v0.42.11

🌟 Release Highlights

This release improves workflow reliability, clarifies tool configurations, and enhances our Dependabot automation with smarter project management.

✨ What's New

Dependabot Project Manager Enhancement (#14225)

• Refactored to process Dependabot pull requests instead of security alerts, making it easier to review and merge dependency updates
• Streamlines the workflow for managing open Dependabot PRs with bundling and intelligent assignment

Documentation Improvements (#14214)

• Updated guides to use vendor-neutral "AI chatbot" terminology instead of specific tool references
• Makes documentation more inclusive and applicable across different AI platforms

🐛 Bug Fixes & Improvements

Plugin Command Syntax Fix (#14224)

• Corrected plugin installation command ordering from install plugin to plugin install
• Prevents CLI errors when workflows use plugin installations

Cleaner Tool Configuration (#14222)

• Removed ambiguous anonymous bash: syntax (nil values)
• Now requires explicit bash tool configuration for better clarity and predictability

Test Reliability (#14221)

• Fixed false positive in runtime version tests caused by AWF version string matching
• Improved test specificity to avoid version string collisions

⚡ Under the Hood

AWF Framework Update (#14027)

• Bumped AWF (gh-aw-firewall) to v0.13.12 for improved MCP server connectivity in chroot mode

---

For complete details, see the CHANGELOG.

Generated by Release

---

What's Changed

• docs: replace ChatGPT references with generic AI chatbot terminology by @Copilot in #14214
• Add Dependabot Project Manager workflow with bundling and Copilot assignment by @Copilot in #14182
• chore: bump AWF to v0.13.12 by @Mossaka in #14027
• Fix TestRuntimeSetupPreservesUserVersions false positive from AWF version by @Copilot in #14221
• Refactor Dependabot Project Manager to process PRs instead of security alerts by @Copilot in #14225
• Fix plugin command syntax: install plugin → plugin install by @Copilot in #14224

Full Changelog: v0.42.10...v0.42.11

v0.42.10

What's Changed

• Add daily exploratory testing workflow for CLI tools by @Copilot in #14168
• Fix smoke-claude: handle tool failures gracefully and guarantee safe output by @Copilot in #14171
• Rename MCP server identifier from agentic_workflows to agenticworkflows by @Copilot in #14173
• Limit create-issue to 1 in daily-cli-tools-tester workflow by @Copilot in #14184
• Format auto-added "Fixes #N" as bullet point in PR body footer by @Copilot in #14191
• Add network access to agentic-workflows MCP server container by @Copilot in #14201
• Teach create workflow agent to discover CLI automation before manual configuration by @Copilot in #14189
• Make upgrade command version check non-blocking with GitHub API by @Copilot in #14209
• Wrap agent log rendering in collapsible details section by @Copilot in #14208
• Add edit tool and full bash access to daily-cli-tools-tester workflow by @Copilot in #14211

Full Changelog: v0.42.9...v0.42.10

v0.42.9

🌟 Release Highlights

This maintenance release improves debugging capabilities and refines documentation for workflow creation.

🐛 Bug Fixes & Improvements

Enhanced Error Diagnostics for gh CLI - When GitHub CLI commands fail, error logs now capture complete diagnostic information including exit codes, stderr output, and the executed command. This makes troubleshooting workflow issues significantly faster by providing actionable error context. (#14156)

Docker Git Ownership Fixed - Resolved "dubious ownership" errors when working with mounted volumes in Docker containers by configuring git to trust all directories. This eliminates a common friction point in containerized development environments. (#14156)

📚 Documentation

Streamlined Workflow Creation Guide - The create.md documentation now includes helpful references to orchestration and project management patterns, making it easier to discover best practices when building new workflows. Removed outdated instructions for deprecated features. (#14151)

---

Generated by Release

---

What's Changed

• core: update create.md by @mnkiefer in #14151
• Capture exit codes and stderr when gh CLI commands fail, fix Docker git ownership by @Copilot in #14156

Full Changelog: v0.42.8...v0.42.9

v0.42.8

🌟 Release Highlights

This maintenance release brings important bug fixes for workflow execution, improved MCP server reliability, and enhanced documentation experience.

🐛 Key Bug Fixes

Workflow Execution Improvements

• Discussion comment handling: add_comment now automatically falls back to GraphQL when working with discussion numbers, eliminating 404 errors (#14125)
• Dev mode binary access: Fixed gh-aw binary availability in user-defined workflow steps, enabling custom commands to run properly (#14120)
• Action pinning: Updated action-tag references to include all required JavaScript files, preventing missing dependency errors (#14127)

Parser & Validation

• Firewall configuration: Fixed SSL-bump field extraction in frontmatter parser for proper firewall configuration (#13920)
• Version detection: Improved Python dependency version checking in NLP analysis workflows (#14119)

✨ What's New

MCP Server Enhancements

• Binary path auto-detection: MCP server now automatically detects the gh-aw binary path for reliable self-invocation (#14140)
• Concurrency analysis: New daily workflow monitors MCP server tools for potential race conditions and global state issues (#14147)

Documentation & Usability

• Emoji-free rendering: Documentation now strips emojis for cleaner, more professional output using a custom remark plugin (#14122)
• Video tutorials: Updated video files and thumbnails for improved learning experience (#14094, #14099)
• Modern typography: Added Mona Sans webfonts for enhanced readability (#14107)
• Glossary updates: Automated daily scans keep terminology current (#14096)

🧹 Cleanup

• Removed obsolete prompt file management from init, upgrade, and fix commands for simpler initialization flows (#14150)
• Cleaned up deprecated payload-dir references from frontmatter documentation (#14069)

🧪 Testing

• Expanded unit test coverage for workflow compiler main job generation (#14129)

📦 Dependency Updates

• Claude Code: 2.1.34
• Copilot CLI: 0.0.405
• Codex: 0.98.0
• Playwright MCP: 0.0.64

---

Generated by Release

---

What's Changed

• chore: update video files for tutorials by @mnkiefer in #14094
• fix: update video thumbnail paths by @mnkiefer in #14099
• docs: add Mona Sans webfonts by @mnkiefer in #14107
• Remove payload-dir from frontmatter documentation by @Copilot in #14069
• [docs] Update glossary - daily scan by @github-actions[bot] in #14096
• Fix firewall SSL-bump field extraction in frontmatter parser by @Copilot in #13920
• feat: add remark plugin to strip emojis by @mnkiefer in #14122
• Update CLI versions: Claude Code 2.1.34, Copilot 0.0.405, Codex 0.98.0, Playwright MCP 0.0.64 by @Copilot in #14114
• Fix textblob version check in Copilot PR NLP Analysis workflow by @Copilot in #14119
• Fix gh-aw binary availability for user-defined steps in dev mode workflows by @Copilot in #14120
• Fix daily-fact workflow action-tag to include missing parse_mcp_gateway_log.cjs by @Copilot in #14127
• Add unit tests for compiler_yaml_main_job.go by @Copilot in #14129
• Fix add_comment to handle discussion numbers via fallback to GraphQL by @Copilot in #14125
• Add daily concurrency analysis workflow for MCP server tools by @Copilot in #14147
• Add binary path detection for MCP server self-invocation by @Copilot in #14140
• Remove prompt file management functions from init/upgrade/fix commands by @Copilot in #14150

Full Changelog: v0.42.7...v0.42.8

v0.42.7

🌟 Release Highlights

This maintenance release fixes a critical bug in workflow dispatch from pull requests and updates documentation for recently added plugin and payload directory features.

🐛 Bug Fixes

Fixed workflow dispatch from pull requests (#14062)

The dispatch_workflow action now correctly handles PR contexts by using the actual PR branch ref (refs/heads/{branch}) instead of the merge ref (refs/pull/{PR_NUMBER}/merge), which GitHub Actions API rejects. Additionally, the default branch resolution logic was improved to:

• Check context.payload.repository.default_branch first
• Fall back to github.rest.repos.get() API call
• Only use refs/heads/main as last resort

This ensures workflows can dispatch from PRs and correctly handle repositories with non-standard default branches (e.g., "develop", "staging").

📚 Documentation

Updated reference documentation (#14060)

Added comprehensive documentation for two recently merged features:

• Plugin installation: Documented plugins: frontmatter field with both array and object formats, including cascading GitHub token resolution
• Payload directory: Documented payload-dir: configuration for sharing large MCP responses between agent and gateway containers

---

Generated by Release

---

What's Changed

• Fix dispatch_workflow to use PR branch ref and resolve default branch correctly by @Copilot in #14062
• [docs] Update documentation for plugins and payload-dir features by @github-actions[bot] in #14060

Full Changelog: v0.42.6...v0.42.7

v0.42.6

🌟 Release Highlights

This release brings powerful plugin management capabilities and critical MCP server improvements for better reliability and debugging.

✨ What's New

Plugin Installation Support (#14041)
Install GitHub CLI extensions directly from your workflow frontmatter! Supports both simple array and advanced object formats with cascading authentication:

# Simple format
plugins:
  - github/copilot-cli
  - acme/custom-tool

# Advanced format with custom token
plugins:
  repos:
    - github/copilot-cli
  github-token: ${{ secrets.CUSTOM_TOKEN }}

The compiler automatically generates installation steps for Copilot, Claude, and Codex engines with intelligent token resolution (custom token → GH_AW_PLUGINS_TOKEN → GH_AW_GITHUB_TOKEN → GITHUB_TOKEN).

🐛 Bug Fixes & Improvements

MCP Server Configuration (#14044, #14053)

• Fixed: Removed redundant GH_TOKEN environment variable from agentic-workflows MCP server config that was causing "undefined environment variable" errors
• Improved: Added working directory logging and Docker workdir configuration (-w ${{ github.workspace }}) to ensure proper path resolution inside containers
• Technical: The MCP server's ExecGH() helper automatically creates GH_TOKEN from GITHUB_TOKEN when needed, eliminating the need to pass both tokens

These changes improve reliability for workflows using the agentic-workflows MCP server and make debugging container path issues easier.

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• Add plugin installation support via frontmatter with dual-format configuration and cascading token resolution by @Copilot in #14041
• Remove GH_TOKEN from agentic-workflows MCP server config by @Copilot in #14044
• Add working directory logging and Docker workdir for agentic-workflows MCP server by @Copilot in #14053

Full Changelog: v0.42.5...v0.42.6

v0.42.5

🌟 Release Highlights

This release focuses on enhancing MCP (Model Context Protocol) infrastructure and telemetry capabilities to improve reliability and performance for agentic workflows.

✨ What's New

🔗 MCP Gateway Payload Sharing (#14026)
Configure payloadDir to enable efficient sharing of large response payloads between agent and MCP gateway containers. The agent container now mounts payloadDir as read-only for security, while the gateway retains write access to create payload files. This enhancement improves performance when working with large API responses or file transfers.

📡 Enterprise Telemetry Support (#14007)
Copilot engine workflows can now reach telemetry.enterprise.githubcopilot.com without explicit network configuration. This domain is automatically added to the Copilot engine's allowlist, simplifying setup for enterprise environments.

🐛 Bug Fixes & Improvements

🛡️ Enhanced Chroot Security (#13970)
Upgraded AWF (gh-aw-firewall) to v0.13.7, which includes critical fixes for chroot mode:

• Fixed /etc/hosts and /etc/resolv.conf mounting in chroot environments
• Resolved .copilot directory permission issues before CLI installation
• Restored HTTPS_PROXY environment variable handling
• Prevented Bun runtime crashes in sandboxed environments

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• Add telemetry.enterprise.githubcopilot.com to copilot engine default allowlist by @Copilot in #14007
• chore: bump AWF to v0.13.7 by @Mossaka in #13970
• Configure payloadDir for MCP gateway to enable large payload sharing by @claude in #14026

Full Changelog: v0.42.4...v0.42.5

v0.42.4

🌟 Release Highlights

A maintenance release focusing on stability improvements and developer experience enhancements.

🐛 Bug Fixes & Improvements

• Fixed Copilot CLI installation permission issues - Resolved intermittent EACCES errors when installing the Copilot CLI after running workflows with sudo -E awf --enable-chroot (#13980)
• Improved MCP Gateway log file display - Removed duplicate filename rendering in displayFileContent(), providing cleaner console output (#13999)
• Enhanced test reliability - Fixed test assertions in MCP Gateway log parsing to correctly validate collapsible group title output (#14003)

⚡ Performance & Developer Experience

• Upgraded MCP Gateway to v0.0.103 - Per-server log file support for easier backend troubleshooting and debugging (#13998)
• Dev mode build improvements - Added CLI build steps for local development in the agentic-workflows action (#13996)
• Code quality - Extracted action mode helpers to reduce code duplication and improve maintainability (#13982)

---

For complete details, see the CHANGELOG.

Generated by Release

---

What's Changed

• fix: ensure /home/runner/.copilot directory has correct ownership before Copilot CLI install by @Copilot in #13980
• [code-simplifier] Extract action mode helper to reduce code duplication by @github-actions[bot] in #13982
• Integrate gh-aw-mcpg v0.0.103 by @Copilot in #13998
• Remove duplicate filename display in displayFileContent by @Copilot in #13999
• Fix test assertions in parse_mcp_gateway_log.test.cjs by @Copilot in #14003
• Add CLI build steps for dev mode in agentic-workflows action by @Copilot in #13996

Full Changelog: v0.42.3...v0.42.4

v0.42.3

🌟 Release Highlights

This release brings important bug fixes, enhanced MCP server capabilities, comprehensive documentation updates with video tutorials, and dependency version updates for improved stability.

✨ What's New

• Enhanced MCP Server Development - The agentic-workflows MCP server now supports a --cmd argument in dev mode for easier testing and debugging (#13974)
• Video Tutorials - Added getting started video tutorials to the documentation landing page, making it easier for new users to learn the platform (#13946, #13927, #13944)
• Better Test Coverage - Smoke workflows now verify Serena MCP symbol search functionality, ensuring code navigation tools work reliably (#13955)
• Agent-Generated Files Tracking - Workflow artifacts now include agent-generated files directory for better auditability (#13945)

🐛 Bug Fixes & Improvements

• Fixed MCP Parameter Display - Arrays and objects in Claude logs now render correctly instead of showing [object Object] (#13969)
• Fixed Runtime Import Resolution - File path resolution and checkout for runtime imports now works correctly (#13931)
• Fixed GitHub Actions Cache - Removed duplicate Go module cache that was causing tar conflicts in CI (#13942)
• Improved Permissions Model - Simplified permission handling so agent jobs always get contents:read by default (#13949)
• Enhanced Container Support - Serena container is now predownloaded when enabled, improving startup performance (#13956)
• MCP Server Container Fix - gh CLI binary is now properly mounted in agentic-workflows MCP server container (#13948)

📚 Documentation

• Video Content - New video tutorials for creating and adding workflows with auto-generated poster images (#13939)
• Updated References - Synchronized documentation with v0.42.2 changes and added trial --dry-run flag documentation (#13873, #13874)
• Enhanced Security Docs - Added security rationale to permissions documentation for better understanding (#13918)
• Improved Styling - Video captions now align with GitHub Primer design system (removed italic styling) (#13940)

🔧 Internal Improvements

• Version Updates - Bumped Copilot CLI to 0.0.403, Codex to 0.97.0, and MCP Gateway to v0.0.99 (#13919)
• Downgraded Claude Code - Temporarily downgraded to 2.1.29 for stability (#13935)
• Better Debugging - Added debug logging to 4 Go files for improved troubleshooting (#13869)
• Code Cleanup - Cleaned up JavaScript code and removed version-specific test assertions (#13868, #13932)
• Workflow Improvements - Enhanced PR triage with 1-day expiration and auto-close for older issues (#13903)
• Agent Support - Added .agents folder to sparse checkout for better agent job support (#13901)

---

For complete details, see the CHANGELOG.

Generated by Release

---

What's Changed

• Add Video component for Astro Starlight documentation by @Copilot in #13902
• Configure PR triage reports with 1-day expiration and auto-close older issues by @Copilot in #13903
• [log] Add debug logging to 4 Go files for better troubleshooting by @github-actions[bot] in #13869
• [instructions] Sync github-agentic-workflows.md with v0.42.2 documentation by @github-actions[bot] in #13873
• Include .agents folder in sparse checkout for agent jobs by @Copilot in #13901
• [docs] Update documentation for trial --dry-run flag by @github-actions[bot] in #13874
• [jsweep] Clean add_labels.cjs by @github-actions[bot] in #13868
• Add issues:write permission to create-discussion jobs for fallback support by @Copilot in #13907
• Use workflow-id markers for close-older-discussions by @Copilot in #13914
• chore: add video tutorials for adding and creating workflows by @mnkiefer in #13927
• Remove unnecessary test dependency from canary_go job by @Copilot in #13925
• Add security rationale to permissions documentation by @Copilot in #13918
• Bump CLI versions: Copilot 0.0.403, Codex 0.97.0, MCP Gateway v0.0.99 by @Copilot in #13919
• Remove tests asserting specific version constant values by @Copilot in #13932
• Fix runtime-import file path resolution and checkout by @Copilot in #13931
• chore: mv video tutorials up by @mnkiefer in #13944
• Remove italic styling from video captions to align with GitHub Primer by @Copilot in #13940
• Downgrade Claude Code CLI to 2.1.29 by @Copilot in #13935
• Add script to generate video poster images with auto-detection by @Copilot in #13939
• fix: Remove duplicate Go module cache causing tar conflicts by @Copilot in #13942
• docs: add getting started videos to index landing page by @Copilot in #13946
• Add agent-generated files directory to artifact uploads by @Copilot in #13945
• Simplify permissions: agent job ALWAYS gets contents:read by @Copilot in #13949
• Add symbol search verification to smoke workflow Serena MCP tests by @Copilot in #13955
• Add serena container to predownload list when enabled by @Copilot in #13956
• Mount gh CLI binary in agentic-workflows MCP server container by @Copilot in #13948
• [WIP] Fix failing GitHub Actions workflow test by @Copilot in #13966
• Add --cmd argument to agentic-workflows MCP server in dev mode by @Copilot in #13974
• Fix MCP parameter rendering for arrays and objects in Claude logs by @Copilot in #13969

Full Changelog: v0.42.2...v0.42.3

v0.42.2

🌟 Release Highlights

A focused maintenance release improving cross-platform compatibility and documentation quality.

🐛 Bug Fixes & Improvements

Cross-Platform Path Handling (#13853)
Compiled .lock.yml files now use Unix-style forward slashes consistently, fixing Windows workflow compatibility issues. Previously, Windows builds generated backslash separators that broke cross-platform workflows.

Documentation Link Fixes (#13847)
Corrected broken GitHub Copilot documentation reference in frontmatter guide, ensuring users can access the custom agents specification.

🔧 Platform Updates

Windows Build Optimization (#13854)
Removed 32-bit Windows (windows-386) from release targets, streamlining the build process to focus on actively-used platforms.

Default Message Improvements (#13848)
Replaced themed default workflow messages with professional equivalents for better consistency across organizations.

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• Fix broken GitHub Copilot documentation link in frontmatter reference by @Copilot in #13847
• Remove pirate theme from default workflow messages by @Copilot in #13848
• Remove windows-386 from release build targets by @Copilot in #13854
• Normalize file paths to Unix format in compiled .lock.yml files by @Copilot in #13853

Full Changelog: v0.42.1...v0.42.2