Skip to content

Latest commit

 

History

History
920 lines (506 loc) · 75.9 KB

File metadata and controls

920 lines (506 loc) · 75.9 KB

Changelog

0.44.1 (2026-07-13)

Bug Fixes

  • compile: normalize legacy Azure Repos remotes (#1495) (928cd59)

0.44.0 (2026-07-13)

Features

  • cli: add catalog versions kind and use it in the copilot-cli workflow (#1471) (8009dd0)
  • compile: add pool-overrides for per-job pool configuration (#1464) (#1472) (f1109c6)
  • compile: support named pool demands (#1461) (77f4f90)

Bug Fixes

  • ado-script: fail closed for unresolved synthetic PR merge-base (#1460) (2e60ec4)
  • ci: avoid runner context in job env (#1469) (8ec1166)
  • compile: emit prepare-pr-base in the SafeOutputs job (#1453) (#1458) (c5b1404)
  • compile: trust generated SafeOutputs MCP for Copilot (#1462) (2e85e40)

0.43.0 (2026-07-09)

Features

  • compile: decouple create-pull-request diff base from checkout depth (#1425) (ec21b6f)
  • compile: support Azure DevOps variable group imports (#1426) (77eb6ed)

Bug Fixes

  • engine: allow hyphenated GitHub App private key variables (#1417) (ad027f5)
  • executor-e2e: let definition variable override issue-filing repo (#1403) (3f6ac09)
  • executor-e2e: self-diagnose GitHub issue-filing auth failures (#1401) (6967da7)
  • safe-outputs: create build attachments via DistributedTask timeline attachment API (#1433) (ce310d4)
  • safe-outputs: send empty body for add-build-tag PUT (#1423) (fa89e22)

0.42.0 (2026-07-07)

Features

  • engine: add engine.provider (BYOK) with in-job Azure CLI token minting (#1377) (2c4f40b)
  • inspect: add Copilot model list updater workflow and fix catalog drift (#1376) (b620ae6)

Bug Fixes

  • compile: disable checkout in conclusion job (#1382) (f9b6d9b)

0.41.0 (2026-07-06)

Features

  • compile: add per-repo checkout fetch depth/tags tuning (#1325) (b3f2110)
  • engine: GitHub App-backed Copilot engine auth (#1326) (ca1b29e)

Bug Fixes

  • ado-script: normalize github app PEM secrets from ADO vars (#1380) (d429146)
  • compile: skip conclusion job when run is cancelled (#1313) (f5f67d6)

0.40.0 (2026-07-02)

Features

  • workflows: add issue-triage and issue-arborist workflows; upgrade gh-aw to v0.81.6 (#1281) (dccd040)

Bug Fixes

  • ado-script: read auto-injected collection URI in getWebApi (#1311) (4d20b0a)

0.39.0 (2026-07-01)

Features

  • agency: centralize Claude Code plugin and self-contained marketplace (#1102) (0635922)
  • compile: add Conclusion job for pipeline failure reporting (#1076) (9a1ba2f)
  • compile: gate high-impact safe outputs behind manual review (#1196) (8e76df6)
  • compile: migrate legacy {{ workspace }} markers and validate checkout-aware paths (#1263) (9a01c07)
  • compile: substitute ADO path-anchor variables in the agent prompt (#1265) (79a0f72)
  • engine: allow ADO macros on Copilot BYOM provider env keys (#1264) (dff4c64)
  • ir: add typed builder for AzureCLI@2 (#1195) (56f7004)
  • ir: add typed builder for AzureContainerApps@1 (#1200) (4da4dff)
  • ir: add typed builder for AzureFileCopy@6 (#1214) (1e8a74a)
  • ir: add typed builder for AzureFunctionApp@2 (#1230) (985121c)
  • ir: add typed builder for AzureResourceManagerTemplateDeployment@3 (#1232) (b41491a)
  • ir: add typed builder for AzureWebApp@1 (#1179) (c9fdeb3)
  • ir: add typed builder for BicepDeploy@0 (#1269) (7ac5a94)
  • ir: add typed builder for DownloadBuildArtifacts@1 (#1197) (2971c21)
  • ir: add typed builder for DownloadSecureFile@1 (#1174) (3096eef)
  • ir: add typed builder for GitHubRelease@1 (#1164) (0d558cc)
  • ir: add typed builder for Gradle@3 (#1113) (2a070e0)
  • ir: add typed builder for HelmInstaller@1 (#1213) (2ad1e2b)
  • ir: add typed builder for KubernetesManifest@1 (#1229) (01d06cf)
  • ir: add typed builder for ManualValidation@1 (#1193) (f049b32)
  • ir: add typed builder for Maven@3 (#1122) (cd7f0f1)
  • ir: add typed builder for MavenAuthenticate@0 (#1161) (3d719eb)
  • ir: add typed builder for NodeTool@0 (#1224) (553bac3)
  • ir: add typed builder for npmAuthenticate@0 (#1157) (b2da117)
  • ir: add typed builder for SonarQubeAnalyze@8 (#1245) (c6d3af3)
  • ir: add typed builder for SonarQubePrepare@8 (#1226) (b2a86e1)
  • ir: add typed builder for SonarQubePublish@8 (#1268) (426ee21)
  • ir: add typed builder for TwineAuthenticate@1 (#1158) (096c8f1)
  • ir: add typed builder for UniversalPackages@1 (#1208) (d375dde)
  • ir: add typed builder for UseRubyVersion@0 (#1176) (ccab04d)
  • ir: add typed builder for VSBuild@1 (#1210) (af20033)

Bug Fixes

  • site: fix build broken by astro@6.4.8 dependabot bump (#1191) (32063ac)
  • workflows: let docs auditors open PRs for README and AGENTS.md (#1188) (d855e6e)

0.38.0 (2026-06-22)

Features

  • compile: add internal supply-chain feed/registry mirror (#1080) (a4300e6)
  • ir: add EnvValue::RuntimeExpression variant to prevent $[] in step env (#1082) (17f314b)
  • ir: add typed builder for AzureKeyVault@2 (#1132) (f72849a)
  • ir: add typed builder for AzurePowerShell@5 (#1127) (7a51798)
  • ir: add typed builder for CargoAuthenticate@0 (#1139) (5e84b57)
  • ir: add typed builder for DownloadPackage@1 (#1108) (b690c5c)
  • ir: add typed builder for GoTool@0 (#1145) (c598ed2)
  • ir: add typed builder for JavaToolInstaller@0 (#1125) (f3ec497)
  • ir: add typed builder for NuGetAuthenticate@1 (#1136) (1f8c23c)
  • ir: add typed builder for PipAuthenticate@1 (#1142) (0ec314d)
  • ir: add typed builder for PublishBuildArtifacts@1 (#1105) (56cee37)
  • ir: add typed builder for PublishCodeCoverageResults@2 (#1131) (2c2572c)
  • ir: add typed builder for PythonScript@0 (#1128) (6315119)
  • ir: add typed builder for UseDotNet@2 (#1150) (da3c645)
  • ir: add typed builder for UseNode@1 (#1148) (90511fb)
  • ir: add typed builder for UsePythonVersion@0 (#1154) (5c635b6)
  • ir: add typed builder for VSTest@2 (#1110) (d471541)
  • ir: add typed helper for CmdLine@2 (#1083) (14ebe83)
  • ir: add typed helper for DeleteFiles@1 (#1071) (8d8dbb2)
  • ir: add typed helper for DownloadPipelineArtifact@2 (#1063) (a647fd9)
  • ir: add typed helper for ExtractFiles@1 (#1042) (33284df)
  • ir: add typed helper for Npm@1 (#1077) (19a8532)
  • ir: add typed helper for NuGetCommand@2 (#1047) (513643e)
  • ir: add typed helper for PublishPipelineArtifact@1 (#1065) (9dc3176)
  • ir: add typed helpers for Docker@2 (#1086) (9f738c4)
  • ir: add typed helpers for PowerShell@2 (#1051) (c752f81)

Bug Fixes

  • ado: detect ADO sign-in HTML response in list and report auth error (#1044) (77bee77)
  • safeoutputs: render applyable PR suggestions correctly (#1104) (6213b1c)
  • smoke: target ADO agent-definitions repo for PR/git-write smokes (#1045) (aae77f6)

0.37.0 (2026-06-15)

Features

Bug Fixes

  • clippy: replace std::sync::Mutex with tokio::sync::Mutex in test (#1031) (b7eee72)
  • compile: drop stray \ \ in MCPG docker-env continuation lines (#1035) (ebda84d)

0.36.0 (2026-06-15)

Features

  • compile: native ADO pipeline IR (#960) (9a18b0e)
  • exec-context: add 7 trigger-context contributors with shared/ refactor (#1019) (816ba39)
  • inspect: add IR-based pipeline reasoning tools (inspect, graph, whatif, lint, catalog, trace, mcp-author) (#998) (64e59bc)
  • ir: add tasks module with typed helper for PublishTestResults@2 (#1012) (e6489b8)
  • ir: add typed helper for CopyFiles@2 (#1017) (f56b150)
  • ir: add typed helper for DockerInstaller@0 (#1015) (ca64336)
  • ir: add typed helper for DotNetCoreCLI@2 (#1025) (74e7bea)
  • workflows: add ado-task-ir-contributor agentic workflow (#1004) (79b357d)

Bug Fixes

  • ir: reject cross-pipeline duplicate StepIds; strict de-indent in lower_raw_yaml; document EnvValue::Literal contract (#992) (28403fe)
  • validate: block workspace alias shell injection in generated bash steps (#1018) (e7bf9c4)

0.35.3 (2026-06-11)

Bug Fixes

  • ado-script: treat unsubstituted ADO macros as empty in synthPr (#975) (1164c5f)

0.35.2 (2026-06-11)

Bug Fixes

  • compile: unify synthetic-PR variable namespace via ado-script (#972) (0e05b3a)

0.35.1 (2026-06-11)

Bug Fixes

  • compile: repair synthetic-PR gate + Stage step env var plumbing (#956) (79919bd)
  • workflows: allow github-actions[bot] to trigger recompile-safe-output-fixtures (#958) (5d36dfd)

0.35.0 (2026-06-10)

Features

  • install: add checksum-verified one-line first-time installers (#942) (040cdad)

0.34.3 (2026-06-10)

Bug Fixes

  • compile: use macro form for same-job synthPr gate refs (#944) (51ae40e)
  • workflows: lower min-integrity for issue-plan-maker /plan command (#952) (2808e8a)

0.34.2 (2026-06-09)

Bug Fixes

  • compile: gate exec-context-pr synth path in bash, not step condition (#937) (6e67699)

0.34.1 (2026-06-09)

Bug Fixes

  • ado-script: inline azure-devops-node-api to avoid missing ncc chunk (#935) (7a568fa)

0.34.0 (2026-06-09)

⚠ BREAKING CHANGES

  • compile: record on.pr.mode (synthetic|policy) trigger model (#933)

Features

  • compile: record on.pr.mode (synthetic|policy) trigger model (#933) (925e3ee)

Bug Fixes

  • release: use built-in GITHUB_TOKEN to dispatch recompile workflow (#923) (ce617a7)

0.33.1 (2026-06-09)

Bug Fixes

  • gate: use '.' separator in build tags so ADO doesn't reject ':' in REST path (#917) (4122a64)

Performance Improvements

  • secrets: prune disabled/paused pipelines by default in discovery, add --include-disabled opt-out (#914) (f7e9d17)

0.33.0 (2026-06-08)

Features

  • enable: support GitHub-source pipelines via --service-connection (#905) (6ab5f9a)

Bug Fixes

  • test: permit Stage 3 executor SYSTEM_ACCESSTOKEN env mapping (#887) (e3beb0f)

0.32.0 (2026-06-07)

Features

  • audit: add ado-aw audit <build-id-or-url> command (#691) (5c33e40)
  • compile: add execution-context plugin with PR contributor (#860) (#865) (3de0690)
  • compile: default executor to System.AccessToken and add always-on Azure CLI (#873) (ca4a04b)
  • workflows: recompile tests/safe-outputs fixtures on each ado-aw release (#863) (7c6fb23)

Bug Fixes

  • workflows: add integrity heuristic and per-file compile loop to recompile-safe-output-fixtures (#868) (665ad0e)
  • workflows: allow github CDN egress in recompile-safe-output-fixtures (#864) (abc4959)
  • workflows: broaden allowed-files glob to cover flat tests/safe-outputs layout (#871) (6d3559f)
  • workflows: switch recompile trigger to release:published and drop broken Step 0 (#869) (039e547)

0.31.1 (2026-06-01)

Bug Fixes

  • compile: allow external dependsOn/condition on job and stage template targets (#823) (608b0b5)
  • workflows: allow doc-freshness-check to patch safeoutput source files (#816) (d16f808)

0.31.0 (2026-06-01)

Features

  • cli: check for newer GitHub release on every user-facing command (#637) (7d197f1)
  • compile: runtime prompt loading via {{#runtime-import}} markers (#625) (6ad1816)
  • compile: warn about out-of-date compiled definitions on recompile (#638) (1b2b266)
  • secrets: add --all-repos and --source via Pipeline Preview discovery (#624) (6d4c824)
  • workflows: add docs-writer agentic workflow (#631) (50bd4e0)
  • workflows: add test-reducer agentic workflow (#626) (4733c76)
  • workflows: make test-gap-finder open PRs for coverage gaps (#680) (4087579)

Bug Fixes

  • compile: normalize absolute input paths in generate_header_comment (#645) (7a0d268)
  • site: create runtime-imports page and fix broken relative link in filter-ir.mdx (#654) (ad1b44b)
  • site: restore correct --sl-color-black in light mode for search box contrast (#646) (f63a1a6)

0.30.2 (2026-05-18)

Bug Fixes

  • compile: resolve autodiscovered source path relative to lock file directory (#616) (be2e1c4)

0.30.1 (2026-05-18)

Bug Fixes

  • tests: isolate fixtures from codemod rewrites and bump Windows debug stack (#613) (a628d09)

0.30.0 (2026-05-18)

Features

  • cli: add ado-aw enable (#583) (1b4273b)
  • cli: consolidate Phase 1 pipeline-lifecycle commands (disable/remove/list/status/run/secrets) (#602) (096b7a4)
  • compile: add --force flag to bypass GitHub-remote guard (#577) (562ff7f)
  • compile: replace Python gate evaluator with bundled TypeScript gate.js (#389) (a2ce38c)
  • engine: split copilot CLI install path by compile target (#584) (4fe2175)
  • safeoutputs: add daily smoke suite and reject unknown safe-output keys (#563) (29b221e)
  • workflows: add clippy-fixer agentic workflow (#575) (ca914f1)
  • workflows: allow update-awf-version to close superseded PRs (#590) (e0ddc2c)
  • workflows: file release-notes action-item issues from update-awf-version (#593) (d4fedd5)

Bug Fixes

  • compile: default non-1es vmImage to ubuntu-22.04 (#578) (b841998)
  • compile: enforce ADO build-number rules for pipeline_agent_name (#576) (1c7c407)
  • compile: quote pipeline name in generated YAML to handle colons and quotes (#568) (ebd2f17)
  • compile: tighten ADO org name validation to alphanumeric and hyphen only (#598) (91d39a9)
  • configure: accept bare org name for --org (#579) (8029980)
  • safeoutputs: prevent symlink exfiltration in create-pr Stage 3 (#549) (f04c033)
  • secrets: preserve masked ADO secrets on definition PUT (#604) (2e0a0bb)

0.29.0 (2026-05-15)

Features

  • compile: add target: job and target: stage for ADO template output (#519) (8df9682)
  • compile: unify pool front-matter replacement across targets (#538) (7806369)
  • safeoutputs: add ado-aw-debug.create-issue for dogfood pipelines (#492) (69a634b)
  • safeoutputs: add work-item filing to noop and missing-tool safe outputs (#521) (c1bf552)

Bug Fixes

  • cache-memory: reject symlinks in agent memory to prevent Stage 3 credential theft (#524) (f311d36)
  • ci: move docs deploy workflow to top-level .github/workflows (#539) (dcb2b33)
  • compile: address pool review feedback (#541) (9bdb126)
  • safeoutputs: neutralize Stage 3 upload message command injection paths (#501) (45cd552)

0.28.0 (2026-05-09)

Features

  • compile: add compact repos: front-matter syntax with codemod auto-rewrite (#478) (3e67cfd)
  • compile: autorewrite front matter via detection-based codemods (#476) (64bbc73)

Bug Fixes

  • safeoutputs: block VSO command injection via repository alias across Stage 3 PR-safe-output executors (#482) (6f4a6dd)
  • workflow: add protected-files fallback-to-issue for doc-freshness-check (#473) (12e273c)

0.27.0 (2026-05-08)

Features

  • cli: make init always overwrite; --force bypasses GitHub remote guard (#465) (6c1a332)

Bug Fixes

  • doc-freshness-check: expand allowed-files to docs, README, prompts (#463) (4abeb09)
  • execute: match safe-output repository by name or alias (#469) (76cd618)
  • safeoutputs: send Content-Range header for pipeline artifact uploads (#467) (e95cbf5)

0.26.1 (2026-05-08)

Bug Fixes

  • ci: allow doc freshness workflow to update AGENTS.md (#452) (463dafa)
  • compile: detect and prevent workspace checkout collision with self repo (#456) (051d45c)

0.26.0 (2026-05-07)

Features

  • workflows: add frontmatter-aligner gh-aw workflow (#448) (d3af7e6)

Bug Fixes

  • cli: direct GitHub repos to gh-aw for compile/init (#447) (0ca3a25)

0.25.1 (2026-05-07)

Bug Fixes

  • safeoutputs: support glob wildcards anywhere in allowed-tags patterns (#442) (17e372c)
  • workflows: simplify change-risk to use add-comment instead of PR review (#443) (4f2f188)

0.25.0 (2026-05-07)

Features

  • runtimes: add dotnet runtime extension (#435) (bdfb21c)

Bug Fixes

  • compile: fail pipeline step on AWF download errors (#439) (367dd9d)

0.24.0 (2026-05-07)

Features

  • workflows: add /change-risk slash command for PR risk assessment (#434) (e787956)

Bug Fixes

  • logging: always capture debug logs to file while preserving console verbosity (#430) (64e9709)
  • safeoutputs: use sanitize_config for identifier fields instead of sanitize_text (#433) (ea43b11)

0.23.1 (2026-05-07)

Bug Fixes

  • safeoutputs: rewrite upload-pipeline-artifact flow to fix HTTP 405 (#425) (5e4c89e)
  • security: harden upload path validation and trigger filter script integrity (#428) (84a2031)

0.23.0 (2026-05-06)

Features

  • safeoutputs: add dynamic tags with allowed-tags to create/update work item (#420) (d02997a)

Bug Fixes

  • safeoutputs: fix upload-pipeline-artifact 405 by adding scopeIdentifier to container API requests (#421) (2d460fd)

0.22.4 (2026-05-06)

Bug Fixes

  • execute: don't overwrite env-derived ADO context with None CLI args (#413) (aa8a09f)

0.22.3 (2026-05-05)

Bug Fixes

  • compile: show full error chain in batch compile output (#411) (157ed02)

0.22.2 (2026-05-05)

Bug Fixes

  • compile: reject unknown front-matter fields with deny_unknown_fields (#409) (788250d)

0.22.1 (2026-05-05)

Bug Fixes

  • compile: remove empty env block from executor step when no write permissions (#407) (0f25f06)

0.22.0 (2026-05-05)

Features

  • runtimes: add unified Node.js and Python runtime extensions (#400) (991621a)
  • safe-outputs: rename upload-build-artifact to upload-build-attachment and add upload-pipeline-artifact (#404) (d3aad31)

Bug Fixes

  • security: neutralize pipeline commands in execute_safe_outputs Err arm (#405) (da83c03)
  • security: neutralize VSO pipeline commands in Stage 3 log output (#396) (ea76888)

0.21.0 (2026-05-02)

⚠ BREAKING CHANGES

  • compile: trigger filter IR with data-driven Python evaluator (#345)

Features

  • compile: trigger filter IR with data-driven Python evaluator (#345) (90df351)
  • executor: auto-capture ADO build variables in ExecutionContext (#378) (7575218)
  • safe-outputs: add unified upload-build-artifact safe output (#380) (b66037d)

Bug Fixes

  • safeoutputs: enforce add-build-tag scope for build IDs > i32::MAX (#379) (c533900)
  • safeoutputs: sanitize ADO-sourced title and tags in prefix-guard error messages to prevent VSO command injection (#370) (3fa067f)

0.20.0 (2026-04-29)

Features

  • compile: add awf_path_prepends for chroot PATH injection (#359) (4576bc3)

0.19.0 (2026-04-29)

Features

  • compile: add required_awf_mounts to CompilerExtension for Lean runtime (#354) (f6f437b)
  • engine: update default model to claude-opus-4.7 (#355) (dff681b)

0.18.2 (2026-04-28)

Bug Fixes

  • compile: use workingDirectory for integrity check instead of absolute path (#346) (0ce9238)

0.18.1 (2026-04-28)

Bug Fixes

  • compile: anchor source/pipeline paths to trigger repo, not workspace (#342) (0845490)
  • compile: pin LF eol on managed gitattributes entries (#340) (8efb5fb)

0.18.0 (2026-04-28)

Features

  • trigger release for unreleased changes (#338) (b8c899b)

0.17.1 (2026-04-27)

Bug Fixes

  • block template marker delimiters in front matter identity fields (#315) (2575246)
  • deterministic MCPG config key ordering (HashMap -> BTreeMap) (#328) (889ee62)

0.17.0 (2026-04-23)

⚠ BREAKING CHANGES

  • The run subcommand is removed. See docs/local-development.md for manual local development instructions.
  • The engine front matter format changed from model names (engine: claude-opus-4.5) to engine identifiers (engine: copilot). Model is now a sub-field in the object form (engine: { id: copilot, model: ... }).

Features

  • add cyclomatic complexity reducer agentic workflow (#298) (1066a2f)
  • align engine front matter with gh-aw and hook up Engine enum (#286) (f90bd81)
  • remove run subcommand (#306) (a71ed16)

Bug Fixes

  • prefix agent filename with ado to distinguish from gh-aw (#299) (b3ecca7)

0.16.0 (2026-04-21)

Features

  • check: surface specific violations with unified diff output (#278) (57618e8)

Bug Fixes

  • align tool allow lists with gh-aw (#279) (be3b4c5)
  • revert pipeline prompt to $(cat) inline expansion (#276) (784de06)

0.15.0 (2026-04-21)

Features

  • add /scout issue slash-command workflow (#258) (57afa1e)
  • add ado-aw run subcommand for local development (#266) (55db04c)
  • add macOS x64 and arm64 release binaries in GitHub Actions (#264) (9bfe8ea)
  • compile: add --skip-integrity flag for debug builds (#246) (8cae693)
  • execute: add --dry-run flag to execute command (#265) (b2955d4)
  • model GitHub and SafeOutputs as extensions, add --allow-tool for all MCP servers (#251) (2150cdb)

Bug Fixes

  • add required 'domain' field to MCPG gateway config (#249) (e355b92)
  • align MCPG integration with gh-aw reference implementation (#244) (bb4cccd)
  • bypass MCPG run_containerized.sh to fix port validation with --network host (#250) (9b0568e)
  • resolve compiler warnings and remove dead code (#268) (dd7df1f)
  • run: base64-encode PAT for ADO MCP and pass prompts via @file (#270) (11b01ec)

0.14.0 (2026-04-16)

Features

Bug Fixes

0.13.0 (2026-04-15)

Features

  • capture agent statistics via OTel and surface in safe outputs (#219) (6f8d0f7)

0.12.0 (2026-04-15)

Features

  • add ecosystem domain allowlists from gh-aw (#213) (22a2069)
  • add Lean 4 runtime support with runtimes: front matter (#208) (16fc9be)
  • standardise front matter sanitization via SanitizeConfig/SanitizeContent traits (#210) (85ac3ab)

Bug Fixes

  • create-pr: skip auto-complete API call on draft PRs (#194) (#200) (d58dbeb)
  • improve trigger.pipeline validation with expression checks and better errors (#189, #188) (#196) (b0ae590)

0.11.0 (2026-04-14)

⚠ BREAKING CHANGES

  • The create subcommand has been removed. Use ado-aw init instead.

Features

  • create-pr: align with gh-aw create-pull-request implementation (#155) (b1859ae)
  • replace create wizard with AI-first onboarding (#187) (c468320)

Bug Fixes

  • address injection vulnerabilities from red team audit (#171) (#175) (5e3ac1b)
  • pin prompt URLs to version tag instead of main branch (#191) (1f3b6da)

0.10.0 (2026-04-14)

Features

  • add red team security auditor agentic workflow (#170) (6700677)
  • add runtime parameters support with auto-injected clearMemory (#166) (dc5b766)
  • align MCP config with MCPG spec — container/HTTP transport (#157) (a46a85b)
  • enable real-time agent output streaming with VSO filtering (#159) (7497cd6)
  • mcp: filter SafeOutputs tools based on front matter config (#156) (f43b22e)
  • promote memory to cache-memory tool and add first-class azure-devops tool (#167) (39103e1)
  • swap to using aw-mcpg (#19) (1cddfb3)

Bug Fixes

  • address review findings — MCPG_IMAGE constant, constant-time auth, reqwest dev-dep, MCP enabled check (#151) (09be1f2)
  • use length-check + ct_eq for constant-time auth comparison (#153) (d0aed74)

0.9.0 (2026-04-11)

Features

  • add COPILOT_CLI_VERSION to dependency version updater workflow (#137) (8155d24)
  • map engine max-turns and timeout-minutes to Copilot CLI arguments (#134) (2dbe162)

Bug Fixes

  • deprecate max-turns and move timeout-minutes to YAML job property (#138) (9887c97)
  • report-incomplete fails pipeline, percent-encode user_id, stage-1 status validation, merge_strategy validation, dead code removal (#141) (e81c570)

0.8.3 (2026-04-02)

Bug Fixes

  • handle string WikiType enum from ADO API in branch resolution (#122) (7914169)
  • resolve check command source path from repo root (#120) (a057598)

0.8.2 (2026-04-02)

Bug Fixes

  • use platform-appropriate absolute paths in path fallback tests (#118) (434cf19)

0.8.1 (2026-04-02)

Bug Fixes

  • auto-detect code wiki branch for wiki page safe outputs (#115) (f8ea1e9)
  • preserve subdirectory in generated pipeline_path and source_path (#114) (32137fe)

0.8.0 (2026-04-01)

⚠ BREAKING CHANGES

  • \check \ is now \check . Update any scripts or pipeline templates that call the old two-arg form.

Features

  • add /rust-review slash command for on-demand PR reviews (#60) (8eaf972)
  • add \configure\ command to detect pipelines and update GITHUB_TOKEN (#92) (a032b4e)
  • add comment-on-work-item safe output tool (#80) (513f7fe)
  • add create-wiki-page safe output (#61) (87d6527)
  • add edit-wiki-page safe output (#58) (7b4536f)
  • add update-work-item safe output (#65) (cf5e6b5)
  • Add Windows x64 binary to release artifacts (#37) (d463006)
  • allow copilot bot to trigger rust PR reviewer (#59) (0bcef57)
  • apply max budget enforcement to all safe-output tools (#91) (e88d8da)
  • auto-detect source from header in check command (#108) (b25f143)
  • auto-discover and recompile all agentic pipelines (#96) (fb1de50)
  • configure: accept explicit definition IDs via --definition-ids (#100) (b12c5ff)
  • Download releases from GitHub. (#17) (8478453)
  • rename edit-wiki-page to update-wiki-page (#66) (2b6c5ed)
  • replace read-only-service-connection with permissions field (#26) (410e2df)

Bug Fixes

  • add --repo flag to gh release upload in checksums job (#40) (fd437da)
  • configure: support Azure CLI auth and fix YAML path matching (#98) (a771036)
  • pin AWF container images to specific firewall version (#30) (bb92c9c)
  • pin AWF container images to specific firewall version (#32) (9c3b85c)
  • pin DockerInstaller to v26.1.4 for API compatibility (#105) (2c6baf2)
  • quote chmod paths and remove fragile sha256sum pipe in templates (#43) (b246fb1)
  • sha256sum --ignore-missing silently passes when binary is absent from checksums.txt (#47) (26c03c4)
  • strip redundant ./ prefixes from source path in header comment (#106) (689825c)
  • tests: strengthen checksum verification assertion against regression (#48) (7fcabe2)
  • update Copilot CLI version to 1.0.6 via compiler constants (#51) (b8d8ece)
  • YAML path matching and legacy SSH URL support (#95) (f85dd39)

0.7.1 (2026-04-01)

Bug Fixes

  • pin DockerInstaller to v26.1.4 for API compatibility (#105) (2c6baf2)
  • strip redundant ./ prefixes from source path in header comment (#106) (689825c)

0.7.0 (2026-03-31)

Features

  • configure: accept explicit definition IDs via --definition-ids (#100) (b12c5ff)

0.6.1 (2026-03-31)

Bug Fixes

  • configure: support Azure CLI auth and fix YAML path matching (#98) (a771036)

0.6.0 (2026-03-31)

Features

  • auto-discover and recompile all agentic pipelines (#96) (fb1de50)

Bug Fixes

  • YAML path matching and legacy SSH URL support (#95) (f85dd39)

0.5.0 (2026-03-31)

Features

  • add \configure\ command to detect pipelines and update GITHUB_TOKEN (#92) (a032b4e)

0.4.0 (2026-03-30)

Features

  • add /rust-review slash command for on-demand PR reviews (#60) (8eaf972)
  • add comment-on-work-item safe output tool (#80) (513f7fe)
  • add create-wiki-page safe output (#61) (87d6527)
  • add edit-wiki-page safe output (#58) (7b4536f)
  • add update-work-item safe output (#65) (cf5e6b5)
  • allow copilot bot to trigger rust PR reviewer (#59) (0bcef57)
  • apply max budget enforcement to all safe-output tools (#91) (e88d8da)
  • rename edit-wiki-page to update-wiki-page (#66) (2b6c5ed)

Bug Fixes

  • sha256sum --ignore-missing silently passes when binary is absent from checksums.txt (#47) (26c03c4)
  • tests: strengthen checksum verification assertion against regression (#48) (7fcabe2)
  • update Copilot CLI version to 1.0.6 via compiler constants (#51) (b8d8ece)

0.3.2 (2026-03-17)

Bug Fixes

  • quote chmod paths and remove fragile sha256sum pipe in templates (#43) (b246fb1)

0.3.1 (2026-03-17)

Bug Fixes

  • add --repo flag to gh release upload in checksums job (#40) (fd437da)

0.3.0 (2026-03-17)

Features

  • Add Windows x64 binary to release artifacts (#37) (d463006)
  • Download releases from GitHub. (#17) (8478453)
  • replace read-only-service-connection with permissions field (#26) (410e2df)

Bug Fixes

  • pin AWF container images to specific firewall version (#30) (bb92c9c)
  • pin AWF container images to specific firewall version (#32) (9c3b85c)

0.2.0 (2026-03-17)

Features

  • Add Windows x64 binary to release artifacts (#37) (d463006)

0.1.3 (2026-03-16)

Bug Fixes

  • pin AWF container images to specific firewall version (#32) (9c3b85c)

0.1.2 (2026-03-16)

Bug Fixes

  • pin AWF container images to specific firewall version (#30) (bb92c9c)

0.1.0 (2026-03-13)

Features

  • Download releases from GitHub. (#17) (8478453)
  • replace read-only-service-connection with permissions field (#26) (410e2df)