches resolved, including improved error context with target PR links. (#18175, #18058)
• Fixed malformed secrets expression rejection — The expression processor now correctly rejects malformed/truncated $\{\{ secrets. expressions rather than passing them through. (#18171)
• Fixed concurrency for synthetic events — Concurrency helpers now correctly handle synthetic events (slash_command, schedule). (#18184)
• Fixed copilot-requests permission — The copilot-requests permission is now preserved in the GitHub workflow JSON schema after schema refresh. (#18135, #18067)
• Cleared MCP config before inline threat detection — Prevents stale MCP configuration from leaking into threat detection context. (#18085)

📚 Documentation

• Fixed Mermaid flowchart node labels rendering literal \n instead of line breaks. (#18131)
• Fixed steps: placement in Deterministic Multi-Repo Workflows example. (#18143)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @davidahmann for Add explicit CI state classification command for gh-aw PR triage
• @benvillalobos for Compiler drops 'blocked' constraints from safe-outputs configs inconsistently
• @benvillalobos for allowed-repos not accepted inline for assign-to-user and remove-labels safe outputs
• @benvillalobos for GitHub MCP issue_read tool unavailable when app token is scoped to multiple repositories
• @tspascoal for Mermaid flowchart node multiline text is not rendered correctly in the documentation

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• fix: update wasm golden files for Copilot CLI v0.0.415 by @Copilot in #18063
• fix: add copilot-requests to GitHub Actions workflow JSON schema by @Copilot in #18067
• chore: add concurrency and run name configuration to rollout workflow by @mnkiefer in #18096
• chore: add CentralRepoOps pattern to design patterns list by @mnkiefer in #18116
• [docs] Update glossary - daily scan by @github-actions[bot] in #18111
• Bump @types/node from 25.2.3 to 25.3.0 in /actions/setup/js by @dependabot[bot] in #18112
• Merge detection job into action job by @pelikhan in #18079
• [fp-enhancer] Improve pkg/cli: immutability and functional patterns by @github-actions[bot] in #18105
• docs: fix Mermaid flowchart node labels rendering literal \n instead of line breaks by @Copilot in #18131
• fix: preserve copilot-requests permission in github-workflow.json after schema refresh by @Copilot in #18135
• fix(schema): add allowed-repos to remove-labels and assign-to-user schema by @Copilot in #18132
• Do not post "PR created" status comment on the created PR itself by @Copilot in #18130
• 🔗 Include target PR link in code push failure context by @dsyme in #18058
• Fix: blocked constraints dropped inconsistently from safe-outputs configs by @Copilot in #18140
• fix(workflow): handle individual PR download failures in prompt-clustering-analysis by @Copilot in #18139
• docs: fix steps: placement in Deterministic Multi-Repo Workflows example by @Copilot in #18143
• chore: bump Claude Code CLI 2.1.51 → 2.1.52 by @Copilot in #18147
• ci: add 11 missing fuzz tests to fuzz job by @Copilot in #18158
• feat(ai-moderator): probe detection + ephemeral cross-run spam tracking by @Copilot in #18157
• Add configurable patch size limit for repo-memory safe output updates by @Copilot in #18144
• Fix false positive in FuzzRuntimeImportProcessExpressions invariant check by @Copilot in #18161
• Fix ambiguous fuzz target regex in CI fuzz job by @Copilot in #18167
• Add gh aw checks command for deterministic PR CI state classification by @Copilot in #18164
• fix: preserve entityType in parseLabelTriggerShorthand on validation errors by @Copilot in #18169
• Fix: reject malformed/truncated ${{ secrets. expressions in processExpressions by @Copilot in #18171
• Fix GitHub App multi-repo token handling for MCP server by @Copilot in #18159
• Disable engine-level concurrency for workflow_dispatch-only workflows by @Copilot in #18172
• 🔧 Fix multiple bugs with create and push to PRs by @dsyme in #18175
• Fix fuzz harness panic on malformed options input by @Copilot in #18179
• Fix concurrency helpers to correctly handle synthetic events (slash_command, schedule) by @Copilot in #18184

Full Changelog: v0.50.0...v0.50.1

v0.50.0

🌟 Release Highlights

This release focuses on improving reliability and flexibility for agentic engine authentication — giving teams more control over how secrets are managed — alongside important fixes for CRLF repositories and token security.

✨ What's New

• Custom engine token secrets — You can now provide your own engine.env in workflow frontmatter to override the default agentic engine token expression. gh-aw automatically wires your secret into both the execution step and the secret validator, giving teams full control over credential naming conventions (#18017).

🐛 Bug Fixes & Improvements

• CRLF repository compatibility — Workflows like Code Simplification that push changes via safe_outputs were silently failing on repositories that normalize line endings with .gitattributes. The git am patch application step now correctly handles CRLF-encoded patches (#18029).

• GH_AW_CI_TRIGGER_TOKEN scoped correctly — The CI trigger token is now emitted only at the step level (instead of job level), ensuring it is available exclusively to the safe-outputs handler and not inadvertently exposed across all job steps (#18030).

• Dependency bumps — Claude Code updated to 2.1.51 and Copilot CLI to 0.0.415 across all 158 compiled workflows (#18046).

📚 Documentation

• Agent-focused quick-start links (llms.txt, Create, Debug, Update) added to the documentation site footer — visible on every page (#18032).
• README updated with instructions for agents to download llms.txt (#18031).

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @AmoebaChant for Code Simplification agent silently fails to create PRs when the repo stores line endings as CRLF (#17975)

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• Update agentic engine token handling to use user-provided secrets by @Copilot in #18017
• Update README with llms.txt download instruction by @pelikhan in #18031
• Fix silent git am failure on CRLF repositories in safe_outputs patch application by @Copilot in #18029
• 🔧 Fix GH_AW_CI_TRIGGER_TOKEN emit scope and update docs by @dsyme in #18030
• Add agent-focused links to the docs footer by @Copilot in #18032
• Fix premature exit in conformance checker due to bash arithmetic increment bug by @Copilot in #18035
• [jsweep] Clean add_reaction.cjs by @github-actions[bot] in #18041
• Strengthen noop documentation and add explicit noop instructions to all workflow prompts by @Copilot in #18045
• [docs] Update documentation for features from 2026-02-24 by @github-actions[bot] in #18051
• Bump Claude Code to 2.1.51 and Copilot CLI to 0.0.415 by @Copilot in #18046
• refactor: extract applyFrontmatterLineTransform to eliminate duplicate codemod boilerplate by @Copilot in #18050
• Add features.copilot-requests feature flag for GitHub Actions token auth by @Copilot in #18028

Full Changelog: v0.49.7...v0.50.0

v0.49.7

🌟 Release Highlights

This release sharpens the developer experience with a cleaner CI token configuration, more accurate audit diagnostics, polished error messages, and a new self-hosted runners guide.

⚠️ Breaking Changes

• GH_AW_EXTRA_EMPTY_COMMIT_TOKEN renamed to GH_AW_CI_TRIGGER_TOKEN — If you set this environment variable to trigger CI pipelines on empty commits, update your secret name to GH_AW_CI_TRIGGER_TOKEN. (#17997)

✨ What's New

• Simplified CI trigger token configuration — GH_AW_CI_TRIGGER_TOKEN is now used automatically when github-token-for-extra-empty-commit is not explicitly set, removing the need for the default keyword. Less boilerplate, same power. (#17997)
• AI message footer in activation comments — Activation comments (PR/issue links and commit-pushed messages) now include a contextual AI message footer, giving collaborators clearer context about agent activity. (#18021)

🐛 Bug Fixes & Improvements

• audit now points to the right error — The audit command was extracting error details from the "Complete job" teardown step instead of the actual failing step. It now correctly surfaces ##[error] annotations from the step that failed, making debugging dramatically more straightforward. (#18010)
• Clearer max-turns error for Copilot engine — The error message for unsupported max-turns on the Copilot engine was self-contradictory (telling users to remove it while showing an example using it). The message is now clean and unambiguous. (#18009)
• Fixed IMP-002 conformance check false failure — A casing mismatch in check-safe-outputs-conformance.sh caused a permanent false HIGH failure on every run. Now fixed. (#18011)

📚 Documentation

• New guide: Self-hosted runners — A comprehensive new guide covers all runs-on formats, shared runner configuration patterns, and detection job runner overrides. View guide (#17986)
• Streamlined triggers reference — The triggers reference page has been refactored for clarity, reducing size by 16% while preserving all essential information. (#18002)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @benvillalobos for Confusing error message: max-turns not supported example contradicts the error

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• [instructions] Sync github-agentic-workflows.md with release v0.40.1 by @github-actions[bot] in #17996
• [docs] Consolidate engine architecture, JS sanitization pipeline, activation output transforms into dev.md v2.9 by @github-actions[bot] in #17999
• Add documentation page on self-hosted runners configuration by @Copilot in #17986
• [docs] docs: unbloat triggers reference page by @github-actions[bot] in #18002
• fix: correct function name casing in IMP-002 conformance check by @Copilot in #18011
• 🔑 Rename env var to GH_AW_CI_TRIGGER_TOKEN and default its usage by @dsyme in #17997
• fix(audit): extract ##[error] annotations from all step logs instead of last-step content by @Copilot in #18010
• fix: simplify max-turns error message by removing contradictory example by @Copilot in #18009
• [WIP] Update activation comments with AI message footer by @Copilot in #18021

Full Changelog: v0.49.6...v0.49.7

v0.49.6

🌟 Release Highlights

This release focuses on authentication improvements, better self-hosted runner configurability, and a polished CLI experience — with significant documentation restructuring to make auth setup clearer than ever.

✨ What's New

• GH_AW_CI_TRIGGER_TOKEN magic secret support — Set github-token-for-extra-empty-commit: "default" to automatically use the GH_AW_CI_TRIGGER_TOKEN magic secret without manual token wiring. This simplifies CI trigger token configuration for most workflows. (#17990)

• Runner resolution for detection jobs — The detection job now inherits agent.runs-on by default and can be independently overridden via safe-outputs.detection.runs-on. The unlock job uses safe-outputs.runs-on, giving full control over runner placement in self-hosted environments. (#17979)

• Simplified secrets set CLI — The gh aw secrets set command now uses a single --repo owner/repo flag (replacing the separate --owner and --repo flags) and defaults to the current repository. (#17977)

🐛 Bug Fixes & Improvements

• Frontmatter hash extraction — extractHashFromLockFile now correctly reads the new JSON metadata format (# gh-aw-metadata: {...}) in addition to the legacy # frontmatter-hash: format, preventing false "workflow has changed" warnings. (#17971)

• Docs build — Fixed an unclosed code fence in auth.mdx that was silently swallowing the GH_AW_AGENT_TOKEN section, causing broken anchor links across the docs. (#17972)

📚 Documentation

Auth documentation has been substantially restructured with dedicated pages:

• GitHub Tools auth — New reference page at /reference/github-tools/
• GitHub Projects auth — New dedicated auth-projects page
• Copilot agent assignment — New assign-to-copilot auth guide
• Gemini auth + Copilot PAT setup — Step-by-step guides for Gemini engine authentication and improved Copilot personal access token setup (#17957, #17990)

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• fix: replace interface{} with any in WASM layout stub by @Copilot in #17960
• [code-simplifier] refactor: simplify permissions converter and sort pattern by @github-actions[bot] in #17966
• refactor: remove thin wrappers, move test helper to test file, consolidate formatDuration by @Copilot in #17964
• Fix docs build: unclosed code fence in auth.mdx swallows GH_AW_AGENT_TOKEN section by @Copilot in #17972
• 🔧 Simplify secrets set to use single --repo flag by @dsyme in #17977
• [log] Add debug logging to five pkg files for better troubleshooting by @github-actions[bot] in #17980
• Implement runner resolution strategy for unlock and detection jobs by @Copilot in #17979
• 🔧 Fix frontmatter hash extraction to support JSON metadata format by @dsyme in #17971
• 📚 Add Gemini auth docs and improve Copilot PAT setup by @dsyme in #17957
• 🔐 Refactor auth docs and add GH_AW_CI_TRIGGER_TOKEN magic secret support by @dsyme in #17990

Full Changelog: v0.49.5...v0.49.6