You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A new version of gh-aw is available. We are currently on v0.80.9, latest is v0.82.3.
Upgrade Assessment
Urgency: Recommended — v0.82.3 includes MCP server security hardening relevant to workflows that configure remote MCP servers.
Relevant Changes
v0.82.3
Security
HTTP MCP server bind hardening: The v0.82.3 release notes state that the HTTP MCP server now binds to 127.0.0.1 only, closing a DNS-rebinding and cross-origin POST attack surface (fix(mcp-server): bind HTTP server to 127.0.0.1; document validation escalation github/gh-aw#43766). This is relevant because this repo has gh-aw workflows that configure remote MCP servers and explicit network access:
.github/workflows/gh-aw-estc-docs-patrol-external.md:80-90 configures the elastic-docs MCP server at https://www.elastic.co/docs/_mcp/ and allows www.elastic.co.
.github/workflows/gh-aw-estc-docs-pr-review.md:87-100 configures the same elastic-docs MCP server and allows www.elastic.co plus docs-v3-preview.elastic.dev.
.github/workflows/gh-aw-estc-newbie-contributor-patrol-external.md:74-83 configures the same elastic-docs MCP server and allows www.elastic.co.
New Features Worth Adopting
Compiler job dependency control: jobs.<generated>.needs can augment generated job dependencies. No immediate workflow change is required based on current frontmatter.
dismiss-review safe output: Newly available for automated review lifecycle management. This could be evaluated later for PR review addresser flows, but the security hardening above is the concrete upgrade driver.
v0.82.2
Bug Fixes
Safe-outputs full-branch validation: allowed_files pre-flight now validates the full commit history reachable from a pushed ref. This is useful hardening for workflows that can push to PR branches.
v0.82.1
Breaking Changes
sandbox.agent.sudo now defaults to false: No direct authored change appears required for this repo's no-sandbox workflows because they explicitly set sandbox.agent: false in .github/workflows/gh-aw-mention-in-issue-no-sandbox.md:80-81 and .github/workflows/gh-aw-mention-in-pr-no-sandbox.md:92-93.
Update GH_AW_VERSION, GH_AW_BUILD_VERSION, and GH_AW_COMPAT_VERSION in Makefile:4-6 from v0.80.9 to v0.82.3.
Run make compile and verify 0 errors, 0 warnings.
Review only hand-authored workflow sources, shared fragments, Makefile, and other source files; treat .github/workflows/*.lock.yml changes as generated output.
Smoke-check one workflow that uses mcp-servers.elastic-docs after the upgrade.
A new version of gh-aw is available. We are currently on
v0.80.9, latest isv0.82.3.Upgrade Assessment
Urgency: Recommended —
v0.82.3includes MCP server security hardening relevant to workflows that configure remote MCP servers.Relevant Changes
v0.82.3
Security
v0.82.3release notes state that the HTTP MCP server now binds to127.0.0.1only, closing a DNS-rebinding and cross-origin POST attack surface (fix(mcp-server): bind HTTP server to 127.0.0.1; document validation escalation github/gh-aw#43766). This is relevant because this repo has gh-aw workflows that configure remote MCP servers and explicit network access:.github/workflows/gh-aw-estc-docs-patrol-external.md:80-90configures theelastic-docsMCP server athttps://www.elastic.co/docs/_mcp/and allowswww.elastic.co..github/workflows/gh-aw-estc-docs-pr-review.md:87-100configures the sameelastic-docsMCP server and allowswww.elastic.coplusdocs-v3-preview.elastic.dev..github/workflows/gh-aw-estc-newbie-contributor-patrol-external.md:74-83configures the sameelastic-docsMCP server and allowswww.elastic.co.New Features Worth Adopting
jobs.<generated>.needscan augment generated job dependencies. No immediate workflow change is required based on current frontmatter.dismiss-reviewsafe output: Newly available for automated review lifecycle management. This could be evaluated later for PR review addresser flows, but the security hardening above is the concrete upgrade driver.v0.82.2
Bug Fixes
allowed_filespre-flight now validates the full commit history reachable from a pushed ref. This is useful hardening for workflows that can push to PR branches.v0.82.1
Breaking Changes
sandbox.agent.sudonow defaults tofalse: No direct authored change appears required for this repo's no-sandbox workflows because they explicitly setsandbox.agent: falsein.github/workflows/gh-aw-mention-in-issue-no-sandbox.md:80-81and.github/workflows/gh-aw-mention-in-pr-no-sandbox.md:92-93.Duplicate Assessment
v0.82.1firewallaccess.logpath fix. This issue is distinct because it covers the newerv0.82.3MCP server bind hardening and raises the target version to the current latest release.Upgrade Steps
GH_AW_VERSION,GH_AW_BUILD_VERSION, andGH_AW_COMPAT_VERSIONinMakefile:4-6fromv0.80.9tov0.82.3.make compileand verify 0 errors, 0 warnings.Makefile, and other source files; treat.github/workflows/*.lock.ymlchanges as generated output.mcp-servers.elastic-docsafter the upgrade.