From efb040960ff9e7a47486f56e550d90465de305ed Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 25 Jun 2026 05:38:17 +0000
Subject: [PATCH 1/2] Initial plan
From 489031bab3c74376270bc9cd82187567e90415f5 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 25 Jun 2026 06:02:15 +0000
Subject: [PATCH 2/2] refactor workflows to use shared daily-issue-base import
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
.../agentic-token-trend-audit.lock.yml | 36 +++++++++++-------
.../workflows/agentic-token-trend-audit.md | 12 +++---
.../workflows/architecture-guardian.lock.yml | 8 ++--
.../breaking-change-checker.lock.yml | 8 ++--
.../cli-consistency-checker.lock.yml | 31 ++++++++-------
.github/workflows/cli-consistency-checker.md | 12 +++---
.../workflows/cli-version-checker.lock.yml | 21 +++++-----
.github/workflows/cli-version-checker.md | 12 +++---
.../copilot-centralization-drilldown.lock.yml | 34 ++++++++++-------
.../copilot-centralization-drilldown.md | 10 +++--
.../copilot-centralization-optimizer.lock.yml | 26 ++++++++-----
.../copilot-centralization-optimizer.md | 12 +++---
.github/workflows/copilot-opt.lock.yml | 29 +++++++-------
.github/workflows/copilot-opt.md | 11 +++---
.../daily-agentrx-trace-optimizer.lock.yml | 21 +++++-----
.../daily-agentrx-trace-optimizer.md | 13 ++++---
.../daily-ambient-context-optimizer.lock.yml | 23 ++++++-----
.../daily-ambient-context-optimizer.md | 13 ++++---
.../daily-architecture-diagram.lock.yml | 25 ++++++------
.../workflows/daily-architecture-diagram.md | 13 ++++---
...daily-aw-cross-repo-compile-check.lock.yml | 21 +++++-----
.../daily-aw-cross-repo-compile-check.md | 13 ++++---
...daily-awf-spec-compiler-surfacing.lock.yml | 23 ++++++-----
.../daily-awf-spec-compiler-surfacing.md | 14 +++----
.../workflows/daily-cli-tools-tester.lock.yml | 29 +++++++-------
.github/workflows/daily-cli-tools-tester.md | 11 +++---
.github/workflows/daily-doc-healer.lock.yml | 33 ++++++++--------
.github/workflows/daily-doc-healer.md | 24 ++++++------
.github/workflows/daily-file-diet.lock.yml | 8 ++--
.../daily-formal-spec-verifier.lock.yml | 8 ++--
.../workflows/daily-function-namer.lock.yml | 21 +++++-----
.github/workflows/daily-function-namer.md | 15 ++++----
.../daily-mcp-concurrency-analysis.lock.yml | 29 +++++++-------
.../daily-mcp-concurrency-analysis.md | 38 +++++++++----------
.../workflows/daily-model-inventory.lock.yml | 23 ++++++-----
.github/workflows/daily-model-inventory.md | 15 ++++----
.../workflows/daily-model-resolution.lock.yml | 33 +++++++++-------
.github/workflows/daily-model-resolution.md | 12 +++---
.../daily-reliability-review.lock.yml | 2 +-
.github/workflows/daily-reliability-review.md | 8 +---
.../daily-safe-output-optimizer.lock.yml | 11 +++---
.../workflows/daily-safe-output-optimizer.md | 14 +++----
.../daily-safe-outputs-conformance.lock.yml | 21 +++++-----
.../daily-safe-outputs-conformance.md | 14 +++----
.../daily-security-red-team.lock.yml | 29 +++++++-------
.github/workflows/daily-security-red-team.md | 10 ++---
.../workflows/daily-skill-optimizer.lock.yml | 31 ++++++++-------
.github/workflows/daily-skill-optimizer.md | 13 +++----
.../daily-spdd-spec-planner.lock.yml | 8 ++--
.../daily-syntax-error-quality.lock.yml | 21 +++++-----
.../workflows/daily-syntax-error-quality.md | 13 ++++---
.../daily-testify-uber-super-expert.lock.yml | 8 ++--
.../daily-token-consumption-report.lock.yml | 21 +++++-----
.../daily-token-consumption-report.md | 13 ++++---
...dows-terminal-integration-builder.lock.yml | 34 ++++++++++-------
...ly-windows-terminal-integration-builder.md | 8 ++--
.../deployment-incident-monitor.lock.yml | 21 +++++-----
.../workflows/deployment-incident-monitor.md | 11 +++---
.../workflows/designer-drift-audit.lock.yml | 26 ++++++++-----
.github/workflows/designer-drift-audit.md | 13 ++++---
.github/workflows/dev.lock.yml | 31 ++++++++-------
.github/workflows/dev.md | 9 ++---
.github/workflows/go-fan.lock.yml | 8 ++--
.../workflows/go-pattern-detector.lock.yml | 29 +++++++-------
.github/workflows/go-pattern-detector.md | 14 +++----
.github/workflows/gpclean.lock.yml | 29 +++++++-------
.github/workflows/gpclean.md | 14 +++----
.github/workflows/lint-monster.lock.yml | 31 ++++++++-------
.github/workflows/lint-monster.md | 11 +++---
.../objective-impact-report.lock.yml | 36 +++++++++++-------
.github/workflows/objective-impact-report.md | 8 ++--
.../workflows/refactoring-cadence.lock.yml | 8 ++--
.../semantic-function-refactor.lock.yml | 31 ++++++++-------
.../workflows/semantic-function-refactor.md | 13 +++----
.github/workflows/shared/daily-issue-base.md | 13 ++++++-
.github/workflows/spec-librarian.lock.yml | 2 +-
.github/workflows/spec-librarian.md | 12 +-----
.../workflows/static-analysis-report.lock.yml | 21 +++++-----
.github/workflows/static-analysis-report.md | 13 ++++---
.../workflows/step-name-alignment.lock.yml | 31 ++++++++-------
.github/workflows/step-name-alignment.md | 15 +++-----
.github/workflows/super-linter.lock.yml | 29 +++++++-------
.github/workflows/super-linter.md | 10 ++---
.github/workflows/video-analyzer.lock.yml | 31 ++++++++-------
.github/workflows/video-analyzer.md | 14 +++----
.../workflows/workflow-normalizer.lock.yml | 29 +++++++-------
.github/workflows/workflow-normalizer.md | 12 +++---
87 files changed, 875 insertions(+), 719 deletions(-)
diff --git a/.github/workflows/agentic-token-trend-audit.lock.yml b/.github/workflows/agentic-token-trend-audit.lock.yml
index 96fc3ed62d6..997a3188b7f 100644
--- a/.github/workflows/agentic-token-trend-audit.lock.yml
+++ b/.github/workflows/agentic-token-trend-audit.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a4a3460a54f8d8fb79c600bda9b33c07e54dd6ac483cb9c8aa2dd7822e905162","body_hash":"c8777f131276a77cc15071e02c574da3ff42adb02a9632094e5623645339e245","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"965d0a1258a130473cb52ac9d2415d124d6ad6318540c50dabbe4909bdbda482","body_hash":"c8777f131276a77cc15071e02c574da3ff42adb02a9632094e5623645339e245","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/setup-python","sha":"a309ff8b426b58ec0e2a45f0f869d46889d02405","version":"v6.2.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -25,6 +25,12 @@
#
# On-demand AIC audit for a user-specified date range
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/activation-app.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -262,22 +268,22 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_285437cbf8d8e627_EOF'
+ cat << 'GH_AW_PROMPT_c1666cbe5ab91efb_EOF'
- GH_AW_PROMPT_285437cbf8d8e627_EOF
+ GH_AW_PROMPT_c1666cbe5ab91efb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_285437cbf8d8e627_EOF'
+ cat << 'GH_AW_PROMPT_c1666cbe5ab91efb_EOF'
Tools: create_issue, upload_asset(max:5), missing_tool, missing_data, noop
upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
- GH_AW_PROMPT_285437cbf8d8e627_EOF
+ GH_AW_PROMPT_c1666cbe5ab91efb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_285437cbf8d8e627_EOF'
+ cat << 'GH_AW_PROMPT_c1666cbe5ab91efb_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -306,12 +312,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_285437cbf8d8e627_EOF
+ GH_AW_PROMPT_c1666cbe5ab91efb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_285437cbf8d8e627_EOF'
+ cat << 'GH_AW_PROMPT_c1666cbe5ab91efb_EOF'
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/agentic-token-trend-audit.md}}
- GH_AW_PROMPT_285437cbf8d8e627_EOF
+ GH_AW_PROMPT_c1666cbe5ab91efb_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -620,15 +628,15 @@ jobs:
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs/assets"
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_10d950f14862a53d_EOF'
- {"create_issue":{"close_older_issues":true,"expires":72,"max":1,"title_prefix":"[agentic-token-trend-audit] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg",".svg"],"branch":"assets/${GITHUB_WORKFLOW}","max":5,"max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_10d950f14862a53d_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e23f068335d5d699_EOF'
+ {"create_issue":{"close_older_issues":true,"expires":72,"labels":["automated-analysis","cookie"],"max":1,"title_prefix":"[agentic-token-trend-audit] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg",".svg"],"branch":"assets/${GITHUB_WORKFLOW}","max":5,"max-size":10240}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_e23f068335d5d699_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
{
"description_suffixes": {
- "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[agentic-token-trend-audit] \".",
+ "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[agentic-token-trend-audit] \". Labels [\"automated-analysis\" \"cookie\"] will be automatically added.",
"upload_asset": " CONSTRAINTS: Maximum 5 asset(s) can be uploaded. Maximum file size: 10240KB. Allowed file extensions: [.png .jpg .jpeg .svg]."
},
"repo_params": {},
@@ -1754,7 +1762,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.pythonhosted.org,anaconda.org,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.npmjs.org,repo.anaconda.com,repo.continuum.io,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":true,\"expires\":72,\"max\":1,\"title_prefix\":\"[agentic-token-trend-audit] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{},\"upload_asset\":{\"allowed-exts\":[\".png\",\".jpg\",\".jpeg\",\".svg\"],\"branch\":\"assets/${{ github.workflow }}\",\"max\":5,\"max-size\":10240}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":true,\"expires\":72,\"labels\":[\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[agentic-token-trend-audit] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{},\"upload_asset\":{\"allowed-exts\":[\".png\",\".jpg\",\".jpeg\",\".svg\"],\"branch\":\"assets/${{ github.workflow }}\",\"max\":5,\"max-size\":10240}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/agentic-token-trend-audit.md b/.github/workflows/agentic-token-trend-audit.md
index 20503d2badf..504e81a344d 100644
--- a/.github/workflows/agentic-token-trend-audit.md
+++ b/.github/workflows/agentic-token-trend-audit.md
@@ -20,14 +20,16 @@ network:
- python
tracker-id: agentic-token-trend-audit
safe-outputs:
- create-issue:
- expires: 3d
- title-prefix: "[agentic-token-trend-audit] "
- max: 1
- close-older-issues: true
upload-asset:
max: 5
allowed-exts: [.png, .jpg, .jpeg, .svg]
+imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[agentic-token-trend-audit] "
+ expires: 3d
+ max: 1
+ close-older-issues: true
tools:
agentic-workflows:
bash:
diff --git a/.github/workflows/architecture-guardian.lock.yml b/.github/workflows/architecture-guardian.lock.yml
index 33b68257c1a..aa004cab8b4 100644
--- a/.github/workflows/architecture-guardian.lock.yml
+++ b/.github/workflows/architecture-guardian.lock.yml
@@ -603,9 +603,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_c1c5256a5d7e7db7_EOF'
- {"create_issue":{"assignees":["copilot"],"expires":48,"labels":["architecture","automated-analysis","cookie"],"max":1,"title_prefix":"[architecture-guardian] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_c1c5256a5d7e7db7_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_65931286bfcf68fc_EOF'
+ {"create_issue":{"assignees":["copilot"],"close_older_issues":false,"expires":48,"labels":["architecture","automated-analysis","cookie"],"max":1,"title_prefix":"[architecture-guardian] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_65931286bfcf68fc_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1844,7 +1844,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"assignees\":[\"copilot\"],\"expires\":48,\"labels\":[\"architecture\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[architecture-guardian] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"assignees\":[\"copilot\"],\"close_older_issues\":false,\"expires\":48,\"labels\":[\"architecture\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[architecture-guardian] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
GH_AW_ASSIGN_COPILOT: "true"
GH_AW_ASSIGN_TO_AGENT_TOKEN: ${{ secrets.GH_AW_AGENT_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
with:
diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml
index 85cdd328dc1..d91675e3a1d 100644
--- a/.github/workflows/breaking-change-checker.lock.yml
+++ b/.github/workflows/breaking-change-checker.lock.yml
@@ -553,9 +553,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8fcbca199339b787_EOF'
- {"create_issue":{"assignees":["copilot"],"expires":48,"labels":["breaking-change","automated-analysis","cookie"],"max":1,"title_prefix":"[breaking-change] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_8fcbca199339b787_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8279019658ddcbd6_EOF'
+ {"create_issue":{"assignees":["copilot"],"close_older_issues":false,"expires":48,"labels":["breaking-change","automated-analysis","cookie"],"max":1,"title_prefix":"[breaking-change] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_8279019658ddcbd6_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1713,7 +1713,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"assignees\":[\"copilot\"],\"expires\":48,\"labels\":[\"breaking-change\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[breaking-change] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"assignees\":[\"copilot\"],\"close_older_issues\":false,\"expires\":48,\"labels\":[\"breaking-change\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[breaking-change] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
GH_AW_ASSIGN_COPILOT: "true"
GH_AW_ASSIGN_TO_AGENT_TOKEN: ${{ secrets.GH_AW_AGENT_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
with:
diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml
index c06f3a9499d..a7864b2fa59 100644
--- a/.github/workflows/cli-consistency-checker.lock.yml
+++ b/.github/workflows/cli-consistency-checker.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"2bd45ce3643b72afb722f210085debf7159ecd1e6c6dd4ba46a3cfc346e33a6d","body_hash":"7dffaccc220d0683ba824da083718291df180639960bc5dc613115c3d2731965","agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"e7b04923841ea09a322340dfd15520c18e406c0c75d72b977ac2698e2480cf28","body_hash":"7dffaccc220d0683ba824da083718291df180639960bc5dc613115c3d2731965","agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,7 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -266,20 +269,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_d4e938165d1ccc7e_EOF'
+ cat << 'GH_AW_PROMPT_32c906384e6c1640_EOF'
- GH_AW_PROMPT_d4e938165d1ccc7e_EOF
+ GH_AW_PROMPT_32c906384e6c1640_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_d4e938165d1ccc7e_EOF'
+ cat << 'GH_AW_PROMPT_32c906384e6c1640_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_d4e938165d1ccc7e_EOF
+ GH_AW_PROMPT_32c906384e6c1640_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_d4e938165d1ccc7e_EOF'
+ cat << 'GH_AW_PROMPT_32c906384e6c1640_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -308,14 +311,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_d4e938165d1ccc7e_EOF
+ GH_AW_PROMPT_32c906384e6c1640_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_d4e938165d1ccc7e_EOF'
+ cat << 'GH_AW_PROMPT_32c906384e6c1640_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/cli-consistency-checker.md}}
- GH_AW_PROMPT_d4e938165d1ccc7e_EOF
+ GH_AW_PROMPT_32c906384e6c1640_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -544,9 +549,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_5eca5816279a06dc_EOF'
- {"create_issue":{"expires":48,"labels":["automation","cli","documentation","cookie"],"max":1,"title_prefix":"[cli-consistency] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_5eca5816279a06dc_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_b79601252ca1fb7d_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["automation","cli","documentation","cookie"],"max":1,"title_prefix":"[cli-consistency] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_b79601252ca1fb7d_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1617,7 +1622,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":48,\"labels\":[\"automation\",\"cli\",\"documentation\",\"cookie\"],\"max\":1,\"title_prefix\":\"[cli-consistency] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"automation\",\"cli\",\"documentation\",\"cookie\"],\"max\":1,\"title_prefix\":\"[cli-consistency] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/cli-consistency-checker.md b/.github/workflows/cli-consistency-checker.md
index 21c9ae327fe..255e7b01f50 100644
--- a/.github/workflows/cli-consistency-checker.md
+++ b/.github/workflows/cli-consistency-checker.md
@@ -19,6 +19,12 @@ strict: false
network:
allowed: [defaults]
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[cli-consistency] "
+ expires: 2d
+ labels: [automation, cli, documentation, cookie]
+ max: 1
- shared/otlp.md
tools:
bash:
@@ -64,12 +70,6 @@ pre-agent-steps:
fi
cat "${help_files[@]}" > /tmp/gh-aw/agent/all-help.txt
wc -l /tmp/gh-aw/agent/all-help.txt | awk '{print "Pre-collected help lines:", $1}'
-safe-outputs:
- create-issue:
- expires: 2d
- title-prefix: "[cli-consistency] "
- labels: [automation, cli, documentation, cookie]
- max: 1
timeout-minutes: 20
features:
gh-aw-detection: true
diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml
index d6fba71b22f..214766f4cc9 100644
--- a/.github/workflows/cli-version-checker.lock.yml
+++ b/.github/workflows/cli-version-checker.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"e9ab102c193fabd1b6f9e69a54a2949bee994fdf693a58776989ba8c70445d08","body_hash":"d1eeab57d0fc633fd00356fcfd5ec8579c2e2a75fbd3920cecbb3fe64b980d89","agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"7bf20f87d4e86531dbc9ad698a841e369702554f715e33976c1ef5e95e8d17d4","body_hash":"d1eeab57d0fc633fd00356fcfd5ec8579c2e2a75fbd3920cecbb3fe64b980d89","agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -28,8 +28,10 @@
# Resolved workflow manifest:
# Imports:
# - ../skills/jqschema/SKILL.md
+# - shared/activation-app.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -276,21 +278,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_90daa5d8a01a274c_EOF'
+ cat << 'GH_AW_PROMPT_5eed77a22183067d_EOF'
- GH_AW_PROMPT_90daa5d8a01a274c_EOF
+ GH_AW_PROMPT_5eed77a22183067d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_90daa5d8a01a274c_EOF'
+ cat << 'GH_AW_PROMPT_5eed77a22183067d_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_90daa5d8a01a274c_EOF
+ GH_AW_PROMPT_5eed77a22183067d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_90daa5d8a01a274c_EOF'
+ cat << 'GH_AW_PROMPT_5eed77a22183067d_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -319,16 +321,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_90daa5d8a01a274c_EOF
+ GH_AW_PROMPT_5eed77a22183067d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_90daa5d8a01a274c_EOF'
+ cat << 'GH_AW_PROMPT_5eed77a22183067d_EOF'
{{#runtime-import .github/skills/jqschema/SKILL.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/cli-version-checker.md}}
- GH_AW_PROMPT_90daa5d8a01a274c_EOF
+ GH_AW_PROMPT_5eed77a22183067d_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/cli-version-checker.md b/.github/workflows/cli-version-checker.md
index 3ebbd9617c3..6b7c734c609 100644
--- a/.github/workflows/cli-version-checker.md
+++ b/.github/workflows/cli-version-checker.md
@@ -15,6 +15,12 @@ engine: claude
network:
allowed: [defaults, node, go, "api.github.com", "ghcr.io"]
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[ca] "
+ expires: 2d
+ labels: [automation, dependencies, cookie]
+ close-older-issues: true
- ../skills/jqschema/SKILL.md
- shared/reporting.md
- shared/otlp.md
@@ -25,12 +31,6 @@ tools:
bash:
- "*"
edit:
-safe-outputs:
- create-issue:
- expires: 2d
- title-prefix: "[ca] "
- labels: [automation, dependencies, cookie]
- close-older-issues: true
timeout-minutes: 45
features:
gh-aw-detection: true
diff --git a/.github/workflows/copilot-centralization-drilldown.lock.yml b/.github/workflows/copilot-centralization-drilldown.lock.yml
index 44af5921189..b90ac756ab4 100644
--- a/.github/workflows/copilot-centralization-drilldown.lock.yml
+++ b/.github/workflows/copilot-centralization-drilldown.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"44e2dd3a5a056833c63c212f7f0353c823e1d85c9daae9bb9c1b4dd2643718b3","body_hash":"6c0aa1a1c9c7a0b09676caa04ea0540b0578c6ec58f43cb0214f69340ddf7522","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a3ba7056f586876056287eebed68205dcec9d243898d8934589fb395cc75a4e8","body_hash":"6c0aa1a1c9c7a0b09676caa04ea0540b0578c6ec58f43cb0214f69340ddf7522","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -25,6 +25,12 @@
#
# Expands one mined centralization candidate into a concrete draft workflow or reusable prompt template.
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/activation-app.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
+#
# Secrets used:
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
# - GH_AW_GITHUB_TOKEN
@@ -265,20 +271,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_f7b08684840fa497_EOF'
+ cat << 'GH_AW_PROMPT_45cfd5aceb72fae5_EOF'
- GH_AW_PROMPT_f7b08684840fa497_EOF
+ GH_AW_PROMPT_45cfd5aceb72fae5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f7b08684840fa497_EOF'
+ cat << 'GH_AW_PROMPT_45cfd5aceb72fae5_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_f7b08684840fa497_EOF
+ GH_AW_PROMPT_45cfd5aceb72fae5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_f7b08684840fa497_EOF'
+ cat << 'GH_AW_PROMPT_45cfd5aceb72fae5_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -307,12 +313,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f7b08684840fa497_EOF
+ GH_AW_PROMPT_45cfd5aceb72fae5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_f7b08684840fa497_EOF'
+ cat << 'GH_AW_PROMPT_45cfd5aceb72fae5_EOF'
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/copilot-centralization-drilldown.md}}
- GH_AW_PROMPT_f7b08684840fa497_EOF
+ GH_AW_PROMPT_45cfd5aceb72fae5_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -536,9 +544,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_c7c4363956785f69_EOF'
- {"create_issue":{"expires":720,"labels":["report","ai-optimization","workflow-design"],"max":1,"title_prefix":"[copilot-centralization-draft] "},"create_report_incomplete_issue":{},"max_bot_mentions":1,"mentions":{"enabled":false},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_c7c4363956785f69_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_29f15ec557b1c266_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":720,"labels":["report","ai-optimization","workflow-design"],"max":1,"title_prefix":"[copilot-centralization-draft] "},"create_report_incomplete_issue":{},"max_bot_mentions":1,"mentions":{"enabled":false},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_29f15ec557b1c266_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1622,7 +1630,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":720,\"labels\":[\"report\",\"ai-optimization\",\"workflow-design\"],\"max\":1,\"title_prefix\":\"[copilot-centralization-draft] \"},\"create_report_incomplete_issue\":{},\"mentions\":{\"enabled\":false},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":720,\"labels\":[\"report\",\"ai-optimization\",\"workflow-design\"],\"max\":1,\"title_prefix\":\"[copilot-centralization-draft] \"},\"create_report_incomplete_issue\":{},\"mentions\":{\"enabled\":false},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/copilot-centralization-drilldown.md b/.github/workflows/copilot-centralization-drilldown.md
index a87d653f12d..e2d01a91bc9 100644
--- a/.github/workflows/copilot-centralization-drilldown.md
+++ b/.github/workflows/copilot-centralization-drilldown.md
@@ -35,10 +35,12 @@ safe-outputs:
mentions: false
allowed-github-references: []
max-bot-mentions: 1
- create-issue:
- title-prefix: "[copilot-centralization-draft] "
- labels: [report, ai-optimization, workflow-design]
- expires: 30d
+imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[copilot-centralization-draft] "
+ expires: 30d
+ labels: [report, ai-optimization, workflow-design]
steps:
- name: Normalize candidate input
env:
diff --git a/.github/workflows/copilot-centralization-optimizer.lock.yml b/.github/workflows/copilot-centralization-optimizer.lock.yml
index ee745a76c78..2129eb85b84 100644
--- a/.github/workflows/copilot-centralization-optimizer.lock.yml
+++ b/.github/workflows/copilot-centralization-optimizer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"5abbb71c8183c2b6bcaa82298d561a780aa4c44e355a65263458cba3bc44120a","body_hash":"b0275c42aea96f7ac0d7f4819dabe9cb5fdb3829bb179743f5efa6d105871520","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"37a83baec0f609d5efb1cb0a2fc8afb147cb0309e773a5faf500e4bbeb24be84","body_hash":"b0275c42aea96f7ac0d7f4819dabe9cb5fdb3829bb179743f5efa6d105871520","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -25,6 +25,12 @@
#
# Finds repeated cross-user prompt patterns that should become centralized workflows, tools, deterministic steps, shared prompts, or other automations.
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/activation-app.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -251,21 +257,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_185b9582e53f12c3_EOF'
+ cat << 'GH_AW_PROMPT_6c466389d57ffde5_EOF'
- GH_AW_PROMPT_185b9582e53f12c3_EOF
+ GH_AW_PROMPT_6c466389d57ffde5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_185b9582e53f12c3_EOF'
+ cat << 'GH_AW_PROMPT_6c466389d57ffde5_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_185b9582e53f12c3_EOF
+ GH_AW_PROMPT_6c466389d57ffde5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_185b9582e53f12c3_EOF'
+ cat << 'GH_AW_PROMPT_6c466389d57ffde5_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -294,12 +300,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_185b9582e53f12c3_EOF
+ GH_AW_PROMPT_6c466389d57ffde5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_185b9582e53f12c3_EOF'
+ cat << 'GH_AW_PROMPT_6c466389d57ffde5_EOF'
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/copilot-centralization-optimizer.md}}
- GH_AW_PROMPT_185b9582e53f12c3_EOF
+ GH_AW_PROMPT_6c466389d57ffde5_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/copilot-centralization-optimizer.md b/.github/workflows/copilot-centralization-optimizer.md
index 225d68e5c08..2d89276873c 100644
--- a/.github/workflows/copilot-centralization-optimizer.md
+++ b/.github/workflows/copilot-centralization-optimizer.md
@@ -8,6 +8,13 @@ on:
permissions:
contents: read
copilot-requests: write
+imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[copilot-centralization] "
+ expires: 30d
+ labels: [report, ai-optimization]
+ close-older-issues: true
tools:
repo-memory:
branch-name: memory/copilot-centralization-optimizer
@@ -20,11 +27,6 @@ safe-outputs:
mentions: false
allowed-github-references: []
max-bot-mentions: 1
- create-issue:
- title-prefix: "[copilot-centralization] "
- labels: [report, ai-optimization]
- close-older-issues: true
- expires: 30d
steps:
- name: Collect agent task data
env:
diff --git a/.github/workflows/copilot-opt.lock.yml b/.github/workflows/copilot-opt.lock.yml
index 68fb0d943d5..f443b0cd6ba 100644
--- a/.github/workflows/copilot-opt.lock.yml
+++ b/.github/workflows/copilot-opt.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"ef85bbd8c3865ee49b5219916b04cd457203955c9876d2045dfe6d391d84dc34","body_hash":"05facdab6591a260452f132f0773c334d603e672cbb7afcb4f8d0f4ab93586c6","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"31aa46cf71795fdfc066a715ce10fc0dce3916b6f7dc6499f45159ff457718ec","body_hash":"05facdab6591a260452f132f0773c334d603e672cbb7afcb4f8d0f4ab93586c6","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -28,10 +28,12 @@
# Resolved workflow manifest:
# Imports:
# - ../skills/jqschema/SKILL.md
+# - shared/activation-app.md
# - shared/copilot-pr-data-fetch.md
# - shared/copilot-session-data-fetch.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -278,21 +280,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_8323799dad0cf3e0_EOF'
+ cat << 'GH_AW_PROMPT_b0797f7de31e9459_EOF'
- GH_AW_PROMPT_8323799dad0cf3e0_EOF
+ GH_AW_PROMPT_b0797f7de31e9459_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_8323799dad0cf3e0_EOF'
+ cat << 'GH_AW_PROMPT_b0797f7de31e9459_EOF'
Tools: create_issue(max:3), missing_tool, missing_data, noop
- GH_AW_PROMPT_8323799dad0cf3e0_EOF
+ GH_AW_PROMPT_b0797f7de31e9459_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_8323799dad0cf3e0_EOF'
+ cat << 'GH_AW_PROMPT_b0797f7de31e9459_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -321,18 +323,19 @@ jobs:
{{/if}}
- GH_AW_PROMPT_8323799dad0cf3e0_EOF
+ GH_AW_PROMPT_b0797f7de31e9459_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_8323799dad0cf3e0_EOF'
+ cat << 'GH_AW_PROMPT_b0797f7de31e9459_EOF'
{{#runtime-import .github/skills/jqschema/SKILL.md}}
{{#runtime-import .github/workflows/shared/copilot-session-data-fetch.md}}
{{#runtime-import .github/workflows/shared/copilot-pr-data-fetch.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/copilot-opt.md}}
- GH_AW_PROMPT_8323799dad0cf3e0_EOF
+ GH_AW_PROMPT_b0797f7de31e9459_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -596,9 +599,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_38fd4b1abe1a705c_EOF'
- {"create_issue":{"close_older_issues":true,"labels":["copilot-opt","optimization","cookie"],"max":3,"title_prefix":"[copilot-opt] "},"create_report_incomplete_issue":{},"mentions":{"enabled":false},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_38fd4b1abe1a705c_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_c4925170a579d802_EOF'
+ {"create_issue":{"close_older_issues":true,"expires":48,"labels":["copilot-opt","optimization","cookie"],"max":3,"title_prefix":"[copilot-opt] "},"create_report_incomplete_issue":{},"mentions":{"enabled":false},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_c4925170a579d802_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1718,7 +1721,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,docs.github.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":true,\"labels\":[\"copilot-opt\",\"optimization\",\"cookie\"],\"max\":3,\"title_prefix\":\"[copilot-opt] \"},\"create_report_incomplete_issue\":{},\"mentions\":{\"enabled\":false},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":true,\"expires\":48,\"labels\":[\"copilot-opt\",\"optimization\",\"cookie\"],\"max\":3,\"title_prefix\":\"[copilot-opt] \"},\"create_report_incomplete_issue\":{},\"mentions\":{\"enabled\":false},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/copilot-opt.md b/.github/workflows/copilot-opt.md
index 9bf52ed1891..43dbee82fb1 100644
--- a/.github/workflows/copilot-opt.md
+++ b/.github/workflows/copilot-opt.md
@@ -37,12 +37,13 @@ tools:
safe-outputs:
mentions: false
allowed-github-references: []
- create-issue:
- max: 3
- labels: [copilot-opt, optimization, cookie]
- title-prefix: "[copilot-opt] "
- close-older-issues: true
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[copilot-opt] "
+ labels: [copilot-opt, optimization, cookie]
+ max: 3
+ close-older-issues: true
- ../skills/jqschema/SKILL.md
- shared/copilot-session-data-fetch.md
- shared/copilot-pr-data-fetch.md
diff --git a/.github/workflows/daily-agentrx-trace-optimizer.lock.yml b/.github/workflows/daily-agentrx-trace-optimizer.lock.yml
index f1b91636d08..1f4c37e1a1a 100644
--- a/.github/workflows/daily-agentrx-trace-optimizer.lock.yml
+++ b/.github/workflows/daily-agentrx-trace-optimizer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"66863d7f677baa862ea6f1dde7066bc00ec14590c0aecac4d94ffabd8422cecc","body_hash":"e24b96a563202135dbb6b48eefab235ae613fef6349ba4c52f2bea7ba0df8986","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"f517ee4b47dea5cee775b611979486435d75be4c20ab49c95a3c199d68f71e2c","body_hash":"e24b96a563202135dbb6b48eefab235ae613fef6349ba4c52f2bea7ba0df8986","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,10 +27,12 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -317,20 +319,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_e97429333bc2354e_EOF'
+ cat << 'GH_AW_PROMPT_f39b091ac6235a91_EOF'
- GH_AW_PROMPT_e97429333bc2354e_EOF
+ GH_AW_PROMPT_f39b091ac6235a91_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_e97429333bc2354e_EOF'
+ cat << 'GH_AW_PROMPT_f39b091ac6235a91_EOF'
Tools: create_issue, create_discussion, missing_tool, missing_data, noop
- GH_AW_PROMPT_e97429333bc2354e_EOF
+ GH_AW_PROMPT_f39b091ac6235a91_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_e97429333bc2354e_EOF'
+ cat << 'GH_AW_PROMPT_f39b091ac6235a91_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -359,15 +361,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_e97429333bc2354e_EOF
+ GH_AW_PROMPT_f39b091ac6235a91_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_e97429333bc2354e_EOF'
+ cat << 'GH_AW_PROMPT_f39b091ac6235a91_EOF'
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/daily-agentrx-trace-optimizer.md}}
- GH_AW_PROMPT_e97429333bc2354e_EOF
+ GH_AW_PROMPT_f39b091ac6235a91_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-agentrx-trace-optimizer.md b/.github/workflows/daily-agentrx-trace-optimizer.md
index 5bf9805c4e6..eefd4b4fc2e 100644
--- a/.github/workflows/daily-agentrx-trace-optimizer.md
+++ b/.github/workflows/daily-agentrx-trace-optimizer.md
@@ -36,14 +36,15 @@ tools:
safe-outputs:
mentions: false
allowed-github-references: []
- create-issue:
- title-prefix: "[agentrx-optimizer] "
- labels: [automation, observability, optimization, traces]
- close-older-issues: true
- expires: 7d
- max: 1
timeout-minutes: 45
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[agentrx-optimizer] "
+ expires: 7d
+ labels: [automation, observability, optimization, traces]
+ max: 1
+ close-older-issues: true
- uses: shared/daily-audit-base.md
with:
title-prefix: "[agentrx-optimizer] "
diff --git a/.github/workflows/daily-ambient-context-optimizer.lock.yml b/.github/workflows/daily-ambient-context-optimizer.lock.yml
index 3725c3dc17b..8e11f5d1849 100644
--- a/.github/workflows/daily-ambient-context-optimizer.lock.yml
+++ b/.github/workflows/daily-ambient-context-optimizer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"61a9653dcc34f01754132b7a8dca7e1dfa80174180f83a64fb57960e578729f9","body_hash":"82033ad4388b95c850b2b7919777a645dcf89bf2595037523b33fdad1a567a09","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"bbde9f9a2d92c7862c0b26bf8bce3d4704a271e51648f672d3032a4dce8fd1cd","body_hash":"82033ad4388b95c850b2b7919777a645dcf89bf2595037523b33fdad1a567a09","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-python","sha":"a309ff8b426b58ec0e2a45f0f869d46889d02405","version":"v6.2.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,7 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -278,20 +281,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_0a16226707a95764_EOF'
+ cat << 'GH_AW_PROMPT_001cfc1394a8c498_EOF'
- GH_AW_PROMPT_0a16226707a95764_EOF
+ GH_AW_PROMPT_001cfc1394a8c498_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_0a16226707a95764_EOF'
+ cat << 'GH_AW_PROMPT_001cfc1394a8c498_EOF'
Tools: create_issue(max:3), missing_tool, missing_data, noop
- GH_AW_PROMPT_0a16226707a95764_EOF
+ GH_AW_PROMPT_001cfc1394a8c498_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_0a16226707a95764_EOF'
+ cat << 'GH_AW_PROMPT_001cfc1394a8c498_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -320,13 +323,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_0a16226707a95764_EOF
+ GH_AW_PROMPT_001cfc1394a8c498_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_0a16226707a95764_EOF'
+ cat << 'GH_AW_PROMPT_001cfc1394a8c498_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-ambient-context-optimizer.md}}
- GH_AW_PROMPT_0a16226707a95764_EOF
+ GH_AW_PROMPT_001cfc1394a8c498_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-ambient-context-optimizer.md b/.github/workflows/daily-ambient-context-optimizer.md
index e292d7ed5b9..8311e1e2268 100644
--- a/.github/workflows/daily-ambient-context-optimizer.md
+++ b/.github/workflows/daily-ambient-context-optimizer.md
@@ -25,12 +25,6 @@ tools:
safe-outputs:
mentions: false
allowed-github-references: []
- create-issue:
- title-prefix: "[ambient-context] "
- labels: [automation, report, workflow-optimization, analysis]
- close-older-issues: true
- expires: 7d
- max: 3
timeout-minutes: 45
steps:
- name: Setup Python
@@ -152,6 +146,13 @@ steps:
core.info(`PR close-rate (7d): ${rateStr} (${closed7d.length} closed, ${merged7d.length} merged)${autoPause ? ' — AUTO-PAUSE ACTIVE' : ''}`);
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[ambient-context] "
+ expires: 7d
+ labels: [automation, report, workflow-optimization, analysis]
+ max: 3
+ close-older-issues: true
- shared/otlp.md
features:
gh-aw-detection: true
diff --git a/.github/workflows/daily-architecture-diagram.lock.yml b/.github/workflows/daily-architecture-diagram.lock.yml
index 19cde87c38d..e16f056f059 100644
--- a/.github/workflows/daily-architecture-diagram.lock.yml
+++ b/.github/workflows/daily-architecture-diagram.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"515b91eb9612763a697b19cffcdb218331ed9539fa9413634bfaf1854f86264d","body_hash":"4ed52ef3832d817f8753b19a0c12f30105095d03d7eb9a5910c96611319cead7","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3e6dfe2bebed9cb432f18205755bdaff23162ad79e3cfcb882917a1a6cf0b617","body_hash":"4ed52ef3832d817f8753b19a0c12f30105095d03d7eb9a5910c96611319cead7","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,10 +27,12 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - GH_AW_CI_TRIGGER_TOKEN
@@ -307,24 +309,24 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_e3a5b33243a25a76_EOF'
+ cat << 'GH_AW_PROMPT_80f7da5b87cbfc19_EOF'
- GH_AW_PROMPT_e3a5b33243a25a76_EOF
+ GH_AW_PROMPT_80f7da5b87cbfc19_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_e3a5b33243a25a76_EOF'
+ cat << 'GH_AW_PROMPT_80f7da5b87cbfc19_EOF'
Tools: create_issue, create_discussion, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_e3a5b33243a25a76_EOF
+ GH_AW_PROMPT_80f7da5b87cbfc19_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_e3a5b33243a25a76_EOF'
+ cat << 'GH_AW_PROMPT_80f7da5b87cbfc19_EOF'
- GH_AW_PROMPT_e3a5b33243a25a76_EOF
+ GH_AW_PROMPT_80f7da5b87cbfc19_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_e3a5b33243a25a76_EOF'
+ cat << 'GH_AW_PROMPT_80f7da5b87cbfc19_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -353,14 +355,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_e3a5b33243a25a76_EOF
+ GH_AW_PROMPT_80f7da5b87cbfc19_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_e3a5b33243a25a76_EOF'
+ cat << 'GH_AW_PROMPT_80f7da5b87cbfc19_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-architecture-diagram.md}}
- GH_AW_PROMPT_e3a5b33243a25a76_EOF
+ GH_AW_PROMPT_80f7da5b87cbfc19_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-architecture-diagram.md b/.github/workflows/daily-architecture-diagram.md
index 6a0ae52c013..43b9ec3afe2 100644
--- a/.github/workflows/daily-architecture-diagram.md
+++ b/.github/workflows/daily-architecture-diagram.md
@@ -42,12 +42,6 @@ tools:
cache-memory: true
safe-outputs:
- create-issue:
- title-prefix: "🏗️ Architecture Diagram:"
- labels: [architecture, diagram]
- close-older-issues: true
- expires: 7d
- max: 1
create-pull-request:
expires: 7d
title-prefix: "[architecture] "
@@ -55,6 +49,13 @@ safe-outputs:
noop:
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "🏗️ Architecture Diagram:"
+ expires: 7d
+ labels: [architecture, diagram]
+ max: 1
+ close-older-issues: true
- uses: shared/daily-audit-base.md
with:
title-prefix: "[architecture-diagram] "
diff --git a/.github/workflows/daily-aw-cross-repo-compile-check.lock.yml b/.github/workflows/daily-aw-cross-repo-compile-check.lock.yml
index 99339625b28..c719a49132c 100644
--- a/.github/workflows/daily-aw-cross-repo-compile-check.lock.yml
+++ b/.github/workflows/daily-aw-cross-repo-compile-check.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"1123da846239db97d501ab58b6952e6021bd277274cc402a3bd199c3f7453109","body_hash":"cfc5a2d08a58185a05e541370793d5fb0c3a50f022479f0a65366b656d0f8419","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"6ae0d61b47e3befb3ab3aabc3b19cb3f35b2785a789738e336e0d2fd63615b8a","body_hash":"cfc5a2d08a58185a05e541370793d5fb0c3a50f022479f0a65366b656d0f8419","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -276,21 +278,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_731797e26fbd9fdf_EOF'
+ cat << 'GH_AW_PROMPT_ab18cfe19b4f2e14_EOF'
- GH_AW_PROMPT_731797e26fbd9fdf_EOF
+ GH_AW_PROMPT_ab18cfe19b4f2e14_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_731797e26fbd9fdf_EOF'
+ cat << 'GH_AW_PROMPT_ab18cfe19b4f2e14_EOF'
Tools: create_issue(max:6), missing_tool, missing_data, noop
- GH_AW_PROMPT_731797e26fbd9fdf_EOF
+ GH_AW_PROMPT_ab18cfe19b4f2e14_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_731797e26fbd9fdf_EOF'
+ cat << 'GH_AW_PROMPT_ab18cfe19b4f2e14_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -319,14 +321,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_731797e26fbd9fdf_EOF
+ GH_AW_PROMPT_ab18cfe19b4f2e14_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_731797e26fbd9fdf_EOF'
+ cat << 'GH_AW_PROMPT_ab18cfe19b4f2e14_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/daily-aw-cross-repo-compile-check.md}}
- GH_AW_PROMPT_731797e26fbd9fdf_EOF
+ GH_AW_PROMPT_ab18cfe19b4f2e14_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-aw-cross-repo-compile-check.md b/.github/workflows/daily-aw-cross-repo-compile-check.md
index cbee84779ef..2b8539a1a43 100644
--- a/.github/workflows/daily-aw-cross-repo-compile-check.md
+++ b/.github/workflows/daily-aw-cross-repo-compile-check.md
@@ -30,12 +30,6 @@ safe-outputs:
allowed-github-references: []
missing-tool:
create-issue: true
- create-issue:
- title-prefix: "[aw-compat] "
- labels: [automation, compatibility, gh-aw]
- close-older-issues: true
- max: 6
- expires: 7d
timeout-minutes: 60
strict: true
network:
@@ -44,6 +38,13 @@ network:
- github
- go
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[aw-compat] "
+ expires: 7d
+ labels: [automation, compatibility, gh-aw]
+ max: 6
+ close-older-issues: true
- shared/reporting.md
- shared/otlp.md
features:
diff --git a/.github/workflows/daily-awf-spec-compiler-surfacing.lock.yml b/.github/workflows/daily-awf-spec-compiler-surfacing.lock.yml
index df12bdc65ad..ef808e4da44 100644
--- a/.github/workflows/daily-awf-spec-compiler-surfacing.lock.yml
+++ b/.github/workflows/daily-awf-spec-compiler-surfacing.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"204350ebc7745dce89199bbfd21ffb3207d4edbc1570682dba2e18e3f4175a51","body_hash":"5d83e079c23da0e8f6f3f8879c987c84f77fe042d9bdec5fae7effe6e56af342","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4","engine_versions":{"pi":"0.80.2"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"ecf7e05653420e9e78e844b004997b334b3529afc3dce3e0287fda1cc62226d7","body_hash":"5d83e079c23da0e8f6f3f8879c987c84f77fe042d9bdec5fae7effe6e56af342","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4","engine_versions":{"pi":"0.80.2"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,7 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -276,21 +279,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_1f5e11bb79869d63_EOF'
+ cat << 'GH_AW_PROMPT_4021dcd335f52c37_EOF'
- GH_AW_PROMPT_1f5e11bb79869d63_EOF
+ GH_AW_PROMPT_4021dcd335f52c37_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_1f5e11bb79869d63_EOF'
+ cat << 'GH_AW_PROMPT_4021dcd335f52c37_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_1f5e11bb79869d63_EOF
+ GH_AW_PROMPT_4021dcd335f52c37_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_1f5e11bb79869d63_EOF'
+ cat << 'GH_AW_PROMPT_4021dcd335f52c37_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -319,14 +322,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_1f5e11bb79869d63_EOF
+ GH_AW_PROMPT_4021dcd335f52c37_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_1f5e11bb79869d63_EOF'
+ cat << 'GH_AW_PROMPT_4021dcd335f52c37_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/daily-awf-spec-compiler-surfacing.md}}
- GH_AW_PROMPT_1f5e11bb79869d63_EOF
+ GH_AW_PROMPT_4021dcd335f52c37_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-awf-spec-compiler-surfacing.md b/.github/workflows/daily-awf-spec-compiler-surfacing.md
index 7b7cfd753f1..869a51fb59c 100644
--- a/.github/workflows/daily-awf-spec-compiler-surfacing.md
+++ b/.github/workflows/daily-awf-spec-compiler-surfacing.md
@@ -24,16 +24,16 @@ tools:
file-glob: [".json", ".md"]
max-file-size: 65536
bash: true
-safe-outputs:
- create-issue:
- title-prefix: "[awf-feature-surfacing] "
- labels: [automation, awf, compiler, specifications]
- close-older-issues: true
- max: 1
- expires: 7d
timeout-minutes: 30
strict: true
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[awf-feature-surfacing] "
+ expires: 7d
+ labels: [automation, awf, compiler, specifications]
+ max: 1
+ close-older-issues: true
- shared/otlp.md
features:
gh-aw-detection: true
diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml
index bb15e31b950..e81fbcac1f2 100644
--- a/.github/workflows/daily-cli-tools-tester.lock.yml
+++ b/.github/workflows/daily-cli-tools-tester.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"b76c15cd8b8dc994aee912dfeda6f5a424c7a35d02ea77002953c628e4f22485","body_hash":"20f05a9be709514f55a488b4f2dca1afbab040224dc19108137f823e8bbc0142","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"6cbc126cf61cbb2ccb4ef6614fc8e6e508facf3bc62a95dede81fb4dbbcf60ad","body_hash":"20f05a9be709514f55a488b4f2dca1afbab040224dc19108137f823e8bbc0142","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,10 +27,12 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -279,20 +281,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_b59e119b4752f547_EOF'
+ cat << 'GH_AW_PROMPT_ab0daadd18ef7c4c_EOF'
- GH_AW_PROMPT_b59e119b4752f547_EOF
+ GH_AW_PROMPT_ab0daadd18ef7c4c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_b59e119b4752f547_EOF'
+ cat << 'GH_AW_PROMPT_ab0daadd18ef7c4c_EOF'
Tools: create_issue, create_discussion, missing_tool, missing_data, noop
- GH_AW_PROMPT_b59e119b4752f547_EOF
+ GH_AW_PROMPT_ab0daadd18ef7c4c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_b59e119b4752f547_EOF'
+ cat << 'GH_AW_PROMPT_ab0daadd18ef7c4c_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -321,14 +323,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_b59e119b4752f547_EOF
+ GH_AW_PROMPT_ab0daadd18ef7c4c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_b59e119b4752f547_EOF'
+ cat << 'GH_AW_PROMPT_ab0daadd18ef7c4c_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-cli-tools-tester.md}}
- GH_AW_PROMPT_b59e119b4752f547_EOF
+ GH_AW_PROMPT_ab0daadd18ef7c4c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -613,9 +616,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_47278c8dd51bc4af_EOF'
- {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[cli-tools-test] "},"create_issue":{"expires":168,"labels":["testing","automation","cli-tools"],"max":1,"title_prefix":"[cli-tools-test] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_47278c8dd51bc4af_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7b422cdefa16e6b4_EOF'
+ {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[cli-tools-test] "},"create_issue":{"close_older_issues":false,"expires":168,"labels":["testing","automation","cli-tools"],"max":1,"title_prefix":"[cli-tools-test] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_7b422cdefa16e6b4_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1734,7 +1737,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[cli-tools-test] \"},\"create_issue\":{\"expires\":168,\"labels\":[\"testing\",\"automation\",\"cli-tools\"],\"max\":1,\"title_prefix\":\"[cli-tools-test] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[cli-tools-test] \"},\"create_issue\":{\"close_older_issues\":false,\"expires\":168,\"labels\":[\"testing\",\"automation\",\"cli-tools\"],\"max\":1,\"title_prefix\":\"[cli-tools-test] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/daily-cli-tools-tester.md b/.github/workflows/daily-cli-tools-tester.md
index 06c0e553c43..20843033efe 100644
--- a/.github/workflows/daily-cli-tools-tester.md
+++ b/.github/workflows/daily-cli-tools-tester.md
@@ -18,15 +18,16 @@ tools:
bash: ["*"]
edit:
safe-outputs:
- create-issue:
- expires: 7d
- title-prefix: "[cli-tools-test] "
- labels: [testing, automation, cli-tools]
- max: 1
noop:
timeout-minutes: 60
strict: true
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[cli-tools-test] "
+ expires: 7d
+ labels: [testing, automation, cli-tools]
+ max: 1
- uses: shared/daily-audit-base.md
with:
title-prefix: "[cli-tools-test] "
diff --git a/.github/workflows/daily-doc-healer.lock.yml b/.github/workflows/daily-doc-healer.lock.yml
index 0c718b7f549..2b41e840238 100644
--- a/.github/workflows/daily-doc-healer.lock.yml
+++ b/.github/workflows/daily-doc-healer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"283644454236b24594f3efcd9afb342d7e7f580641379d752baf9f6d2c61dd1c","body_hash":"17d342d9eb1eb81fe8ee6dc242c2e7dd96fbdcba013840231269807407639fa6","strict":true,"agent_id":"claude","agent_model":"${{ needs.activation.outputs.model_size }}","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"f5a575870191126b358914458bd96c0fd1626894d2417ec6a68b153a58defb9c","body_hash":"a84515cea573ba9063ed856ee08274b9c9391a7f7ca789c58b8cfcaa984f8583","strict":true,"agent_id":"claude","agent_model":"${{ needs.activation.outputs.model_size }}","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_AGENT_TOKEN","GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,10 +27,12 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -317,24 +319,24 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_b44c664d620a0e84_EOF'
+ cat << 'GH_AW_PROMPT_4b3aec39c61e7253_EOF'
- GH_AW_PROMPT_b44c664d620a0e84_EOF
+ GH_AW_PROMPT_4b3aec39c61e7253_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_b44c664d620a0e84_EOF'
+ cat << 'GH_AW_PROMPT_4b3aec39c61e7253_EOF'
Tools: create_issue, create_discussion, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_b44c664d620a0e84_EOF
+ GH_AW_PROMPT_4b3aec39c61e7253_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_b44c664d620a0e84_EOF'
+ cat << 'GH_AW_PROMPT_4b3aec39c61e7253_EOF'
- GH_AW_PROMPT_b44c664d620a0e84_EOF
+ GH_AW_PROMPT_4b3aec39c61e7253_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_b44c664d620a0e84_EOF'
+ cat << 'GH_AW_PROMPT_4b3aec39c61e7253_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -363,14 +365,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_b44c664d620a0e84_EOF
+ GH_AW_PROMPT_4b3aec39c61e7253_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_b44c664d620a0e84_EOF'
+ cat << 'GH_AW_PROMPT_4b3aec39c61e7253_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-doc-healer.md}}
- GH_AW_PROMPT_b44c664d620a0e84_EOF
+ GH_AW_PROMPT_4b3aec39c61e7253_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -621,9 +624,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_2103410bf31015af_EOF'
- {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[doc-healer] "},"create_issue":{"assignees":["copilot"],"expires":72,"labels":["documentation","automation"],"max":1,"title_prefix":"[doc-healer] "},"create_pull_request":{"expires":72,"labels":["documentation","automation"],"max":1,"max_patch_files":100,"max_patch_size":4096,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","CLAUDE.md","AGENTS.md"],"protected_files_policy":"request_review","title_prefix":"[docs] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_2103410bf31015af_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_860e394606b5f3a4_EOF'
+ {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[doc-healer] "},"create_issue":{"assignees":["copilot"],"close_older_issues":false,"expires":72,"labels":["documentation","automation"],"max":1,"title_prefix":"[doc-healer] "},"create_pull_request":{"expires":72,"labels":["documentation","automation"],"max":1,"max_patch_files":100,"max_patch_size":4096,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","CLAUDE.md","AGENTS.md"],"protected_files_policy":"request_review","title_prefix":"[docs] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_860e394606b5f3a4_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1980,7 +1983,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,docs.github.com,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,sentry.io,statsig.anthropic.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[doc-healer] \"},\"create_issue\":{\"assignees\":[\"copilot\"],\"expires\":72,\"labels\":[\"documentation\",\"automation\"],\"max\":1,\"title_prefix\":\"[doc-healer] \"},\"create_pull_request\":{\"expires\":72,\"labels\":[\"documentation\",\"automation\"],\"max\":1,\"max_patch_files\":100,\"max_patch_size\":4096,\"protect_top_level_dot_folders\":true,\"protected_files\":[\"package.json\",\"bun.lockb\",\"bunfig.toml\",\"deno.json\",\"deno.jsonc\",\"deno.lock\",\"global.json\",\"NuGet.Config\",\"Directory.Packages.props\",\"mix.exs\",\"mix.lock\",\"go.mod\",\"go.sum\",\"stack.yaml\",\"stack.yaml.lock\",\"pom.xml\",\"build.gradle\",\"build.gradle.kts\",\"settings.gradle\",\"settings.gradle.kts\",\"gradle.properties\",\"package-lock.json\",\"yarn.lock\",\"pnpm-lock.yaml\",\"npm-shrinkwrap.json\",\"requirements.txt\",\"Pipfile\",\"Pipfile.lock\",\"pyproject.toml\",\"setup.py\",\"setup.cfg\",\"Gemfile\",\"Gemfile.lock\",\"uv.lock\",\"CODEOWNERS\",\"DESIGN.md\",\"README.md\",\"CONTRIBUTING.md\",\"CHANGELOG.md\",\"SECURITY.md\",\"CODE_OF_CONDUCT.md\",\"CLAUDE.md\",\"AGENTS.md\"],\"protected_files_policy\":\"request_review\",\"title_prefix\":\"[docs] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[doc-healer] \"},\"create_issue\":{\"assignees\":[\"copilot\"],\"close_older_issues\":false,\"expires\":72,\"labels\":[\"documentation\",\"automation\"],\"max\":1,\"title_prefix\":\"[doc-healer] \"},\"create_pull_request\":{\"expires\":72,\"labels\":[\"documentation\",\"automation\"],\"max\":1,\"max_patch_files\":100,\"max_patch_size\":4096,\"protect_top_level_dot_folders\":true,\"protected_files\":[\"package.json\",\"bun.lockb\",\"bunfig.toml\",\"deno.json\",\"deno.jsonc\",\"deno.lock\",\"global.json\",\"NuGet.Config\",\"Directory.Packages.props\",\"mix.exs\",\"mix.lock\",\"go.mod\",\"go.sum\",\"stack.yaml\",\"stack.yaml.lock\",\"pom.xml\",\"build.gradle\",\"build.gradle.kts\",\"settings.gradle\",\"settings.gradle.kts\",\"gradle.properties\",\"package-lock.json\",\"yarn.lock\",\"pnpm-lock.yaml\",\"npm-shrinkwrap.json\",\"requirements.txt\",\"Pipfile\",\"Pipfile.lock\",\"pyproject.toml\",\"setup.py\",\"setup.cfg\",\"Gemfile\",\"Gemfile.lock\",\"uv.lock\",\"CODEOWNERS\",\"DESIGN.md\",\"README.md\",\"CONTRIBUTING.md\",\"CHANGELOG.md\",\"SECURITY.md\",\"CODE_OF_CONDUCT.md\",\"CLAUDE.md\",\"AGENTS.md\"],\"protected_files_policy\":\"request_review\",\"title_prefix\":\"[docs] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
GH_AW_ASSIGN_COPILOT: "true"
GH_AW_CI_TRIGGER_TOKEN: ${{ secrets.GH_AW_CI_TRIGGER_TOKEN }}
GH_AW_ASSIGN_TO_AGENT_TOKEN: ${{ secrets.GH_AW_AGENT_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/daily-doc-healer.md b/.github/workflows/daily-doc-healer.md
index a42c6a91505..b7c5c13f2c4 100644
--- a/.github/workflows/daily-doc-healer.md
+++ b/.github/workflows/daily-doc-healer.md
@@ -14,20 +14,18 @@ network:
- defaults
- github
imports:
-- uses: shared/daily-audit-base.md
- with:
- expires: 3d
- title-prefix: "[doc-healer] "
-- shared/otlp.md
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[doc-healer] "
+ expires: 3d
+ labels: [documentation, automation]
+ assignees: [copilot]
+ - uses: shared/daily-audit-base.md
+ with:
+ expires: 3d
+ title-prefix: "[doc-healer] "
+ - shared/otlp.md
safe-outputs:
- create-issue:
- assignees:
- - copilot
- expires: 3d
- labels:
- - documentation
- - automation
- title-prefix: "[doc-healer] "
create-pull-request:
expires: 3d
labels:
diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml
index e9895300751..76ec3f8330e 100644
--- a/.github/workflows/daily-file-diet.lock.yml
+++ b/.github/workflows/daily-file-diet.lock.yml
@@ -562,9 +562,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e26cfb140a289f90_EOF'
- {"create_issue":{"expires":48,"labels":["refactoring","code-health","automated-analysis","cookie"],"max":1,"title_prefix":"[file-diet] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_e26cfb140a289f90_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_2696d6e29cf7c675_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["refactoring","code-health","automated-analysis","cookie"],"max":1,"title_prefix":"[file-diet] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_2696d6e29cf7c675_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1750,7 +1750,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":48,\"labels\":[\"refactoring\",\"code-health\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[file-diet] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"refactoring\",\"code-health\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[file-diet] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/daily-formal-spec-verifier.lock.yml b/.github/workflows/daily-formal-spec-verifier.lock.yml
index 4d04cb0d497..cc4f5eec953 100644
--- a/.github/workflows/daily-formal-spec-verifier.lock.yml
+++ b/.github/workflows/daily-formal-spec-verifier.lock.yml
@@ -600,9 +600,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_a73f0d132c5e5aeb_EOF'
- {"create_issue":{"assignees":["copilot"],"expires":168,"labels":["automation","formal-verification","testing","specifications"],"max":1,"title_prefix":"[formal-spec] "},"create_report_incomplete_issue":{},"max_bot_mentions":1,"mentions":{"enabled":false},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":65536,"max_patch_size":10240}]},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_a73f0d132c5e5aeb_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7ca974d71f5de63c_EOF'
+ {"create_issue":{"assignees":["copilot"],"close_older_issues":false,"expires":168,"labels":["automation","formal-verification","testing","specifications"],"max":1,"title_prefix":"[formal-spec] "},"create_report_incomplete_issue":{},"max_bot_mentions":1,"mentions":{"enabled":false},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":65536,"max_patch_size":10240}]},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_7ca974d71f5de63c_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1839,7 +1839,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"assignees\":[\"copilot\"],\"expires\":168,\"labels\":[\"automation\",\"formal-verification\",\"testing\",\"specifications\"],\"max\":1,\"title_prefix\":\"[formal-spec] \"},\"create_report_incomplete_issue\":{},\"mentions\":{\"enabled\":false},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"assignees\":[\"copilot\"],\"close_older_issues\":false,\"expires\":168,\"labels\":[\"automation\",\"formal-verification\",\"testing\",\"specifications\"],\"max\":1,\"title_prefix\":\"[formal-spec] \"},\"create_report_incomplete_issue\":{},\"mentions\":{\"enabled\":false},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
GH_AW_ASSIGN_COPILOT: "true"
GH_AW_ASSIGN_TO_AGENT_TOKEN: ${{ secrets.GH_AW_AGENT_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
with:
diff --git a/.github/workflows/daily-function-namer.lock.yml b/.github/workflows/daily-function-namer.lock.yml
index 7ba46ae5347..1ede33a5f94 100644
--- a/.github/workflows/daily-function-namer.lock.yml
+++ b/.github/workflows/daily-function-namer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"ec383aa5ee2e0f7bf8e7218348932e11eecc9539b293a2dc7e2d03088a9d606d","body_hash":"38251618d47145d5907a35b17a1c66b8c99448470e1e015011e7dc79148ab75f","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4","engine_versions":{"pi":"0.80.2"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a6219002be7b90b3fa80b6b111f389c823363c94002ed9bcfc1f5116598322fa","body_hash":"38251618d47145d5907a35b17a1c66b8c99448470e1e015011e7dc79148ab75f","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4","engine_versions":{"pi":"0.80.2"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,12 +27,14 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -281,21 +283,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_91c52166b60c4a11_EOF'
+ cat << 'GH_AW_PROMPT_6be48158d75ca5de_EOF'
- GH_AW_PROMPT_91c52166b60c4a11_EOF
+ GH_AW_PROMPT_6be48158d75ca5de_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_91c52166b60c4a11_EOF'
+ cat << 'GH_AW_PROMPT_6be48158d75ca5de_EOF'
Tools: create_issue, create_discussion, missing_tool, missing_data, noop
- GH_AW_PROMPT_91c52166b60c4a11_EOF
+ GH_AW_PROMPT_6be48158d75ca5de_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_91c52166b60c4a11_EOF'
+ cat << 'GH_AW_PROMPT_6be48158d75ca5de_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -324,18 +326,19 @@ jobs:
{{/if}}
- GH_AW_PROMPT_91c52166b60c4a11_EOF
+ GH_AW_PROMPT_6be48158d75ca5de_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_91c52166b60c4a11_EOF'
+ cat << 'GH_AW_PROMPT_6be48158d75ca5de_EOF'
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
## Serena Code Analysis
Serena is enabled for **["go"]** in `__GH_AW_GITHUB_WORKSPACE__`. Start by calling `activate_project` with that workspace path, then prefer Serena semantic tools for symbol lookup, references, docs, diagnostics, and structured edits.
{{#runtime-import .github/workflows/daily-function-namer.md}}
- GH_AW_PROMPT_91c52166b60c4a11_EOF
+ GH_AW_PROMPT_6be48158d75ca5de_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-function-namer.md b/.github/workflows/daily-function-namer.md
index 5364a1e8524..5245d0691d7 100644
--- a/.github/workflows/daily-function-namer.md
+++ b/.github/workflows/daily-function-namer.md
@@ -20,6 +20,13 @@ engine:
model: copilot/gpt-5.4
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[function-namer] "
+ expires: 7d
+ labels: [refactoring, code-quality, automated-analysis, cookie]
+ max: 1
+ close-older-issues: true
- uses: shared/daily-audit-base.md
with:
title-prefix: "[function-namer] "
@@ -27,14 +34,6 @@ imports:
- shared/mcp/serena-go.md
- shared/otlp.md
-safe-outputs:
- create-issue:
- expires: 7d
- title-prefix: "[function-namer] "
- labels: [refactoring, code-quality, automated-analysis, cookie]
- max: 1
- close-older-issues: true
-
tools:
cli-proxy: true
cache-memory: true
diff --git a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
index 79cfcc131d9..8f84a51aa6e 100644
--- a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
+++ b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"e04b5c0f4218c4ca87741e7cb89afd461291c1bf9af1ca2fbf345951f1eb3d41","body_hash":"7c7e652220bcb9b711b7effa7444a7beea5b019d5f16ddce1d4eccce63f51fe7","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"7be43f63c174f5821844e2a46e9472b2050370beb1ac3befd7497ebb146e9519","body_hash":"1e65680eb93750e8eccfaf63495af5eae9e768e5151b47de499ba6ad174fc793","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_AGENT_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,11 +27,13 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/mcp/serena.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
# - shared/safe-output-app.md
#
# Secrets used:
@@ -274,21 +276,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_8f4b0152a4102653_EOF'
+ cat << 'GH_AW_PROMPT_946d010ce1bbc6dc_EOF'
- GH_AW_PROMPT_8f4b0152a4102653_EOF
+ GH_AW_PROMPT_946d010ce1bbc6dc_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_8f4b0152a4102653_EOF'
+ cat << 'GH_AW_PROMPT_946d010ce1bbc6dc_EOF'
Tools: create_issue(max:5), create_discussion, create_agent_session(max:3), missing_tool, missing_data, noop
- GH_AW_PROMPT_8f4b0152a4102653_EOF
+ GH_AW_PROMPT_946d010ce1bbc6dc_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_8f4b0152a4102653_EOF'
+ cat << 'GH_AW_PROMPT_946d010ce1bbc6dc_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -317,18 +319,19 @@ jobs:
{{/if}}
- GH_AW_PROMPT_8f4b0152a4102653_EOF
+ GH_AW_PROMPT_946d010ce1bbc6dc_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_8f4b0152a4102653_EOF'
+ cat << 'GH_AW_PROMPT_946d010ce1bbc6dc_EOF'
{{#runtime-import .github/workflows/shared/safe-output-app.md}}
## Serena Code Analysis
Serena is enabled for **["go","typescript"]** in `__GH_AW_GITHUB_WORKSPACE__`. Start by calling `activate_project` with that workspace path, then prefer Serena semantic tools for symbol lookup, references, docs, diagnostics, and structured edits.
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-mcp-concurrency-analysis.md}}
- GH_AW_PROMPT_8f4b0152a4102653_EOF
+ GH_AW_PROMPT_946d010ce1bbc6dc_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -577,9 +580,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_9072efe910708a86_EOF'
- {"create_agent_session":{"max":3},"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[mcp-concurrency] "},"create_issue":{"expires":168,"labels":["bug","concurrency","thread-safety","automated-analysis","cookie"],"max":5,"title_prefix":"[concurrency] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_9072efe910708a86_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_d91b87446b5d1ba3_EOF'
+ {"create_agent_session":{"max":3},"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[mcp-concurrency] "},"create_issue":{"close_older_issues":false,"expires":168,"labels":["bug","concurrency","thread-safety","automated-analysis","cookie"],"max":5,"title_prefix":"[concurrency] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_d91b87446b5d1ba3_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1784,7 +1787,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_agent_session\":{\"max\":3},\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[mcp-concurrency] \"},\"create_issue\":{\"expires\":168,\"labels\":[\"bug\",\"concurrency\",\"thread-safety\",\"automated-analysis\",\"cookie\"],\"max\":5,\"title_prefix\":\"[concurrency] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_agent_session\":{\"max\":3},\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[mcp-concurrency] \"},\"create_issue\":{\"close_older_issues\":false,\"expires\":168,\"labels\":[\"bug\",\"concurrency\",\"thread-safety\",\"automated-analysis\",\"cookie\"],\"max\":5,\"title_prefix\":\"[concurrency] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
GH_AW_AGENT_SESSION_TOKEN: ${{ secrets.GH_AW_AGENT_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/daily-mcp-concurrency-analysis.md b/.github/workflows/daily-mcp-concurrency-analysis.md
index 300ebf7d87a..d8b90b4b7f1 100644
--- a/.github/workflows/daily-mcp-concurrency-analysis.md
+++ b/.github/workflows/daily-mcp-concurrency-analysis.md
@@ -11,30 +11,26 @@ permissions:
pull-requests: read
copilot-requests: write
imports:
-- uses: shared/daily-audit-base.md
- with:
- expires: 3d
- title-prefix: "[mcp-concurrency] "
-- shared/safe-output-app.md
-- uses: shared/mcp/serena.md
- with:
- languages:
- - go
- - typescript
-- shared/otlp.md
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[concurrency] "
+ expires: 7d
+ max: 5
+ labels: [bug, concurrency, thread-safety, automated-analysis, cookie]
+ - uses: shared/daily-audit-base.md
+ with:
+ expires: 3d
+ title-prefix: "[mcp-concurrency] "
+ - shared/safe-output-app.md
+ - uses: shared/mcp/serena.md
+ with:
+ languages:
+ - go
+ - typescript
+ - shared/otlp.md
safe-outputs:
create-agent-session:
max: 3
- create-issue:
- expires: 7d
- labels:
- - bug
- - concurrency
- - thread-safety
- - automated-analysis
- - cookie
- max: 5
- title-prefix: "[concurrency] "
description: Performs deep-dive concurrency analysis on each safe-outputs MCP server tool to ensure thread-safety and detect race conditions
emoji: 📊
engine:
diff --git a/.github/workflows/daily-model-inventory.lock.yml b/.github/workflows/daily-model-inventory.lock.yml
index 0ab7f1a69ef..afb85d89b48 100644
--- a/.github/workflows/daily-model-inventory.lock.yml
+++ b/.github/workflows/daily-model-inventory.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"11a3f6dd8c208d49efa7295462cb4ed50a929df39cff5dca1a8f1349e3fac26c","body_hash":"13f73a1bd33b3f0557bdc49b3d508bd1310a83e36555c770e8b7128be2f4b522","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fef56d0323597610e45449d681dc697565f2d9bf821b913cd601601f3aadade0","body_hash":"13f73a1bd33b3f0557bdc49b3d508bd1310a83e36555c770e8b7128be2f4b522","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","COPILOT_GITHUB_TOKEN","GEMINI_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENAI_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,7 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -276,21 +279,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_81391abda2f614e2_EOF'
+ cat << 'GH_AW_PROMPT_6aa79687b0a7aaae_EOF'
- GH_AW_PROMPT_81391abda2f614e2_EOF
+ GH_AW_PROMPT_6aa79687b0a7aaae_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/playwright_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_81391abda2f614e2_EOF'
+ cat << 'GH_AW_PROMPT_6aa79687b0a7aaae_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_81391abda2f614e2_EOF
+ GH_AW_PROMPT_6aa79687b0a7aaae_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_81391abda2f614e2_EOF'
+ cat << 'GH_AW_PROMPT_6aa79687b0a7aaae_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -319,14 +322,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_81391abda2f614e2_EOF
+ GH_AW_PROMPT_6aa79687b0a7aaae_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_81391abda2f614e2_EOF'
+ cat << 'GH_AW_PROMPT_6aa79687b0a7aaae_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/daily-model-inventory.md}}
- GH_AW_PROMPT_81391abda2f614e2_EOF
+ GH_AW_PROMPT_6aa79687b0a7aaae_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-model-inventory.md b/.github/workflows/daily-model-inventory.md
index 87729cbe23a..94b9e2cd5bf 100644
--- a/.github/workflows/daily-model-inventory.md
+++ b/.github/workflows/daily-model-inventory.md
@@ -313,15 +313,14 @@ tools:
github:
toolsets: [default]
-safe-outputs:
- create-issue:
- expires: 7d
- title-prefix: "[model-inventory] "
- labels: [automation, models]
- max: 1
- close-older-issues: true
-
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[model-inventory] "
+ expires: 7d
+ labels: [automation, models]
+ max: 1
+ close-older-issues: true
- shared/otlp.md
features:
gh-aw-detection: true
diff --git a/.github/workflows/daily-model-resolution.lock.yml b/.github/workflows/daily-model-resolution.lock.yml
index 54a57806177..17036eb778e 100644
--- a/.github/workflows/daily-model-resolution.lock.yml
+++ b/.github/workflows/daily-model-resolution.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"273c8ab757b265c3e06a5aefc37fc384ebcd17774e7b14a751014c429495a54a","body_hash":"fde234f700297a3f9a722b148de02a7937860b961f0d28ebf8c4450166730cd8","strict":true,"agent_id":"codex","agent_model":"gpt-5-mini","engine_versions":{"codex":"0.142.0"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"b5c8689c0c5ccc9022752e6e0e610380b5c1f1e88c7b305e347f7462f8af5c12","body_hash":"fde234f700297a3f9a722b148de02a7937860b961f0d28ebf8c4450166730cd8","strict":true,"agent_id":"codex","agent_model":"gpt-5-mini","engine_versions":{"codex":"0.142.0"}}
# gh-aw-manifest: {"version":1,"secrets":["CODEX_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENAI_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,11 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/meta-analysis-base.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - CODEX_API_KEY
@@ -281,20 +284,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_8b92bad65b13f707_EOF'
+ cat << 'GH_AW_PROMPT_0a716d3543f1d1bd_EOF'
- GH_AW_PROMPT_8b92bad65b13f707_EOF
+ GH_AW_PROMPT_0a716d3543f1d1bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_8b92bad65b13f707_EOF'
+ cat << 'GH_AW_PROMPT_0a716d3543f1d1bd_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_8b92bad65b13f707_EOF
+ GH_AW_PROMPT_0a716d3543f1d1bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_8b92bad65b13f707_EOF'
+ cat << 'GH_AW_PROMPT_0a716d3543f1d1bd_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -323,15 +326,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_8b92bad65b13f707_EOF
+ GH_AW_PROMPT_0a716d3543f1d1bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_8b92bad65b13f707_EOF'
+ cat << 'GH_AW_PROMPT_0a716d3543f1d1bd_EOF'
**IMPORTANT**: When analyzing agentic workflows, use the `agentic-workflows` tool to read workflow files.
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/daily-model-resolution.md}}
- GH_AW_PROMPT_8b92bad65b13f707_EOF
+ GH_AW_PROMPT_0a716d3543f1d1bd_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -619,15 +624,15 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_422b109972df5eb0_EOF'
- {"create_issue":{"close_older_issues":true,"expires":72,"max":1,"title_prefix":"[model-resolution] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_422b109972df5eb0_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_1d7e5d0759fccdf4_EOF'
+ {"create_issue":{"close_older_issues":true,"expires":72,"labels":["automated-analysis","cookie"],"max":1,"title_prefix":"[model-resolution] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_1d7e5d0759fccdf4_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
{
"description_suffixes": {
- "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[model-resolution] \"."
+ "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[model-resolution] \". Labels [\"automated-analysis\" \"cookie\"] will be automatically added."
},
"repo_params": {},
"dynamic_tools": []
@@ -1760,7 +1765,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,172.30.0.1,api.openai.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,chatgpt.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,openai.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":true,\"expires\":72,\"max\":1,\"title_prefix\":\"[model-resolution] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":true,\"expires\":72,\"labels\":[\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[model-resolution] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/daily-model-resolution.md b/.github/workflows/daily-model-resolution.md
index 1a58bcdd07c..22f0b19d484 100644
--- a/.github/workflows/daily-model-resolution.md
+++ b/.github/workflows/daily-model-resolution.md
@@ -23,14 +23,14 @@ strict: true
tools:
agentic-workflows: true
bash: true
-safe-outputs:
- create-issue:
- expires: 3d
- title-prefix: "[model-resolution] "
- close-older-issues: true
- max: 1
timeout-minutes: 30
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[model-resolution] "
+ expires: 3d
+ max: 1
+ close-older-issues: true
- uses: shared/meta-analysis-base.md
with:
toolsets: [default, actions]
diff --git a/.github/workflows/daily-reliability-review.lock.yml b/.github/workflows/daily-reliability-review.lock.yml
index 39eade258c3..99dc202c8b3 100644
--- a/.github/workflows/daily-reliability-review.lock.yml
+++ b/.github/workflows/daily-reliability-review.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"af5241938ab92db9f18a705e16b0e29cb6ae5d8d239291e480811da6524e1704","body_hash":"e089bc8edbace5cb8639d331a0e83a5408457d0ae39be88a1908a9f5a8040c17","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3503d7d2991e179c846b1f9226d5eb695497d71f92470846b1dbca9171f74a06","body_hash":"e089bc8edbace5cb8639d331a0e83a5408457d0ae39be88a1908a9f5a8040c17","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","SENTRY_ACCESS_TOKEN","SENTRY_OPENAI_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
diff --git a/.github/workflows/daily-reliability-review.md b/.github/workflows/daily-reliability-review.md
index a23cc37ceff..bb66a257895 100644
--- a/.github/workflows/daily-reliability-review.md
+++ b/.github/workflows/daily-reliability-review.md
@@ -22,12 +22,6 @@ tools:
safe-outputs:
mentions: false
allowed-github-references: []
- create-issue:
- expires: 2d
- title-prefix: "[reliability] "
- labels: [observability, automated-analysis]
- max: 1
- close-older-issues: true
timeout-minutes: 30
imports:
- uses: shared/daily-issue-base.md
@@ -35,6 +29,8 @@ imports:
title-prefix: "[reliability] "
expires: 2d
labels: [observability, automated-analysis]
+ max: 1
+ close-older-issues: true
- shared/sentry.md
- shared/mcp/sentry.md
features:
diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml
index 517a1a2578a..60da64f9d31 100644
--- a/.github/workflows/daily-safe-output-optimizer.lock.yml
+++ b/.github/workflows/daily-safe-output-optimizer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"85223235346584710dd69f77524eb041021af2fca9ac92823ad724b1fa558936","body_hash":"93a0939ba4d89d87103e080d44e4066712bbb2181ddedd071f096de4ae8eb8b8","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"8db2bf84121f996eced95d65543d5b147f55697358d9d935bd36cdebcd1fce22","body_hash":"93a0939ba4d89d87103e080d44e4066712bbb2181ddedd071f096de4ae8eb8b8","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -34,6 +34,7 @@
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
# - shared/skip-if-issue-open.md
#
# Secrets used:
@@ -700,9 +701,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_85e93e49876393cb_EOF'
- {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[safe-output-optimizer] "},"create_issue":{"expires":48,"labels":["bug","safe-outputs","tool-improvement","automated-analysis","cookie"],"max":1,"title_prefix":"[safeoutputs] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_85e93e49876393cb_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_2efa1f1b8c7ac7b2_EOF'
+ {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[safe-output-optimizer] "},"create_issue":{"close_older_issues":false,"expires":48,"labels":["bug","safe-outputs","tool-improvement","automated-analysis","cookie"],"max":1,"title_prefix":"[safeoutputs] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_2efa1f1b8c7ac7b2_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -2093,7 +2094,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,sentry.io,statsig.anthropic.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[safe-output-optimizer] \"},\"create_issue\":{\"expires\":48,\"labels\":[\"bug\",\"safe-outputs\",\"tool-improvement\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[safeoutputs] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[safe-output-optimizer] \"},\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"bug\",\"safe-outputs\",\"tool-improvement\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[safeoutputs] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/daily-safe-output-optimizer.md b/.github/workflows/daily-safe-output-optimizer.md
index 22c94cbdfca..9dfa50799e5 100644
--- a/.github/workflows/daily-safe-output-optimizer.md
+++ b/.github/workflows/daily-safe-output-optimizer.md
@@ -14,19 +14,18 @@ permissions:
actions: read
engine: claude
-safe-outputs:
- create-issue:
- expires: 2d
- title-prefix: "[safeoutputs] "
- labels: [bug, safe-outputs, tool-improvement, automated-analysis, cookie]
- max: 1
-
timeout-minutes: 30
max-turns: 200
max-ai-credits: 1500
strict: true
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[safeoutputs] "
+ expires: 2d
+ labels: [bug, safe-outputs, tool-improvement, automated-analysis, cookie]
+ max: 1
- uses: shared/skip-if-issue-open.md
with:
title-prefix: "[safeoutputs]"
@@ -59,7 +58,6 @@ experiments:
min_samples: 20
weight: [50, 50]
start_date: "2026-06-09"
-
---
# Safe Output Tool Optimizer
diff --git a/.github/workflows/daily-safe-outputs-conformance.lock.yml b/.github/workflows/daily-safe-outputs-conformance.lock.yml
index 545a73472a9..5db8deee79a 100644
--- a/.github/workflows/daily-safe-outputs-conformance.lock.yml
+++ b/.github/workflows/daily-safe-outputs-conformance.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"17bf55fdc07f9c5128804b5e1c792b46744f90b40bf376f2e083e630759db9cc","body_hash":"4dc5d786007ef644dfdfc604bd2bb7fbaf16a24d3326507661e7f36da5863dec","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"ccb6aec900e784e5d2ccd3d405981926116dda57cf03c257c8dd85eb12a552a0","body_hash":"4dc5d786007ef644dfdfc604bd2bb7fbaf16a24d3326507661e7f36da5863dec","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,10 +27,12 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -278,20 +280,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_8c1e1b91fadb69ce_EOF'
+ cat << 'GH_AW_PROMPT_05dd31bf3fc8d93d_EOF'
- GH_AW_PROMPT_8c1e1b91fadb69ce_EOF
+ GH_AW_PROMPT_05dd31bf3fc8d93d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_8c1e1b91fadb69ce_EOF'
+ cat << 'GH_AW_PROMPT_05dd31bf3fc8d93d_EOF'
Tools: create_issue(max:10), create_discussion, missing_tool, missing_data, noop
- GH_AW_PROMPT_8c1e1b91fadb69ce_EOF
+ GH_AW_PROMPT_05dd31bf3fc8d93d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_8c1e1b91fadb69ce_EOF'
+ cat << 'GH_AW_PROMPT_05dd31bf3fc8d93d_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -320,14 +322,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_8c1e1b91fadb69ce_EOF
+ GH_AW_PROMPT_05dd31bf3fc8d93d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_8c1e1b91fadb69ce_EOF'
+ cat << 'GH_AW_PROMPT_05dd31bf3fc8d93d_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-safe-outputs-conformance.md}}
- GH_AW_PROMPT_8c1e1b91fadb69ce_EOF
+ GH_AW_PROMPT_05dd31bf3fc8d93d_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-safe-outputs-conformance.md b/.github/workflows/daily-safe-outputs-conformance.md
index 71039d05265..6d8d63345e9 100644
--- a/.github/workflows/daily-safe-outputs-conformance.md
+++ b/.github/workflows/daily-safe-outputs-conformance.md
@@ -17,15 +17,15 @@ tools:
mode: gh-proxy
toolsets: [repos, issues]
bash: true
-safe-outputs:
- create-issue:
- title-prefix: "[Safe Outputs Conformance] "
- labels: ["safe-outputs", "conformance", "automated"]
- expires: 1d
- close-older-issues: true
- max: 10
timeout-minutes: 20
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[Safe Outputs Conformance] "
+ expires: 1d
+ labels: ["safe-outputs", "conformance", "automated"]
+ max: 10
+ close-older-issues: true
- uses: shared/daily-audit-base.md
with:
title-prefix: "[safe-outputs-conformance] "
diff --git a/.github/workflows/daily-security-red-team.lock.yml b/.github/workflows/daily-security-red-team.lock.yml
index 7dc81b5132f..ccbcb26349b 100644
--- a/.github/workflows/daily-security-red-team.lock.yml
+++ b/.github/workflows/daily-security-red-team.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"99be059d60c06f8629909202ef0d533eb4b3accbdbf0ac590313de09d3c79ac3","body_hash":"0b998c2a0d2948f22c8c577754e6a0613029790c85c32bea57b940b780daa8e4","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"e9417b09f06078bb6a9cc2a4db37de222ceccb82447a4ef02e126ee3c7622738","body_hash":"0b998c2a0d2948f22c8c577754e6a0613029790c85c32bea57b940b780daa8e4","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,10 +27,12 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
# - shared/security-analysis-base.md
#
# Secrets used:
@@ -317,21 +319,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_c980a0ba3c5b38b6_EOF'
+ cat << 'GH_AW_PROMPT_de0f652d79eafb37_EOF'
- GH_AW_PROMPT_c980a0ba3c5b38b6_EOF
+ GH_AW_PROMPT_de0f652d79eafb37_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c980a0ba3c5b38b6_EOF'
+ cat << 'GH_AW_PROMPT_de0f652d79eafb37_EOF'
Tools: create_issue(max:5), create_discussion, missing_tool, missing_data, noop
- GH_AW_PROMPT_c980a0ba3c5b38b6_EOF
+ GH_AW_PROMPT_de0f652d79eafb37_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_c980a0ba3c5b38b6_EOF'
+ cat << 'GH_AW_PROMPT_de0f652d79eafb37_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -360,15 +362,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c980a0ba3c5b38b6_EOF
+ GH_AW_PROMPT_de0f652d79eafb37_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_c980a0ba3c5b38b6_EOF'
+ cat << 'GH_AW_PROMPT_de0f652d79eafb37_EOF'
{{#runtime-import .github/workflows/shared/security-analysis-base.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-security-red-team.md}}
- GH_AW_PROMPT_c980a0ba3c5b38b6_EOF
+ GH_AW_PROMPT_de0f652d79eafb37_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -624,9 +627,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3983d6d998042e45_EOF'
- {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[security-red-team] "},"create_issue":{"labels":["security","red-team"],"max":5,"title_prefix":"🚨 [SECURITY]"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3983d6d998042e45_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e421ddb602cd3c1c_EOF'
+ {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[security-red-team] "},"create_issue":{"close_older_issues":false,"expires":48,"labels":["security","red-team"],"max":5,"title_prefix":"🚨 [SECURITY]"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_e421ddb602cd3c1c_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1921,7 +1924,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,sentry.io,statsig.anthropic.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[security-red-team] \"},\"create_issue\":{\"labels\":[\"security\",\"red-team\"],\"max\":5,\"title_prefix\":\"🚨 [SECURITY]\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":72,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[security-red-team] \"},\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"security\",\"red-team\"],\"max\":5,\"title_prefix\":\"🚨 [SECURITY]\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/daily-security-red-team.md b/.github/workflows/daily-security-red-team.md
index 0a2dff12f08..6fc2d9be63a 100644
--- a/.github/workflows/daily-security-red-team.md
+++ b/.github/workflows/daily-security-red-team.md
@@ -20,11 +20,6 @@ tools:
mode: gh-proxy
toolsets: [issues]
edit:
-safe-outputs:
- create-issue:
- title-prefix: "🚨 [SECURITY]"
- labels: ["security", "red-team"]
- max: 5
experiments:
reasoning_depth:
variants: [single_pass, iterative]
@@ -45,6 +40,11 @@ experiments:
issue: 31673
timeout-minutes: 60
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "🚨 [SECURITY]"
+ labels: ["security", "red-team"]
+ max: 5
- shared/security-analysis-base.md
- uses: shared/daily-audit-base.md
with:
diff --git a/.github/workflows/daily-skill-optimizer.lock.yml b/.github/workflows/daily-skill-optimizer.lock.yml
index 580e6b9fb07..5fc3f89a8fb 100644
--- a/.github/workflows/daily-skill-optimizer.lock.yml
+++ b/.github/workflows/daily-skill-optimizer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"e7356a8ad133bdfe22160cc506dfb68ffcb4ecd83129a036db8e0264a073493a","body_hash":"9d85f4bc4b9eb22b3e568a170d0eb9a292980af127ede37b1756afdae43d2544","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"628dbc84c27649b4132e63389e6024c2ba14832043c910937acec7d752228298","body_hash":"9d85f4bc4b9eb22b3e568a170d0eb9a292980af127ede37b1756afdae43d2544","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENROUTER_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,7 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -275,20 +278,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_98d4292f970efb1e_EOF'
+ cat << 'GH_AW_PROMPT_db7aebbcb2f02898_EOF'
- GH_AW_PROMPT_98d4292f970efb1e_EOF
+ GH_AW_PROMPT_db7aebbcb2f02898_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_98d4292f970efb1e_EOF'
+ cat << 'GH_AW_PROMPT_db7aebbcb2f02898_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_98d4292f970efb1e_EOF
+ GH_AW_PROMPT_db7aebbcb2f02898_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_98d4292f970efb1e_EOF'
+ cat << 'GH_AW_PROMPT_db7aebbcb2f02898_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -317,13 +320,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_98d4292f970efb1e_EOF
+ GH_AW_PROMPT_db7aebbcb2f02898_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_98d4292f970efb1e_EOF'
+ cat << 'GH_AW_PROMPT_db7aebbcb2f02898_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-skill-optimizer.md}}
- GH_AW_PROMPT_98d4292f970efb1e_EOF
+ GH_AW_PROMPT_db7aebbcb2f02898_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -554,9 +559,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_a84933429c0bfcd7_EOF'
- {"create_issue":{"expires":168,"labels":["automation","documentation","prompt-quality"],"max":1,"title_prefix":"[skill-optimizer] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_a84933429c0bfcd7_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_90963df7660bdae8_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":168,"labels":["automation","documentation","prompt-quality"],"max":1,"title_prefix":"[skill-optimizer] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_90963df7660bdae8_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1665,7 +1670,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":168,\"labels\":[\"automation\",\"documentation\",\"prompt-quality\"],\"max\":1,\"title_prefix\":\"[skill-optimizer] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":168,\"labels\":[\"automation\",\"documentation\",\"prompt-quality\"],\"max\":1,\"title_prefix\":\"[skill-optimizer] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/daily-skill-optimizer.md b/.github/workflows/daily-skill-optimizer.md
index 6d19043ffac..105c5b36452 100644
--- a/.github/workflows/daily-skill-optimizer.md
+++ b/.github/workflows/daily-skill-optimizer.md
@@ -129,13 +129,6 @@ jobs:
if-no-files-found: error
retention-days: 7
-safe-outputs:
- create-issue:
- title-prefix: "[skill-optimizer] "
- labels: [automation, documentation, prompt-quality]
- max: 1
- expires: 7d
-
steps:
- name: Download skill-optimizer artifact
uses: actions/download-artifact@v8.0.1
@@ -150,6 +143,12 @@ tools:
edit:
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[skill-optimizer] "
+ expires: 7d
+ labels: [automation, documentation, prompt-quality]
+ max: 1
- shared/otlp.md
sandbox:
agent:
diff --git a/.github/workflows/daily-spdd-spec-planner.lock.yml b/.github/workflows/daily-spdd-spec-planner.lock.yml
index 3ae9e447f08..06b770385dc 100644
--- a/.github/workflows/daily-spdd-spec-planner.lock.yml
+++ b/.github/workflows/daily-spdd-spec-planner.lock.yml
@@ -576,9 +576,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_69517d0e5e93d04b_EOF'
- {"create_issue":{"assignees":["copilot"],"expires":72,"labels":["spdd","specifications","planning","automation"],"max":1,"title_prefix":"[spdd] "},"create_report_incomplete_issue":{},"max_bot_mentions":1,"mentions":{"enabled":false},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_69517d0e5e93d04b_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_2f95819965dcb328_EOF'
+ {"create_issue":{"assignees":["copilot"],"close_older_issues":false,"expires":72,"labels":["spdd","specifications","planning","automation"],"max":1,"title_prefix":"[spdd] "},"create_report_incomplete_issue":{},"max_bot_mentions":1,"mentions":{"enabled":false},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_2f95819965dcb328_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1734,7 +1734,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"assignees\":[\"copilot\"],\"expires\":72,\"labels\":[\"spdd\",\"specifications\",\"planning\",\"automation\"],\"max\":1,\"title_prefix\":\"[spdd] \"},\"create_report_incomplete_issue\":{},\"mentions\":{\"enabled\":false},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"assignees\":[\"copilot\"],\"close_older_issues\":false,\"expires\":72,\"labels\":[\"spdd\",\"specifications\",\"planning\",\"automation\"],\"max\":1,\"title_prefix\":\"[spdd] \"},\"create_report_incomplete_issue\":{},\"mentions\":{\"enabled\":false},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
GH_AW_ASSIGN_COPILOT: "true"
GH_AW_ASSIGN_TO_AGENT_TOKEN: ${{ secrets.GH_AW_AGENT_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
with:
diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml
index 5ea0c35dd4f..48cd765f6eb 100644
--- a/.github/workflows/daily-syntax-error-quality.lock.yml
+++ b/.github/workflows/daily-syntax-error-quality.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"1a86942b561824fc887fc2285edfd896177b72f32d90ce5c3138a51d1d0d1505","body_hash":"46bdadde2b884dc60d99e9b447c050d27960f27f5afd230dddf9ea288ce7fe2d","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fbadadcfbd487f3bf62cf805198a5b924181379fef835117ab8fe0e3400e404d","body_hash":"46bdadde2b884dc60d99e9b447c050d27960f27f5afd230dddf9ea288ce7fe2d","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -268,20 +270,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_ae13a0e2709254ba_EOF'
+ cat << 'GH_AW_PROMPT_4447b168e0568fe5_EOF'
- GH_AW_PROMPT_ae13a0e2709254ba_EOF
+ GH_AW_PROMPT_4447b168e0568fe5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_ae13a0e2709254ba_EOF'
+ cat << 'GH_AW_PROMPT_4447b168e0568fe5_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_ae13a0e2709254ba_EOF
+ GH_AW_PROMPT_4447b168e0568fe5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_ae13a0e2709254ba_EOF'
+ cat << 'GH_AW_PROMPT_4447b168e0568fe5_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -310,15 +312,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_ae13a0e2709254ba_EOF
+ GH_AW_PROMPT_4447b168e0568fe5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_ae13a0e2709254ba_EOF'
+ cat << 'GH_AW_PROMPT_4447b168e0568fe5_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/daily-syntax-error-quality.md}}
- GH_AW_PROMPT_ae13a0e2709254ba_EOF
+ GH_AW_PROMPT_4447b168e0568fe5_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-syntax-error-quality.md b/.github/workflows/daily-syntax-error-quality.md
index 73a096a31c6..3f3f5927c14 100644
--- a/.github/workflows/daily-syntax-error-quality.md
+++ b/.github/workflows/daily-syntax-error-quality.md
@@ -19,12 +19,6 @@ tools:
cli-proxy: true
bash: true
safe-outputs:
- create-issue:
- expires: 3d
- title-prefix: "[syntax-error-quality] "
- labels: [dx, error-messages, automated-analysis]
- max: 1
- close-older-issues: true
noop:
timeout-minutes: 20
strict: true
@@ -51,6 +45,13 @@ steps:
fi
gh aw --version
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[syntax-error-quality] "
+ expires: 3d
+ labels: [dx, error-messages, automated-analysis]
+ max: 1
+ close-older-issues: true
- shared/reporting.md
- shared/otlp.md
---
diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml
index 8cbe391b84e..b0bef1067f5 100644
--- a/.github/workflows/daily-testify-uber-super-expert.lock.yml
+++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml
@@ -588,9 +588,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_4d1f4d035e30a487_EOF'
- {"create_issue":{"expires":48,"labels":["testing","code-quality","automated-analysis","cookie"],"max":1,"title_prefix":"[testify-expert] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":51200,"max_patch_size":10240}]},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_4d1f4d035e30a487_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_4931f3b882759ffe_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["testing","code-quality","automated-analysis","cookie"],"max":1,"title_prefix":"[testify-expert] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":51200,"max_patch_size":10240}]},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_4931f3b882759ffe_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1896,7 +1896,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":48,\"labels\":[\"testing\",\"code-quality\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[testify-expert] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"testing\",\"code-quality\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[testify-expert] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/daily-token-consumption-report.lock.yml b/.github/workflows/daily-token-consumption-report.lock.yml
index 781da63b64c..98ce573f6c9 100644
--- a/.github/workflows/daily-token-consumption-report.lock.yml
+++ b/.github/workflows/daily-token-consumption-report.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"bad33483ffb4e4d1a8cb67842e6c2be6f428c9a71b46221514badf45781b525c","body_hash":"df7eb9889d93e3d011f2a2611d90a0c8f0e73c114f5a5267597f7d002a8f2446","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"14aad2c3aee9948bbac4e25d165e593a56d9b9d0bfa80718c8a79d7dde9370f1","body_hash":"df7eb9889d93e3d011f2a2611d90a0c8f0e73c114f5a5267597f7d002a8f2446","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","GRAFANA_SERVICE_ACCOUNT_TOKEN","GRAFANA_URL","SENTRY_ACCESS_TOKEN","SENTRY_OPENAI_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"},{"image":"grafana/mcp-grafana","digest":"sha256:60a4e3a417a69eeb864a72052c53b4aa4466ff3577d6ef9bacc671f4b77d7090","pinned_image":"grafana/mcp-grafana@sha256:60a4e3a417a69eeb864a72052c53b4aa4466ff3577d6ef9bacc671f4b77d7090"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,12 +27,14 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/daily-audit-discussion.md
# - shared/mcp/grafana.md
# - shared/mcp/sentry.md
# - shared/otlp.md
# - shared/reporting.md
# - shared/daily-audit-base.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -285,20 +287,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_e47d26d3e9efef68_EOF'
+ cat << 'GH_AW_PROMPT_fa43f612d73dde79_EOF'
- GH_AW_PROMPT_e47d26d3e9efef68_EOF
+ GH_AW_PROMPT_fa43f612d73dde79_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_e47d26d3e9efef68_EOF'
+ cat << 'GH_AW_PROMPT_fa43f612d73dde79_EOF'
Tools: create_issue, create_discussion, missing_tool, missing_data, noop
- GH_AW_PROMPT_e47d26d3e9efef68_EOF
+ GH_AW_PROMPT_fa43f612d73dde79_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_e47d26d3e9efef68_EOF'
+ cat << 'GH_AW_PROMPT_fa43f612d73dde79_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -327,17 +329,18 @@ jobs:
{{/if}}
- GH_AW_PROMPT_e47d26d3e9efef68_EOF
+ GH_AW_PROMPT_fa43f612d73dde79_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_e47d26d3e9efef68_EOF'
+ cat << 'GH_AW_PROMPT_fa43f612d73dde79_EOF'
{{#runtime-import .github/workflows/shared/mcp/sentry.md}}
{{#runtime-import .github/workflows/shared/mcp/grafana.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/daily-token-consumption-report.md}}
- GH_AW_PROMPT_e47d26d3e9efef68_EOF
+ GH_AW_PROMPT_fa43f612d73dde79_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/daily-token-consumption-report.md b/.github/workflows/daily-token-consumption-report.md
index 26ecb917a83..762be143a1e 100644
--- a/.github/workflows/daily-token-consumption-report.md
+++ b/.github/workflows/daily-token-consumption-report.md
@@ -16,14 +16,15 @@ tools:
safe-outputs:
mentions: false
allowed-github-references: []
- create-issue:
- title-prefix: "[token-consumption] "
- labels: [automation, observability, telemetry]
- close-older-issues: true
- expires: 1d
- max: 1
timeout-minutes: 30
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[token-consumption] "
+ expires: 1d
+ labels: [automation, observability, telemetry]
+ max: 1
+ close-older-issues: true
- shared/mcp/sentry.md
- shared/mcp/grafana.md
- uses: shared/daily-audit-base.md
diff --git a/.github/workflows/daily-windows-terminal-integration-builder.lock.yml b/.github/workflows/daily-windows-terminal-integration-builder.lock.yml
index 8df7d5f8263..79a07b3175b 100644
--- a/.github/workflows/daily-windows-terminal-integration-builder.lock.yml
+++ b/.github/workflows/daily-windows-terminal-integration-builder.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"50725ea77cfff5f6d0465acd44ea7cb5e5b1e0b712c3f8c73a38254ceb0985e8","body_hash":"c5f7443a1ee51644b7a0f5e066fa5990afd02143e4a93fc5081203929fea43ae","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3f46dd1ee0e6c2ac2069b7f6a9e2891dfbdf73301a61f3a34f39b0aae10cef58","body_hash":"c5f7443a1ee51644b7a0f5e066fa5990afd02143e4a93fc5081203929fea43ae","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -25,6 +25,12 @@
#
# Daily agent that maintains a Windows-focused CLI integration workflow with Ubuntu build, Windows test, and failure issue reporting
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/activation-app.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -257,20 +263,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_ef637123c6725d3f_EOF'
+ cat << 'GH_AW_PROMPT_56d57981b840c01b_EOF'
- GH_AW_PROMPT_ef637123c6725d3f_EOF
+ GH_AW_PROMPT_56d57981b840c01b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_ef637123c6725d3f_EOF'
+ cat << 'GH_AW_PROMPT_56d57981b840c01b_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_ef637123c6725d3f_EOF
+ GH_AW_PROMPT_56d57981b840c01b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_ef637123c6725d3f_EOF'
+ cat << 'GH_AW_PROMPT_56d57981b840c01b_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -299,12 +305,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_ef637123c6725d3f_EOF
+ GH_AW_PROMPT_56d57981b840c01b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_ef637123c6725d3f_EOF'
+ cat << 'GH_AW_PROMPT_56d57981b840c01b_EOF'
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-windows-terminal-integration-builder.md}}
- GH_AW_PROMPT_ef637123c6725d3f_EOF
+ GH_AW_PROMPT_56d57981b840c01b_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -523,9 +531,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7a8dda839bf70d3e_EOF'
- {"create_issue":{"labels":["workflow","windows"],"max":1,"title_prefix":"[windows-integration] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_7a8dda839bf70d3e_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_2f47e709fafd8df3_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["workflow","windows"],"max":1,"title_prefix":"[windows-integration] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_2f47e709fafd8df3_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1601,7 +1609,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"labels\":[\"workflow\",\"windows\"],\"max\":1,\"title_prefix\":\"[windows-integration] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"workflow\",\"windows\"],\"max\":1,\"title_prefix\":\"[windows-integration] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/daily-windows-terminal-integration-builder.md b/.github/workflows/daily-windows-terminal-integration-builder.md
index b7b88c69773..49c4e3a2832 100644
--- a/.github/workflows/daily-windows-terminal-integration-builder.md
+++ b/.github/workflows/daily-windows-terminal-integration-builder.md
@@ -13,15 +13,17 @@ permissions:
actions: read
issues: read
+imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[windows-integration] "
+ labels: [workflow, windows]
tools:
github:
mode: gh-proxy
toolsets: [default]
safe-outputs:
- create-issue:
- title-prefix: "[windows-integration] "
- labels: [workflow, windows]
noop:
---
diff --git a/.github/workflows/deployment-incident-monitor.lock.yml b/.github/workflows/deployment-incident-monitor.lock.yml
index b0e1d1f140e..be6e2903551 100644
--- a/.github/workflows/deployment-incident-monitor.lock.yml
+++ b/.github/workflows/deployment-incident-monitor.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"39dc0126ec93f650d074970ed4ef5fa5acb997f165abbf747c0fdd38f9099533","body_hash":"cefb70fc337855db3e12f3d07431b454886f173a8ecae66d964dcccfd2072266","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"8aac6932bb5b0b27a2ac988f038f6c96575634c1850eafdca26d58f6baf4148e","body_hash":"cefb70fc337855db3e12f3d07431b454886f173a8ecae66d964dcccfd2072266","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -279,20 +281,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_a0853e7181521216_EOF'
+ cat << 'GH_AW_PROMPT_8eefdc2cedb3dcf9_EOF'
- GH_AW_PROMPT_a0853e7181521216_EOF
+ GH_AW_PROMPT_8eefdc2cedb3dcf9_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_a0853e7181521216_EOF'
+ cat << 'GH_AW_PROMPT_8eefdc2cedb3dcf9_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_a0853e7181521216_EOF
+ GH_AW_PROMPT_8eefdc2cedb3dcf9_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_a0853e7181521216_EOF'
+ cat << 'GH_AW_PROMPT_8eefdc2cedb3dcf9_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -321,14 +323,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_a0853e7181521216_EOF
+ GH_AW_PROMPT_8eefdc2cedb3dcf9_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_a0853e7181521216_EOF'
+ cat << 'GH_AW_PROMPT_8eefdc2cedb3dcf9_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/deployment-incident-monitor.md}}
- GH_AW_PROMPT_a0853e7181521216_EOF
+ GH_AW_PROMPT_8eefdc2cedb3dcf9_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/deployment-incident-monitor.md b/.github/workflows/deployment-incident-monitor.md
index 4614b036c37..f9f7d4df534 100644
--- a/.github/workflows/deployment-incident-monitor.md
+++ b/.github/workflows/deployment-incident-monitor.md
@@ -14,6 +14,12 @@ engine:
id: copilot
copilot-sdk: true
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[Incident] "
+ expires: 7d
+ labels: [incident, deployment-failure]
+ close-older-issues: true
- shared/reporting.md
- shared/otlp.md
tools:
@@ -22,11 +28,6 @@ tools:
mode: gh-proxy
toolsets: [repos, actions]
safe-outputs:
- create-issue:
- expires: 7d
- title-prefix: "[Incident] "
- labels: [incident, deployment-failure]
- close-older-issues: true
noop:
timeout-minutes: 10
diff --git a/.github/workflows/designer-drift-audit.lock.yml b/.github/workflows/designer-drift-audit.lock.yml
index bac25934a6a..db032b68388 100644
--- a/.github/workflows/designer-drift-audit.lock.yml
+++ b/.github/workflows/designer-drift-audit.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"b897df101e5f09139690ac9caeb28208548db90de79a4956394f84c99928c881","body_hash":"7b62ed09fc60e25ae1271e1de68a2cd5dd4ff3eaa59026d90dac06bd4c5226fd","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"1ee61bef0679e2ba5f8fdccfc94e2f4aaa552f36ab7d3fe7b15727b6863609c5","body_hash":"7b62ed09fc60e25ae1271e1de68a2cd5dd4ff3eaa59026d90dac06bd4c5226fd","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -25,6 +25,12 @@
#
# Daily audit that detects drift between aw reference docs and the workflow designer skill/agent files
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/activation-app.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -257,20 +263,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_8c02059830b0cd9b_EOF'
+ cat << 'GH_AW_PROMPT_f85a0651697f0e57_EOF'
- GH_AW_PROMPT_8c02059830b0cd9b_EOF
+ GH_AW_PROMPT_f85a0651697f0e57_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_8c02059830b0cd9b_EOF'
+ cat << 'GH_AW_PROMPT_f85a0651697f0e57_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_8c02059830b0cd9b_EOF
+ GH_AW_PROMPT_f85a0651697f0e57_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_8c02059830b0cd9b_EOF'
+ cat << 'GH_AW_PROMPT_f85a0651697f0e57_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -299,12 +305,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_8c02059830b0cd9b_EOF
+ GH_AW_PROMPT_f85a0651697f0e57_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_8c02059830b0cd9b_EOF'
+ cat << 'GH_AW_PROMPT_f85a0651697f0e57_EOF'
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/designer-drift-audit.md}}
- GH_AW_PROMPT_8c02059830b0cd9b_EOF
+ GH_AW_PROMPT_f85a0651697f0e57_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/designer-drift-audit.md b/.github/workflows/designer-drift-audit.md
index 7f354d063fd..afaffb1d636 100644
--- a/.github/workflows/designer-drift-audit.md
+++ b/.github/workflows/designer-drift-audit.md
@@ -8,6 +8,13 @@ permissions:
contents: read
issues: read
pull-requests: read # required by pull_requests
+imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "Designer Drift Audit"
+ expires: 7d
+ labels: ["drift-audit", "automated"]
+ close-older-issues: true
tools:
github:
mode: gh-proxy
@@ -107,12 +114,6 @@ steps:
grep -oP '"(\w+)":\s*\{' pkg/workflow/safe_outputs_validation_config.go \
| sed 's/": {//' | tr -d '"' | sort \
> /tmp/gh-aw/data/all-safe-output-types.txt 2>/dev/null || true
-safe-outputs:
- create-issue:
- title-prefix: "Designer Drift Audit"
- labels: ["drift-audit", "automated"]
- close-older-issues: true
- expires: 7d
network:
allowed:
- defaults
diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml
index 2cb58b6afce..239f53da628 100644
--- a/.github/workflows/dev.lock.yml
+++ b/.github/workflows/dev.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fc310466e834d080c9269fb5ffec112953598daf49109cf453ccacb910a298dd","body_hash":"5b410bb5440f068fe2548af04ab07b6f07926ae33aadd478a37a09fe1b290bca","agent_id":"codex","agent_model":"gpt-5.4","engine_versions":{"codex":"0.142.0"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3666f1e866a9d99950a679da90b7750bdd1f0d35b42b4e5f77ae10602f0c552f","body_hash":"5b410bb5440f068fe2548af04ab07b6f07926ae33aadd478a37a09fe1b290bca","agent_id":"codex","agent_model":"gpt-5.4","engine_versions":{"codex":"0.142.0"}}
# gh-aw-manifest: {"version":1,"secrets":["CODEX_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENAI_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - CODEX_API_KEY
@@ -331,20 +333,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_b0e066a156e5f9f0_EOF'
+ cat << 'GH_AW_PROMPT_0b4c372b195079bd_EOF'
- GH_AW_PROMPT_b0e066a156e5f9f0_EOF
+ GH_AW_PROMPT_0b4c372b195079bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_b0e066a156e5f9f0_EOF'
+ cat << 'GH_AW_PROMPT_0b4c372b195079bd_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_b0e066a156e5f9f0_EOF
+ GH_AW_PROMPT_0b4c372b195079bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_b0e066a156e5f9f0_EOF'
+ cat << 'GH_AW_PROMPT_0b4c372b195079bd_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -373,15 +375,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_b0e066a156e5f9f0_EOF
+ GH_AW_PROMPT_0b4c372b195079bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_b0e066a156e5f9f0_EOF'
+ cat << 'GH_AW_PROMPT_0b4c372b195079bd_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/dev.md}}
- GH_AW_PROMPT_b0e066a156e5f9f0_EOF
+ GH_AW_PROMPT_0b4c372b195079bd_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -603,15 +606,15 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3fc551f2342c3a77_EOF'
- {"create_issue":{"expires":168,"max":1,"title_prefix":"[Daily Report] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3fc551f2342c3a77_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_837aa6babb77b69e_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":168,"labels":["automated-analysis","cookie"],"max":1,"title_prefix":"[Daily Report] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_837aa6babb77b69e_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
{
"description_suffixes": {
- "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[Daily Report] \"."
+ "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[Daily Report] \". Labels [\"automated-analysis\" \"cookie\"] will be automatically added."
},
"repo_params": {},
"dynamic_tools": []
@@ -1855,7 +1858,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,172.30.0.1,api.openai.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,chatgpt.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,openai.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":168,\"max\":1,\"title_prefix\":\"[Daily Report] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":168,\"labels\":[\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[Daily Report] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/dev.md b/.github/workflows/dev.md
index cb29b0745a3..eee1d4753df 100644
--- a/.github/workflows/dev.md
+++ b/.github/workflows/dev.md
@@ -21,12 +21,11 @@ permissions:
issues: read
pull-requests: read
-safe-outputs:
- create-issue:
- expires: 7d
- title-prefix: "[Daily Report] "
-
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[Daily Report] "
+ expires: 7d
- shared/otlp.md
- shared/reporting.md
tools:
diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml
index d6d0bbf9f61..2081aa060ad 100644
--- a/.github/workflows/go-fan.lock.yml
+++ b/.github/workflows/go-fan.lock.yml
@@ -590,9 +590,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8b0b61079e590d31_EOF'
- {"create_issue":{"expires":24,"labels":["automation","cookie"],"max":1,"title_prefix":"[go-fan] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_8b0b61079e590d31_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_d2c80c61413c61ce_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":24,"labels":["automation","cookie"],"max":1,"title_prefix":"[go-fan] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_d2c80c61413c61ce_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1836,7 +1836,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,docs.github.com,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,go.dev,golang.org,goproxy.io,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,pkg.go.dev,playwright.download.prss.microsoft.com,ppa.launchpad.net,proxy.golang.org,pypi.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,sentry.io,statsig.anthropic.com,storage.googleapis.com,sum.golang.org,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":24,\"labels\":[\"automation\",\"cookie\"],\"max\":1,\"title_prefix\":\"[go-fan] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":24,\"labels\":[\"automation\",\"cookie\"],\"max\":1,\"title_prefix\":\"[go-fan] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml
index 29c04d3e9d5..126f5be888e 100644
--- a/.github/workflows/go-pattern-detector.lock.yml
+++ b/.github/workflows/go-pattern-detector.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"7434cfb23d03121124f3222dda1da0769f05ee79a3ac2c5885595704d474db7f","body_hash":"3f7d59d89af3b0b478e8c6ea60d03d002a33ea825df6972105b091ae111e26cd","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"1ba01ce0e58f9ebade95e2cf6f0e2d611e74509c31ce204a1f95e5228f8027ab","body_hash":"3f7d59d89af3b0b478e8c6ea60d03d002a33ea825df6972105b091ae111e26cd","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"},{"image":"mcp/ast-grep:latest","digest":"sha256:5fc3f2e9dcf2c019e92662f608b8d89e12134ed6d91e6f5461de6efd506a1e72","pinned_image":"mcp/ast-grep:latest@sha256:5fc3f2e9dcf2c019e92662f608b8d89e12134ed6d91e6f5461de6efd506a1e72"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,9 +27,11 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/mcp/ast-grep.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -278,20 +280,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_4617ec5abb1430bd_EOF'
+ cat << 'GH_AW_PROMPT_9f7421c16546b0bc_EOF'
- GH_AW_PROMPT_4617ec5abb1430bd_EOF
+ GH_AW_PROMPT_9f7421c16546b0bc_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4617ec5abb1430bd_EOF'
+ cat << 'GH_AW_PROMPT_9f7421c16546b0bc_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_4617ec5abb1430bd_EOF
+ GH_AW_PROMPT_9f7421c16546b0bc_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_4617ec5abb1430bd_EOF'
+ cat << 'GH_AW_PROMPT_9f7421c16546b0bc_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -320,16 +322,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_4617ec5abb1430bd_EOF
+ GH_AW_PROMPT_9f7421c16546b0bc_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_4617ec5abb1430bd_EOF'
+ cat << 'GH_AW_PROMPT_9f7421c16546b0bc_EOF'
{{#runtime-import .github/workflows/shared/mcp/ast-grep.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/go-pattern-detector.md}}
- GH_AW_PROMPT_4617ec5abb1430bd_EOF
+ GH_AW_PROMPT_9f7421c16546b0bc_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -559,9 +562,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_15b20272cac57d83_EOF'
- {"create_issue":{"expires":48,"labels":["code-quality","ast-grep","cookie"],"max":1,"title_prefix":"[ast-grep] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_15b20272cac57d83_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7de980c6094ff7c2_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["code-quality","ast-grep","cookie"],"max":1,"title_prefix":"[ast-grep] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_7de980c6094ff7c2_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1775,7 +1778,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,sentry.io,statsig.anthropic.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":48,\"labels\":[\"code-quality\",\"ast-grep\",\"cookie\"],\"max\":1,\"title_prefix\":\"[ast-grep] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"code-quality\",\"ast-grep\",\"cookie\"],\"max\":1,\"title_prefix\":\"[ast-grep] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/go-pattern-detector.md b/.github/workflows/go-pattern-detector.md
index 3797b062320..cac3d19908d 100644
--- a/.github/workflows/go-pattern-detector.md
+++ b/.github/workflows/go-pattern-detector.md
@@ -52,22 +52,20 @@ engine: claude
timeout-minutes: 10
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[ast-grep] "
+ expires: 2d
+ labels: [code-quality, ast-grep, cookie]
+ max: 1
- shared/mcp/ast-grep.md
- shared/reporting.md
- shared/otlp.md
-safe-outputs:
- create-issue:
- expires: 2d
- title-prefix: "[ast-grep] "
- labels: [code-quality, ast-grep, cookie]
- max: 1
strict: true
tools:
cli-proxy: true
-
-
---
# Go Code Pattern Detector
diff --git a/.github/workflows/gpclean.lock.yml b/.github/workflows/gpclean.lock.yml
index 7f46fe0d8a2..9458bbb6cf1 100644
--- a/.github/workflows/gpclean.lock.yml
+++ b/.github/workflows/gpclean.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"b16c858df2a5670a56630177d1dee2b5f0c5bd39d617caf6c0a167254f42a692","body_hash":"caaebc053371d9a29dde1b3ec63bce2d1f6e0ac18eb06749ee1094d8516d522a","agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"f875a7803f8d4e0e65a181b8020c5bf648d61eff0bde008a0c37700b0b4172f1","body_hash":"caaebc053371d9a29dde1b3ec63bce2d1f6e0ac18eb06749ee1094d8516d522a","agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -312,21 +314,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_81d15558abb0f16a_EOF'
+ cat << 'GH_AW_PROMPT_afe627f2122bd70f_EOF'
- GH_AW_PROMPT_81d15558abb0f16a_EOF
+ GH_AW_PROMPT_afe627f2122bd70f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_81d15558abb0f16a_EOF'
+ cat << 'GH_AW_PROMPT_afe627f2122bd70f_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_81d15558abb0f16a_EOF
+ GH_AW_PROMPT_afe627f2122bd70f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_81d15558abb0f16a_EOF'
+ cat << 'GH_AW_PROMPT_afe627f2122bd70f_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -355,15 +357,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_81d15558abb0f16a_EOF
+ GH_AW_PROMPT_afe627f2122bd70f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_81d15558abb0f16a_EOF'
+ cat << 'GH_AW_PROMPT_afe627f2122bd70f_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/gpclean.md}}
- GH_AW_PROMPT_81d15558abb0f16a_EOF
+ GH_AW_PROMPT_afe627f2122bd70f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -616,9 +619,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_5b77713824b4ff51_EOF'
- {"create_issue":{"expires":48,"labels":["dependency-cleaner"],"max":1,"title_prefix":"[gpl-dependency]"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_5b77713824b4ff51_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_de6976308eed0d2e_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["dependency-cleaner"],"max":1,"title_prefix":"[gpl-dependency]"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_de6976308eed0d2e_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1821,7 +1824,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,github.com,go.googlesource.com,host.docker.internal,pkg.go.dev,proxy.golang.org,raw.githubusercontent.com,registry.npmjs.org,storage.googleapis.com,sum.golang.org,telemetry.enterprise.githubcopilot.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":48,\"labels\":[\"dependency-cleaner\"],\"max\":1,\"title_prefix\":\"[gpl-dependency]\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"dependency-cleaner\"],\"max\":1,\"title_prefix\":\"[gpl-dependency]\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/gpclean.md b/.github/workflows/gpclean.md
index ebbd36c7656..b004a138756 100644
--- a/.github/workflows/gpclean.md
+++ b/.github/workflows/gpclean.md
@@ -23,13 +23,6 @@ network:
- "github.com"
- "storage.googleapis.com"
-safe-outputs:
- create-issue:
- expires: 2d
- title-prefix: "[gpl-dependency]"
- labels: [dependency-cleaner]
- max: 1
-
tools:
cli-proxy: true
cache-memory: true
@@ -57,6 +50,12 @@ experiments:
strict: false
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[gpl-dependency]"
+ expires: 2d
+ labels: [dependency-cleaner]
+ max: 1
- shared/reporting.md
# Pre-download SBOM to get accurate dependency information
@@ -84,7 +83,6 @@ steps:
PACKAGE_COUNT=$(jq '.sbom.packages | length' /tmp/gh-aw/agent/sbom.json 2>/dev/null || echo "unknown")
echo "📊 SBOM contains ${PACKAGE_COUNT} packages"
fi
-
---
{{#if experiments.tool_verbosity == 'minimal_toolset' }}
diff --git a/.github/workflows/lint-monster.lock.yml b/.github/workflows/lint-monster.lock.yml
index 7ec68c1adcc..5de432b36b2 100644
--- a/.github/workflows/lint-monster.lock.yml
+++ b/.github/workflows/lint-monster.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"90b7e82d5efd2666c0a3b266251e5f2a5945841071233e1d7b375c07dd33acea","body_hash":"b20ce5e3f74590f7862e4117c98b61d92695bf9162f9669c662618b859aaf24d","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4","engine_versions":{"pi":"0.80.2"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"1303de5cee79dc001e572edaf7286b748e9c8f01321e0d831dd2fcfdbe2aaf7d","body_hash":"b20ce5e3f74590f7862e4117c98b61d92695bf9162f9669c662618b859aaf24d","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4","engine_versions":{"pi":"0.80.2"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_AGENT_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,7 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -276,20 +279,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_f4ecc289d428becb_EOF'
+ cat << 'GH_AW_PROMPT_465698155c539a79_EOF'
- GH_AW_PROMPT_f4ecc289d428becb_EOF
+ GH_AW_PROMPT_465698155c539a79_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f4ecc289d428becb_EOF'
+ cat << 'GH_AW_PROMPT_465698155c539a79_EOF'
Tools: create_issue(max:3), close_issue(max:10), update_issue(max:10), create_discussion, assign_to_agent(max:3), missing_tool, missing_data, noop
- GH_AW_PROMPT_f4ecc289d428becb_EOF
+ GH_AW_PROMPT_465698155c539a79_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_f4ecc289d428becb_EOF'
+ cat << 'GH_AW_PROMPT_465698155c539a79_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -318,13 +321,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f4ecc289d428becb_EOF
+ GH_AW_PROMPT_465698155c539a79_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_f4ecc289d428becb_EOF'
+ cat << 'GH_AW_PROMPT_465698155c539a79_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/lint-monster.md}}
- GH_AW_PROMPT_f4ecc289d428becb_EOF
+ GH_AW_PROMPT_465698155c539a79_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -548,9 +553,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_b4cc2428d989a1e1_EOF'
- {"assign_to_agent":{"allowed":["copilot"],"max":3,"target":"*"},"close_issue":{"max":10,"required_title_prefix":"[lint-monster] ","state_reason":"duplicate"},"create_discussion":{"category":"reports","close_older_discussions":true,"expires":48,"fallback_to_issue":true,"max":1,"title_prefix":"[lint-monster] "},"create_issue":{"expires":168,"labels":["automation","lint","cookie"],"max":3,"title_prefix":"[lint-monster] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{},"update_issue":{"allow_body":true,"max":10,"title_prefix":"[lint-monster] "}}
- GH_AW_SAFE_OUTPUTS_CONFIG_b4cc2428d989a1e1_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_f60c2f43ae5c5dde_EOF'
+ {"assign_to_agent":{"allowed":["copilot"],"max":3,"target":"*"},"close_issue":{"max":10,"required_title_prefix":"[lint-monster] ","state_reason":"duplicate"},"create_discussion":{"category":"reports","close_older_discussions":true,"expires":48,"fallback_to_issue":true,"max":1,"title_prefix":"[lint-monster] "},"create_issue":{"close_older_issues":false,"expires":168,"labels":["automation","lint","cookie"],"max":3,"title_prefix":"[lint-monster] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{},"update_issue":{"allow_body":true,"max":10,"title_prefix":"[lint-monster] "}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_f60c2f43ae5c5dde_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1749,7 +1754,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.githubcopilot.com,api.pi.ai,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"assign_to_agent\":{\"allowed\":[\"copilot\"],\"max\":3,\"target\":\"*\"},\"close_issue\":{\"max\":10,\"required_title_prefix\":\"[lint-monster] \",\"state_reason\":\"duplicate\"},\"create_discussion\":{\"category\":\"reports\",\"close_older_discussions\":true,\"expires\":48,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[lint-monster] \"},\"create_issue\":{\"expires\":168,\"labels\":[\"automation\",\"lint\",\"cookie\"],\"max\":3,\"title_prefix\":\"[lint-monster] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{},\"update_issue\":{\"allow_body\":true,\"max\":10,\"title_prefix\":\"[lint-monster] \"}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"assign_to_agent\":{\"allowed\":[\"copilot\"],\"max\":3,\"target\":\"*\"},\"close_issue\":{\"max\":10,\"required_title_prefix\":\"[lint-monster] \",\"state_reason\":\"duplicate\"},\"create_discussion\":{\"category\":\"reports\",\"close_older_discussions\":true,\"expires\":48,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[lint-monster] \"},\"create_issue\":{\"close_older_issues\":false,\"expires\":168,\"labels\":[\"automation\",\"lint\",\"cookie\"],\"max\":3,\"title_prefix\":\"[lint-monster] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{},\"update_issue\":{\"allow_body\":true,\"max\":10,\"title_prefix\":\"[lint-monster] \"}}"
GH_AW_ASSIGN_TO_AGENT_TOKEN: ${{ secrets.GH_AW_AGENT_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/lint-monster.md b/.github/workflows/lint-monster.md
index 21d950fc755..2dffe8c5927 100644
--- a/.github/workflows/lint-monster.md
+++ b/.github/workflows/lint-monster.md
@@ -53,11 +53,6 @@ steps:
echo "Lint diagnostics captured: ${diag_count}"
safe-outputs:
- create-issue:
- expires: 7d
- title-prefix: "[lint-monster] "
- labels: [automation, lint, cookie]
- max: 3
close-issue:
max: 10
required-title-prefix: "[lint-monster] "
@@ -78,6 +73,12 @@ safe-outputs:
noop:
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[lint-monster] "
+ expires: 7d
+ labels: [automation, lint, cookie]
+ max: 3
- shared/otlp.md
---
diff --git a/.github/workflows/objective-impact-report.lock.yml b/.github/workflows/objective-impact-report.lock.yml
index 850dd3b0edb..a3701e15a5a 100644
--- a/.github/workflows/objective-impact-report.lock.yml
+++ b/.github/workflows/objective-impact-report.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"b0611fa3f6d4670def1bbaa5de73487925f06fb8d9145133eff9560687fc35ec","body_hash":"d00ce693309b0e904ead553df2fafa18a139b195719b184b851a571250604e0f","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"c62f50dcbe9dab85b63aebacc89aa412905d1715f894fb1130b8cadbb2ff8209","body_hash":"d00ce693309b0e904ead553df2fafa18a139b195719b184b851a571250604e0f","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -25,6 +25,12 @@
#
# Executive impact efficiency report from workflow outcomes tied to tracked objectives.
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/activation-app.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -257,20 +263,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_c6b903902df2efbb_EOF'
+ cat << 'GH_AW_PROMPT_329b5e3eaf5ec56f_EOF'
- GH_AW_PROMPT_c6b903902df2efbb_EOF
+ GH_AW_PROMPT_329b5e3eaf5ec56f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c6b903902df2efbb_EOF'
+ cat << 'GH_AW_PROMPT_329b5e3eaf5ec56f_EOF'
Tools: create_issue, close_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_c6b903902df2efbb_EOF
+ GH_AW_PROMPT_329b5e3eaf5ec56f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_c6b903902df2efbb_EOF'
+ cat << 'GH_AW_PROMPT_329b5e3eaf5ec56f_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -299,12 +305,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c6b903902df2efbb_EOF
+ GH_AW_PROMPT_329b5e3eaf5ec56f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_c6b903902df2efbb_EOF'
+ cat << 'GH_AW_PROMPT_329b5e3eaf5ec56f_EOF'
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/objective-impact-report.md}}
- GH_AW_PROMPT_c6b903902df2efbb_EOF
+ GH_AW_PROMPT_329b5e3eaf5ec56f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -534,16 +542,16 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_d108a67434282c92_EOF'
- {"close_issue":{"max":1,"required_title_prefix":"Impact Efficiency Report - ","target":"*"},"create_issue":{"max":1,"title_prefix":"Impact Efficiency Report - "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_d108a67434282c92_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_a81980f63e9657d3_EOF'
+ {"close_issue":{"max":1,"required_title_prefix":"Impact Efficiency Report - ","target":"*"},"create_issue":{"close_older_issues":false,"expires":48,"labels":["automated-analysis","cookie"],"max":1,"title_prefix":"Impact Efficiency Report - "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_a81980f63e9657d3_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
{
"description_suffixes": {
"close_issue": " CONSTRAINTS: Maximum 1 issue(s) can be closed. Target: *. Only issues with title prefix \"Impact Efficiency Report - \" can be closed.",
- "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"Impact Efficiency Report - \"."
+ "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"Impact Efficiency Report - \". Labels [\"automated-analysis\" \"cookie\"] will be automatically added."
},
"repo_params": {},
"dynamic_tools": []
@@ -1654,7 +1662,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"close_issue\":{\"max\":1,\"required_title_prefix\":\"Impact Efficiency Report - \",\"target\":\"*\"},\"create_issue\":{\"max\":1,\"title_prefix\":\"Impact Efficiency Report - \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"close_issue\":{\"max\":1,\"required_title_prefix\":\"Impact Efficiency Report - \",\"target\":\"*\"},\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"Impact Efficiency Report - \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/objective-impact-report.md b/.github/workflows/objective-impact-report.md
index ad17365ae13..a32ea6d3391 100644
--- a/.github/workflows/objective-impact-report.md
+++ b/.github/workflows/objective-impact-report.md
@@ -15,6 +15,11 @@ cache:
path: /tmp/gh-aw/agent/objective-impact-report
restore-keys: |
objective-impact-report-cache-
+imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "Impact Efficiency Report - "
+ max: 1
tools:
cli-proxy: true
github:
@@ -39,9 +44,6 @@ safe-outputs:
required-title-prefix: "Impact Efficiency Report - "
target: "*"
max: 1
- create-issue:
- title-prefix: "Impact Efficiency Report - "
- max: 1
---
# Impact Efficiency Report
diff --git a/.github/workflows/refactoring-cadence.lock.yml b/.github/workflows/refactoring-cadence.lock.yml
index 71e99535375..78e87d33127 100644
--- a/.github/workflows/refactoring-cadence.lock.yml
+++ b/.github/workflows/refactoring-cadence.lock.yml
@@ -576,9 +576,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_754d6637f26130d2_EOF'
- {"create_issue":{"expires":336,"labels":["refactoring","ai-generated"],"max":1,"title_prefix":"[refactoring-cadence] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_754d6637f26130d2_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_43b63feefb237abf_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":336,"labels":["refactoring","ai-generated"],"max":1,"title_prefix":"[refactoring-cadence] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_43b63feefb237abf_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1762,7 +1762,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,go.dev,golang.org,goproxy.io,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pkg.go.dev,ppa.launchpad.net,proxy.golang.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,storage.googleapis.com,sum.golang.org,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":336,\"labels\":[\"refactoring\",\"ai-generated\"],\"max\":1,\"title_prefix\":\"[refactoring-cadence] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":336,\"labels\":[\"refactoring\",\"ai-generated\"],\"max\":1,\"title_prefix\":\"[refactoring-cadence] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml
index 49a6955720d..d20886b711b 100644
--- a/.github/workflows/semantic-function-refactor.lock.yml
+++ b/.github/workflows/semantic-function-refactor.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"28db89db0afcfcdf36dbf4edb303db4aa96e328fae7bbf47cda2cc96ef795c59","body_hash":"a99db7d46e0b833ebf9e2c4a974a2ccfc7d27784973b5f0398e4c3f16cde6459","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3bc4f45daa24a509958a116de95fc201d08a99d2fc2fb7bf693604cfeb128071","body_hash":"a99db7d46e0b833ebf9e2c4a974a2ccfc7d27784973b5f0398e4c3f16cde6459","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,10 +27,12 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
# - shared/go-source-analysis.md
#
# Secrets used:
@@ -280,20 +282,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_98ff3cd53aaf5dc8_EOF'
+ cat << 'GH_AW_PROMPT_f5adfa3bae00761f_EOF'
- GH_AW_PROMPT_98ff3cd53aaf5dc8_EOF
+ GH_AW_PROMPT_f5adfa3bae00761f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_98ff3cd53aaf5dc8_EOF'
+ cat << 'GH_AW_PROMPT_f5adfa3bae00761f_EOF'
Tools: create_issue, close_issue(max:10), missing_tool, missing_data, noop
- GH_AW_PROMPT_98ff3cd53aaf5dc8_EOF
+ GH_AW_PROMPT_f5adfa3bae00761f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_98ff3cd53aaf5dc8_EOF'
+ cat << 'GH_AW_PROMPT_f5adfa3bae00761f_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -322,20 +324,21 @@ jobs:
{{/if}}
- GH_AW_PROMPT_98ff3cd53aaf5dc8_EOF
+ GH_AW_PROMPT_f5adfa3bae00761f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_98ff3cd53aaf5dc8_EOF'
+ cat << 'GH_AW_PROMPT_f5adfa3bae00761f_EOF'
{{#runtime-import .github/workflows/shared/go-source-analysis.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
- {{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
## Serena Code Analysis
Serena is enabled for **["go"]** in `__GH_AW_GITHUB_WORKSPACE__`. Start by calling `activate_project` with that workspace path, then prefer Serena semantic tools for symbol lookup, references, docs, diagnostics, and structured edits.
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/semantic-function-refactor.md}}
- GH_AW_PROMPT_98ff3cd53aaf5dc8_EOF
+ GH_AW_PROMPT_f5adfa3bae00761f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -560,9 +563,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_938c2b7c9db9a625_EOF'
- {"close_issue":{"max":10,"required_title_prefix":"[refactor] ","target":"*"},"create_issue":{"expires":48,"labels":["refactoring","code-quality","automated-analysis","cookie"],"max":1,"title_prefix":"[refactor] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_938c2b7c9db9a625_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_d4e8dae8a11a1d86_EOF'
+ {"close_issue":{"max":10,"required_title_prefix":"[refactor] ","target":"*"},"create_issue":{"close_older_issues":false,"expires":48,"labels":["refactoring","code-quality","automated-analysis","cookie"],"max":1,"title_prefix":"[refactor] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_d4e8dae8a11a1d86_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1781,7 +1784,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,sentry.io,statsig.anthropic.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"close_issue\":{\"max\":10,\"required_title_prefix\":\"[refactor] \",\"target\":\"*\"},\"create_issue\":{\"expires\":48,\"labels\":[\"refactoring\",\"code-quality\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[refactor] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"close_issue\":{\"max\":10,\"required_title_prefix\":\"[refactor] \",\"target\":\"*\"},\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"refactoring\",\"code-quality\",\"automated-analysis\",\"cookie\"],\"max\":1,\"title_prefix\":\"[refactor] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/semantic-function-refactor.md b/.github/workflows/semantic-function-refactor.md
index 8f60206d6b2..119397b333d 100644
--- a/.github/workflows/semantic-function-refactor.md
+++ b/.github/workflows/semantic-function-refactor.md
@@ -14,6 +14,12 @@ permissions:
engine: claude
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[refactor] "
+ expires: 2d
+ labels: [refactoring, code-quality, automated-analysis, cookie]
+ max: 1
- shared/go-source-analysis.md
- shared/otlp.md
@@ -22,12 +28,6 @@ safe-outputs:
required-title-prefix: "[refactor] "
target: "*"
max: 10
- create-issue:
- expires: 2d
- title-prefix: "[refactor] "
- labels: [refactoring, code-quality, automated-analysis, cookie]
- max: 1
-
tools:
cli-proxy: true
github:
@@ -37,7 +37,6 @@ tools:
timeout-minutes: 20
strict: true
-
---
# Semantic Function Clustering and Refactoring
diff --git a/.github/workflows/shared/daily-issue-base.md b/.github/workflows/shared/daily-issue-base.md
index 950f1051b86..339a00e194c 100644
--- a/.github/workflows/shared/daily-issue-base.md
+++ b/.github/workflows/shared/daily-issue-base.md
@@ -10,6 +10,8 @@
# expires: "2d" # optional, default: 2d
# labels: [automation, cookie]
# assignees: [copilot] # optional, default: []
+# max: 1 # optional, default: 1
+# close-older-issues: false # optional, default: false
import-schema:
title-prefix:
@@ -28,6 +30,14 @@ import-schema:
type: array
default: []
description: "Assignees for created issues"
+ max:
+ type: number
+ default: 1
+ description: "Maximum issues allowed per run"
+ close-older-issues:
+ type: boolean
+ default: false
+ description: "Close previous issues from the same workflow key"
imports:
- shared/activation-app.md
@@ -39,6 +49,7 @@ safe-outputs:
title-prefix: "${{ github.aw.import-inputs.title-prefix }}"
labels: ${{ github.aw.import-inputs.labels }}
assignees: ${{ github.aw.import-inputs.assignees }}
- max: 1
+ max: ${{ github.aw.import-inputs.max }}
+ close-older-issues: ${{ github.aw.import-inputs.close-older-issues }}
noop:
---
diff --git a/.github/workflows/spec-librarian.lock.yml b/.github/workflows/spec-librarian.lock.yml
index f9b04093467..1f23caf69e6 100644
--- a/.github/workflows/spec-librarian.lock.yml
+++ b/.github/workflows/spec-librarian.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"42e1e1fa2010579e568ec94a06a740a0be4bc64636a21bac27d43e396a420c3e","body_hash":"bb9205a12b11bc33922ca782c07c0f1ebb3d0deffe31be10693d999397989f60","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"6d314997fe31de2a786e877400b67b008ce07c3844bc841af89e1669f887df9a","body_hash":"bb9205a12b11bc33922ca782c07c0f1ebb3d0deffe31be10693d999397989f60","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_AGENT_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
diff --git a/.github/workflows/spec-librarian.md b/.github/workflows/spec-librarian.md
index 6b2f7a8c15b..32a37e706dc 100644
--- a/.github/workflows/spec-librarian.md
+++ b/.github/workflows/spec-librarian.md
@@ -20,25 +20,17 @@ imports:
with:
assignees:
- copilot
+ close-older-issues: true
expires: 3d
labels:
- pkg-specifications
- review
- automation
+ max: 1
title-prefix: "[spec-librarian] "
- shared/go-source-analysis.md
- shared/otlp.md
safe-outputs:
- create-issue:
- assignees: copilot
- close-older-issues: true
- expires: 3d
- labels:
- - pkg-specifications
- - review
- - automation
- max: 1
- title-prefix: "[spec-librarian] "
messages:
footer: "> 📚 *Specification review by [{workflow_name}]({run_url})*{ai_credits_suffix}{history_link}"
run-failure: 📚 Specification review failed! [{workflow_name}]({run_url}) {status}.
diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml
index 08da7629322..9d03e1015df 100644
--- a/.github/workflows/static-analysis-report.lock.yml
+++ b/.github/workflows/static-analysis-report.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"6aec876cfecfb48b33153cfc8e81d710c4e00471caf5edad5734b507c48a8b41","body_hash":"d0ea9731f24f4f80b85aa6d47731cb164285971b7a45d867818dc4e056bb054d","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"d418bed5ecc0e543c9cb5a605b14314c58f3cdca53a0e636d30ce406b6333541","body_hash":"d0ea9731f24f4f80b85aa6d47731cb164285971b7a45d867818dc4e056bb054d","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,9 +27,11 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/meta-analysis-base.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -281,21 +283,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_fb6afc22ada5b90c_EOF'
+ cat << 'GH_AW_PROMPT_f7a6d0806356de4f_EOF'
- GH_AW_PROMPT_fb6afc22ada5b90c_EOF
+ GH_AW_PROMPT_f7a6d0806356de4f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_fb6afc22ada5b90c_EOF'
+ cat << 'GH_AW_PROMPT_f7a6d0806356de4f_EOF'
Tools: add_comment(max:3), create_issue(max:4), missing_tool, missing_data, noop
- GH_AW_PROMPT_fb6afc22ada5b90c_EOF
+ GH_AW_PROMPT_f7a6d0806356de4f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_fb6afc22ada5b90c_EOF'
+ cat << 'GH_AW_PROMPT_f7a6d0806356de4f_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -324,16 +326,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_fb6afc22ada5b90c_EOF
+ GH_AW_PROMPT_f7a6d0806356de4f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_fb6afc22ada5b90c_EOF'
+ cat << 'GH_AW_PROMPT_f7a6d0806356de4f_EOF'
**IMPORTANT**: When analyzing agentic workflows, use the `agentic-workflows` tool to read workflow files.
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/static-analysis-report.md}}
- GH_AW_PROMPT_fb6afc22ada5b90c_EOF
+ GH_AW_PROMPT_f7a6d0806356de4f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/static-analysis-report.md b/.github/workflows/static-analysis-report.md
index 3516026e92f..93de4feca12 100644
--- a/.github/workflows/static-analysis-report.md
+++ b/.github/workflows/static-analysis-report.md
@@ -16,17 +16,18 @@ tools:
cache-memory: true
timeout: 600
safe-outputs:
- create-issue:
- expires: 7d
- title-prefix: "[static-analysis] "
- labels: [security, automation]
- max: 4
- close-older-issues: true
add-comment:
max: 3
timeout-minutes: 45
strict: true
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[static-analysis] "
+ expires: 7d
+ labels: [security, automation]
+ max: 4
+ close-older-issues: true
- uses: shared/meta-analysis-base.md
with:
toolsets: [default, actions]
diff --git a/.github/workflows/step-name-alignment.lock.yml b/.github/workflows/step-name-alignment.lock.yml
index 50916137f10..5b2a6c32654 100644
--- a/.github/workflows/step-name-alignment.lock.yml
+++ b/.github/workflows/step-name-alignment.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"47476f6b99c99969ad6708298428fa2ebd943134635f4c9527cc93a55a7789f1","body_hash":"704e7551cc4111b0f1a9e5cab14da2678286ca5fdd97ab522c81672ed3487633","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"ae82447328017e9efdd9aa32be52e594762d58bf9ba6f81a0cf3ee2905fccb99","body_hash":"fb8a698e9cdc66c14ae329303b8a81490a372a4fc9325d036470725b26bc7235","strict":true,"agent_id":"claude","engine_versions":{"claude":"2.1.191"}}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,7 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - ANTHROPIC_API_KEY
@@ -275,21 +278,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_daf1498b6fbffef2_EOF'
+ cat << 'GH_AW_PROMPT_1cd219cccce8f81e_EOF'
- GH_AW_PROMPT_daf1498b6fbffef2_EOF
+ GH_AW_PROMPT_1cd219cccce8f81e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_daf1498b6fbffef2_EOF'
+ cat << 'GH_AW_PROMPT_1cd219cccce8f81e_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_daf1498b6fbffef2_EOF
+ GH_AW_PROMPT_1cd219cccce8f81e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_daf1498b6fbffef2_EOF'
+ cat << 'GH_AW_PROMPT_1cd219cccce8f81e_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -318,14 +321,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_daf1498b6fbffef2_EOF
+ GH_AW_PROMPT_1cd219cccce8f81e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_daf1498b6fbffef2_EOF'
+ cat << 'GH_AW_PROMPT_1cd219cccce8f81e_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/step-name-alignment.md}}
- GH_AW_PROMPT_daf1498b6fbffef2_EOF
+ GH_AW_PROMPT_1cd219cccce8f81e_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -575,9 +580,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_764db95e01398a81_EOF'
- {"create_issue":{"expires":48,"labels":["maintenance","step-naming","cookie"],"max":1,"title_prefix":"[step-names] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_764db95e01398a81_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_823469f6d8f795e8_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["maintenance","step-naming","cookie"],"max":1,"title_prefix":"[step-names] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_823469f6d8f795e8_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1776,7 +1781,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,docs.github.com,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,sentry.io,statsig.anthropic.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":48,\"labels\":[\"maintenance\",\"step-naming\",\"cookie\"],\"max\":1,\"title_prefix\":\"[step-names] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"maintenance\",\"step-naming\",\"cookie\"],\"max\":1,\"title_prefix\":\"[step-names] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/step-name-alignment.md b/.github/workflows/step-name-alignment.md
index e59b2c4bb35..45edc0bbad7 100644
--- a/.github/workflows/step-name-alignment.md
+++ b/.github/workflows/step-name-alignment.md
@@ -13,15 +13,12 @@ network:
- defaults
- github
imports:
-- shared/otlp.md
-safe-outputs:
- create-issue:
- expires: 2d
- labels:
- - maintenance
- - step-naming
- - cookie
- title-prefix: "[step-names] "
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[step-names] "
+ expires: 2d
+ labels: [maintenance, step-naming, cookie]
+ - shared/otlp.md
steps:
- name: Build step alignment manifest
run: |
diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml
index 6644fa8f33c..6fd28756448 100644
--- a/.github/workflows/super-linter.lock.yml
+++ b/.github/workflows/super-linter.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"d8b3df0c310a02c8c1ddf5c025f0e7b01d903fcefd300e938aac412cd2c59314","body_hash":"10101ca4c6d9ec875729ccf55ae559ae44c75a07cc69b18b006a12fd19e6861a","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"75236705499031a7c2e5ca4d5ed4237db9de2b9579c290a9ebca2411591054a8","body_hash":"10101ca4c6d9ec875729ccf55ae559ae44c75a07cc69b18b006a12fd19e6861a","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"super-linter/super-linter","sha":"9e863354e3ff62e0727d37183162c4a88873df41","version":"v8.6.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -277,21 +279,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_62b256b669e02cc4_EOF'
+ cat << 'GH_AW_PROMPT_c6751affb0de249b_EOF'
- GH_AW_PROMPT_62b256b669e02cc4_EOF
+ GH_AW_PROMPT_c6751affb0de249b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_62b256b669e02cc4_EOF'
+ cat << 'GH_AW_PROMPT_c6751affb0de249b_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_62b256b669e02cc4_EOF
+ GH_AW_PROMPT_c6751affb0de249b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_62b256b669e02cc4_EOF'
+ cat << 'GH_AW_PROMPT_c6751affb0de249b_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -320,15 +322,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_62b256b669e02cc4_EOF
+ GH_AW_PROMPT_c6751affb0de249b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_62b256b669e02cc4_EOF'
+ cat << 'GH_AW_PROMPT_c6751affb0de249b_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/super-linter.md}}
- GH_AW_PROMPT_62b256b669e02cc4_EOF
+ GH_AW_PROMPT_c6751affb0de249b_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -587,9 +590,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e8492ca934ab9aea_EOF'
- {"create_issue":{"expires":48,"labels":["automation","code-quality","cookie"],"max":1,"title_prefix":"[linter] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_e8492ca934ab9aea_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_5b0b41b8ea0cfd7f_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["automation","code-quality","cookie"],"max":1,"title_prefix":"[linter] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_5b0b41b8ea0cfd7f_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1710,7 +1713,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":48,\"labels\":[\"automation\",\"code-quality\",\"cookie\"],\"max\":1,\"title_prefix\":\"[linter] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"automation\",\"code-quality\",\"cookie\"],\"max\":1,\"title_prefix\":\"[linter] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/super-linter.md b/.github/workflows/super-linter.md
index 0cada9eac01..6b010578fb0 100644
--- a/.github/workflows/super-linter.md
+++ b/.github/workflows/super-linter.md
@@ -11,15 +11,15 @@ permissions:
actions: read
issues: read
pull-requests: read
-safe-outputs:
- create-issue:
- expires: 2d
- title-prefix: "[linter] "
- labels: [automation, code-quality, cookie]
engine: copilot
name: Super Linter Report
timeout-minutes: 15
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[linter] "
+ expires: 2d
+ labels: [automation, code-quality, cookie]
- shared/reporting.md
- shared/otlp.md
jobs:
diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml
index 21df81e50d3..bd6bddbacd5 100644
--- a/.github/workflows/video-analyzer.lock.yml
+++ b/.github/workflows/video-analyzer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a07416ddb877b2cc147a97a49233af1114750d863ab4dea9cf470a34455e81b7","body_hash":"fb8df73bc4baa3c2b9c9071e48234a7c1b596a5bb5dc7228fdeb12a713d81b74","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"552112ebe60b33eba7cd458bd57df4eda8cfabf3fc3de2f8292ead7c631b5652","body_hash":"fb8df73bc4baa3c2b9c9071e48234a7c1b596a5bb5dc7228fdeb12a713d81b74","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,11 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/ffmpeg.md
# - shared/otlp.md
+# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -277,20 +280,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_e11213c65095874b_EOF'
+ cat << 'GH_AW_PROMPT_b7546a72c279d295_EOF'
- GH_AW_PROMPT_e11213c65095874b_EOF
+ GH_AW_PROMPT_b7546a72c279d295_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_e11213c65095874b_EOF'
+ cat << 'GH_AW_PROMPT_b7546a72c279d295_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_e11213c65095874b_EOF
+ GH_AW_PROMPT_b7546a72c279d295_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_e11213c65095874b_EOF'
+ cat << 'GH_AW_PROMPT_b7546a72c279d295_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -319,15 +322,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_e11213c65095874b_EOF
+ GH_AW_PROMPT_b7546a72c279d295_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_e11213c65095874b_EOF'
+ cat << 'GH_AW_PROMPT_b7546a72c279d295_EOF'
{{#runtime-import .github/workflows/shared/ffmpeg.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
+ {{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/video-analyzer.md}}
- GH_AW_PROMPT_e11213c65095874b_EOF
+ GH_AW_PROMPT_b7546a72c279d295_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -557,9 +562,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_02d6af9fb3304674_EOF'
- {"create_issue":{"expires":48,"labels":["automation","video-processing","cookie"],"max":1,"title_prefix":"[video-analysis] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_02d6af9fb3304674_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8a05ea051d05d8d5_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":48,"labels":["automation","video-processing","cookie"],"max":1,"title_prefix":"[video-analysis] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_8a05ea051d05d8d5_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1660,7 +1665,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":48,\"labels\":[\"automation\",\"video-processing\",\"cookie\"],\"max\":1,\"title_prefix\":\"[video-analysis] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":48,\"labels\":[\"automation\",\"video-processing\",\"cookie\"],\"max\":1,\"title_prefix\":\"[video-analysis] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/video-analyzer.md b/.github/workflows/video-analyzer.md
index b41d3c975f8..772d2020117 100644
--- a/.github/workflows/video-analyzer.md
+++ b/.github/workflows/video-analyzer.md
@@ -18,6 +18,12 @@ permissions:
engine: copilot
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[video-analysis] "
+ expires: 2d
+ labels: [automation, video-processing, cookie]
+ max: 1
- shared/ffmpeg.md
- shared/otlp.md
@@ -25,16 +31,8 @@ tools:
cli-proxy: true
bash: true
-safe-outputs:
- create-issue:
- expires: 2d
- title-prefix: "[video-analysis] "
- labels: [automation, video-processing, cookie]
- max: 1
-
timeout-minutes: 15
strict: true
-
---
# Video Analysis Agent
diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml
index 7f9b31c76b5..605cae556bf 100644
--- a/.github/workflows/workflow-normalizer.lock.yml
+++ b/.github/workflows/workflow-normalizer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"1c83f270492a67ecc2694e3bb2d6787a5aab1dfb8ef834a5f935224145d3d39e","body_hash":"99545d0adc13a971e88eff7e79b32eff3b3e12a3ba9f869effeeee4d8d750077","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"31cb79de193f8ab5f0fa4a452c888838ef9755d422ee85137892673b1301a211","body_hash":"99545d0adc13a971e88eff7e79b32eff3b3e12a3ba9f869effeeee4d8d750077","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65"}}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]}
# This file was automatically generated by gh-aw. DO NOT EDIT. To debug this workflow, load the skill at https://github.com/github/gh-aw/blob/main/debug.md
#
@@ -27,8 +27,10 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/activation-app.md
# - shared/otlp.md
# - shared/reporting.md
+# - shared/daily-issue-base.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -278,20 +280,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_d9a452834515f8f5_EOF'
+ cat << 'GH_AW_PROMPT_4ce3a21007c62da0_EOF'
- GH_AW_PROMPT_d9a452834515f8f5_EOF
+ GH_AW_PROMPT_4ce3a21007c62da0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_d9a452834515f8f5_EOF'
+ cat << 'GH_AW_PROMPT_4ce3a21007c62da0_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_d9a452834515f8f5_EOF
+ GH_AW_PROMPT_4ce3a21007c62da0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_d9a452834515f8f5_EOF'
+ cat << 'GH_AW_PROMPT_4ce3a21007c62da0_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -320,15 +322,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_d9a452834515f8f5_EOF
+ GH_AW_PROMPT_4ce3a21007c62da0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_d9a452834515f8f5_EOF'
+ cat << 'GH_AW_PROMPT_4ce3a21007c62da0_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
+ {{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/workflow-normalizer.md}}
- GH_AW_PROMPT_d9a452834515f8f5_EOF
+ GH_AW_PROMPT_4ce3a21007c62da0_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -612,9 +615,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_c7c6ba543301fb8f_EOF'
- {"create_issue":{"expires":24,"labels":["cookie"],"max":1,"title_prefix":"[workflow-style] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_c7c6ba543301fb8f_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_9e7c1e26139c530a_EOF'
+ {"create_issue":{"close_older_issues":false,"expires":24,"labels":["cookie"],"max":1,"title_prefix":"[workflow-style] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_9e7c1e26139c530a_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1739,7 +1742,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.grafana.net,*.pythonhosted.org,*.sentry.io,anaconda.org,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,cdn.jsdelivr.net,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,esm.sh,files.pythonhosted.org,get.pnpm.io,github.com,googleapis.deno.dev,googlechromelabs.github.io,host.docker.internal,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,storage.googleapis.com,telemetry.enterprise.githubcopilot.com,telemetry.vercel.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":24,\"labels\":[\"cookie\"],\"max\":1,\"title_prefix\":\"[workflow-style] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":false,\"expires\":24,\"labels\":[\"cookie\"],\"max\":1,\"title_prefix\":\"[workflow-style] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/workflow-normalizer.md b/.github/workflows/workflow-normalizer.md
index 8ecd5d7fe3b..cc2bf776f83 100644
--- a/.github/workflows/workflow-normalizer.md
+++ b/.github/workflows/workflow-normalizer.md
@@ -21,13 +21,13 @@ tools:
agentic-workflows:
github:
toolsets: [default]
-safe-outputs:
- create-issue:
- expires: 1d
- title-prefix: "[workflow-style] "
- labels: [cookie]
- max: 1
imports:
+ - uses: shared/daily-issue-base.md
+ with:
+ title-prefix: "[workflow-style] "
+ expires: 1d
+ labels: [cookie]
+ max: 1
- shared/reporting.md
- shared/otlp.md