diff --git a/.github/aw/schemas/agentic-workflow.json b/.github/aw/schemas/agentic-workflow.json index 510479189b..ac29fa88a2 100644 --- a/.github/aw/schemas/agentic-workflow.json +++ b/.github/aw/schemas/agentic-workflow.json @@ -1903,6 +1903,7 @@ }, "firewall": { "description": "AWF (Agent Workflow Firewall) configuration for network egress control. Only supported for Copilot engine.", + "$comment": "Engine compatibility: copilot, claude, codex only. Not supported on custom engine. See pkg/workflow/firewall.go:89,105", "deprecated": true, "x-deprecation-message": "Use 'sandbox.agent: false' instead to disable the firewall for the agent", "oneOf": [ @@ -1952,6 +1953,7 @@ }, "sandbox": { "description": "Sandbox configuration for AI engines. Controls agent sandbox (AWF or Sandbox Runtime) and MCP gateway.", + "$comment": "Engine compatibility: Sandbox Runtime (SRT) is copilot only. AWF firewall supported on copilot, claude, codex. See pkg/workflow/firewall.go:135", "oneOf": [ { "type": "string", @@ -2296,6 +2298,7 @@ }, "engine": { "description": "AI engine configuration that specifies which AI processor interprets and executes the markdown content of the workflow. Defaults to 'copilot'.", + "$comment": "Engine-specific feature compatibility: HTTP transport (copilot, claude, codex), max-turns (claude only), firewall/AWF (copilot, claude, codex), Sandbox Runtime/SRT (copilot only). See pkg/workflow/copilot_engine.go, pkg/workflow/claude_engine.go, pkg/workflow/codex_engine.go", "default": "copilot", "$ref": "#/$defs/engine_config" }, @@ -5195,7 +5198,8 @@ "description": "Maximum number of chat iterations per run as a string value" } ], - "description": "Maximum number of chat iterations per run. Helps prevent runaway loops and control costs. Has sensible defaults and can typically be omitted. Note: Only supported by the claude engine." + "description": "Maximum number of chat iterations per run. Helps prevent runaway loops and control costs. Has sensible defaults and can typically be omitted. Note: Only supported by the claude engine.", + "$comment": "Engine compatibility: claude only. Not supported on copilot, codex, or custom engines. See pkg/workflow/agent_validation.go:143" }, "concurrency": { "oneOf": [ @@ -5432,6 +5436,7 @@ "http_mcp_tool": { "type": "object", "description": "HTTP MCP tool configuration", + "$comment": "Engine compatibility: HTTP transport is supported on copilot, claude, and codex engines. Not supported on custom engine. See pkg/workflow/agent_validation.go:118-134", "properties": { "type": { "type": "string", diff --git a/.github/workflows/issue-classifier.lock.yml b/.github/workflows/issue-classifier.lock.yml index a22d440eb5..86c01e6d76 100644 --- a/.github/workflows/issue-classifier.lock.yml +++ b/.github/workflows/issue-classifier.lock.yml @@ -2211,7 +2211,7 @@ jobs: path: /tmp/gh-aw/aw_info.json if-no-files-found: warn - name: Run AI Inference - uses: actions/ai-inference@334892bb203895caaed82ec52d23c1ed9385151e # v2.0.4 + uses: actions/ai-inference@334892bb203895caaed82ec52d23c1ed9385151e # v1 env: GH_AW_MCP_CONFIG: /tmp/gh-aw/mcp-config/mcp-servers.json GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index 6f307c8c77..f5a0cc548d 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -6031,13 +6031,13 @@ jobs: - name: Download Go modules run: go mod download - name: Generate SBOM (SPDX format) - uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.11 + uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.10 with: artifact-name: sbom.spdx.json format: spdx-json output-file: sbom.spdx.json - name: Generate SBOM (CycloneDX format) - uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.11 + uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.10 with: artifact-name: sbom.cdx.json format: cyclonedx-json @@ -6244,7 +6244,7 @@ jobs: fetch-depth: 0 persist-credentials: false - name: Release with gh-extension-precompile - uses: cli/gh-extension-precompile@9e2237c30f869ad3bcaed6a4be2cd43564dd421b # v2.1.0 + uses: cli/gh-extension-precompile@9e2237c30f869ad3bcaed6a4be2cd43564dd421b # v2 with: build_script_override: scripts/build-release.sh go_version_file: go.mod diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index 2917200924..a2dc0fc246 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -176,7 +176,7 @@ jobs: ORGANIZATION: ${{ env.ORGANIZATION }} id: stale-repos name: Run stale_repos tool - uses: github/stale-repos@a21e55567b83cf3c3f3f9085d3038dc6cee02598 # v3.0.2 + uses: github/stale-repos@a21e55567b83cf3c3f3f9085d3038dc6cee02598 # v3 - env: INACTIVE_REPOS: ${{ steps.stale-repos.outputs.inactiveRepos }} name: Save stale repos output diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 2324c85f38..27afaf48be 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -6161,7 +6161,7 @@ jobs: persist-credentials: false - name: Super-linter id: super-linter - uses: super-linter/super-linter@47984f49b4e87383eed97890fe2dca6063bbd9c3 # v8.3.1 + uses: super-linter/super-linter@47984f49b4e87383eed97890fe2dca6063bbd9c3 # v8.2.1 env: CREATE_LOG_FILE: "true" DEFAULT_BRANCH: main diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json index 510479189b..7b0b0bb94d 100644 --- a/pkg/parser/schemas/main_workflow_schema.json +++ b/pkg/parser/schemas/main_workflow_schema.json @@ -285,10 +285,7 @@ }, { "not": { - "anyOf": [ - { "required": ["branches"] }, - { "required": ["branches-ignore"] } - ] + "anyOf": [{ "required": ["branches"] }, { "required": ["branches-ignore"] }] } } ], @@ -305,10 +302,7 @@ }, { "not": { - "anyOf": [ - { "required": ["paths"] }, - { "required": ["paths-ignore"] } - ] + "anyOf": [{ "required": ["paths"] }, { "required": ["paths-ignore"] }] } } ] @@ -431,10 +425,7 @@ }, { "not": { - "anyOf": [ - { "required": ["branches"] }, - { "required": ["branches-ignore"] } - ] + "anyOf": [{ "required": ["branches"] }, { "required": ["branches-ignore"] }] } } ], @@ -451,10 +442,7 @@ }, { "not": { - "anyOf": [ - { "required": ["paths"] }, - { "required": ["paths-ignore"] } - ] + "anyOf": [{ "required": ["paths"] }, { "required": ["paths-ignore"] }] } } ] @@ -669,10 +657,7 @@ }, { "not": { - "anyOf": [ - { "required": ["branches"] }, - { "required": ["branches-ignore"] } - ] + "anyOf": [{ "required": ["branches"] }, { "required": ["branches-ignore"] }] } } ] @@ -996,10 +981,7 @@ }, { "not": { - "anyOf": [ - { "required": ["branches"] }, - { "required": ["branches-ignore"] } - ] + "anyOf": [{ "required": ["branches"] }, { "required": ["branches-ignore"] }] } } ], @@ -1016,10 +998,7 @@ }, { "not": { - "anyOf": [ - { "required": ["paths"] }, - { "required": ["paths-ignore"] } - ] + "anyOf": [{ "required": ["paths"] }, { "required": ["paths-ignore"] }] } } ] @@ -1903,6 +1882,7 @@ }, "firewall": { "description": "AWF (Agent Workflow Firewall) configuration for network egress control. Only supported for Copilot engine.", + "$comment": "Engine compatibility: copilot, claude, codex only. Not supported on custom engine. See pkg/workflow/firewall.go:89,105", "deprecated": true, "x-deprecation-message": "Use 'sandbox.agent: false' instead to disable the firewall for the agent", "oneOf": [ @@ -1952,6 +1932,7 @@ }, "sandbox": { "description": "Sandbox configuration for AI engines. Controls agent sandbox (AWF or Sandbox Runtime) and MCP gateway.", + "$comment": "Engine compatibility: Sandbox Runtime (SRT) is copilot only. AWF firewall supported on copilot, claude, codex. See pkg/workflow/firewall.go:135", "oneOf": [ { "type": "string", @@ -2296,6 +2277,7 @@ }, "engine": { "description": "AI engine configuration that specifies which AI processor interprets and executes the markdown content of the workflow. Defaults to 'copilot'.", + "$comment": "Engine-specific feature compatibility: HTTP transport (copilot, claude, codex), max-turns (claude only), firewall/AWF (copilot, claude, codex), Sandbox Runtime/SRT (copilot only). See pkg/workflow/copilot_engine.go, pkg/workflow/claude_engine.go, pkg/workflow/codex_engine.go", "default": "copilot", "$ref": "#/$defs/engine_config" }, @@ -5195,7 +5177,8 @@ "description": "Maximum number of chat iterations per run as a string value" } ], - "description": "Maximum number of chat iterations per run. Helps prevent runaway loops and control costs. Has sensible defaults and can typically be omitted. Note: Only supported by the claude engine." + "description": "Maximum number of chat iterations per run. Helps prevent runaway loops and control costs. Has sensible defaults and can typically be omitted. Note: Only supported by the claude engine.", + "$comment": "Engine compatibility: claude only. Not supported on copilot, codex, or custom engines. See pkg/workflow/agent_validation.go:143" }, "concurrency": { "oneOf": [ @@ -5432,6 +5415,7 @@ "http_mcp_tool": { "type": "object", "description": "HTTP MCP tool configuration", + "$comment": "Engine compatibility: HTTP transport is supported on copilot, claude, and codex engines. Not supported on custom engine. See pkg/workflow/agent_validation.go:118-134", "properties": { "type": { "type": "string",