v0.67.3

🌟 Release Highlights

This release strengthens workflow composition, self-hosted runner support, and token-minting patterns — with four improvements driven directly by community feedback.

✨ What's New

pre-steps: same-job token minting for cross-repo checkout

A new pre-steps frontmatter field lets you inject steps that run before checkout and the agent, inside the same job. This is the recommended solution for workflows that use token-minting actions (e.g. actions/create-github-app-token, octo-sts) to check out external repositories. Because the minted token stays in the same job, it is never masked when crossing a job boundary — the long-standing checkout.token runtime failure is now fully addressed. Pre-steps from imported shared workflows are automatically merged in.

pre-steps:
  - name: Mint short-lived token
    id: mint
    uses: some-org/token-minting-action@v1
    with:
      scope: target-org/target-repo

checkout:
  - repository: target-org/target-repo
    path: target
    token: $\{\{ steps.mint.outputs.token }}
    current: false

import-inputs expressions in imports: section

$\{\{ github.aw.import-inputs.* }} expressions in the imports: section's with: values are now correctly resolved before nested import discovery. Multi-level workflow composition — where a shared workflow forwards an input to its own imports — now works as expected. See the imports reference for details.

assignees on create-pull-request fallback issues

safe-outputs.create-pull-request now accepts an assignees field that applies to all fallback paths, including protected-files: fallback-to-issue. Assignees are validated before submission, with automatic retry on HTTP 422. See the safe-outputs pull requests reference for details.

safe-outputs:
  create-pull-request:
    protected-files: fallback-to-issue
    reviewers: [mcg]
    assignees: [mcg]   # ← now accepted; applied to all fallback issues

New design pattern docs: WorkQueueOps & BatchOps

Two new design pattern pages are now available in the docs:

• WorkQueueOps: four queue strategies (issue checklists, sub-issues, cache-memory JSON, discussion-based) with concurrency and idempotency guidance.
• BatchOps: four batch strategies including chunked pagination, modulo-sharded matrix fan-out, rate-limit-aware processing, and result aggregation via cache-memory.

🐛 Bug Fixes & Improvements

• MCP compile + Docker unavailable: actionlint, zizmor, and poutine linting no longer marks every workflow as valid: false when Docker is unavailable. A clear DockerUnavailable error is surfaced instead of silently hiding compilation results.
• OTLP artifact upload: otel.jsonl (the span mirror written by send_otlp_span.cjs) is now automatically included in the "Upload agent artifacts" step for all OTLP-configured workflows, enabling post-hoc trace debugging without a live collector.
• Self-hosted runner path isolation: Fixed a setup issue where $RUNNER_TEMP = /tmp caused the read-only setup tree and the read-write runtime tree to collapse into the same path, inadvertently granting write access to compiled scripts and MCP configs.
• Tool version updates: Claude Code 2.1.92 → 2.1.94, Copilot CLI 1.0.20 → 1.0.21, MCP Go SDK v1.4.1 → v1.5.0 (security: Origin/Content-Type header verification; protocol version 2025-11-25).

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release!

@j-srodka

• Configurable or documented runs-on for generated agentics maintenance workflow (self-hosted fleets) (direct issue)

@salekseev

• checkout.token from custom jobs: fails at runtime when token-minting action masks output (direct issue)

@seangibeault

• Feature: support assignees on create-pull-request for protected-files: fallback-to-issue (direct issue)

@yskopets

• feat: allow ${{ github.aw.import-inputs.* }} expressions in frontmatter imports section (direct issue)

---

For complete details, see CHANGELOG.

Note

🔒 Integrity filter blocked 1 item

The following item were blocked because they don't meet the GitHub integrity level.

• #25199 issue_read: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

To allow these resources, lower min-integrity in your GitHub frontmatter:

tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by Release · ● 1.5M

---

What's Changed

• fix: reject /-prefixed paths not under .agents/ or .github/ with security error by @Copilot in #24943
• Merge assign-to-agent safe output handler into the safe output main handler loop by @Copilot in #24934
• Align MCP Scripts step names with Safe Outputs naming conventions by @Copilot in #24944
• [actions] Update GitHub Actions versions - 2026-04-06 by @github-actions[bot] in #24952
• feat: add api-consumption-report daily agentic workflow by @Copilot in #24957
• refactor: move create-agent-session into main safe-outputs handler loop by @Copilot in #24951
• Bump MCPG container image to v0.2.15 by @Copilot in #24945
• fix: use actual OTLP span trace ID in job observability summary by @Copilot in #24963
• fix: unknown tool names in frontmatter tools section are compile errors; remove qmd built-in by @Copilot in #24855
• docs: document inlined-imports: true for cross-org workflow_call scenarios by @Copilot in #24977
• [safe-output-integrator] Add missing safe-output test workflows and compiler tests by @github-actions[bot] in #24975
• Add actions: read to activation job permissions when hash check API step is emitted by @Copilot in #24976
• feat: add --artifacts flag to audit/logs/audit-diff commands with MCP exposure and incremental caching by @Copilot in #24967
• Recompile workflows to sync lock files by @Copilot in #24988
• fix(api-consumption-report): track actual GitHub REST API quota from run_summary.json by @Copilot in #24986
• Fix resolve_host_repo.cjs to correctly identify callee repo in cross-org workflow_call by @Copilot in #24974
• feat: add assignees to create-pull-request for fallback issues by @Copilot in #24966
• fix: update golden files for activation job actions: read permission by @Copilot in #24998
• docs: add missing qmd reference page to fix docs build by @Copilot in #24999
• Fix build-wasm: update golden files for actions: read permission by @Copilot in #25000
• fix(tests): add audit-diff to MCP server tool tests by @Copilot in #25006
• fix(pdf-summary): normalize report formatting to match style guidelines by @Copilot in #25007
• [docs] docs(engines): reduce bloat in AI engines reference by @github-actions[bot] in #25010
• feat: add cli-proxy feature flag for AWF gh CLI proxy sidecar (firewall v0.25.14) by @Copilot in #24997
• [jsweep] Clean action_input_utils.test.cjs by @github-actions[bot] in #25021
• feat(compiler): setup node in agent job and safe_outputs job when using custom image runner by @Copilot in #25011
• Remove cli-proxy-writable feature flag and add read-only gh CLI prompt for cli-proxy by @Copilot in #25013
• Refocus api-consumption-report on GitHub API usage only by @Copilot in #25030
• Fix TestCustomPermissionsOverrideDefaults false failure on activation job permissions by @Copilot in #25039
• [code-simplifier] refactor: simplify cli-proxy code from #25013 (early-continue pattern + step numbering) by @github-actions[bot] in #25037
• perf: fix 20% validation regression by caching builtin file parsing and eliminating redundant work by @Copilot in #25036
• fix: remove 360 upper limit on timeout-minutes to support custom runners by @Copilot in #25042
• [fp-enhancer] Improve pkg/agentdrain: declarative initialization and functional transformation by @github-actions[bot] in #25047
• perf(daily-cli-tools-tester): reduce token burn by 50-70% with output limits by @Copilot in #25048
• build(deps): bump mermaid from 11.13.0 to 11.14.0 in /docs by @dependabot[bot] in #25049
• build(deps-dev): bump @vitest/ui from 4.1.2 to 4.1.3 in /actions/setup/js by @dependabot[bot] in #25055
• build(deps-dev): bump @playwright/test from 1.58.2 to 1.59.1 in /docs by @dependabot[bot] in #25054
• build(deps-dev): bump @types/node from 25.5.0 to 25.5.2 in /actions/setup/js by @dependabot[bot] in #25051
• build(deps-dev): bump vitest from 4.1.2 to 4.1.3 in /actions/setup/js by @dependabot[bot] in #25050
• build(deps): bump astro from 6.1.2 to 6.1.4 in /docs by @dependabot[bot] in #25052
• feat(otlp): include reset timestamp in GitHub API rate-limit span attributes by @Copilot in #25061
• [docs] docs(dev.md): add rate-limit reset timestamp OTLP attribute (v5.4) by @github-actions[bot] in #25069
• [instructions] Sync github-agentic-workflows.md with v0.67.1 by @github-actions[bot] in #25066
• perf: fix 18.9% YAMLGeneration regression — replace regex scans with fast string scans by @Copilot in #25044
• fix: logs MCP tool always writes to content-addressed temp file and returns path by @Copilot in #25040
• Rename newActivationOutputsCodemod → getActivationOutputsCodemod by @Copilot in #25073
• [docs] Self-healing documentation fixes from issue analysis - 2026-04-07 by @github-actions[bot] in #25098
• fix: sanitizeUrlProtocols bypassed by percent-encoded protocol colon (javascript%3A) by @Copilot in #25079
• [docs] Update glossary - weekly full scan by @github-actions[bot] in #25062
• [community] Update community contributions in README by @github-actions[bot] in #25064
• Fix update_discussion validation to allow label-only updates by @Copilot in #25093
• feat: safe update mode warning prompt for secrets and actions (#safe-update) by @Copilot in #24968
• Add min-integrity: none to ai-moderator workflow by @Copilot in #25104
• Pin agentic engine CLIs to fixed versions for supply chain security by @Copilot in #25111
• fix(create_issue,create_pull_request): concurrency safety + direct copilot assignment via agent helpers by @Copilot in #25056
• Update README.md by @pelikhan in #25136
• fix: update trial mode tests to match generateYAML's 4-value return signature by @Copilot in #25138
• fix: use strings.Cut instead of strings.Index in CollectActionReferences (modernize lint) by @Copilot in #25142
• fix: exempt gh-aw internal secrets from safe update enforcement by @Copilot in #25143
• Bump MCPG container image to v0.2.16 by @Copilot in #25140
• fix: CLI help text consistency across 5 commands by @Copilot in #25147
• docs: add new slide deck by @mnkiefer in #25152
• feat: set GITHUB_COPILOT_INTEGRATION_ID env var for Copilot CLI by @eaftan in #25153
• refactor: extract type conversion utilities to pkg/typeutil by @Copilot in #25148
• [log] feat: add debug logging to artifact sets, manifests, virtual FS, completion, and schema triggers by @github-actions[bot] in #25168
• docs: add timeout configuration guide for long build times by @Copilot in #25165
• fix: align step names in notify_comment.go with sentence-case convention by @Copilot in #25163
• Improve test quality: pkg/agentdrain/anomaly_test.go by @Copilot in #25149
• docs: expand auth.mdx with engine-specific sections, quick-reference table, and troubleshooting by @Copilot in #25172
• security: add runtime check to prevent RUNNER_TEMP=/tmp collision with runtime tree by @Copilot in #25176
• feat: add upload-artifact safe output type for run-scoped GitHub Actions artifact uploads by @Copilot in #25002
• docs(slides): replace broken image gallery with Starlight LinkButtons by @Copilot in #25210
• fix: include otel.jsonl in agent artifact upload when OTLP is enabled by @Copilot in #25209
• [docs] docs: reduce bloat in safe-outputs reference by @github-actions[bot] in #25232
• fix: normalize header levels in api-consumption-report discussion template by @Copilot in #25213
• docs: remove transparent border-bottom preset from link buttons on slides page by @Copilot in #25233
• Token optimization: scope glossary-maintainer toolsets and pre-fetch git history by @Copilot in #25228
• feat: repo-level config via .github/workflows/aw.json by @Copilot in #25227
• chore: bump default firewall version to v0.25.16 by @lpcox in #25238
• feat: add pre-steps to agent job for same-job token minting (with import support) by @Copilot in #25242
• chore: Update Claude Code 2.1.92→2.1.94 and Copilot CLI 1.0.20→1.0.21 by @Copilot in #25247
• docs: add WorkQueueOps and BatchOps design pattern pages by @Copilot in #25178
• [docs] Update Astro dependencies - 2026-04-08 by @github-actions[bot] in #25272
• [docs] Consolidate WorkQueueOps and BatchOps design patterns into dev.md (v5.5) by @github-actions[bot] in #25274
• [instructions] Sync github-agentic-workflows.md with v0.67.1 by @github-actions[bot] in #25271
• [community] Update community contributions in README by @github-actions[bot] in #25269
• [docs] Update glossary - daily scan (BatchOps, WorkQueueOps) by @github-actions[bot] in #25266
• build(deps): bump lodash-es from 4.17.23 to 4.18.1 in /docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in #25211
• [code-simplifier] refactor: extract writeStepsSection helper to eliminate pre/post-steps duplication by @github-actions[bot] in #25256
• Rename expires integer codemod functions to convey day-string semantics by @Copilot in #25284
• fix: compile with actionlint/zizmor/poutine no longer marks valid workflows as invalid when Docker is unavailable by @Copilot in #25251
• deps: update github.com/modelcontextprotocol/go-sdk from v1.4.1 to v1.5.0 by @Copilot in #25285
• feat: resolve ${{ github.aw.import-inputs.* }} expressions in imports: frontmatter before nested import discovery by @Copilot in #25241
• refactor: eliminate duplicate git root detection and typeutil alias wrappers by @Copilot in #25283

Full Changelog: v0.67.2...v0.67.3