chore: upgrade gh-aw to v0.82.2 pre-release and recompile workflows#5946
Merged
Conversation
Ran `gh aw upgrade --pre-releases` and `gh aw compile` followed by post-processing via `npx ts-node scripts/ci/postprocess-smoke-workflows.ts`. All 3491 tests pass. Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Upgrades the repository’s pinned gh-aw pre-release version and regenerates the compiled agentic workflow lock files (.lock.yml) so workflows run with the updated gh-aw compiler output and related codemods.
Changes:
- Bumped gh-aw to v0.82.2 pre-release and recompiled workflow lock files.
- Updated multiple lock workflows to newer gh-aw-emitted steps/flags (checkout sparse-checkout blocks, AWF install step shape, AWF invocation flags, cache-memory caching layout).
- Updated
.github/skills/agentic-workflows/SKILL.mdto reference an additional upstream doc file.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/update-release-notes.lock.yml | Regenerated workflow lock file for the update-release-notes agentic workflow. |
| .github/workflows/test-hard-cap-ai-credits.lock.yml | Regenerated workflow lock file for AI credits hard-cap validation workflow. |
| .github/workflows/test-coverage-reporter.lock.yml | Regenerated workflow lock file for coverage reporter workflow. |
| .github/workflows/test-coverage-improver.lock.yml | Regenerated workflow lock file for coverage improver workflow. |
| .github/workflows/smoke-services.lock.yml | Regenerated smoke workflow lock for services-based smoke test. |
| .github/workflows/smoke-otel-tracing.lock.yml | Regenerated smoke workflow lock for OTEL tracing diagnostics. |
| .github/workflows/smoke-gemini.lock.yml | Regenerated smoke workflow lock for Gemini runner. |
| .github/workflows/smoke-copilot.lock.yml | Regenerated smoke workflow lock for Copilot runner. |
| .github/workflows/smoke-copilot-pat.lock.yml | Regenerated smoke workflow lock for Copilot PAT variant. |
| .github/workflows/smoke-copilot-byok.lock.yml | Regenerated smoke workflow lock for Copilot BYOK variant. |
| .github/workflows/smoke-copilot-byok-aoai-entra.lock.yml | Regenerated smoke workflow lock for Copilot BYOK + AOAI Entra variant. |
| .github/workflows/smoke-copilot-byok-aoai-apikey.lock.yml | Regenerated smoke workflow lock for Copilot BYOK + AOAI API key variant. |
| .github/workflows/smoke-claude.lock.yml | Regenerated smoke workflow lock for Claude runner. |
| .github/workflows/smoke-chroot.lock.yml | Regenerated smoke workflow lock for chroot behavior validation. |
| .github/workflows/self-hosted-runner-doctor.lock.yml | Regenerated workflow lock for self-hosted runner diagnostics. |
| .github/workflows/self-hosted-runner-doctor-updater.lock.yml | Regenerated workflow lock for updating the runner-doctor docs/catalog. |
| .github/workflows/security-review.lock.yml | Regenerated workflow lock for security review agentic workflow. |
| .github/workflows/security-guard.lock.yml | Regenerated workflow lock for security guard enforcement workflow. |
| .github/workflows/refactoring-scanner.lock.yml | Regenerated workflow lock for refactoring scanner workflow. |
| .github/workflows/red-team-benchmark.lock.yml | Regenerated workflow lock for red-team benchmark workflow. |
| .github/workflows/plan.lock.yml | Regenerated workflow lock for planning workflow. |
| .github/workflows/pelis-agent-factory-advisor.lock.yml | Regenerated workflow lock for PELIS agent-factory advisor workflow. |
| .github/workflows/model-api-mapping-updater.lock.yml | Regenerated workflow lock for model API mapping updater workflow. |
| .github/workflows/issue-monster.lock.yml | Regenerated workflow lock for issue-monster workflow. |
| .github/workflows/issue-duplication-detector.lock.yml | Regenerated workflow lock for issue duplication detection workflow. |
| .github/workflows/firewall-issue-dispatcher.lock.yml | Regenerated workflow lock for firewall issue dispatch workflow. |
| .github/workflows/export-audit.lock.yml | Regenerated workflow lock for exporting audit artifacts/workflow output. |
| .github/workflows/duplicate-code-detector.lock.yml | Regenerated workflow lock for duplicate code detection workflow. |
| .github/workflows/doc-maintainer.lock.yml | Regenerated workflow lock for documentation maintenance workflow. |
| .github/workflows/dependency-security-monitor.lock.yml | Regenerated workflow lock for dependency security monitoring workflow. |
| .github/workflows/copilot-token-usage-analyzer.lock.yml | Regenerated workflow lock for Copilot token usage analysis workflow. |
| .github/workflows/copilot-token-optimizer.lock.yml | Regenerated workflow lock for Copilot token optimization workflow. |
| .github/workflows/claude-token-usage-analyzer.lock.yml | Regenerated workflow lock for Claude token usage analysis workflow. |
| .github/workflows/claude-token-optimizer.lock.yml | Regenerated workflow lock for Claude token optimization workflow. |
| .github/workflows/cli-flag-consistency-checker.lock.yml | Regenerated workflow lock for CLI flag consistency checks. |
| .github/workflows/config-consistency-auditor.lock.yml | Regenerated workflow lock for config consistency auditing workflow. |
| .github/workflows/contribution-check.lock.yml | Regenerated workflow lock for contribution checking workflow. |
| .github/workflows/ci-doctor.lock.yml | Regenerated workflow lock for CI doctor workflow. |
| .github/workflows/ci-cd-gaps-assessment.lock.yml | Regenerated workflow lock for CI/CD gaps assessment workflow. |
| .github/workflows/build-test.lock.yml | Regenerated workflow lock for build-test workflow. |
| .github/skills/agentic-workflows/SKILL.md | Updated skill documentation to include an additional upstream reference file. |
Review details
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 46/46 changed files
- Comments generated: 8
- Review effort level: Low
Comment on lines
+218
to
+222
| sparse-checkout: | | ||
| .github | ||
| .agents | ||
| .antigravity | ||
| .claude |
| fi | ||
| # shellcheck disable=SC1003,SC2016,SC2086 | ||
| awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" ${GH_AW_TOOL_CACHE_MOUNT:+--mount "$GH_AW_TOOL_CACHE_MOUNT"} ${GH_AW_DOCKER_HOST:+--docker-host "$GH_AW_DOCKER_HOST"} ${GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS} --env-all --exclude-env COPILOT_GITHUB_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --log-level info --build-local \ | ||
| awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" ${GH_AW_TOOL_CACHE_MOUNT:+--mount "$GH_AW_TOOL_CACHE_MOUNT"} ${GH_AW_DOCKER_HOST:+--docker-host "$GH_AW_DOCKER_HOST"} ${GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS} --env-all --exclude-env COPILOT_GITHUB_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --log-level info --skip-pull \ |
Comment on lines
472
to
+476
| with: | ||
| key: memory-none-nopolicy-${{ env.GH_AW_WORKFLOW_ID_SANITIZED }}-${{ env.CACHE_MEMORY_DATE }}-${{ github.run_id }} | ||
| key: memory-none-nopolicy-${{ env.GH_AW_WORKFLOW_ID_SANITIZED }}-${{ github.run_id }} | ||
| path: /tmp/gh-aw/cache-memory | ||
| restore-keys: | | ||
| memory-none-nopolicy-${{ env.GH_AW_WORKFLOW_ID_SANITIZED }}-${{ env.CACHE_MEMORY_DATE }}- | ||
| memory-none-nopolicy-${{ env.GH_AW_WORKFLOW_ID_SANITIZED }}- |
Comment on lines
1031
to
1033
| concurrency: | ||
| group: "gh-aw-conclusion-issue-duplication-detector-${{ github.event.issue.number || github.run_id }}" | ||
| group: "gh-aw-conclusion-issue-duplication-detector" | ||
| cancel-in-progress: false |
| awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" ${GH_AW_TOOL_CACHE_MOUNT:+--mount "$GH_AW_TOOL_CACHE_MOUNT"} ${GH_AW_DOCKER_HOST:+--docker-host "$GH_AW_DOCKER_HOST"} ${GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS} --env-all --exclude-env COPILOT_GITHUB_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --log-level info --build-local \ | ||
| -- /bin/bash -c 'set +o histexpand; export PATH="${RUNNER_TEMP}/gh-aw/mcp-cli/bin:$PATH" && : "${RUNNER_TOOL_CACHE:?RUNNER_TOOL_CACHE must be set}"; GH_AW_TOOL_CACHE="$RUNNER_TOOL_CACHE"; export PATH="$(find "$GH_AW_TOOL_CACHE" -maxdepth 5 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && GH_AW_NODE_EXEC="${GH_AW_NODE_BIN:-}"; if [ -z "$GH_AW_NODE_EXEC" ] || [ ! -x "$GH_AW_NODE_EXEC" ]; then GH_AW_NODE_EXEC="$(command -v node 2>/dev/null || true)"; fi; if [ -z "$GH_AW_NODE_EXEC" ]; then echo "node runtime missing on this runner — check runtimes.node in workflow YAML" >&2; exit 127; fi; GH_AW_NPM_GLOBAL_ROOT="$(npm root -g 2>/dev/null || true)"; if [ -n "$GH_AW_NPM_GLOBAL_ROOT" ]; then export NODE_PATH="${GH_AW_NPM_GLOBAL_ROOT}${NODE_PATH:+:${NODE_PATH}}"; fi; "$GH_AW_NODE_EXEC" ${RUNNER_TEMP}/gh-aw/actions/copilot_harness.cjs /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --no-ask-user --allow-all-tools --excluded-tools=browser_close,browser_resize,browser_console_messages,browser_handle_dialog,browser_evaluate,browser_file_upload,browser_fill_form,browser_press_key,browser_type,browser_navigate,browser_navigate_back,browser_network_requests,browser_run_code,browser_take_screenshot,browser_snapshot,browser_click,browser_drag,browser_hover,browser_select_option,browser_tabs,browser_wait_for --allow-all-paths --add-dir "${GITHUB_WORKSPACE}" --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log | ||
| awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" ${GH_AW_TOOL_CACHE_MOUNT:+--mount "$GH_AW_TOOL_CACHE_MOUNT"} ${GH_AW_DOCKER_HOST:+--docker-host "$GH_AW_DOCKER_HOST"} ${GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS} --env-all --exclude-env COPILOT_GITHUB_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --log-level info --skip-pull \ | ||
| -- /bin/bash -c 'set +o histexpand; export PATH="${RUNNER_TEMP}/gh-aw/mcp-cli/bin:$PATH" && : "${RUNNER_TOOL_CACHE:?RUNNER_TOOL_CACHE must be set}"; GH_AW_TOOL_CACHE="$RUNNER_TOOL_CACHE"; export PATH="$(find "$GH_AW_TOOL_CACHE" -maxdepth 5 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && GH_AW_NODE_EXEC="${GH_AW_NODE_BIN:-}"; if [ -z "$GH_AW_NODE_EXEC" ] || [ ! -x "$GH_AW_NODE_EXEC" ]; then GH_AW_NODE_EXEC="$(command -v node 2>/dev/null || true)"; fi; if [ -z "$GH_AW_NODE_EXEC" ]; then echo "node runtime missing on this runner — check runtimes.node in workflow YAML" >&2; exit 127; fi; GH_AW_NPM_GLOBAL_ROOT="$(npm root -g 2>/dev/null || true)"; if [ -n "$GH_AW_NPM_GLOBAL_ROOT" ]; then export NODE_PATH="${GH_AW_NPM_GLOBAL_ROOT}${NODE_PATH:+:${NODE_PATH}}"; fi; "$GH_AW_NODE_EXEC" ${RUNNER_TEMP}/gh-aw/actions/copilot_harness.cjs /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --no-ask-user --allow-all-tools --allow-all-paths --add-dir "${GITHUB_WORKSPACE}" --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log |
Comment on lines
+1117
to
+1121
| if [ -f /tmp/gh-aw/sandbox/firewall/logs/api-proxy/otel.jsonl ]; then | ||
| echo "OTEL spans exported:" | ||
| wc -l /tmp/gh-aw/sandbox/firewall/logs/api-proxy-logs/otel.jsonl | ||
| wc -l /tmp/gh-aw/sandbox/firewall/logs/api-proxy/otel.jsonl | ||
| echo "Sample spans:" | ||
| head -5 /tmp/gh-aw/sandbox/firewall/logs/api-proxy-logs/otel.jsonl | ||
| head -5 /tmp/gh-aw/sandbox/firewall/logs/api-proxy/otel.jsonl |
| COPILOT_DUMMY_BYOK: dummy-byok-key-for-offline-mode | ||
| COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} | ||
| COPILOT_MODEL: ${{ env.COPILOT_MODEL }} | ||
| COPILOT_MODEL: ${{ vars.GH_AW_MODEL_AGENT_COPILOT || vars.GH_AW_DEFAULT_MODEL_COPILOT || 'claude-sonnet-4.6' }} |
Comment on lines
+1125
to
+1128
| if [ -f /tmp/gh-aw/sandbox/firewall/logs/api-proxy/token-usage.jsonl ]; then | ||
| echo "" | ||
| echo "Token usage records (existing tracking):" | ||
| wc -l /tmp/gh-aw/sandbox/firewall/logs/api-proxy-logs/token-usage.jsonl | ||
| wc -l /tmp/gh-aw/sandbox/firewall/logs/api-proxy/token-usage.jsonl |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Upgrades the
gh-awextension to the latest pre-release (v0.82.2) and recompiles all agentic workflows.Changes
gh aw upgrade --pre-releasesto update the extension and apply codemodsgh aw compileto regenerate all 47 lock filesnpx ts-node scripts/ci/postprocess-smoke-workflows.ts) to patch smoke/build-test workflows for local builds.github/skills/agentic-workflows/SKILL.mdwith new reference fileVerification
npm test)