Lockfile Statistics Analysis - 2026-02-22

[github-actions[bot]]

Analysis of all 158 .lock.yml files in .github/workflows/ as of 2026-02-22. Compared to the previous run (2026-02-21), the repository gained 1 new workflow (157 → 158 files). The aggregate lock file corpus now totals ~10.2 MB and reveals a mature, highly consistent agentic workflow platform.

Summary

Metric	Value
Total lock files	158
Total size	10,187 KB (~10.2 MB)
Average file size	64.5 KB
Average jobs per workflow	6.0
Average steps per workflow	78
Workflows with scheduling	117 (74.1%)
Workflows with manual dispatch	143 (90.5%)

---

File Size Distribution

Size Range	Count	Percentage
< 10 KB	0	0.0%
10–50 KB	7	4.4%
50–100 KB	147	93.0%
> 100 KB	4	2.5%

Size extremes:

• Smallest: codex-github-remote-mcp-test.lock.yml — 24.4 KB
• Largest: smoke-claude.lock.yml — 144.2 KB

The tight clustering in the 50–100 KB band (93% of files) reflects the standardized, templated nature of the platform's generated lock files. The 4 outliers above 100 KB are smoke-test workflows that include multiple engine jobs in a single file.

---

Trigger Analysis

Most Popular Triggers

Trigger	Count	% of Workflows
workflow_dispatch	143	90.5%
schedule	117	74.1%
pull_request	19	12.0%
issue_comment	14	8.9%
issues	12	7.6%
pull_request_review_comment	6	3.8%
discussion_comment	5	3.2%
discussion	4	2.5%
workflow_run	2	1.3%
push	1	0.6%

Common Trigger Combinations

Combination	Count
schedule + workflow_dispatch	107
workflow_dispatch only	17
pull_request + schedule + workflow_dispatch	7
pull_request + workflow_dispatch	6
discussion + discussion_comment + issue_comment + issues + pull_request + pull_request_review_comment	3
issues only	3
issue_comment + issues + pull_request	2
issue_comment only	2

The dominant pattern (68% of all workflows) is schedule + workflow_dispatch — autonomous scheduled agents that also support manual re-runs.

Schedule Patterns (Top 10 Most Common Cron Expressions)

Cron Expression	Count	Description
0 14 * * 1-5	4	Weekdays 14:00 UTC (9am ET)
0 13 * * 1-5	4	Weekdays 13:00 UTC (8am ET)
0 11 * * 1-5	4	Weekdays 11:00 UTC (6am ET)
0 9 * * 1-5	3	Weekdays 09:00 UTC (4am ET)
0 */6 * * *	2	Every 6 hours
0 15 * * 1-5	2	Weekdays 15:00 UTC
0 10 * * 1-5	2	Weekdays 10:00 UTC
0 16 * * 1-5	2	Weekdays 16:00 UTC
12 9 * * *	2	Daily 09:12 UTC
18 17 * * *	1	Daily 17:18 UTC

The strong preference for weekday-only schedules (Mon–Fri) indicates these are business-oriented workflows tied to team working hours. Schedules cluster in the 09:00–16:00 UTC window, suggesting US/EU business hour alignment. Total distinct schedule expressions: 101 across 117 scheduled workflows.

---

Safe Outputs Analysis

Output Types Distribution

Output Type	Count	% of Workflows
missing_data	151	95.6%
missing_tool	151	95.6%
create_discussion	60	38.0%
create_issue	47	29.7%
add_comment	35	22.2%
create_pull_request	30	19.0%
add_labels	14	8.9%
create_pull_request_review_comment	7	4.4%
update_issue	6	3.8%
push_to_pull_request_branch	6	3.8%
close_discussion	6	3.8%
submit_pull_request_review	6	3.8%
remove_labels	4	2.5%
close_pull_request	3	1.9%
link_sub_issue	3	1.9%
dispatch_workflow	3	1.9%
hide_comment	2	1.3%
update_pull_request	2	1.3%
create_code_scanning_alert	2	1.3%
create_agent_session	2	1.3%
close_issue	2	1.3%
create_project_status_update	2	1.3%
update_project	2	1.3%
assign_to_user	1	0.6%
update_release	1	0.6%
add_reviewer	1	0.6%
resolve_pull_request_review_thread	1	0.6%
unassign_from_user	1	0.6%

Total distinct output types in use: 28. missing_data and missing_tool appear in 95.6% of workflows as universal error-handling primitives.

Discussion Categories

Category	Count
audits	43
announcements	3
reports	3
artifacts	2
dev	2
research	2
NO_CATEGORY (omitted)	2
agent-research	1
daily-news	1
security	1

audits is the dominant discussion category (72% of discussion-producing workflows), reflecting this repository's primary use as an operational monitoring and reporting platform.

Multi-Output Workflows (52 workflows use 2+ action types)

Example workflows combining multiple safe output types:

• agent-performance-analyzer: add_comment + create_discussion + create_issue
• ai-moderator: add_labels + hide_comment
• auto-triage-issues: add_labels + create_discussion
• bot-detection: create_issue + update_issue
• changeset: push_to_pull_request_branch + update_pull_request
• ci-doctor: add_comment + create_issue + update_issue
• cloclo: add_comment + create_pull_request
• code-scanning-fixer: add_labels + create_pull_request
• contribution-check: add_comment + add_labels + create_issue
• craft: add_comment + push_to_pull_request_branch

---

Structural Characteristics

Job Complexity

Jobs per Workflow	Count
2 jobs	5 workflows
3 jobs	1 workflow
4 jobs	2 workflows
5 jobs	41 workflows
6 jobs	60 workflows
7 jobs	33 workflows
8 jobs	15 workflows
9 jobs	1 workflow

• Average jobs per workflow: 6.0
• Most common: 6 jobs (60 workflows, 38%)

Most Common Job Names

Job Name	Count	% of Workflows
activation	158	100%
agent	158	100%
conclusion	151	95.6%
safe_outputs	151	95.6%
detection	148	93.7%
update_cache_memory	67	42.4%
pre_activation	53	33.5%
upload_assets	23	14.6%
push_repo_memory	21	13.3%

All 158 workflows share the activation and agent jobs — the universal skeleton of the gh-aw platform.

Step Complexity

• Average steps per workflow: 78.0
• Minimum: 37 steps (codex-github-remote-mcp-test, example-*, firewall, test-workflow)
• Maximum: 107 steps (daily-copilot-token-report)

Top 10 Most Complex Workflows (by step count)

Workflow	Steps
daily-copilot-token-report	107
audit-workflows	102
deep-report	102
copilot-pr-nlp-analysis	99
smoke-claude	99
smoke-copilot-arm	99
smoke-copilot	99
unbloat-docs	99
copilot-session-insights	98
daily-news	98

Typical Lock File Structure

A representative gh-aw lock file has:

• Size: ~64.5 KB
• Jobs: 6 (activation, detection, pre_activation, agent, safe_outputs, conclusion)
• Steps: ~78 total across all jobs
• Triggers: schedule + workflow_dispatch
• Permissions: contents: read, issues: write, discussions: write
• Timeout: 10–20 minutes per job
• Concurrency: 1 concurrency group, cancel-in-progress

---

Permission Patterns

Permission Frequency (across all job permission blocks)

Permission	Count	Type
contents: read	781	Read
issues: write	334	Write
discussions: write	234	Write
contents: write	153	Write
issues: read	144	Read
pull-requests: write	144	Write
pull-requests: read	141	Read
actions: read	73	Read
discussions: read	34	Read
security-events: read	10	Read
actions: write	6	Write
security-events: write	4	Write

Workflow-Level Permission Distribution

Permission	Workflows
contents: read (all jobs)	158 (100%)
issues: write	144 (91.1%)
discussions: write	98 (62.0%)
contents: write	67 (42.4%)
actions: read	71 (44.9%)
pull-requests: write	54 (34.2%)

All 158 workflows set top-level permissions: {} (empty) and grant granular permissions only to individual jobs — a security best practice.

---

Engine Distribution

Engine	Count	%
Copilot	83	52.5%
Claude	34	21.5%
Unknown/other	33	20.9%
Codex	8	5.1%

Detected via concurrency group naming conventions (gh-aw-copilot-*, gh-aw-claude-*, gh-aw-codex-*). Copilot is the dominant engine for the majority of scheduled workflows.

---

Tool and MCP Patterns

MCP Server Usage

MCP Server	Workflows
safeoutputs	151 (95.6%)
github-remote	2 (1.3%)
brave-search	2 (1.3%)

The safeoutputs MCP server is effectively universal (95.6%), functioning as the platform's write-action gateway. Only 2 workflows use the experimental github-remote MCP server or brave-search.

Runner Distribution

Runner	Count (job occurrences)
ubuntu-slim	536
ubuntu-latest	409
ubuntu-24.04-arm	1

ubuntu-slim is used more frequently overall, but ubuntu-latest is common for steps requiring full toolchain support. One workflow tests on ARM architecture.

Timeout Patterns

Timeout (minutes)	Occurrences
5	11
10	194
15	176
20	174
30	33
45	12
60	4
90	1
180	1

• Average timeout: 16.8 minutes
• Most common: 10 min (194 occurrences)
• The 180-minute outlier likely represents a long-running integration or smoke test.

---

Interesting Findings

1. Universal skeleton: Every single one of the 158 workflows contains activation and agent jobs — the gh-aw platform enforces a rigidly standardized structure, making each lock file a parameterized instance of a common template.

2. 28 distinct safe output types: The platform has grown a rich vocabulary of 28 action types. Beyond the ubiquitous error primitives (missing_data, missing_tool), create_discussion (60 workflows) and create_issue (47 workflows) are the primary communication channels agents use to surface findings.

3. Business-hour scheduling bias: Among the 117 scheduled workflows, the majority run during UTC business hours (09:00–17:00) on weekdays. This reflects human review cycles — agents produce reports timed for team morning check-ins.

4. Security hygiene: All 158 workflows use the permissions: {} + job-level grant pattern (principle of least privilege), and all include firewall/awf logging and artifact upload steps — indicating consistent security hardening across the entire platform.

5. Memory and persistence infrastructure: 68 workflows (43%) include an update_cache_memory job, and 21 (13%) have a push_repo_memory job. This suggests nearly half of all workflows maintain persistent agent memory across runs.

6. Copilot dominance but multi-engine design: Copilot powers 52.5% of workflows, Claude handles 21.5%, and Codex 5.1%. The remaining ~21% are engine-ambiguous — the platform's concurrency group abstraction cleanly isolates engine choice from workflow structure.

---

Historical Trends

Comparing with the previous analysis run (2026-02-21):

Metric	2026-02-21	2026-02-22	Change
Total lock files	157	158	+1
schedule trigger	116	117	+1
workflow_dispatch	142	143	+1

Growth is steady and incremental (+1 workflow/day observed). Trigger distribution ratios are stable, indicating the new workflow follows established platform patterns.

---

Recommendations

1. Investigate the 7 files in the 10–50 KB range: These are significantly smaller than the 64.5 KB average and may represent incomplete or minimal workflows that could benefit from full platform feature adoption (cache memory, repo memory, etc.).

2. Clarify the 33 "unknown/other" engine workflows: These workflows lack the standard gh-aw-{engine}- concurrency group prefix. Consider standardizing the naming convention to make engine attribution unambiguous.

3. Review the 2 create_discussion configs without a category: Discussions without an explicit category fall back to repository defaults, which may route them to unintended categories. Setting explicit categories improves discoverability.

4. Diversify scheduling patterns: With 101 distinct schedule expressions but many clustering at similar times (09:00–16:00 UTC weekdays), consider staggering more workflows to reduce simultaneous runner demand and improve signal/noise for on-call teams.

5. Consider formalizing the 28 safe output types: With 28 distinct output types now in use (including rarely-used ones like assign_to_user, unassign_from_user, update_release), a curated registry or documentation page would help workflow authors discover available capabilities.

---

Methodology

• Analysis tool: Python 3 with regex-based YAML parsing + yq for job structure queries
• Lock files analyzed: 158 (all .github/workflows/*.lock.yml)
• Cache memory: Results stored in /tmp/gh-aw/cache-memory/history/2026-02-22.json; analysis script in /tmp/gh-aw/cache-memory/scripts/full_analysis.py
• Historical comparison: Diff against /tmp/gh-aw/cache-memory/history/2026-02-21.json
• Workflow run: §22281076743

References:

• §22281076743

AI generated by Lockfile Statistics Analysis Agent

• expires on Feb 23, 2026, 4:48 PM UTC

[github-actions[bot]]

This discussion was automatically closed because it expired on 2026-02-23T16:48:15.271Z.

Closed by Workflow